The accidental notary: Apple approves notorious malware to run on Macs

by
Dan Goodin
from Ars Technica - All content on (#57N8S)
poison-apple-malware-800x450.jpg

Enlarge (credit: Aurich Lawson / Getty Images)

When might an Apple malware protection pose more user risk than none at all? When it certifies a trojan as safe even though it sticks out like a sore thumb and represents one of the biggest threats on the macOS platform.

The world received this object lesson over the weekend after Apple gave its imprimatur to the latest samples of Shlayer," the name given to a trojan that has been among the most-if not the most-prolific pieces of Mac malware for more than two years. The seal of approval came in the form of a notarization mechanism Apple introduced in macOS Mojave to, as Apple put it, give users more confidence" that the app they install has been checked by Apple for malicious components."

With the roll out of macOS Catalina, notarization became a requirement for all apps. Unless installed using methods not mentioned by Apple (more about that later), an unnotarized app will generate the following notice that says it can't be opened because Apple cannot check it for malicious software."

Read 15 remaining paragraphs | Comments

index?i=rZfypnY7rZM:Te-MN-I2OZI:V_sGLiPB index?i=rZfypnY7rZM:Te-MN-I2OZI:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments