nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

back to article
Apple blocks comms-snooping malware

Silver badge
Facepalm

"a OSX software product"

"from App Store"

"reopen you browser"

We'll be in real trouble if these morons ever learn to proof-read their English. Until then, "please to be fucking off".

12
1

HAL "I'm sorry Dave I just can't do that".

0
0
Silver badge

It's hard to tell because quite a lot of genuine software from well-known firms such as "Apple" and "Microsoft" have a similar disregard for the english language, as well as ancient and hallowed UX guidelines such as "Don't stop me working" and "Always tell me when you fail"

7
0

… as well as

  • “Press Update All button”
  • “When Admin permissions dialog appears”
  • “enter password”

Unfortunately, for people who just click on a link in an unsolicited email from an unknown source, poor grammar is probably the least of their problems.

5
1
Anonymous Coward

"Unfortunately, for people who just click on a link in an unsolicited email from an unknown source, poor grammar is probably the least of their problems."

... but, its an Apple machine and you don't have to worry about viruses etc on those

1
3
Silver badge

"... but, its an Apple machine and you don't have to worry about viruses etc on those"

Viruses is indeed not what you have to worry about.

2
0

Bluecoat have devices which de-crypt SSL in real time anyway, the myth of secure because "SSL" is dead.

0
4
LDS
Silver badge

Usually such systems need a custom CA installed on the end systems, or it won't be able to create valid certificate on the fly. Encryption is *always* useless unless you can verify fully the other end point.

3
0
Silver badge

"Bluecoat have devices which de-crypt SSL in real time anyway, the myth of secure because "SSL" is dead."

So does my Mac, when it has the password.

0
0

Talking of the English language...

"dropped an update"

Does that mean an update was made, or an update wasn't made?

4
0
Bronze badge

Why can apps do this?

"If a user relents and okays the dialogue, the malware gets admin privileges,... traffic interception is supported by the Comodo certificate installed by the malware."

With Apple's walled garden approach, why are apps allowed to gain admin privileges and install certificates? Seems like something included for companies that run their own internal applications, but why is anything that's available from the public app store allowed to do this? Why, in 2017, do apps need Admin privileges still?

0
0
Anonymous Coward

Re: Why can apps do this?

Why, in 2017, do apps need Admin privileges still?

Because for some reason the app authors think so highly of their code that any installation MUST be available to all possible users of a system. I fully agree with you - if I were offered an option "only install for yourself" I'd take it every time because that rarely needs admin rights (only if it involves drivers such as screen vid grabbers or audio facilities such as the slightly broken Boom 2).

But hey, we are but lowly users. We only get to give those companies money, it's not like we have any rights to go with it..

0
0

Re: Why can apps do this?

Any auto-update task will need admin rights to update the cron service sadly. No clue why, it's legacy Unix I believe.

0
0

Re: Why can apps do this?

The macOS and the vast, vast majority of apps running on it are usually fine without Admin privs. It's the users/techs choice to allow them to install apps, set up printers etc.

Remember, Mac users don't have the same memories regarding security history as Windows users do >sarcasm<

0
0

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

The Register - Independent news and views for the tech community. Part of Situation Publishing