back to article Apple blocks comms-snooping malware

Apple has moved to thwart a malware attack that used a legitimate – probably hijacked – developer certificate, by revoking the cert. Check Point wrote up the malware last week, calling “OSX/Dok” “the first major scale malware to target OSX users via a coordinated email phishing campaign”. A hapless user who okayed all the …

  1. David 132 Silver badge
    Facepalm

    "a OSX software product"

    "from App Store"

    "reopen you browser"

    We'll be in real trouble if these morons ever learn to proof-read their English. Until then, "please to be fucking off".

    1. mike360

      HAL "I'm sorry Dave I just can't do that".

    2. Richard 12 Silver badge

      It's hard to tell because quite a lot of genuine software from well-known firms such as "Apple" and "Microsoft" have a similar disregard for the english language, as well as ancient and hallowed UX guidelines such as "Don't stop me working" and "Always tell me when you fail"

    3. Mark Simon

      … as well as

      • “Press Update All button”
      • “When Admin permissions dialog appears”
      • “enter password”

      Unfortunately, for people who just click on a link in an unsolicited email from an unknown source, poor grammar is probably the least of their problems.

      1. Anonymous Coward
        Anonymous Coward

        "Unfortunately, for people who just click on a link in an unsolicited email from an unknown source, poor grammar is probably the least of their problems."

        ... but, its an Apple machine and you don't have to worry about viruses etc on those

        1. gnasher729 Silver badge

          "... but, its an Apple machine and you don't have to worry about viruses etc on those"

          Viruses is indeed not what you have to worry about.

  2. mike360

    Bluecoat have devices which de-crypt SSL in real time anyway, the myth of secure because "SSL" is dead.

    1. Anonymous Coward
      Anonymous Coward

      Usually such systems need a custom CA installed on the end systems, or it won't be able to create valid certificate on the fly. Encryption is *always* useless unless you can verify fully the other end point.

    2. gnasher729 Silver badge

      "Bluecoat have devices which de-crypt SSL in real time anyway, the myth of secure because "SSL" is dead."

      So does my Mac, when it has the password.

  3. handle

    Talking of the English language...

    "dropped an update"

    Does that mean an update was made, or an update wasn't made?

  4. hellwig

    Why can apps do this?

    "If a user relents and okays the dialogue, the malware gets admin privileges,... traffic interception is supported by the Comodo certificate installed by the malware."

    With Apple's walled garden approach, why are apps allowed to gain admin privileges and install certificates? Seems like something included for companies that run their own internal applications, but why is anything that's available from the public app store allowed to do this? Why, in 2017, do apps need Admin privileges still?

    1. Anonymous Coward
      Anonymous Coward

      Re: Why can apps do this?

      Why, in 2017, do apps need Admin privileges still?

      Because for some reason the app authors think so highly of their code that any installation MUST be available to all possible users of a system. I fully agree with you - if I were offered an option "only install for yourself" I'd take it every time because that rarely needs admin rights (only if it involves drivers such as screen vid grabbers or audio facilities such as the slightly broken Boom 2).

      But hey, we are but lowly users. We only get to give those companies money, it's not like we have any rights to go with it..

      1. mistersaxon

        Re: Why can apps do this?

        Any auto-update task will need admin rights to update the cron service sadly. No clue why, it's legacy Unix I believe.

    2. Snapper

      Re: Why can apps do this?

      The macOS and the vast, vast majority of apps running on it are usually fine without Admin privs. It's the users/techs choice to allow them to install apps, set up printers etc.

      Remember, Mac users don't have the same memories regarding security history as Windows users do >sarcasm<

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like