The weaknesses of Apple Gatekeeper still remain accessible for exploitation, in spite of the fact that the company did patch a couple of vectors previously disclosed. On a brighter note, the Apple Gatekeeper flaws lead to security advances in 2016.
Apple Gatekeeper is used to restrict applications that are not obtained and signed by the App Store, or by legitimate developers. As a result, if the app does not belong in the aforementioned category, Apple will impede it to launch on Macs with Gatekeeper. Synack research director Patrick Wardle stated that it is quite easy to profit from the flaws of Gatekeeper, as a legitimate application can be changed by another party and then simply swapped with the original one when a user is downloading what he or she thinks is the correct package. In the light of this security concern, Apple has decided to improve its security services this year.
First of all, thanks to System Integrity Protection Apple is able to restrict the aspects that can be altered on a Mac, and thus increase the level of security of OS X. Furthermore, the company has released FileVault, a feature used for full disk encryption, as well as protecting removable data. It can be managed with simple scripts or an MDM solution. MDM or Mobile Device Management lets organizations control iOS and Mac devices, more precisely the Apple security technologies mentioned earlier. However, it can also prove useful in installing printers, deploying fonts or controlling other settings. The feature also has extensions named remote wipe and remote lock.
Another recent feature is Sandboxing, which monitors the access an app can request for certain resources, such as memory, file system parts, network resources and so on. Attackers will face new challenges in identifying and using vulnerabilities thanks to the Address Space Layout Randomization (ASLR). Furthermore, every Mac has its own anti-virus named Xprotect that searches for known apps and services that start on OS X. However, take note that this is not a full anti-virus.
As the most vulnerable part of an operating system remains the browser , Safari comes equipped with Antiphishing. People mainly infiltrate environments by phishing emails in order to obtain important information. Antiphishing warns you each time you visit a phishing website. The App Store is also closely monitoring the integrity of the apps that are available there. If you keep forgetting your passwords and would like to have a safe place for them, Apple provides you with iCloud Keychain, an encrypted keystore.
In the end, as Apple Gatekeeper flaws lead to security advances in 2016 we have to look on the bright side. Thanks to this mistake, Apple’s security systems will be improved, and our devices will rest safe and sound.
Image Source: 1