There is method in their madness, as they trust Apple's Gatekeeper security technology to recognise the digital signatures they sign their software with that should guarantee the authenticity of the download.īut a former NSA and NASA staffer Patrick Wardle, who now heads up research at security start-up Synack, believes he has found a new way to abuse such insecure downloads and bypass protections in Apple Macs without getting caught. dmg files, for products including Kaspersky, Symantec, Avast, Avira, Intego, BitDefender, Trend Micro, ESET and F-Secure are all sent over unencrypted HTTP lines, rather than the more secure HTTPS. Want to know something odd? It’s 2015 and all the top anti-virus products for Mac OS X use insecure lines to transmit their software to Apple machines.
0 Comments
Leave a Reply. |