The accidental notary: Apple approves notorious malware to run on Macs

Enlarge / A replica of the Trojan horse made up of thousands of computer and mobile phone components infected with various viruses and malware, named the "Cyber Horse" is displayed at the entrance to the annual Cyber Week conference at the Tel Aviv University in the Israeli city of Tel Aviv on June 20, 2016. The Cyber Horse is a piece of art composed of devices that can be harmed by malware and was created in order to prompt national and international awareness of the dangers of cyber-attacks. (credit: JACK GUEZ/AFP via Getty Images)

When might an Apple malware protection pose more user risk than none at all? When it certifies a trojan as safe even though it sticks out like a sore thumb and represents one of the biggest threats on the macOS platform.

The world received this object lesson over the weekend after Apple gave its imprimatur to the latest samples of “Shlayer,” the name given to a trojan that has been among the most—if not the most—prolific pieces of Mac malware for more than two years. The seal of approval came in the form of a notarization mechanism Apple introduced in macOS Mojave to, as Apple put it, “give users more confidence” that the app they install “has been checked by Apple for malicious components.”

With the roll out of macOS Catalina, notarization became a requirement for all apps. Unless installed using methods not mentioned by Apple (more about that later), an unnotarized app will generate the following notice that says it “can’t be opened because Apple cannot check it for malicious software.”

Read 13 remaining paragraphs | Comments

from Tech – Ars Technica https://ift.tt/2EQtfnh