MacOS Hosts

From Kicksecure

Info This macOS Hosts chapter might need some improvements. ticket

In a fashion similar to Windows platforms, Apple operating systems also pose many security and privacy threats.

Table: macOS Threats [1]

Category Description
Backdoors
  • Files on devices can be deleted if they were downloaded from sources competing with Apple companies.
  • Intentional backdoors allow remote root privileges, wipes and deletion of applications.
Design Flaws
  • An insecure design allows execution of malicious code by applications and the extraction of messaging history.
Device Bricking
  • Devices are bricked if fixed by an "unauthorized" repair shop.
  • Devices are bricked that were unlocked without permission.
Personal Information
  • Biometric markers like fingerprints are used for device authorization.
  • Extensive personal information is sent to Apple servers, such as:
    • Automatic uploads of photos and videos used by certain applications; and
    • Unsaved documents and program files (without permission).
  • Search terms and location information are sent to Apple.
  • System files are scanned.
  • OSX phones home with info about the Date, Time, Computer, ISP, City, State and Application Hash when any program is executed, by default. [2] [3]
User Control and Freedoms
  • Allowable programs like media, political, bitcoin and health-focused applications, and games are censored.
  • Arbitrary limits are imposed on the use of software.
  • Digital restrictions mechanisms are imposed.
  • System upgrades are forced without consent.
  • Older versions of operating systems cannot be installed.
  • It is impossible to manually fix system security bugs that Apple have not addressed.
  • User interfaces are designed to make specific options hard to find and enable/disable.

See this write-up by the FSF for further detailed information. [4]

In public talks, ex-Tor developer Jacob Appelbaum who had access to the Snowden files, hinted that Apple devices in particular were easy to infiltrate by the Intelligence Community.

References[edit]



Unfinished: This wiki is a work in progress. Please do not report broken links until this notice is removed, use Search Engines First and contribute improving this wiki.