Apple's Notarization Process Repeatedly Approved Malware for Mac

[Realityck]

This is absolutely not true, and somewhat dangerous. There are plenty of Mac viruses.

Viruses? The "very few" instances of malware is shown below.

Flashback malware Mac Flashback malware: What it is and how to get rid of it (FAQ) - April 2012
OSX/KitM.A 'Lame' Mac malware finds success in spearphishing - May 2013
OSX/Proton Malware is Back! Here’s What Mac Users Need to Know - Oct 2017
¡Ay, MaMi! New DNS-hijacking Mac malware discovered - January 2018

 

[strayts]

As an actual Notary Public, this "notarization" has to be the silliest marketing play apple has done to date.

 

[samwa3]

Well, this notarization is one part of the security model, and it does exactly what it does on the tin. Why fault it for failing at something that it isn't supposed to succeed in? Apple can now revoke the malware's certificates, and as such many people will be saved from running it on their computers.

And if that process is not enough for you and you want more safety, then just install only software from the MAS, where there are more checks in place and the process is tighter, plus sandboxing. Oh wait, App Store bad monopoly, Apple is locking up our machines where is our freedom? Hashtag nineteen eighty fourty twenty.

 

[Realityck]

Not a proof of that at all. We don’t know how many apps with malware they’ve detected and blocked, do we?
No antivirus provides 100% security.

Anything rare as Mac centric malware that was found is discussed online.
The term antivirus is more relevant to PC's, Macs have seen Trojans mostly.

Worm is a type of malware that spreads copies of itself from computer to computer. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.

Trojan horse or Trojan is a type of malware that is often disguised as legitimate software. Trojans can be employed by cyber-thieves and hackers trying to gain access to users' systems. Users are typically tricked by some form of social engineering into loading and executing Trojans on their systems.

 

[strayts]

An actual real-life notary public doesn’t certify anything about the content of the document you’re signing, they only witness that it was actually you that signed it.

I expected that Apple’s notarization service was primarily designed to associate an app with a developer, and register the pairing with Apple, so that if the app subsequently starting doing something really unsavory in the real world, posing a threat to customers, it could be shut off by Apple.

Correct. I simply affirm that the signer is signing the document of their own free will, and that the document is complete and correct as they presented it to me. It's not my job to verify that a 50+ page document is free of errors.

 

[Tucom]

Just another reason why we should be allowed to install 3rd party apps on iOS with out the App Store. Just because Apple approves the app (I know it’s for macOS in this particular article) doesn’t mean it’s guaranteed to be safe.

Because that Logic works.

 

[Tucom]

If I never again hear of Flash for the rest of my life, it will still be too soon.

You ever hear of that one show on Netflix..

Oh I got another one - would it be, too QUICK?! PFFFFT!!!!

 

[CthuluLemon]

I thought we needed apple’s curation to save us from the big bad internet? What’s the point of the App stores if Apple can’t even keep malware out, besides Apple’s pocket padding that is.

 

[TheWatchfulOne]

The notarized malware was disguised as an Adobe Flash installer...

So malware disguised as other malware still got notarized? 🤔

 

[CarlJ]

I thought we needed apple’s curation to save us from the big bad internet? What’s the point of the App stores if Apple can’t even keep malware out, besides Apple’s pocket padding that is.

You’re right - we found one mistake! LET’S THROW OUT THE ENTIRE SYSTEM ANT START FROM SCRATCH! And that can work for anything - flat tire on your car? Abandon it a buy a new one! Kid gets a bad score on a test? Kick them out of the house and make a new one!

 

[C DM]

You’re right - we found one mistake! LET’S THROW OUT THE ENTIRE SYSTEM ANT START FROM SCRATCH! And that can work for anything - flat tire on your car? Abandon it a buy a new one! Kid gets a bad score on a test? Kick them out of the house and make a new one!

Get another car after that? You have to completely forget about cars at that point.

 

[Wowfunhappy]

Nope, there's plenty of Malware/Adware, not viruses, there are NO viruses for OS X/macOs.

Look up the definition of a virus.

You're right, they're "malware", not viruses per se. But, colloquially, "viruses" is often used as a stand-in for malware in general (incorrectly, I know), and that was how the person I quoted appeared to be using the term. After all, the subject of this story isn't a virus either.

 

[planteater]

OMG that GUI is ugly. Looks like it’s for children with the massively wide headers and rounding.

 

[Wowfunhappy]

OMG that GUI is ugly. Looks like it’s for children with the massively wide headers and rounding.

Get ready. This is what macOS is going to look like in a few months.

(I like this one, but now everyone gets to know how I felt when Yosemite came out. 🤢)

 

[bousozoku]

They have the resources to hire people who write malware. They have the resources to contract a company like Malwarebytes to aid them in detecting malware.

It still won't be perfect, but it could be much better than it is.

I still remember when security problems could be detected by outsiders with a crude scan. Why aren't they better?

 

[Reindeer_Legal]

No it's not. Notarization is not malware detection. It ensures that the binary actually came from who it claims to have come from. That's it. Just like a notary public proves that a document was signed by the person who claims to have signed it, and doesn't prove that the contents of the document are true.

This is a weird news article.

Wrong.
"The Apple notary service is an automated system that scans your software for malicious content." (https://developer.apple.com/documentation/xcode/notarizing_macos_software_before_distribution)

 

[VictorTango777]

Just drag the application to the trash

 

[Tech198]

lol. "If software has not been notarized, it will be blocked by default in macOS."

MR just made my day.

 

[bsolar]

You’re right - we found one mistake! LET’S THROW OUT THE ENTIRE SYSTEM ANT START FROM SCRATCH! And that can work for anything - flat tire on your car? Abandon it a buy a new one! Kid gets a bad score on a test? Kick them out of the house and make a new one!

It's clear that the system doesn't need to be perfect to be useful and realistically it will never be perfect anyway, but it's also important for users to understand the limitations of the system and in general the limitations of Apple's curation to avoid a dangerous false sense of security.

Some users might be under the belief that Apple's curation is some sort of bullet-proof system and that no malicious applications can be found as long as Apple curated it, but the reality is more complex: Apple's curation definitely curbs the amount of malware, but it doesn't mean users can stop being wary of it altogether, even if they decide to remain well within Apple's "walled garden".

Basically, back to a car analogy... safety belts are not guaranteed to save your life, but definitely help. You still need to drive carefully though: believing that the safety belt guarantees safety and driving recklessly as result is not likely to end well.

 

[Coconut Bean]

This is a totally different case. "Notarization" is just Apple running an automated malware scan on the apps, it's not a manual review by an actual person.

Because a manual review will help to find malware...

 

[amartinez1660]

No it's not. Notarization is not malware detection. It ensures that the binary actually came from who it claims to have come from. That's it. Just like a notary public proves that a document was signed by the person who claims to have signed it, and doesn't prove that the contents of the document are true.

This is a weird news article.

Then on that note then notarization has worked right? Thanks to it they can backtrack directly to where it’s originating and flip the switch off to the right app version and right dev account, without aiming blindly to the full wild west part of the internet and risk lawsuits threats if they tried anything similar.

Looking at your comments that appear while checking recent articles, it definitely shows that you have a wide of all things electronics and tech. I didn’t know properly what this notarization process means, other common users don’t either and the vast majority won’t go down the line of comments to bump into this one (and a few similar others), tainting even more the whole actual view of the process as it can be used for: “See?! Epic was right!!” statements. Weird piece of new indeed.

 

[russell_314]

Just another reason why we should be allowed to install 3rd party apps on iOS with out the App Store. Just because Apple approves the app (I know it’s for macOS in this particular article) doesn’t mean it’s guaranteed to be safe.

I couldn’t of said it better. Opening iOS up will cause all kinds of security problems

 

[russell_314]

Because a manual review will help to find malware...

I don’t think people realize how many apps get sent for review every day 😂

 

[Mr Lizard]

Nice to see that $99 a year dev fee is spent well.

 

[Reindeer_Legal]

I couldn’t of said it better. Opening iOS up will cause all kinds of security problems

Like what?
My mac doesn't have any security problems, unless I deliberately installs malware.