The Mac is not and never has been a walled garden. However if you are smart and only install software from reputable sources you will never have to worry about malware.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
'Cthulhu Stealer' macOS Malware Can Steal Keychain Passwords, Web Browsing Info, Crypto Wallets, and More
- Thread starter MacRumors
- Start date
- Sort by reaction score
Just look at iOS, Apple is not consistent with their password dialogs. How would any person see that something is different. I have counted four variants in their login/password.
Walled garden makes the issues known only to the restricted audience whereas open system are scrutinised by many experts from various angles that single entity alone cannot do it. It is like free testing of your security issues by various experts. While you may tend to see the open system as a threat for security, there are ways one can approach it. Microsoft learnt it all the way these many decades and now it is more or less stable (through various virus protection options). Though it is an open garden, still there are many paid/free watchmen keep looking at it instead of just one.
Linux isn’t a walled garden and I feel perfectly safe using one of the versions.
macOS already has a built in antivirus system since Catalina, it's called XProtect. The system exists behind the scenes, there's no front-end interface, but it's a full fledged antivirus system complete with definition updates that happen in the background.
Protecting against malware in macOS
On devices with macOS, malware defenses are structured using the followingApp Store, or Gatekeeper combined with Notarization, and XProtect.
support.apple.com
I have no idea what a haxnode is, but if you want Adobe software, download it from Adobe. If you don't want to pay for it or can't afford it, use something else.
I would presume it hijacks the admin password when it's entered and can therefore unlock Keychain and other core systems.
Oh you don't know the basics of what's being discussed? But you have some strong opinions about it anyway and feel the need to tell others what to do based on them? In a comments thread on the internet? You don't say.
But how can you be sure that you won’t change your name to Cthulhu Stealer in the future?!
Don't know the basics? I know what a torrent is, how to get them, and where to get them. I said I have no idea what haxnode is.
I have zero symphony for pirating, software or otherwise.
Carrots and sticks. People locked in a courtyard have limited capacity to hurt themselves or others. But they're also locked in a courtyard.
Those two motivations are often opposed. Security is a convenient excuse for a lot of things. Especially when it is in fact partially true.
Tell me you know nothing about security in macOS without telling me.
I wonder what reaction there would be if Apple removed access to your own browser data.
This "malware" works because the user allows the process to access the data, running as the logged in user. The malware is started by the user, then asks for the users password. By typing it in, the user has given the process access to their password, which then can be used to access data where macOS requires a password.
This is why you don't type your password in shady-looking dialogues!
Your suggestion that all data should be sandboxed and not accessible by other applications would make macOS impossible to use in any productive way. The power of macOS is in fact the possibility to access the same data with different applications. This is by far the most asked for feature that iPadOS (and iOS) lacks at the moment.
Unix permissions are more or less just for show nowadays. SIP and TCC makes it extremely difficult to access data, even as "root" (which by the way is also quite difficult access, if even possible) but if the user types in their password, and mind you they don't even have to have admin rights they can be a "standard user", macOS of course grants access to the users data.
This is in no way different from how security works on Windows. If you grant an application access to your data, it will have access to your data. In fact, macOS has a lot more guardrails to ask the users if they really want to grant access.
I don't disagree. But that's not an issue on iOS. iOS's filesystem includes lots of directories that multiple apps can use.
The issue is that the majority of files are stuff in the background that the typical user is never aware of, and nothing except the app that made it would ever need to know anything of it. ie, most apps I write persist their state somewhere so if the app is quit at anypoint, it can go right back to where it was when it's next opened. Why would any other app ever read this file?
Most files in the filesystem are like this. They exist for a very specific reason for a very specific app. Credentials are all like that. I understand the desire for an admin account that can "control" everything... fine. Give it the ability to write anything it wants. But there's no need for it to be able to read everything. I'd guess there's no process that should have the ability to read more than 1% of files.
Any time you want to install an app, check the Mac App Store first to see if it’s there. If it’s not, be very careful and make sure you’re downloading from the correct website.
Fair enough and I respect that response, but having devices and company that at least advocates and voices the notion/mantra that it respects my privacy is something that drew me in. And from my experience is seemingly more thorough in the apps allowed on my device. Whether this is simply marketing or hype, I am sure a lot of is, but I'll take it. All I can say is that I have had far less issues with my devices than when I used Android or Windows not because of threats from malware, but from the mere fact that a company can offer a better experience when it can have control of all aspects of its product. To me, that is a walled garden. And I do not think Windows or Android can offer this level of quality when they cannot control their products to the level that Apple can.
I don't particularly feel the Apple UI is anything to write home about or the main reason anyone bought a Mac, to be honest with you. But thank you for your reply and you are probably right, what do I know.
Don't bother, it won't be there. The macOS App Store is a wasteland.
Does all bad actors do this? I could easily see Adam Sandler doing this
It must be Apple’s own legitimate anti-piracy tool, LOL. Honestly, what are the chances of somebody going through all these steps? 😉 Stuff like MacCleaner popups, etc. have been blocked by all decent browsers for ages. So the general public is safe and pirates know better.
So you want me to pay $500 a month for something that circumvents something else that costs $60/month? Where do I sign up. 🤣🤣
Thats not how I read the article.
As I understand it $500pm buys the ability to obtain passwords etc from multiple mac users, not obtain something else that costs $60pm for free.
Presumably the high price reflects the high fraudulent earning potential of the malware, or perhaps they are scamming the would-be scammers.
A lot of 3rd party developers don't utilize MacOS App Store even for fairly well known applications/utilities. They all have their own well documented web sites that use a licensed secure linked monetary transaction site for purchases. It's not like a pop up ad that says download me now with unknown consequences.
No YOU don't pay 500 USD a month unless you want to profit from stealing sensitive information...So you want me to pay $500 a month for something that circumvents something else that costs $60/month? Where do I sign up. 🤣🤣
Problem is, that too many users do not know anything about the "things" they are klicking at. I do some private support for Mac and Windows and see Computers filled with Browser Taskbars, that fill half their screen, users answering fake alerts about virus infections from their McAfee Scanner (not having installed that thing at all...)
If Apple now blocks everything in their new OS release, I am happy for all these users. Do not let them cross any available border, without asking someone, who knows, what it is all about.
And the new EU-App Store alternative is a really bad thing for exactly these users. But - it is not my money and not my data...
If you want freedom, you have to know to use it the right way, otherwise be happy, there is a scary watchdog who likes you personally. Feeding the watchdog might not be free, but is is cheaper than the alternative.
If Apple now blocks everything in their new OS release, I am happy for all these users. Do not let them cross any available border, without asking someone, who knows, what it is all about.
And the new EU-App Store alternative is a really bad thing for exactly these users. But - it is not my money and not my data...
If you want freedom, you have to know to use it the right way, otherwise be happy, there is a scary watchdog who likes you personally. Feeding the watchdog might not be free, but is is cheaper than the alternative.