CommunityNews

CommunityNews

EU antitrust: Apple shouldn't use privacy and security to stave off competition

Executive Summary

  • TCC is meant to protect user data from unauthorized access, but weaknesses in its design mean that protections are easily overridden inadvertently.
  • Automation, by design, allows Full Disk Access to be ‘backdoored’ while also lowering the authorization barrier.
  • Multiple partial and full TCC bypasses are known, with at least one actively exploited in the wild.
  • TCC does not prevent processes reading and writing to ‘protected’ locations, a loophole that can be used to hide malware.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

Where Next?

Popular Macos topics Top

First poster: bot
Apple’s Shifting Differentiation. Apple is about the integration of hardware and software, but the balance between the two has shifted o...
New
First poster: gianthamster
Forbidden Commands to Speed Up macOS. First, ask yourself, would you like to undo a decade of security protections painstakingly created...
New
First poster: bot
Why is Apple’s M1 Chip So Fast. Real world experience with the new M1 Macs have started ticking in. They are fast. Real fast. But why? W...
New
First poster: bot
How Apple’s rivals plan to catch up with the mighty M1 chip. Apple Silicon is just getting started yet the initial reaction has been rap...
New
First poster: bot
Hardware Security and Biometrics System Security Encryption and Data Protection App Security Services Security Network Sec...
New
First poster: bot
Apple has acquired about 100 companies over the last six years, the company’s chief executive Tim Cook has revealed. That works out at a...
New
First poster: bot
Made a small video today showing the creation of a macOS Droplet using AppleScript. I made it just for fun, and because I realised that m...
New
First poster: bot
First Look: macOS Monterey Public Beta. If there’s a theme of Apple’s operating-system releases in 2021, it’s platform unification. This...
New
First poster: bot
Apple broke up with me :cry:. Do not get too attached to your Apple account; it belongs to Apple, NOT YOU!
New
First poster: bot
I didn’t think this was possible: This App Store app [My Metronome - Tempo Keeper] immediately asks you for money and then disables the ...
New

Other popular topics Top

New
AstonJ
poll poll Be sure to check out @Dusty’s article posted here: An Introduction to Alternative Keyboard Layouts It’s one of the best write-...
New
AstonJ
I have seen the keycaps I want - they are due for a group-buy this week but won’t be delivered until October next year!!! :rofl: The Ser...
New
PragmaticBookshelf
Build highly interactive applications without ever leaving Elixir, the way the experts do. Let LiveView take care of performance, scalabi...
New
First poster: joeb
The File System Access API with Origin Private File System. WebKit supports new API that makes it possible for web apps to create, open,...
New
AstonJ
Was just curious to see if any were around, found this one: I got 51/100: Not sure if it was meant to buy I am sure at times the b...
New
PragmaticBookshelf
Author Spotlight Jamis Buck @jamis This month, we have the pleasure of spotlighting author Jamis Buck, who has written Mazes for Prog...
New
PragmaticBookshelf
Author Spotlight: VM Brasseur @vmbrasseur We have a treat for you today! We turn the spotlight onto Open Source as we sit down with V...
New
PragmaticBookshelf
Author Spotlight: Sophie DeBenedetto @SophieDeBenedetto The days of the traditional request-response web application are long gone, b...
New
PragmaticBookshelf
Develop, deploy, and debug BEAM applications using BEAMOps: a new paradigm that focuses on scalability, fault tolerance, and owning each ...
New