Your browser is obsolete!

The page may not load correctly.

Food for thought

Информация к размышлению

Other issues in this category (28)
  • add to favourites
    Add to Bookmarks

News from the Mac world

Read: 21325 Comments: 8 Rating: 10

Wednesday, December 2, 2020

As soon as Apple’s newest operating system —macOS Big Sur—was released, it drew the attention of security experts. And for good reason. it turns out that Apple has made dozens of its services and applications inaccessible to NEFilterDataProvider and NEAppProxyProvider routines. What does this mean? Application-level firewalls, such as Little Snitch, rely on the above-mentioned NEFilterDataProvider mechanism to analyse network queries made by the applications they monitor.

Apple added as many as 56 of its own applications to that exception list (including FaceTime, Apple Maps and Apple Music Library). Now these programs can bypass firewalls that use NEFilterDataProvider routines as well as VPN solutions that utilize the NEAppProxyProvider mechanism.

Obviously, this was done with the best intentions. Apple assumes that these applications are insusceptible to security issues of any kind and can't be abused by cybercriminals. We find that hard to believe.

Steps like this one make it very difficult for third-party software developers to design network-monitoring applications that utilize kernel access. Furthermore, users will also have a harder time trying to control the network activity of their devices.

Only applications that don't use NEFilterDataProvider and NEAppProxyProvider mechanisms to monitor network activities will remain unaffected and capable of performing their security tasks.

macOS Big Sur is packed with brand new features. Upgrading may affect the stability of various applications, including Dr.Web, and the system overall. On one hand, the latest release has resolved the security issues that were inherent in previous macOS versions. On the other hand, new problems, including those we've just described, have appeared.

#Dr.Web #firewall #vulnerability #OS_X

The Anti-virus Times recommends

What’s more dangerous: no longer being able to scan traffic or choosing to run a less secure version of an operating system? Is it more reasonable to use a reliable operating system that can still run security software even though the OS is getting outdated or to pioneer the use of the OS’s latest major update? We recommend that all Mac users take their time to learn more about the new operating system features (which may include reading other users' reviews) and make an informed decision about the upgrade. Waiting until security software can work properly alongside macOS Big Sur may be your other alternative.


Tell us what you think

To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.