Mac users can be spied on by apps unnoticed in the background – and this is despite the fact that Apple intends to use the sandbox method to prevent apps from communicating unnoticed with third parties.
Mac Users
Apple has a new security problem. This time, it’s about people using the latest desktop OS, macOS High Sierra. As the developer and security researcher Felix Krause has found out, third parties can record screen contents without the consent of the user and send them for evaluation. This is possible both for apps with or without sandbox method. This, of course, opens the door to scammers. According to Krause, screenshots can be scoured for sensitive data, for example using an OCR text recognition software, so that, for example, passwords and bank data could be read without authorization.
🔓 Sandboxed Mac apps can record your entire screen at any time, without you knowing.
Running the screen through simple OCR software, this allows the attacker to access personal information, like emails, messages, API keys and morehttps://t.co/eHMoYzgt0x pic.twitter.com/MM7eQJOcUx
— Felix Krause (@KrauseFx) February 10, 2018
Apple has already been informed by Felix Krause about the problem. There was no reaction yet. In addition, Krause has published a proof of concept on his blog and explains how easy the screenshot function can be used without the user’s knowledge to spy on it.
Also Read: Microsoft Surface Surpasses MacBook In Popularity
Further scenarios according to Krause:
- Read password and keys from password managers
- Read all emails and messages opened on the Mac
- Insight into sensitive source code, API key or similar data
- Insight into personal information about the user, such as bank details, salary, address, etc.
Also Read: Apple Is Probably Going To Kill MacBook Air
Apple has made the mistake of allowing the recording of the screen simply without the prior explicit consent of the user. Even looking at the privacy policy, this is a clear mistake, but it could be bad for the users. It would help if the user is also informed by the system at the moment an app wants to start a screen capture. In other areas, such as the request to use the geo-data, Apple is much better and keeps the user informed throughout. For the user, there is basically no way to protect himself from it. It is currently unknown if unauthorized persons are already exploiting the vulnerability.
