Apple Removes Feature That Allowed Its Apps To Bypass macOS Firewalls and VPNs
Apple has removed a controversial feature from the macOS operating system that allowed 53 of Apple's own apps to bypass third-party firewalls, security tools, and VPN apps installed by users for their protection. From a report: Known as the ContentFilterExclusionList, the list was included in macOS 11, also known as Big Sur. The exclusion list included some of Apple's biggest apps, like the App Store, Maps, and iCloud, and was physically located on disk at: /System/Library/Frameworks/NetworkExtension.framework/Versions/Current/Resources/Info.plist. Its presence was discovered last October by several security researchers and app makers who realized that their security tools weren't able to filter or inspect traffic for some of Apple's applications. Security researchers such as Patrick Wardle, and others, were quick to point out at the time that this exclusion risk was a security nightmare waiting to happen. They argued that malware could latch on to legitimate Apple apps included on the list and then bypass firewalls and security software.
from Slashdot https://ift.tt/2KilwBo
Read more of this story at Slashdot.
from Slashdot https://ift.tt/2KilwBo
0 Response to "Apple Removes Feature That Allowed Its Apps To Bypass macOS Firewalls and VPNs"
Post a Comment