toggle

AAPL Stock: 116.52 ( + 0.21 )

Printed from http://www.macnn.com

Report: Dev Portal security breach prompted Gatekeeper change

updated 11:00 pm EDT, Mon August 18, 2014

Enterprise Signing Key, Activation Lock keys could have been compromised

An unidentified Twitter user is claiming that recent changes to Gatekeeper in OS X Mavericks and OS X Yosemite which has forced developers to re-sign their app credentials is actually the result of a security breach that successfully pilfered the Gatekeeper keys and possibly "many other keys for many other things," according to the user. A corraborating source was located by TUAW that has allegedly confirmed the breach and tied it to the recent alleged Activation Lock hack.



Gatekeeper is an anti-malware feature introduced in recent OS X versions, starting with Mountain Lion (10.8). By default, it is set to allow apps from the Mac App Store and registered Apple developers to run unimpeded. This can be restricted just allowing apps from the Mac App Store to run, or loosened to allow unsigned programs to run. To work with Gatekeeper, apps must be code-signed by the developer using a key that matches the information Apple has, effectively providing authentication that the app is legitimate and not a disguised bit of malware.

While there are numerous examples of legitimate but unsigned software from developers who have chosen for one reason or another not to register with Apple (such as the $99 per year cost), most major programs already comply with Apple's requirements for the Mac App Store and "recognized developer" policies. A breach of the Gatekeeper keys would mean that miscreants could create fake apps or sign malicious apps in a way that would pass muster with Gatekeeper. The changes made recently are intended to protect users of recent versions of OS X from the risk of falsely-signed malware.

The unnamed sources for the reports have said they were approached to buy the keys shortly after the theft, and claimed that the data contained "virtually every key Apple used for everything." Included among those was said to the be the Enterprise Signing Key, which allowed devices to bypass iCloud locks such as Activation Lock.

Thus far, however, there have been no reports of any rise in malware or fake apps, nor widespread issues with Activation Lock. Assuming the story is true, Apple may have made changes on its end to fix any data breaches without inconveniencing most developers or users, apart from the re-signing requirement.




by MacNN Staff

POST TOOLS:

TAGS :

toggle

Comments

  1. chimaera

    Forum Regular

    Joined: 04-08-07

    If this is true, Apple had better rush out Gatekeeper updates to ML and Lion. Many users do not update from their original OS version.

    So it either isn't true, or Apple is leaving open a huge security hole in many Mac OS installs. That would go badly for the Mac public image, which could affect all Apple sales. So let's hope the report is mistaken.

  1. DiabloConQueso

    Fresh-Faced Recruit

    Joined: 06-11-08

    "Assuming the story is true, Apple may have made changes on its end to fix any data breaches without inconveniencing most developers or users, apart from the re-signing requirement."

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

Plantronics BackBeat Pro Bluetooth headphones

Looking for a pair of headphones that can do everything a user requires is a task that can take some study. Trying to decide on in-ear ...

MaxUpgrades 512GB Retina MacBook Pro SSD

Apple's Retina line of MacBook Pro notebooks have been impressive, right from their debut in 2012. Thinner than the previous model, t ...

Lemur BlueDriver

"Oh no, the check engine light is on…again! What one of the hundreds of reasons could it be this time? Probably going to cost a for ...

toggle

Most Commented