AAPL Stock: 112.65 ( + 3.24 )

Printed from

Report: Dev Portal security breach prompted Gatekeeper change

updated 11:00 pm EDT, Mon August 18, 2014

Enterprise Signing Key, Activation Lock keys could have been compromised

An unidentified Twitter user is claiming that recent changes to Gatekeeper in OS X Mavericks and OS X Yosemite which has forced developers to re-sign their app credentials is actually the result of a security breach that successfully pilfered the Gatekeeper keys and possibly "many other keys for many other things," according to the user. A corraborating source was located by TUAW that has allegedly confirmed the breach and tied it to the recent alleged Activation Lock hack.

Gatekeeper is an anti-malware feature introduced in recent OS X versions, starting with Mountain Lion (10.8). By default, it is set to allow apps from the Mac App Store and registered Apple developers to run unimpeded. This can be restricted just allowing apps from the Mac App Store to run, or loosened to allow unsigned programs to run. To work with Gatekeeper, apps must be code-signed by the developer using a key that matches the information Apple has, effectively providing authentication that the app is legitimate and not a disguised bit of malware.

While there are numerous examples of legitimate but unsigned software from developers who have chosen for one reason or another not to register with Apple (such as the $99 per year cost), most major programs already comply with Apple's requirements for the Mac App Store and "recognized developer" policies. A breach of the Gatekeeper keys would mean that miscreants could create fake apps or sign malicious apps in a way that would pass muster with Gatekeeper. The changes made recently are intended to protect users of recent versions of OS X from the risk of falsely-signed malware.

The unnamed sources for the reports have said they were approached to buy the keys shortly after the theft, and claimed that the data contained "virtually every key Apple used for everything." Included among those was said to the be the Enterprise Signing Key, which allowed devices to bypass iCloud locks such as Activation Lock.

Thus far, however, there have been no reports of any rise in malware or fake apps, nor widespread issues with Activation Lock. Assuming the story is true, Apple may have made changes on its end to fix any data breaches without inconveniencing most developers or users, apart from the re-signing requirement.

by MacNN Staff





  1. chimaera

    Forum Regular

    Joined: 04-08-07

    If this is true, Apple had better rush out Gatekeeper updates to ML and Lion. Many users do not update from their original OS version.

    So it either isn't true, or Apple is leaving open a huge security hole in many Mac OS installs. That would go badly for the Mac public image, which could affect all Apple sales. So let's hope the report is mistaken.

  1. DiabloConQueso

    Fresh-Faced Recruit

    Joined: 06-11-08

    "Assuming the story is true, Apple may have made changes on its end to fix any data breaches without inconveniencing most developers or users, apart from the re-signing requirement."

Login Here

Not a member of the MacNN forums? Register now for free.


Network Headlines


Most Popular

MacNN Sponsor

Recent Reviews

Dell AD211 Bluetooth speaker

For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

VisionTek 128GB USB Pocket SSD

USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

Kodak PixPro SL10 Smart Lens Camera

Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...


Most Commented