Ars: Hackers bypass 3rd-party signature checks - how is LS responding?

General discussions about Little Snitch
jtrascap
Posts: 7
Joined: Fri Nov 30, 2007 11:31 am
Location: The Netherlands

Ars: Hackers bypass 3rd-party signature checks - how is LS responding?

Postby jtrascap » Tue Jun 12, 2018 6:51 pm

Hey all,

News broke today about a technique that caused security apps to falsely show untrusted apps were signed by Apple; this continued for 11 years. Little Snitch was one of the apps mentioned that was compromised. For more specific information, I'd suggest you read about it on Ars Technica: https://arstechnica.com/information-technology/2018/06/simple-technique-bypassed-macos-signature-checks-by-third-party-tools/

Stuff happens and we all learn - which is fine - I had expected to see a blog post, but to no avail. I'm wondering what the LS team was doing to rectify this.

zcrow
Posts: 1
Joined: Tue Jun 12, 2018 7:01 pm

Re: Ars: Hackers bypass 3rd-party signature checks - how is LS responding?

Postby zcrow » Tue Jun 12, 2018 7:02 pm

following

dunham
Posts: 2
Joined: Tue Jun 12, 2018 6:39 pm

Re: Ars: Hackers bypass 3rd-party signature checks - how is LS responding?

Postby dunham » Tue Jun 12, 2018 8:02 pm

This sounds like CVE-2018-10470, which was addressed in Little Snitch 4.1:

https://www.obdev.at/products/littlesni ... notes.html

(Unfortunately their fix seems to have broken my 32-bit Cisco VPN software, which does have a valid signature, according to codesign.)

jtrascap
Posts: 7
Joined: Fri Nov 30, 2007 11:31 am
Location: The Netherlands

Re: Ars: Hackers bypass 3rd-party signature checks - how is LS responding?

Postby jtrascap » Wed Jun 13, 2018 12:37 pm

Seems to be it - thanks.

Might be a good thing to have a Blog post for the less-technical users, especially given LS has been outed liberally in the tech press this week. Should get out in front while they can.


Return to “Little Snitch General”

Who is online

Users browsing this forum: No registered users and 0 guests