Monday, September 16, 2019 [Tweets] [Favorites]

MRT Updates: Informed Security

Howard Oakley:

We’re not informed about when these updates occur, nor of their purpose, nor do we know what changes they bring. In the past, Apple’s security tools used to refer to malware using names which, although not always the best-known, at least enabled us to know what they protected us from. Then last year Apple switched to using internal code names, so we now know that the latest MRT update enables that tool to remove MACOS.87fabeb and MACOS.07758e9. Oh boogaloo.

If you went to your physician and they said that you needed an immunisation but refused to tell you what it protected you from, would you consider that informed consent? Surely, everyone would be suspicious and refuse.

[…]

I keep trying to imagine who Apple thinks it’s protecting by this prolonged silence and refusal to inform. It’s not the malware developers, who will quickly be able to tell the effect of any changes that Apple makes to the protection in macOS. It’s not the users, who are unable to make informed decisions about whether third-party protection is worthwhile. It’s not system administrators, who are as baffled as anyone else on the receiving end.

Update (2019-09-17): Rosyna Keller:

Not all things in MRT have names. Some updates may just be to cover unnamed variants too.

1 Comment

>I keep trying to imagine who Apple thinks it’s protecting

Itself? They're clearly trying to prevent security fixes from becoming reportable news.

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment