Mullvad VPN (Hacker News):
We have found that you could be leaking traffic on macOS after system updates. To our current knowledge a reboot resolves it. We are currently investigating this and will follow up with more information.
In this scenario the macOS firewall does not seem to function correctly and is disregarding firewall rules. Most traffic will still go inside the VPN tunnel since the routing table specifies that it should. Unfortunately apps are not required to respect the routing table and can send traffic outside the tunnel if they try to. Some examples of apps that do this are Apple’s own apps and services since macOS 14.6, up until a recent 15.1 beta.
Previously:
Bug Firewall Mac macOS 15 Sequoia Networking Privacy Software Update Virtual Private Network (VPN)
Wojciech Reguła (September 2021, tweet):
I was looking for code injection opportunities that may allow reaching TCC bypasses. My simple shell script discovered a potential victim - /System/Library/CoreServices/Applications/Directory Utility.app. It had (and has) the following private TCC entitlement[…] This entitlement allows the Directory Utility to modify the user’s records stored in the /var/db/dslocal/nodes directory.
[…]
After some time I stumbled across the above-mentioned Matt Shockley’s article on how he was able to bypass TCC only by changing the $HOME directory via launchctl. I was really curious about how Apple fixed that vulnerability so I started reversing the TCC. Turns out that now TCC takes the information about the user’s home directory from the getpwuid function.
[…]
I was really shocked that Apple decided that this vulnerability is not eligible for the bounty. [They later changed their mind.]
Wojciech Reguła (March 2022):
This post shows how to bypass the macOS privacy framework (TCC) using old app versions.
[…]
Summing it up - there is no version information. It is exactly the same architectonical problem as the macOS Keychain has. In most cases it is possible to get an older version of the “donor” application (without the hardened runtime flag), inject to it, and thus abuse its TCC permissions.
Phil Stokes (March 2023):
The scourge of ransomware attacks that has plagued Windows endpoints over the past half decade or so has, thankfully, not been replicated on Mac devices. With a few unsuccessful exceptions, the notion of locking a Mac device and holding its owner to ransom in return for access to the machine and its data has not yet proven an attractive proposition for attackers.
However, the idea of stealing valuable data and then monetizing it in nefarious ways is a tactic that is now common across platforms. On macOS, threat actors will quietly exfiltrate session cookies, keychains, SSH keys and more as malicious processes from adware to spyware look to harvest data that can be recycled and sold on various underground forums and marketplaces, or used directly in espionage campaigns and supply chain attacks.
[…]
Session cookies can be stored anywhere, but typically they are in locations which can be accessed by the user or a process running as the user. Some locations, such as the User’s Library Cookies folder, may be restricted by TCC unless the parent process has Full Disk Access or uses one of the many known TCC bypasses. Real world attacks (e.g., XCSSET) and researchers have consistently shown that TCC, while often a nuisance to users, does not present a significant obstacle to attackers.
Mickey Jin (January 2024):
Last year, I discovered a full user TCC bypass issue in the macOS Sonoma beta version. There was a CVE number assigned at the beginning, but removed by Apple in the release of macOS 14.0. Instead, I got the credit in their Additional Recognitions.
According to the Apple Security Bounty program, this report should have been rewarded with an additional 50%. Unfortunately, the truth is that I was cut off 50%.
Wojciech Reguła:
This vulnerability was disclosed at Black Hat Europe 2022 in the talk Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms. The technique used an old Launch Services function LSSetDefaultRoleHandlerForContentType that allowed (without any restrictions) to register arbitrary applications for handling specified UTI handlers. After the UTI handling app registration, the exploit simply opens juicy files (like AddressBook or iMessages database) and TCC happily grants access to them. At that time TCC couldn’t recognize correctly if a file was opened by launch services or double-clicked by a user.
Wojciech Reguła:
The technique relied on an SQLite environment variable respected by libsqlite3.dylib which made apps using the standard SQLite system API log all the SQL queries. As such queries may contain sensitive user data normally protected by the TCC - I started researching all the problematic occurrences.
Unit 42:
Apple states that user-installed unarchiving tools preserve quarantine. As we can see in the following examples, there are some third-party archive tools that do not enforce that, which means that Gatekeeper won’t scan the extracted files.
[…]
In VMware Fusion, when copying a file from a host machine to a guest macOS virtual machine (VM) using VMware tools, the quarantine extended attribute will be dropped from the copied file as shown in Figure 4. This means Gatekeeper won’t scan any files copied into the virtual machine.
Microsoft Threat Intelligence:
The vulnerability, which we refer to as “HM Surf”, involves removing the TCC protection for the Safari browser directory and modifying a configuration file in the said directory to gain access to the user’s data, including browsed pages, the device’s camera, microphone, and location, without the user’s consent.
[…]
Our exploit involves the following steps:
- Change the home directory of the current user with the dscl utility, which does not require TCC access in Sonoma (At this point, the ~/Library/Safari directory is no longer TCC protected).
- Modify the sensitive files under the user’s real home directory (such as /Users/$USER/Library/Safari/PerSitePreferences.db).
- Change the home directory again so Safari uses the now modified files.
- Run Safari to open a webpage that takes a camera snapshot and trace device location.
Osama Alhour (PDF, tweet):
This paper seeks to provide a comprehensive technical analysis of how TCC works internally, how it interacts with other system components, and it’s impact on both how developers shape their applications as well as user control granting sensitive data to applications.
Previously:
Apple Security Bounty Bug Exploit Extended Attributes Gatekeeper Launch Services Mac macOS 12 Monterey macOS 14 Sonoma macOS 15 Sequoia Safari Security SQLite Transparency Consent and Control (TCC) Virtualization ZIP Archive
Cory Doctorow (July 2023, Hacker News):
Forget F1: the only car race that matters now is the race to turn your car into a digital extraction machine, a high-speed inkjet printer on wheels, stealing your private data as it picks your pocket.
[…]
The car manufacturers got so desperate for chips that they started buying up washing machines for the microchips in them, extracting the chips and discarding the washing machines like some absurdo-dystopian cyberpunk walnut-shelling machine[…]
[…]
These digital systems are a huge problem for the car companies. They are the underlying cause of a precipitous decline in car quality. From touch-based digital door-locks to networked sensors and cameras, every digital system in your car is a source of endless repair nightmares, costly recalls and cybersecurity vulnerabilities[…]
Cory Doctorow (September 2023):
It doesn’t have to be this way. Enshittification occurs when companies gobble each other up in an orgy of mergers and acquisitions, reducing the internet to “five giant websites filled with screenshots of text from the other four” (credit to Tom Eastman!), which lets them endlessly tweak their back-ends to continue to shift value from users and business-customers to themselves. The government gets in on the act by banning tweaking by users - reverse-engineering, scraping, bots and other user-side self-help measures - leaving users helpless before the march of enshittification. We don’t have to accept this! Disenshittifying the internet will require antitrust, limits on corporate tweaking - through privacy laws and other protections - and aggressive self-help measures from alternative app stores to ad blockers and beyond!
Cory Doctorow (November 2023, Hacker News):
For example, when Google contemplates raising the price of a Youtube subscription, the dissent might say, “Well, this will reduce viewership and might shift viewers to rivals like Tiktok” (competition). But the price-hiking side can counter, “No, because we have a giant archive, we control 90% of searches, we are embedded in the workflow of vloggers and other creators who automatically stream and archive to Youtube, and Youtube comes pre-installed on every Android device.” Even if the company leaks a few viewers to Tiktok, it will still make more money in aggregate. Prices go up.
When Google contemplates increasing the number of ads shown to nonsubscribers, the dissent might say, “This will incentivize more users to install ad-blockers, and then we’ll see no ad-revenue from them.” The pro-ad side can counter, “No, because most Youtube viewing is in-app, and reverse-engineering the Youtube app to add an ad-blocker is a felony under Section 1201 of the Digital Millennium Copyright Act. As to non-app viewers: we control the majority of browser installations and have Chrome progressively less hospitable to ad-blocking.”
When Google contemplates adding anti-adblock to its web viewers, the dissent might say, “Processing users’ data in order to ad-block them will violate Europe’s GDPR.” The anti-adblock side can counter, “But we maintain the fiction that our EU corporate headquarters is in the corporate crime-haven of Ireland, where the privacy regulator systematically underenforces the GDPR. We can expect a very long tenure of anti-adblock before we are investigated, and we might win the investigation. Even if we are punished, the expected fine is less than the additional ad-revenue we stand to make.”
When Google contemplates stealing performers’ wages through opaque reshufflings of its revenue-sharing system, the dissent might say, “Our best performers have options, they can go to Twitch or Tiktok.” To which the pro-wage-theft side can counter, “But they have no way of taking their viewers with them. There’s no way for them to offer their viewers on Youtube a tool that alerts them whenever they post a new video to a rival platform. Their archives are on Youtube, and if they move them to another platform, there’s no way to redirect users searching for those videos to their new homes. What’s more, any attempt to unilaterally extract their users’ contact info, or redirect searchers or create a multiplatform client, violates some mix of our terms of service, our rights under DMCA 1201, etc.”
Cory Doctorow (August 2024, transcript):
The enshittification of the internet wasn’t inevitable. The old, good internet gave way to the enshitternet because we let our bosses enshittify it. We took away the constraints of competition, regulation, interop and tech worker power, and so when our bosses yanked on the big enshittification lever in the c-suite, it started to budge further and further, toward total enshittification. A new, good internet is possible - and necessary - and it needs you.
Previously:
Antitrust Business Car Digital Millennium Copyright Act (DMCA) DRM Google Google Chrome Privacy Processors TikTok Web YouTube
