{"id":8488,"date":"2014-02-25T20:05:07","date_gmt":"2014-02-26T01:05:07","guid":{"rendered":"http:\/\/mjtsai.com\/blog\/?p=8488"},"modified":"2021-06-29T15:03:23","modified_gmt":"2021-06-29T19:03:23","slug":"software-update-backdoor","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2014\/02\/25\/software-update-backdoor\/","title":{"rendered":"Software Update Backdoor?"},"content":{"rendered":"

Nat!<\/a>:<\/p>\n

Another question I asked myself was: Is Software Update actually contacting Apple servers or am I being served a compromised update with even more security holes by the NSA?<\/p><\/blockquote>\n

Does it matter where the update comes from if it’s signed by Apple?<\/p>\n

Update (2014-02-26): Nat!<\/a>:<\/p>\n

To get at the meat, use xar -x -f<\/tt> which will get you eventually to a file called Payload<\/tt>. That is a bzip2<\/b> encrypted tar<\/b>archive. Now I find this quite hilarious. After all the hoops Apple went through, with xar, cpio, pax and what have you, they finally use tar<\/tt> to install, as they maybe should have right from the beginning.<\/p><\/blockquote>","protected":false},"excerpt":{"rendered":"

Nat!: Another question I asked myself was: Is Software Update actually contacting Apple servers or am I being served a compromised update with even more security holes by the NSA? Does it matter where the update comes from if it’s signed by Apple? Update (2014-02-26): Nat!: To get at the meat, use xar -x -f […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2021-06-29T19:03:26Z","apple_news_api_id":"b7654916-aaa5-412b-b885-1568718e9730","apple_news_api_modified_at":"2021-06-29T19:03:26Z","apple_news_api_revision":"AAAAAAAAAAD\/\/\/\/\/\/\/\/\/\/w==","apple_news_api_share_url":"https:\/\/apple.news\/At2VJFqqlQSu4hRVocY6XMA","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[2],"tags":[38,30,705,48,2087],"class_list":["post-8488","post","type-post","status-publish","format-standard","hentry","category-technology","tag-apple","tag-mac","tag-nsa","tag-security","tag-software-update"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8488","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=8488"}],"version-history":[{"count":2,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8488\/revisions"}],"predecessor-version":[{"id":10757,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/8488\/revisions\/10757"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=8488"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=8488"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=8488"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}