Apple's Notarization Process Repeatedly Approved Malware for Mac

https://ift.tt/31Inq3T

Apple mistakenly approved and notarized a common kind of malware for macOS on at least two occasions, reports TechCrunch.



Apple requires developers to submit their apps for security checks to run on macOS in a process called "notarization." Notarization was required from the launch of macOS Catalina. If software has not been notarized, it will be blocked by default in macOS.

Peter Dantini and security researcher Patrick Wardle at Objective-See report that they have found the first malware for Mac that has been successfully notarized by Apple, even for the latest beta version of macOS Big Sur. The notarized malware was disguised as an Adobe Flash installer, which is an oft-used technique to convince unknowing users to install a trojan.

It contained "Shlayer" malware, which is said to be the "most common threat" to Macs in 2019. Shlayer is a kind of adware that intercepts encrypted web traffic, even from securely-encrypted HTTPS-enabled websites, and replaces it with its own ads to raise fraudulent ad revenue.

The researchers believe that Apple cannot have detected the malicious code when it was submitted for approval. The discovery is particularly surprising, given that the malware and its vehicle are extremely common. Upon notification from the researchers, Apple revoked the notarization.

"Malicious software constantly changes, and Apple's notarization system helps us keep malware off the Mac and allow us to respond quickly when it's discovered. Upon learning of this adware, we revoked the identified variant, disabled the developer account, and revoked the associated certificates. We thank the researchers for their assistance in keeping our users safe," an Apple spokesperson told TechCrunch.

In spite of Apple's statement, the researchers reported that the bad actors were able to get yet another malware trojan notarized soon after. The second notarized payloads were still approved by Apple as of yesterday.

Earlier this month, a new kind of Mac malware was discovered that infects via Xcode and supposedly can infiltrate the Mac App Store, undetected by Apple.

Related Roundup: macOS 11 Big Sur

Tag: malware

This article, "Apple's Notarization Process Repeatedly Approved Malware for Mac" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories https://ift.tt/3gOKFO1

Another hint that ‘Halvor’ is the next Google Pixelbook

via Chrome Unboxed – The Latest Chrome OS News https://ift.tt/2ENxGis

Apple Watch Podcasts App Found to Falsely Inflate Listener Numbers

https://ift.tt/2DfDz7N

The Apple Watch will no longer be counted in podcast listener numbers for Interactive Advertising Bureau (IAB) Tech Lab partners because it has been found to falsely inflate listener numbers.



Currently, when a podcast is automatically downloaded by an ‌Apple Watch‌ user, it is counted as two listeners; one from the ‌Apple Watch‌, and one from its paired iPhone. Since the ‌Apple Watch‌ and ‌iPhone‌ download the same podcast episode by default, and they both report different device user agents, the podcast appears to be downloaded by two different people. This means that the ‌Apple Watch‌ falsely inflates podcast listener numbers.

Although the ‌Apple Watch‌ makes up only a small proportion of podcast listeners, the IAB explains that "‌Apple Watch‌ devices enact an inherent behavior that triggers non-user initiated podcast downloads and results in significantly inflated download counts from this source." The issue is only present on Apple's own Podcasts app for the ‌Apple Watch‌.

The IAB Tech Lab's participating members have agreed that by October 1, 2020, all traffic from the ‌Apple Watch‌ will no longer be counted toward any totals reported for the podcasting industry. While filtering out ‌Apple Watch‌ devices will result in reduced audience statistics for some podcasters, the new metrics will be more representative of actual human listeners.

The IAB says that it has "made efforts to work with Apple to support a means of differentiating automatic downloads from valid downloads coming from ‌Apple Watch‌ devices," and if Apple takes "corrective actions" it will revise or retract the guidance.

Related Roundups: Apple Watch, watchOS 6, watchOS 7

Tags: Apple Watch apps, Podcasts

Buyer's Guide: Apple Watch (Don't Buy)

This article, "Apple Watch Podcasts App Found to Falsely Inflate Listener Numbers" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories https://ift.tt/2QBizLM

Apple Confirms New App Store Policies on Bug Fix Updates and Challenging Guidelines Are Live

https://ift.tt/2zZa7kO

Back in June at WWDC, Apple announced several changes to its handling of App Store review, noting that it would in most cases no longer hold up bug fix updates over violations of ‌App Store‌ guidelines, and that it would allow developers to challenge existing guidelines.


In a note to developers today, Apple confirmed that those two changes have been implemented, encouraging developers to suggest changes to guidelines and Apple's development platforms.

For apps that are already on the ‌App Store‌, bug fixes will no longer be delayed over guideline violations except for those related to legal issues. You'll instead be able to address guideline violations in your next submission. And now, in addition to appealing decisions about whether an app violates guidelines, you can suggest changes to the guidelines. We also encourage you to submit your ‌App Store‌ and Apple development platform suggestions so we can continue to improve experiences for the developer community.

Apple has been involved in a number of notable ‌App Store‌ controversies in recent months, from the Hey email app rejection to the battle with Epic Games, while regulators have also been taking a look at Apple's policies regarding ‌App Store‌ commissions and exclusive control over app distribution.

Tag: App Store

This article, "Apple Confirms New App Store Policies on Bug Fix Updates and Challenging Guidelines Are Live" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories https://ift.tt/2EUEjPV

Apple Shares Rise as Trading Begins Following Four-for-One Stock Split

https://ift.tt/32DwXc4

Apple's four-for-one stock split takes effect today, with the company's share price dropping from roughly $500 to around $125 as of the start of trading this morning.


The strong rise in Apple's stock price over the past five months has continued today, with shares trading nearly 3% higher in the first few minutes of trading. Apple shares have pared their gains since then, but are still up around 2% today.

Apple's overall market value of over $2 trillion is unaffected, as investors received three additional shares for every share of Apple stock they previously owned.

Tag: AAPL

This article, "Apple Shares Rise as Trading Begins Following Four-for-One Stock Split" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories https://ift.tt/3gH6xeb

Netflix's Limited Free Access Works on Mac and iPad, but Not iPhone

https://ift.tt/3luVo45

Netflix is offering limited free access to a variety of original programming, reports OnlyTech. iOS appears to be inexplicably excluded from the limited free access, which is available on Android and in-browser.



The limited free access includes admission to "Stranger Things," "Murder Mystery," "Élite," "Boss Baby: Back in Business," "Bird Box," "When They See Us," "Love Is Blind," "The Two Popes," "Our Planet," and "Grace and Frankie."

The feature allows users to watch a movie or the first episode of a series for free, after which they will be prompted to subscribe for continued access. One 30-second skippable ad for Netflix is played before every title. The feature is available worldwide, no account or sign-up is needed, and the available content will reportedly change on a regular basis.

A Netflix help page spotted by Gadgets360 reveals that only browsers on computers, tablets, and Android devices are supported. iOS devices are unable to use the limited free access.



The help page does not explain why iOS blocked from access. Given that the free access is available on macOS and iPadOS in-browser, it is unclear why Netflix has excluded iOS.

Amid an increasingly competitive video streaming market, free access to selected Netflix programming hopes to attract more subscribers to the platform. Last week it was reported that Apple is planning to extend the free trial of Apple TV+ in an effort to lure in more subscribers.

Tag: Netflix

This article, "Netflix's Limited Free Access Works on Mac and iPad, but Not iPhone" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories https://ift.tt/2EK5Jsf

Notability Gains New Tools, Dedicated Shop, and More

https://ift.tt/3gISzsk

Ginger Labs today announced an update to its popular productivity app Notability, introducing several new features designed to enhance creativity within the app.


Among the new tools is a feature that lets users draw arrows and curves that will snap perfectly into place. Users can also now draw perfectly spaced dots and dashes with the pen and highlighter tool.

There's a new favorites toolbar that allows for quick access to saved Pencil, Highlighter, and Eraser styles, and the Pencil and Highlighter tool menu has been refreshed with greater spacing to hold more colors, widths, and brushes.


The update also introduces the Notability Shop that's aimed at enhancing the app experience with additional features. New themes and artist-designed sticker packs are among the first to debut in the in-app store.

Ginger Labs is working on bringing a digital planner to Notability to help with reaching goals and managing day-to-day tasks. The feature is coming soon and will be available in the Notability Shop upon release.

Notability can be downloaded for $8.99 on the App Store and $1.99 on the Mac App Store, and the update will be rolling out to existing users today.

Tag: Notability

This article, "Notability Gains New Tools, Dedicated Shop, and More" first appeared on MacRumors.com

Discuss this article in our forums

from MacRumors: Mac News and Rumors - All Stories https://ift.tt/2GeMmrF