Week 10, 2016

By (5 minutes read)

More security issues (yes, I’m getting tired of them too), and a short look at what the Amazon Echo means.

Ransomware on OS X

This week marked, as far as I’m aware, the first occurrence of ransomware on the Mac and by doing so also showed the usefulness of Gatekeeper.

Let’s start at the beginning. Transmission is a cross platform BitTorrent client, and for about a day and a half last week the installer for the OS X version contained the KeRanger ransomware package. Ransomware is code that will encrypt the contents of your hard disks and only provide you the key to unlock it after paying a ransom. In the case of KeRanger this was 1 Bitcoin (currently valued around 400 USD). This type of attack isn’t very common, but it still happens with alarming frequency on Windows computers. And apparently on the Mac now as well.

Once again this security story is one where all concerned parties reacted quickly and responsibly. Transmission immediately removed the affected version from their site and offered two new versions; first one with KeRanger removed and later a version that will actively remove any KeRanger installation it finds on your computer. They also clearly state on their site what happened and are completely open about it, which I obviously think is a good thing.

Now, as KeRanger is installed separately (though the installation was called through Transmission’s installer) it would usually be flagged immediately by Apple’s Gatekeeper system. This is the code that warns you when you’re trying to install and run something from a developer it doesn’t know. The attackers however had somehow managed to get their hands on a valid certificate. Apple’s reaction to this was to immediately invalidate that certificate, which is automatically pushed to all Macs1. They also updated XProtect, which is the built-in malware protection tool, to stop this.

So, with everything fixed, and hopefully very few people affected, that brings me back to the claim of this showing Gatekeeper’s usefulness. When it was first introduced, at the same time as the Mac App Store, it was seen by many as a tool that Apple was going to use to force everyone to use the App Store instead of downloading apps from the developer’s site.

This obviously hasn’t come to pass, especially now that the Mac App Store seems to be suffering from a lack of attention and an exodus of many established developers and apps. To me, it looks like this kind of malware case is exactly what Gatekeeper was developed for. Obviously, the attackers were able to get their hands on a valid certificate, but it was also easy for Apple to invalidate that certificate to stop KeRanger from being installed.

Similarly however, it can be said that this would have been impossible in the first place if Transmission could only be installed through the App Store. That is, you know, if Apple even allowed BitTorrent clients into that App Store…

The surprising rise of the Echo

Amazon announced two new versions2 of their Amazon Echo. I don’t own an Echo, but I’ve heard good things about it. What seemed to start as something meant only for ordering things (not unlike the Amazon Dash buttons) has turned into possibly the best voice controlled Internet of Things management tool, and that to me is quite amazing.

Amazon generally hasn’t done well with most of the consumer devices they’ve built. I mean, they’ve made the Kindle3, which is still one of my favourite devices of all time, but there are also attempts like the Fire Phone which didn’t exactly pan out great. The tablets I’m not sure about, as I don’t know anyone who owns one. They might be nice (at least once they turn disk encryption back on), but I honestly don’t know anyone who owns one.

The Echo however, seems to be a great product. Its voice recognition is far better than anything that happens through phones (or smartwatches), and it’s getting more and more integrations all the time. I have no idea how well it’s selling, as there probably aren’t that many people who need to control their internet connected lightbulbs and things like that, but that number is sure to grow.

At some point it will probably ship to Australia so I can try it4, but until then it’s still worth keeping an eye on. Of course, unlike with the Kindle there is a better chance that Google, Apple, or Microsoft is interested in building a similar product. They might of course integrate it with their existing products, XBox One for Microsoft and Apple in their new Apple TV, but either way I’m looking forward to seeing this space move.

  1. Of course, the week before Apple accidentally pushed updates that invalidated their own Ethernet driver, ensuring people couldn’t use Ethernet anymore. Oops… ↩︎

  2. For some reason I can’t find Amazon’s actual announcement, only publications mentioning it without a link. ↩︎

  3. Of which I’ve owned 3. My original one broke while I was traveling in New Zealand and I replaced its replacement with a Kindle Voyage the moment I could. ↩︎

  4. Yes, I’m aware it’s possible to use services for that, but I’m hoping that by the time it ships internationally I will have a home where it will be more useful. ↩︎

comments powered by Disqus