Developer Jeff Johnson informed Apple about an exploit that allowed an attacker to steal private data with a malicious clone of Safari over six months ago. Once a user is tricked into downloading the malicious file, the Safari clone is given undue access by macOS. Any restricted file available to Safari then becomes available to the attacker. Johnson explains that the exploit works because Apple’s Transparancy, Consent, and Control privacy protection performs an inadequate check on a file’s authenticity. That means the modified version of Safari can be run without activating the aforementioned protection: And yes, the exploit works on the current macOS 11 Big Sur beta too. Somewhat ironically, Apple made a big deal about Safari updates in its latest OS. Johnson says Apple told him the company is still investigating the problem, after initially telling him it’d be fixed in the spring of 2020. Of course, the world is currently engulfed in an ongoing pandemic, and employees around the world are operating with limited resources; it’s possible this could have contributed to the delay. Either way, let’s hope the bug is sorted out by the time Big Sur rolls out publicly. For more on how the exploit works, you can check out Johnson’s blog post here. Via VentureBeat
