Firewalls aren’t just for corporate networks. Large numbers of security- or privacy-conscious people also use them to filter or redirect traffic flowing in and out of their computers. Apple recently made a major change to macOS that frustrates these efforts.
Beginning with macOS Catalina released last year, Apple added a list of 50 Apple-specific apps and processes that were to be exempted from firewalls like Little Snitch and Lulu. The undocumented exemption, which didn’t take effect until firewalls were rewritten to implement changes in Big Sur, first came to light in October. Patrick Wardle, a security researcher at Mac and iOS enterprise developer Jamf, further documented the new behavior over the weekend.
In Big Sur Apple decided to exempt many of its apps from being routed thru the frameworks they now require 3rd-party firewalls to use (LuLu, Little Snitch, etc.) 🧐
Q: Could this be (ab)used by malware to also bypass such firewalls? 🤔
A: Apparently yes, and trivially so 😬😱😭 pic.twitter.com/CCNcnGPFIB
— patrick wardle (@patrickwardle) November 14, 2020
To demonstrate the risks that come with this move, Wardle—a former hacker for the NSA—demonstrated how malware developers could exploit the change to make an end-run around a tried-and-true security measure. He set Lulu and Little Snitch to block all outgoing traffic on a Mac running Big Sur and then ran a small programming script that had exploit code interact with one of the apps that Apple exempted. The python script had no trouble reaching a command and control server he set up to simulate one commonly used by malware to exfiltrate sensitive data.
“It kindly asked (coerced?) one of the trusted Apple items to generate network traffic to an attacker-controlled server and could (ab)use this to exfiltrate files,” Wardle, referring to the script, told me. “Basically, ‘Hey, Mr. Apple Item, can you please send this file to Patrick’s remote server?’ And it would kindly agree. And since the traffic was coming from the trusted item, it would never be routed through the firewall… meaning the firewall is 100% blind.”
Wardle tweeted a portion of a bug report he submitted to Apple during the Big Sur beta phase. It specifically warns that “essential security tools such as firewalls are ineffective” under the change.
Apple has yet to explain the reason behind the change. Firewall misconfigurations are often the source of software not working properly. One possibility is that Apple implemented the move to reduce the number of support requests it receives and make the Mac experience better for people not schooled in setting up effective firewall rules. It’s not unusual for firewalls to exempt their own traffic. Apple may be applying the same rationale.
But the inability to override the settings violates a core tenet that people ought to be able to selectively restrict traffic flowing from their own computers. In the event that a Mac does become infected, the change also gives hackers a way to bypass what for many is an effective mitigation against such attacks.
“The issue I see is that it opens the door for doing exactly what Patrick demoed… malware authors can use this to sneak data around a firewall,” Thomas Reed, director of Mac and mobile offerings at security firm Malwarebytes, said. “Plus, there’s always the potential that someone may have a legitimate need to block some Apple traffic for some reason, but this takes away that ability without using some kind of hardware network filter outside the Mac.”
People who want to know what apps and processes are exempt can open the macOS terminal and enter
sudo defaults read /System/Library/Frameworks/NetworkExtension.framework/Resources/Info.plist ContentFilterExclusionList.
The change came as Apple deprecated macOS kernel extensions, which software developers used to make apps interact directly with the OS. The deprecation included NKEs—short for network kernel extensions—that third-party firewall products used to monitor incoming and outgoing traffic.
In place of NKEs, Apple introduced a new user-mode framework called the Network Extension Framework. To run on Big Sur, all third-party firewalls that used NKEs had to be rewritten to use the new framework.
Apple representatives didn’t respond to emailed questions about this change. This post will be updated if they respond later. In the meantime, people who want to override this new exemption will have to find alternatives. As Reed noted above, one option is to rely on a network filter that runs from outside their Mac. Another possibility is to rely on PF, or Packet Filter firewall built into macOS.
The PS5’s UI could really use some work – The Verge
Sony’s PlayStation 5 user interface could really use some work, and nowhere is that more apparent than in the simple act of trying to turn the thing off.
On most recent consoles, it’s been pretty easy to shut down the device with just the controller. Simply press and hold the PS button / Xbox button / home button, and the UI will helpfully show you an option to power down the console in some way. This is true for the PlayStation 4, Xbox One, and Nintendo Switch. It takes just a few seconds, and I can happily end a gaming session.
But turning off the PS5, for no good reason that I can figure out, is a needlessly cumbersome process. Instead, when I press and hold the PS button — the behavior I have used for years to start the process — I’m taken back to the main PS5 menu where I’m presented with options like picking a different game to play, checking out the PlayStation Store, or opening a media app.
Instead, Sony has buried the option to turn off the console in the quick actions menu that appears with a short tap of the PS button instead of a press and hold. But even when I pull that menu up, I have to spend a few seconds navigating to the unlabeled icon representing power (you probably know the one — the circle with the vertical line through the top) and opening it up. Then I see the options to shut down my PS5. You can also shut down the console after logging out from your account, but that’s not exactly a speedy option, either.
The Xbox Series X, by comparison, is very easy to turn off. You just press and hold the Xbox button, and on the menu that appears, tap up and select if you’d like to turn off the console or controller or restart the console. Shutting down the Switch is even easier: press and hold the home button, and the menu that appears already has the sleep mode option selected, requiring just one more button press to turn the system off.
Turning off the PS5 is just one of many other frustrating issues I’ve experienced with the console’s UI. The way trophies are displayed is a step backward, for example. Instead of a vertically scrolling list, PS5 trophies are shown as a long, horizontal row of large cards. It’s harder to quickly browse through them, and they show less information at a glance. One of my colleagues has taken to checking her trophies using the PlayStation mobile app, which has… a vertically scrolling list, just like it remains on the PS4.
Taking screenshots and captures off the console is also a pain, especially compared to the Xbox Series X. On the Series X, screenshots and captures are automatically synced to the Xbox mobile app, where I can save them to my phone. But on PS5, the only way to share captured media is by uploading it to another platform directly from the PS5 or transferring it to a USB drive.
And sometimes, when I boot up the PS5 to jump into another hellish play session with Demon’s Souls, the console opens not the game I was playing last but instead the Explore menu, which shows news and trailers about games. Right now, it’s showing me a card for an upcoming map in Call of Duty: Black Ops Cold War, a game that I don’t own and don’t want to play. To actually jump into the game I was playing before I turned the console off and the reason I’m waking it up again, I have to navigate one-directional tap over to the Demon’s Souls icon. It’s a small inconvenience but just one of many problems that make for a frustrating experience.
I do like the PS5 a lot. Sony hyped up the console’s ultra-fast SSD for months, and it’s been a revelation to jump from world to world in Astro’s Playroom and Demon’s Souls with hardly any wait time. But that ethos of speed doesn’t seem to be applied to the day-to-day moments of using the console’s UI, and I really hope that Sony updates it soon to make things a bit more seamless.
But until then, you can listen for me cursing under my breath when I forget, yet again, that it’s a short press to get to the power menu, not a long one.
New Xiaomi Android 11 roadmap reveals that the Redmi Note 8 Pro and Redmi Note 8 duo may receive the update after all – Notebookcheck.net
Over the past few months, reports have surfaced strongly indicating that Xiaomi would not send the Android 11 update to its year-old mid-range devices like the Redmi Note 8 and Redmi Note 8 Pro. New information, however, leans towards the contrary, and owners of the two devices may yet be eligible for Android 11.
Interestingly, the source of this report, just a while ago claimed that neither the Redmi Note 8 Pro nor the regular Redmi Note 8 would be eligible for the newest version of Android. This is quite the turnaround in stance. The latest report claims that Xiaomi has now begun internal Android 11 testing for the Redmi Note 8 Pro, Redmi Note 8, and Redmi Note 8T—the latter two of which are essentially the same device.
While certain documents have surfaced indicating that Xiaomi only plans for one OS upgrade for its Redmi Note series devices, two OS upgrades for phones in that lineup would not be unheard of. The Redmi Note 5 Pro, for example, was launched with Android Nougat and received both Android Oreo and Android Pie.
In any case, you’d do well to take this information with a grain of salt—pending more concrete confirmation.
A retail listing has revealed The Last of Us Part 2 PS5 upgrade could be in the works – VG247
A next-gen upgrade may be in the works for Naughty Dog’s latest game, making The Last of Us Part 2 PS5 a reality sooner than we thought.
A store listing for The Last of Us Part 2 has appeared over at Best Buy that suggests a next-gen update for the game could be in the works at Naughty Dog.
The Best Buy store listing for the PlayStation 4 physical copy of one of 2020’s biggest games includes a tag that reads “includes next-gen upgrade”.
The development studio itself hasn’t formally announced any specific upgrades for The Last of Us Part 2 on PS5 – though the game does benefit from all the usual system-side upgrades backwards compatible games enjoy if you boot it up on the new hardware (including faster loading times and so on).
The Last of Us Part 2 also supports haptic feedback via the DualSense controller on PS5, but that’s about the extent of its next-gen support at the time of writing.
It may be that Best Buy has made the listing in error, and we’re not going to see more upgrades released for the game, but given that other PlayStation exclusives have received patches to make them perform better on the new hardware, that seems unlikely.
There’s also no mention of an upgrade on The Last of Us Part 2’s PS5 store listing page, though, so take Best Buy’s tag with a pinch of salt. The official Sony description for the game on PS5 actually notes that “while this game is playable on the PS5, some features available on PS4 may be absent”.
Last week, HBO greenlit a series based on The Last of Us that’s due to go into production soon. It will be helmed by Chernobyl’s Craig Mazin and executive produced and written by Neil Druckmann.
The PS5’s UI could really use some work – The Verge
Manitoba posts record 543 new cases of COVID-19 – CBC.ca
Digital Technologies have a strong return on investment, survey says – JWN
Silver investment demand jumped 12% in 2019
Iran anticipates renewed protests amid social media shutdown
Galaxy M31 July 2020 security update brings Glance, a content-driven lockscreen wallpaper service
- Health23 hours ago
New Brunswick reports 6 new cases of COVID-19 – CBC.ca
- Business24 hours ago
Toronto, Peel Region set for 28-day lockdown: What’s open and closed – CityNews Toronto
- News19 hours ago
Canada Post calls in reinforcements to meet historic demand – CBC.ca
- Health17 hours ago
Alberta reports more COVID-19 cases on Sunday than any other province – CTV Edmonton
- Art22 hours ago
Art adrift: How a kayak and driftwood help this adventurer make beautiful art – CBC.ca
- Art24 hours ago
SAAG launching its Art Frenzy gala online tonight – Toronto Star
- News24 hours ago
The latest news on COVID-19 developments in Canada – Times Colonist
- Politics24 hours ago
Operation Warp Speed adviser concerned about vaccine skepticism 'exacerbated' by 'political context' – ABC News