Connect with us

Tech

Apple lets some Big Sur network traffic bypass firewalls – Ars Technica

Published

 on


Patrick Wardle

Firewalls aren’t just for corporate networks. Large numbers of security- or privacy-conscious people also use them to filter or redirect traffic flowing in and out of their computers. Apple recently made a major change to macOS that frustrates these efforts.

Beginning with macOS Catalina released last year, Apple added a list of 50 Apple-specific apps and processes that were to be exempted from firewalls like Little Snitch and Lulu. The undocumented exemption, which didn’t take effect until firewalls were rewritten to implement changes in Big Sur, first came to light in October. Patrick Wardle, a security researcher at Mac and iOS enterprise developer Jamf, further documented the new behavior over the weekend.

“100% blind”

To demonstrate the risks that come with this move, Wardle—a former hacker for the NSA—demonstrated how malware developers could exploit the change to make an end-run around a tried-and-true security measure. He set Lulu and Little Snitch to block all outgoing traffic on a Mac running Big Sur and then ran a small programming script that had exploit code interact with one of the apps that Apple exempted. The python script had no trouble reaching a command and control server he set up to simulate one commonly used by malware to exfiltrate sensitive data.

“It kindly asked (coerced?) one of the trusted Apple items to generate network traffic to an attacker-controlled server and could (ab)use this to exfiltrate files,” Wardle, referring to the script, told me. “Basically, ‘Hey, Mr. Apple Item, can you please send this file to Patrick’s remote server?’ And it would kindly agree. And since the traffic was coming from the trusted item, it would never be routed through the firewall… meaning the firewall is 100% blind.”

Wardle tweeted a portion of a bug report he submitted to Apple during the Big Sur beta phase. It specifically warns that “essential security tools such as firewalls are ineffective” under the change.

Apple has yet to explain the reason behind the change. Firewall misconfigurations are often the source of software not working properly. One possibility is that Apple implemented the move to reduce the number of support requests it receives and make the Mac experience better for people not schooled in setting up effective firewall rules. It’s not unusual for firewalls to exempt their own traffic. Apple may be applying the same rationale.

But the inability to override the settings violates a core tenet that people ought to be able to selectively restrict traffic flowing from their own computers. In the event that a Mac does become infected, the change also gives hackers a way to bypass what for many is an effective mitigation against such attacks.

“The issue I see is that it opens the door for doing exactly what Patrick demoed… malware authors can use this to sneak data around a firewall,” Thomas Reed, director of Mac and mobile offerings at security firm Malwarebytes, said. “Plus, there’s always the potential that someone may have a legitimate need to block some Apple traffic for some reason, but this takes away that ability without using some kind of hardware network filter outside the Mac.”

People who want to know what apps and processes are exempt can open the macOS terminal and enter sudo defaults read /System/Library/Frameworks/NetworkExtension.framework/Resources/Info.plist ContentFilterExclusionList.

NKEs

The change came as Apple deprecated macOS kernel extensions, which software developers used to make apps interact directly with the OS. The deprecation included NKEs—short for network kernel extensions—that third-party firewall products used to monitor incoming and outgoing traffic.

In place of NKEs, Apple introduced a new user-mode framework called the Network Extension Framework. To run on Big Sur, all third-party firewalls that used NKEs had to be rewritten to use the new framework.

Apple representatives didn’t respond to emailed questions about this change. This post will be updated if they respond later. In the meantime, people who want to override this new exemption will have to find alternatives. As Reed noted above, one option is to rely on a network filter that runs from outside their Mac. Another possibility is to rely on PF, or Packet Filter firewall built into macOS.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

The PS5’s UI could really use some work – The Verge

Published

 on


Sony’s PlayStation 5 user interface could really use some work, and nowhere is that more apparent than in the simple act of trying to turn the thing off.

On most recent consoles, it’s been pretty easy to shut down the device with just the controller. Simply press and hold the PS button / Xbox button / home button, and the UI will helpfully show you an option to power down the console in some way. This is true for the PlayStation 4, Xbox One, and Nintendo Switch. It takes just a few seconds, and I can happily end a gaming session.

But turning off the PS5, for no good reason that I can figure out, is a needlessly cumbersome process. Instead, when I press and hold the PS button — the behavior I have used for years to start the process — I’m taken back to the main PS5 menu where I’m presented with options like picking a different game to play, checking out the PlayStation Store, or opening a media app.

Instead, Sony has buried the option to turn off the console in the quick actions menu that appears with a short tap of the PS button instead of a press and hold. But even when I pull that menu up, I have to spend a few seconds navigating to the unlabeled icon representing power (you probably know the one — the circle with the vertical line through the top) and opening it up. Then I see the options to shut down my PS5. You can also shut down the console after logging out from your account, but that’s not exactly a speedy option, either.

The Xbox Series X, by comparison, is very easy to turn off. You just press and hold the Xbox button, and on the menu that appears, tap up and select if you’d like to turn off the console or controller or restart the console. Shutting down the Switch is even easier: press and hold the home button, and the menu that appears already has the sleep mode option selected, requiring just one more button press to turn the system off.

Turning off the PS5 is just one of many other frustrating issues I’ve experienced with the console’s UI. The way trophies are displayed is a step backward, for example. Instead of a vertically scrolling list, PS5 trophies are shown as a long, horizontal row of large cards. It’s harder to quickly browse through them, and they show less information at a glance. One of my colleagues has taken to checking her trophies using the PlayStation mobile app, which has… a vertically scrolling list, just like it remains on the PS4.

Taking screenshots and captures off the console is also a pain, especially compared to the Xbox Series X. On the Series X, screenshots and captures are automatically synced to the Xbox mobile app, where I can save them to my phone. But on PS5, the only way to share captured media is by uploading it to another platform directly from the PS5 or transferring it to a USB drive.

And sometimes, when I boot up the PS5 to jump into another hellish play session with Demon’s Souls, the console opens not the game I was playing last but instead the Explore menu, which shows news and trailers about games. Right now, it’s showing me a card for an upcoming map in Call of Duty: Black Ops Cold War, a game that I don’t own and don’t want to play. To actually jump into the game I was playing before I turned the console off and the reason I’m waking it up again, I have to navigate one-directional tap over to the Demon’s Souls icon. It’s a small inconvenience but just one of many problems that make for a frustrating experience.

I do like the PS5 a lot. Sony hyped up the console’s ultra-fast SSD for months, and it’s been a revelation to jump from world to world in Astro’s Playroom and Demon’s Souls with hardly any wait time. But that ethos of speed doesn’t seem to be applied to the day-to-day moments of using the console’s UI, and I really hope that Sony updates it soon to make things a bit more seamless.

But until then, you can listen for me cursing under my breath when I forget, yet again, that it’s a short press to get to the power menu, not a long one.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

New Xiaomi Android 11 roadmap reveals that the Redmi Note 8 Pro and Redmi Note 8 duo may receive the update after all – Notebookcheck.net

Published

 on


The Redmi Note 8 Pro looks set to get Android 11 after all. (Source: AndroidPit)
While previous information heavily indicated that the Redmi Note 8 Pro, Redmi Note 8, and Redmi Note 8T would not be eligible for Android 11, a new report leans towards the contrary. Apparently, the three phones are set to get Android 11 sometime in the future, with Xiaomi recently kickstarting internal testing.

Over the past few months, reports have surfaced strongly indicating that Xiaomi would not send the Android 11 update to its year-old mid-range devices like the Redmi Note 8 and Redmi Note 8 Pro. New information, however, leans towards the contrary, and owners of the two devices may yet be eligible for Android 11.

Interestingly, the source of this report, just a while ago claimed that neither the Redmi Note 8 Pro nor the regular Redmi Note 8 would be eligible for the newest version of Android. This is quite the turnaround in stance. The latest report claims that Xiaomi has now begun internal Android 11 testing for the Redmi Note 8 Pro, Redmi Note 8, and Redmi Note 8T—the latter two of which are essentially the same device.

While certain documents have surfaced indicating that Xiaomi only plans for one OS upgrade for its Redmi Note series devices, two OS upgrades for phones in that lineup would not be unheard of. The Redmi Note 5 Pro, for example, was launched with Android Nougat and received both Android Oreo and Android Pie.

In any case, you’d do well to take this information with a grain of salt—pending more concrete confirmation.

Let’s block ads! (Why?)



Source link

Continue Reading

Tech

A retail listing has revealed The Last of Us Part 2 PS5 upgrade could be in the works – VG247

Published

 on


By Dom Peppiatt,
Monday, 23 November 2020 14:28 GMT

A next-gen upgrade may be in the works for Naughty Dog’s latest game, making The Last of Us Part 2 PS5 a reality sooner than we thought.

A store listing for The Last of Us Part 2 has appeared over at Best Buy that suggests a next-gen update for the game could be in the works at Naughty Dog.

The Best Buy store listing for the PlayStation 4 physical copy of one of 2020’s biggest games includes a tag that reads “includes next-gen upgrade”.

[embedded content]

The development studio itself hasn’t formally announced any specific upgrades for The Last of Us Part 2 on PS5 – though the game does benefit from all the usual system-side upgrades backwards compatible games enjoy if you boot it up on the new hardware (including faster loading times and so on).

The Last of Us Part 2 also supports haptic feedback via the DualSense controller on PS5, but that’s about the extent of its next-gen support at the time of writing.

It may be that Best Buy has made the listing in error, and we’re not going to see more upgrades released for the game, but given that other PlayStation exclusives have received patches to make them perform better on the new hardware, that seems unlikely.

The Last of Us Part 2 is one of the biggest games of the year, is a critical hit, and won over a lot of players’ hearts as you can see in our review.

There’s also no mention of an upgrade on The Last of Us Part 2’s PS5 store listing page, though, so take Best Buy’s tag with a pinch of salt. The official Sony description for the game on PS5 actually notes that “while this game is playable on the PS5, some features available on PS4 may be absent”.

Last week, HBO greenlit a series based on The Last of Us that’s due to go into production soon. It will be helmed by Chernobyl’s Craig Mazin and executive produced and written by Neil Druckmann.

Sometimes we include links to online retail stores. If you click on one and make a purchase we may receive a small commission. For more information, go here.

Let’s block ads! (Why?)



Source link

Continue Reading

Trending