Apple promises to up the security game on Gatekeeper issues



Apple has revealed steps to review its security policies in the wake of the Gatekeeper bug that recently affected new Mac users. Gatekeeper is a workaround used by macOS to ensure that only trusted software runs on a user's device. However, it seemed that the technology needed to be slightly reconfigured after a recent update to the Mac operating system. Shortly after Apple released its new macOS update, Big Sur, users started reporting problems opening third-party apps. Gatekeeper was reportedly unable to verify the developer certificates of these apps due to a server-side issue. The bug has also raised privacy concerns among users, with many wondering whether Apple has logged all apps launched by Mac users and whether this information could be used to give the Cupertino-based company a competitive advantage. Now Apple has provided a security update in an attempt to allay those fears.

New rules

"Gatekeeper performs online checks to see if an app contains known malware and if the developer's signing certificate is revoked," Apple's security update explains. “We never combine the data from these checks with information about Apple users or their devices. We do not use the data from these checks to find out what users are running or running on their devices. However, Apple has promised to introduce several changes to its security controls over the next year. These include a new encrypted protocol for revoking Developer ID certificates, stronger protections against server failures, and most importantly, an option to users to opt out of new security protections.The updated policy is expected to prevent a similar outage involving the Gatekeeper software from happening again, and hopefully further allay privacy concerns.Via TechCrunch

You might also be interested ...