 Apple removed today a very popular anti-malware app called Adware Doctor from the Mac App Store because it was gathering browsing history and other sensitive information without a user's permission and then uploading it to someone in China. Adware Doctor is promoted as an anti-malware and adware protection program that claims to be able to protect your Mac from malicious files and browser from adware. This program was the #1 paid utility in the Mac App Store with a 4.8-star rating and over 7,000 reviews. While it may have had the ability to remove infections on your Mac, it was also discovered to be quietly uploading a user's personal data without their permission to a remote site. This behavior was first discovered by a security researcher named Privacy 1st who noticed that Adware Doctor would gather a user's browsing history from the Chrome, Safari, and the Firefox browsers, a list of running processes, and App Store search history. This information is then stored in a password protected zip file called history.zip. After the history zip was created, it would be uploaded to a remote server. In a blog post released today, Patrick corroborates Private_1st's findings and provides a detailed analysis of how the program would secretly gather a user's browsing habits and application details and then upload it to a remote host. When Adware Doctor uploaded a user's data, it would send the history.zip file to a remote host named adscan.yelabapp.com. While this domain is hosted on Amazon AWS servers, its DNS records clearly show that it is administered by someone from China. Continue reading on OUR FORUM.  The browser extension for the Keybase app fails to keep the end-to-end encryption promise from its desktop variant. Keybase is a communication and collaboration application focused primarily on securing the traffic from source to destination through public-key cryptography. Wladimir Palant, the maker of popular AdBlock Plus content filtering tool, looked at how the web extension for Keybase works and noticed that the messages it sends are exposed to third-party JavaScript code. The extension adds a "Keybase Chat" button into profiles pages for Facebook, Twitter, GitHub, Reddit, and Hacker News. Clicking on the button opens a chat window where users can type their message. "When you compose your text and 'send' it, the extension passes it to your local copy of Keybase, which encrypts the message and sends it through Keybase chat," informs the FAQ section for the Keybase Chrome and Firefox extension. And herein lies the issue signaled by Palant: messages are not encrypted until they reach the desktop app; Keybase injects its button into web pages, but it does not isolate itself from them. "So the first consequence is: the Keybase message you enter on Facebook is by no means private. Facebook’s JavaScript code can read it out as you type it in, so much for end-to-end encryption," Palant explains. Check it out at OUR FORUM.  Microsoft is reportedly working on a modular platform codenamed Windows Core OS. Last month, a Microsoft job posting revealed additional details of Microsoft’s modular OS. Today, a LinkedIn profile has surfaced online, giving us a peek at what Windows Core OS might be about. Today, we have come across an alleged LinkedIn profile of a Microsoft software engineer who was working on the Windows Core OS (WCOS) project. The profile page has revealed that Windows Core OS is not only a modular platform but also a security-focused operating system. The LinkedIn profile hasn’t revealed the release date or any other interesting details of the Windows Core OS but it looks like Microsoft is planning to enable the next generation security features in WCOS at the OS image level. “Our project was one of the first Windows Core (WCOS) based projects to migrate to the new image build system tooling designed to enable the next generation security features of the operating system at the OS image level,” the profile reads. This “next generation security features” hints at many security features that could make their way to future versions of Windows — something Synaptics has confirmed during a conference. To recall, during a conference between Synaptics and AMD, the companies discussed how biometrics could secure the “next-generation” Windows operating system. While there’s no mention of WCOS anywhere in the call, it’s certainly possible that the two companies were referencing to Windows Core OS in their mention of a next-generation Windows. Find out more on OUR FORUM. |
Latest Articles
|