Following your "logic", Best Buy is responsible for the millions of computers that get infected with shit from running copies of Windows that were purchased at Best Buy and not patched / maintained? Because Best Buy just "pays for the brains of these app developers and then they resell it" ?
Brilliant.
In no way does what the guy is describing magically allow code to take control of the full OS. If an application is executing, and then executes a maliciously crafted dylib, that dylib is still running as the user who executed the parent application - a.k.a. not root unless you've bent over backwards to re-enable the root user and log in as root because you completely hate security and best practices. If it wants to do something outside the permissions envelope of that user, it will still have to ask permission just like anything else on the OS; even if you are running as admin - all that gets you is the ability to put in your password to allow it, rather than have to click cancel. The only way around that is to also combine a privilege elevation exploit - and now we're getting into the incredibly improbable that you could find a signed app that would do both without a user seeing anything odd.
At the end of the day, GateKeeper wasn't designed to prevent that anyway, and this guy is presenting a massive straw man. GateKeeper was designed to give you a decision point between clicking on the random thing that appeared in your downloads folder, and getting owned. That's it.
If it works for them, and they are happy with it, what the fuck do you care?
I really don't understand this attitude that everyone must use the same tool for all jobs, ever.
Back in the day I was doing some crappy Visual Basic stuff using VirtualPC on Mac System 7.5 for school. There were x86 emulators for Moto 68K and PowerPC, and for 1995 they worked pretty damn good.
Damn, I guess I better stop playing any game I want to on my Mac Pro, because you say that I can't.
Hint: Macs can boot Windows now, and have been able to for like 9 years.
There were times in the past when you didn't need Intel x86 to run Windows - there were PowerPC and Alpha versions of Windows NT Workstation.
1. If you are using OS X Profile Manager (or any MDM provider you probably already have to deal with iOS and Android), you don't need to maintain an "enterprise image" because you can just enroll a Mac and have it automatically become the enterprise image far quicker than you can reimage it, or pay Dell to image it by defining OS X profiles and assigning them to machine groups a la AD Group Policy.
2. You don't buy direct from Apple - even in enterprise sales they do the legwork and hand you off to a value-added reseller with the bid price in hand, and any VAR worth doing business with can give you the serial numbers and MAC addresses. Or, use the built-in Apple Remote Desktop agent to query the serial number and MAC addresses en masse from the machines when you do #1.
Macs can play nice in the enterprise, as long as you spend half an hour learning how.
Also, Dell has been on a buying spree of enterprise solutions lately - they'll crowbar their way into your enterprise one way or another; be it with data-at-rest encryption software, firewalls and routers, switching, thin clients, storage, etc.
Yeah, because there's clearly no room between trailer park denizens and the 1%.
What an idiot.
Enough lead time and you can prep for anything nature throws at you other than universe-scale problems like the heat death of the universe. Maybe even that can be managed successfully though I'm not feeling up to it.
Yeah, so we know that the sun will burn out in ~5 billion years. Get cracking.
Be sure to save game first - you may need to re-load if you don't get it quite right.
I still don't see how this is any different from just exploiting an app vulnerability, regardless of the presence of GateKeeper. What you describe is no different than the hundreds of arbitrary code execution vulnerabilities found in Flash, Java, etc. since the dawn of these frameworks.
GateKeeper was never meant to keep all malicious code from executing, ever. It was meant to give you an "are you really sure you want to run this thing that appeared in your downloads folder" chance to not screw yourself over because some git with a website thought it would be cool to force-download some garbage to your computer.
In order to have raw access to the disk, you need to elevate permissions to root. If you can do that, there's no reason to go after the block storage - you already own the whole thing.
Yeah, my thoughts exactly. And, by the way, how is it a problem with the OS if a signed app has a vulnerability you are exploiting? That sounds like a problem with the app to me.
"Oh, I can own OS X - I just need to convince Microsoft Outlook to run arbitrary code with privilege elevation!"
*Yawn*
So if one sucked and the other blew, did it equalize pressure and result in the only known stable configuration of Windows and / or iTunes?
How can you do 'New Math' problems with an 'Old Math' mind? -- Charles Schulz
