Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Security Desktops (Apple) Privacy Software

Sandboxed Mac Apps Can Record Screen Any Time Without You Knowing (bleepingcomputer.com) 59

Catalin Cimpanu, writing for BleepingComputer: Malicious app developers can secretly abuse a macOS API function to take screenshots of the user's screen and then use OCR (Optical Character Recognition) to programmatically read the text found in the image. The function is CGWindowListCreateImage, often utilized by Mac apps that take screenshots or live stream a user's desktop. According to Fastlane Tools founder Felix Krause, any Mac app, sandboxed or not, can access this function and secretly take screenshots of the user's screen. Krause argues that miscreants can abuse this privacy loophole and utilize CGWindowListCreateImage to take screenshots of the screen without the user's permission.
This discussion has been archived. No new comments can be posted.

Sandboxed Mac Apps Can Record Screen Any Time Without You Knowing

Comments Filter:
  • by Anonymous Coward

    To say, "If that worries you, maybe you're doing something you shouldn't be doing."

  • by Anonymous Coward on Sunday February 11, 2018 @11:58AM (#56104325)
    Should only be able to screenshot windows that are owned by the running process, not the entire display screen without being granted a specific permission to access whole display.
    • Re: (Score:3, Interesting)

      by Anonymous Coward

      This is Tim Cook's Apple we're talking about here. The guy allowed a release of an OS where one could log in with a blank root password. Yeah, I know, he's a "supply chain genius" which is why the iPhone X wasn't available for three months after it was announced and the fucking homepod just shipped two months late.

      • Re: (Score:2, Insightful)

        by Anonymous Coward

        Recent problems notwithstanding, Apple's operating systems have gotten vastly more secure under Tim Cook. Take a look at the scarcity of jailbreaks, for instance, or the inability for nation states to crack iPhone security, or the dedicated hardware functionality. There's a reason iOS vulnerabilities cost far more money on the black market than its competitors.

    • Easy to do if you've implemented it like that from the start. Quite a bit harder if this API has been public since 2007 and you don't want to cause incompatibility issues.

      How happy would you be as a developer if you did things according to the documentation at the time and then years later were told you have to change because the API contract is changed? Pray that we don't change it further?

      • by Anonymous Coward

        Easy... Display a dialog box asking if the user authorizes the operation. This should be a seldomly used operation, so it's not going to be invasive. If you see a dialog ever few seconds, you can at least know something shady is happening.

        • This should be a seldomly used operation, so it's not going to be invasive.

          Taking 30 screenshots per second when preparing a tutorial video for some application might be more invasive.

          • by AC-x ( 735297 )

            Taking 30 screenshots per second when preparing a tutorial video for some application might be more invasive.

            Do you want to grant this application access to your screen content?
            [ Yes ] [ No ] [X] Remember this answer

            Gee that was hard to fix wasn't it?

      • by Gr8Apes ( 679165 )

        Easy to do if you've implemented it like that from the start. Quite a bit harder if this API has been public since 2007 and you don't want to cause incompatibility issues.

        How happy would you be as a developer if you did things according to the documentation at the time and then years later were told you have to change because the API contract is changed? Pray that we don't change it further?

        You have obviously never programmed in MS land. The contract is built upon sand.

  • I mean isn't this true of every unsandboxed PC (or Mac) app ever?

    Does the sandbox promise to change this?

    • Re:Is this news? (Score:4, Informative)

      by QuietLagoon ( 813062 ) on Sunday February 11, 2018 @12:19PM (#56104409)

      ...Does the sandbox promise to change this?...

      Yes. A sandbox is a sandbox. You play inside your sandbox and are unable to affect or access things outside your sandbox that you should not access. It seems that, at some point, Apple forgot to restrict access to this API for sandboxed apps.

    • by AvitarX ( 172628 )

      Yes, the entire point of a sandbox is it can't get data from other apps.

      Or at least without specific warnings that it's doing something outside of just being a self contained app.

      • Yes, the entire point of a sandbox is it can't get data from other apps.

        Or at least without specific warnings that it's doing something outside of just being a self contained app.

        I wonder if any other security-conscious OSes have this security-hole? Looks like a pretty easy one to miss.

      • If it says sandbox, it needs to be sandbox. They better fix this.

  • There is a saying: "You can program Fortran in any language"... and it applies here: "You can X Windows in any OS".
  • Does anyone have info about how to easily run in a sandbox mac apps that are not from the app store and don't use the sandbox api? I only found the below article from 3 years ago, and had trouble getting it to work in the past. I just want to run an app in a jail and maybe as a less privileged user. I am not talk8ng about apps that voluntarily implement the api so that they are allowed in the app store. Otherwise I'm very uncomfortable about installing a dmg from some website even if it is a known vendor. I

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...