The Kernel-Program-As-A-Disguise Edition Monday, March 7, 2016

First OS X Ransomware Detected In The Wild, Will Maliciously Encrypt Hard Drives On Infected Macs, by Benjamin Mayo, 9to5Mac

Users worried about being impacted by the ransomware should look for the ‘kernel_service’ process in Activity Monitor. This process is named like a kernel system program as a disguise, but it is actually the KeyRanger malware. If you are impacted, the recommendation is to restore to an earlier backup of your system before you installed Transmission. This is the best way to ensure the virus has been completely removed from the system.

It’s worth noting that the malware has only been detected in the Transmission app to date. It is unknown if it is more widespread, affecting other common apps.

Apple Users Targeted In First Known Mac Ransomware Campaign, by Jim FInkle, Reuters

An Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs. The representative said he could not immediately provide other details.

The malware is programmed to encrypt files on an infected personal computer three days after the original infection, according to Olson.

That means that if Apple's steps prove ineffective in neutralizing malware that has already infected Macs, the earliest victims will have their files encrypted on Monday, three days after the malicious program first appeared on the Tranmission website, he said.

Creation Of Vulnerabilities

Apple VP: The FBI Wants To Roll Back Safeguards That Keep Us A Step Ahead Of Criminals, by Craig Federighi, Washington Post

To get around Apple’s safeguards, the FBI wants us to create a backdoor in the form of special software that bypasses passcode protections, intentionally creating a vulnerability that would let the government force its way into an iPhone. Once created, this software — which law enforcement has conceded it wants to apply to many iPhones — would become a weakness that hackers and criminals could use to wreak havoc on the privacy and personal safety of us all.

I became an engineer because I believe in the power of technology to enrich our lives. Great software has seemingly limitless potential to solve human problems — and it can spread around the world in the blink of an eye. Malicious code moves just as quickly, and when software is created for the wrong reason, it has a huge and growing capacity to harm millions of people.

Mr. Fart’s Favorite Colors, by Blake Ross, Medium

The security we encounter every day — when it works at all — is usually built out of shades of gray: Lock your door. Need more? Arm your alarm. Even more? Don’t feed Fido for a day. Marginal benefits, marginal costs.

It’s easy to assume that digital security is just another spectrum, and politicians love to reinforce that — gray’s their favorite color. Every presidential candidate is offering the same Michael Scott solution: Let’s preserve everyone’s security at once! Give a little here, take a little there, half-pregnancies for all.

Unfortunately it’s not that complicated, which means it’s not that simple. Unbreakable phones are coming. We’ll have to decide who controls the cockpit: The captain? Or the cabin? Either choice has problems, but — I’m sorry, Aunt Congress — you crash if you pick 2.


The Challenges Of Porting Final Fantasy IX To Android And iOS, by Mike Minotti, VentureBeat

Of course, bringing a complicated role-playing game, especially an old one, to mobile takes work — especially when you’re trying to sell players on a premium experience on a platform where most of the big hits are free-to-play. GamesBeat interviewed Kouichiro Sakamoto, the director of Final Fantasy IX’s mobile and Steam version (the PC release isn’t out yet), over email about the challenges of adapting a classic to a touch-based screen.

E-mail Inventor Ray Tomlinson, Who Popularized @ Symbol, Dies At 74, by Cyrus Farivar, Ars Technica

If you’ve ever sent an e-mail, you can thank Raymond Samuel Tomlinson for putting the @ symbol there. On Friday, Tomlinson died of suspected heart failure. He was 74.

The First Network Email, by Ray Tomlinson

Bottom of the Page

I do want sandboxing of apps on the Mac OS X platform. I do want the protection of my computer just like how Apple protects my iPhone. Yes, there needs to be an user-accessible file system, something that isn't available on iOS. (The closest is iCloud Drive -- nowhere near a mature feature yet.) And I do have hope there's a viable solution somewhere.


Thanks for reading.