Alrescha
About
- Username
- Alrescha
- Joined
- Visits
- 48
- Last Active
- Roles
- member
- Points
- 234
- Badges
- 1
- Posts
- 41
Reactions
-
Zoom installer flaw can give attackers root access to your Mac
You raise an excellent point. The simple answer is that you must disable the updater (as opposed to 'installer'). In the future, if you want to preserve the security of your Mac, your process should be something like this:maltz said:That make no sense - I stop using the installer after I've installed the program. Can we get some clearer instruction on this?
1) Is the software available in the App Store?
If the answer is yes, then good. This means there's no installer, no updater, nothing that lives outside of a sandbox*. And no matter how cursory an inspection, you know that someone has taken a look at it.
2) No App Store, so the next question is 'does this software come with an installer?'
If the answer is no, but the software is signed/notarized by Apple, then good. The software is just a program, good or bad. It might not be able to run in a sandbox, but it's not obviously noteworthy.
3) This software comes with an installer. This means it needs to do something unusual under the covers. You should be questioning whether you really, really, need this program. It's almost inevitable that it's going directly to question 4, which is:
4) Does the installer want Admin/Root access?
Full stop. Close the the installer, take a breath. You have to ask yourself if this software is absolutely necessary. If it is, you must run something like Suspicious Package ( https://www.mothersruin.com/software/SuspiciousPackage ) and try and figure out what is going on. In the case of something like Chrome or Zoom you'll see that the installer is installing extra stuff that you don't want. Walk away. In my case I still needed to use Zoom so I used my iPad.
* I've lost count of the number of App Store developers who play bait-and-switch claiming that App Store restrictions prevent this feature or that and wouldn't I rather download the version from their website - and they're lying through their teeth. When you point out that *other* App Store programs have no problem doing this or that, they'll say 'ok, that will be fixed in our next release'.
