Are Popular Mac Apps Rendering Your Computer Unsafe?
Could you be rendering your Mac vulnerable to cyberattacks, just by running several popular applications? That’s the contention being made by security researchers, according to a recent report from Ars Technica. The report highlights popular BitTorrent downloading program uTorrent and screen-cropping video software Camtasia among “a large number of Mac apps” that are likely putting users in danger.
A Man-in-the-Middle Attack
So what’s the problem? According to the Ars Technica report, the danger here is what is called a “man-in-the-middle attack.” In this type of attack, a hacker hijacks a communication between two parties in the software community and uses the opportunity to serve malicious software to the second party (or otherwise alter the communication).
In the case of uTorrent, Camtasia, and other Mac apps, the so-called “man-in-the-middle” could be disrupting communications between Sparkle—the open-source software that developers use to serve updates to their applications—and the applications themselves. The version of Sparkle that the affected applications are using is vulnerable and outdated, in part because it uses an unencrypted HTTP channel to communicate with servers. As a result, hackers under the right conditions could feasibly interrupt the communications between the server and the end users of the apps. This situation could be exploited to insert malicious code into the communication. The attack can be executed on both El Capitan and Yosemite.
Taking Care of Your System
The Ars Technica report noted that security researchers have no way of knowing precisely how many apps could have this vulnerability. The article provided a link to a list of applications that use Sparkle for their updates, but not all Sparkle programs are using unencrypted HTTP channels (and are therefore not all vulnerable). The Technica report specifically named both uTorrent and Camtasia, as well as digital design app Sketch and Duet Display, a program that allows the iPad to be used as an extra Mac display. VLC Media Player, a popular video player app, also had the vulnerability but has since been updated.
So what should Mac users do about this particular issue? Our recommendation is to check the Sparkle app list to see which programs you are using. Then, check the latest blogs or updates from the developers to see if they have commented on this particular exploit and if, like VLC, they have released an update to patch the vulnerability. If the exploit has been patched, update your app immediately. If an app hasn’t been patched, you might be wise to stop using and/or updating the program for the time being.
