Any Mac App Can Purportedly Record Your Screen Without You Knowing

Any Mac App Can Purportedly Record Your Screen Without You Knowing

Posted by · 22547 views · Translate

Any Mac app can record your screen at any time without your knowledge, according to
Felix Krause, founder of fastlane.

Krause says that any Mac app, sandboxed or not, has the ability to take screenshots of your screen silently without you knowing, accessing every pixel of all displays even if the app is in the background. Those images can then be fed through OCR software to read the text on the screen.

What’s the worst that could happen?
● Read password and keys from password managers
● Detect what web services you use (e.g. email provider)
● Read all emails and messages you open on your Mac
● When a developer is targeted, this allows the attacker to potentially access sensitive source code, API keys or similar data
● Learn personal information about the user, like their bank details, salary, address, etc.

To do this, a Mac developer simply needs to use CGWindowListCreateImage to generate a capture of the complete screen.

Krause has filed a radar to notify Apple about the issue. Please follow iClarified on Twitter, Facebook, Google+, or RSS for updates.

Read More

Any Mac App Can Purportedly Record Your Screen Without You Knowing

mmexus - February 12, 2018 at 3:27pm
To prevent these routines is now APPLE's turn ... ... or does anyone have the desire / an idea to write a small app to uncover the described functions and then delete the septic program?!?
Charlie Mix - February 11, 2018 at 2:49pm
Is not that how he found you?
D4xM4Nx - February 11, 2018 at 8:45am
WTF can't believe this idiot just revealed the vulnerability to everyone! I'd like to think Apple is working on this, and we're gonna have the hotfix ¿tomorrow? Geez... High Sierra is the iOS 11 for macs.
Raas al Ghul - February 11, 2018 at 7:53am
Not being funny or taking Apple’s side but if there was a app detailing all the vulnerabilities found in Windows OS daily it will be a lot more than Mac OS The only difference is a vulnerability found in Mac OS is made breaking news
iAmMe - February 11, 2018 at 6:14am
And windows doesn’t? LOL. I’m a developer and it’s pretty much a standard access of any app. Also passwords doesn’t show password unless you click on the show password and besides, it all comes down to “install only the apps you trust.” LOL
6 More Comments