Collective Intelligence Podcast, Patrick Wardle on MacOS Firewall Security
LAS VEGAS—Patrick Wardle has spent a significant part of his career dissecting the security of—and sometimes lack thereof—the MacOS platform. Wardle, chief research officer at Digita Security and founder of Objective-See, has also dropped a litany of open source tools he’s built to keep Mac users safe.
At Black Hat and DEF CON last week, Wardle delivered two talks and announced the availability of Lulu, a free MacOS firewall that closes some of the gaps left behind by third-party firewall providers for the platform, as well as the OS’s native firewall.
In this episode of the Collective Intelligence Podcast recorded in the hallways of Mandalay Bay, Wardle talks about some recent research he did into firewalls for MacOS and discloses some of the architectural issues and resulting limitations present in both the native firewall and commercial products. Given the nature of these problems, a software patch isn’t necessarily the answer, rather likely instead a sizable rebuild of the product, complicating the availability of an adequate mitigation.
He also discusses his DEF CON talk where he describes an attack against MacOS where a threat actor with access to a compromised computer can interact with the user interface and control the user’s mouse clicks—essentially a synthetic click—to bypass security prompts available to the user, enabling access to the keychain, load third-party kernel extensions, or authorize an outgoing network connection.
Patrick also announces on the podcast a unique MacOS research conference scheduled for early November in Hawaii.
The Collective Intelligence Podcast, presented by Flashpoint and hosted by Editorial Director Mike Mimoso, features regular interviews with a diverse set of industry experts and Flashpoint analysts on the latest information security news and industry trends.
Michael Mimoso brings over a decade of experience in IT security news reporting to Flashpoint. As Editorial Director, he collaborates with marketing, analyst, and leadership teams to share the company’s story. Prior to Flashpoint, Mike was as an Editor of Threatpost, where he covered security issues and cybercrime affecting businesses and end-users.
Prior to joining Threatpost, Mike was Editorial Director of the Security Media Group at TechTarget and Editor of Information Security magazine where he won several ASBPE national and regional writing awards. In addition, Information Security was a two-time finalist for national magazine of the year. He has been writing for business-to-business IT publications for 11 years, with a primary focus on information security.
Earlier in his career, Mike was an editor and reporter at several Boston-area newspapers. He holds a bachelor’s degree from Stonehill College in North Easton, Massachusetts.