Tag: Apple

Apple Will Officially No Longer Sell Routers

After more than two decades in the business, Apple is officially going to stop selling routers.  The writing has been on the wall for a while now, since the company’s “AirPort” family of products hasn’t received a significant update in more than five years.

When Apple first introduced its AirPort product line, wireless computing was still something of a rarity, and Apple’s offerings were ahead of their time.  In the years between then and now though, the market has changed significantly.  Unfortunately, Apple’s product line never really changed with it.

These days the competition is fierce with industry giants like Google and Linksys both offering great options for power users. With the rise of mesh networks, the AirPort product line has fallen increasingly behind the times.

The company announced that it would sell its existing AirPort product inventory and support its current user base for the time being, but after that, it would quietly fade away.  The company has simply moved on and has redirected its efforts toward other initiatives.

In looking at the broader market, it’s not a huge blow. Of course, if you own and use an AirPort product, now is the time to begin casting about for alternatives.  The clock is ticking, and once Apple sheds its existing inventory, we can expect to get an end of support date from them. This will leave any AirPort products still in operation at that point increasingly vulnerable to a variety of hacks.

Even so, given how ubiquitous wireless networking is these days, and how many powerful options are out there, finding a replacement for your AirPort product shouldn’t present too much of a challenge.  Just make sure your IT staff knows that the end is nigh, so they can get a replacement in place before the clock runs out.

Vulnerability In Mac OS Went Unnoticed For Years

Researchers at Okta Security have stumbled across something big.  Recently, they discovered a flaw in Apple’s OS that would have allowed hackers to completely undermine Apple’s code signing process.

While at first glance that doesn’t sound so bad, the implications are terrifying.  In a nutshell, code signing uses cryptographic “signatures” to verify and validate code.  If code bears the digital signature, it is considered trusted.  If it’s trusted, then it’s given an automatic free pass, straight into the heart of any system.

Unfortunately, this flaw in Apple’s code signing process dates back more than a decade. It was only recently discovered, and purely by chance at that.

An extensive forensic analysis has turned up no evidence suggesting that this exploit was ever used for nefarious purposes, which is the one silver lining in all of this.

Upon discovering the flaw, Okta personnel reached out to Apple and other vendors who could have been impacted by the flaw, including tech giants like Google, Facebook and also smaller players like VirusTotal, Objective Development, Yelp, and Carbon Black.

Apple moved swiftly and has since fixed the issue, so this one can be considered a bullet dodged.

Josh Pitts, an Okta engineer, sums the issue up:

“Different types of tools and products use code signing to implement actionable security; this includes whitelisting, antivirus, incident response and threat hunting products.  To undermine a code signing implementation for a major OS would break a core security construct that many depend on for day to day security operations.”

A completely fair assessment.  Thankfully (at least in this particular case), although the issue was hiding in plain sight, it does not appear to have been exploited before being fixed.  We won’t always be so lucky.