Skip to main content
Find a Lawyer
Please enter a legal issue and/or a location
Begin typing to search, use arrow keys to navigate, use enter to select

Find a Lawyer

More Options

Ex NSA Hacker Finds Security Flaw in macOS

By William Vogeler, Esq. | Last updated on

Dr. Alexander Fleming famously discovered penicillin by accident.

He found the mold growing in his lab, leading to one of the greatest advances in human history -- a cure for deadly infectious diseases. That's like Patrick Wardle's story -- without the mold.

The software security expert accidentally copied the wrong code and discovered a bypass to "do a lot of malicious stuff" to Apple products. Here's how it happened.

Accidental Discovery

Wardle, a former National Security Agency hacker, was testing an old macOS attack. He copied and pasted the wrong code, and ran it.

To his surprise, it allowed him to post synthetic clicks to security alerts. Basically, it bypassed Apple security and opened the door for malicious attacks.

"The ability to synthetically interact with a myriad of security prompts allows you to perform a lot of malicious actions," he told Ars Technica. "Many of Apple's privacy and security-in-depth protections can be trivially bypassed."

Wardle demonstrated the problem at a Def Con hacker convention in Las Vegas. Ars Technica said he exposed "a major shortcoming" in the macOS.

"Almost Embarrassed"

As the developer of the Objective-See Mac tools, Wardle informed Apple of the security issue. He said he wasn't trying to find a bypass.

But it happened, and it wasn't hard to do. He said it raises questions about the company's foundational security mechanism.

"If a security mechanism falls over so easily, did they not test this?" he asked. "I'm almost embarrassed to talk about it."

Related Resources:

Was this helpful?

You Don’t Have To Solve This on Your Own – Get a Lawyer’s Help

Meeting with a lawyer can help you understand your options and how to best protect your rights. Visit our attorney directory to find a lawyer near you who can help.

Or contact an attorney near you:
Copied to clipboard