Saturday, February 27, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Apple deprecating macOS kernel extensions (KEXTs) is a great win for security

February 8, 2020
in Internet Security
Apple deprecating macOS kernel extensions (KEXTs) is a great win for security
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: Bundo Kim

At the WWDC conference last year, Apple announced plans to deprecate macOS “kernel extensions” (KEXTs) and replace them with a new mechanism called “system extensions.”

The first step towards this announcement was made with the release of macOS Catalina (10.15.0) in September 2019, when system extensions were introduced alongside kernel extensions.

You might also like

Fastest VPN in 2021 | ZDNet

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

Chrome will soon try HTTPS first when you type an incomplete URL

The final step of Apple’s plan will come into effect in the coming weeks, with the upcoming release of macOS Catalina 10.15.4.

According to Apple, starting with macOS 10.15.4, use of kernel extensions will trigger a notification to the user that the software includes a deprecated API and will ask the user to contact the developer for alternatives.

What’s the difference between the two?

Both kernel extensions and system extensions serve the same purpose. They allow users to install apps that extend the native capabilities of the macOS operating system.

Apps install kernel/system extensions that allow them to perform operations for which macOS has no native features or functions.

Mac antivirus software, firewalls, VPN clients, DNS proxies, USB drivers, and others, all make use of kernel extensions.

The difference between these two new extension systems is that the older kernel extensions execute their code at the macOS kernel level, while the newer system extensions run in a more tightly-controlled user-space.

Great move for security

“From Apple’s point of view, this a major step towards improving the security of macOS,” Patrick Wardle, Principal Security Researcher at Jamf, and a well-known macOS security expert, told ZDNet in an interview this week.

“Third-party kernel extensions do pose a juicy attack vector for attackers targeting macOS,” he added. “Especially if you, as an attacker can exploit a kernel extension, or load your own (assuming it’s signed).”

And attacks involving KEXTs have happened in the past [1, 2, 3].

“It’s really game over for macOS,” Wardle said. “Many many security mechanisms are implemented/enforced in the kernel.”

Wardle says that an attack like this wouldn’t work with system extensions, as they run in user-mode.

“As they don’t run in the kernel, an exploit doesn’t give you kernel-mode access anymore as it did with a KEXT exploit,” Wardle said.

“So Apple basically wants to kick everybody out [of the kernel], largely for security reasons.”

Potential downsides

However, Wardle says there’s also a downside to this move.

The first is that by kicking app devs out of the kernel, Apple also gains a lot more control over macOS, similar to the control they have over iOS.

Until now, macOS has been a haven for developers and its users. If macOS didn’t have a specific feature, developers could just create an app and leverage a kernel extension to add the features they needed.

The second downside is that many security tools themselves, have heavily relied and have been built around the full access kernel extensions provide to a user’s Mac. One might argue that Apple’s move towards system extensions might end un neutering security products, which will lose some of their ability to detect and stop malware along the way.

However, Wardle, who is the author of many free macOS security tools, says that Apple has provided “some great user-mode frameworks that provide 3rd-party security tools the capabilities to they need,” so it appears that Apple hasn’t been cutting the branch from under its feet, just yet.

But for the time being, it is unclear if system extensions would provide the same versatility and coding freedom as kernel extensions. This remains to be seen — and a topic for another article — as we’ll need more time for macOS developers to slowly make the switch to system extensions going forward.

However, Wardle points out that the move is a good one for macOS security, overall, regardless of other possible reasons for Apple’s move.

Credit: Zdnet

Previous Post

Toronto machine learning startup Dessa acquired by Square

Next Post

AI and the flu - Becoming Human: Artificial Intelligence Magazine

Related Posts

Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
Chrome will soon try HTTPS first when you type an incomplete URL
Internet Security

Chrome will soon try HTTPS first when you type an incomplete URL

February 27, 2021
Go malware is now common, having been adopted by both APTs and e-crime groups
Internet Security

Go malware is now common, having been adopted by both APTs and e-crime groups

February 27, 2021
Why your diversity and inclusion efforts should include neurodiverse workers
Internet Security

Why your diversity and inclusion efforts should include neurodiverse workers

February 26, 2021
Next Post
AI and the flu – Becoming Human: Artificial Intelligence Magazine

AI and the flu - Becoming Human: Artificial Intelligence Magazine

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

New AI Machine Learning Reduces Mental Health Misdiagnosis
Machine Learning

New AI Machine Learning Reduces Mental Health Misdiagnosis

February 27, 2021
Fastest VPN in 2021 | ZDNet
Internet Security

Fastest VPN in 2021 | ZDNet

February 27, 2021
Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market
Data Science

Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market

February 27, 2021
MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company
Machine Learning

MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company

February 27, 2021
How AI Can Be Used in Agriculture Sector for Higher Productivity? | by ANOLYTICS
Neural Networks

How AI Can Be Used in Agriculture Sector for Higher Productivity? | by ANOLYTICS

February 27, 2021
Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid
Internet Security

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

February 27, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • New AI Machine Learning Reduces Mental Health Misdiagnosis February 27, 2021
  • Fastest VPN in 2021 | ZDNet February 27, 2021
  • Increasing Adoption of Informatics will Promote Growth of Data Analytics Outsourcing Market February 27, 2021
  • MindMed Closes Acquisition of HealthMode, a Leading Machine Learning Digital Medicine Company February 27, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates