Facing a company Apple has problems due to a new feature in macOS Big Sur that allows many of its apps to bypass firewalls and VPNs.
This feature could potentially allow malware to exploit the same limitations to gain access to sensitive data stored across users’ systems and to transfer it to remote servers.
A Twitter user first spotted this problem last month via a beta version of the operating system.
And theHe said User: Some Apple apps bypass some firewalls and VPN apps, so Maps can directly access the Internet bypassing whatever NEFilterDataProvider or NEAppProxyProviders you have running.
The behavior has not changed after the iPhone manufacturer released the latest version of macOS to the public on November 12, raising concerns from security researchers, who say the change is subject to abuse.
Of particular note is the possibility that a bypass leaves macOS systems open to attack, not to mention the inability to restrict or block network traffic at the discretion of users.
According to security researcher Patrick Wardle, Excused Apple has 50 firewall apps and processes like Little Snitch and Lulu.
A change in behavior comes when Stopped Apple’s Network Kernel Extension – which software developers have used to make apps interact directly with the operating system – last year in favor of the Network Extensions Framework.
Wardle said across Tweet Posted in October: It was previously possible to implement a comprehensive firewall over the Network Kernel Extension, Apple has stopped using the Network Kernel Extension, and given us the Network Extensions Framework, but it appears that many Its applications go beyond this filtering mechanism.
And lets up NEFilterDataProvider The ability to monitor and control Mac network traffic, Hence, circumventing the NEFilterDataProvider makes it difficult for VPNs to block Apple apps.
And theshow up Also list an example of how malicious apps can exploit this bypass in order to pull sensitive data onto a server controlled by the attacker.
The company’s drive to make its private applications exempt from firewalls and VPNs remains unclear.
It is likely that this is part of Apple’s efforts to combat malware and piracy by keeping traffic from its apps outside of VPN servers and preventing access to geographically restricted content over VPNs.
It is noteworthy that firewalls are not specific to corporate networks only, but rather used by a large number of people concerned with security or privacy to filter or redirect traffic sent inside and outside the computer.