Gatekeeper is
a control system that, when running a downloaded application, checks that it is
signed. This allows blocking applications created by malware developers.
If we download
any application from outside the App Store, it will have to be verified by
its digital signature , if it is not verified by Apple it forces us to
manually confirm its execution.
A researcher
security checked that the tool is considering external drives
as safe sites, therefore, having an apk installed from any
source and running it from these drives, it would open without checking the
signature.
It may be that
this does not seem very concerning, but, this flaw can allow the
pirata instalar malware sin que el usuario tenga constancia de ello ya que Mac está
configurado para montar automáticamente unidades de red y externas.
The researcher
de seguridad que descubrió en fallo aviso a Apple, However, la compañía no ha dado noticias sobre este
fallo desde mayo no da respuestas sobre este fallo.
For the moment
las únicas maneras de protegerse ante este fallo son: descargar las
aplicaciones de web’s fiables y deshabilitar el montaje automático de unidades.
Below, os dejamos un vídeo de cómo el investigador se saltaba la seguridad: