macOS Mojave Security Flaw Discovered: What to Do
There's already a vulnerability in Apple's newest operating system.
"I found a trivial, albeit 100% reliable flaw in their implementation," Wardle said of Mojave's security protections.
Wardle was specifically able to access the information about confidential user contacts (for example, addresses and phone numbers).
The flaw extends to a number of other Mojave security features as well. And this attack doesn't affect hardware, so Wardle can't use it to get into your webcam.
To access the information, Wardle used an unauthorized app to copy his address book to the desktop. The process takes only a minute.
However, we don't yet know the exact details of what Wardle has done. He'll be presenting them at the upcoming Mac Security Conference he is organizing in November. Until then, we won't know exactly how to protect your data from programs like this.
In the meantime, however, you can select and pre-authorize only certain apps to access sensitive data. To do this, go to System Preferences > Security and Privacy.
You should also be very careful about who you allow to access your computer, and about downloading and running programs you aren't familiar with.