{"id":53344,"date":"2023-08-22T14:53:41","date_gmt":"2023-08-22T14:53:41","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34931\/Apples-Defense-Against-Apps-Vandalizing-Other-Apps-Is-Still-Broken-Developer-Claims.html"},"modified":"2023-08-22T14:53:41","modified_gmt":"2023-08-22T14:53:41","slug":"apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/","title":{"rendered":"Apple&#8217;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims"},"content":{"rendered":"<p><span class=\"label\">Updated<\/span> Apple last year introduced a security feature called App Management that&#8217;s designed to prevent one application from modifying another without authorization under macOS Ventura \u2013 but a developer claims it\u2019s not very good at its job under some circumstances.<\/p>\n<p>&#8220;If an app is modified by something that isn&#8217;t signed by the same development team and isn&#8217;t allowed by an <code>NSUpdateSecurityPolicy<\/code>, macOS will block the modification and notify the user that an app wants to manage other apps,&#8221; explained Justin Sagurton of Apple\u2019s privacy engineering team, in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/developer.apple.com\/videos\/play\/wwdc2022\/10096\/\">video presentation<\/a> at the fruity computer seller&#8217;s 2022 Worldwide Developers Conference.<\/p>\n<p>Alas, this particular security mechanism \u2013 available to users via System Settings -&gt; Security &amp; Privacy -&gt; App Management \u2013 appears not to manage app security very well.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Last October, Jeff Johnson, who develops software for various Apple platforms through his Underpass App Company, found that <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/developer.apple.com\/documentation\/security\/app_sandbox\">sandboxed apps<\/a> can bypass App Management.<\/p>\n<blockquote class=\"pullquote\" readability=\"5\">\n<p>A sandboxed app can modify a file that is supposed to be protected by App Management<\/p>\n<\/blockquote>\n<p>The bug he found is similar to a bypass of Gatekeeper \u2013 a macOS feature designed to ensure that only trusted code can run on Apple computers \u2013 <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/12\/20\/macos_gatekeeper_flaw_microsoft\/\" rel=\"noopener\">identified by Microsoft researchers<\/a> last year.<\/p>\n<p>In a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/lapcatsoftware.com\/articles\/2023\/8\/3.html\">blog post<\/a> on Monday, Johnson describes how he was able to modify a Firefox settings file, <code>update-settings.ini<\/code>, in TextEdit, a macOS app, to change its behavior without triggering App Management intervention.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>&#8220;TextEdit is sandboxed,&#8221; he explains in his post. &#8220;Ironically, sandboxing was designed to prevent attacks, but in this case it allows an attack. That&#8217;s the bug, the vulnerability. A sandboxed app can modify a file that is supposed to be protected by App Management.&#8221;<\/p>\n<p>But this isn&#8217;t just about a file integrity risk posed by a local attacker. Johnson&#8217;s proof-of-concept <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/lapcatsoftware.com\/articles\/downloads\/AppManagementBug.zip\">exploit<\/a> [ZIP] consists of a non-sandboxed app embedded within a sandboxed one. When downloaded from the internet, it prompts the user for a file path and then delegates file alteration to the embedded sandboxed app.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>So the App Management hole could be used as part of an attack chain initiated through a downloaded malicious file.<\/p>\n<p>Johnson says he tested his proof-of-concept attack against macOS 13.5.1, <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/support.apple.com\/en-us\/HT201222\">released five days ago<\/a>, and it bypasses App Management, allowing any file in the app bundle (the main executable, a configuration file, or a license) to be altered. And the App Management system does not protest.<\/p>\n<p>In a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/lapcatsoftware.com\/articles\/2023\/8\/2.html\">preceding post<\/a>, he says he reported the bug to Apple on October 19, 2022, and the iPhone giant acknowledged the bug report on October 21, 2022 \u2013 three days before the first general release of macOS Ventura (macOS 13), the most current supported release of Apple&#8217;s desktop operating system.<\/p>\n<p>More than 300 days later, Johnson says the bug remains unfixed, so he has decided to go public with it.<\/p>\n<p>&#8220;Apple hasn&#8217;t said anything about how serious they consider the issue to be, although perhaps their actions speak louder than words,&#8221; Johnson told <em>The Register<\/em> in an email. &#8220;I did ask Apple Product Security to estimate the bounty payment, and they refused. In all communications with Apple Product Security, they refuse to say much, which makes them very frustrating to work with.&#8221;<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Apple&#8217;s reluctance to communicate openly with the security community has been a longstanding point of contention among those who look for flaws in the tech giant&#8217;s software and hardware, as underlined by the objections raised by researchers following the biz&#8217;s ill-fated proposal in 2021 to <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/08\/18\/apples_csam_hashing\/\" rel=\"noopener\">scan content on iDevices<\/a> for illegal child abuse material.<\/p>\n<p>Cupertino&#8217;s silence about bugs prompted developer Tim Burks in 2008 to create <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/openradar.appspot.com\/page\/1\">OpenRadar<\/a> \u2013 a community bug-reporting site dedicated to showing programming blunders affecting Apple operating systems \u2013 because the outfit&#8217;s own Radar bug-reporting system <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/openradar.appspot.com\/faq\">is not<\/a> available to the general public.<\/p>\n<p>Apple did not respond to a request for comment, as is usually the case when contacted by <i>The Register<\/i>.<\/p>\n<p>&#8220;I would say that my vulnerability renders App Management null and void,&#8221; said Johnson. &#8220;The protection has never been effective. Apple shipped it with a gaping hole from day one. The vulnerability is quite trivial to exploit.&#8221;<\/p>\n<p>However, Johnson said that since App Management is a new addition to macOS Ventura, the current macOS is no more vulnerable than previous releases that didn&#8217;t have the broken feature.<\/p>\n<p>&#8220;That&#8217;s why I don&#8217;t feel too bad about publicly disclosing the vulnerability,&#8221; he said. &#8220;My disclosure hasn&#8217;t made Mac users worse off than before; it&#8217;s simply the case that App Management never made Mac users better off than before. The new feature didn&#8217;t work as advertised.&#8221; \u00ae<\/p>\n<h3 class=\"crosshead\">Updated to add<\/h3>\n<p>\u201cI could see this being something malware could (ab)use to surreptitiously infect local applications, perhaps as a way to stealthily persist,\u201d said Patrick Wardle, cybersecurity researcher and founder of security non-profit Objective-See, in a post-publication message to <em>The Register<\/em>.<\/p>\n<p>He added this kind of modification would break the vandalized app&#8217;s digital signature so entitlements granted to the software would be lost.<\/p>\n<p>\u201cTo me the bigger issue is Apple\u2019s inability to respond and fix this in a timely manner,\u201d he added, noting that he encountered something similar with another new Ventura feature, BTM or Background Task Management.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34931\/Apples-Defense-Against-Apps-Vandalizing-Other-Apps-Is-Still-Broken-Developer-Claims.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[5778],"class_list":["post-53344","post","type-post","status-publish","format-standard","hentry","category-packet-storm","tag-headlineprivacyphoneflawapple"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Apple&#039;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Apple&#039;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-08-22T14:53:41+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Apple&#8217;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims\",\"datePublished\":\"2023-08-22T14:53:41+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/\"},\"wordCount\":878,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,privacy,phone,flaw,apple\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/\",\"name\":\"Apple's Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2023-08-22T14:53:41+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,privacy,phone,flaw,apple\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlineprivacyphoneflawapple\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Apple&#8217;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Apple's Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/","og_locale":"en_US","og_type":"article","og_title":"Apple's Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-08-22T14:53:41+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Apple&#8217;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims","datePublished":"2023-08-22T14:53:41+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/"},"wordCount":878,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,privacy,phone,flaw,apple"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/","url":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/","name":"Apple's Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2023-08-22T14:53:41+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/research&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2ZOWerKdnvSH7scMndeplPQAAAIA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/apples-defense-against-apps-vandalizing-other-apps-is-still-broken-developer-claims\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,privacy,phone,flaw,apple","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlineprivacyphoneflawapple\/"},{"@type":"ListItem","position":3,"name":"Apple&#8217;s Defense Against Apps Vandalizing Other Apps Is Still Broken, Developer Claims"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53344","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53344"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53344\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53344"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53344"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53344"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}