Pretty much, yeah.

UTM may be somewhat shinier, but you can run anything you like in qemu on a mac.

Jesus, what clickbait. It’s a bug in fluent bit.

Who goes out of their way to install requests-darwin-lite?

Some necessary caveats: This kind of attack can only be pulled off in relatively narrow circumstances by a dedicated attacker. Segal said the user would need to have installed a malicious browser extension or be in transit and use public Wi-Fi where their traffic could be intercepted and decrypted through a MITM attack.

Well, okay. Maybe there’s something new here, but despite the many paragraphs of exposition, this sounds like exactly the sort of cookie stealing attack that’s been possible for decades.

Is the big breakthrough here that somebody realized FIDO doesn’t change that? Like, uh, no kidding? What’s new?

And is the backdoor actually included in the crate or is this an overhyped nothingburger?

If you cover too much of the webcam, you won’t see the blinking light that says you’ve been owned.

This has been a problem for so long, and everyone just kind of assumes that maybe somebody else fixed it at some other layer. Nobody really thinks about it much. Usually because the poc requires certain preconditions, but they’re not that hard to find.

Not saying it’s nothing, but most of the time I’m using the VPN to access something on a network that’s not publicly accessible, so sending my traffic to the local network won’t do much either.

But if you’re using a VPN to get out of the local network, maybe this is concerning.

Cute attack, though. I like it.