Linked by Thom Holwerda on Wed 12th Sep 2018 00:00 UTC
Mac OS X

Back in 2016, security researcher and developer Jonathan Zdziarski released a tool called Little Flocker that could protect Macs at the file level. Much as a firewall analyzes and blocks network traffic, Little Flocker locked down the file system and allowed only authorized applications access to only approved files.

Little Flocker was too complex to manage for average users, but it quickly became a darling among Mac security experts.

[...]

When Zdziarski took a job at Apple in 2017, he sold Little Flocker to the security vendor F-Secure, which released it as Xfence. Zdziarski's job change started the clock ticking on when we might see similar capabilities built into macOS. With macOS 10.14 Mojave, Apple has added file-level protections, plus some additional security enhancements. And you know what? Mojave is running into the same usability issues that users of Little Flocker endured.

I had never heard of this functionality. It seems like one of those things particularly Apple ought to be good at to integrate in a user-friendly manner.

Permalink for comment 662248
To read all comments associated with this story, please click here.
Comment by przemo_li
by przemo_li on Wed 12th Sep 2018 10:56 UTC
przemo_li
Member since:
2010-06-01

"I had never heard of this functionality. It seems like one of those things particularly Apple ought to be good at to integrate in a user-friendly manner."

Apple is awesome at limiting, downgrading and simplifying.

But per-file firewall is as simple as it gets if it's to be usable. It's basically hard problem to solve, nothing like the stuff Apple is famous for.

Reply Score: 5