Linked by Thom Holwerda on Wed 12th Sep 2018 00:00 UTC
Mac OS X

Back in 2016, security researcher and developer Jonathan Zdziarski released a tool called Little Flocker that could protect Macs at the file level. Much as a firewall analyzes and blocks network traffic, Little Flocker locked down the file system and allowed only authorized applications access to only approved files.

Little Flocker was too complex to manage for average users, but it quickly became a darling among Mac security experts.

[...]

When Zdziarski took a job at Apple in 2017, he sold Little Flocker to the security vendor F-Secure, which released it as Xfence. Zdziarski's job change started the clock ticking on when we might see similar capabilities built into macOS. With macOS 10.14 Mojave, Apple has added file-level protections, plus some additional security enhancements. And you know what? Mojave is running into the same usability issues that users of Little Flocker endured.

I had never heard of this functionality. It seems like one of those things particularly Apple ought to be good at to integrate in a user-friendly manner.

E-mail Print r 3   3 Comment(s)
Permalink for comment 662271
To read all comments associated with this story, please click here.
Comment by Drumhellar
by Drumhellar on Wed 12th Sep 2018 20:27 UTC
Drumhellar
Member since:
2005-07-12

It seems like one of those things particularly Apple ought to be good at to integrate in a user-friendly manner.


I doubt it. Whatever your security model is, it basically exists on a line:

One the left side is effectiveness, and the right side is convenience. Any security model exists on that line somewhere. The more convenient, the less effective, and vice-versa.

Creating an effective security model that is also convenient, I think, is something that simply wont happen. I think the two qualities are mutually exclusive.

Reply Score: 3