|
Title: Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack Post by: HCK on September 25, 2015, 09:00:07 am Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack
Following last week's disclosure of new iOS malware called XcodeGhost (http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/), which arose from malicious versions of Xcode hosted on third-party servers, Apple has outlined instructions (https://developer.apple.com/news/?id=09222015a) for developers to ensure the version of Xcode they are using is valid. <img src="(http://cdn.macrumors.com/article-new/2015/09/XcodeGhost-Featured1.jpg)" alt="XcodeGhost-Featured" width="736" height="248" class="aligncenter size-full wp-image-466154" /> When downloading Xcode from the Mac App Store, or Apple's website so long as Gatekeeper is enabled, OS X automatically checks the app's code signature and validates it against Apple's code. If you must obtain Xcode elsewhere, follow these steps: To verify the identity of your copy of Xcode run the following command in Terminal on a system with Gatekeeper enabled:Apple issued a statement (http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/) in response to XcodeGhost over the weekend, noting that it has removed all infected apps it is aware of from the App Store and is working with developers to ensure they are using a legitimate version of Xcode. "We’ve removed the apps from the App Store that we know have been created with this counterfeit software. We are working with the developers to make sure they’re using the proper version of Xcode to rebuild their apps."XcodeGhost affected dozens (http://forums.macrumors.com/threads/what-you-need-to-know-about-ios-malware-xcodeghost.1918784/#post-21896151), and possibly hundreds, of App Store apps. iPhone, iPad and iPod touch users should read what you need to know about XcodeGhost (http://www.macrumors.com/2015/09/20/xcodeghost-chinese-malware-faq/) to learn more about the malware and how to keep yourself protected. Recent Mac and iOS Blog Stories • Apple Gives Roundhouse Music Venue 'Environmental Makeover' (http://www.macrumors.com/2015/09/21/apple-roundhouse-environmental-makeover/) • How to Save Battery Life in iOS 9 With Low Power Mode (http://www.macrumors.com/how-to/ios-9-low-power-mode/) • Apple Files Trademark Application for HomeKit 'Home' Icon (http://www.macrumors.com/2015/09/21/apple-homekit-icon-trademark/) • New 'Steve Jobs' TV Spot Calls Upcoming Movie a 'Must-See' (http://www.macrumors.com/2015/09/21/new-steve-jobs-tv-spot-must-see/) • One Day Sale: $300 Discount on 2015 15" Retina MacBook Pro (http://www.macrumors.com/2015/09/21/300-discount-retina-macbook-pro/) • Samsung May Follow Apple by Launching Smartphone Leasing Program (http://www.macrumors.com/2015/09/20/samsung-smartphone-leasing-program-rumor/) • Nomad Review: The Pod is an Apple Watch Stand Made for Off-the-Grid Travel With its Built-In Battery (http://www.macrumors.com/review/nomad-pod-apple-watch-stand/) • Buyer's Guide: Discounts on iPad Mini 3, Retina MacBook Pro, Apple Accessories and More (http://www.macrumors.com/2015/09/18/buyers-guide-deals-september-18-2015/) <br clear='all'/> <a href="http://rc.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/rc/1/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/rc/1/rc.img" border="0"/>[/url] <a href="http://rc.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/rc/2/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/rc/2/rc.img" border="0"/>[/url] <a href="http://rc.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/rc/3/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/rc/3/rc.img" border="0"/>[/url] <img src="http://da.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/a2.img" border="0"/> (http://da.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/a2.htm) <img src="http://adchoice.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/ach.img" border="0"/> (http://adchoice.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/ach.htm)<img width="1" height="1" src="http://pi.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/a2t.img" border="0"/><img width="1" height="1" src="http://pi2.feedsportal.com/r/238386214719/u/49/f/648327/c/35070/s/4a1221a8/sc/28/a2t2.img" border="0"/><img width='1' height='1' src='(http://rss.feedsportal.com/c/35070/f/648327/s/4a1221a8/sc/28/mf.gif)' border='0'/><div class="feedflare"> <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=8_n4KxKSr44:OJqsMb_bF2M:yIl2AUoC8zA) <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=8_n4KxKSr44:OJqsMb_bF2M:6W8y8wAjSf4) <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=8_n4KxKSr44:OJqsMb_bF2M:qj6IDK7rITs) </div><img src="http://feeds.feedburner.com/~r/MacRumors-Front/~4/8_n4KxKSr44" height="1" width="1" alt=""/> Source: Apple Outlines Steps for Developers to Validate Xcode Following Malware Attack (http://www.macrumors.com/2015/09/22/apple-xcode-validation-steps/) |