What Happened to My Mac? Apple’s OCSP Apocalypse.

Last week, just after we covered the release of Big Sur, many macOS users around the world experienced something unprecedented on the platform: a widespread outage of an obscure Apple service caused users worldwide to be unable to launch 3rd party applications. Already being dubbed the “Apple Apocalypse” or “OCSP Apocalypse”, the cause was down to a little-known but essential service called “Online Certificate Status Protocol”. In this post, we look at what OCSP is, explain why it affected Macs so severely, and discuss some of the implications that have arisen in light of this unusual event.

Publicado noviembre 23, 2020 en Atlantic Pacific



Why Your Mac Couldn’t Launch 3rd Party Applications

On Thursday, users on Twitter and other social media platforms began complaining that their Mac computers were becoming unresponsive, hanging and unable to launch or install many 3rd party applications.

As the somewhat sparse man page tells us, trustd is a service that evaluates trust in certificates for all processes on the system.

As it goes about its business, trustd makes a network call to a service called “ocsp” – Online Certificate Status Protocol.

The purpose of the OCSP call is to check whether a piece of software being launched has had its developer certificate revoked. Revoking developer certificates is one way that Apple deal with known malware. By using an OCSP responder service, Apple hope to prevent any software whose certificate has been revoked from launching on pretty much all Macs anywhere within minutes. As was well-documented over the weekend, trustd employs a “fail-soft” call to Apple’s OCSP service: If the service is unavailable or the device itself is offline, trustd (to put it simply) goes ahead and “trusts” the app. After all, people aren’t always connected to the internet, and – as we find out from time to time when there’s a service outage – neither are Apple! However, in this particular case, ocsp.apple.com wasn’t in fact offline. The trustd service was able to reach the server, but the server was experiencing a slowdown. And now, rather than failing softly, trustd just kept hanging around for an answer…and users’ Macs just kept, well, hanging.

Para el ver artículo original: https://www.sentinelone.com/blog/what-happened-to-my-mac-apples-ocsp-apocalypse/

Últimos Artículos

La caída del héroe que paró el virus Wannacry
Acusan a Disney de rastrear a niños sin consentimiento a través de sus juegos para móviles
Por ciberataque, siete millones de venezolanos quedaron sin telefonía celular
Cierran AlphaBay y Hansa, dos de las web oscuras más grandes
El troyano Remtasu está detrás de las falsas fotomultas en Colombia
¿Cómo está Iberoamérica en seguridad informática?
Las mejores extensiones de Firefox para mejorar tu seguridad y privacidad
14 millones de clientes de Verizon se han visto afectados por la filtración de sus datos
NotPeyta, ¿un acto de ciberguerra?
Los peligros de la cara oculta de internet
Una nueva oleada de ataques pone en jaque a empresas de todo el mundo
Algunas empresas ceden y pagan a los ‘hackers’ para liberarse del ciberataque
Vladimir Alem, de SonicWall: “Con la nueva plataforma actualizamos al canal”
WannaCry confirma las tendencias sobre el gasto en seguridad como el más importante en inversión TI
¿Qué es y en qué se diferencia la Deep Web de la Darknet?