Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 66 replies
  • Subscribers 6 subscribers
  • Views 265788 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mac OS X 10.9 "Mavericks" and SAV for Mac

bobcook

Apple released Mac OS X 10.9 "Mavericks" today, free for everyone with Snow Leopard or newer.

We've been testing our product with this release for many months now and had made numerous changes in version 9.0.3 (the version published about a month ago). The significant changes required were to change how we were building, codesigning, and installing our kernel extensions. You will now find two copies of our kext: one in /System/Library/Extensions and another in /Library/Extensions. This follows Apple's recommendation to support people transitioning from 10.8 to 10.9.

The kexts in /System/Library/Extensions are present for compatiblity with versions of Mac OS X prior to 10.9. Starting in "Mavericks" the location is /Library/Extensions. We are codesigning the kexts in /Library/Extensions to conform to Apple's security requirements.

If you have issues, please report them in this thread.

:1013899


This thread was automatically locked due to age.
Parents
  • 0

    Hi moto0000,

    Apologies if I've misunderstood, but looks like you are viewing one of our certificates used for validating software updates. It expires in 2024 and would not normally be trusted by your system. This is normal, because we validate this certificate ourselves (we don't need the system to do it).

    Not sure how familiar you are with certificates, but here is a quick overview:

    - an organization creates a "root" certificate pair (a public key and a private key)

    - this organization can create additional certificates (public and private keys) based on this "root"

    - this organization can safely distribute the public key to anyone who is interested

    - this organization must keep the private key secret (never share it with the public)

    - this organization can then "sign" files with the private key

    - anyone with the public key can verify that files were "signed" by the correct private key

    - it is impossible to create verifiable signatures using only the public key (or any other private key other than the original)

    So anyone can create their own "root" certificate and distribute the public key. This is what we do.

    Web browsers need to have a set of trusted root certificates to validate the authenticity of encrypted web traffic. You should never see the Sophos certificates involved in web traffic (we just use it for software validation). So its actually beneficial, for security reasons, to not let the system trust our certificate. But our software will trust it, which is what is necessary to prevent an attacker from tricking your computer to download a fake Sophos update.

    Hope that helps.

    :1014873
Reply
  • 0

    Hi moto0000,

    Apologies if I've misunderstood, but looks like you are viewing one of our certificates used for validating software updates. It expires in 2024 and would not normally be trusted by your system. This is normal, because we validate this certificate ourselves (we don't need the system to do it).

    Not sure how familiar you are with certificates, but here is a quick overview:

    - an organization creates a "root" certificate pair (a public key and a private key)

    - this organization can create additional certificates (public and private keys) based on this "root"

    - this organization can safely distribute the public key to anyone who is interested

    - this organization must keep the private key secret (never share it with the public)

    - this organization can then "sign" files with the private key

    - anyone with the public key can verify that files were "signed" by the correct private key

    - it is impossible to create verifiable signatures using only the public key (or any other private key other than the original)

    So anyone can create their own "root" certificate and distribute the public key. This is what we do.

    Web browsers need to have a set of trusted root certificates to validate the authenticity of encrypted web traffic. You should never see the Sophos certificates involved in web traffic (we just use it for software validation). So its actually beneficial, for security reasons, to not let the system trust our certificate. But our software will trust it, which is what is necessary to prevent an attacker from tricking your computer to download a fake Sophos update.

    Hope that helps.

    :1014873
Children
No Data