Path: ...!news.misty.com!weretis.net!feeder9.news.weretis.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: Andrew <andrew@spam.net>
Newsgroups: misc.phone.mobile.iphone,comp.sys.mac.apps
Subject: Re: Orphaned CodoPods are found in Apple software
Date: Mon, 8 Jul 2024 03:07:02 -0000 (UTC)
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID: <v6fl4m$21bp$1@nnrp.usenet.blueworldhosting.com>
References: <v6brna$16iit$1@news.samoylyk.net> <rzeiO.8448$pVB9.6500@fx34.iad> <v6c85a$17bja$1@news.samoylyk.net> <v6c8sk$9fdv$1@solani.org> <letr8cFge14U2@mid.individual.net> <v6cjb6$9l4b$1@solani.org> <v6ckup$186t1$1@news.samoylyk.net> <v6cl62$qsv$1@dont-email.me> <v6clj5$188a3$1@news.samoylyk.net> <i7viO.11484$6eV2.9842@fx12.iad>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 8 Jul 2024 03:07:02 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com;
	logging-data="66937"; mail-complaints-to="usenet@blueworldhosting.com"
User-Agent: NewsTap/5.5 (iPad)
Cancel-Lock: sha1:SQPR5O6cCNtH1ZVusNrF0ivPPK4= sha256:dczTGgPUFkmabdc/o69I2DBvRXD83cFQYF+CHx3gcNw=
	sha1:tp/0wlUgXygdaX06tzEdYZp1deA= sha256:Tc/XIaN4lKKsKkjUf+hZdlVnvLIGIWrqBSg8bzj2S0E=
X-Face: VQ}*Ueh[4uTOa]Md([|$jb%rw~ksq}bzqA;z-.*8JM`4+zL[`N\ORHCI80}]}$]$e5]/i#v  qdYsE`yh@ZL3L{H:So{yN)b=AZJtpaP98ch_4W}
Bytes: 1971
Lines: 12

Alan Browne wrote on Sun, 7 Jul 2024 07:38:54 -0400 :

> As explained:
> 1. 3rd party tool/code base.
> 2. Did any malicious code get released this way?  (to trigger Apple's 
> malicious code detection).

https://www.darkreading.com/cloud-security/apple-cocoapods-bugs-expose-apps-code-injection

What kind of ecosystem is so primitive that ANYONE ON THE PLANET could
modify any of three million iOS/macOS apps at will - whenever they want?

For ten years!