XcodeGhost event follow-up Apple will download Xcode tools into the country

yesterday, senior vice president of Apple Corp Phil · Schiller (Phil Schiller) media interview last week, in response to "XCodeGhost Trojan infection event" on some unresolved problems, given the response.

XcodeGhost Trojan incident occurred last week is still fermenting, huge impact. Schiller said that this incident is caused by several common factors, Apple has a protective Gatekeeper and signature verification mechanism, but the application of Gatekeeper, and enter the copycat is closed, so that hackers can take advantage of.


Apple senior vice president Philip Schiller

first, the security of the outside world raised a big question, which Schiller responded that there is no perfect system, but Apple has been improving, but also because of this trojan incident and lessons learned. At the same time, Apple’s audit mechanism is still valid, that is, if there are missing shelves audit, it will quickly be infected with the application of the shelf, and contact the developer, asking them to use genuine Xcode development and application updates.

in order to prevent the application of the cottage into the situation, Schiller said Apple has decided to download the Xcode development tools from abroad to domestic, and related work has been started. According to Lei Feng network previously reported that the cause of this event is that developers have been tricked into the use of a forged Xcode tools for application development, I do not know the cottage version of the tool to compile the application is injected into the third party code. Due to the server in foreign countries, mainland Chinese developers to download Xcode from official channels is not easy, it is only 25 minutes to download it in the United States, China may take up to 3 times." Some developers therefore chose other non official channels to download the Xcode tool to make the virus.

previously, apple spokesman Monahan responded to the subsequent processing of XcodeGhost Trojan events, but she did not disclose the general user and what measures can be taken to ensure that their equipment is affected. Schiller also made an answer to this question in the interview: apple in the near future will be published in Apple’s official website (apple.com/cn) has been infected with the list of applications for users to view and compare. If there are downloaded these applications, as long as the general user updates to the latest version of the application can be.