For those who’ve acquired on this weblog (instantly, or through syndication) you’d must have been residing underneath a rock to not know in regards to the libwebp supply chain disaster. An unlucky casualty of inept programming simply occurred to be any app within the Electron ecosystem that doesn’t bear bleeding-edge updates.
Former cow-orker Tom Sellers (probably the greatest people in cyber) did an awesome service to the macOS consumer neighborhood with tips about how to stay safe on macOS. His discover + strings + grep combo was fantastically useful and I hope many macOS customers did the command line dance to see how negligent their app suppliers had been/are.
However, you continue to must know what variations are OK and which of them are usually not to try this dance. And, having had yet-another immune system invasion (fortunately, not COVID, once more) on prime of nonetheless working by means of lengthy COVID (#protip: chances are you’ll be over the pandemic, however I assure it’s not completed with you/us for some time) which re-sapped mobility power, I put my sedentary time to much less woesome use by hacking collectively a small, Golang macOS CLI to assist ferret out unhealthy Electron-based apps you will have put in.
I named it positronsince that’s form of the alternative of Electron, and I used to be fairly creativity-challenged at the moment.
It does just about the identical factor as Tom’s strings and grep does, simply in a single, light-weight, common, signed macOS binary.
Once I ran it after the ultimate construct, all my Electron-based apps had been 
. After deleting some, and updating others, that is my present standing:
$ discover /Purposes -type f -name "*Electron Framework*" -exec ./positron "{}" ;
/Purposes/Sign.app: Chrome/114.0.5735.289 Electron/25.8.4 🟢
/Purposes/Keybase.app: Chrome/87.0.4280.141 Electron/11.5.0 🔴
/Purposes/Raindrop.io.app: Chrome/102.0.5005.167 Electron/19.0.17 🔴
/Purposes/1Password.app: Chrome/114.0.5735.289 Electron/25.8.1 🟢
/Purposes/Replit.app: Chrome/116.0.5845.188 Electron/26.2.1 🟢
/Purposes/lghub.app: Chrome/104.0.5112.65 Electron/20.0.0 🔴
It’s nonetheless on you to do the discover (cooler of us run fd) since I’m not about to jot down a program that’ll rummage throughout your SSDs or disc drives, but it surely does all of the MachO inspection internally, after which additionally does the SemVer comparability to let which apps nonetheless suck at conserving you protected.
FWIW, the Keybase of us did settle for a PR for the libwebp factor, however darned if I’ll spend any time constructing it (I don’t run it anymore, anyway, so I ought to simply delete it).
The aforementioned signed, common, macOS binary is within the GitLab releases.
Keep protected on the market!
*** This can be a Safety Bloggers Community syndicated weblog from rud.is authored by hrbrmstr. Learn the unique publish at: https://rud.is/b/2023/09/30/avoid-libwebp-electron-woes-on-macos-with-positron/
Unique Submit URL: https://securityboulevard.com/2023/09/avoid-libwebp-electron-woes-on-macos-with-positron/
Class & Tags: Safety Bloggers Community,Cybersecurity,Go,golang,Data Safety,macos – Safety Bloggers Community,Cybersecurity,Go,golang,Data Safety,macos
Author: hrbrmstr
Date: 2023-09-30 22:46:11
