On Monday, Apple released macOS 10.14 Mojave. One of the new features is supposed to be enhanced privacy protection for Mac users. However, holes that would allow malware to bypass this privacy protection have already been discovered by Patrick Wardle and SentinelOne. I've discovered a third. I emailed all of the details of my discovery to Apple product security on Monday evening. I'm publicly disclosing that I've found a privacy protection bypass, but I won't publicly disclose the details of that bypass now. I will disclose them at some point in the future, though I currently have no timeline for that. We'll see what Apple does. In the meantime, I'll offer a few points of clarification:
ssh) and Wardle. I don't know what Patrick's attack vector is, but I did ask him if he used mine, and he said no. So there are at least 3 different privacy protection bypasses in Mojave. I suspect that there are even more.
Biographical note: I have a CVE to my credit and have found a few other privacy and security issues.