Kiyaye labarai da abokan aikin Apple Security suka kawo mana a yau. A bayyane, gungun masu amfani sun ce idan muka samar da takaddun shaidar mai gudanarwa ga Dropbox don aikace-aikacen Mac, za mu iya samun batun tsaro mai mahimmanci tare da ka'idar.
Kamar yadda suke sanar da mu, Dropbox zai nema don samun damar gudanarwa akan kwamfutar mu, kuma da zarar tana da wannan damar, tana iya samun damar kowane gefen Mac ɗinmu.
Kanun labarai yana da matukar damuwa. Idan abin da aka zubarwa ga manema labarai gaskiya ne, ba zai da amfani ba idan muka share Dropbox (a cikin Saituna - Tsaro da Sirri - Sirri - Shiga ciki, wanda shine inda aikace-aikacen da zasu iya sarrafa na'urar mu suke), tunda yana bamu damar kawar da waɗancan izini ba tare da matsala ba. Amma abin ban dariya shine, lokacin da ka sake kunna Dropbox, za'a sake yinshi tare da izini iri ɗaya waɗanda muka ƙi a baya.
Kamfanin ya ƙaryata game da manyan zarge-zargen da suka bayyana game da wanda yake wakilta don Mac. A zahiri, takaddama tsakanin masu haɓaka ta fashe. Yayin da wasu ke tabbatar da hakan Dropbox yayi babban ƙoƙari don riƙe kalmomin shiga na mai gudanarwa na MacWasu kuma suna da'awar cewa ba a taɓa adana waɗannan kalmomin shiga ba kuma cewa Apple yana buƙatar inganta sadarwa game da amfani da izini don aikace-aikacen ɓangare na uku.
Sun sake maimaita cewa Dropbox yana amfani da dabarun tushen SQL ta hanyar bayanan TCC don ƙetare manufofin izini na Apple. An gano kuskuren tsaro a /Library/ApplicationSupport/com.apple.TCC/TCC.db, kamar yadda muke gani a ƙasa:
Wannan dabarar da Dropbox yayi amfani da ita don kewaye manufofin tsaro na kamfanin Cupertino, Hakanan za'a iya amfani dashi ta nau'in malware daban-daban. Koyaya, mun fahimci cewa masu haɓaka Apple zasuyi aiki tuƙuru don gyara kwari kamar wannan.
