Its online services include the iTunes Store, the iOS App Store and Mac App Store, Apple Music, and iCloud. Apple was founded by Steve Jobs, Steve Wozniak, and Ronald Wayne in April 1976 to develop and sell Wozniak's Apple I personal computer.
Hello, I understand you don't offer family licences for 1password anymore if you purchase from the Mac App Store (which we have to do if we want the price to include the upgrade to 4). So here's the question - when you buy from the app store, (say Photoshop), and install it on your computer, it's then available for use on all user accounts on that computer. Is this the case for 1password? In other words, when my wife is logged into her account on my computer that has 1password, will she be able to use it, as with other purchases on the app store or is 1password different?
MAC APP STORE PRODUCT USAGE RULES Except as otherwise set forth herein, (i) You may download and use an application from the Mac App Store (“Mac App Store Product”) for personal, non-commercial use on any Apple-branded products running Mac OS X (“Mac Computer”) that you own or control. (ii) If you are a commercial enterprise or educational institution, you may download a Mac App Store Product for use by either (a) a single individual on each of the Mac Computer(s) used by that individual that you own or control or ( b ) multiple individuals on a single shared Mac Computer that you own or control. For example, a single employee may use a Mac App Store Product on both the employee’s desktop Mac Computer and laptop Mac Computer, or multiple students may serially use a Mac App Store Product on a single Mac Computer located at a resource center or library.
For the sake of clarity, each Mac Computer used serially by multiple users requires a separate license. (iii) Use may require sign-in with the Apple ID used to download the Mac App Store Product from the Mac App Store. Mac App Store Products can be updated through the Mac App Store only. Further clarification from the: Can I buy an app on one Mac for use on all my computers?
Yes, you can install apps bought from the Mac App Store on any and every Mac that you personally own and use. What about the five-Mac restriction that I have with videos I bought from iTunes? Does that work for Apps too? Apps don't check to see if you've using an iTunes-authorized Mac. They can ask you to verify your Apple ID and password, but that's a single check and it's just to verify you are who you say you are. Once your identity is verified, that's it. There's no authorizing or deauthorizing or counting of different Macs.
Does that mean I could buy one copy of an app and install it on every Mac in my business? No, the license you agree to when you enter the Mac App Store says that app downloads are for Macs that you personally own, and that's a license for personal use.
Apps that are intended for business and professional use are licensed differently, typically to you or for a single computer, but used by several people. While there's no technical impediment to you installing them on multiple Macs at work, you'll be violating the license agreement. It's the same scenario as if you buy a single-user copy of iWork and install it on ten Macs at work—you can do it, but you're violating the license agreement, making the act ethically questionable. Are there family pack licensing options in the App Store?
No, apps are purchased for and owned by a user linked to a single Apple ID. But if you log in with that ID on all the Macs in your household, you can download and install your apps on each one. In most cases the Mac App Store licensing is less restrictive than our own Family License. In your case it won't make a bit of difference.
I hope that helps. Please let me know if you have any further questions or concerns.
+ + How Safe Is the Mac App Store? Privacy-Violating Apps Uncovered Posted on September 11th, 2018 by Security professionals often advise users that Apple's Mac App Store is one of the safest places to download apps. After all, Apple has a review process that's supposed to help prevent potentially harmful apps from ever being published. Additionally, App Store apps are, which is supposed to limit apps' ability to engage in undesirable behavior. Together, Apple's app review process and sandboxing theoretically make the App Store a more trustworthy software source than most. Lo and behold, new information has come to light that calls into question the safety of the App Store platform. Many apps have recently been caught doing unscrupulous things, circumventing protections supposedly provided by the App Store, and invading users' privacy.
So then, just how safe is the Mac App Store? And what should Mac users do?
Multiple Independent Sources Find Privacy-Violating Apps Last Friday, a few Mac security researchers independently published their findings regarding a number of Mac App Store apps that employ questionable tactics, violate Apple's guidelines, and spy on victims' computer activity. A Twitter user going by the name 'Privacy 1st' recently found some suspicious behavior in a popular App Store app, called Adware Doctor (full App Store title: ' Adware Doctor:Anti Malware &Ad') and began tweeting about it. Privacy 1st reached out to a Mac security researcher, Patrick Wardle, who did further investigation of his own. Privacy 1st and Wardle that Adware Doctor—which recently achieved App Store stardom as #1 in Top Paid Utilities and #4 in Top Paid Apps—was stealing users' browsing history and more. Adware Doctor steals Chrome, Firefox, and Safari browsing history, among other things. Image: For an app that claims to search for adware on the user's account, it's no surprise that Adware Doctor requests access to the user's home directory, since that's where any adware would reside. However, after the user grants this access, the app proceeds to do some questionable things—unrelated to the adware scan—without informing the user.
In the background, Adware Doctor creates a password-protected zip archive containing the user's Chrome, Firefox, and Safari browsing history, as well as the user's App Store search history and a list of all the running apps, and then sends that zip archive to a server that's evidently located in China. All of this is done without the victim's knowledge or consent. This behavior is not at all justifiable.
![For For](/uploads/1/2/5/6/125613891/326515791.jpg)
Another researcher, Thomas Reed, in a follow-up article that one could argue that a malware or adware cleaning app might want to check recently browsed sites in an attempt to identify and report back about the source of an infection; however, the user is never informed about or asked to consent to this activity, which takes place surreptitiously in the background—even when no adware is found on the system. Web browsing history can contain very private, personal, or sensitive information. Often it can contain personally identifiable information, or strong clues as to the exact identity of the user. It may reveal things such as home and work addresses (e.g.
Via Google Maps searches), medical conditions (e.g. Via search engine or medical site queries), sexual preferences (e.g. via the types of dating sites visited), and a multitude of other things that should not be freely available to an app developer without obtaining the user's explicit consent. Which Apps Behaved This Way? Unfortunately, Adware Doctor was just the tip of the iceberg.
Researchers warned of several other Mac App Store apps that have been behaving in similar manner, collecting browser history without the user's consent, and even compressing it into a password-protected zip file and sending it off to the developer, just like Adware Doctor was doing. Adware Doctor and two other apps (' Komros Anti Malware & Adware' and ' AdBlock Master:Block Popup Ads') by the same developer, Yongming Zhang, were removed from the Mac App Store on Friday after the publication of Wardle's article—a month after Privacy 1st and Wardle reported the illegitimate behavior to Apple. But it wasn't just a single rogue developer engaging in these privacy-compromising tactics. Three additional apps, evidently developed by the 30-year-old security company Trend Micro, were called out by Reed and a forum user known as 'PeterNopSled' for using the same technique to exfiltrate users' browsing history as far back as December 2017:. Dr. Antivirus.
Dr. Cleaner. Open Any Files: RAR Support The latter app, Open Any Files, seems to have been removed from the App Store sometime over the weekend.
On Sunday, eight more Trend Micro apps were pulled from the Mac App Store, including the aforementioned Dr. Antivirus and Dr. Cleaner apps, and Dr. Unarchiver which was by 9to5Mac's Guilherme Rambo:.
Dr. Antivirus: Remove Malware. Dr. Cleaner: Disk, Mem Clean. Dr. Cleaner Pro: System Clean.
Dr. Cleaner Elite - Disk, Memory, System Optimizer. Dr.
Unarchiver: RAR & Zip Tool. Dr. Battery: Health Monitor. Duplicate Finder - File Clean. No Sleep:Keep screen light on. Several apps evidently published by Trend Micro were removed from the Mac App Store on Sunday and early Monday—all the apps shown here except for the two Wi-Fi apps. In the early hours of Monday morning, another app, App Uninstall: Remove Application and Its Service Files for Complete Uninstallation, was removed from the App Store, leaving only two Trend Micro apps remaining in the store: 'Dr.
Wifi: speed & signal test' and 'Network Scanner: WiFi Security.' Incidentally, Microsoft's Windows application store still lists Windows 10 versions of at least two of these apps,.
It is not yet known whether the Windows versions attempt to exfiltrate similar data, but suggest that the apps may have been ported from Mac to Windows, so it's possible that they might contain similar functionality. Trend Micro has issued a, saying, 'Windows products and enterprise products do not have this feature'; see below to read more from the statement. Did Trend Micro Really Develop Spyware? One might reasonably ask whether the apps listed above are really from Trend Micro, or whether they were created by someone merely claiming to be Trend Micro to benefit from the company's reputation.
Evidence suggested but did not conclusively prove that the apps may have been developed by Trend Micro. The zip files collected by the apps are uploaded to update.appletuner.trendmicro․com, a subdomain of Trend Micro's main site. Additionally, a May 2018 on Trend Micro's blog advertises and links to Dr. Antivirus, Dr.
Unarchiver, and Dr. Battery in the Mac App Store. What remained unclear is when and why the data exfiltration began.
Had exfiltration always been a 'feature' of these products, or was it only added recently, and what was the purpose of collecting this private data? Was the company massively compromised by an attacker? Was there a rogue developer within the company?
Did the company somehow forget to ask users' permission before taking their private data? Even if the apps were acquired by Trend Micro through an acquisition (which is merely one theory), that would not fully explain how the data began to be exfiltrated to a Trend Micro server without the company knowing it was collecting users' browser history. On Monday, Trend Micro issued a, which reads, in part: Trend Micro has completed an initial investigation of a privacy concern related to some of its MacOS sic consumer products.
The results confirm that Dr Cleaner, Dr Cleaner Pro, Dr. Antivirus, Dr. Unarchiver, Dr. Battery, and Duplicate Finder collected and uploaded a small snapshot of the browser history on a one-time basis, covering the 24 hours prior to installation.
This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service). The data collected was explicitly identified to the customer in the data collection policy and is highlighted to the user during the install. The browser history data was uploaded to a U.S.-based server hosted by AWS and managed/controlled by Trend Micro.
Trend Micro is taking customer concerns seriously and has decided to remove this browser history collection capability from the products. Following Trend Micro's statement, Reed publicly that when he had installed the apps, he had looked for any notification within the apps that disclosed the data collection but 'did not find any,' and that he was willing to share those versions of the apps with other researchers who wished to verify this. Trend Micro further updated their statement on Tuesday, adding that they 'have permanently dumped all legacy logs,' but they made no statement about what they would do to either prevent or automatically delete future logs that old versions of the app may attempt to upload. The company also stated:. we believe we identified a core issue which is humbly the result of the use of common code libraries. We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion. This has been corrected.
The implication is that Dr. Antivirus was supposed to have collected browser history as an intended feature, but several other Trend Micro consumer Mac apps had reused the same code. What Can Be Done About This? Apple has removed the known offending apps from the Mac App Store.
However, a more thorough investigation of App Store apps is certainly warranted. The Mac App Store contains a plethora of obscure and questionable-looking apps that claim to 'clean' or 'scan' one's system, all of which presumably request full access to the user's home directory and could potentially exhibit similar behaviors. If you've purchased or downloaded an app within the last 90 days that you believe may be malicious, you can go to (or e-mail with a link to the offending app) to file a report with Apple or to request a refund. Of course, if your private information has already been exfiltrated, you won't be able to get it back. Can the App Store Be Trusted? In spite of the rather unfortunate news about the misbehavior of App Store apps and the delays of up to nine months prior to Apple removing them, obtaining software through the Mac App Store is still probably somewhat safer than doing a Google search for an app and clicking on whatever you happen to see in the results.
It still takes a bit more effort for shady developers to circumvent Apple's review process, and Apple should certainly learn from this incident and add detection for similar behavior into its app review workflow. It's clear that one should not blindly trust everything in the App Store—on macOS or even on iOS. (Incidentally, Forbes late Friday that an iOS security researcher, Will Strafach, warned about iPhone apps 'covertly' selling users' location data.) How to stay safe when shopping in Apple's Mac or iOS App Stores:. Whenever possible, stick with developers you already know and trust. If you must download an app from a developer you don't know, check out their other apps, and try to look up the developer to see if you can find out anything about their reputation.
Don't automatically trust excessively positive app reviews or apps with an unusually high volume of positive reviews; sometimes fake or paid reviews are mixed in to make an app seem more popular or trustworthy than it really is. Check out what the more critical reviews have said by selecting 'Most Critical' from the 'Sort By:' menu. Read the app's privacy policy; all App Store apps submitted or updated on or after October 3, 2018 will be to have a privacy policy. In the Mac App Store, you can sort user reviews by most critical first.
While not foolproof, these tips should help you make more informed choices about the apps you choose to download from the iOS and Mac App Stores. Where Can I Learn More? Keep an eye on The Mac Security Blog for updates on this story as well as other Mac news and security and privacy stories. We'll talk about the safety of the App Store on an upcoming episode of the Intego Mac Podcast.
To make sure you don't miss an episode! Further reading:. About Joshua Long Joshua Long , Intego's Chief Security Analyst, is a renowned security researcher and writer. Josh has a master's degree in IT concentrating in Internet Security and has taken doctorate-level coursework in Business Administration and Computer and Information Security. His research has been featured by many fine publications such as CNET, CBS News, ZDNet UK, Lifehacker, CIO, Macworld, The Register, and MacTech Magazine. Look for more of Josh's security articles at and follow him on.
This entry was posted in, and tagged,. Bookmark the.