An independent researcher compiled a list of known Apple OSX-related vulnerabilities, including one that affects the Sparkle Updater Framework. I’ve just checked my Mac with this command find /Applications -name Sparkle.framework and found that DikeX, the old version of the digital-signature tool released by Infocert S.p.a., uses Sparkle. I don’t know if the software is … Continue reading Italian Digital Signature Software Exposed to Man-in-the-middle Attack?