I believe they're saying it can open, it just can't send the data anywhere.
Seems a little excessive, but here we are.
It still can encrypt everything and demand you pay some ₿₿₿₿.
If it can open and write any file on the OS, it's pretty much game over. Too many ways to exfiltrate data even without network/socket access.
Worse, what keeps this from editing the config files for Little Snitch (or similar blockers)?
I believe LS has some protections against this. Never tried them, but there are config related security options, incl. protection against synthetic events. So they definitely put some thought into that.
File system permissions?
It still can encrypt everything and demand you pay some ₿₿₿₿.
If it can open and write any file on the OS, it's pretty much game over. Too many ways to exfiltrate data even without network/socket access.
Worse, what keeps this from editing the config files for Little Snitch (or similar blockers)?
I believe LS has some protections against this. Never tried them, but there are config related security options, incl. protection against synthetic events. So they definitely put some thought into that.
File system permissions?