A security researcher who last year bypassed Apple‘s then-newly introduced macOS privacy feature has once again found a new way to bypass security warnings by performing ‘Synthetic Clicks’ on behalf of users without requiring their interaction.
Last June, Apple introduced a core security feature in MacOS that made it mandatory for all applications to take permission (“allow” or “deny”) from users before accessing sensitive data or components on the system, including the device camera or microphone, location data, messages, and browsing history.
For those unaware, ‘Synthetic Clicks’ are programmatic and invisible mouse clicks that are generated by a software program rather than a human.
MacOS itself has built-in functionality for synthetic clicks, but as an accessibility feature for disabled people to interact with the system interface in non-traditional ways.
images from Hacker News