Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

way77

macrumors member
Original poster
Oct 26, 2006
43
1
On the Waters...
I ordered a Huion graphics input pad. You have to download the driver from their website. Upon installation it requires Accessibility access under Security & Privacy in system pref. I stopped there and deleted the app.

Is this truly a potential security issue? I prechecked before and after with anti-virus programs and found nothing but the worry remains. Like the hardware, the software I don't trust.

Also why can't Apple limit apps like this to specific programs (e.g. Photoshop, Affinity) instead of giving them system wide access?
 

SecuritySteve

macrumors 6502a
Jul 6, 2017
951
1,086
California
From a security perspective, granting accessibility permissions only allows the device to gain access to physical I/O privileges. Generally, when attackers want to gain privileges on a system they are looking for ways to get from standard user to admin or higher.

The only attack vector that an attacker can leverage when you give accessibility privileges for a device like an input pad is by physically being present at your computer and manipulating the I/O (probably destroying) your input device. So if you're not worried about local attackers you don't need to worry about accessibility privileges for peripheral devices.

There is probably an exception to be made for remote attacks against cameras specifically, but that doesn't apply to this case.
 
  • Like
Reactions: way77

way77

macrumors member
Original poster
Oct 26, 2006
43
1
On the Waters...
From a security perspective, granting accessibility permissions only allows the device to gain access to physical I/O privileges. Generally, when attackers want to gain privileges on a system they are looking for ways to get from standard user to admin or higher.

The only attack vector that an attacker can leverage when you give accessibility privileges for a device like an input pad is by physically being present at your computer and manipulating the I/O (probably destroying) your input device. So if you're not worried about local attackers you don't need to worry about accessibility privileges for peripheral devices.

There is probably an exception to be made for remote attacks against cameras specifically, but that doesn't apply to this case.
Could they install some type of hidden keylogging if one grants them accessibility? Would anti virus software detect this?
 

bogdanw

macrumors 603
Mar 10, 2009
6,145
3,042
Could they install some type of hidden keylogging if one grants them accessibility? Would anti virus software detect this?
In theory, everything is possible. But I don’t see why they would destroy their business with such a thing.
Download the software only from the official site, you can scan the dmg on https://www.virustotal.com/ and you can easily prevent the app communicating over the Internet with a firewall.
If you don’t use it everyday, you can delete the permission form System Preferences or from Terminal with

Code:
sudo sqlite3 /Library/Application\ Support/com.apple.TCC/TCC.db "delete from access where client='com.huion.HuionTablet' and service='kTCCServiceAccessibility';"
 
  • Like
Reactions: way77

way77

macrumors member
Original poster
Oct 26, 2006
43
1
On the Waters...
In theory, everything is possible. But I don’t see why they would destroy their business with such a thing.
Download the software only from the official site, you can scan the dmg on https://www.virustotal.com/ and you can easily prevent the app communicating over the Internet with a firewall.
If you don’t use it everyday, you can delete the permission form System Preferences or from Terminal with
Thanks for the reply and the link. Do you mean turning accessibility on and off? For firewall, which is on, do you mean toggling app on and off via firewall options?

I checked out Objective-See. Looks like an impressive knowledge base for this kind of thing, though most of it is Greek to me.
 

bogdanw

macrumors 603
Mar 10, 2009
6,145
3,042
Do you mean turning accessibility on and off?
Yes, unchecking or deleting the Huion app from System Preferences – Accessibility. You can check/add it again when needed.
For firewall, which is on, do you mean toggling app on and off via firewall options?
Using a firewall, like LuLu https://objective-see.com/products.html or Little Snitch https://www.obdev.at/products/littlesnitch/index.html, to block all connections that the Huion app might initiate.
 
  • Like
Reactions: way77
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.