You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: gordonreed
gordonreed Author
User level: Level 1
10 points

Migration Assistant Security Issue

This security issue with Migration Assistant was sent to Apple.


I purchased a New MacBook Pro M2 max and started to transfer the data from my old Mac Pro using Migration Assistant. When I started the transfer, I received a warning or error message which stated I needed to turn off the firewall. I received this message on both computers. I tried several times to use Migration Assistant without turning off the firewall, but it simply would not work.  I turned off both firewalls, the Migration Assistant started working, and it took about four hours to transfer the data.


Shortly after the Migration Assistant finished, I turned both firewalls back on, but it was too late. I use the wallet on the computer and iPhone. I had three credit and debit cards, including Apple Pay, in my wallet. I received a fraud notification on my iPhone alerting me that one of my debit cards had been used in San Francisco by DoorDash. The card was used three different times.  


This message is to alert Apple of the security breach when using Migration Assistant. I hope Apple will take this message seriously so that other Apple customers do not suffer the same fraudulent action that occurred when I transferred data using Migration Assistant.


After receiving the fraud notification, I  immediately changed my password. I hope this alert will help Apple reprogram the Migration Assistant so this does not happen to anyone else. I do not know to whom to send this information; if you could assist me with emails to the appropriate divisions in Apple, I would appreciate your assistance.


This is Apple's Response


We’re unable to identify a security issue in your report.


We reviewed your report, and we're unable to identify a security issue. If you have new information that you didn't include in your report, providing it now may allow us to review your report further.


A follow-up report was submitted to Apple


The security issue is that you must turn off your firewall to use Migration Assistant. During the time the firewall is off, your computer is very vulnerable to attack from hackers. There must be a way to use Migration Assistant to leave the firewall on. I am sure a large percentage of Apple users use wallet. Once they have access to your computer, all your credit and debit cards are vulnerable. I am in Colorado and also have my driver's license in my wallet. All of this information was stolen and used by the hackers. This is a very serious security breach by anyone using Migration Assistant to transfer data to their new computer. 


My other question is, how did the hackers know I was using Migration Assistant to transfer data when my firewall was off?

Apple's response to the second report was the same as their first. Shouldn't Apple be more concerned with this issue?

MacBook Pro Apple Silicon 2023

Posted on Jan 30, 2023 4:59 PM

Reply
Question marked as Top-ranking reply
User profile for user: John Galt
John Galt
User level: Level 10
145,590 points

Posted on Jan 31, 2023 6:01 AM

Having said that, why does Apple not explain the problem as you did?


😆


Apple is averse to explaining anything. Everything should "just work". If something needs instructions or even an explanation it's too complicated.


Admittedly that is somewhat of an exaggeration but it encompasses Apple's design philosophy on many levels. Adding their near-maniacal approach to security frustrates many people interested in more than the most superficial details. Merely asking about system security is often greeted by a brick wall of silence.


On that subject Ethernet is always preferable to wireless, but it's obviously much less convenient. Apple is all about convenience.

View in context

Similar questions

9 replies
Question marked as Top-ranking reply
User profile for user: John Galt
John Galt
User level: Level 10
145,590 points

Jan 31, 2023 6:01 AM in response to gordonreed

Having said that, why does Apple not explain the problem as you did?


😆


Apple is averse to explaining anything. Everything should "just work". If something needs instructions or even an explanation it's too complicated.


Admittedly that is somewhat of an exaggeration but it encompasses Apple's design philosophy on many levels. Adding their near-maniacal approach to security frustrates many people interested in more than the most superficial details. Merely asking about system security is often greeted by a brick wall of silence.


On that subject Ethernet is always preferable to wireless, but it's obviously much less convenient. Apple is all about convenience.

Reply
User profile for user: John Galt
John Galt
User level: Level 10
145,590 points

Jan 30, 2023 5:23 PM in response to gordonreed

The macOS application firewall is appropriate for use if there are other client users of the local network used for the transfer.


If you performed the transfer wirelessly, on a wireless network that you own and control, one protected by a secure password, using a router that is similarly protected from alteration or malicious interference, then the firewall serves no useful purpose because its traffic remains within that network. Nothing goes beyond your router, assuming again that router is under your exclusive control and its firmware has not been maliciously altered.


Those are a lot of caveats but the point is the application firewall is only one component of what must be a multilayered security strategy. The breach you describe would concern anyone, but there is a lot more to it than that. By itself, the application firewall is just a nuisance and provides little in the way of security. It is primarily a marketing feature. That is not an exaggeration.


To report a security vulnerability to Apple read Report a security or privacy vulnerability - Apple Support. No one on this website can do anything about it.

Reply
User profile for user: gordonreed
gordonreed Author
User level: Level 1
10 points

Jan 31, 2023 5:38 AM in response to John Galt

Thank you for your response. I believe I understand the problem. However, my degree is not in IT, and I am 78 years old. Having said that, why does Apple not explain the problem as you did? The only advice by Apple when using Migration Assistant is to make sure both computers are on the same internet service using the same OS. I am sure others do not have the information you presented. It remains a security issue Apple should and must address. If using wire connections is the safe way to proceed, Apple should endorse that procedure.

Reply
User profile for user: Barney-15E
Barney-15E
User level: Level 10
115,852 points

Jan 31, 2023 6:35 AM in response to gordonreed

gordonreed wrote:

Thank you for your response. I believe I understand the problem. However, my degree is not in IT, and I am 78 years old. Having said that, why does Apple not explain the problem as you did? The only advice by Apple when using Migration Assistant is to make sure both computers are on the same internet service using the same OS. I am sure others do not have the information you presented. It remains a security issue Apple should and must address. If using wire connections is the safe way to proceed, Apple should endorse that procedure.

Are you saying you used Migration Assistant over a public WiFi network?

If not, and you were on your own private WiFi network, that's not how your credit card information was stolen.

I don't even think that information could be lifted from Migration Assistant traffic on a public WiFi.

Reply
User profile for user: gordonreed
gordonreed Author
User level: Level 1
10 points

Jan 31, 2023 8:46 AM in response to gordonreed

Yes, I was on my own private WiFi network, I use Xfinite or Comcast which is suppose to have an internal security system. I really do not know how they could access my system or break into my system without the firewall being off. I know very little about IT but thought Apple was pretty secure. Maybe I sould buy my own security program? Thank you for responding. All the information helps.

Reply
User profile for user: Barney-15E
Barney-15E
User level: Level 10
115,852 points

Jan 31, 2023 3:18 PM in response to gordonreed

gordonreed wrote:

Yes, I was on my own private WiFi network, I use Xfinite or Comcast which is suppose to have an internal security system. I really do not know how they could access my system or break into my system without the firewall being off. I know very little about IT but thought Apple was pretty secure. Maybe I sould buy my own security program? Thank you for responding. All the information helps.

If it were possible to break into you Mac through your NAT router, the Application Firewall in macOS would not have stopped anything. A firewall is not a security tool. It is a network management tool to isolate parts of the LAN from other parts and devices.


Reply

Migration Assistant Security Issue

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up