Thank you for responding, Camelot, let me explain what I meant when I said, "Clearly, we should not be telling users that something related to 'remote management' has been modified and is in need of repair.'"
It would help if I explain my perspective just a bit. I'm a professional software developer, web developer, and server admin. I get to see the ugly side of the internet and deal with security issues and constant hack attempts. Every day my company's web server receives numerous hack attempts from around the world, home and abroad. This has made me acutely aware of the fact that we are not in Kansas anymore, and never will be again. So perhaps certain things seem clear to me, but are maybe not clear to most people.
So if you would please allow me, I'd like to make an analogy that I think will help you understand.
Connecting your computer to the internet is like moving from a house in the countryside on a private ranch, to a duplex apartment in a very bad neighborhood. Now imagine you know nothing about how lock mechanisms work, or how security systems work, or anything technical about houses or apartments beyond how to change a lightbulb—but you know crime is rampant in your neighborhood, and the criminals are very sophisticated indeed. Also imagine that, every few weeks, someone who has manufactured some part of your house, like the door locks, the windows, the vents, or the electrical system, etc., has to come out and update the security systems in light of some new vulnerability that was recently discovered, and they constantly recommend you to change the locks just in case someone got your key somehow.
Lastly, imagine that in the past few years, it was revealed to you that:
• government agents could break into your house and monitor everything you did without a warrant, without your consent, and without your knowledge, at any time, and you'd have no way to know if they had done so or were currently doing so;
• every bit of communication and activity that you have had inside your house could very well be stored on a government server somewhere;
• and the privacy blinds on your windows had multiple major security flaws that had existed for many years, which could have enabled anyone that felt like it, to eavesdrop on your communication and possibly gather copies of the keys to your locks, install secret monitoring equipment in your house, etc.
Most importantly these revelations proved beyond a doubt that you were, possibly intentionally, misled into believing that the systems and methods of security you were using were very secure indeed, and it would take even a motivated criminal a long time to break in—while all along, in fact, quite the opposite was true, unless you (being a very astute and maybe a paranoid person) took lengthy additional secondary security measures of your own, like keeping everything in your house inside of a good safe, speaking in an unknown dialect similar to Navajo in your house and on the phone, etc.
Now you're probably thinking, "Wow this guy is a paranoid tin-foil hat-wearer for sure!" But please, bear with me on this one, because I think you'll find that I'm a totally reasonable, rational person, and my concerns are not only more than justified, but also, Apple shares my concerns.
So now lets returning to our house/apartment analogy. To summarize, it was revealed to you that the security and privacy afforded to you by your apartment was largely an illusion because, dating back many years before you even moved into the place, huge vulnerabilities existed in the door locks and window blinds. You could have been violated at any time. When you moved in, you thought your apartment would be the most secure type of apartment in the city, and that you had such good locks and window blinds that even the most advanced thief would have trouble getting in. On a positive note, you know that it was still very unlikely that you were actually violated because, well, everyone else had these same vulnerabilities, too, and most people had way more. Plus, there was nothing special about you that would make you a target, right?
But still, there is a very bad taste lingering in your mouth. Your trust has been shaken, because the vulnerabilities that were recently discovered had been there for many years, and not only did none of the people responsible for your security even notice the whole time, but some of them were secretly violating everyone's privacy on a massive scale.
That being the case, you have no choice but to continue living in your apartment after these revelations, even though you still know very little to nothing about the inner workings of locks and windows and vents and blinds, and have no way to diagnose or repair them, except for a few self-diagnostic tools provided from the manufacturer.
Now imagine you are running one of those diagnostic tools one day, because you've noticed some things malfunctioning in your house. Your phone isn't working right, the sink won't turn on, and it takes forever to open your bedroom door. So you run a general scan to make sure that the security permissions are set correctly on everything, and a warning comes up that a file related to the remote monitoring of your house has been modified, may be damaged, and cannot be repaired. The equipment manufacturer tells you, "this is nothing to worry about."
Don't you think that would be unnerving? Clearly?
...
I am, of course, talking about the NSA and the revelations of Snowden, and the "Heartbleed" and "Shellshock" vulnerabilities, among many others, including OS X specific ones, that were revealed last year. Israeli cybersecurity expert Michael Mumcuoglu put it best in his blog, which I will quote directly from:
Anything with a CPU and an internet connection was most likely directly affected one of these vulnerabilities. Just to clarify – yes, we did write "anything with a CPU and an internet connection.”
- Heartbleed – affects over 66% of web servers
- Shellshock – affects any UNIX/Linux server
- Winshock – affects any Windows workstation
- Kerberos Checksum – affects any Windows-based network
What this means is that anyone that knew about these vulnerabilities could have simply:
- Accessed any web server’s private certificate, which would allow eavesdropping on encrypted web traffic or man-in-the-middle (MITM) attacks
- Remotely executed code on any UNIX/Linux internet servers, which would let them do essentially whatever they want
- Run code with highest privilege on any Windows workstation once it surfs to a specially-crafted web page (known as a “drive-by attack”)
- Taken Domain Admin privileges over managed corporate networks
Ancient Age
Malware and other recent and complex cyber attacks are downright fetal compared to our Four. Some of the four vulnerabilities were in existence when many of today’s high-powered cybercrime experts were literally still sleeping in cribs.
- Shellshock – 25 years old
- Winshock – 19 years old
- Kerberos Checksum Vulnerability – 14 years old
- Heartbleed – the “baby” of the group, only 2 years old
So yeah, I think it's clearly Apple's responsibility to remove innocuous error messages concerning the permissions of the Remote Desktop Agent, the specific purpose of which is the remote monitoring and control of the computer itself. What indeed is the point of error messages that are not actually errors and should be ignored? If the file has not been modified and is not damaged, then don't say it is. If it is modified and damaged, then why is that not a problem? After all that has happened and the erosion of trust that has occurred, the least they could do is make it seem like there aren't ongoing, untreated vulnerabilities.
Because while I do trust Apple more than any other tech company, and I would be very surprised if indeed this ARD error represented an actual vulnerability, on the other hand, I think it's just common sense that little details like this should be cleaned up. Apple cares so much about all the little details being perfect in its hardware design and interface, yet leaves little niggling annoyances like this behind to throw us for a loop when we start having some problems. I would really like, just once, to be able to run a Disk Permissions repair and have it report no problems whatsoever. Why is that too much to ask, and doesn't it seem clear that it would be a more user friendly experience?