I'm worried about XcodeGhost.

Hi guys... This malware is worrisome. Any advice for 1Password users?

http://researchcenter.paloaltonetworks.com/2015/09/update-xcodeghost-attacker-can-phish-passwords-and-open-urls-though-infected-apps/


1Password Version: 5
Extension Version: 5.3.2
OS Version: OS 10.10.5
Sync Type: Not Provided
Referrer: kb:pro-features-faq

Comments

  • The short answer is that there is nothing to worry about with respect to 1Password, since the developers have never used anything other than the official release of Xcode. There is a blog post from the AgileBits folks about this that you may find helpful. It's here: Everything you need to know about 1Password and XcodeGhost.

  • brentybrenty

    Team Member

    I'll just add that the takeaway is to always be sure to only install software from trusted developers. Of course there's no better way to determine who you should trust but by reputation. That said, there will always be new vulnerabilities, and how developers (and platform owners like Apple) respond to them speaks much louder than someone simply saying 'trust me!'. :)

This discussion has been closed.