Meir - Per your request: MacOS 10.14.5
Chrome 75.0.3770.90 (Official Build) (64-bit)
Firefox 63.0.1 (64-bit)
Safari 12.1.1
Rapport version? How would one tell? Last I see is a .dmg from the original installation.
I do have some questions which I hope can be answered here.
1. Is the daemon rooksd part of your product?
2. How does the user manage this product? Alerter to updates, select and install them? Know what version and whether it has been updated?
3. There was a vulnerability identified last August, not patched by December, and publicized. Has that been patched? In which version of Trusteer? Reference this page:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/kernel-buffer-overflow-in-trusteer-rapport-for-macos/Thanks!
------------------------------
Richard Karash
------------------------------
Original Message:
Sent: Tue June 18, 2019 05:00 AM
From: MEIR ASISKOVICH
Subject: Trusteer/Rapport killing Mac system (rooksd 60,000 ports)
IBM Trusteer Rapport is a powerful fraud prevention tool detecting and removing financial malware. For more than ten years, IBM Trusteer Rapport has been protecting dozens of millions of Win/Mac end points for some of the largest banks in the world.
The IBM R&D and Security teams invest a lot of efforts to ensure a safe and smooth on-line banking experience, while maximizing their defenses from sophisticated financial malware. As part of that, Rapports functionality is constantly being optimized to ensure a conflict free operation.
Having said that, due to the fact that we operate at all levels of the operating system, there have been cases where we have faced issues, as with this case. Our teams will investigate this and will take care of it.
For that we need few more details as:
- OS version
- Rapport version
- Browser version
Our support team will reach out to get those details.
------------------------------
MEIR ASISKOVICH
Original Message:
Sent: Sun June 16, 2019 10:10 AM
From: Richard Karash
Subject: Trusteer/Rapport killing Mac system (rooksd 60,000 ports)
Trouble with Trusteer/Rapport pushed to us by Citizens Bank.
Mac system slows to a crawl. In Activity Monitor, find that daemon rooksd has 60,000 ports open. Google tells me this is part of Trusteer/Rapport.
Big question: Bank pushes this software to customers, but leaves no hint for getting updates/maintenance. How is this software supposed to be updated by consumer end-users? If no update process, then frankly I cannot recommend this software.
Thanks for any info.
------------------------------
Richard Karash
------------------------------