| Recurring |
one_organization, multiple_organization |
(a) The software failure incident related to Adware Doctor has happened again within the same organization, as the app was previously known as Adware Medic and was removed from the App Store but resurfaced as Adware Doctor [76138].
(b) The software failure incident of a malicious app being available on the Mac App Store is not unique to Adware Doctor. The article mentions that Malwarebytes has been tracking the app since 2015 and found it suspect. Additionally, the article highlights that there are other suspicious apps in the App Store that security researchers detect and track, indicating that similar incidents have happened with other apps as well [76138]. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the case of Adware Doctor, a security-scanning app available on the Mac App Store. Security researchers discovered that Adware Doctor was collecting user data, including browsing history and information about other software and processes running on a machine, and sending this data to a server in China. This behavior violated the App Store's developer guidelines and Apple's rules regarding user privacy and data collection [76138].
(b) The software failure incident related to the operation phase is evident in how users granted permissions to Adware Doctor assuming trustworthiness since it was a top app on the Mac App Store. However, once granted permission to access the macOS "Home" folder, the app started collecting user data in a way that violated their privacy and Apple's rules. This misuse of user permissions by the app led to the unauthorized collection and transmission of sensitive user data [76138]. |
| Boundary (Internal/External) |
within_system |
(a) The software failure incident related to Adware Doctor in the Mac App Store can be categorized as within_system. The app violated Apple's App Store guidelines by collecting user data, particularly browsing history and information about other software and processes running on the machine, and sending this data to a server in China [76138]. The app also bypassed sandbox protections and used tactics to access information about other running programs on the user's computer, which is a violation of Apple's rules [76138]. Additionally, the app's behavior was considered suspicious and scammy, with the app pushing the boundaries for years and resurfacing in the App Store under different names after being removed [76138]. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident in Article 76138 was primarily due to non-human actions. The failure was related to the behavior of the Adware Doctor app, which was collecting user data and sending it to a server in China without the users' knowledge or consent. This behavior violated the App Store's developer guidelines and raised privacy concerns [76138]. The app was also found to be using tactics to bypass sandbox protections and access information about other software running on a user's computer [76138].
(b) However, human actions were also involved in this software failure incident. The developers of Adware Doctor intentionally programmed the app to collect and send user data to a server, which was a violation of privacy and Apple's rules [76138]. Additionally, the developers rebranded the app as Adware Doctor after it was removed from the App Store under a different name, indicating deliberate actions to continue distributing the app despite previous scrutiny [76138]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident in Article 76138 is related to software rather than hardware. The incident involves a security-scanning app called Adware Doctor, which was found to collect user data and violate the App Store's developer guidelines. The app was removed from the Mac App Store by Apple after security researchers raised concerns about its behavior [76138].
(b) The software failure incident in Article 76138 is specifically related to software. Adware Doctor, the app in question, was found to collect user data, violate privacy, and bypass sandbox protections on macOS. The app's behavior was deemed to be in violation of Apple's App Store guidelines, leading to its removal from the store [76138]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident related to Adware Doctor in the Mac App Store can be categorized as malicious. The app was found to collect user data, violate privacy and Apple's rules, and send the data to a server in China without user consent [76138]. Additionally, the app used deceptive tactics to gain deeper system permissions by posing as a security product, which is a common strategy employed by malicious software [76138].
(b) The software failure incident cannot be categorized as non-malicious as the actions of Adware Doctor clearly indicate malicious intent to collect and misuse user data without their knowledge or consent. |
| Intent (Poor/Accidental Decisions) |
poor_decisions |
(a) The software failure incident involving Adware Doctor in the Mac App Store can be attributed to poor decisions made by the app developer. The app was found to collect user data, violate privacy and Apple's rules, and send this data to a server in China without user consent [76138]. Despite being notified about these concerns, Apple did not take immediate action to remove the app from the store, allowing it to continue operating in violation of guidelines. This delay in response highlights a lack of oversight and enforcement of security measures within the App Store ecosystem. |
| Capability (Incompetence/Accidental) |
development_incompetence |
(a) The software failure incident in Article 76138 can be attributed to development incompetence. The app Adware Doctor, which was a top-selling app in the Mac App Store, was found to be violating multiple Apple App Store guidelines by collecting user data without consent and sending it to a server in China. Security researchers Patrick Wardle and Thomas Reed independently investigated the app and found that it was not a good adware scanner and was using tactics to bypass sandbox protections and access user data in violation of Apple's rules. Despite being notified about these concerns weeks prior, Apple did not take action to remove the app until after the issue was publicized [76138].
(b) The software failure incident in Article 76138 can also be considered accidental. The app Adware Doctor, posing as a security product, gained deep system permissions by tricking users into granting access to their macOS "Home" folder. Users likely assumed trustworthiness due to the app's popularity and top ranking in the Mac App Store. The app was able to collect user data and send it to a server in China, all while appearing to be a legitimate security tool. The fact that the app was able to bypass sandbox protections and access user data through various tactics indicates that the failure was not intentional but rather a result of exploiting vulnerabilities in the system [76138]. |
| Duration |
temporary |
(a) The software failure incident in this case can be considered temporary. The incident involved the app Adware Doctor, which was found to be collecting user data and violating Apple's App Store guidelines. Researchers notified Apple about the concerns weeks before the article was published, but the app remained in the Mac App Store until a few hours after the story was published, when Apple finally removed it [76138]. This indicates that the failure was temporary, as it was resolved by the removal of the app from the store. |
| Behaviour |
value, other |
(a) crash: The software failure incident related to Adware Doctor in the Mac App Store did not involve a crash where the system loses state and stops performing its intended functions. Instead, the app was found to be collecting user data and sending it to a server in China, violating privacy and Apple's rules [76138].
(b) omission: The software failure incident did not involve the system omitting to perform its intended functions at an instance(s). Instead, the issue was related to the app collecting data about users without their consent and violating App Store guidelines [76138].
(c) timing: The software failure incident was not related to the system performing its intended functions correctly but too late or too early. The main issue was the unauthorized collection and transmission of user data by the app [76138].
(d) value: The software failure incident was related to the system performing its intended functions incorrectly. Adware Doctor was found to be collecting user data, including browsing history and a list of other software and processes running on a machine, and sending it to a server in China, which violated privacy and Apple's guidelines [76138].
(e) byzantine: The software failure incident did not involve the system behaving erroneously with inconsistent responses and interactions. The main issue was the unauthorized data collection and transmission by the app, which was found to be violating App Store guidelines [76138].
(f) other: The other behavior observed in the software failure incident was the app Adware Doctor using various tactics to collect information about other software running on a user's computer, bypassing sandbox protections and violating Apple's App Store guidelines. Additionally, the app was found to have pushed boundaries for years, resurfacing under different names after being removed from the App Store [76138]. |