Apple - How reliable and trustworthy are the Objective-See Security tools (KnockKnock (UI), Dynamic Hijack Scanner and BlockBlock)?
I use many of their tools and this is probably not a false-positive. The only currently known false positives stated on their Dynamic Hijack Scanner webpage (at the bottom) ia Microsoft Messenger (mbukernel) and Microsoft Messenger Daemon (mbuinstrument).
About your scan results, I also have BitTorrent Sync installed on my Mac and I get the same message (tested on 2 other Macs). If I do a full system scan with DHS, I get many other applications that have the rpath vulnerability and the weak vulnerability, including iMovie and many Xcode tools. Please note that this is not something to be too worried about, as none of your Applications are "Hijacked" and dylib hijacking is quite a newly discovered vulnerability in OS X, and therefore your probably not going to see any in-the-wild attacks yet. If you are of the more technical sort, you can read their slides presented on this at CanSecWest here and the technical paper here.
I do trust the tools from this company and the person behind this (Patrick Wardle) is clearly stated on their About page. He has published more of his OS X research papers that are available at the bottom of that webpage. He has also done many presentations at security conferences including DefCon, and is the Director of R&D at Synack.
KnockKnock is a tool that scans for persistently installed items on your Mac, including Kernel Extensions, Launch Items, and Login Items and lists them on the screen.
Lastly, BlockBlock is simply a tool that watches for anything that becomes persistently installed (executed at boot every time your mac boots up), such as malware - the tool is still in beta as of this writing.
At the end, they are all great Mac security tools to check-up your mac :).
Most of the tools by objective-see seem to be provided without source code. As this precludes verification of the stated functionality and the ability to build these products yourself, security conscious people should not install these tools. Given the fact that these tools often operate with high privileges cautiousness is paramount.
Should I be wrong, then the information on getting the source code should at least be made more readily available.
If you look at the code in the git repos, the author of a lot of the code is Patrick Wardle who appears to be a principal security researcher for Jamf. Seems pretty trustworthy.