Customising apps is a joy of the past. Bundled apps can’t even have custom icons. Third-party apps can have custom icons, but anything further will break their signature.
cdhashes
Most could live with slight delays when launching major apps. But when they’re as long as 30 seconds, and it’s an Apple silicon Mac, an explanation is required.
SHA-256 hashes are used in code signatures and security as a means of identification and verification. They bring a substantial computational burden, and can be very slow in some Intel Macs. Plus a new version of Dintch for integrity checks.
From its introduction in Leopard in 2006, some were predicting no good would come of it. From 2012 it became important with Gatekeeper, then came notarization in 2018.
We want confidence that all executable code is exactly as was built by its developer, and if any is found to be malicious, we want macOS to be able to block its launch.
App launch security is built in multiple layers, and not all check are run on every launch of an app. Syspolicy plays a key role, CDHashes are now central, and XProtect scans can make checks on large apps slow.
How is it going to be harder to run apps that haven’t been notarized in Sequoia, and does it bring any benefit in return for the inconvenience?
All apps now undergo Gatekeeper assessment, but only some have XProtect checks for malware, and the unfortunate few get translocated too.
Other file systems, with an outline of vfs and vnodes used by the kernel, and how they’re important in checking code signatures.
Why won’t Ventura let you run a copy of one of its bundled apps, and why does it refuse to run some command tools?
The Eclectic Light Company 