Last Week on My Mac: Weed control in the walled garden

Another worthless piece of “security theatre” about bundle signatures. I wouldn’t bother reading it, or downloading the new version of Signet.

How thoroughly does Gatekeeper check existing apps?

Is checking bundle signatures a waste of time once they have passed their ‘first run’ check? Does macOS ever do that?

Mojave happily runs apps with revoked signatures, and more

Has your Mac got any old apps and other bundles on it? Have their signing certificates been revoked, or are they perhaps unsigned? Here’s a new app to help you find out.

How does your keychain work?

Authentication dialogs to permit access to your keychain are supplied by the macOS security system, and follow a strict pattern.

A storm in the digest: why services will be going down

The workhorses of computer security, message digests and security certificates, are in the process of changing. Some disruption will result.

More fun scripting with Swift and Xcode: the signature shuffle

Another ‘scripting’ exercise in Swift starts with time wasted sorting out signing. But it does get better after that.

The difficulty of proving who you are

How, on the internet, can you prove that you are who you say you are? Could ‘internet IDs’ solve the abuse problem?

Mac App Store: still broken despite Apple’s fix

Continuing misleading error alerts show that Apple has not fixed problems in the Mac App Store after all.

SSL and HTTPS – should you trust them again?

Most of our financial and personal transactions should be protected by secure Internet connections. A year on, how has the Heartbleed bug changed this?