Nine months ago, Apple undertook to make changes in the way in which macOS checks its OCSP service for certificate revocations. Has it changed anything yet?
Gatekeeper
From the start of voluntary code signing in 2007, defences against malware in macOS have changed dramatically. Here’s an overview of what has happened.
If you use the Installer app the wrong way, it will open an ad-hoc signed package and quietly install apps which don’t get checked by Gatekeeper.
When you check the version of Gatekeeper data on a new Mac, why should it show one which was pushed by Apple nearly 5 years ago for El Capitan?
Details of data files for MRT, XProtect, Gatekeeper and other security features in Big Sur. Covers both Intel and M1 Macs.
Why does it take 2 years to realise that macOS has been checking signing certificate validity online?
If you were to strip unwanted code from a Universal App, would it still pass Big Sur’s strict security checks?
AirDrop is very convenient, but sets the quarantine flag, which can break Apple’s installer apps. Here’s how to remove those flags in a couple of minutes.
How Catalina and Big Sur handle the first run of apps which have their quarantine flag set. With details of log entries seen in both steps needed for approval.
How macOS checks executable code before it’s loaded and run, in macOS 10.15 and 11.0. Covering integrity checks using hashes, and validity of the signing certificate, on Intel and ARM.
