Whenever an app is opened in 10.14.2, its signature is checked asynchronously, often several times. But in many cases, macOS doesn’t act on any errors returned.
Gatekeeper
Another worthless piece of “security theatre” about bundle signatures. I wouldn’t bother reading it, or downloading the new version of Signet.
Is checking bundle signatures a waste of time once they have passed their ‘first run’ check? Does macOS ever do that?
Has your Mac got any old apps and other bundles on it? Have their signing certificates been revoked, or are they perhaps unsigned? Here’s a new app to help you find out.
Apple appears to be maintaining MRT, but hasn’t changed detection signatures in XProtect for 9 months. What does this mean for the security of macOS and its users?
Apple has just pushed an update to the data used by Gatekeeper, bringing its version number to 157, […]
Apple has just pushed an update to Gatekeeper’s security data, bringing it to version 157, macOS Mojave 10.14.2 […]
What may be a robust strategy for security in macOS 10.15 might leave many users of older versions stranded. This needs discussion.
Apple has just pushed an update to the data used by Gatekeeper, bringing its version number to 156, […]
Mojave checks newly-installed apps which are not from the App Store more thoroughly, and handles notarized apps differently too. Here are some details.
The Eclectic Light Company 