From AppleKextExcludeList to XProtect Remediator, what’s where, its current version, and which have fallen into disuse.
Gatekeeper
Developed from LockRattler three years ago, SilentKnight is in need to modernisation to work better with changing security tools. History and aims.
What and where is the Gatekeeper app or service? The answer is that it’s a collaborative system or technology to check apps and ensure that only trusted software is run.
What should you do when Gatekeeper refuses to let you run a newly installed app? How human paradoxical behaviour makes us do the wrong things.
Checks on app signatures and notarization of notarized apps will be performed each time they’re run. How to deal with problems, and what not to do.
There’s more to the quarantine flag, as it’s not binary on/off, and app translocation can trap even notarized applications if you don’t move them right.
Is macOS going to be like iOS? Not in Ventura, where notarization is improved with additional security checks. Here are the details.
There have been changes to the way that macOS 12 checks executable code when asked to run it. Summarised in a diagram.
Improves reporting of results on T2 and M1 Macs, and clarifies old versions of Gatekeeper seen on newer Macs. Recommended for all users.
Quarantine flags first appeared in 2007. This explains how they work, what they do, and the differences between app and document quarantine.
The Eclectic Light Company 