An overview of code signing and certificate requirements to come when macOS 27 is released in a few months, supporting only Apple silicon Macs. How Intel Macs will be affected in the near future.
Notarization
Customising apps is a joy of the past. Bundled apps can’t even have custom icons. Third-party apps can have custom icons, but anything further will break their signature.
Whether a quarantined and notarized app undergoes translocation, Tahoe doesn’t run XProtect checks to determine if it’s malicious. And how to tell when an app is running from translocation.
Some apps have become very slow to launch in recent versions of macOS. It has been suggested that this might be improved in Tahoe. Is that confirmed by evidence?
Stepping through the stages in security checks made on a notarized Mach-O binary command tool, in Ventura 13.4.1 2 years ago, and now in Sequoia 15.4.1.
From its introduction in Leopard in 2006, some were predicting no good would come of it. From 2012 it became important with Gatekeeper, then came notarization in 2018.
Overview of how different subsystems work together during launching a notarized app, from LaunchServices to checking WritingTools and AI availability.
After setting a record of 29 updates through the year, XProtect’s Yara rules have grown from about 195 in 167 KB of text to 328 in 921 KB. Here are other details for the other XProtects, Gatekeeper and more.
iCloud is now used for key services including notarization checks. For XProtect updates, it should be quicker and simpler, so long as you mind the pinniped.
We want confidence that all executable code is exactly as was built by its developer, and if any is found to be malicious, we want macOS to be able to block its launch.
The Eclectic Light Company 