Recommendations for the ‘standard’ user for security and privacy protection from startup to shutdown. A broad overview of all key systems and how they fit together.
Notarization
Notarization is now obligatory for developers, but at the same time, we’re still able to run our own apps that aren’t notarized. Here’s how that works, and why.
App launch security is built in multiple layers, and not all check are run on every launch of an app. Syspolicy plays a key role, CDHashes are now central, and XProtect scans can make checks on large apps slow.
Although macOS won’t tell, Apparency will, even down to launch constraints. Other alternatives, and how to check in the command line.
How is it going to be harder to run apps that haven’t been notarized in Sequoia, and does it bring any benefit in return for the inconvenience?
So is macOS slowly merging with iOS, and are our Macs going to be locked down, so they can only run notarized apps?
Ventura aims to improve app security by checking integrity of apps and command tools whenever they’re run. How can it do that without significant overhead?
What is going to change in notarization and code signing? Will sandboxing be required? How does this affect privacy controls?
New version of ViableS runs in a sandbox, with no shared folders, and can now be isolated from networks. So how well does Ventura work without internet?
In the two years since we’ve been waiting for Apple to provide an option to opt out of online certificate and notarization checks, Apple has added two enhanced security modes, but not addressed the original issue.
The Eclectic Light Company 