New version of ViableS runs in a sandbox, with no shared folders, and can now be isolated from networks. So how well does Ventura work without internet?
OCSP
In the two years since we’ve been waiting for Apple to provide an option to opt out of online certificate and notarization checks, Apple has added two enhanced security modes, but not addressed the original issue.
If Ventura checks the security of apps more thoroughly, how does it go about that? Gatekeeper explored, from XProtect to OCSP checks.
In November 2020, macOS was found to have a hole in protecting users’ privacy, which Apple promised to fix within a year. Although it has made changes, are they protective enough?
Is Apple going to meet the promises it made a year ago, to protect its users around the world from the risk posed by its online signing certificate checks?
Nine months ago, Apple undertook to make changes in the way in which macOS checks its OCSP service for certificate revocations. Has it changed anything yet?
From the start of voluntary code signing in 2007, defences against malware in macOS have changed dramatically. Here’s an overview of what has happened.
Certificate revocation checks in macOS could be misused in surveillance. How could you prevent that without putting your Mac at risk?
You try to open an app on your M1 Mac, only to see an alert telling your that you don’t have permission to open it. Only that isn’t the reason.
If you try booting into Big Sur in Remote (Internet) Recovery, you’ll get Catalina instead. But nowhere does Apple alert users to this problem.
The Eclectic Light Company 