New app to analyse, display and give direct access to the contents of clipping files, including textClipping and pictClipping files created by the Finder.
provenance
Verify that the app doesn’t change file extended attributes, discover why false flags result from updating apps in place, check who has been changing your preferences, and how to add App Store apps to Provenance tracking.
A new app to check files for Providence IDs and Quarantine information, so providing info about the origin and recent edit history of those files.
Fixes a crashing bug when using its Crawler feature. Analysis of provenance xattrs confirms they can be useful in providing more information about files.
In a typical ~/Documents folder, 14% of all files have a provenance xattr attached to them, that could enable the app that last modified them to be identified. Could we make use of that?
Why do so many files now have quarantine and other extended attributes, although they’re not apps, and may never have left that Mac?
Overview of how different subsystems work together during launching a notarized app, from LaunchServices to checking WritingTools and AI availability.
In two years, macOS has gained two more XProtects. Apple’s latest Platform Security Guide provides insights into all three XProtects and how they work.
So is macOS slowly merging with iOS, and are our Macs going to be locked down, so they can only run notarized apps?
Ventura aims to improve app security by checking integrity of apps and command tools whenever they’re run. How can it do that without significant overhead?
The Eclectic Light Company 