How the new tracking extended attribute is attached to apps, how it’s recorded in a security database, and how it’s checked. But for what purpose?
security
To boot from an external disk, Apple silicon Macs need them to have an Owner. Here’s how to investigate ownership, and how it works.
Ventura introduces a new extended attribute com.apple.provenance, used to mark successful clearance of quarantine. It’s protected by SIP too.
In the two years since we’ve been waiting for Apple to provide an option to opt out of online certificate and notarization checks, Apple has added two enhanced security modes, but not addressed the original issue.
If Ventura checks the security of apps more thoroughly, how does it go about that? Gatekeeper explored, from XProtect to OCSP checks.
Two updates to macOS security tools and the malware they protect against, including a test of XProtect Remediator against KeySteal.
Apple has just released an update to XProtect Remediator security software for Macs running Catalina or later, bringing […]
Apple has just pushed a surprise update to XProtect (not Remediator) security software, bringing it to version 2166. […]
Yes, you can notarize command tools. Doing so ensures independent approval that the code isn’t malicious, and disapproval, letting macOS block code with revoked certificates or notarization.
Apple has just released an update to bring Big Sur to version 11.7.4. Although a security update, Apple […]
The Eclectic Light Company 