macOS has checked app signatures online for over 2 years

Why does it take 2 years to realise that macOS has been checking signing certificate validity online?

How Big Sur checks Universal Apps

If you were to strip unwanted code from a Universal App, would it still pass Big Sur’s strict security checks?

Getting unnotarized apps out of quarantine

How Catalina and Big Sur handle the first run of apps which have their quarantine flag set. With details of log entries seen in both steps needed for approval.

SilentKnight version 1.14 for your Apple Silicon Mac

Opens a window on all the new Platform Security settings of Apple Silicon Macs, and checks their iBoot firmware version. Minor tweaks for Intel users too.

Which firmware should your Mac be using? (version 5)

This article lists the firmware versions of Macs which have been successfully updated to run macOS 11.7.10. Apple […]

Checks on executable code in Catalina and Big Sur: a first draft

How macOS checks executable code before it’s loaded and run, in macOS 10.15 and 11.0. Covering integrity checks using hashes, and validity of the signing certificate, on Intel and ARM.

Last Week on My Mac: Making essential services fail-safe

Although most were worried about Apple’s failure to deliver upgrades to Big Sur, the most serious problem left many users unable to launch any apps.

Apple updates for every Mac: a summary of the last days

A summary of all the macOS updates released over the last three days, to help you catch up with any you’ve missed.

Apple has pushed updates to XProtect and MRT

Apple has pushed two updates over the last 12 hours or so, to the data files used by […]

Extended attributes as a vulnerability

Thirty years ago, many Macs were hit by the Wdef virus, which exploited a vulnerability which remains today: it travelled in an extended attribute. Should we be worried now?