How Mac applications evolved from a multitude of resources to a bundle formed from a standard layout of directories, and how they have come to be largely self-contained in macOS 26.
signature
From its introduction in Leopard in 2006, some were predicting no good would come of it. From 2012 it became important with Gatekeeper, then came notarization in 2018.
We want confidence that all executable code is exactly as was built by its developer, and if any is found to be malicious, we want macOS to be able to block its launch.
Although macOS won’t tell, Apparency will, even down to launch constraints. Other alternatives, and how to check in the command line.
How is it going to be harder to run apps that haven’t been notarized in Sequoia, and does it bring any benefit in return for the inconvenience?
Why XProtect Remediator scans can report BadPluginServiceSignature status_code 31 and abort, and why you don’t need to do anything about it.
What is going to change in notarization and code signing? Will sandboxing be required? How does this affect privacy controls?
Causes include code signature errors, app translocation, damaged documents, and corrupted or incompatible preference file.
If Ventura checks the security of apps more thoroughly, how does it go about that? Gatekeeper explored, from XProtect to OCSP checks.
Are additional Gatekeeper checks in Ventura effective, and worth the effort? Surely malware can bypass them easily.
The Eclectic Light Company 