Many small independent developers have put a lot of effort into getting their app notarized. Then Apple changes the rules. What does this mean for users, and our security?
In Mojave and Catalina, tampering with the contents of an app bundle risks breaking signature checks. Here’s how to work around that.
How deeply does macOS check a signature? What are all the static code validation flags? Should my app leave macOS to perform signature checks?
How checks differ when an app is launched from a new path, and the effects of gross changes to the Resources folder, and small changes to code.
Why signature checks are so complex, and a walk through log entries of a notarized app launching normally in macOS 10.14.5.
What does an error -67030 mean? How does one signing error lead to another? Helpful detail for interpreting results from checking signatures.
Auto-update, text sizing, and proper Build numbers make for a worthwhile update.
Signature checks are complex. On first run with a quarantine flag, they include the contents of the Resources folder, but seldom do after that.
Helpful info and advice for all those using recent versions of my more popular free apps and utilities, about security and auto-updates.
You don’t have to add an Info.plist to a standalone Mach-O tool in order to sign it, or to get it notarized successfully. And more tips.