Where can you see code signatures and notarization tickets, and how can you check them?
Who’s been ghost notarizing other people’s apps, and is Catalina wasting time to check whether shell scripts are notarized?
When you open a four year-old app and discover that someone notarized it in August last year. What’s behind that surprise?
Using Little Snitch, this becomes unresolvable, as the app can’t complete first run checks, and every time you try, it’s translocated to a different folder, causing Little Snitch to block it again.
Checking signatures, notarization, and 64-bit code on different items like apps, command tools, and Installer packages just got much simpler.
A future version of macOS (?10.16) will check code signatures more thoroughly than at present. Here’s what to do to start preparing for that.
No more fiddling with contextual menus: this new version also adds a busy spinner, and opens older packages too.
How to check whether any Installer package or app has valid certificates, using this new version of Taccy.
Validating signatures isn’t straightforward. GUI apps are limited, and command tools confusing and prone to user error.
Apple’s pushed update to XProtect’s data a couple of days ago is one of the most substantial since […]