Preparing for new security rules: how signatures can get stripped

A future version of macOS (?10.16) will check code signatures more thoroughly than at present. Here’s what to do to start preparing for that.

Checking a macOS installer app is easier with Taccy 1.6

No more fiddling with contextual menus: this new version also adds a busy spinner, and opens older packages too.

Taccy 1.5 now validates signatures of apps and Installer packages

How to check whether any Installer package or app has valid certificates, using this new version of Taccy.

How to check signatures on apps, installers, and packages

Validating signatures isn’t straightforward. GUI apps are limited, and command tools confusing and prone to user error.

How has XProtect changed?

Apple’s pushed update to XProtect’s data a couple of days ago is one of the most substantial since […]

Security changes coming in Catalina: what’s changed

What to expect from the many changes to security and privacy in the first release of Catalina. How to run non-notarized apps, and more.

Last Week on my Mac: Notarization devalued?

Many small independent developers have put a lot of effort into getting their app notarized. Then Apple changes the rules. What does this mean for users, and our security?

How to add a custom icon to an app without breaking its signature

In Mojave and Catalina, tampering with the contents of an app bundle risks breaking signature checks. Here’s how to work around that.

How apps can check integrity better than macOS

How deeply does macOS check a signature? What are all the static code validation flags? Should my app leave macOS to perform signature checks?

Understanding signature checks on notarized apps in Mojave 10.14.5: 2

How checks differ when an app is launched from a new path, and the effects of gross changes to the Resources folder, and small changes to code.