Samples of four malicious software downloaded and run on macOS 13.1. Could it detect and block them effectively? Or do you need 3rd party protection?
SIP
Once, you could run diskutil to ‘fix’ broken permissions in your Home folder, then it was replaced by repairHomePermissions in Recovery. Apple no longer documents this, but it’s still there. Should you use it?
From AppleKextExcludeList to XProtect Remediator, what’s where, its current version, and which have fallen into disuse.
Signing out of iCloud and signing back in fixed a problem with syncing, but it also turned SIP off in an ‘unknown’ way, something SilentKnight didn’t understand. Updates included for SilentKnight and silnite.
Short explanations of all the information reported in SilentKnight, and its command line equivalent silnite.
We used to repair permissions of the system until SIP. After a short break, we often repaired them again, this time on preference files. Why did Apple cancel that? Should we still try it for fixing problems?
You may be surprised to learn that SIP or XProtect are disabled, that the SSV isn’t working, or that your security systems are way out of date.
From CompatibilityNotificationData to XProtect, details of all the security data and related components in Monterey.
One command, bless, used to do it all, copying boot.efi to the right place and declaring the volume bootable in its header. Where are we with Big Sur and M1 Macs?
Final in series. Examines how the hardened runtime controls access to protected private data and services, and how some use private entitlements.
The Eclectic Light Company 