Which problem-solving techniques are still available in macOS Tahoe? While Intel Macs still have a few, Apple silicon Macs don’t have many left.
TCC
Deconfusing the term permissions from security controls and privacy protection. While permissions are set in a file’s attributes, privacy is controlled through elaborate rules.
XProtect, XProtect Remediator, XProtect Behaviour Service, kernel extension excludes, incompatible apps, and some historical remnants, including a database that’s downloaded then vanishes.
Overview of how different subsystems work together during launching a notarized app, from LaunchServices to checking WritingTools and AI availability.
The difference between security and privacy, how consent and intent are obtained, how this works with command tools, important links, lists of protected resources and tccutil arguments.
Survey of other privacy controls, including those involved in scripting and for development. Details of the new control on access to devices on the local network.
Control access from apps to devices like cameras and microphones. How to check the reason for their request, and whether they have entitlement to do so. How to remove apps from the privacy lists, and more.
The difference between consent and intent, why an app adds itself to Settings, and when you should add it to Full Disk Access.
Permissions, privacy and security protections can conspire to prevent us from accessing our own files. They aren’t integrated, consistent or documented, and badly need improvement.
Permissions, ACLs, TCC’s privacy controls, SIP and app sandboxes. What they are, and how you can control them to access and maintain your files.
The Eclectic Light Company 