Mo­jave’s new level of app se­cu­rity

Mac|Life - - ASK -

How can I tell whether an app has been ‘No­ta­rized’? Does it make any dif­fer­ence? No­ta­riza­tion is an ex­ten­sion to app se­cu­rity that’s vol­un­tary in Mo­jave, aimed at giv­ing stronger con­fi­dence that the apps you down­load from out­side the Mac App Store aren’t malware. The sig­na­ture sys­tem that was present al­ready in prior sys­tems was in­tended to do that, but most Mac malware is now signed us­ing black– mar­ket de­vel­oper cer­tifi­cates.

No­ta­riza­tion in­volves two steps: apps are ‘hard­ened’, be­fore be­ing sub­mit­ted to Ap­ple to check for malware.

Hard­en­ing forces an app to de­clare in­tent to use cer­tain fea­tures, such as the in­tent to ac­cess your Mac’s cam­era. If an app doesn’t ob­tain an en­ti­tle­ment to do so, macOS won’t al­low it ac­cess. This lim­its the po­ten­tially bad things apps can do, and, cou­pled with Mo­jave’s new pri­vacy pro­tec­tion, stops apps from se­cretly ac­cess­ing pro­tected data with­out con­sent.

When you first open a down­loaded app that has been no­ta­rized, you’ll see a new dia­log as the app goes through Gate­keeper’s sig­na­ture checks: the dia­log’s icon lacks a yel­low warn­ing tri­an­gle, and it de­clares that Ap­ple has checked the app for malware.

No­ta­rized apps also have an ex­tra cer­tifi­cate in­side, which you can see if you Ctrl–click one in Fin­der and choose Show Pack­age Con­tents. In Con­tents is a small file named CodeRe­sources, as well as the nor­mal _CodeSig­na­ture folder. You can also check us­ing the spctl com­mand in Ter­mi­nal, or Taccy (free, eclec­ti­

When you first open a no­ta­rized app in Mo­jave, Gate­keeper’s dia­log is dif­fer­ent, as shown in the up­per dia­log here.

Newspapers in English

Newspapers from Australia

© PressReader. All rights reserved.