from Hacker News

Safely open apps on your Mac

by bangonkeyboard on 9/27/23, 11:29 PM with 60 comments

  • by grishka on 9/28/23, 1:38 AM

    What Apple probably doesn't want you to know is that you can also run these two commands to disable the notarization requirement, effectively reverting your security level to non-paranoid pre-Catalina:

        sudo spctl --master-disable
    sudo defaults write /Library/Preferences/com.apple.security GKAutoRearm -bool false
    This reveal add and select a third option, "any source", under "allow applications downloaded from".

    The setting will still occasionally reset after installing some system updates because it's 2023 and computers these days are extremely unreliable when it comes to remembering user preferences.

  • by bangonkeyboard on 9/27/23, 11:30 PM

    This page was updated yesterday to remove the following text from the final section, which was added in November 2020:

      In addition, over the the next year we will introduce several changes to our security checks:
  
   • A new encrypted protocol for Developer ID certificate revocation checks
   • Strong protections against server failure
   • A new preference for users to opt out of these security protections

  • by heartjudytenuta on 9/28/23, 4:00 AM

    Microsoft has had digital signing with Authenticode certificates for ~20 years now but they didn't give it a fancy name like "notarization" so nobody cares.

    "Safely" is strong language that implies software digitally signed by Apple does not contain malware. In my experience, their system is more a sieve than the condom it purports to be.

  • by themagician on 9/28/23, 3:29 AM

    Anyone else remember a while back when the notarization sever went down and basically every internet connected Mac on the planet suddenly couldn't open ANY application?

  • by Cadwhisker on 9/28/23, 3:15 AM

    The article does mention the trick to right-click on the app and select "Open", but the text is greyed-out.

    You get a different dialog box with an option to open the file and this saves a lot of clicking.

  • by cod1r on 9/28/23, 3:01 AM

    FYI, you can add whatever developer tool you use as an exception to privacy and security rules under "Developer Tools" in the "Privacy and Security" settings. I added my terminal emulator and it seems to let me run prebuilt, unsigned binaries without any annoyances.

  • by throwaway290 on 9/28/23, 5:32 AM

    > If macOS detects that software has been modified or damaged, your Mac notifies you that the app can't be opened. The app might be broken or corrupted, or it might have been tampered with.

    Wow, this is a big TIL! Until now I thought all cases of "damaged" had to do with something like bad/incomplete build or wrong architecture. Now it seems like any of them could've been attempts to deliver malware from possibly infected hosts.

  • by machael on 9/30/23, 12:37 PM

    Don't give up if you misplaced your Bitcoin. Assistance is accessible. Computer specialist Recovery can assist you in recovering your Bitcoin if you contact them right away. Although there is no assurance of success, Computer specialist Recovery has a successful track record. After seeing your website through a Google search, I made the decision to phone you. Your expertise and professionalism immediately wowed me. You patiently responded to my questions while carefully outlining the recuperation process. Your dedication to client satisfaction also struck me as admirable. You never hid anything from me and always kept me informed of your progress. I value your existence, therefore please accept my gratitude to Computerspeciallist@engineer.com whtsapp +393512018070