Apple Is Making A Change To Sequoia That You Won’t Like, But Will Make You Safer
Change sometimes sucks. But sometimes change is something that is needed to move the world forward. Today, I’m going to give you one of those changes.
At present, when you try to run an app that hasn’t been signed and notarized by Apple, you’ll get this error message:
This is meant to protect you from spyware, malware, etc. Which is fine. But there was always a way around this. If you held down the control key and then clicked on the app, you would get this:
Choosing Open would allow you to open the app. And by extension, also expose you to getting pwned by something nasty. That ability is about to go away as according to this note the upcoming macOS Sequoia will take away this ability. This will stop users from accidentally pwning themselves by running an unsigned app. And there is a way to get around this if forever reason you want to run an unsigned app. You can navigate to System Settings –> Privacy & Security to allow the app to run.
Now let me be clear, I do not recommend that you ever run unsigned, and un-notarized apps. Ever. It’s too big of a risk. And at the same time, I also want to say that even signed and notarized apps have some amount of risk associated with them as some sort of threat actor could leverage the fact that their evil app is signed and notarized to launch an attack. But this change is a good one as it will make macOS more secure in the long run. Even if a handful of users aren’t going to be happy with this change.
This entry was posted on August 7, 2024 at 1:16 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Apple Is Making A Change To Sequoia That You Won’t Like, But Will Make You Safer
Change sometimes sucks. But sometimes change is something that is needed to move the world forward. Today, I’m going to give you one of those changes.
At present, when you try to run an app that hasn’t been signed and notarized by Apple, you’ll get this error message:
This is meant to protect you from spyware, malware, etc. Which is fine. But there was always a way around this. If you held down the control key and then clicked on the app, you would get this:
Choosing Open would allow you to open the app. And by extension, also expose you to getting pwned by something nasty. That ability is about to go away as according to this note the upcoming macOS Sequoia will take away this ability. This will stop users from accidentally pwning themselves by running an unsigned app. And there is a way to get around this if forever reason you want to run an unsigned app. You can navigate to System Settings –> Privacy & Security to allow the app to run.
Now let me be clear, I do not recommend that you ever run unsigned, and un-notarized apps. Ever. It’s too big of a risk. And at the same time, I also want to say that even signed and notarized apps have some amount of risk associated with them as some sort of threat actor could leverage the fact that their evil app is signed and notarized to launch an attack. But this change is a good one as it will make macOS more secure in the long run. Even if a handful of users aren’t going to be happy with this change.
Share this:
Like this:
Related
This entry was posted on August 7, 2024 at 1:16 pm and is filed under Commentary with tags Apple. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.