![]() In a brief presentation, Olivia Hillman, one of the engineers who works on the Notary service, explained that those developers who notarize through Apple’s Xcode development environment won’t see any change in that process, but anyone who has been using the command altool can now use a new and improved command notarytool instead. So what did Apple announce about notarization at WWDC this year? For the time being, at least, it’s hard to come up with an alternative which could be more effective. If we want to be able to run the software of our choice, rather than just Apple’s, notarization will remain an important tool to ensure the cat doesn’t fall too far behind in that chase. The battle against malicious software remains cat-and-mouse, as it always will be. Once detected, the time to deploy effective countermeasures is greatly shortened by notarization. Should any notarized software turn out to be malicious, Apple already has everything it needs to block the malware from running when newly installed, revoke its certificate, update XProtect (and MRT, where appropriate) to detect the malware, and monitor prevalence on Macs. Not only does notarization give Apple a copy of all the software which is notarized, but macOS sends Apple the cdhashes of all newly-opened software. The most essential data in addressing malware is a copy of that software. What we don’t see, or perhaps appreciate, is what Apple gains in its battle against malicious software from the notarization process. So maybe we’re only too happy when certificate revocations block malware, in which case what we want is some means of detecting malware before it gets distributed to users. Over that period, I haven’t heard anyone complaining about all the certificates on malware which have been revoked. Of course, Apple has had, and used, certificate revocation as a means of blocking signed apps from being run since 2019, and long before that it was blocking known malicious apps from being brought out of quarantine. Just because passwords or any other form of security protection aren’t perfect, you don’t give up and use easily guessable passwords, do you? I know that a good lockpicker could probably unlock my front door in less than a minute or two, but do I leave the house unlocked to spare them the bother? Notarization is but one layer of security among many, which are only needed because we, being human, still can’t seem to resist tempting offers like a Flash Player update six months after Adobe finally killed it.Īnother argument against notarization which seems popular is that it gives Apple a ‘kill switch’. Like every other security measure, notarization cannot provide perfect protection, but acts as a filter, and a very effective one at that. So what’s the point of notarization if we can’t fully trust apps which have been notarized? However, other software which isn’t notarized or supplied from the App Store will take the more circuitous route through Gatekeeper checks when first run only after it has been downloaded from the Internet, or copied across using AirDrop, which also sets the quarantine flag.īut every few weeks, we hear about more malware which Apple has happily notarized, and told us that it has checked for malicious software and found it to be wholesome. Another more complicated class of software are plug-ins for other apps, which have to be notarized, otherwise the user may have to explicitly approve the plug-in through the General tab of the Security & Privacy pane (when they’re quarantined). There are some small but important exceptions to this, kernel extensions in particular, which are required to be notarized on both Intel and M1 Macs. Code signed using a developer certificate, whether or not it’s notarized, can be run without penalty on all Macs.Code signed using ad hoc rather than Apple-issued certificates can be run without penalty on all Macs, including natively on M1 Macs.Completely unsigned code can still be run without penalty on Intel Macs, and on M1 Macs only in Rosetta 2.Nor has Apple announced any change in rules over the signing or delivery of software. Although Apple makes this a rule for developers, users aren’t limited by it in any meaningful way: downloading and using an app which isn’t notarized involves a small detour on the first run, but that doesn’t seem set to change in macOS 12. Under current rules, all third-party developers of software for macOS are supposed to deliver their software through the App Store, or to notarize it before distributing it independently. ![]() This article explains what’s happening, and considers whether it’s benefiting the user. One of the most pervasive changes in macOS security, notarization of apps, is set to change again this summer.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |