Apple

19815 readers

58 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:

No NSFW Content
No Hate Speech or Personal Attacks
No Ads / Spamming
Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 2 years ago

MODERATORS

MichelleG@lemmy.world

RoyalEngineering@lemmy.world

thisisdee@lemmy.world

I foretold that Mac app notarization is security theater (lapcatsoftware.com)

submitted 2 weeks ago by bestboyfriendintheworld@sh.itjust.works to c/apple_enthusiast@lemmy.world

4 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] Repelle@lemmy.world 4 points 2 weeks ago (1 children)

Yes, and additionally if I’m reading this correctly, this attack would only work for people whose security settings are to run any signed code from trusted developers. One of the standard options is trusting only App Store distributed code for which this attack would not work

[–] bestboyfriendintheworld@sh.itjust.works 1 points 1 week ago* (last edited 1 week ago) (1 children)

Most people install at least some kind of software from outside the App Store.

Popular examples: VLC Media Player, LibreOffice, Adobe Software, Firefox, Dropbox, Transmission, TeamViewer

Especially lots of FOSS applications aren’t on the AppStore, many aren’t even notarized.

Cracked pirated software isn’t notarized either of course.

[–] Repelle@lemmy.world 1 points 1 week ago

Sure. And I don’t have that setting enabled personally, but I am careful otherwise and I tell my family members who don’t know better to keep it on.