zlacker

[parent] [thread] 4 comments
1. my123+(OP)[view] [source] 2022-01-09 09:07:08
You don't even need a true signature. An ad-hoc one (which can be linker-generated) and has no cryptographic key attached is considered as valid.
replies(1): >>darkwa+x3
2. darkwa+x3[view] [source] 2022-01-09 09:47:38
>>my123+(OP)
And in the next N releases of macOS those features will be quietly removed since 99% users are running properly notarized binaries anyway...
replies(2): >>myname+Fm >>user-t+pb1
◧◩
3. myname+Fm[view] [source] [discussion] 2022-01-09 13:36:59
>>darkwa+x3
That’s certainly an option. But absolutely nothing points to it being the actual thing that will happen other than wild baseless speculation.
◧◩
4. user-t+pb1[view] [source] [discussion] 2022-01-09 18:54:38
>>darkwa+x3
Why would that happen in the next N releases, when it hasn't happened in the previous M releases? What's changed?
replies(1): >>mlyle+qg1
◧◩◪
5. mlyle+qg1[view] [source] [discussion] 2022-01-09 19:27:57
>>user-t+pb1
I think there's some perception by people like this that --- there's some massive goal towards restricting users, and each change in the security policy is an incremental step.

But it doesn't really make sense:

- All the technical work to restrict users could certainly be done in one release: it's not that hard.

- As to market acceptance, I don't think any of the changes re: binary signing are "getting users used to" being restricted.

So, requiring signed binaries doesn't appreciably make the technical or market challenges of restricting unapproved apps easier.

[go to top]