Wednesday, October 3, 2018

How App Launching Has Changed in Mojave

Howard Oakley:

This article draws comparison between what is written to the log when you open a regular developer-signed app in Sierra and Mojave, and how a new ‘notarized’ app works too. In each case, I added a quarantine extended attribute to the app before opening it, to simulate what happens when the app has been freshly downloaded from the internet. This drives macOS to perform its fullest assessment of the app before it allows it to run.


Once again, an early action is to translocate the app to a special folder, where XProtect performs its security assessment before running a malware scan on it. This initial security assessment takes just over 0.5 seconds, during which its signature is checked. As this is a first run in quarantine, this should include a deep check of the signature against blacklists.

When those are complete, LaunchServices is allowed to proceed with launching the app, but TCC, concerned with privacy protection, then runs its own assessment. Significantly, this includes checking which version of the SDK it was built against, which determines whether TCC’s strict new policies are applicable.

Previously: Mojave’s New Security and Privacy Protections Face Usability Challenges, Gatekeeper Path Randomization.

3 Comments RSS · Twitter

I love Howard's analysis of OS X systems. Always a great read. I can get lost in his site for days reading his various treatises on OS X frameworks.

7 seconds vs half a second seems like a heck of a delay, but if it is only on first run, I don't think the delay is that bad given the trade-off on security and privacy.

7 seconds on a SSD Mac? If this is the case, then I don't even want to know how long it takes on a non SSD Mac.

7 seconds can look like an eternity from a UX point of view. As a user, you don't expect the first launch to be way slower than the next ones.

Leave a Comment