Adam Codega:
Apple does not inspect or analyze the contents of what you paste. Even harmless text like "hello world" will trigger the warning under the right conditions.
Instead, Terminal checks where the clipboard content came from. It does this by calling a private API _sourceSigningIdentifier on the NSPasteboard, which reveals the code-signing identity of the application that placed the content on the clipboard.
If the source app matches a predefined list (74 apps total), the paste may be flagged.
Via Jeff Johnson:
The dialog is NOT displayed if Terminal app was opened within the last 30 days, or if developer tools are installed on the Mac.
Dr. Drang:
Surely, I thought, a command that pipes the contents of some random file on the internet into bash for execution would be worth warning about. Nope. I copied the curl command from Safari, pasted it into Terminal, and hit Return. No warning from macOS and my test folder and files disappeared again.
My feelings about this have gone from “I hope Apple doesn’t make it impossible for me to work the way I normally do” to “Looks like Apple isn’t going overboard on the protection” to “Is there any protection here at all?”
Patrick Wardle:
You can read more about ClickFix attacks in MacPaw’s Moonlock Labs write-up: “How ClickFix attacks trick users and infect devices with malware”
[…]
Long before macOS 26.4 (ok, like a month 😄), when Apple added native ClickFix protection, I had already added ClickFix protection to BlockBlock[…]
[…]
The reason Apple doesn’t allow us to subscribe to these events—specifically ES_EVENT_TYPE_RESERVED_1 (the paste event)—is that it’s private, and thus only available to clients that possess the com.apple.private.endpoint-security.client entitlement.
Previously:
BlockBlock Endpoint Security Mac macOS Tahoe 26 Malware Pasteboard Security Terminal Xcode
Marco Arment (Mastodon):
I urge you, on behalf of everyone who loves computers as much as we do, to protect and cultivate this spirit of Apple’s founders as the company’s top priority:
- We love computers. We don’t hide that — we celebrate it!
- We use computers to enhance our minds, lives, and abilities — not to be controlled, restricted, tricked, placated, angered, or surveilled.
- Our computers work for us, with the utmost respect for our time, attention, money, data, and privacy.
- We are customers and owners — not resources to be harvested, annoyed, or badgered into ever more services and upsells.
[…]
Making great computers must remain Apple’s top responsibility, because if you don’t do it, nobody will.
Previously:
Apple Apple Services iOS John Ternus Mac
Jeff Johnson (Mastodon):
There are countless small, practical, mostly uncontroversial ways in which Apple could improve the App Store for developers, yet the App Store has changed relatively little in the 18 years since it was hastily cloned from the iTunes Music Store. […] These changes to the App Store would not require a huge financial investment from Apple. They would simply require Apple to care about the App Store and developers.
[…]
Apple is actually punishing developers for making native apps on each of Apple’s platforms! (In contrast, if I made an “iOS app on Mac,” then there would be only one review.)
[…]
We should be able to edit the metadata after an app has been published. Apple can of course review the edits before the metadata is changed in the App Store.
[…]
Stop using a session cookie for developer website logins!
[…]
App Store Connect is one of the slowest websites I’ve ever used.
[…]
Stop sending a 1.2 MB promo code email—without any actual promo codes!—every time we generate a promo code. […] Several of my apps are a Universal Purchase for iOS and macOS. But for some reason, all promo codes are platform-specific.
[…]
Allow App Store users on older versions of iOS to purchase the last compatible version of an app.
[…]
Show a “contact developer” button when an App Store user leaves a 1 to 3 star rating.
[…]
When an App Store user searches for an app by name, the app should appear first in the results.
Previously:
App Store iOS iOS 26 iTunes Connect Mac Mac App Store macOS Tahoe 26
