{"id":22970,"date":"2018-10-03T16:16:16","date_gmt":"2018-10-03T20:16:16","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=22970"},"modified":"2019-07-23T16:55:52","modified_gmt":"2019-07-23T20:55:52","slug":"how-app-launching-has-changed-in-mojave","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2018\/10\/03\/how-app-launching-has-changed-in-mojave\/","title":{"rendered":"How App Launching Has Changed in Mojave"},"content":{"rendered":"<p><a href=\"https:\/\/eclecticlight.co\/2018\/10\/03\/launching-apps-in-mojave-how-it-has-changed\/\">Howard Oakley<\/a>:<\/p>\n<blockquote cite=\"https:\/\/eclecticlight.co\/2018\/10\/03\/launching-apps-in-mojave-how-it-has-changed\/\">\n<p>This article draws comparison between what is written to the log when you open a regular developer-signed app in Sierra and Mojave, and how a new &lsquo;notarized&rsquo; app works too. In each case, I added a quarantine extended attribute to the app before opening it, to simulate what happens when the app has been freshly downloaded from the internet. This drives macOS to perform its fullest assessment of the app before it allows it to run.<\/p>\n<p>[&#8230;]<\/p>\n<p>Once again, an early action is to translocate the app to a special folder, where XProtect performs its security assessment before running a malware scan on it. This initial security assessment takes just over 0.5 seconds, during which its signature is checked. As this is a first run in quarantine, this should include a deep check of the signature against blacklists.<\/p>\n<p>When those are complete, LaunchServices is allowed to proceed with launching the app, but TCC, concerned with privacy protection, then runs its own assessment. Significantly, this includes checking which version of the SDK it was built against, which determines whether TCC&rsquo;s strict new policies are applicable.<\/p>\n<\/blockquote>\n\n<p>Previously: <a href=\"https:\/\/mjtsai.com\/blog\/2018\/09\/10\/mojaves-new-security-and-privacy-protections-face-usability-challenges\/\">Mojave&rsquo;s New Security and Privacy Protections Face Usability Challenges<\/a>, <a href=\"https:\/\/mjtsai.com\/blog\/2016\/06\/16\/gatekeeper-path-randomization\/\">Gatekeeper Path Randomization<\/a>.<\/p>","protected":false},"excerpt":{"rendered":"<p>Howard Oakley: This article draws comparison between what is written to the log when you open a regular developer-signed app in Sierra and Mojave, and how a new &lsquo;notarized&rsquo; app works too. In each case, I added a quarantine extended attribute to the app before opening it, to simulate what happens when the app has [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"apple_news_api_created_at":"2018-10-03T20:16:19Z","apple_news_api_id":"4ef0c296-4f2e-4861-8e31-174d65c85a2b","apple_news_api_modified_at":"2019-07-23T20:55:56Z","apple_news_api_revision":"AAAAAAAAAAAAAAAAAAAAAA==","apple_news_api_share_url":"https:\/\/apple.news\/ATvDClk8uSGGOMRdNZchaKw","apple_news_coverimage":0,"apple_news_coverimage_caption":"","apple_news_is_hidden":false,"apple_news_is_paid":false,"apple_news_is_preview":false,"apple_news_is_sponsored":false,"apple_news_maturity_rating":"","apple_news_metadata":"\"\"","apple_news_pullquote":"","apple_news_pullquote_position":"","apple_news_slug":"","apple_news_sections":"\"\"","apple_news_suppress_video_url":false,"apple_news_use_image_component":false,"footnotes":""},"categories":[],"tags":[465,30,1381,1529,1842],"class_list":["post-22970","post","type-post","status-publish","format-standard","hentry","tag-gatekeeper","tag-mac","tag-macos-10-12","tag-macos-10-13","tag-notarization"],"apple_news_notices":[],"_links":{"self":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/22970","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/comments?post=22970"}],"version-history":[{"count":1,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/22970\/revisions"}],"predecessor-version":[{"id":22971,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/posts\/22970\/revisions\/22971"}],"wp:attachment":[{"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/media?parent=22970"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/categories?post=22970"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mjtsai.com\/blog\/wp-json\/wp\/v2\/tags?post=22970"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}