The below is an off-site archive of all tweets posted by @mjtsai ever

November 6th, 2019

@lapcatsoftware @rosyna The contacts service isn’t getting compromised. GitFinder has separate services for Git, Ke… https://t.co/zhrqyAbCyW

via Tweetbot for Mac

@lapcatsoftware @rosyna My point is that requiring the app entitlement makes the app less secure than if access wer… https://t.co/WtMgD3TgpO

via Tweetbot for Mac

@rosyna Yes, my point is I don’t see why the TCC ones are treated differently than network and file access.

via Tweetbot for Mac in reply to rosyna

@rosyna What I mean is that if the user has allowed app B to control app A and allowed app C to control app B, then… https://t.co/rjYPGKqoW6

via Tweetbot for Mac

@rosyna I still conclude from this that: 1. This sort of transitive declaration is completely at odds with privileg… https://t.co/JRSE7zmTKG

via Tweetbot for Mac

@rosyna I’m assuming this doesn’t protect against the AppleScript thing.

via Tweetbot for Mac in reply to rosyna

@rosyna “Never asked for”? Are you thinking of a model where an app embeds a service written by someone else and th… https://t.co/yr1F3YzdEp

via Tweetbot for Mac

@rosyna I mean that the same logic would apply to other entitlements, like network stuff. I’ve isolated network acc… https://t.co/hYoly7zMPW

via Tweetbot for Mac

@rosyna I thought XPC was supposed to help here. Without the entitlement, GitFinder can only do contacts operations… https://t.co/NHCZq85Orq

via Tweetbot for Mac

@rosyna But, going with this logic for the moment, why wouldn’t this also apply to other entitlements?

via Tweetbot for Mac in reply to rosyna

@rosyna Whereas if GitFinder has the entitlement and gets compromised, we have the same problem…

via Tweetbot for Mac in reply to rosyna

@rosyna 3. I thought apps weren’t supposed to be able to invoke other apps’ XPC services.

via Tweetbot for Mac in reply to mjtsai

@rosyna This doesn't make sense to me. 1. Isn’t the https://t.co/hHCr3UZQ7A.... entitl… https://t.co/tQwcjgZ3aE

via Tweetbot for Mac

Siri Stores Encrypted E-mails in Plain Text: https://t.co/Sm19d2IKAf #mjtsaiblog

via IFTTT

Hardened XPC Services Don’t Prompt: https://t.co/4EZYFZi5Co #mjtsaiblog

via IFTTT

Don’t Interrupt the Installation: https://t.co/4FFov5s7kU #mjtsaiblog

via IFTTT

Archive Team’s Yahoo Groups Rescue Effort: https://t.co/ZaO69fVtrh #mjtsaiblog

via IFTTT

Catalina No Longer Caches Shared Photos Locally: https://t.co/X6VEp2TMic #mjtsaiblog

via IFTTT

Posts updated today:

Perfectly Cropped
https://t.co/dlt0TbH2tz

WebView and UIWebView Deprecated in Favor of WKWe… https://t.co/7HhjL2G5on

via Tweetbot for Mac

Posts updated today:

Catalina Vista
https://t.co/oq6SkkwJ38

Catalina Notarization
https://t.co/jFraHZoYVt

AirPo… https://t.co/wjLFXgFZcZ

via Tweetbot for Mac