Fascinating article. Short version: there was a bug in the part of Apple’s Gatekeeper code that checked whether a file was an application bundle. Bundles that only contained a script, and not a plist file, were considered “not a bundle,” and this bypasses the Gatekeeper checks.<p>The issue is fixed in the latest version of Big Sur. Be sure to upgrade. It’s being exploited in the wild.
Gatekeeper is one of the most frustrating things I have to fight whenever I try using MacOS. It feels like DRM for my applications, which in turn makes everything feel clunkier, and less integrated. I would genuinely pay Apple extra for a version of MacOS that just trusts me and lets me install what I want without the some esoteric mechanism stopping me at every step of the way...
Does anyone know how trustworthy this objective-see project is?<p>I remember once installing several of his apps, but then coming to the conclusion that i don't know enough - even though he consistently seems to find and fix flaws in OSX.<p>Why isn't Apple hiring this man?<p>EDIT: Why are people downvoting this question? If i'm implying something then i'm unaware of it.
Is it me or Apple isn't even listing the patch in the 11.3 changelog? <a href="https://developer.apple.com/documentation/macos-release-notes/macos-big-sur-11_3-release-notes" rel="nofollow">https://developer.apple.com/documentation/macos-release-note...</a>
I feel that macOS has slowly become a mess. From Lion, more or less.<p>Overcomplicated and bloated security features, telemetry, iOSification of the UI, dumbed down settings, bugs..<p>Perhaps the time has come to shed some legacy and restart again from scratch (like Google Fuchsia) or to invest some of the hundreds of billions they have in refining the software so it actually works
Somehow none of this is applied to packaged shell script into an .app which runs on double-click with no message whatsoever. Malware doesn't always have to be a binary...