Gatekeeper is an execution prevention technology in OS X that will block apps from running if they have not been properly certified. It combines with similar technologies in OS X such as quarantining of downloaded files, to give you ample warning that a program you are running may be suspicious if it has not come from vetted sources, such as the App Store. Continue reading
Tag Archives: Gatekeeper
How to verify app signatures in OS X
One potential route by which an attacker can compromise your Mac is to modify a legitimate software package to contain malware. While this is difficult to do through official software distribution channels (e.g., the Mac App Store), it can be done through popular alternative approaches like peer-to-peer networking and third-party software distribution Web sites. Continue reading
Oversight in GateKeeper allows for an easy bypass
Apple’s GateKeeper is a background technology in OS X that helps thwart malware. It does so by assessing three levels of identification for an app (Unsigned, Signed, and Signed with App Store distribution), and then imposing options to block execution of apps that are either unsigned, or not distributed through the App Store. However, a simple workaround exists that can allow malware to overcome Gatekeeper’s blocks and run. Continue reading
Overcome Gatekeeper automatically re-enabling in OS X Yosemite
The Gatekeeper feature in OS X is a security measure that adds a layer of protection by only allowing Apple-approved apps to run, be they either from members of Apple’s developer community, or apps that are distributed in the App Store. This feature should be enabled by default, but if desired you can change Gatekeeper’s behavior, or disable it altogether. However, some OS X 10.10 users have found that after a while, Gatekeeper may re-enable automatically. Continue reading