![]() blocking software such as vulnerable versions of Java, and scanning for characteristics of known malware, by XProtect.code signature checks, to ascertain signing identity and app integrity, by sub-systems such as AMFI (Apple Mobile File Integrity), known generically as Gatekeeper.Quarantined apps are then checked on their first launch by three distinct mechanisms: Gatekeeper brought its mechanism for distinguishing apps which had been downloaded from untrusted Internet sources, by the attachment of an extended attribute putting them in quarantine. ![]() These were part of the first Gatekeeper sub-system, which developed slowly until its formal introduction in 2012.Īt the same time, Apple’s security engineers were busy developing the App Sandbox, also introduced in 2007, but which didn’t really come of age until it was made a requirement for App Store apps in June 2012, although some older apps have enjoyed grandfathered exemptions ever since. It seems that the first step taken was the voluntary introduction of code signatures in around 2007, a feature promoted by an Apple engineer known only as “Perry the Cynic”. For the first six years or so of Mac OS X, its system provided little if anything to detect, remove or combat malicious software.
0 Comments
Leave a Reply. |