![]() One bad side effect of blocking is that it can break the Mac App Store because they’re running more than one service on that domain! Bonus points if they explain how they’re not tracking everything we do. They need to acknowledge the problem & what they’re doing to ensure it doesn’t happen again. I would really like to see a response on this. Thus, notarization only affects your ability to install new apps, it doesn’t affect your ability to launch already installed apps. The notarization status is cached permanently and has no expiration, unlike OCSP. The reason I mention the cache period is that it appears Apple has greatly increased it, from 5 minutes to half a day, likely in order to mitigate the problems caused by Thursday’s outage. A few weeks ago I wrote another blog post after Apple temporarily revoked HP’s Developer ID cert, which caused a widespread failure of HP printer software. This actually wasn’t the only Developer ID disaster recently. Unfortunately, if there’s an internet connection problem involving the Developer ID OCSP, that can also prevent Mac apps from launching. When you launch a Mac app, macOS may check with Apple’s Developer ID OCSP to see whether the app developer’s code signing certificate is revoked. Second, OCSP uses unencrypted HTTP communications so “any entity with visibility to your macOS-based computer could also observe and/or log these facts.” First, because your computer has to send your IP to communicate with Apple, it means Apple can see your IP address and the application you’re trying to use. This brings with it several privacy concerns. Mac App Notarization and Customer Privacy.Safari Safe Browsing, China, and Privacy.Apple Remote-Kills Long-time Developer’s Apps.Apple Apps Exempt From Network Filters and VPNs.See also: Hacker News, 9to5Mac ( Hacker News), ArsTechnica, MacRumors, The Verge, Philipp Defner, Nick Heer. On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored. The one Cory Doctorow also warned us about. I’m speaking, of course, of the world that Richard Stallman predicted in 1997. Jeffrey Paul (via David Heinemeier Hansson, Reddit): People are saying that is back online, and that seems to be true.ĭon’t block forever because apple uses it to check for revoked notarizations Good news, Mac users! Our long international nightmare is over. Many thoughts about how much we actually own our computers :( I had three different Macs go sideways today because of a server issue I had no idea was happening. I’m typing this from my phone since the Mac is effectively frozen. I am currently unable to work because macOS sends hashes of every opened executable to some server of theirs and when trustd and syspolicyd are unable to do so, the entire operating system grinds to a halt. It’s very simple: a screwed up server on the other end of the country shouldn’t render your computer unusable. Guilherme Rambo, on the System Status page: ![]() It’s quite troubling that an Apple server being down could cause this. I woke my computer from sleep and it couldn’t detect the fucking keyboard or trackpad. I thought it was just Catalina being Catalina. Online Certificate Status Protocol can occur on any launch. Notarization check only occurs on first launch. Leung shows how to do this with vi.ĭon’t confuse Developer ID certificate status ( /usr/libexec/trustd to ) with notarization ( /usr/libexec/syspolicyd to ). If you don’t try /etc/hosts to fix Mac app launching On Big Sur, trustd is in Apple’s “ContentFilterExclusionList”….meaning firewalls can’t block it! □ Make sure you deny it for both system and user. I figured out the problem using Little Snitch.ĭenying that connection fixes it, because OCSP is a soft failure. □ Looks like, when apps are launched, Gatekeeper is unable to check their validity over the internet, due to overwhelmed Apple servers. I’m hitting the exact same thing on 10.15.7 starting ~30 min ago… lots of random hangs only when connected to wifi.Īll of my non-Apple apps became really slow to open as well. But only when my internet is connected?Īpps are hanging on launch! Reboot didn’t help. WTF somehow my TCC seems fucked up on Mojave suddenly, for no apparent reason, no software updates. Apple Server Outage Makes Mac Apps Hang on Launch
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |