Previewed at WWDC, launching in the fall.
Apple Details Upcoming Privacy and Security Protections in macOS Mojave
Apple is beefing up security in both iOS 12 and macOS Mojave, and in a yesterday's Platforms State of the Union event for developers, Apple outlined a number of new protections that are coming to the Mac with Mojave.
First of all, Apple is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.
In macOS Mojave, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware. Eventually, Apple plans to require all Developer ID apps to be notarized before they can be installed, but Apple says this is not an app review process and is used exclusively to analyze apps for security purposes.
Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.
As in iOS 12, macOS Mojave is gaining support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they've been reused, making it easier for users to create unique passwords for each login.
Multiple anti-tracking and privacy improvements are coming to Safari to keep your browsing habits private. Right now, advertisers use browser and device characteristics to create a "fingerprint" for you to surreptitiously track you across the web.
Apple is aiming to put a stop to this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.
As we covered earlier, macOS Mojave will be the last version of macOS to support 32-bit apps, another move that Apple is making to keep its Mac operating system secure and up to date.
First of all, Apple is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.
In macOS Mojave, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.
Your information, your image, your voice -- they're yours and yours alone to share with apps. macOS Mojave requires apps to get your approval before accessing the camera or microphone on your Mac. The same goes for data like your Messages history and Mail database.For apps that are distributed outside of the Mac App Store and signed with a Developer ID, Apple is introducing a secondary "Notarize" review process that's designed to detect malware faster and provide Apple with finer-grained revocation tools to revoke a specific bad release rather than a developer's entire certificate.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware. Eventually, Apple plans to require all Developer ID apps to be notarized before they can be installed, but Apple says this is not an app review process and is used exclusively to analyze apps for security purposes.
Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.
As in iOS 12, macOS Mojave is gaining support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they've been reused, making it easier for users to create unique passwords for each login.
Multiple anti-tracking and privacy improvements are coming to Safari to keep your browsing habits private. Right now, advertisers use browser and device characteristics to create a "fingerprint" for you to surreptitiously track you across the web.
Apple is aiming to put a stop to this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.
As we covered earlier, macOS Mojave will be the last version of macOS to support 32-bit apps, another move that Apple is making to keep its Mac operating system secure and up to date.
Related Roundup: macOS Mojave
[ 69 comments ]
Top Rated Comments
(View all)
11 weeks ago
It's things like this that keep coming back to Apple—even when they occasionally piss me off! For me the lock-in is the security and privacy above all else.
11 weeks ago
I might pass on 10.14.
“Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware.”
Whilst the intention is good. I want to install what I want to install.
My choice.
There is nothing here that even suggests that this control is being taken away.
11 weeks ago
Yea, he mentions that in the thread. He wasn't using Hangouts or initiating a call or anything, just using Gmail in Chrome like he normally would.
I think Chrome was asking for access to microphone because Chrome/Google supports searching using voice, open Google webpage and there is a Mic icon in the search box, its nothing sinister just someone getting their knickers in a twist over nothing.
11 weeks ago
This is why I am jumping ship from android in September when the new phones come out.
I’m not naive about it. I know a lot of people are very willing to trade their data for what Google provides in return, but there is something underlying about it that I just can’t accept. Most will say, hey you’re being tracked no matter what you do, but I would rather not just accept that and take steps to control my personal information. First step is to remove Google and Facebook from your life.
11 weeks ago
Can't say I understand much without seeing the details, but I'm glad they're focusing on this. The biggest thing is that app signing be made widely available. There's too much popular software that's unsigned, so people ignore the warnings, and things like the Handbrake and Transmission hacks infect Macs.
11 weeks ago
This is great. One of the main reasons I stick with Apple. For comparison, I saw a tweet yesterday - accessing GMail via Google Chrome requested access to the users' microphone in Mojave :eek:
11 weeks ago
The biggest thing is that app signing be made widely available. There's too much popular software that's unsigned, so people ignore the warnings, and things like the Handbrake and Transmission hacks infect Macs.
App signing stopped working. Malware steals legit developer certificates. Identity and credit card theft allows anybody to buy a certificate. Signing didn't stop Stuxnet, they people behind them broke into and stole a third-party's certificates.
The more "widely available" you make app signing, the less useful it is. If anybody can get a certificate trivially, so can malware writers.
11 weeks ago
I better do not update my relatives laptops with all these warning pop ups or I would have to make it my full time job supporting them.
Like a button could literally say „accept to continue“ and my mother would still call me with a screenshot taken with her crappy phone asking me what she should do. Like reaaaad
Like a button could literally say „accept to continue“ and my mother would still call me with a screenshot taken with her crappy phone asking me what she should do. Like reaaaad
11 weeks ago
I might pass on 10.14.
“Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware.”
Whilst the intention is good. I want to install what I want to install.
My choice.
It sounds like this doesn't apply to apps not signed with a Developer ID.
[ Read All Comments ]
Facebook is contesting a demand from the U.S. government that it break the encryption of its popular Messenger app so that law enforcement can listen in to a suspect's conversations as part of an...
Child actress Brooklynn Prince has been cast in the lead role of Apple's upcoming drama series that's based on the life of young journalist Hilde Lysiak, reports Deadline.
Eight-year-old...
Netflix is testing a new feature that adds video promos in between episodes of TV shows, Netflix confirmed to TechCrunch this afternoon.
The promos Netflix is showing to some users include...
Logitech often works with Apple to introduce new accessories for Apple devices, and in early August, Logitech announced its latest product designed in collaboration with Apple, the new POWERED...
For this week's giveaway, we've teamed up with Choetech to offer MacRumors readers a chance to win a 7.5W Wireless Car Charging Mount that can be used to charge an iPhone X, iPhone 8, or...
The developers of the Transit app this week announced the expansion of real-time crowdsourced data for buses, trains, streetcars, ferries, and so forth to 175 cities across the United States, Canada,...
In a new interview today with The Los Angeles Times, Beats 1 host Zane Lowe discussed a few topics related to Apple Music's daily streaming radio show, including the company's rivals. Without...
Sony Legacy announced over the summer that it had obtained the rights to release the "bulk" of Prince's back catalog, namely the albums he debuted after he left Warner Bros. in the...
