Previewed at WWDC, launching in the fall.
Apple Details Upcoming Privacy and Security Protections in macOS Mojave
Apple is beefing up security in both iOS 12 and macOS Mojave, and in a yesterday's Platforms State of the Union event for developers, Apple outlined a number of new protections that are coming to the Mac with Mojave.
First of all, Apple is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.
In macOS Mojave, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware. Eventually, Apple plans to require all Developer ID apps to be notarized before they can be installed, but Apple says this is not an app review process and is used exclusively to analyze apps for security purposes.
Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.
As in iOS 12, macOS Mojave is gaining support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they've been reused, making it easier for users to create unique passwords for each login.
Multiple anti-tracking and privacy improvements are coming to Safari to keep your browsing habits private. Right now, advertisers use browser and device characteristics to create a "fingerprint" for you to surreptitiously track you across the web.
Apple is aiming to put a stop to this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.
As we covered earlier, macOS Mojave will be the last version of macOS to support 32-bit apps, another move that Apple is making to keep its Mac operating system secure and up to date.
First of all, Apple is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.
In macOS Mojave, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.
Your information, your image, your voice -- they're yours and yours alone to share with apps. macOS Mojave requires apps to get your approval before accessing the camera or microphone on your Mac. The same goes for data like your Messages history and Mail database.For apps that are distributed outside of the Mac App Store and signed with a Developer ID, Apple is introducing a secondary "Notarize" review process that's designed to detect malware faster and provide Apple with finer-grained revocation tools to revoke a specific bad release rather than a developer's entire certificate.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware. Eventually, Apple plans to require all Developer ID apps to be notarized before they can be installed, but Apple says this is not an app review process and is used exclusively to analyze apps for security purposes.
Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.
As in iOS 12, macOS Mojave is gaining support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they've been reused, making it easier for users to create unique passwords for each login.
Multiple anti-tracking and privacy improvements are coming to Safari to keep your browsing habits private. Right now, advertisers use browser and device characteristics to create a "fingerprint" for you to surreptitiously track you across the web.
Apple is aiming to put a stop to this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.
As we covered earlier, macOS Mojave will be the last version of macOS to support 32-bit apps, another move that Apple is making to keep its Mac operating system secure and up to date.
Related Roundup: macOS Mojave
[ 69 comments ]
Top Rated Comments
(View all)
2 weeks ago
It's things like this that keep coming back to Apple—even when they occasionally piss me off! For me the lock-in is the security and privacy above all else.
2 weeks ago
I might pass on 10.14.
“Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware.”
Whilst the intention is good. I want to install what I want to install.
My choice.
There is nothing here that even suggests that this control is being taken away.
2 weeks ago
Yea, he mentions that in the thread. He wasn't using Hangouts or initiating a call or anything, just using Gmail in Chrome like he normally would.
I think Chrome was asking for access to microphone because Chrome/Google supports searching using voice, open Google webpage and there is a Mic icon in the search box, its nothing sinister just someone getting their knickers in a twist over nothing.
2 weeks ago
This is why I am jumping ship from android in September when the new phones come out.
I’m not naive about it. I know a lot of people are very willing to trade their data for what Google provides in return, but there is something underlying about it that I just can’t accept. Most will say, hey you’re being tracked no matter what you do, but I would rather not just accept that and take steps to control my personal information. First step is to remove Google and Facebook from your life.
2 weeks ago
Can't say I understand much without seeing the details, but I'm glad they're focusing on this. The biggest thing is that app signing be made widely available. There's too much popular software that's unsigned, so people ignore the warnings, and things like the Handbrake and Transmission hacks infect Macs.
2 weeks ago
This is great. One of the main reasons I stick with Apple. For comparison, I saw a tweet yesterday - accessing GMail via Google Chrome requested access to the users' microphone in Mojave :eek:
2 weeks ago
The biggest thing is that app signing be made widely available. There's too much popular software that's unsigned, so people ignore the warnings, and things like the Handbrake and Transmission hacks infect Macs.
App signing stopped working. Malware steals legit developer certificates. Identity and credit card theft allows anybody to buy a certificate. Signing didn't stop Stuxnet, they people behind them broke into and stole a third-party's certificates.
The more "widely available" you make app signing, the less useful it is. If anybody can get a certificate trivially, so can malware writers.
2 weeks ago
I better do not update my relatives laptops with all these warning pop ups or I would have to make it my full time job supporting them.
Like a button could literally say „accept to continue“ and my mother would still call me with a screenshot taken with her crappy phone asking me what she should do. Like reaaaad
Like a button could literally say „accept to continue“ and my mother would still call me with a screenshot taken with her crappy phone asking me what she should do. Like reaaaad
2 weeks ago
I might pass on 10.14.
“Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware.”
Whilst the intention is good. I want to install what I want to install.
My choice.
It sounds like this doesn't apply to apps not signed with a Developer ID.
[ Read All Comments ]
A USB-based vulnerability that allows for the brute forcing of a passcode on an iOS device has been discovered by security researcher Matthew Hickey, reports ZDNet.
The method, which bypasses...
For this week's giveaway, we've teamed up with Fuse to offer MacRumors readers a chance to win a Side Winder, which is an accessory that's designed to let you quickly and easily wind up...
Alongside a major version 3.0 update that rolled out to its iOS app [Direct Link] earlier this week, Turner Classic Movies has also expanded support for its "Watch TCM" app to tvOS devices....
Nanoleaf's new 12-sided light-up remote joins its existing Nanoleaf Light Panels and Nanoleaf Rhythm, adding a whole slew of smartphone-free physical control options for your HomeKit setup in one...
Apple Maps vehicles equipped with LiDAR sensors have begun collecting street-level data in Japan for the first time this month.
Apple will be surveying the Tokyo and Urayasu areas between...
Microsoft has announced a new visual search feature for its Bing app that lets users snap a picture with their phone's camera and use it to search the web.
The new visual search function...
Some 60 billion messages are sent over the WhatsApp chat platform every day. One of the reasons for the service's massive popularity is that it lets users send and receive as many media-rich...
eBay today launched its latest sitewide coupon code, offering customers the chance to save $15 on orders that reach or exceed $75. The code isn't as enticing as eBay's previous...
