New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Details Upcoming Privacy and Security Protections in macOS Mojave

Apple is beefing up security in both iOS 12 and macOS Mojave, and in a yesterday's Platforms State of the Union event for developers, Apple outlined a number of new protections that are coming to the Mac with Mojave.

First of all, Apple is extending privacy protections to the camera, microphone, and other sensitive user data that includes mail database, message history, Safari data, Time Machine backups, iTunes device backups, locations and routines, and system cookies.

In macOS Mojave, apps will need express user consent for all API and direct access to these resources, with users able to access their security preferences in the Security section of System Preferences.

Your information, your image, your voice -- they're yours and yours alone to share with apps. macOS Mojave requires apps to get your approval before accessing the camera or microphone on your Mac. The same goes for data like your Messages history and Mail database.
For apps that are distributed outside of the Mac App Store and signed with a Developer ID, Apple is introducing a secondary "Notarize" review process that's designed to detect malware faster and provide Apple with finer-grained revocation tools to revoke a specific bad release rather than a developer's entire certificate.

Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware. Eventually, Apple plans to require all Developer ID apps to be notarized before they can be installed, but Apple says this is not an app review process and is used exclusively to analyze apps for security purposes.

Apple is introducing enhanced runtime protections that will extend System Integrity Protection features to third-party apps, protecting them from code injection and other tampering.

As in iOS 12, macOS Mojave is gaining support for automatic strong passwords, with Safari automatically creating, autofilling, and storing passwords. Passwords on macOS Mojave will be flagged if they've been reused, making it easier for users to create unique passwords for each login.


Multiple anti-tracking and privacy improvements are coming to Safari to keep your browsing habits private. Right now, advertisers use browser and device characteristics to create a "fingerprint" for you to surreptitiously track you across the web.

Apple is aiming to put a stop to this by sharing only a simplified system profile when you browse the web, giving advertisers less of your data to work with. Improved Intelligent Tracking Prevention also prevents social media Like, Share, and Comment buttons and widgets from tracking you without your permission.

As we covered earlier, macOS Mojave will be the last version of macOS to support 32-bit apps, another move that Apple is making to keep its Mac operating system secure and up to date.

Related Roundup: macOS Mojave


Top Rated Comments

(View all)

19 weeks ago
It's things like this that keep coming back to Apple—even when they occasionally piss me off! For me the lock-in is the security and privacy above all else.
Rating: 14 Votes
19 weeks ago
THANK YOU, APPLE!
Rating: 8 Votes
19 weeks ago

I might pass on 10.14.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware.
Whilst the intention is good. I want to install what I want to install.
My choice.


There is nothing here that even suggests that this control is being taken away.
Rating: 6 Votes
19 weeks ago

Yea, he mentions that in the thread. He wasn't using Hangouts or initiating a call or anything, just using Gmail in Chrome like he normally would.

I think Chrome was asking for access to microphone because Chrome/Google supports searching using voice, open Google webpage and there is a Mic icon in the search box, its nothing sinister just someone getting their knickers in a twist over nothing.
Rating: 5 Votes
19 weeks ago

This is why I am jumping ship from android in September when the new phones come out.


I’m not naive about it. I know a lot of people are very willing to trade their data for what Google provides in return, but there is something underlying about it that I just can’t accept. Most will say, hey you’re being tracked no matter what you do, but I would rather not just accept that and take steps to control my personal information. First step is to remove Google and Facebook from your life.
Rating: 5 Votes
19 weeks ago
Can't say I understand much without seeing the details, but I'm glad they're focusing on this. The biggest thing is that app signing be made widely available. There's too much popular software that's unsigned, so people ignore the warnings, and things like the Handbrake and Transmission hacks infect Macs.
Rating: 4 Votes
19 weeks ago
This is great. One of the main reasons I stick with Apple. For comparison, I saw a tweet yesterday - accessing GMail via Google Chrome requested access to the users' microphone in Mojave :eek:
Rating: 4 Votes
19 weeks ago

The biggest thing is that app signing be made widely available. There's too much popular software that's unsigned, so people ignore the warnings, and things like the Handbrake and Transmission hacks infect Macs.


App signing stopped working. Malware steals legit developer certificates. Identity and credit card theft allows anybody to buy a certificate. Signing didn't stop Stuxnet, they people behind them broke into and stole a third-party's certificates.

The more "widely available" you make app signing, the less useful it is. If anybody can get a certificate trivially, so can malware writers.
Rating: 3 Votes
19 weeks ago
I better do not update my relatives laptops with all these warning pop ups or I would have to make it my full time job supporting them.

Like a button could literally say „accept to continue“ and my mother would still call me with a screenshot taken with her crappy phone asking me what she should do. Like reaaaad
Rating: 2 Votes
19 weeks ago

I might pass on 10.14.
Notarization will let macOS Mojave users know for sure that a third-party non-App Store Mac app has been double checked by Apple and that it's free from malware.
Whilst the intention is good. I want to install what I want to install.
My choice.

For apps that are distributed outside of the Mac App Store and signed with a Developer ID

It sounds like this doesn't apply to apps not signed with a Developer ID.
Rating: 2 Votes

[ Read All Comments ]