On Sep 30, 2022 at 9:40:14 AM MST, "David Brooks" wrote <OZEZK.549763$[email protected]>:
On 30/09/2022 17:09, Steve Carroll wrote:
On 2022-09-30, David Brooks <[email protected]> wrote:
On 30/09/2022 16:20, Steve Carroll wrote:
On 2022-09-29, David Brooks <[email protected]> wrote:
REPOSTED!Have you read these articles?
On 29/09/2022 23:13, Snit wrote:
On Sep 29, 2022 at 2:42:40 PM MST, "David Brooks" wrote
<kjoZK.343820$[email protected]>:
On 29/09/2022 21:35, Snit wrote:
On Sep 29, 2022 at 12:22:09 PM MST, "David Brooks" wrote
<BfmZK.548310$[email protected]>:
On 29/09/2022 19:36, Snit wrote:Yes, though they are not 100% safe either.
https://arstechnica.com/information-technology/2022/09/never-before-seen-malware-has-infected-hundreds-of-linux-and-windows-devices/
Researchers have revealed a never-before-seen piece of cross-platform
malware that has infected a wide range of Linux and Windows devices,
including small office routers, FreeBSD boxes, and large enterprise >>>>>>>>>>> servers.
——
Be careful out there!
Thanks! This is a time when it's good to be an Apple customer! 🤣 >>>>>>>>>
True - especially if you download rogue Apps! https://imgbb.com/X2kyxCM
Not sure I follow. Rogue apps? Wasn't that from a corrupt app?
When I reported the error to HO he said to me, in email:-
"That's because you didn't follow the instructions that I gave you, and >>>>>> you tried running the app from the same folder that it was unarchived >>>>>> to. Please move the app out of that, preferably into your Applications >>>>>> folder. I have also explained this in at least two articles recently. >>>>>
Yes, I have.
That's passive aggressive! You're playing a game! ;)
Absolutely not. I have read hundreds of HO's Blog articles.
Not sure where that could even be seen as such.
And is HO correct (based on what's in the articles)?
I do not know. I *WANT* him to be genuine but I have absolutely no way
of checking if what he puts onto my iMac (via his self-built tools) will
harm my machine or enable others to use it as part of a Botnet.
You have no real way with ANY app. Even open source ones -- if you do not read
code how would you know? And code is big and complex enough there can still be
hidden things.
--But I HAD installed the Mints App exactly as instructed - in the
Applications folder - before I ran it. I believe HO altered the coding >>>>>> in his App so that the next time I downloaded it an ran it, no error >>>>>> message was shown.
I have no idea how an App can become corrupt, but I decided to rid this >>>>>> machine of /all/ tools supplied by HO. Over-Kill? Maybe, but who knows >>>>>> for sure.
He did that... just for *you*?
No - but he referred me to this article:-
https://eclecticlight.co/2022/09/21/what-does-silentknight-check-and-why/ [....]
Have you read these articles?
Yes, I have.
That's passive aggressive! You're playing a game! ;)
Absolutely not. I have read hundreds of HO's Blog articles.
Not sure where that could even be seen as such.
I didn't quite understand where he was coming from with that.
No matter. I want to show him (SC) that I am not his enemy.
And is HO correct (based on what's in the articles)?
I do not know. I *WANT* him to be genuine but I have absolutely no way
of checking if what he puts onto my iMac (via his self-built tools) will >>> harm my machine or enable others to use it as part of a Botnet.
You have no real way with ANY app. Even open source ones -- if you do not read
code how would you know? And code is big and complex enough there can still be
hidden things.
How? By getting a warning from my operating system!
https://imgbb.com/X2kyxCM
Why do you accept HO's 'excuse' - instead of believing Apple?
You don't think of the worst case scenario - that he could be a bad guy
who made a mistake, quickly corrected so as to fool the likes of you! ;-)
If you wished, you could raise a question in one of his Blog's
'Comments' areas and see what he says! But you won't, will you?
I cannot do so because he recently said to me .... "Please do not send
me any further emails, or attempt to communicate with me in any way.
All your future attempts to post comments on my blog will now be automatically deleted, without being read."
On Sep 30, 2022 at 1:00:57 PM MST, "David Brooks" wrote <ZVHZK.760345$[email protected]>:
...
Have you read these articles?
Yes, I have.
That's passive aggressive! You're playing a game! ;)
Absolutely not. I have read hundreds of HO's Blog articles.
Not sure where that could even be seen as such.
I didn't quite understand where he was coming from with that.
No matter. I want to show him (SC) that I am not his enemy.
I wish you luck with that.
And is HO correct (based on what's in the articles)?
I do not know. I *WANT* him to be genuine but I have absolutely no way >>>> of checking if what he puts onto my iMac (via his self-built tools) will >>>> harm my machine or enable others to use it as part of a Botnet.
You have no real way with ANY app. Even open source ones -- if you do not read
code how would you know? And code is big and complex enough there can still be
hidden things.
How? By getting a warning from my operating system!
https://imgbb.com/X2kyxCM
Did it do so when you downloaded a new copy? Did it from the Applications folder?
Why do you accept HO's 'excuse' - instead of believing Apple?
Not sure what you mean by this.
You don't think of the worst case scenario - that he could be a bad guy
who made a mistake, quickly corrected so as to fool the likes of you! ;-)
No, I do not even consider that as a likely scenario. If it was then others would not be able to use the software.
If you wished, you could raise a question in one of his Blog's
'Comments' areas and see what he says! But you won't, will you?
Why would I? I do not see much of a mystery here.
I cannot do so because he recently said to me .... "Please do not send
me any further emails, or attempt to communicate with me in any way.
All your future attempts to post comments on my blog will now be
automatically deleted, without being read."
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see where he might not be pleased with that.
On 30/09/2022 22:38, Snit wrote:
On Sep 30, 2022 at 1:00:57 PM MST, "David Brooks" wrote
<ZVHZK.760345$[email protected]>:
...
Have you read these articles?
Yes, I have.
That's passive aggressive! You're playing a game! ;)
Absolutely not. I have read hundreds of HO's Blog articles.
Not sure where that could even be seen as such.
I didn't quite understand where he was coming from with that.
No matter. I want to show him (SC) that I am not his enemy.
I wish you luck with that.
Thank you! :-)
And is HO correct (based on what's in the articles)?
I do not know. I *WANT* him to be genuine but I have absolutely no way >>>>> of checking if what he puts onto my iMac (via his self-built tools) will >>>>> harm my machine or enable others to use it as part of a Botnet.
You have no real way with ANY app. Even open source ones -- if you do not read
code how would you know? And code is big and complex enough there can still be
hidden things.
How? By getting a warning from my operating system!
https://imgbb.com/X2kyxCM
Did it do so when you downloaded a new copy? Did it from the Applications
folder?
No to both. BUT ..... it should.t have triggered a warning in the first place.
Why do you accept HO's 'excuse' - instead of believing Apple?
Not sure what you mean by this.
You've seen the warning:- https://imgbb.com/X2kyxCM
You don't think of the worst case scenario - that he could be a bad guyNo, I do not even consider that as a likely scenario. If it was then others >> would not be able to use the software.
who made a mistake, quickly corrected so as to fool the likes of you! ;-) >>
Once installed the software WILL be working for others.
Indeed, you have it yourself and have tried it - haven't you?
If you wished, you could raise a question in one of his Blog's
'Comments' areas and see what he says! But you won't, will you?
Why would I? I do not see much of a mystery here.
To challenge why the software produced this warning:- https://imgbb.com/X2kyxCM
I cannot do so because he recently said to me .... "Please do not send
me any further emails, or attempt to communicate with me in any way.
All your future attempts to post comments on my blog will now be
automatically deleted, without being read."
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see >>>> where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
David Brooks <[email protected]> wrote:
On 30/09/2022 22:38, Snit wrote:
On Sep 30, 2022 at 1:00:57 PM MST, "David Brooks" wrote
<ZVHZK.760345$[email protected]>:
...
Have you read these articles?
Yes, I have.
That's passive aggressive! You're playing a game! ;)
Absolutely not. I have read hundreds of HO's Blog articles.
Not sure where that could even be seen as such.
I didn't quite understand where he was coming from with that.
No matter. I want to show him (SC) that I am not his enemy.
I wish you luck with that.
Thank you! :-)
You are welcome.
And is HO correct (based on what's in the articles)?
I do not know. I *WANT* him to be genuine but I have absolutely no way >>>>>> of checking if what he puts onto my iMac (via his self-built tools) will >>>>>> harm my machine or enable others to use it as part of a Botnet.
You have no real way with ANY app. Even open source ones -- if you do not read
code how would you know? And code is big and complex enough there can still be
hidden things.
How? By getting a warning from my operating system!
https://imgbb.com/X2kyxCM
Did it do so when you downloaded a new copy? Did it from the Applications >>> folder?
No to both. BUT ..... it should.t have triggered a warning in the first
place.
If it was corrupted it’s good it did not run.
Why do you accept HO's 'excuse' - instead of believing Apple?
Not sure what you mean by this.
You've seen the warning:- https://imgbb.com/X2kyxCM
Repeatedly. But still don’t follow. What does Apple say about a corrupted app that shows that? And what error did you get as you tried to run it?
Maybe it was a GateKeeper glitch.
You don't think of the worst case scenario - that he could be a bad guy >>>> who made a mistake, quickly corrected so as to fool the likes of you! ;-) >>>No, I do not even consider that as a likely scenario. If it was then others >>> would not be able to use the software.
Once installed the software WILL be working for others.
Software should work. Sure. But not give that error.
Indeed, you have it yourself and have tried it - haven't you?
Yes. With no concern.
If you wished, you could raise a question in one of his Blog's
'Comments' areas and see what he says! But you won't, will you?
Why would I? I do not see much of a mystery here.
To challenge why the software produced this warning:-
https://imgbb.com/X2kyxCM
You already asked and shared his response. What value would there be to ask again? What is the issue here? I’m not seeing it.
I cannot do so because he recently said to me .... "Please do not send >>>> me any further emails, or attempt to communicate with me in any way.
All your future attempts to post comments on my blog will now be
automatically deleted, without being read."
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see >>> where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
David Brooks formulated on Saturday :
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on...
what is likely
a faulty download? And then he helped direct you how to fix it. I >>>>>>> can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no
evidence of
malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it
again it
will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about
this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote
to Snit this morning?
Hmmm.
Date: Sat, 1 Oct 2022 08:02:36 +0100
I see that, and his response at
Date: Sat, 01 Oct 2022 07:14:06 GMT
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is >>>>>> likely
a faulty download? And then he helped direct you how to fix it. I can >>>>>> see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of >> malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it >> will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote to Snit this morning?
Hmmm.
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote <gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see >>>>> where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it will be fine.
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of >> malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it >> will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about
this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote
to Snit this morning?
Hmmm.
On Oct 1, 2022 at 1:31:17 PM MST, "David Brooks" wrote <ps1_K.662143$qD%[email protected]>:
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of >>> malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it >>> will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about
this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote
to Snit this morning?
Hmmm.
What post?
On 01/10/2022 23:28, Snit wrote:
On Oct 1, 2022 at 1:31:17 PM MST, "David Brooks" wrote
<ps1_K.662143$qD%[email protected]>:
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of >>>> malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it
will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about
this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote
to Snit this morning?
Hmmm.
What post?
The one which has gone missing!!!!
When I questioned HOW you know that the ID
certificate has not been revoked.
On Oct 1, 2022 at 3:43:36 PM MST, "David Brooks" wrote <so3_K.192646$[email protected]>:
On 01/10/2022 23:28, Snit wrote:
On Oct 1, 2022 at 1:31:17 PM MST, "David Brooks" wrote
<ps1_K.662143$qD%[email protected]>:
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of
malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it
will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about
this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote >>>> to Snit this morning?
Hmmm.
What post?
The one which has gone missing!!!!
When I questioned HOW you know that the ID
certificate has not been revoked.
Just ran the command again.
Identifier=co.eclecticlight.Mints
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=3138 flags=0x10000(runtime) hashes=87+7 location=embedded
VersionPlatform=1
VersionMin=720896
VersionSDK=787200
Hash type=sha256 size=32
CandidateCDHash sha256=fca0396a659854c388d954a9348f63e283a60560 CandidateCDHashFull sha256=fca0396a659854c388d954a9348f63e283a60560c302ff59665f2a46b99a8d26
Hash choices=sha256 CMSDigest=fca0396a659854c388d954a9348f63e283a60560c302ff59665f2a46b99a8d26 CMSDigestType=2
Executable Segment base=0
Executable Segment limit=245760
Executable Segment flags=0x1
Page size=4096
CDHash=fca0396a659854c388d954a9348f63e283a60560
Signature size=8975
Authority=Developer ID Application: Howard Oakley (QWY4LRW926) Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Aug 31, 2022 at 10:15:01 AM
Info.plist entries=25
TeamIdentifier=QWY4LRW926
Runtime Version=12.3.0
Sealed Resources version=2 rules=13 files=60
Internal requirements count=1 size=216
Also used this:
pkgutil --check-signature [path]/Mints.app
Package "Mints":
Status: signed by a certificate trusted by macOS
Certificate Chain:
1. Developer ID Application: Howard Oakley (QWY4LRW926)
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
A1 F8 87 B8 D9 8E 77 21 49 EF 12 DE C5 EF D8 54 8B 7E 9F A5 FD 71
3D C1 DE CD 4E BF 7A 97 BE DA
------------------------------------------------------------------------
2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24
You can do these with downloading it and never running it.
On 02/10/2022 06:56, Snit wrote:
On Oct 1, 2022 at 3:43:36 PM MST, "David Brooks" wrote
<so3_K.192646$[email protected]>:
On 01/10/2022 23:28, Snit wrote:
On Oct 1, 2022 at 1:31:17 PM MST, "David Brooks" wrote
<ps1_K.662143$qD%[email protected]>:
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of
malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it
will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about >>>>> this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote >>>>> to Snit this morning?
Hmmm.
What post?
The one which has gone missing!!!!
When I questioned HOW you know that the ID
certificate has not been revoked.
Just ran the command again.
Identifier=co.eclecticlight.Mints
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=3138 flags=0x10000(runtime) hashes=87+7
location=embedded
VersionPlatform=1
VersionMin=720896
VersionSDK=787200
Hash type=sha256 size=32
CandidateCDHash sha256=fca0396a659854c388d954a9348f63e283a60560
CandidateCDHashFull
sha256=fca0396a659854c388d954a9348f63e283a60560c302ff59665f2a46b99a8d26
Hash choices=sha256
CMSDigest=fca0396a659854c388d954a9348f63e283a60560c302ff59665f2a46b99a8d26 >> CMSDigestType=2
Executable Segment base=0
Executable Segment limit=245760
Executable Segment flags=0x1
Page size=4096
CDHash=fca0396a659854c388d954a9348f63e283a60560
Signature size=8975
Authority=Developer ID Application: Howard Oakley (QWY4LRW926)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Aug 31, 2022 at 10:15:01 AM
Info.plist entries=25
TeamIdentifier=QWY4LRW926
Runtime Version=12.3.0
Sealed Resources version=2 rules=13 files=60
Internal requirements count=1 size=216
Also used this:
pkgutil --check-signature [path]/Mints.app
Package "Mints":
Status: signed by a certificate trusted by macOS
Certificate Chain:
1. Developer ID Application: Howard Oakley (QWY4LRW926)
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
A1 F8 87 B8 D9 8E 77 21 49 EF 12 DE C5 EF D8 54 8B 7E 9F A5 FD 71
3D C1 DE CD 4E BF 7A 97 BE DA
------------------------------------------------------------------------
2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------
3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24
You can do these with downloading it and never running it.
Hello again, Snit
In the post which "went missing" I asked about HOW you had checked on
the authenticity of HO, the maker of the 'Mints.app'.
What you have provided above seems pretty authoratitive.
I tried it again earlier today. I downloaded Mints and installed the zip
file into my Applications folder BEFORE I unzipped it.
When I did unzip
it, it was available instantaneously. *WOW*!
That, though, does NOT indicate that it contains nothing malicious.
I am STILL bothered by having seen this warning. https://imgbb.com/X2kyxCM
Whilst I appreciate That you are a graduate in computing matters, I
can't help feeling that if installed software carries malware, it would
be capable of disrupting your check using Terminal - giving false results.
No doubt you, or someone else, will explain why I am wrong about that!
On 2022-10-02, David Brooks <[email protected]> wrote:
On 02/10/2022 06:56, Snit wrote:ran the command again>>>>> <Shakes head>
On Oct 1, 2022 at 3:43:36 PM MST, "David Brooks" wrote
<so3_K.192646$[email protected]>:
On 01/10/2022 23:28, Snit wrote:
On Oct 1, 2022 at 1:31:17 PM MST, "David Brooks" wrote
<ps1_K.662143$qD%[email protected]>:
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
If malware is found:
You have been suggesting he is some sort of bad guy based on... what is likely
a faulty download? And then he helped direct you how to fix it. I can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I’m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web >>>>>>>
Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no evidence of
malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it again it
will be fine.
What can possibly have happened to the response I wrote to you about >>>>>> this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote >>>>>> to Snit this morning?
Hmmm.
What post?
The one which has gone missing!!!!
When I questioned HOW you know that the ID
certificate has not been revoked.
Just ran the command again.
Identifier=co.eclecticlight.Mints
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=3138 flags=0x10000(runtime) hashes=87+7
location=embedded
VersionPlatform=1
VersionMin=720896
VersionSDK=787200
Hash type=sha256 size=32
CandidateCDHash sha256=fca0396a659854c388d954a9348f63e283a60560
CandidateCDHashFull
sha256=fca0396a659854c388d954a9348f63e283a60560c302ff59665f2a46b99a8d26
Hash choices=sha256
CMSDigest=fca0396a659854c388d954a9348f63e283a60560c302ff59665f2a46b99a8d26 >>> CMSDigestType=2
Executable Segment base=0
Executable Segment limit=245760
Executable Segment flags=0x1
Page size=4096
CDHash=fca0396a659854c388d954a9348f63e283a60560
Signature size=8975
Authority=Developer ID Application: Howard Oakley (QWY4LRW926)
Authority=Developer ID Certification Authority
Authority=Apple Root CA
Timestamp=Aug 31, 2022 at 10:15:01 AM
Info.plist entries=25
TeamIdentifier=QWY4LRW926
Runtime Version=12.3.0
Sealed Resources version=2 rules=13 files=60
Internal requirements count=1 size=216
Also used this:
pkgutil --check-signature [path]/Mints.app
Package "Mints":
Status: signed by a certificate trusted by macOS
Certificate Chain:
1. Developer ID Application: Howard Oakley (QWY4LRW926)
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
A1 F8 87 B8 D9 8E 77 21 49 EF 12 DE C5 EF D8 54 8B 7E 9F A5 FD 71
3D C1 DE CD 4E BF 7A 97 BE DA
------------------------------------------------------------------------ >>> 2. Developer ID Certification Authority
Expires: 2027-02-01 22:12:15 +0000
SHA256 Fingerprint:
7A FC 9D 01 A6 2F 03 A2 DE 96 37 93 6D 4A FE 68 09 0D 2D E1 8D 03
F2 9C 88 CF B0 B1 BA 63 58 7F
------------------------------------------------------------------------ >>> 3. Apple Root CA
Expires: 2035-02-09 21:40:36 +0000
SHA256 Fingerprint:
B0 B1 73 0E CB C7 FF 45 05 14 2C 49 F1 29 5E 6E DA 6B CA ED 7E 2C
68 C5 BE 91 B5 A1 10 01 F0 24
You can do these with downloading it and never running it.
Hello again, Snit
In the post which "went missing" I asked about HOW you had checked on
the authenticity of HO, the maker of the 'Mints.app'.
What you have provided above seems pretty authoratitive.
It actually doesn't speak to HO's authenticity, it speaks to the app he
ran the command on ("again" - so did you really need to ask this
question? - I draw this distinction because of what you're doing
(pre-sliming HO). I've tried to explain it to you and failed,
apparently. I suggest you read the Apple links I previously provided as
to why this is the case.
I tried it again earlier today. I downloaded Mints and installed the zip
file into my Applications folder BEFORE I unzipped it. When I did unzip
it, it was available instantaneously. *WOW*!
?? Some days back you indicated that you did this and things worked, so
why the "*WOW*!" here?.
That, though, does NOT indicate that it contains nothing malicious.
That's true.
I am STILL bothered by having seen this warning. https://imgbb.com/X2kyxCM
Given that it was a 'one-off', I wouldn't worry about it.
Whilst I appreciate That you are a graduate in computing matters, I
can't help feeling that if installed software carries malware, it would
be capable of disrupting your check using Terminal - giving false results. >>
No doubt you, or someone else, will explain why I am wrong about that!
Again, I would refer you to the Apple links I gave you, they will
explain why the likelihood of that isn't very high.
The following is not an OLAS...
man spctl
Using certain flags and checking for certain types of 'a' (assessment),
for example, "install", you can check if an app has been notarized. In
part of the output from the command you'll see:
"source=Unnotarized Developer ID"
or
"source=Notarized Developer ID"
So YOU should be adding this to your file that contains the codesign
command, you know, the file you haven't yet created so you don't have to
keep asking the same questions over and over ;)
On 01/10/2022 21:51, FromTheRafters wrote:
David Brooks formulated on Saturday :
On 01/10/2022 08:14, Snit wrote:
On Oct 1, 2022 at 12:02:36 AM MST, "David Brooks" wrote
<gCRZK.259545$[email protected]>:
...
You have been suggesting he is some sort of bad guy based on... >>>>>>>> what is likely
a faulty download? And then he helped direct you how to fix it. I >>>>>>>> can see
where he might not be pleased with that.
Or he swiftly covered his tracks!
Huh? From what? I�m not following this.
May I suggest that you read here?
https://support.apple.com/en-gb/guide/security/sec469d47bd8/web
If malware is found:
���� Any associated Developer ID certificates are revoked.
That has not happened. Good. We can rest easy that there is no
evidence of
malware with the product.
I've shown you the protection in action.
Why do you doubt the macOS built by Apple itself?
Odd.
Again: it can happen from a corrupted download. If you download it
again it
will be fine.
<Shakes head>
What can possibly have happened to the response I wrote to you about
this matter this morning?
Did you see it and read it, Snit?
Did anyone else see my response? *CAN* anyone see the response I wrote
to Snit this morning?
Hmmm.
Date: Sat, 1 Oct 2022 08:02:36 +0100
I see that, and his response at
Date: Sat, 01 Oct 2022 07:14:06 GMT
Hey! Rafters - thanks so much for responding. ?? It is much appreciated.
Methinks there are Gremlins! I replied to Snit after his 0714 p0st - but
my post appears to have been removed from the Usenet servers.
Now who could control such action?!!
On 02/10/2022 18:30, Steve Carroll wrote:
So YOU should be adding this to your file that contains the codesign
command, you know, the file you haven't yet created so you don't have to
keep asking the same questions over and over ;)
Please will you remind me to come back to this?
On 30/09/2022 20:29, Snit wrote:
On Sep 30, 2022 at 9:40:14 AM MST, "David Brooks" wrote
<OZEZK.549763$[email protected]>:
On 30/09/2022 17:09, Steve Carroll wrote:
On 2022-09-30, David Brooks <[email protected]> wrote:
On 30/09/2022 16:20, Steve Carroll wrote:
On 2022-09-29, David Brooks <[email protected]> wrote:
REPOSTED!Have you read these articles?
On 29/09/2022 23:13, Snit wrote:
On Sep 29, 2022 at 2:42:40 PM MST, "David Brooks" wrote
<kjoZK.343820$[email protected]>:
On 29/09/2022 21:35, Snit wrote:
On Sep 29, 2022 at 12:22:09 PM MST, "David Brooks" wrote
<BfmZK.548310$[email protected]>:
On 29/09/2022 19:36, Snit wrote:Yes, though they are not 100% safe either.
https://arstechnica.com/information-technology/2022/09/never-before-seen-malware-has-infected-hundreds-of-linux-and-windows-devices/
Researchers have revealed a never-before-seen piece of cross-platform
malware that has infected a wide range of Linux and Windows devices,
including small office routers, FreeBSD boxes, and large enterprise
servers.
��
Be careful out there!
Thanks! This is a time when it's good to be an Apple customer! ? >>>>>>>>>>
True - especially if you download rogue Apps! https://imgbb.com/X2kyxCM
Not sure I follow. Rogue apps? Wasn't that from a corrupt app?
When I reported the error to HO he said to me, in email:-
"That's because you didn't follow the instructions that I gave you, and >>>>>>> you tried running the app from the same folder that it was unarchived >>>>>>> to. Please move the app out of that, preferably into your Applications >>>>>>> folder. I have also explained this in at least two articles recently. >>>>>>
Yes, I have.
That's passive aggressive! You're playing a game! ;)
Absolutely not. I have read hundreds of HO's Blog articles.
Not sure where that could even be seen as such.
I didn't quite understand where he was coming from with that.
No matter. I want to show him (SC) that I am not his enemy.
And is HO correct (based on what's in the articles)?
I do not know. I *WANT* him to be genuine but I have absolutely no way
of checking if what he puts onto my iMac (via his self-built tools) will >>> harm my machine or enable others to use it as part of a Botnet.
You have no real way with ANY app. Even open source ones -- if you do not read
code how would you know? And code is big and complex enough there can still be
hidden things.
How? By getting a warning from my operating system!
https://imgbb.com/X2kyxCM
Why do you accept HO's 'excuse' - instead of believing Apple?
You don't think of the worst case scenario - that he could be a bad guy
who made a mistake, quickly corrected so as to fool the likes of you! ;-)
If you wished, you could raise a question in one of his Blog's
'Comments' areas and see what he says! But you won't, will you?
I cannot do so because he recently said to me .... "Please do not send
me any further emails, or attempt to communicate with me in any way.
All your future attempts to post comments on my blog will now be >automatically deleted, without being read."
| Sysop: | Keyop |
|---|---|
| Location: | Huddersfield, West Yorkshire, UK |
| Users: | 715 |
| Nodes: | 16 (3 / 13) |
| Uptime: | 19:11:54 |
| Calls: | 12,104 |
| Calls today: | 4 |
| Files: | 15,004 |
| Messages: | 6,518,087 |