Comment by caseyohara
1 year ago
> her macbook was full of malware
I’m guessing her OS was very out of date? Because I’m having a hard time imagining how this happens in 2024 with XProtect, Gatekeeper, and Notarization all turned on by default. Non-technical people are unlikely to turn these off.
Scripts (OSX ships with Python, Perl, Bash, Zsh, and I think JS) bypass all of those.
Also I would not be suprised if editing scripts in runtime based apps (like electron) still bypass all of those.
Last I looked at code signing in MacOS it was weaker than Windows in places. With code signing checks enabled in Windows (they are used as a smart screen signal but not required by default) you actually need to sign shell scripts to run them.
> OSX ships with Python
Small correction: macOS (it hasn’t been called OS X for close to a decade) hasn’t shipped with Python for a while. It does have a shim at /usr/bin/python3 that when called pops up a GUI to the user telling them they need the Xcode Developer Tools, which if accepted does provide Python.
You don’t need to be very computer savvy to google “how to bypass gatekeeper”. My kids figured that out pretty quickly.