You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Whenever I install or update Verus Desktop on a Mac, I get the following message:
Verus Desktop cannot be opened because the developer cannot be verified
macOS cannot verify that this app is free from malware.
Safari downloaded this file on [date].
[Move to Trash] [Cancel] (buttons)
There is no button to bypass this. The only way to open the app is to open it twice with a right click directly from the Applications folder (not the launchpad). On the second try it gives you a button to "Open Anyway".
I remember that it took me some time to figure this out the first time I installed the app, and it continues to be an annoyance every time I update. More importantly, by bypassing Apple's notarization service, you're introducing a security risk for end users. The more comfortable people are with ignoring scary warning messages about installing malware on their computer, the more likely they are to accidentally install actual malware on their computer. It's not too hard to imagine a scenario where somebody hacks into, say, the Verus Discord, and sends everybody a link to install a mandatory Verus update, but links to a different Github repository with a maliciously altered version of Verus Desktop. Consistently using Apple's notarization service would provide an extra layer of protection for users in this scenario.
Last I checked, a developer account with Apple only costs like $100 per year. I think that would be worth the trouble.
The text was updated successfully, but these errors were encountered:
Whenever I install or update Verus Desktop on a Mac, I get the following message:
Verus Desktop cannot be opened because the developer cannot be verified
macOS cannot verify that this app is free from malware.
Safari downloaded this file on [date].
[Move to Trash] [Cancel] (buttons)
There is no button to bypass this. The only way to open the app is to open it twice with a right click directly from the Applications folder (not the launchpad). On the second try it gives you a button to "Open Anyway".
I remember that it took me some time to figure this out the first time I installed the app, and it continues to be an annoyance every time I update. More importantly, by bypassing Apple's notarization service, you're introducing a security risk for end users. The more comfortable people are with ignoring scary warning messages about installing malware on their computer, the more likely they are to accidentally install actual malware on their computer. It's not too hard to imagine a scenario where somebody hacks into, say, the Verus Discord, and sends everybody a link to install a mandatory Verus update, but links to a different Github repository with a maliciously altered version of Verus Desktop. Consistently using Apple's notarization service would provide an extra layer of protection for users in this scenario.
Last I checked, a developer account with Apple only costs like $100 per year. I think that would be worth the trouble.
The text was updated successfully, but these errors were encountered: