top | item 37055146

(no title)

It looks like Apple has revoked the developer certificate. Anyone know if there's a public log somewhere showing when it was revoked?

The app was blocked from loading, but I still saw the two dylibs running. I wondered if it was because the certificate was revoked after they had already started. However, logging out and back in still showed them running. Perhaps they're persisting through log outs?

As well, I got a prompt from the macOS firewall to allow the mentioned AutoUpdate binary to listen for connections. That makes me think all of this was deployed in the last few days.

Edit: A reboot gave me the `“NightOwl” will damage your computer. You should move it to the Trash.` dialog. Allowing that did not fully clean things up (leaving a non-functional `/Users/*/Library/LaunchAgents/NightOwlUpdater.plist` in place and the usual preference files). For me, Hazel cleans those up.

I think for non-technical users who may not be familiar with the terminal would be to direct them to reboot.

discuss

lapcat|2 years ago

> It looks like Apple has revoked the developer certificate. Anyone know if there's a public log somewhere showing when it was revoked?

No, Developer ID doesn't use a Certificate Revocation List:

https://lapcatsoftware.com/articles/revocation.html

deviantintegral|2 years ago

Given https://eclecticlight.co/2023/08/08/apple-has-just-released-... it does look like it was revoked in response to the original article, and not the other way around.