From 89cdf0f870be86e1f1049f3b10bf2673af08e98f Mon Sep 17 00:00:00 2001 From: kimg45 <138676274+kimg45@users.noreply.github.com> Date: Sun, 11 Aug 2024 22:08:21 -0500 Subject: [PATCH] add mention of ocsp encryption --- content/posts/macos/macOS Security Overview.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/posts/macos/macOS Security Overview.md b/content/posts/macos/macOS Security Overview.md index 444e8bb..bee84dd 100644 --- a/content/posts/macos/macOS Security Overview.md +++ b/content/posts/macos/macOS Security Overview.md @@ -65,7 +65,7 @@ XProtect is the built-in antivirus software in macOS. Like all AV, it's a last l XProtect uses YARA signatures and is updated frequently, independent of OS updates. This is one of the many reasons you should be cautious about blocking connections to Apple servers; many of them serve a security purpose, so make sure you know what you're blocking. It can also detect unknown malware using heuristics. When it detects unkown malware, it will send information about that software to Apple so that they can update the signatures in XProtect. -Apple also issues revocations for notarization tickets, which are detected with online OCSP checks. Blocking these checks will make you more vulnerable to malicious apps. +Apple also issues revocations for notarization tickets, which are detected with encrypted online OCSP checks. Blocking these checks will make you more vulnerable to malicious apps. ## System Integrity Protection