Good news, everyone! Thought I'd provide a followup to this article and the piece of malware that was identified. First, it looks like our friend Donny eventually had his certificate revoked http://img.ly/CgQQ Second, if you now try to run this Installer, you'll get a warning, thanks to the XProtect mechanism in OS X, that you're trying to run "OSX.InstallImmitator.B" malware, and to not do that. http://img.ly/Cif2
I'd suggest PSA (Prostate-Specific Antigen) level, which isn't typically something a guy can do on their own, and would require a blood test, but could be a sign that something with your plumbing isn't quite right.
I can't help but try and stir the pot here, but when Apple only offered gender neutral measurements in HealthKit 1.0, some said they had a "Lady Problem." Now that they've listened, but only included mainly female-speficic metrics, could one say that Apple now has a Man Problem?
I found an interesting exception to the Yosemite rule that .kext files must be signed in order to load. There's a file, AppleKextExcludeList.kext, in /System/Library/Extensions. Right click and Show Package Contents, then go into the Contents folder. Open the info.plist file, and you'll see some interesting keys. One is OSKextExcludeList, which I assume is .kext files that are knows to not work with Yosemite, and OSKextSigExceptionHashList, which as you can probably guess, is a list of kernel extensions that are allowed to load without a signature. I found this while I was messing with the kasbert/OS-X-SAT-SMART-Driver (which allows one to…
This may also be why my Tivo Series 3 recently said "No more YouTube for you."
I'll be there to heckle, I mean, offer support, for my colleague. If you're in the CT area, please stop by!
Thanks, @vpndev, from what I can tell from Apple's own tech note on code signing, distributing a CRL (which I don't think is normal practice) or using an active CRL or OCSP is certainly possible, but of course introduces network traffic and whatnot. The thing is if you look at the cert that Apple issues to developers, the field that identifies the criteria for checking revocation, which points to an OCSP source, is listed as Critical : NO. So per their own guidance, they won't do an active check because their cert (perhaps along with Keychain Access settings) says not…
Thanks for the comments and discussion to help others deal with adware and malware. The major point, which our friend "Scott B in DC" above, a frequent contributor to Mac Geek Gab who has pretty decent security chops IMHO, is that no matter the application that you apply a certificate to, be it a web site and SSL, or code signing for Gatekeeper, is that if one detects a bad player, but does nothing to revoke their cert or inform others that this has happened, this seriously puts into question the value of anyone having a certificate in the first…
I'll throw in my vote for GraphicConverter for basic editing tasks, as well as being able to understand nearly every graphic format on the planet. For a bit more power, I've used GIMP. Not quite as polished as Photoshop, and you'll probably have to delve into the world of package managers and compiling it yourself, but the price is right.
Oh well, time to open another support case with Apple, I suppose. Lost connection this AM and saw the same familiar error in the Console: 11/18/14 8:44:52.000 AM kernel: wl0: Beacon Loss Event, last RSSI[-60] 11/18/14 8:44:52.000 AM kernel: AirPort: Link Down on en1. Reason 4 (Disassociated due to inactivity). Looking at the Extensions, it does look like they fiddled with the AirPortBrcm4360 driver, whose version has been updated from 9.0 to 9.0.1, and the problem seem to come up less frequently, but is still there.