MB not an Identified Developer?

[deadeye]

I thought it strange that I was requested to approve Malwarebytes for Mac install because it was not an identified developer with Apple. Is this really true?

When I looked at the SSL Cert for the support.malwarebytes.com webpage it didn't reference Malwarebytes.com anywhere except as an ALT DNS name with a whole bunch of others. I also thought the main Malwarebytes.com should be coming up with the green padlock just like an EV certificate from Apple.

 

[alvarnell]

Malwarebytes for Mac is definitely signed with their Apple Developer ID as shown by RB App Checker Lite. Not sure why your computer would say it isn't.

I suspect that having a standard certification rather than an EV is simply a matter of expense, but Malwarebytes may have other reasons. I just checked a dozen different security related sites and only Sophos and ClamXAV use an EV cert. Even SAN's Internet Storm Center and the US CERT government site use standard certificates.

 

[treed]

Both the installer and all the installed executables are definitely signed, using an official Apple developer certificate. If macOS is saying it's from an unidentified developer, then either there's a glitch with your system or the downloaded file itself is not good. Make sure to download the installer directly from here:

https://malwarebytes.com/mac

As for the certificate for the support.malwarebytes.com site, that site is run for us by Jive.

[deadeye]

Thank you for the replies. I am glad to hear the ssl certs are good.

I downloaded the RB App Checker Lite from the App Store and ran both the package and the application through App Checker Lite. In the first screenshot I notice these differences: The signing times are different, The Gatekeeper assessment is missing and the application is not sandboxed. The second screenshot has some more info about the package. I see there is an alert about an OSerror and also see that there are other files which have an executable permissions that perhaps they shouldn't have.

Any feedback about why these differences are here?

 

[alvarnell]

7 hours ago, deadeye said:

The signing times are different

You and I live in different time zones.

Quote

The Gatekeeper assessment is missing and the application is not sandboxed.

At the time of the assessment, I had not yet launched the app, so it was still quarantined (subject to Gatekeeper evaluation) and sandboxed.

I have no idea what that folder is. I cannot even find it within the .pkg using Pacifist or Suspicious Package. So no comment on that one, other than to say it isn't unusual to find that a few individual pieces of a bundle are unsigned. Not being a developer, I'm not sure how Xcode allows that to happen.