|
|
|
|
|
|
by Robdel12
233 days ago
|
|
|
This is ridiculous. The macOS app is signed. codesign -dv /Applications/Obsidian.app
Executable=/Applications/Obsidian.app/Contents/MacOS/Obsidian
Identifier=md.obsidian
Format=app bundle with Mach-O universal (x86_64 arm64)
CodeDirectory v=20500 size=759 flags=0x10000(runtime) hashes=13+7 location=embedded
Signature size=8975
Timestamp=Sep 29, 2025 at 12:22:41 PM
Info.plist entries=39
TeamIdentifier=6JSW4SJWN9
Runtime Version=15.4.0
Sealed Resources version=2 rules=13 files=23
Internal requirements count=1 size=172
Also, I love OSS as much as the next person, but not everything needs to be. |
|
|
This is of course true of many other apps we run on Mac (though I suspect a non-zero number of common apps have backdoors); Obsidian also runs without sandboxing though, is used by many to record their innermost thoughts, and as the author mentioned, there's also the potential for data to leak via compromised extensions.
Am I missing something, or does the fact that it's signed tell us nothing except that the Obsidian company signed off on it? If so, I'd really like to understand if you had a purpose of sharing this... is there a tacit implication that "surely a company can be trusted"?