SECURITY FEATURESFor those of you concerned that you may be losing control of your Mac, that is hardly the case in Catalina. In fact it borders on going the user too much control. Unless an app is "sandboxed" almost everything you do requires granting the app specific permission or access. I just attempted to save a screen shot I had edited in Graphic Convertor 11 to the Desktop only to be told the app did not have permission to do that. The fix:
- quit GC 11
- Open System Preferences > Security & Privacy > Privacy
- Select Full Disk Access
- Enter the admin password (or fingerprint)
- Add Graphic Converter 11 to the list of apps
- Check the checkbox next to GC 11
- Close System Preferences
- in a couple of cases a reboot was required at this point
- Reopen GC 11
- Re-edit the screen shot
- Save the Screen Shot to the desktop where it had been in the first place
NOTE: Access to Files and folders on removable volumes is a separate checkbox for some apps.
There are 15 different OS functions that apps have to be individually granted access to. (I have denied two games request for "access to the keyboard in other apps" — which appears as input monitoring in System Preferences > Security & Privacy — because I cannot imagine a legitimate reason for such access.)
Opening a non-Apple validated dmg requires a trip to System Preferences > Security & Privacy because
Apple cannot see inside to verify the dmg does not contain malware
Apple will happily validate the dmg for developers but it must be sent to Apple for
testing before they will validate it.
Turn on automatic login and Catalina will automatically remove Apple Wallet and all stored credit card data from your system — but only after giving fair warning.
I find I am spending more time in System Preferences > Security and Privacy than just about any other app in Catalina except Safari and Airmail granting permissions of one sort or another. Of course this is all in the name of
SECURITY and should slow down as Catalina is used. Rather than taking control away from users this puts far more precise control in the hands of the user, but I have to think it is going to be annoying for a LOT of non-technical or security-complacent (that's you Artie 😉) users.
