Does Etrecheck have the blessing/approval of Apple itself?

I work in IT. We are blocked from EtreCheck, but ironically we are blocked from most things.

Do I wish I could use it, feel it's safe, and would I though, if I weren't blocked?

Yes, yes, and yes.

I could really use it right now too *sigh*

P.S. Regarding Apple verifying the app/program, no they have not. If they had, you would see an official article that would specifically notate it as one optional app a user may consider installing based on the issue or reasoning, or an Apple advisor could directly advise you to download it as part of the troubleshooting process. The only one I'm aware of that tech support can recommend per Apple is Malwarebytes

Kurt Lang wrote:

If you want, you can download the entire source code for EtreCheck from GitHub and read through it yourself.

That is not a suggestion that I would have made in this context. 🙂

In any case, that statement is no longer true. When I switched from donation support to a traditional software license, I could no longer publish the entire source code on Github. Otherwise, people could just generate their own licenses. Even without the source, people are actively attempting to reverse-engineer the license code and are posting cracked versions on the Internet. I'm holding my own for now, but I could sure do without distractions like this thread.

HunterBD wrote:

My understanding is that simply by visiting a URL a computer can be infected with malware and the user remain completely unaware of this fact.

I believe I've addressed this possibility with you before, but allow me to expand.

The last time something like this was known to have happened to a Mac user was due to a Java vulnerability in the Spring of 2012 when a Flashback variant was reportedly able to infect ~100,000 Mac users. The vulnerability was quickly patched by Oracle, users have been strongly urged to avoid using the Java Internet Plug-In, and macOS has been fortified to sandbox it's use for those who insist on needing it.

It's clearly possible that this could happen again due to some other vulnerability that nobody is yet aware of and Windows users continue to discover such things, but as far as anybody knows, there is no such threat out there today to Mac users.

If the Etrecheck facility has been checked - by Apple itself - to ensure that it is completely safe for Apple customers to use, I'd really welcome that confirmation.

Apple does not routinely check any 3rd Party software that is not submitted to the App Store, and even those applications are primarily checked to ensure they abide by published rules for App Store apps. As you probably know, there have been occasions where such apps met the rules but still manage to either misuse data they are given access to or slip in other features that cause unwelcome behavior.

And of course, any time Apple is made aware of software that acts maliciously, they take action using XProtect, Gatekeeper and/or MRT to prevent their use. But they relay heavily on reports from users in knowing what they need to check.

If you have reason to suspect any 3rd Party software is behaving maliciously, report it to product-security where Apple may have time to look into it. I have done this with mixed results.

Forum rules don't permit to speak on behalf of apple , only malware bytes anti malware is more than sufficient to clean the Mac and nothing to install apart from it .

But , malicious softwares or codes , attacking through network , capturing outgoing network packets is possible , had experienced in my Mac rom- 0 -1 , rom - 0 - 2......malcious codes were downloaded in Mac ( the firmware password was still created ) , all system files were corrupted and had to erase the hard drive reinstall the operating system , factory reset the internet service provider router and air port express , changed all the passwords for Apple ID , iCloud id , web mail password , admin password , wireless network or base station password , used stealth mode , created a password for ISP router , firewall box was set ..etc

The user never know the site on internet is malicious ( social media sites like Facebook or others are risky ) , you click on a link the code is installed .

The user must be aware and any thing can happen any time .

HunterBD wrote:

Almost all contributors to the ASC agree that Apple products do not need external protection from the likes of www.clamXav.com - a product which sounds like it's 'too good to be true'. Perhaps I'm mistaken, but you appeared to be supporting the use of the software.

I have absolutely zero interest in your anti-ClamXAV crusade. I'm not really a fan of 3rd party Mac antivirus software in general, but I have nothing in particular against ClamXAV or its developer. I can certainly empathize with an innocent and hard-working software developer who has to deal with people spreading doubt and misinformation on the internet about their product. I want to be clear about this - in terms of your dispute with ClamXAV, I support ClamXAV actions 100%.

You final sentence sounds somewhat threatening, but I shall ignore that.

The only threat here is from you.

3rd party apps like EtreCheck have a very delicate relationship with Apple, who hosts these forums. Apple has been gracious enough to allow the use of EtreCheck on the forums because it helps so many people. But I have always felt that if EtreCheck, or any other 3rd party app being promoted or used here on the forums, starts to become a distraction or causes a problem, then Apple won't hesitate to ban EtreCheck, me, and any use of the app here in the forums.

Right now, things are going pretty well. People are happy. Sometimes people use EtreCheck to help solve problems with their Macs. Nobody, except you, is complaining. If you want to rock the boat, you can do so. If you push hard enough, you can make a change. I'm sure of that. You can make a lot of people less happy. You can make it more difficult for a lot of people to solve their Mac problems. Is that what you want? Is that what will make you happy? Then by all means, continue.

I was not threatening you in any way. I was simply saying that I have plan in place for this eventuality. I have a way to continue to make EtreCheck available for people to help solve their Mac problems in the future, even if it can't be used here in the forums. And I sincerely think that this approach will be very profitable for me. You do have the ability to hurt an awful lot of people with your continued actions - just not me personally. You weren't the first to start trashing EtreCheck in the forums and you won't be the last. But now, I've got a plan and the means to implement it.

liv0123 wrote:

I work in IT. We are blocked from EtreCheck, but ironically we are blocked from most things.

Do I wish I could use it, feel it's safe, and would I though, if I weren't blocked?

How are you blocked? A number of people have reported problems purchasing a license. I don't know what they are doing with their corporate firewalls that prevents an app from connecting to a standard web server on a standard web port. It is a constant battle against software pirates. I can't risk a public release of a version that can be activated without a secure exchange of tokens with my license server.

But even if you can't purchase a license, you can still use EtreCheck to diagnose problems. It will run 5 times without a license. That should be enough to identify a problem, troubleshoot it, and show that it is resolved. I also plan to reset that 5 run limit periodically so that people who have tried EtreCheck in the past can use it again in the future.

HunterBD wrote:

Sadly, that link didn't 'work' for me. Has it been 'doctored' in some way? No matter where one goes on the Internet, one can never be certain that it's safe to click on a link!

The link posted by LACAllen hasn't been "doctored" in any way. The link I provided goes to the same exact place. I omitted the "/web/" part because that is the final landing page after logging into the bug reporter.

The similar link posted by 'etresoft' DID work, though .... but with this result:-

As he is a Developer, I'm rather surprised that 'etresoft' was unaware of this restriction.

I was not unaware of this restriction. All bug reporting systems require you to create an account. How else would the developers be able to reach out to you to potentially ask more information, a clarification, or to ask you to confirm a fix? If you don't want to create an account, you can use the feedback link that I posted above. That is more of a "black hole" system where there is no possibility of ever getting a response.

To file a bug report in the Apple bug reporter, you have to create a free developer account. This is not the same type of account that would allow you to create apps. And, to be clear, even if you spent $100 or $500 for a real developer account, Apple would never give you any kind of approval. It simply doesn't work that way.

Oh, it's nothing on your end. It's our IT guy but mostly our head of security. I checked my so-called admin settings out of curiosity, bc I still tried knowing how insanely strict they are.

He's got them set up to appear to us as though we are administrators, just like anyone else who has those privileges.

Nope. He actually has us as managed users but has it display to us that we are listed as admin, not just upon login, but t/out settings. I looked around a bit though , thus, how I found out. Sneaky & well, just unnecessary .... just list us as standard users? We know we don't have root access but no admin? Bit ironic....

Worse, I can fix basic computer issues such as how my issue began. That's what I do. But, am I allowed to on my own iMac? Nope. Now, my iMac has gotten to the point where it's shot. I'm agitated bc I know I could've prevented it from becoming unusable. I now have to use someone else's. Grrrr....quite inconvenient & if I dare try to change the security settings whatsoever or any others for that matter to still try to fix it via privileges I need for certain tools, I'd get fired straight away. Soooooo, I have to deal for now & wait on IT to appear which will be??

Regardless, once they get mine back to me, I'm asking about etresoft though. We have tools, but I find your program log more user friendly & easier on the eyes, and I know my associates & clients would find it to be so too. I'd like to use it along with our diagnostic log too as desired for clarification on things or simply to have as an additional form of documentation that I feel is safe and credible.

Anyways.... time will tell

HunterBD wrote:

Are you aware of the names of such "third-party anti-malware products" approved for use by Apple?

No, Apple has never to my knowledge, recommended a third-party product of any kind.

They have always include Cisco's ClamAV scanner with Apple Server, but that would seem to be a second-party product.

HunterBD wrote:

Is there a simple reason?

Apple uses a single authentication system for any Apple site that requires Apple ID authentication. This authentication system requires you to log in with an Apple ID that has access to the requested resource.

If your Apple ID doesn't have access to the requested site, then you will be taken to a landing page where you may be able to request access. If your Apple ID does have access to the site, you will be immediately redirected into the site.

If you attempt to access a deep link into a site that requires authentication, then you may bypass that landing page and not have an opportunity to request access. That is what happened in this case. About 18 months ago, Apple re-designed the bug reporter to have a more modern web interface circa 2006. As part of that, it now redirects users into the "/web/" subdirectory. If you login to the bug reporter and copy the URL from the address bar, you are going to get the "/web/" subdirectory.

I manually removed the "/web/" subdirectory before I pasted my URL. I manually edit pretty much every Apple URL I post because they all have some funky redirection scheme. So yes, there was most definitely some "doctoring" of URLs. I "doctored" the URL I posted. Sometimes I doctor Apple URLs to ensure that users hit the proper landing page. Other times, I doctor Apple URLs to ensure that the user will be redirected to a version of a page more appropriate for their language and region instead of mine.

Now, is that a "simple" reason? The answer is yes. The simple reason is that you are automatically assuming conspiracy and malicious intent where there is none. Everyone who answers questions in this forum does so because they are trying to help people. As this is the public internet, there are always some scammers or bad actors with malicious intent. But in most cases, those people are spotted and reported right away. Then Apple's moderation team quickly removes their posts. But if a Level 6, like LACAllen with 16,295 points, posts a link, you can safely click on it. That's why we have the points and the levels.

Everybody here is always learning and trying to do their best. In fact, most people are always learning and trying to do their best. Maybe they write an antivirus apps like ClamXAV. Maybe it reports a false positive one day. Someone files a bug report about it and they fix it. They do better next time. Does that mean they deserve to be incessantly hounded across the internet for that one mistake years ago?

Sometimes people make mistakes. But they learn, try to do better, and eventually develop a good reputation. Other people never learn from their mistakes. They repeat them and develop a bad reputation. Which group do you want to be in?