Does Etrecheck have the blessing/approval of Apple itself?

FYI: it is utterly absurd to ask that we get a developer to "appear" here to defend his software.

Did you know why I was redirected?

Yes. Like most Apple websites which requires login, you are redirected to idmsa.apple.com.

Have you ever looked at where you go when you sign in here?

My understanding is that simply by visiting a URL a computer can be infected with malware and the user remain completely unaware of this fact.

Your understanding is poor, at best.

While it still may be possible to get something to download and you miss the animation and download button popping up, you would still have to run the malware in order to infect yourself.

Apple does not check any software "to ensure that it is completely safe," even on the App Store. App store apps are only checked to confirm they comply with App Store rules, which may or may not make them "safe."

I would very much like Apple itself to verify that the product is safe to use.

As most of your questions cannot be answered here, why don't you actually contact Apple rather than asking other users who do not have the capability to do what you want. Call Apple support and/or use the feedback options.

I, for one, prefer to use my time here to actually help people rather than waste it.

How can you take such an answer as serious from a person who had never tested it? You could use that logic in millions of conversations. Such as, "I've never owned or even driven one, but Fords are terrible automobiles." This statement, by the way, was from a person who would routinely tell people that a multi-thousand character Unix command he wrote was completely safe. There are likely less than a 100 people in the entire world who could read through that and tell you what each and every command did. But, you were simply supposed to trust it.

As far as safe? There's no way to know if a single bit of software or hardware you use is completely safe. Third party software? No more or less dangerous than the software provided by Apple. You have no idea of a disgruntled Apple engineer didn't sneak some sort of destructive trigger into a seldom used function.

What about the CPU, or other hardware components purchased by Apple to build their Macs? They didn't write a single line of code for those. So, I guess we shouldn't trust those as being safe, either.

If you want, you can download the entire source code for EtreCheck from GitHub and read through it yourself.

I work in IT. We are blocked from EtreCheck, but ironically we are blocked from most things.

Do I wish I could use it, feel it's safe, and would I though, if I weren't blocked?

Yes, yes, and yes.

I could really use it right now too *sigh*

Kurt Lang wrote:

If you want, you can download the entire source code for EtreCheck from GitHub and read through it yourself.

That is not a suggestion that I would have made in this context. 🙂

In any case, that statement is no longer true. When I switched from donation support to a traditional software license, I could no longer publish the entire source code on Github. Otherwise, people could just generate their own licenses. Even without the source, people are actively attempting to reverse-engineer the license code and are posting cracked versions on the Internet. I'm holding my own for now, but I could sure do without distractions like this thread.

HunterBD wrote:

My understanding is that simply by visiting a URL a computer can be infected with malware and the user remain completely unaware of this fact.

I believe I've addressed this possibility with you before, but allow me to expand.

The last time something like this was known to have happened to a Mac user was due to a Java vulnerability in the Spring of 2012 when a Flashback variant was reportedly able to infect ~100,000 Mac users. The vulnerability was quickly patched by Oracle, users have been strongly urged to avoid using the Java Internet Plug-In, and macOS has been fortified to sandbox it's use for those who insist on needing it.

It's clearly possible that this could happen again due to some other vulnerability that nobody is yet aware of and Windows users continue to discover such things, but as far as anybody knows, there is no such threat out there today to Mac users.

If the Etrecheck facility has been checked - by Apple itself - to ensure that it is completely safe for Apple customers to use, I'd really welcome that confirmation.

Apple does not routinely check any 3rd Party software that is not submitted to the App Store, and even those applications are primarily checked to ensure they abide by published rules for App Store apps. As you probably know, there have been occasions where such apps met the rules but still manage to either misuse data they are given access to or slip in other features that cause unwelcome behavior.

And of course, any time Apple is made aware of software that acts maliciously, they take action using XProtect, Gatekeeper and/or MRT to prevent their use. But they relay heavily on reports from users in knowing what they need to check.

If you have reason to suspect any 3rd Party software is behaving maliciously, report it to product-security where Apple may have time to look into it. I have done this with mixed results.

Forum rules don't permit to speak on behalf of apple , only malware bytes anti malware is more than sufficient to clean the Mac and nothing to install apart from it .

But , malicious softwares or codes , attacking through network , capturing outgoing network packets is possible , had experienced in my Mac rom- 0 -1 , rom - 0 - 2......malcious codes were downloaded in Mac ( the firmware password was still created ) , all system files were corrupted and had to erase the hard drive reinstall the operating system , factory reset the internet service provider router and air port express , changed all the passwords for Apple ID , iCloud id , web mail password , admin password , wireless network or base station password , used stealth mode , created a password for ISP router , firewall box was set ..etc

The user never know the site on internet is malicious ( social media sites like Facebook or others are risky ) , you click on a link the code is installed .

The user must be aware and any thing can happen any time .

HunterBD wrote:

Almost all contributors to the ASC agree that Apple products do not need external protection from the likes of www.clamXav.com - a product which sounds like it's 'too good to be true'. Perhaps I'm mistaken, but you appeared to be supporting the use of the software.

I have absolutely zero interest in your anti-ClamXAV crusade. I'm not really a fan of 3rd party Mac antivirus software in general, but I have nothing in particular against ClamXAV or its developer. I can certainly empathize with an innocent and hard-working software developer who has to deal with people spreading doubt and misinformation on the internet about their product. I want to be clear about this - in terms of your dispute with ClamXAV, I support ClamXAV actions 100%.

You final sentence sounds somewhat threatening, but I shall ignore that.

The only threat here is from you.

3rd party apps like EtreCheck have a very delicate relationship with Apple, who hosts these forums. Apple has been gracious enough to allow the use of EtreCheck on the forums because it helps so many people. But I have always felt that if EtreCheck, or any other 3rd party app being promoted or used here on the forums, starts to become a distraction or causes a problem, then Apple won't hesitate to ban EtreCheck, me, and any use of the app here in the forums.

Right now, things are going pretty well. People are happy. Sometimes people use EtreCheck to help solve problems with their Macs. Nobody, except you, is complaining. If you want to rock the boat, you can do so. If you push hard enough, you can make a change. I'm sure of that. You can make a lot of people less happy. You can make it more difficult for a lot of people to solve their Mac problems. Is that what you want? Is that what will make you happy? Then by all means, continue.

I was not threatening you in any way. I was simply saying that I have plan in place for this eventuality. I have a way to continue to make EtreCheck available for people to help solve their Mac problems in the future, even if it can't be used here in the forums. And I sincerely think that this approach will be very profitable for me. You do have the ability to hurt an awful lot of people with your continued actions - just not me personally. You weren't the first to start trashing EtreCheck in the forums and you won't be the last. But now, I've got a plan and the means to implement it.