In November 2020, Apple experienced issues with certificate checks for macOS, causing devices to slow down. The company promised several improvements, including stopping the collection of IP addresses and introducing encrypted certificate verification, but dropped the planned "offline" mode.
"It Was About Time"
The service is built into macOS and is supposed to simply verify that the user is launching the correct program, not a malicious copy. The problem is, many don't believe that's all Apple is doing. When macOS Big Sur was launched last week and the whole system crashed, many users reacted. Fortunately, Apple now announces they are making changes so that users can launch apps even if the company's servers struggle. MacOS checks whether a file is safe and performs a quick certificate check against Apple's servers. But as mentioned, if the service struggles, users have trouble opening apps, and the machine may seem slow. Fast forward to the following year, and the company promised to give users the ability to bypass online checks if problems arise. Another question raised at the time was whether Apple knows which apps users are running.
Apple promised they weren’t spying on this and outlined the improvements to come: “To further protect privacy, we have stopped logging IP addresses linked to Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from the logs. Additionally, we will introduce several changes to our security checks over the next year:
Improvements Announced by Apple:
A new encrypted protocol for Developer ID certificate revocation checks
Strong protections against server errors
A new option allowing users to opt-out of these security protections
A message appears if macOS is unable to check whether the app is safe or not.
Likely Won’t Happen
“Apple did implement some of the promised changes, such as stopping the collection of IP addresses and creating a new encrypted protocol for Developer ID certificate checks,” says 9to5Mac. However, they point out that the company still hasn't provided a solution to avoid online app verification if their service experiences issues.
To make the situation even more puzzling, Apple removed all references to such an "offline" mode over the past year. This leads 9to5Mac to believe that Cook & Co. have likely abandoned the feature that would allow users to disable the online verification check.
Background
To put things in context, each time you run an app on your Mac, a few verification checks are made. Making ensuring the software is free of viruses and that the developer certificate linked to it is still valid are the two main checks. App notarization is the term used to describe these widely accepted safety measures for users.
Generally, the checks just fail and your software launches normally if you're using your Mac offline. But instead of just failing, macOS was still trying to verify the servers at the time of this server outage. As a result, apps had excruciatingly long launch times.