Product security

You can use the information on this page to check the integrity of your Sqwarq product.



Security measures

All Sqwarq apps are code signed with our Apple Developer ID which prevents anyone modifying the bundle between our signing it and you launching it.

In addition, App Fixer, Boot Buddy, Critical Updates, DetectX, DetectX Swift, and FastTasks 2 all include anti-tampering devices that check on every launch that the code signing is correct.

For extra security, this page also lists the checksum for the latest version of each of those products.


How to check the codesigning

As stated above, Sqwarq products have robust checks to ensure that code signing is correct and has not been interfered with. However, if you wish to make a manual check of the code signing requirements, you can do so by following these instructions:

i. Open the Terminal.app
Terminal is located at /Applications/Utilities/Terminal.app.

ii. Enter
At the Terminal prompt, type (or copy and paste) the following:

codesign --display -r-

and add a space.

iii. Enter the path to the app’s binary.
The easiest way to do this is to drag the app from the Finder into the Terminal window. Using DetectX Swift as an example, you should now see this:

codesign --display -r- /Applications/DetectX\ Swift.app

iv. Enter

/Contents/MacOs/DetectX\ Swift

(often, you only need to type the first letter of each folder and then hit the ‘tab’ key for autocomplete).

Assuming DetectX Swift is located in your /Applications folder, the whole thing should look like this:

codesign --display -r- /Applications/DetectX\ Swift.app/Contents/MacOS/DetectX\ Swift

v. Hit ‘return’ on your keyboard to execute the command.

Note the developer id at the end of the output:

MAJ5XBJSG3.

A valid version of any Sqwarq app will have that exact developer id and no other.


How to verify the checksum

For extra reassurance, you can also validate the checksum on the binary. If the checksum does not match what you see below for the stated version, the app should be deleted and a fresh copy downloaded from Sqwarq.com.

New : you can now validate the checksums automatically by running this script.
The sha256 checksum for the script itself is 52ee1999cb25ac669f3e895da466cbb6b645e43bf322b5157c8066e6d405be75

To validate the checksum’s manually, use the following to verify the checksum for the current version of each app (assuming each of the apps mentioned below is in the /Applications folder; if the app is located somewhere else, adjust the path appropriately. This does not affect the checksum result).

Note that the checksum changes with each update, so you must either use the script mentioned above or check back here to find the latest checksum after each update:

App Fixer 1.7
shasum -a 256 /Applications/App\ Fixer.app/Contents/MacOS/App\ Fixer
Result: dd304f7c17372987be8ea47e100675eebc4b427f4e0ea883e9f9db4b0c29d1d4

Boot Buddy 1.01
shasum -a 256 /Applications/Boot\ Buddy.app/Contents/MacOS/Boot\ Buddy
Result: 11e59321691bcba4744e3b3b515260ad0efe8de8b8d6e9a7a3854c2302464bf5

Critical Updates 1.60
shasum -a 256 /Applications/Critical\ Updates.app/Contents/MacOS/Critical\ Updates
Result: 77304512f73dd096af28bc82145581437681500ad434b368b99a699f4d345984

DetectX 2.89 (not DetectX Swift)
shasum -a 256 /Applications/DetectX.app/Contents/MacOS/DetectX
Result: aba8e73e314a3cf9da03d0ee2fab34e51578fa4bc15c581f94d7f82956e4a8cf

DetectX Swift 1.081
shasum -a 256 /Applications/DetectX\ Swift.app/Contents/MacOS/DetectX\ Swift
Result: 70d371a2bf556cd16b79c180a3dd36ea4391a6eb7d457a468f8b51d97e65d83f

FastTasks 2 2.51
shasum -a 256 /Applications/FastTasks\ 2.app/Contents/MacOS/FastTasks\ 2
Result: cf11c6c462f537d74c6927d2e668d2d618b06eaa4237e73e60aeab7c5f760ebb

If you encounter any anomalies or difficulties with the above, do not hesitate to contact us at Sqwarq Support.