Tweetbot 3 Invalid Code Signature

General discussions about Little Snitch
mrbreadcrumb
Posts: 2
Joined: Sun Jun 10, 2018 11:32 pm

Tweetbot 3 Invalid Code Signature

Postby mrbreadcrumb » Sun Jun 10, 2018 11:46 pm

I realize that there is a possibility that the following issue may be a strange Mac Appstore issue more than a Little Snitch issue, but I figured I'd try.

I recently purchased Tweetbot 3 from the app store (after having used Tweetbot 2 previously).

For whatever reason something went a little off when I downloaded the app. Instead of replacing the previous Tweetbot or making a new application called Tweetbot 3, it put the new app in a folder called Tweetbot alongside the old app. I then removed the old app and moved the new Tweetbot app to the top level of the Applications folder. At this point the connection stopped working in Tweetbot. I didn't yet realize Little Snitch was blocking it, so I deleted it and re-installed, restarted, and continued to be unable to make a connection.

Finally I realized Little Snitch thought the code signature was invalid. Checking with the command line reveals a valid signature.

Running "codesign --verbose=4 --verify `pgrep Tweetbot`"

Gives the result:

1152: dynamically valid
--prepared:/Applications/Tweetbot.app/Contents/Frameworks/PTHCommon.framework/Versions/Current/.
--validated:/Applications/Tweetbot.app/Contents/Frameworks/PTHCommon.framework/Versions/Current/.
1152: valid on disk
1152: satisfies its Designated Requirement

However no matter how many times I remove and re-install, delete the rule, restart, and try again, Little Snitch pops back up to say the code signature is invalid.

Now, obviously I can write a rule to except Tweetbot from the signing requirement, but I'd really rather be able to know if something really did modify it on disk to do something nefarious.

I'm stumped. Thanks for any input.

Edit to add: To make matters worse, in the Little Snitch Configuration editor itself, if I click on the rule that pops up when I try to run Tweetbot and go down to the checkmark in the right hand pane it give me a green "Valid Code Signature" check. So somehow Little Snitch keeps popping up with a rule to block Tweetbot due to an invalid code signature... and also reports it has a valid code signature.

Is there some cache I need to reset? Does deleting the rule not really get rid of it so it's the same rule popping back up somehow?

mrbreadcrumb
Posts: 2
Joined: Sun Jun 10, 2018 11:32 pm

Re: Tweetbot 3 Invalid Code Signature

Postby mrbreadcrumb » Mon Jun 11, 2018 12:17 am

OK. After a few more tries, I seem to have resolved this, though I'm not entirely sure what happened.

I had an old rule allowing Tweetbot to connect. After deleting that rule along with the invalid code signing block, the code signing block now does not return when I relaunch Tweetbot. Nor does any specific unapproved rule get made to replace the one I deleted (I'm running in silent mode). (I guess it's covered by something else, though I can't quite figure out what.)

In any case, I'm not sure exactly why that all worked as it did, but it seems to be working now.


Return to “Little Snitch General”

Who is online

Users browsing this forum: Baidu [Spider] and 0 guests