Most of us, yours truly included, simply install the downloaded app direct from the package installer and never think twice about other options; probably because we don’t know there are other options. There are. There are all kinds of things inside those installer packages and the way to find out what’s there is with this free Mac app.
Seek And Install
Most Mac installers use a script which copies various files from the installer to your Mac, usually placing the correct files in the correct place. Most of the time we think little of what goes on, but what goes on goes on in secret unless you open the installer package.
That’s what Suspicious Package does. It’s a free Mac app that inspects OS X app installer packages. For example, take a look at what is inside JavaForOSX.pkg.
The Suspicious Package app scours the installer package and lists all the files, the total size, the file hierarchy, where it’s installed on the Mac, and answers a few basic questions that most Mac users seldom ask but should ask, especially if we download many Mac apps to try out.
- Do you know what files that OS X Installer package actually installs?
- Do you know what scripts it runs during installation, and what they do?
- Do you know who the package really came from?
The idea here is to increase your knowledge and add another layer of safety and security for your Mac. If you’re nothing more than curious, then Suspicious Installer will show which files from a new app install go where. If you’re worried about an app you downloaded, use Suspicious Package first so you can see exactly what is installed inside the installer package.
Suspicious Package looks and behaves much like the Mac’s Finder app, but digs in and finds more information about the app. It lets you examine the scripts used to install files, and can open the script in another app for a more granular perspective.
Even more important Suspicious Package gives you an opportunity to see the trustworthiness of a signing certificate which allows apps to be installed on your Mac (surprisingly, many Mac apps do not use Apple’s certificates and cannot be installed without changes to System Preferences). You’ll see the Gatekeeper and Developer ID and be able to inspect the certificate change.
Suspicious Package is itself a scriptable Mac app and that means you can automate certain functions using AppleScript. The built-in dictionary also teaches you about terminology used in app installer packages.
Yes, this is about as geeky as you can get on your Mac without opening up Terminal.app, but it’s also a good way to help keep your Mac secure and understand exactly how the Mac manages app installations to keep out malware.
Not bad for free.