Privacy and Security

Assessment Disaggregation is designed to minimize the necessary permissions to perform the calculations and produce the output files. There are a few key concepts this section covers.

1. Code signing and notarization

2. Limited permission install

3. In-memory file generation

4. Auto updating system

On both Windows and macOS, the application is code signed. This prevents the application from running if it has been altered by a third party. The macOS version takes this a step further with two technologies: the hardened runtime and application notarization. The hardened runtime provides limited access to the system through a system of entitlements. In the case of this application, the system only grants access to files that the user explicitly selected through the system open/save dialog box; the application does not have access to other files on your system. Notarization verifies the application code signing and scans the application for malicious components.

Because the application is designed to run with limited permissions, it can be installed on both Windows and macOS by non-admin users. Standard Windows users can simply download the application and double click on the installer. This will install the application in their own user space (no system-level privileges needed). Similarly, macOS users need not have admin access. Once the application is downloaded, the user can move the application to any area of the file system that they have write access.

The application is also designed to never write temporary files to the system. When a file is selected, the relevant data is loaded into an in-memory database. All calculations are performed using this database. Because the database is in-memory, it no longer exists once the application is closed. Finally, because it is always possible there is a bug in the software, the application automatically updates itself in the background (similar to Google Chrome).

What is up with the Microsoft Defender SmartScreen Warning?

On some Microsoft Windows systems, you might receive the following warning from Microsoft Defender SmartScreen. The below screenshots are from before (left) and after(right) you click the more info button.

This warning appears when an application hasn't established enough of a 'reputation' with Microsoft through many downloads (believed to be about 3000) of the application (some of this is described in this Microsoft document). As this is a niche application, it is unlikely to ever establish this reputation through downloads. Alternatively, an application can gain immediate reputation by obtaining an "Extended Validation" code signing certificate; unfortunately, these certificates are only available to organizations, not individuals. Nonetheless, the dialog box can be bypassed by clicking 'more info' and 'run anyway.'