2

I had to recently reset macOS Monterey on my macbook, but it then asked to download and install the latest version. Currently I am at university, so I did not know if it was the best idea to either install the update using my phone's hotspot with data, or if I should use the university wifi (which I don't know if I necessarily trust completely).

If anyone could give me some insight, that would be great

TheGeno
  • 33

2 Answers2

1

Trust could mean a few different things, but the first that come to my mind can be easily alleviated:

  • Trust it to not disconnect mid-upgrade: not a problem.
    The entire upgrade is downloaded before it starts. If the download is interrupted, it will continue from where it left off. Once downloaded, internet connectivity is no longer necessary.

  • Trust it to not be intercepted: not a problem.
    Upgrades are code signed using Apple’s signature, which Gatekeeper will verify

    Some software updates are automatically verified
    When you download and install an update from Apple, Apple's digital signature is automatically verified before installation.

    https://support.apple.com/kb/HT202369

and you can still verify yourself: How can I determine if a certain .app file is signed.

Therefore you should just use the University network as it will be faster.

grg
  • 201,078
  • Yeah @grg I meant trust as in anything getting intercepted or any malware getting injected during the installation. Do you know of any ways to verify the installation at the end, or should I just trust gatekeeper to have the authentic apple installation – TheGeno Jan 24 '22 at 23:21
  • @TheGeno See https://apple.stackexchange.com/q/82587/37797, you can run this on the ‘Install macOS Monterey’ app – grg Jan 24 '22 at 23:23
  • Hi @grg, since the 'Install macOS Monterey' app is not yet installed (I'm currently at the recovery page), would I just verify it after I actually install Monterey, or is there a way I can do it from the recovery page itself? – TheGeno Jan 24 '22 at 23:35
  • @TheGeno As you’re in recovery, I’m not sure how you would check it manually. It’s still having its signature checked automatically by the recovery environment though. – grg Jan 24 '22 at 23:38
  • Ok, I'll try installing it then. Do you know of any ways to verify the install afterwards by any chance @grg? – TheGeno Jan 24 '22 at 23:39
0

Apple has a lot of safeguards in place to make sure that internet recovery is secure. It's not publicly documented, but I'd imagine it's hard-coded to happen only over an encrypted connection that's not easily MITM'd. Additionally, if your macbook is a 2018 or later model, you're protected by Secure Boot.

I'd go ahead and use the university wifi.

Cody
  • 744