Codebook for macOS 3.5.2 Released


#1

Codebook for macOS 3.5.2 contains adjustments to Secret Agent to ensure the data it’s displaying is updated when you modify data using the main window. It also includes numerous bug fixes.

Changes in this version:

  • Fixes Magnify Window not properly appearing on macOS El Capitan
  • Secret Agent search results now filter out entries with no fields
  • Secret Agent Default Action now selects fields based on “First in the list” rather than prioritizing Email over Username and Password over PIN
  • Allows dashes in TOTP codes
  • Fixes inability to delete/revert backups on macOS 10.10
  • Fixes not properly reloading Secret Agent search results after modifying data through the main window
  • Fixes improperly displaying entry details in Secret Agent after entry was deleted by main window
  • Fixes Secret Agent incorrectly displaying Note Entries in search results
  • Fixes window height animation race condition which was causing empty results to display instead of resizing
  • Updates SQLCipher to version 3.4.2

Download: Mac App Store

If you purchased Codebook in the Mac App Store:

  1. Visit this link on your Mac
  2. Click the “View in the Mac App Store” button
  3. It will launch the App Store app and display the Codebook page
  4. Click the Install or Update button below the Codebook icon
  5. When installation completes click the Open button, or launch Codebook from Applications or Spotlight

Download: Direct from Zetetic

If you purchased Codebook directly from Zetetic (outside the Mac App Store):

  1. Download the update
  2. If Codebook is still running, quit the app
  3. Unzip the file, drag Codebook to your Mac’s Applications folder
  4. If prompted whether to replace the existing version, choose Replace
  5. Launch Codebook from Applications or Spotlight

Support

If you are having trouble updating or have any questions please get in touch with us at support@zetetic.net, or create a new topic post here on Discuss.


#2

Thanks, the download worked and all is ok


TOTP Invalid Code
#3

Thanks for all of the updates!
I download direct from zetetic and was wondering… Should there be a way to add some extra security to the download to verify that it is secure and the proper package? We’re dealing with some pretty sensitive information. I wouldn’t want the DL to get hijacked and inadvertently install malware.


#4

Hi @kylebradshaw, thanks for the feedback and good question! There is something in place to verify that the direct download binary comes from us and hasn’t been tampered with, and your Mac is probably already doing it.

When you download the direct version it’s a ZIP archive that contains a code-signed application (Codebook.app). That binary is signed with Zetetic’s Developer ID Certificate from Apple. macOS has a feature known as Gatekeeper that verifies the binary has been signed by Zetetic and that it hasn’t been tampered with in any way (changing the binary invalidates the signature).

To enable (or confirm) this behavior on your Mac, go to System Preferences > Security & Privacy, and ensure that “App Store and identified developers” is checked under “Allow apps downloaded from:”

You can also check via the command line to see whether or not the downloaded app is validated using the system security policy tool in Terminal:

$ spctl -a -v --type execute /Applications/Codebook.app
/Applications/Codebook.app: accepted
source=Developer ID

Certainly there are additional strategies we could employ, but validation via code-signing seems to be the most important thing we could do to prevent you from downloading malware from our site posing as Codebook. Please let us know what you think!