Frequently Asked Questions
Looking for something specific? The User Guide, Formats, Reversing Topics and FAQ are indexed within the app — open Archaeology, click on the Help menu (Command-?), and type in the Search field. Results listed under Help Topics link directly to the appropriate section here.
What versions of macOS does Archaeology support?
- macOS 14 (Sonoma)
- macOS 13 (Ventura)
- macOS 12 (Monterey)
Does Archaeology automatically check for updates?
Yes, once every 2 weeks — or less, if you use it less often — Archaeology will download a small file from our website to get the current version number. If a newer version is available, you'll see an Update Available button on the right side of the app's title bar:
Click on Update Available to open the Archaeology download page, where you can get the latest version.
If you want to change the frequency with which Archaeology checks for updates, or turn off automatic checking entirely, use Archaeology > Preferences > Update:
Archaeology never automatically downloads or installs the actual updated app. You make the decision about when or if to download it, and where and how to install it.
Is Archaeology “sandboxed”? What entitlements does it have?
Yes, Archaeology is sandboxed. You can examine the entitlements using Apparency or Archaeology itself.
To quickly open Archaeology using Archaeology, use Cmd-Option-O. Select and decode Code Signature for one of the architectures, and then decode Entitlements (or DER-encoded Entitlements).
However you view them, you'll see that Archaeology has the following entitlements:
|com.apple.security.files.user-selected.read-write||YES||This allows Archaeology to see the file or directory that you tell it to open — even if it's in a
place that is not otherwise accessible to sandboxed apps, such as inside your home folder.
Archaeology requests the
|com.apple.security.application-groups||936EB786NH.com.mothersruin.MRSFoundation.ASN1AnnotationStore||This declares an app group container that Archaeology shares with our other apps. This group container is used to store the comments that you annotate to ASN.1 data. This is sideband data, by definition. We store it in this group container on the theory that it could be used and loaded by another app that shows ASN.1-format data — although at the moment, we don't do this elsewhere.|
|com.apple.security.temporary-exception.mach-lookup.global-name||com.apple.security.syspolicy||This allows Archaeology to talk to the /usr/libexec/syspolicyd daemon, which is required to
check notarization status. Archaoelogy uses this to evaluate a
Code Signing Requirement, if it includes a |
Within Archaeology, there is one other component that is also sandboxed, and thus has explicit entitlements. Under the MRSFoundation.framework component, you'll find a com.mothersruin.MRSFoundation.UpdateCheckingService.xpc XPC service. This is the component that performs the periodic check for updates, and is entitled as follows:
|com.apple.security.network.client||YES||This allows the XPC service to make an outgoing network connection, in order to fetch this file, which contains the information about the current version of Archaeology available for download.|