Bisq requesting permissions for keystrokes on all apps [osx catalina] #3373
Comments
No I don't know why Bisq would need this functionality. I guess this is something that needs to be configured for macOS 10.15 in the javapackager. Thanks for bringing this up! Would be great if someone picks up this issue and does further investigation how to prevent this unnecessary permission request. |
|
Theres not much online (i looked) and im not a java person, but this project also had the same issue: Theres also this bug in open JDK (not sure if you're using that or regular java) https://bugs.openjdk.java.net/browse/JDK-8231513 Now also this in SO When i searched it 20 mins ago there was less than 10 results now theres quite a few, im guessing its in a lib you are using. This says the OpenJDK 11.0.4+11 packager will support hardening by default (which is a new catalina requirement) however I suspect it isn't the root cause of this. I think somewhere something is making a call to the wrong API, however updating the jdk version you use might correct this (looks like you are on 10 at the moment but there are some reasons you didnt upgrade yet from dev notes) |
|
Yes, I hope there is a way to fix this without upgrading Java version as we are stuck at 10 because of the lack of javapacker support in newer versions. OpenJDK is working on it, but haven't finished it yet. |
|
At the risk of piling on, this was very jarring for me to see, as I just installed and launched for the first time. I was about to submit the same issue when I found this one. Blocking the permission request is trivial, but I'd suggest that the reputational damage among non-technical users will be heavy. |
Yes this is something I'll focus now, as the big v1.2 release with all its aftermath is finally over. |
|
If it is the event tapping implementation of JavaFX we hopefully could get away with only updating the JavaFX libraries and not with the requirement to update to Java 11+ |
|
I was about to submit the same issue when I found this one: I confirm that such a message scares enough, LOL!
|
ripcurlx
added
the
is:priority
|
It is fixed but not released already in openjfx14, but that requires at least JDK 11+. We were stuck until recently to JDK 10 because of the lack of JavaPackager, but it seems that there is progress made https://bugs.openjdk.java.net/browse/JDK-8200758 as well. |
|
That's really intimidating. |
|
This is unacceptable |
|
@ripcurlx Any update regarding JavaPackager? |
|
Sorry I got irritated. A currency trading app should most definitely not give any impression that it's trying to steal all your secrets. I understand it's not the developers fault, but I've removed the app. Even though I declined permission for logging all my keystrokes(!), it still installed itself as an option in the privacy and security options, on osx, unchecked but still. Good luck, again sorry to have initially been rude. |
|
@Brainfrazzle Its an OSX/Java issue, see discussion above. |
|
So there is a workaround. Post-install you can remove the permission in your system settings. It doesn't actually use the permission, so it won't break the app. |
|
@jobrienski Can you explain more in details (I don't have that OSX version installed). |
|
You go to "settings>security&privacy>Input Monitoring" and uncheck Bisq.app. |
|
Added a PR to address the issue: #4464 |
|
We are in 2021 and the message still pop up. I am just learning about bisq and the message it is not encouraging too much |
Hi @coyr! This is fixed already for quite some time (months) in #4242, but unfortunately this PR is still pending because of some installer customizations for Windows. Should be ready for the next release if nothing unexpected pops up again. |
|
Just tried installing on my Mac and same popped up! Its 2021. |
|
Don't mean to pile on here, but also experiencing this after a fresh download macOS Catalina 10.15.16 Obviously not the type of thing you want to see when you download any application let alone one not signed by Apple and involving money 😛 Really bad optics 👀 Update: I'm now seeing the "Due to stricter measures" popup. Which makes things even more sketch 😆 |
If you run the v1.6.3 pre-release the problems should be gone already. The public release will be published soon. |
|
Should be fixed in the most recent release (v1.6.4) which includes notarization of the macOS binary. Please try it out and let us know if it's still an issue for you. |
|
I'm still getting this prompt and I am using version 1.7.4 |
When I first started bisq (v1.1.7) after upgrading to catalina, i got the following (disturbing) message:
Repro:
Install bisq on OSX 10.15, run it. Shows permission request
Expected:
There is no reason bisq would need this permission I can see, so the permission shouldnt be requested
The text was updated successfully, but these errors were encountered: