alt Hacker NewsNormalize Identifying Corporate Devices in Your Software
Comments
I use MDM on my own systems because it gives me a bit more control. It's also a superior form of device oversight for kids.
Having a device enrolled in an MDM package does not make it a corporate device. Many corporations require personal devices be managed to support remote wiping. If I install a productivity or developer tool on my personal phone or laptop for personal non-corporate use I would get mistaken as a corporate user by this process.
If you want to collect this information you should be clear about it and know and understand your edge cases before you start attempting enforcement actions based on it if that is the intent.
In general in my experience, personal tools are a VERY hard market to sell into for corporate environments (I took a peek at what the software on OPs site requires a commercial license to use). I would bet most if not all of what you're catching here is unauthorized installs in a corporate environment and you're more likely to loose interested users than sell more commercial licenses.
Never trust software that doesn't trust you.
(And yeah, I know. That's a whole lot of software to never trust.)
I heard folks here used MDM to give themselves more control over Apple security features that they otherwise don’t. This code example and scenario penalizes them by side effect
It always seemed weird to me when people call shell binaries from the middle of a desktop app. What's wrong with finding the actual OS API instead?
There appear to be ulterior sociopolitical motives held by the author, which involve using the blanket term "genocide-friendly software" [1] to refer to anything OSI-licensed (implicitly suggesting all contributors to anything not using his homebrewed license are supporters of genocide?)
This does not look like a technical or business decision, but rather a malicious function used to identify users (and/or their employers) for arbitrary reasons, under the guise of "licensing compliance."
[1] https://github.com/LGUG2Z/komorebi-license?tab=readme-ov-fil...
Oh no they'll find out my company is i.manage.microsoft.com/DeviceGatewayProxy/ioshandler.ashx?Platform=MacMDM
As with every similar heavy-handed approach to enforcement you are making life difficult for the 99% of regular, honest users while the remaining 1% can trivially bypass it.