The Mac OS X Quick Look Suspicious Package plug-in

One feature I really like about Mac OS X has to be the easily forgotten ‘Quick Look’. It’s a really useful tool (and also has lots of plug-in capabilities) to have and can save you lots of time. Select an item in ‘Finder’ and press the [Spacebar] and you will see a brief preview of any file in addition to the normal icon view. You can also use ‘Quick Look’ in several other apps (in addition to the ‘Finder’) too.

Most of my readers who use Macs will already know about ‘Quick Look’ and probably be very efficient using it too, but here is a ‘Quick Look’ plug-in you must have in your armoury. The plug-in is called Suspicious Package > and is also available from this link: It can be used on Mac OS X 10.5 or later (including Lion). The installer release notes show that is was last updated in 2009, but this shouldn’t deter you from using it!

A lot of Mac apps you download come packaged as PKG files (this is a standard Apple installer package suffix) . These are the icons with the brown boxes – I’m sure my Mac readers know what I am talking about here.  The Suspicious Package Mac only plug-in when enabled will allow you to check what is inside each PKG file, including the number and type of scripts* (these can be additional install scripts and we know what malicious scripts can do!). It will also highlight if you need an administrator password or if you have to restart your system. I suggest you download this free Quick Look plug-in today!

*The script function will only tell you that scripts are present and it’s up to you to examine each script, which might be appear daunting to my non-technical readers.

Safe surfing folks!


This entry was posted in apple, malware and tagged . Bookmark the permalink.

One Response to The Mac OS X Quick Look Suspicious Package plug-in

  1. Pingback: The Mac OS X Quick Look Suspicious Package plug-in | Events | IT Security Magazine - Hakin9

Leave a Reply

Your email address will not be published. Required fields are marked *