Apple Cutting Off Mac App Store Hotkey Apps as Sandboxing Requirement Goes Live on June 1? [Updated]

[snowmoon]

Move along, nothing to see.

This is about one or more Mac developers who have chosen not to update their apps for the sandbox environment. Properly implemented hot-keys and services provide 99% of what these previous apps could do without the blindly obvious security problems of hooking the keyboard directly or code injection. If developers choose to live in the past and use unsupported and possibly dangerous API's then Apple will not support them through App store distribution.

None of the well developed and supported apps with hot-key or even global hot-key support are going to disappear from the App store anytime soon.

----------

Well, that makes it easier. I already own IBM.

Wow, you have over $120 billion in assets?

 

[1239689]

The down hill slide gets faster.

 

[iBug2]

1Password is being sold through the App Store. 1Password MAS users will lose ( very useful ) hot key functionality should they upgrade in the future after sandboxing as been fully implemented .

1password is also sold outside MAS. People who already bought it through MAS won't lose anything unless they update to the new MAS version (if they release any).

----------

I think many who are against this (myself included) are really commenting on the future. Yes, you can get this outside of the MAS, but how long will this last? Many of us who are against this are fearful of the day when Apple completely shuts down the ability to download/install apps outside of MAS.

w00master

I'm an extreme pessimist when it comes to future but on this topic, I don't think that'll ever happen. I think they'll always keep the option to install apps from any source for the PC's. iPad and the likes are the future of revenue for these guys and as long as they keep those under "control", they won't mind about what we do with our PC's.

 

[gnasher729]

Thinking more about this: I find it hard to believe Apple are going to disable global Hot Keys. Many applications use them. It shouldn't be overly complex for Apple to implement a secure hotkey API.

First, Apple isn't disabling anything. Apple may be not allowing apps with certain features on the App Store, but if you buy them elsewhere they will work.

And it is not possible to have a "secure" hotkey API. The very thing that the API does is what makes it insecure.

 

[cclloyd]

I am assuming if they are bought via the MAS and if this hotkeys access something outside of photoshop, then the answer might be yes.

They don't access anything outside of PS, only anything inside the menu functions and menu panels.

 

[rhett7660]

They don't access anything outside of PS, only anything inside the menu functions and menu panels.

So then the answer would be know. Those hot keys would still work. It is those keys that access programs outside of the application.

However after reading all this, this might have been for nothing.

 

[Stella]

First, Apple isn't disabling anything. Apple may be not allowing apps with certain features on the App Store, but if you buy them elsewhere they will work.

And it is not possible to have a "secure" hotkey API. The very thing that the API does is what makes it insecure.

Not possible... sure.... I'm pretty sure Apple can make the hotkey API 'more' secure and still not disabling ( disabling vs disallow , don't get into semantics please - the end result is the same ) for MAS apps. The global API doesn't have to be bomb proof..

Anyway, like I said, I'm very sure Apple will still allow global hot keys for MAS apps.

As time goes by more apps will become MAS exclusive.

1password is also sold outside MAS. People who already bought it through MAS won't lose anything unless they update to the new MAS version (if they release any).

Yes it is.. and for those people who have bought the MAS version, have to re-purchase the non-MAS version unless agile bits offer a license transfer ( proof of purchase of MAS ). The last time I read... last time I saw, 1Password 4 may very well be MAS only, unless they've stated otherwise.

 

[KnightWRX]

And it is not possible to have a "secure" hotkey API. The very thing that the API does is what makes it insecure.

Hum, sure it is possible. Think how you would design such an API. Just run a hotkey daemon and make it so sandboxed apps need to register their hotkeys with this daemon. The daemon then sends a message/signal back to the app when the hot key is pressed.