I have no doubt they will eventually kill that off.
However, I hope I am wrong. I'd rather not have to switch platforms. Everything seems to be going in the stupid direction.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Gatekeeper Already Present in OS X 10.7.3, Available for Developer Testing
- Thread starter MacRumors
- Start date
- Sort by reaction score
I have no doubt they will eventually kill that off.
However, I hope I am wrong. I'd rather not have to switch platforms. Everything seems to be going in the stupid direction.
After I read again, I see that he does have a correct understanding of code signing. He started talking about encryption of data, which may throw some people off. Many people are familiar with the relationship of certificates and encryption because secured web sites use certificates. That is just one use of PKI. Code Signing is another, which has nothing to do with encryption of the data. PGP/EFS is another which involves the encryption of data. I've worked with PKI quite a bit over my years and still don't have a complete grasp of it. I know it is a topic that many people would rather avoid because it can become extremely confusing. Encryption itself is even more confusing, but fortunately really smart people out there figured out the technical stuff and made it "relatively easy" for regular users to apply. It is a good thing that we don't have to build are own encryption algorithms.
They need a platform for developers to make apps on. This direction seems to be adding a simple alternative, not removing the powerful current system (e.g. Launchpad does not remove the Applications folder).
The natural progression:
OS X 10.8 (Mountain Lion)
1) Allow only apps from Mac App Store
2) Allow all signed apps
3) Allow everything
OS X 10.9
1) Allow only apps from Mac App Store
2) Allow all signed apps
OS X 10.10
1) Allow only apps from Mac App Store
OS X 10.8 (Mountain Lion)
1) Allow only apps from Mac App Store
2) Allow all signed apps
3) Allow everything
OS X 10.9
1) Allow only apps from Mac App Store
2) Allow all signed apps
OS X 10.10
1) Allow only apps from Mac App Store
What stupid direction? Seriously I keep hearing this dumbing down or iOS-ification, but no one has provided concrete examples of where OS X is dumber today than it was a year ago. Please tell me what cant you do in Lion that you could in Snow Leopard? Based on the scant information about Mountain Lion what dont you think youll be able to do in that?
Minus the fact Apple could live it in there and really reduce its privileges and power.
It would be cheaper, easier, faster not to mention considerably more secure to just make 10.8 App Store only, instead Apple listened to developers who were unhappy with the sandboxing requirements then invested time & money developing a system only to can it in 2 years? Not a chance.
A few things that came to my head:
1) I can sync my Nokia address book and calendar in Snow Leopard. I can't in Lion.
2) I can make nice DVD for my parents with my daughters footage in Snow Leopard, I can't in Lion.
3) I can invoke Expose style application windows display by pressing and holding application icon in Snow Leopard. I can't in Lion.
4) I can see automator task progress icon in Snow Leopard, I can't in Lion.
I am sure I would come up with more examples if I would think about it more
p.s. I did not mention Rosetta intentionally - I don't use any PPC applications. However all four points above are are what I am missing in Lion.
Thats not really how Terminal.app works, but worst case scenario you login single user mode make whatever changes necessary then login via the GUI, which yes, is an absurd hoop to jump through, but the whole premise that Apple is on the path to locking down OS X is frankly absurd.
Again I shall issue the challenge, notable indie mac developers like Panic, Delicious Monster and Icon Factory all seem very pleased with GateKeeper, and Wil should be since its pretty much his idea. Who here worried about the sky falling is actually a developer or power user? Lay your cards on the table what cant you do with OS X today that you could do in Snow Leopard? What can you do today you wont be able to do in Lion?
The cost is minimal. You don't throw Bugs Bunny in a pot of boiling water. You turn up the heat slowly so Bugs doesn't notice. This is psychological conditioning.
They can't have a certificate unless they are using an Apple installer application. If you haven't noticed Steam uses it's own DRM and installer application, so the onus would be on the distributor. Now from what I can tell Steam has better luck getting legitimate applications than Apple does in the long run, but the point remains.
As far as I know the only plugin that was attempted to be removed was MAFIAAFIRE, but that wasn't for Malware. Though if you've noticed, once a flaw is usually found, they are usually exploited.
That's exactly what they said about SOPA/PIPA, but it took engineers, of which I was one, and thousands of corporations to fight against this broad type of legislation that would of impacted the web, much in the same way this would effect the Apple development landscape.
I personally agree with this, as even certificates are not a perfect solution. My problem has only been when one company holds the keys, it rarely ends well for the consumer or the startup.
Just as a side note, I'm currently a registered developer, but mainly do this for networking research and cross application development. If you look on the developer boards for Apple under GateKeeper, you will find some of the same arguments by the way...
* Run PPC apps.
* Display scroll bar buttons.
* Save As.
* Use full screen apps on the spaces/desktops I want.
* Leave my MacBook running (i.e. only using sleep) for over a month at a time without being forced to restart due to a problem.
* Sell software effectively outside the app store. There will be an immediate cut in the potential market even for signed apps as some people will use what they perceive to be the "highest and most secure" setting of MAS apps only.
* Practically speaking, sell software at all that cannot be turned off by Apple on a whim, i.e. sell unsigned software not subject in any way to Apple's approval or control.
I have concerns. Namely:
1) Barrier of entry for indie developers. Yes, IDs are free right now, but who is to say that will remain true in the future?
2) Ability of average users to use open source products. Even if an open source product goes the ID route, who exactly is it registered under?
3) A kill switch for signed apps being used for arbitrary purposes by Apple as they have on the app store -- their personal ethical/moral leanings, software that competes with their own, etc.
A few things that came to my head:
1) I can sync my Nokia address book and calendar in Snow Leopard. I can't in Lion.
2) I can make nice DVD for my parents with my daughters footage in Snow Leopard, I can't in Lion.
3) I can invoke Expose style application windows display by pressing and holding application icon in Snow Leopard. I can't in Lion.
4) I can see automator task progress icon in Snow Leopard, I can't in Lion.
I am sure I would come up with more examples if I would think about it more
p.s. I did not mention Rosetta intentionally - I don't use any PPC applications. However all four points above are are what I am missing in Lion.
1) Can't comment. Is this an OS issue or is this Nokia not updating their connectors?
2) Not an OS issue or Apple restriction, you can still make DVDs
3) Changed functionality/personal preference not a restriction by Apple
4) Missing feature
These are almost exclusively feature or personal preferences and has nothing to do with dumbing down the OS.
----------
1) baseless speculation
2) same as now for any non-standard installation, tutorials and step-by-step instructions
3) gatekeeper keeps an app flagged as malicious from being installed it is not a kill switch.
----------
0) valid point
1) feature
2) not an OS level feature
3) feature
4) bug
5) probably
6) market forces if that's what the customer base wants then that's what will happen.
None of these are the scary restrictions you are all predicting there just features you don't like or bugs with the exception of Rosetta.
Only on first time run or everytime an app is run?
Does anyone know if gatekeeper would block only the first time run or every execution of an application.
I could see myself turning it on all the time, but when I install a select application that I know to be ok, then I could turn it off, install, run, then crank it up back to 11.
Cheers!
Does anyone know if gatekeeper would block only the first time run or every execution of an application.
I could see myself turning it on all the time, but when I install a select application that I know to be ok, then I could turn it off, install, run, then crank it up back to 11.
Cheers!
As far as I can see, it will only block the installation, so once installed you run normally without any checks what so ever.
1) It's certainly not baseless, but yes it's speculation hence the word "concern".
2) No. My point was that most users won't even know where/what the Gatekeeper defaults are. It will stay stuck at the middle option forever. Hence the barrier-of-entry for indies & open source projects to get mainstream eyeballs is high. Yes, it's always been hard for them, and now it will be much harder.
3) The fact that Apple can flag any signed app is in effect a kill switch. It may or may not remotely remove software like the Amazon ebook debacle, but subsequent downloads would present a warning to users or perhaps even block installation. You seem to trust Apple to play fair. Their historical behavior on the iOS store tells me otherwise.
Last edited:
You don't need to open the Terminal to develop Mac OSX apps or iOS apps...
If you mean developing in other languages, Apple doesn't really care, it doesn't benefit Apple's eco-system.
The nokia issue was with iSync. A feature Apple took away. Although you can get iSync from Snow Leopard and simply copy it to Lion and syncing will work (it worked with my old N8 and N95 ).
Its unsupported and Apple could remove the syncing framework at any time.
Last edited:
how far can you see?
Are you running the preview and breaking your NDA to say this, or can you back it up?
My speculation (big word that means "guess") is that it would depend if you're running an installer, or if the app is a simple binary executable.
If it's installer, you'd be authorizing it to put some files on the local system, and you wouldn't be asked again each time you run the installed app.
If it's a simple single binary executable, it would be likely that you'd be asked each time unless you "bless" the image.
Are you running the preview and breaking your NDA to say this, or can you back it up?
My speculation (big word that means "guess") is that it would depend if you're running an installer, or if the app is a simple binary executable.
If it's installer, you'd be authorizing it to put some files on the local system, and you wouldn't be asked again each time you run the installed app.
If it's a simple single binary executable, it would be likely that you'd be asked each time unless you "bless" the image.
Daring Fireball published the same info:
So by changing the permissions on GateKeeper, you can run unsigned code. That is public knowledge, released on the blessing of Tim Cook from what he's saying.
How will this all change once it's released to the public is totally up in the air and mere speculation. I would guess that since AppleScript, XCode, PERL, Python, and just about every other language would break without some sort of blessing, I'm sure Apple has at least thought of a way to run once and add an exception. We've already seen the backlash from Vista's security alerts, and I highly doubt that Apple wants ML to be a comparison.
Last edited:
Apps only go through evaluation if are intended to be sold by the AppStore.
All other apps simply need to be signed using the Developer ID issued by Apple.
It seems (according to Gruber's report) that Apple is only going to verify the Developer during the initial registration for a Developer ID. Then it's up to the Developer to sign his/her own applications, and make sure there's no malware in them. If an app gets reported to contain malware, Apple would investigate and disable the application if necessary. It makes no sense at all for Apple to spend time snooping inside an app they are not going to distribute through the AppStore. And for Apple to try to snoop inside a private business app, it would mean a corporate market suicide.
Now I can definitely conclude that you have no idea on what you are talking about, nor understand the purpose of a retina display.
In the case of a corporations's internal application, there's no need to have it signed by any other certificate, if the OS is not going to do anything with that signature. The Apple issued signature makes more sense to use when combined with Gatekeeper.
Great developer, just give him the public page to the Enterprise developer program: https://developer.apple.com/support/ios/enterprise.html
I am almost positive they will include ML within the reaches of the same, or similar program for in-house applications.
I am almost positive they will include ML within the reaches of the same, or similar program for in-house applications.
The fee itself isn't the issue, it's that Apple is effectively forcing the developers to deal with them instead of the distributors they want. After having an open distribution model for so long that can only be seen as anti-competitive.
Also, you shouldn't mention advertising since that is not covered by the 30% Apple takes
Apple Mac OS X Mountain Lion GateKeeper is developer's jail
For sure that's not about security, if that was for security they could at least make it optional. Windows XP had a similar feature for years, and it did not help against viruses at all. Moreover, don't you think it's strange that yesterday they claim "Mac os X is completely virus free" and then next day they ban ALL third party apps "to protect you". When governments or corporations want to cut your freedom - they're always talking about security. Most of masses are only glad to have their freedom cut.
Also don't you think if there was no AppStore, they would even bother with this GateKeeper? No!
The only (only!) reason they push it is to force developers (and users) to use their AppStore. And that was very predictable. First it hits alternative online distributors and resellers, and eventually it will hit developers - cause the monopoly is always bad. That's definitely anti-competive behaviour and people must understand - it won't be good for them in a long term. Eventually developers won't own their apps, and Apple will own everything! They will be able to change their rules, commissions etc and there will be no alternative! That is what they want! That is so old practice! But in 1990th there were so many legal cases against Microsoft! What now?
Developers should complain and protest about banning their non-signed apps by default, as it's a way to digital slavery! It's so obvious in USA, are you still believe in any security and good thoughts? That's a a ********. That's all about money and greed! Now 30% and you cannot even mention competing OS in your app, what next? Isn't that the dictatorship the Unites States were always fighting with? It IS! The freedom is in danger again and again!
That the same as SOPA and PIPA - it results in the same freedom loss!
Don't be so stupid to think it's about security!
For sure that's not about security, if that was for security they could at least make it optional. Windows XP had a similar feature for years, and it did not help against viruses at all. Moreover, don't you think it's strange that yesterday they claim "Mac os X is completely virus free" and then next day they ban ALL third party apps "to protect you". When governments or corporations want to cut your freedom - they're always talking about security. Most of masses are only glad to have their freedom cut.
Also don't you think if there was no AppStore, they would even bother with this GateKeeper? No!
The only (only!) reason they push it is to force developers (and users) to use their AppStore. And that was very predictable. First it hits alternative online distributors and resellers, and eventually it will hit developers - cause the monopoly is always bad. That's definitely anti-competive behaviour and people must understand - it won't be good for them in a long term. Eventually developers won't own their apps, and Apple will own everything! They will be able to change their rules, commissions etc and there will be no alternative! That is what they want! That is so old practice! But in 1990th there were so many legal cases against Microsoft! What now?
Developers should complain and protest about banning their non-signed apps by default, as it's a way to digital slavery! It's so obvious in USA, are you still believe in any security and good thoughts? That's a a ********. That's all about money and greed! Now 30% and you cannot even mention competing OS in your app, what next? Isn't that the dictatorship the Unites States were always fighting with? It IS! The freedom is in danger again and again!
That the same as SOPA and PIPA - it results in the same freedom loss!
Don't be so stupid to think it's about security!