macOS Sequoia Makes It Harder to Override Gatekeeper Security

[MacRumors]

With macOS Sequoia, Apple is making it more difficult for users to override the built-in Gatekeeper security function to install Mac software.

Apple is eliminating the option to Control-click to open Mac software that is not correctly signed or notarized in macOS Sequoia. To install apps that Gatekeeper blocks, users will need to open up System Settings and go to the Privacy and Security section to "review security information" before being able to run the software.

Some macOS Sequoia users have already noticed that the function was removed, but Apple today confirmed that it is no longer available in the update.

Apple recommends that software distributed outside of the Mac App Store be submitted for notarization, a process that scans Developer ID-signed software and performs security checks. Notarized software does not trigger Gatekeeper.

Gatekeeper ensures that Macs only run "trusted" software in order to protect users from malware, viruses, and other security risks. Gatekeeper checks to make sure that software comes from an identified developer and is free from malicious content.

Article Link: macOS Sequoia Makes It Harder to Override Gatekeeper Security

 

[McWetty]

I thought Apple wasn’t a “gatekeeper”? Oh wait…

I’m kidding.

 

[toobravetosave]

now do it for iOS in america

 

[lkrupp]

Good. Anything to help the tech illiterate gullible keep from compromising themselves. For users who know what they are doing, no big issue at all if they want to install unsigned apps from god knows where. More power to them but no sympathy of they get nailed.

 

[wellander1]

Does disabling it via command line still work?

 

[Nugget]

I'm completely unbothered by this change and I use this feature fairly often. It's only a slight additional inconvenience for experienced users and it's a huge barrier for scammers.

 

[flexwithmarius]

Good. Anything to help the tech illiterate gullible keep from compromising themselves. For users who know what they are doing, no big issue at all if they want to install unsigned apps from god knows where. More power to them but no sympathy of they get nailed.

The tech illiterate wouldn’t know about the Control-Click shortcut.

For power users, this is a step back imo.

 

[GMShadow]

The tech illiterate wouldn’t know about the Control-Click shortcut.

For power users, this is a step back imo.

Yeah, I'm in the 'mildly annoyed' bin here. I don't have to do it all that often but it's going to be that 'sharp, immediate annoyance' when I do run into it.

 

[kylelerner]

Quit telling us how we want to use our machines, thanks. Microsoft, too.

 

[Aiii83]

One step closer to permanently locking down MacOS, just slowly ease people into the change. A worrying development to be sure, but a fairly obvious one.

 

[russell_314]

Good. Anything to help the tech illiterate gullible keep from compromising themselves. For users who know what they are doing, no big issue at all if they want to install unsigned apps from god knows where. More power to them but no sympathy of they get nailed.

This so much. People with a little bit of knowledge are the most dangerous sometimes. Then when they get malware they cry macOS isn’t secure 🤦‍♂️

 

[diamondsw]

Looks like I'm finally disabling SIP entirely. Too much ******** that gets in the way, little to no benefit.

 

[minik]

I do use the control-click trick multiple times before, however I hope this will get software vendors to properly signed or notarized their apps.

 

[MegaBlue]

An unnecessary change.

 

[jasnw]

As soon as this starts impacting use of MacPorts and Homebrew and self-written software, this sort of Big Brother protection will move rapidly out of the "mildly annoying" bin into the "hell no" bin.

 

[roadkill401]

so in other words, Apple wants everyone who writes free software for Mac to have to pay the $99+ yearly to make it just expensive for anyone wanting to write free stuff as a hobby or for the good of the community. If Apple really wanted to make a difference then it would have a free level of developer that allows for a small number of apps to be released for free. Like 10-15 free before you need to pay the $99

 

[aidler]

“Trusted Software” is an interesting term. I’m not sure why I should trust Apple on this. Lately, not only security but also economic and increasingly political reasons have been relevant for Apple when notarizing an App, hence giving it the “Trusted Software” label. “Trusted” for Apple does not necessarily mean it is in the customer's best interest.

 

[antmarobel]

I paid for my iMac M3 (with a 1 tera SSD and 16GB memory), so I wan to install whatever I want ON MY MAC!!!!!

 

[Ctrlos]

Dear Apple,

Mac users are smart enough to not need their hand holding over every little app. Treat us like adults.

Regards,

Macrumors

 

[russell_314]

“Trusted Software” is an interesting term. I’m not sure why I should trust Apple on this. Lately, not only security but also economic and increasingly political reasons have been relevant for Apple when notarizing an App, hence giving it the “Trusted Software” label. “Trusted” for Apple does not necessarily mean it is in the customer's best interest.

You are correct. macOS isn’t the OS you want if you don’t want some form of hand holding. Same with Windows. If you’re smart enough to go out on your own and not need someone to protect you then it’s Linux.

 

[MilaM]

Boiling the frog one major release at a time.

 

[russell_314]

Dear Apple,

Mac users are smart enough to not need their hand holding over every little app. Treat us like adults.

Regards,

Macrumors

I disagree when it comes to most users

 

[CarAnalogy]

Yeah, I'm in the 'mildly annoyed' bin here. I don't have to do it all that often but it's going to be that 'sharp, immediate annoyance' when I do run into it.

I’m just worried one day it will go from annoyance to problem, if Apple decides to use notarization as its leverage as the App Store declines in power. It never had that much power on the Mac, but this is another step in that direction.

To be clear, I think the security benefits of this are good and it mostly won’t be a problem. But Apple has already shown willingness to use notarization to block apps in Europe that would otherwise be allowed under the new rules.

 

[TechnoMonk]

As soon as this starts impacting use of MacPorts and Homebrew and self-written software, this sort of Big Brother protection will move rapidly out of the "mildly annoying" bin into the "hell no" bin.

Big difference between package manager and an app from interface. I don’t see how Apple can block home brew without messing up X-code developer tools and Kernel. If you are smart enough to play in terminal with home brew, you can sudo and do what ever.

 

[neuropsychguy]

The tech illiterate wouldn’t know about the Control-Click shortcut.

For power users, this is a step back imo.

I'm a power user who is highly tech literate and I didn't know about Control-Click (or at least forgot about it). I don't know every last keyboard shortcut that's available in macOS.

It's not a problem to pull up settings unless you need to do it dozens of times per day.