macOS Sequoia Makes It Harder to Override Gatekeeper Security

[topdrawer]

No. You give them the source code, and let them compile/build it on their own Macs. Buildable source code is a perfectly good form of distribution. And Xcode to do the build is free to Mac users, not just developers.

yeah, installing a giant app like xcode to compile a small app is a very reasonable distribution model.

 

[Nugget]

Apple makes Billions from apps. Thus macOS has to allow the development of apps, which means power users will always be able to sign their binaries. So pay up your $99, and become a real power user.

If it ever becomes necessary, you're right this will probably always be an option and still comes in under the price of a Windows license.

 

[maxoakland]

That’s absolutely not OK.

Time to push back against Apple. They’re trying to make MacOS as limited as iOS and I’m sick of it

 

[maxoakland]

I do use the control-click trick multiple times before, however I hope this will get software vendors to properly signed or notarized their apps.

They have to pay $100 a year and own a Mac for that. Why should the developer of a free application do that?

 

[maxoakland]

There was some Malware with the Control-Click shortcut in the installation instructions. This should help with tech illiterate users who wouldn't question that instruction for their "free" software.

They’ll just update it to include the new instructions. Then Apple will have an excuse to remove that too

There’s no such thing as 100% security. Even disabling un-notarized apps entirely will not result in a 100% secure MacOS

And I’m not OK with them removing my freedom to install any app I want

 

[Nugget]

They’ll just update it to include the new instructions. Then Apple will have an excuse to remove that too

What makes you believe that? Apple don't need an excuse to remove anything from the OS, they can just do it. The fact that they haven't is evidence that it's not their goal. There are reasonable and plausible justifications for why Apple have moved this setting to the Settings app that don't involve malevolent plans to lock down macOS entirely.

 

[31 Flavas]

As soon as this starts impacting use of MacPorts and Homebrew and self-written software, this sort of Big Brother protection will move rapidly out of the "mildly annoying" bin into the "hell no" bin.

You know why this stuff has to be added, right? Correct me if wrong, but any Linux distro that took off with the public / retail would likewise need to follow suit.

 

[baryon]

Oh piss off. If I downloaded an app that I want to install, I'm going to install it regardless of macOS's warning, because there are so many completely legitimate apps that are not signed. Not being signed is therefore not an indication of it being malware, so the warning is completely meaningless. It's like your car telling you "Are you sure you want to start the engine? You could get into an accident!" every time. Yes, I'm sure, and yes, I know. Asking isn't going to make me reconsider, it's just a waste of time.

 

[leapp]

I have a certain feeling that EU won‘t like it…


View attachment 2403475

I wish the USA would take a harder look at things as well.

 

[dwaite]

This is little more than an effort on the part of Apple to have all purchases of third-party software made at the App Store so that Apple gets its %30 cut.

Notorization does not require publication in the App Store, does not require meeting App Store rules (specifically, sandbox restrictions required by the App Store interfere with many categories of software), and does not require any form of revenue sharing.

 

[leapp]

Oh piss off. If I downloaded an app that I want to install, I'm going to install it regardless of macOS's warning, because there are so many completely legitimate apps that are not signed. Not being signed is therefore not an indication of it being malware, so the warning is completely meaningless. It's like your car telling you "Are you sure you want to start the engine? You could get into an accident!" every time. Yes, I'm sure, and yes, I know. Asking isn't going to make me reconsider, it's just a waste of time.

The future they want is one where we cannot update/upgrade anything, there's minimal resale market (sorry perfectly good but password locked computer owner) and they get a cut from every software title we use. I've been a fanboy for 24 years, but I'm switching to linux PCs, for these reasons.

 

[Minghold]

You know why this stuff has to be added, right? Correct me if wrong, but any Linux distro that took off with the public / retail would likewise need to follow suit.

That's exactly what it's all about, and Apple and Google and Microsoft are all desperately hoping that they can shunt a gargantuan glut of used computers to recyclers before Linux devs figure out how to slay Cerberus.

 

[russell_314]

I click “accept” and then ignore the EULA.

You might be ignoring it in your mind but you legally accepted the agreement.

Awesome. For lawyers.
Not for average consumers that pay inflated prices.

I totally agree!

You do see the problem with that!?

Selling something and then preventing you from using it sounds very much like bait and switch, if not downright fraud.

Absolutely not. By not accepting the EULA you’re preventing yourself from using it. Now there are gray areas where I might agree with you such as you buy a game then they drastically change the EULA. At that point you’re either forced to agree with something you didn’t consider at the time of purchase or stop using the product.

…and said OS license was bundled with the hardware. They advertise what it can do. And that’s the reasonable expectation I can rely on - without being bound by surprising conditions only presented to me after sale.

You know at the time of sale that agreeing with the software EULA is required to use it. Do you really want to be forced to sign some crazy EULA at the time of purchase. It’s like I know websites have cookies. I don’t need to agree to it every time 🤦‍♂️

The EU isn’t the culprit here. If anything, they’ll just require companies to properly inform the buyer/user, disclose the terms and obtain consent appropriately.

If anyone’s at fault, it’s the companies that believe they have to inundate their customers with paragraphs and pages of legalese junk - that no one reads anyway.

The culprit yet. Yes it’ll be like the cookie pop ups. At least this won’t affect USA buyers.

 

[AppliedMicro]

You might be ignoring it in your mind but you legally accepted the agreement.

Again: there is no global legal consensus if “shrink-wrap” type are legally binding and enforceable.
Even if partially enforceable, unfair, unreasonable or unexpected clauses can still remain unenforceable.

To emphasise the point: clicking on “accept” does not mean I legally agree to anything or everything - particularly not if I’m forced to do it in order to use the software as intended and as it was purchased for.

If I buy a car, paid for it and upon pick-up from the dealership notice that the manufacturer put a sticker over the ignition lock cylinder stating “by inserting your key, you irrevocably agree to our licensing agreement here or there…”, do you believe that will be considered a legally valid agreement in every jurisdiction in the world?

PS: …or that I’d have to return the car to the manufacturer to get refunded?

 

[Nugget]

Again: there is no global legal consensus if “shrink-wrap” type are legally binding and enforceable.

 

[AppliedMicro]

PS: coming back to an earlier post, and to a particular relevant question to the topic:

Yes you can actually install Linux on a Mac now. You own the hardware but you don’t own the OS. You only have a license to use it within the terms of the license agreement. So many don’t understand that

European Union law expressly allows for reverse engineering and decompilation of computer software for interoperability purposes of other (possibly competing) software - as a right that can’t be taken away by end user licensing agreement.

 

[neuropsychguy]

And who, exactly, would be installing dozens of unsigned apps a day?

That's a good question that I have no answer to.

 

[firewood]

Yes you can actually install Linux on a Mac now.

And it's even easier to install Linux in a VM on a Mac, which allows running almost any Linux app, even closed source binaries. But with all the freedom that using Linux allows, how many people actually download and install closed source Linux binaries, or binaries from anywhere other than the official OS distribution's package manager repository?

 

[russell_314]

Again: there is no global legal consensus if “shrink-wrap” type are legally binding and enforceable.
Even if partially enforceable, unfair, unreasonable or unexpected clauses can still remain unenforceable.

To emphasise the point: clicking on “accept” does not mean I legally agree to anything or everything - particularly not if I’m forced to do it in order to use the software as intended and as it was purchased for.

If I buy a car, paid for it and upon pick-up from the dealership notice that the manufacturer put a sticker over the ignition lock cylinder stating “by inserting your key, you irrevocably agree to our licensing agreement here or there…”, do you believe that will be considered a legally valid agreement in every jurisdiction in the world?

PS: …or that I’d have to return the car to the manufacturer to get refunded?

Sure they’re not going to send a police officer to your house to beat you down if you do something against the TOS so in that sense no it’s not enforceable. However, I think the point I’m making is when people complain… Oh nooo I can’t do this or oh no this isn’t fair that Apple does this to the operating system yeah that’s in the terms of service that you physically agreed to but mentally didn’t agree to.

 

[russell_314]

PS: coming back to an earlier post, and to a particular relevant question to the topic:


European Union law expressly allows for reverse engineering and decompilation of computer software for interoperability purposes of other (possibly competing) software - as a right that can’t be taken away by end user licensing agreement.

I think that’s going with reverse engineering an app for example to make it work on macOS while the developer only made it work on Windows.

 

[Unregistered 4U]

This so much. People with a little bit of knowledge are the most dangerous sometimes. Then when they get malware they cry macOS isn’t secure 🤦‍♂️

They’re not wrong. On a scale of less secure to more secure, there are other OS’s Apple makes that’s more secure. A couple of them actually.

 

[minik]

They have to pay $100 a year and own a Mac for that. Why should the developer of a free application do that?

You have a point, however Apple warned about that for years.

 

[Minghold]

And who, exactly, would be installing dozens of unsigned apps a day?

I resemble that remark.

 

[Minghold]

What makes you believe that? Apple don't need an excuse to remove anything from the OS, they can just do it. The fact that they haven't is evidence that it's not their goal. There are reasonable and plausible justifications for why Apple have moved this setting to the Settings app that don't involve malevolent plans to lock down macOS entirely.

Invert "Hanlon's Razor" 100% of time politicians or corporations are involved.

 

[Nugget]

Invert "Hanlon's Razor" 100% of time politicians or corporations are involved.

I note the link doesn't mention "or corporations" at all, so your "headline" is a bit misleading. I definitely don't see how it justifies the unwavering confidence people seem to have in their prediction that Apple are sneakily working their way towards a locked-down macOS.

If they wanted to do that, what's stopping them from just doing it right now? Instead the claim is that they're wasting money and development time moving the bypass to the Settings app just so later they can remove it like they truly want. It doesn't really make sense to me on its face.