Report: No software will be able to run on Mac OS X 10.7 without being approved and signed by Apple Friday, April 23, 2010 "Apple began charting the future of their flagship computer Mac OS X today as the developers of tomorrow finally learned how they'll be able to participate in it," Rixstep reports. "Apple will begin signing up independent software vendors (ISVs) for the 10.7 developer programme by early autumn 2010," Rixstep reports. "Membership will cost $99 just as the iPhone programme and will include a number of benefits including free downloads of the Xcode developer tools and access to online API documentation." Rixstep reports, "Developers planning on marketing software for 10.7 will submit their products to the App Store as iPhone and now iPad developers have already done. 10.7 will have kernel support for ('insistence on') binaries signed with Apple's root certificate. No software will be able to run on Mac OS X 10.7 without being approved and signed by Apple, Inc." "Slapping a root certificate on a binary running Snow Leopard or earlier doesn't change anything: the certificate represents an additional executable section that can easily be removed. Individual apps can of course check for the presence of a certificate, but it's not before the OS kernel itself insists on this certificate that program execution is totally in Apple's control," Rixstep reports. "It's expected there'll be efforts to 'jailbreak' 10.7 just as there have been with the iPhone and iPad systems." http://rixstep.com/1/20100424,00.shtml 9 to 5 Mac is reporting that a developer they've contacted says that the facts are distorted in the Rixstep article: Code signing for Mac Applications is already in place, and has been for a couple of versions of Mac OS X. There is a command line tool included in OS X (sorry, don't recall the name) that can show the user which apps are signed, and by what certificates Contrary to the article, code signing of applications is already used by OS X. You'll notice that when you update some third party applications from, for example, v1.0 to v1.1, if that app stores data in you keychain, the first time you run the new version of the app you will get the popup window saying "Application X would like to use data stored in you keychain." This is because the application is not signed, therefore the System can't verify it is the same app from the same developer after it has been updated and the executable has changed on your disk. You may not have noticed that when you update Safari or Mail or some third party apps, you do not get the dialogue, as these apps are signed, and the signing is still valid after the update, so the System can be sure the app has not been tampered with by a 3rd party, and it is OK to continue to allow it access to the keychain. http://9to5mac.com/mac_like_iphone UPDATE http://www.redmondpie.com/os-x-10.7-wont-feature-app-store-9140689/ Steve Jobs: Mac OS X 10.7 will not feature an iPhone-like App Store requiring app approvals Monday, April 26, 2010 "The greatest strength of Apple and its iPhone has always been the availability of nearly 200,000 apps in the iTunes App Store," Skipper Eye reports for Redmond Pie. "No other phone manufacturer has so far been able to match the success that iPhones App Store has got. This amazing success of the App Store has led to people wondering if Apple would bring such a business model to its OS X platform as well." "There were rumors flying around that one of the highlights of the upcoming OS X 10.7 would be an iTunes like App Store for Mac, which would need Apples approval, and would be one conveniently place to find and buy softwares while Apple will take care of all the security," Eye reports. "A Mac developer Fernando Valente wrote to CEO Steve Jobs for clarification in this regard." Eye reports, "As usual, Jobs reply was short; saying 'Nope' to all such rumors."