Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OS X Mountain Lion Limits Apps to Mac App Store, Signed Apps by Default

dolphin842 said:
I
I agree that having the option to run unsigned code allays many of these concerns for now. It's just easy to get a little concerned when one looks at the trajectory (unsigned code > sandboxing required for App Store apps > APIs only available to App Store apps > signed code require for default operation, etc.)
Click to expand...

Here's the difference. I see this as a backtrack of trajectory. They have a perfectly good 'locked-down' system in iOS. If they wanted to continue on that trajectory they're already there! It would be easy to bring that system to the Mac app store.

The fact that they took the time to make up this whole new gatekeeper thing seems, to me, to be a deviation from the trajectory: An acknowledgement that they literally can't monitor the Mac like they have the iPhone.

In fact, I give strong odds that iOS eventually goes to gatekeeper and the IOs store approval process is scrapped. Not this year, but eventually. I feel very good about those odds.

Policing the app store is a thing Apple would prefer to not do. It takes a LOT of time and resources and it hurts their platform in terms up software update speeds. Apple would LOVE a better solution on iOS.

I think Gatekeeper is it and I think putting it on the Mac is their way of testing it out to see if it works well.

Many here don't believe this. I do.
 
GermanyChris said:
Because we'll all natually run to Windows 8..the same reasons exist to avoid that too..

Why is that always the default answer?
Click to expand...

You have two real choices OSX or Windows. And before start about Linux, I use it daily, its not for the average user.
 
dolphin842 said:
As for "they're only killing harmful apps", disabling signed-but-not-approved apps is new territory for Apple so we don't know how they will implement this policy. However, given that Apple has made more than a few controversial App Store decisions, and since Apple may eventually be dealing with making judgement calls on a much greater quantity of signed-but-not-approved apps compared to App Store submissions, I would guess that it's only a matter of time before Apple runs into some murky territory about what is and isn't allowed.

Whether this becomes an issue or not all depends on what Apple's definition of 'malware' will be. Will the definition only include code that does things like deleting files or installing a botnet client? What about code that, through the use of private APIs, has the potential to corrupt files? What about code that obfuscates its operation for privacy reasons, but could potentially be used for nefarious purposes (anything from TrueCrypt to BitTorrent could apply here)?

I agree that having the option to run unsigned code allays many of these concerns for now. It's just easy to get a little concerned when one looks at the trajectory (unsigned code > sandboxing required for App Store apps > APIs only available to App Store apps > signed code required for default operation, etc.)
Click to expand...

There is a kill-switch mechanism on iOS since many years ago and Apple NEVER used it.
 
As someone who uses Lion but doesn't like it all that much I don't think that Gatekeeper is bad at all. It looks like a great way to keep family members and others from installing software without the administrator's permission.
 
kemo said:
If it stays as it is now you dont have to care dude, just switch to "Anywhere" and install whatever you want..
Click to expand...

Don't you get it? The default setting is setting the stage to killing that option off entirely.

That default setting is going to make the majority of developers not waste their time developing apps for a target audience they can't reach.

Then, when there are hardly any developers developing apps outside the MAS, that option is as good as gone
 
cgc said:
How dare anyone make guesses on MacRumors. I doubt this is anything other than a good measure to help protect users with a nice side effect of possibly boosting AppStore use.

I love the AppStore but it needs work to help sift through the files. Search for something and it's all uncategoried in a big honking list...I want sort by rating, sort by pricing, sort by license, sort by vendor, etc.
Click to expand...

Clearly stated guesses are fine, however, attempting to spread FUD, or claim to have inside knowledge (without any references) is generally not ok.

As opposed to shooting from the hip and reacting, I simply asked if they happened to be speculating, which they appear to be.

Note I was posting as a curious user, not wearing my moderating hat at the time :) .
 
dukebound85 said:
Don't you get it? The default setting is setting the stage to killing that option off entirely.

That default setting is going to make the majority of developers not waste their time developing apps for a target audience they can't reach.

Then, when there are hardly any developers developing apps outside the MAS, that option is as good as gone
Click to expand...

The default setting will allow App Store & signed apps. Signing apps will not be a barrier for developers. This will only hurt malicious developers whose keys will be revoked as soon as they are found to be doing malicious things on users Macs...
 
interrobang said:
Classic is gone. Rosetta is gone.
Click to expand...

Rosetta was always going to be a temporary bridge as Apple was paying licensing fees to Transitive, the company who developed that technology. That's on top of Apple's own development costs.

This got worse, or at least didn't change, when IBM bought Transitive in 2008.

I know this because the head of design at Transitive was my lecturer at Uni.

Fitting in those licensing costs into the $29 cost of Lion just wouldn't work, nothing to do with outdated technology. Nice try at scaremongering though.
 
Winni said:
You're absolutely right. Windows is not the place to go back to and OS X is no longer a place to stay.

The good thing is that there are great alternatives available that even run on Apple hardware:

http://www.ubuntu.com
http://fedoraproject.org
http://linuxmint.com
http://debian.org
http://www.freebsd.org

There's no real reason left to stay in the Walled Garden.
Click to expand...

Really? So what you're saying is that any old Jane or Joe from off the street can go into their neighborhood electronics store, pick up a box of Linux and read the features list on the back, take it home and install it on their computer (any brand) and have it fully functional within an hour by just letting the installer do its job. It will go onto the internet to locate and download necessary drivers and install them automatically and essentially make itself fully consumer ready without anything more than the occasional click a yes/no button to start the next step.

That same user can then go back to the electronics store and pick up an office suite, games, photo or other consumer-grade application and install it with full functionality with no greater learning curve than what is available from MS or Apple.

Sorry, even Ubuntu still requires the user to have at least some understanding about how everything is supposed to work. The average consumer doesn't even want to know.
 
I expect a lot of hats to be eaten if Apple brings Gatekeeper to iOS. If Apple wanted to lock down OSX, they wouldn't have to create Gatekeeper, they'd just have to restrict apps to the mac app store. This looks more like them trying emulate the security of a locked down platform without actually locking it down and I could see them bringing this model to iOS to allow non app store apps to run without compromising security.
 
Vulpinemac said:
Really? So what you're saying is that any old Jane or Joe from off the street can go into their neighborhood electronics store, pick up a box of Linux and read the features list on the back, take it home and install it on their computer (any brand) and have it fully functional within an hour by just letting the installer do its job. It will go onto the internet to locate and download necessary drivers and install them automatically and essentially make itself fully consumer ready without anything more than the occasional click a yes/no button to start the next step.

That same user can then go back to the electronics store and pick up an office suite, games, photo or other consumer-grade application and install it with full functionality with no greater learning curve than what is available from MS or Apple.

Sorry, even Ubuntu still requires the user to have at least some understanding about how everything is supposed to work. The average consumer doesn't even want to know.
Click to expand...

Actually, if you replace an electronics store with a website and repositories (the Linux version of the App Store, it's been around a lot longer), you can basically do that with Ubuntu.
 
ixodes said:
It's time for the Apple Faithful to accept this reality.

Once a closed eco system, it's about to be locked down permanently :eek:

As they love to say. It's about the experience... One that's the mirror image of Big Brother as dictated by Apple.

Decades after their famous commercial & "in your face" anti-big brother stance, Apples control has usurped all others. Apple is now Big Brother.

Steve's Won All The Marbles & Owns the Playground as Well.

Even if it's from the beyond.
Click to expand...

You know, maybe you should go and read Orwell's 1984 before you plant a "Big Brother" label on Apple, hmmm?
 
The Feature: having signed apps and requiring confirmation when running an unsigned app for the first time is a good idea from a security stand point. Honestly, if Microsoft had properly done this back in Windows 3 or Windows 95 there would be little malware today.

The Implementation: I'm furious that Apple is drawing a distinction between MAS apps and signed apps. The options should be "Confirm Unsigned Apps" and "Run Everything". Apple is clearly trying to scare users into only shopping the MAS, thereby driving developers to the MAS. I don't care for the MAS or Apple's terms, and I think (hope?) if they push too hard here it will raise antitrust issues. MAS is not healthy for the Mac community.

Likewise I don't think it should cost one dime to get a certificate and sign apps. And I think iOS should be opened in this manner, i.e. "Confirm Unsigned Apps" and "Run Everything".

The Future: the reason this is an issue at all rather than just a new security feature deserving praise is because large numbers of Mac fans do not trust Apple to not abuse this feature. We fear that Apple will eventually close the system to approved MAS apps only; search user's drives for unapproved software and disable it; or all of the above. Only a fool would think that Apple is not tempted by the revenue stream coming through the exclusive iPhone app store. Likewise, only a fool would fail to notice the subtle iOS changes to Mac OS. A lot of us don't like Lion at all (myself included) and fear that the iOS team and culture will come to dominate all aspects of Apple.

Unfortunately the only other options are Windows and Linux. Windows is trash and Microsoft is even less trustworthy. And Linux is still a mess. The Linux community really needs to pull it together and produce a couple of solid, easy to use variants rather than a dozen half baked variants.

For a while now I've been of the opinion that the PC software foundation...OS, databases, developer tools...should all be open source. The nature of the market leads to one or two options dominating the market in each case, and corporations turn to the negative whenever they dominate a market. Power corrupts and absolute power corrupts absolutely. In this day and age there is too much power inherent in owning and controlling the fundamental software needed to run a computer. Unfortunately the open source community only has viable answers in the database market. Here's hoping for strong competition from them in all three areas in the future. Competition would, ironically, help keep Windows and Mac OS alive by keeping Microsoft and Apple honest.
 
Casiotone said:
There is a kill-switch mechanism on iOS since many years ago and Apple NEVER used it.
Click to expand...

This makes sense, but the difference is that signed-but-not-approved apps are not allowed on iOS.

Small White Car said:
Here's the difference. I see this as a backtrack of trajectory. They have a perfectly good 'locked-down' system in iOS. If they wanted to continue on that trajectory they're already there! It would be easy to bring that system to the Mac app store.

The fact that they took the time to make up this whole new gatekeeper thing seems, to me, to be a deviation from the trajectory: An acknowledgement that they literally can't monitor the Mac like they have the iPhone.

In fact, I give strong odds that iOS eventually goes to gatekeeper and the IOs store approval process is scrapped. Not this year, but eventually. I feel very good about those odds.

Policing the app store is a thing Apple would prefer to not do. It takes a LOT of time and resources and it hurts their platform in terms up software update speeds. Apple would LOVE a better solution on iOS.

I think Gatekeeper is it and I think putting it on the Mac is their way of testing it out to see if it works well.

Many here don't believe this. I do.
Click to expand...

I do like the interpretation of Gatekeeper you've provided and hope things turn out that way, especially with iOS. My concerns are more focused on the trajectory of Mac OS X specifically, which so far has been one of progressive restriction.

Time will tell how everything plays out, but I agree that it would be nice at least if Apple takes the new code-signing platform 'Back to iOS' so to speak. With all of Lion's 'Back to the Mac' stuff, I've been hoping for a little reciprocation! :p
 
https://help.ubuntu.com/community/Repositories/Ubuntu#Ubuntu_Software_Tab

Funny how when Apple does this everyone gets upset about locking down the OS, and yet Linux distros have been doing this, with repositories and the ability of administrators to limit which repositories users can install apps from, for years, without this kind of whining.

If Apple really wanted to lock down OS X to App Store only, they would have done it with this. There has never been a suggestion from Apple that this is their intention.
 
dukebound85 said:
Don't you get it? The default setting is setting the stage to killing that option off entirely.

That default setting is going to make the majority of developers not waste their time developing apps for a target audience they can't reach.

Then, when there are hardly any developers developing apps outside the MAS, that option is as good as gone
Click to expand...

No its to get developers to sign their apps with a free cert...
 
paradox00 said:
I could see them bringing this model to iOS to allow non app store apps to run without compromising security.
Click to expand...

Suspect the only ones still needing convincing on that are the carriers.

Don't think we'll ever see the fully open option on the phones, but this app store + certified developers plan might work.
 
Vulpinemac said:
snip
Click to expand...

Ubuntu is about dead simple to use these days. Installing it is a breeze, and the Software Center makes getting software just as easy as the MAS. For your average mom and dad type user, I can't think of anything that'll require guffing around in the terminal to get working properly. It's all pretty streamlined.

You are right about initial access being a difficult thing, though. That, and the selection of 3rd party software is a bit lacking in comparison to the Windows/Mac scene.
 
gkpm said:
Suspect the only ones still needing convincing on that are the carriers.

Don't think we'll ever see the fully open option on the phones, but this app store + certified developers plan might work.
Click to expand...
There is a checkbox to install packages from unknown sources on my phone. Does that count? I know a lot of people root their phones to enable such a feature but it comes standard on my phone. I have used it to install newer versions of the Market. Not that I noticed much of a difference.


Renzatic said:
Ubuntu is about dead simple to use these days. Installing it is a breeze, and the Software Center makes getting software just as easy as the MAS. For your average mom and dad type user, I can't think of anything that'll require guffing around in the terminal to get working properly. It's all pretty streamlined.

You are right about initial access being a difficult thing, though. That, and the selection of 3rd party software is a bit lacking in comparison to the Windows/Mac scene.
Click to expand...
I keep OMG! Ubuntu and Phoronix in my Google Reader feeds. There are plenty of minute long videos released every week on changes to improve usability and responsiveness. While it is not front page news, it is encouraging to see the attention to detail.
 
0dev said:
Yes, in Mountain Lion. But I was saying that Apple will silently phase that out in the next release.
Click to expand...

tmroper said:
And how long will it be before Apple starts checking for apps the government doesn't want you to have?
Click to expand...

Here guys, I made you something:

large_woman_tin_foil_hat.jpg


0dev said:
It's so sad everyone is seeing this as a good thing and is downvoting those who say otherwise. I guess that's why Apple can get away with locking down Macs so much.
Click to expand...

It's a good thing, of which you clearly don't understand how it works. This is the flexibility that OS X needs, while offering additional levels of security. From an IT perspective, it's pretty awesome.

interrobang said:
Classic is gone. Rosetta is gone.

Unsigned apps are just one more legacy technology.
Click to expand...

I really miss PalmOS 4 too. Why did they have to discontinue it? And the Newton? Damn, that was a nice piece of hardware. So much better than this here new-fangled iPad.
 
spazzcat said:
You have two real choices OSX or Windows. And before start about Linux, I use it daily, its not for the average user.
Click to expand...

I use linux daily and make every attempt to convert wayward Windows user's.

I came here from Linux and I'll be more than happy to take my ball and head back.

You know what they say about assumptions right?
 
dukebound85 said:
Don't you get it? The default setting is setting the stage to killing that option off entirely.

That default setting is going to make the majority of developers not waste their time developing apps for a target audience they can't reach.

Then, when there are hardly any developers developing apps outside the MAS, that option is as good as gone
Click to expand...

My only question here is: If that is true, why does iOS -- which is most certainly locked down by most accounts -- have an ever-growing app library? If it's working for iOS, why can't it work for the MAS?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back