
Mountain Lion now protects your contacts - dwynings
http://dcurt.is/mountain-lion-contacts
======
ghshephard
Presumably this is only true if the application is trying to access your
contacts through the contacts API. The files containing your in
~/Library/Application Support/AddressBook hierarchy are set to permission 600
by the user - so any application run by that user could theoretically capture
those contacts, unless Mountain Lion has put some additional file permissions
on them.

I understand how on it's mobile IOS, where application installations (and the
environment) are theoretically vetted for their "safety" and "privacy" these
protections make sense.

On the Desktop, where one needs to be very, very cautious before installing an
app - it makes somewhat less sense.

Users need to be aware on a desktop that they should rarely, if ever, install
an application that hasn't been thoroughly vetted by a well known and
respected publisher. And the presence in the Apple Store is _not_ such a
vetting (yet).

I wonder if Apple is going to try and go that direction, and lend some veil of
"safety" to Apps in the Apple Store. Not sure how they can without some
serious code auditing -OS X is not IOS (despite common underpinnings) and
enforcing sandboxes is going to be much more difficult in that environment.

~~~
Zirro
"...and enforcing sandboxes is going to be much more difficult in that
environment."

This is the approach they're taking. The sandbox for applications sold from
the Mac App Store will be required from a certain date (which was pushed
forward due to concerns, if I remember correctly) and will be quite strict in
what it allows access to.

Mountain Lion will include the Gatekeeper, which defaults to allowing
applications from the App Store and applications which have been signed by
Apple. While signed applications don't get their code checked, their
certificates can quickly be revoked if Apple finds any malicious activity.
(See:
[https://secure.wikimedia.org/wikipedia/en/wiki/Gatekeeper_%2...](https://secure.wikimedia.org/wikipedia/en/wiki/Gatekeeper_%28OS_X%29)
and it's references)

The good thing is that they still allow anyone to change the Gatekeeper-
settings to allow any kind of applications, signed or unsigned. Had that
option not existed, I bet we would be seeing a migration from OS X by
developers. Most average users will probably keep the default setting, giving
them a (in theory) quite risk-free environment.

~~~
nknight
> _and applications which have been signed by Apple_

Applications are not signed directly by Apple, but by developers who have
received certificates from Apple. Apple signing applications would be a rather
broken trust model.

~~~
r00fus
Exactly. s long as Apple isn't heavy-handed with certificate revocations or
denying new certs, then it's pretty much business as usual (with added
security).

I made the point before, and it parallels the move by Firefox, Chrome and
other browsers to heavily warn on non-registered self-signed certs. As an
intranet web app maintainer, it was a right pain to deal with the situation.
Eventually we setup our CA and it was all good.

It would be nice if we had more than just one signature authority supported by
this option.

------
jaxn
It was really annoying on the first run. Tons of apps were asking for my
permission to access my contacts. (And by tons I mean 6 or 7).

~~~
hinathan
But isn't it entirely the point to be annoying? If there were only the
preference pane showing which apps had accessed the data, it would already be
too late. This is just like with location information on iOS — you have to ask
the user before the app gets their data.

~~~
jaxn
Sure. But on a first run after the upgrade it is too late too. These are all
apps that we're running earlier in the day. It's beta software and probably
won't be released like that.

------
kklimonda
can someone describe how is that implemented? Or rather, what does prevent
other applications from reading address book directly (it has to be stored
somewhere on the disk after all). On Linux, I can imagine leveraging SELinux
to limit access to files, is there something similar available for OS X?

~~~
waterside81
Maybe the sand boxing being enforced in mountain lion prevents apps from
directly accessing the file?

~~~
krakensden
unless you install it from the web, which would be the vector for any
malicious application

~~~
Zirro
I wrote a response to gshephard above (or below, if the posts move around)
which I believe is fairly accurate, trying to address this.

