No, that's not what it means. Currently there are three security tiers for applications on macOS: App Store, not App Store but cryptographically signed, and not cryptographically signed. All three can be run.
That sentence means that in the future, the second category (applications which are not on the App Store but are cryptographically signed) will need you to generate a certificate with Apple. Nothing about the app store's sandboxing rules, and nothing about all applications -- you can run unsigned applications to your heart's content.
Weren't most developers already generating a certificate with Apple for the second category? I was paying apple 99/yr when I was actively developing a non-app-store app largely just so I could get the app signed with my developer id. I tried reading into alternatives it seemed like a risky process. Ideally I'd like to pay a bit less if I'm not using the benefits of app-review, but the notarization process seems like a decent compromise.
Even on windows my experience is that signed-non-windows-store apps can get flagged as malicious upon download if they're fairly niche/aren't used by many people, supposedly using an EV Cert helps with that. The user experience is actually worse from my experience (windows will show something red, then you have to click some non-obvious buttons to successfully run the app).
Yeah, Gatekeeper has always had Apple as the sole root of trust. What’s changing is that each app will now have to be uploaded to Apple to be ‘notarized’, rather than signing being a purely offline process with a previously obtained certificate.
It is still a writing on the wall. It makes no sense to tighten the security on signed apps if it is not to prevent unsigned app from running at one point. Which is clearly the direction of travel (and what Microsoft also did with WinRT and Windows 10 S). I don't have to wait until the final destination to not like the direction.
It's another slow gradual step toward total lockdown.
I feel like eventually I'll have to abandon Mac, but for what? Linux is still flaky and Windows adware unless you spring for Enterprise.
I would pay for a commercial Linux as polished as MacOS, but there may not be enough of me. (It could also have a list of officially supported hardware to at least approach the stability benefits of Apple's vertically integrated HW/SW stack.)
Not debating Apple's overall trajectory, but I think it's cynical to call this a step towards lockdown. Mitigating certificate forgery attacks ultimately increases trust in software distributed outside Apple's walled garden.
But things like gdb just don’t work unless they’ve been signed. So, if Apple starts blocking unnotarized aogned apps, whether or not these programs will run will depend on whether Apple considers them malicious
(Note: Not talking about Apple now, hypothetically...) How would one do this on a fully trust-chained system with processor support?
Barring software bugs that allow for arbitrary code exec as the binary?
Signed package + necessary keys embedded in silicon -> processor verfies signature at memory load -> processor disallows user privilege escalation to write to arbitrary memory
I mean RHEL Workstation is a very polished Linux environment. It might not be up to date enough for your needs but it's very stable and we'll documentated. Not the best for a laptop though.
I would spring for Fedora or Ubuntu and deal with the lack of paid support for my own personal use but then again I've been using Linux for a while.
Both options are perfectly stable desktops, it's really the commerical software support that will get you.
That sentence means that in the future, the second category (applications which are not on the App Store but are cryptographically signed) will need you to generate a certificate with Apple. Nothing about the app store's sandboxing rules, and nothing about all applications -- you can run unsigned applications to your heart's content.