Hacker News new | past | comments | ask | show | jobs | submit login

No. Users can still disable Gatekeeper for complete control, just as they can disable Secure Boot on PCs, and just as they can disable Google Play Protect and enable "unknown sources" on Android.



Nitpick: Secure boot is about the firmware protecting the machine at boot time against unauthorized OSes or OS-modifications, establishing trust in the boot-media.

App-signing is about protecting the user within an already booted OS, trusted or not.

These are very different concepts.


Yeah, I agree. Just comparing them in that they both restricted users' perceived control and autonomy.


Secure boot is 100% under the users control. You can load your own keys.

Similarly in Windows you can control which CAs (or individual cettificates) you trust.

They 100% respect the users freedom.

Very much unlike Apple does with gatekeeper.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: