I made a Mac app a few weeks ago that got to the front page here on HN[1]. It isn't notarized by Apple since I don't want to pay Apple just so I can give my work away for free that fixes something that shouldn't be an issue in their OS in the first place. When users run the app for the first time, they get a warning[2]. For that kind of popup to happen when anyone tries to use anything by Epic would almost certainly dissuade new users a bit. Currently you can run unsigned code on macOS if you disable some security options in preferences but soon that won't be possible[3]. It's already the case that unsigned code can't run on iOS, so for Epic to develop an engine on iOS they must be able to sign their IPA files so they can actually be installed on a testing iOS device which can only be done through Apple.
Thanks for sharing your experience. I also work on a free utility for macOS that I'm not paying $100 each year to release. As a result, macOS treats that app like it's radioactive.
It's a disservice to users who intentionally download the app to improve their experiences, only to find out that the program is a second-class citizen on macOS, and they need to perform a security ritual to use it. If the users don't know what the ritual is, to them, the app is just broken.
I recognize the writing on the wall, though. macOS isn't a platform to hack around on anymore, it's Apple's platform to extract rents from its developers and users. If your app or use case doesn't fit into that ecosystem, that's just too bad.
Yes exactly. From the perspective of the user, macOS treats you fairly. Apple carefully words everything to shift the blame to developers for things like notarization. The message that appears when apps aren't notarized puts the blame on the developer by saying "This software needs to be updated. Contact the developer for more information". To the user who doesn't know any better it's the developer's fault. Apple takes great care to ensure users never blame something that has gone wrong on Apple themselves.
Users get a good experience on macOS and iOS so they will continue buying Apple devices which also leads to more people switching to Apple devices due to pressures of things like iMessage. Meanwhile developers are essentially forced to agree to Apple's terms to access an extremely significant portion of the market (especially when it comes to smart phones). Those terms effectively censor developer criticism by preventing developers from explaining their situation to users. If developers don't comply, their apps will be removed and their development certificates revoked on all Apple platforms. As a user Apple feels fair, as a developer it's painfully obvious that Apple is abusing their market position. Look at what's happening with Floatplane: https://www.youtube.com/watch?v=1QzHu-sjdB8
Unless things change, I don't think I will choose to purchase an Apple device ever again. But if their market share continues to increase it will be impossible to survive as a developer without releasing for Apple devices and to develop for Apple devices I will be forced to buy their devices. The App Store and everything Apple offers is certainly worth something. Is it worth 30%? Who knows. The market isn't what decided that fee, Apple and all other software storefronts have somehow arrived at that number themselves. With no realistic way for competitors to offer alternative software storefronts on iOS and Android at their own price to compete and bring fees to their true value, we will never know.
How is this any different from Windows? If your code is not signed with an EV code signing certificate, a similar warning will be shown on Windows. The difference is that, that certificate will set you back 500-600 USD a year. Though I believe you can obtain "trusted" status without a cert through people using your software and not reporting it as malware.
Microsoft isn't the only provider of certificates. It's more like the web where there are many authorities, not just one. If Epic were getting their cert from Microsoft and Microsoft retaliated to something Epic did with Fortnite on Xbox by revoking their certificate on Windows, Epic could just switch to a different provider for their EV cert.
The other difference is the message itself. Windows just displays a warning that the software couldn't be checked by smartscreen.[1] Once the app is used by enough people for the app to be in the smartscreen system the warning will disappear. Users will still see that the publisher is "unknown" though.[2] MacOS directs users to contact the developer that the app must be "updated" even if the only issue with the app is that it isn't notarized. A more fair message would be along the lines of "This app has not been notarized by Apple. Only run the application if you trust the source."
Code signing is intended to verify that the app actually came from who you think it came from. If the certificate for MS Word is unknown or something other than Microsoft you know something's not right and it's either been modified by a third party or not MS Word at all. Apple is using code signing to exert control over Epic Games rather than it's intended purpose to verify to MacOS users that their Unreal Engine in fact came from Epic.
1. https://github.com/ther0n/UnnaturalScrollWheels/
2. https://user-images.githubusercontent.com/5874301/88485840-2...
3. https://www.reddit.com/r/apple/comments/icyif5/apple_silicon...