Hacker News new | comments | show | ask | jobs | submit login
Mountain Lion: John Gruber's personal briefing (daringfireball.net)
419 points by MaxGabriel 2073 days ago | hide | past | web | 302 comments | favorite

When journalists say they're different from bloggers, what they're talking about is the kind of navel-gazing bullshit that Gruber spends half his time on here — describing the event itself, and his presence and experience there, making sure the reader knows that he was among only a few dozen people invited to this exclusive one-on-one press briefing.

A more competent writer would have spent maybe a sentence or two explaining the novelty of the briefing and then moved on. Gruber spends four paragraphs. I don't need to know that they gave him free coffee, or that the chair was comfortable. The whole thing comes off as sickeningly conceited.

I don't think that's quite true. If you read stories in the New Yorker, or the Atlantic, or similar publications, then you'd find equally "naval-gazing" writing from "real" reporters.

When I write a post, or when a journalist writes a story, or when you write a comment, you want to have an angle: something that sets your writing apart from the other thirty people who are writing about the same thing. Many publications today will cover detailed information about Mountain Lion. Gruber knows that. Further, there's not actually much new in Mountain Lion: Gruber successfully summarizes the new release in a handful of words in a middle paragraph. While I suppose he could go into more detail on interface minutia between Contacts and Address Book, or pontificate on why Notification Center on OS X looks more like Growl and less like the iOS pull-down, even doing that would provide him relatively little material.

Instead, Gruber focused on the culture of the event. From a company so well known for massive product releases and on-stage demos, the idea of doing not just one, but a large number of in-person demos across the country represents a substantial shift. It could symbolize any number of things, from a lack of confidence to a desire to repair image damage from Foxconn, which is why Gruber finds a need to emphasize how polished the presentation was and how the event was set-up in detail.

I can understand why this might feel like naval gazing, but to me, it's anything but. Gruber is in a unique position to comment on the cultural shifts of Apple, precisely because he's so involved with that selfsame culture. If he's going to comment on Mountain Lion's release this morning, that's going to be his angle. It's completely fine if you don't find it interesting, but questioning his competency, or calling this approach conceited, is wrong.

In fairness, the New Yorker might spend the same length of page navel gazing, but the story as a whole is 10x longer.

For what it's worth, and focusing on this isn't worth much at all, I read it completely differently. Gruber was trying to convey a sense of how different this is from the Apple of days gone by. He's trying to demonstrate that Apple has gone from having huge keynotes at Macworld to having medium-size keynotes in their own auditoriums to having one-on-ones with key members of the press. The point isn't "look at how awesome I am", the point is "look at how completely different this is from everything they've ever done in the past".

I don't think that Gruber would argue that this piece falls into what we would call stereotypical journalism. It's not a piece that purports to be a View From Nowhere.

I think that this piece is akin to pieces you might read in the New Yorker or the Atlantic, in that you see a writer's analysis of a topic or event through their experience, both past and present.

It's doubtful that Gruber is rubbing this in all of our faces. More likely, he's noting it's novelty as a change (or a confirmation, really) of Apple's motivations.

Gruber is a competent writer. His pieces exhibit voice and clarity, though you might disagree with him (I often do), but a contrary opinion is no less competent for its, well, contrariness.

That's the spirit of HN. If you disagree with someone but they challenge you and add value to the discussion, you upvote and challenge back, sharpening both of your stances.

I liked the perspective on this one. The OS itself? Yadda yadda. That will be covered in excruciating detail through the next news cycle. The event, though, will probably be glossed over.

Describing things like this is a way of seeing into the machine and finding out how it works. This kind of event marks an interesting departure from previous WWDC-type promotions. It's an important thing in and of itself.

I totally agree. I'm not a Gruber fan and I've never owned a Mac, but I was still interested in his analysis of why they held the meetings in the fashion they did. Letting us in on some of Apple's inner workings and their collective "thought process" is a valuable service to readers.

That was my feeling. If you know Apple, you know there's no question you can ask that they'll answer with any more information than they wanted to reveal and put into that presentation. So digging is pointless. And writing an article full of unanswered questions wouldn't serve any purpose beyond trying to impress us all with the writer's cleverness. You can't differentiate yourself that way.

Further, a dozen other sites were getting this presentation, with the same embargo date and they were going to write the articles that their audiences expected. So absent a unique take that might interest Gruber's particular audience, there'd have been no point to his writing anything.

If not this sort of approach, he might as well have just linked to Engadget and called it a day.





There are many genres of journalism. It's true that Gruber is not Reuters. It doesn't mean that he's not a journalist (even if he doesn't say so himself).

I don't think any of these things are apt comparisons to what Gruber does. In narrative journalism, the author includes personal details that add something to the story or reveal a greater truth about whatever they're writing. Gruber, on the other hand, just wants you to know how cool he is.

gecko's reply above explains what you seem to miss from this Gruber's writing.

Methinks that for a critique of someone's writing this is the wrong forum.

Which wouldn't be a big deal if it wasn't for the fact that shooting the messenger and/or his writing style seems to be a treatment exclusively reserved for Gruber. These kneejerk reactions to one particular blogger are pathetic and belong on Reddit, not HN.

Really... didn't pg himself do exactly that RE: TechCrunch and Curebit ripping off 37signals (among others) designs.

Seems like just a reality of the tech world, everyone just discredits everyone else in the hope of increasing the value of their own portfolio/brand/whatever.

I think you were looking for something that Gruber never set out to write. That is, you wanted to read something like the article that Engadget wrote (from what I would guess was the same presentation and early access).

But Gruber has never really been that guy. And I don't think that's ever been a secret. You could drop this criticism on any of his longer-form pieces and making it just makes me wonder why you bother reading him.

Yes exactly. It is this type of "I am cool and you are not" that runs rampant in this and everything else he writes. I use apple products and find it mildly interesting they are releasing a new OS version. I could care less that this asshat got free coffee.

Or, you know, the difference between headline-writing, bullet-point, "breaking news" "journalists" and the journalists that write long-form investigative reports, in-depth stories, and other less "news-y" pieces that flesh out things like atmosphere and details.

> The whole thing comes off as sickeningly conceited.

So like a typical Gruber piece, right?

I think you missed the point of this post.

Oh look, it's the compulsory Gruber bashing comment.

Whereas what you've written...

That’s when Schiller tells me they’re doing some things differently now.

I wonder immediately about that “now”. I don’t press, because I find the question that immediately sprang to mind uncomfortable. And some things remain unchanged: Apple executives explain what they want to explain, and they explain nothing more.

What useless reporting! How about just asking a follow up question about what is different? Or why OS X will not support Siri in this release?

Strike out all Gruber's writing involving the feel of the room and this might as well be a feature list on Apple.com.

And instead of a room full of writers, journalists, and analysts, it was just me, Schiller, and two others from Apple — Brian Croll from product marketing and Bill Evans from PR.

Not even a head nod to let us know he has at least a small sense of what his purpose at this meeting is. Just any hint of self-awareness that he's merely an extension of Apple Marketing would suffice. One of the most valuable companies on the planet sees value in free advertising through Gruber. I'm not sure if that reflects more poorly on Gruber as the stooge, or his readers as pawns.

I think it's more your comment that is useless, not Gruber's reporting. It's evident from your comment that you don't like Gruber, so you excerpted a couple lines from the long article he wrote and attacked them, glossing over all the other details he did report on.

It's cool with me if you don't like Gruber, but we don't really need to hear about it. Instead, just stop reading Gruber. It's particularly useless to read your ad hominem attacks against both Gruber AND his readers in the last sentence you posted.

Gruber TOLD us what is "different" now; what's different, clearly, is that journalists are being given briefings like this to spread the word in advance about OS changes. That's quite obvious from his entire article. You're just being obtuse. As for why Siri isn't in this release, well, one assumes it's cause Apple isn't done with it. It's not Gruber's job, nor is it interesting to readers, to post his guesses about things which are NOT in the new release; what's more interesting is what IS there.

It's not Gruber's job, nor is it interesting to readers, to post his guesses about things which are NOT in the new release; what's more interesting is what IS there.

He _literally_ guesses that other journalist will receive the same personal briefing he gets.

Gruber TOLD us what is "different" now; what's different, clearly, is that journalists are being given briefings like this to spread the word in advance about OS changes.

You fell for his writing. "This is an awful lot of effort and attention in order to brief what I’m guessing is a list of a dozen or two writers and journalists." He never asked the question "How many other people will get this private presentation?" or anything equally basic.

An Apple VP specifically targeted Gruber's fanclub. He's a trustworthy sycophant.

You have no idea whether he guessed, or whether he found out from Schiller. It's you who is guessing. BTW, he was right. Others did get the same briefing.

I didn't "fall for" anything. Nor do I care that you are guessing about what Gruber did or did not ask. You especially have no clue about other, conveniently unspecified things which you assume Gruber didn't ask about which are "basic", so I care even less about that.

Again, you are personally attacking Gruber's readers, as I pointed out earlier. Now you're doing it again. It's tiresome. Please stop.

Gruber's readers are not merely a "fanclub". They are readers who read Gruber's blog because they get information there. When I worked at Apple, I saw quite a few folks walking around in Daring Fireball t-shirts. I don't think that's an accident, nor does it reflect your reality of Gruber readers being a bunch of hypnotized fanboys.

Nor do I care that you are guessing about what Gruber did or did not ask.

He literally says he didn't ask about things being "done differently now" because it was uncomfortable. He literally says he guesses a list of others will receive the same briefing.

>When I worked at Apple


> oh.

Acting like someone doesn't have meaningful contribution to a dialogue because of where they have worked says more about you than the person you're conversing with.

The way I took "done differently now" was that it was in reference to Job's death, and I can understand why it would be uncomfortable to talk about it.

Uncomfortableness is often an excellent clue that you're close to something interesting and important. It's really too bad he didn't follow that one up.

I read this as him _literally_ guessing what the size of the list was, not that there was a list.

As has been noted elsewhere, a Time reporter described a personal briefing as well. I think you're assuming that his article is a complete transcript of the meeting and any followup conversations, rather than a vignette.

Has someone done a quick sentiment analysis of the resulting articles? I'd enjoy seeing a quantification along those lines.

Gruber was clearly not the only person briefed in this way

I gave up after reading a handful of those. Which of those people did Apple brief "in this way"?

Anyone could have written those articles just from the copywriting on https://www.apple.com/macosx/mountain-lion/features.html

I only picked articles that made their source clear.

"We can report on Mountain Lion a half-year before it ships because Apple, for the first time, decided to give the computer press a look at a new OS X version long before its release. Normally, we see a new OS X version at most a few days before the shipping date. The early version of Mountain Lion that Apple gave us is substantially the same one that its registered developers will be able to download starting today. After using Mountain Lion intensely for a few days, I'm deeply impressed with its new convenience and security features, its subtle interface improvements, its cloud-based file synching, and its compatibility with software written for earlier versions." http://www.pcmag.com/article2/0,2817,2400311,00.asp

"For the past week, I’ve been using an initial demo version of OS X Mountain Lion." http://techcrunch.com/2012/02/16/os-x-mountain-lion/

"We got our hands on an early version of the OS -- so early, in fact, that it's something of a pre-developer build. (Heck, there isn't even an image of a mountain lion to choose from in the default wallpapers.) The version available to developers today should address some of the kinks we encountered during our testing, not that we suffered all that many hiccups." http://www.engadget.com/2012/02/16/apple-os-x-mountain-lion-...

To nitpick, nowhere in that text does it says they got a personal presentation, just that they got their hands on Mountain Lion early

Your quotes make no distinction between a bike courier leaving a package to the front desk, and the Senior VP of Apple Worldwide Marketing giving a private presentation to an individual.

The article on Time was more explicit:

"Apple recently briefed me on the new features and loaned me a MacBook Air loaded with a beta version of Mountain Lion. I’ve been test-driving for the past week." http://techland.time.com/2012/02/16/apples-os-x-10-8-mountai...

Maybe Gruber was the only one who keyed in on how big of a deal it was.

As this event is rather unusual, I personally find the "feeling of the room" quite interesting. Though I must concede Gruber is rather poor when poetic.

Ps, if Schiller's presentation was as thorough as Gruber describes it, then I hardly see this as free marketing. Time is money, especially for a guy in Schiller's position. Also the coffee.

Hmm, I got the idea he understood what this was about from this paragraph:

"This is an awful lot of effort and attention in order to brief what I’m guessing is a list of a dozen or two writers and journalists. It’s Phil Schiller, spending an entire week on the East Coast, repeating this presentation over and over to a series of audiences of one."

(emphasis mine)

That's exactly it though! Gruber thinks he's on an select list of writers and journalists. Instead, I believe he's an item on the Apple marketing checklist. Can you find another author who got the same treatment as Gruber?

This random article I stumbled across while looking myself takes Gruber's assumptions as fact, which I believe to be Apple's intention.

"The company is also changing the way it handles press events, according to worldwide marketing VP Phil Schiller. While Schiller has refused to go into any more detail, Daring Fireball's John Gruber notes that last week, he and others in the media were given separate, solo product briefings on Mountain Lion." http://www.macnn.com/articles/12/02/16/os.x.updates.to.becom...

Gruber actually wrote, "I'm guessing" because he didn't have the sense, integrity, or care to ask "Hey guys, how many other people will you be giving this personal, private, ego-stroking presentation to?"

Yep. Gruber thinks he's on a select list of writers and journalists.

And he's right. Gruber is perhaps the most influential Apple blogger out there. And he clearly merits personal attention from Apple execs.

And that seems to really piss you off. So you are attacking him on Hacker News where he can't respond, and also attacking his readership.

>So you are attacking him on Hacker News where he can't respond

This makes no sense. Has Gruber been banned from HN or something? Where would you say is an acceptable place to post an issue with him? If I can't post it here, and he doesn't allow comments then what do you propose? Certainly you aren't saying he should be free from criticism?

Certainly not. I merely meant that Gruber is unlikely to be reading this thread, based mostly on the fact that I've never seen him comment on HN.

And I didn't say it was unacceptable for you to post "comments" about him; I said that your particular attacks on him were tiresome, misleading and pointless. Which is different.

You still didn't answer. Where do you find it acceptable for me to post?

I agree with your sentiment, but it's just untrue that he can't respond on Hacker News. He may have reasons to not do it, but he certainly has the ability to.

Why can't he respond here?

> That's exactly it though! Gruber thinks he's on an select list of writers and journalists. Instead, I believe he's an item on the Apple marketing checklist.

You can have a writer on a marketing checklist; quality writing is important for marketing to certain demographics.

Indeed, making a select list of writers and journalists feel like they are on a a select list of writers and journalists has long been an important item on marketing checklists.

What is unusual, in this case, is that Apple made it the way they launched the marketing for Mountain Lion.

> You can have a writer on a marketing checklist; quality writing is important for marketing to certain demographics.

I agree. Many of the "news outlets" reported on the operating system itself, as that's what their readers want. They're not really that interested in the fact that this private Q&A is different, and who attended, and how good the coffee was.

Daring Fireball readers obviously do, and it's probably why Gruber runs a fairly successful site: he found a good niche.

Oh, I see what you are saying. I guess we will see if anyone else got the "personal treatment". I'm also waiting for Siracusa's take - that is if they talk to him too.

IMO it's certainly a bold marketing approach.

The entire time I read this article, I was well-aware of the fact that this one-on-one presentation was only an Apple PR move, and I felt that he as a journalist knew it too. What he wrote reflects this as well. It seems condescending to both him and his readers to surmise that they wouldn't understand this.

Pretty sure the "now" sentence is a veiled reference to the passing of Steve Jobs.

(edited since I accidentally a word)

Perhaps it's because Gruber is aware that Apple wasn't putting on a Q&A session. They rarely do, and when they do, they let you know, in clear terms.

And who knows? Gruber may have asked about Siri on OS X, or may have been told about a host of other features but was asked not to publish them. You don't exactly want to go and do that if you want any hope of being invited to future dog n' pony shows.

> You don't exactly want to go and do that if you want any hope of being invited to future dog n' pony shows.

And that's exactly why Gruber's essay is a press release and not a journalistic report.

If you read his blog, I don't know how you could possibly classify Gruber as someone who does "reporting". It's quite clear that he is not your traditional reporter nor does he ever claim to be one. His pieces are personal opinion pieces with a personal voice. Whether his opinions jibe with Apple or with the anti-Apple crowd is besides the point. What matters is that his voice is authentic and provides unique insight into the world of Apple (not always but often enough) - which is more than what you could say for many other blogs covering Apple or any other technology company.

Many around these parts will make glib insinuations about the "Gatekeeper" feature heralding Apple's clawing away the freedoms of it's users, one-by-one, until we are all prisoners of "the computer as a jail made cool".

However, it seems to me that Gatekeeper's presence embodies a rather more embarrassing admission that, yes, Mac OS is on the verge of needing some kind of malware protection; in the wake of the Mac Defender malware surfacing last year, it was really only a matter of time.

I don't want to disagree with your core point, because you're right; to a certain extent, OS X has always needed more defenses against malware than it has owned up to.

But you can't find a large-scale Windows deployment anywhere that hasn't had to deal with an actual in-the-wild malware outbreak. Security people in corporate America do malware cleanups for Windows several times a week.

At the same time, you'll have a hard time finding anyone in the real world that got hit by "Mac Defender".

but that is because the target plane for OS X is so small and not worthwhile. If OS X was 95% of the corporate market and made up large networks it would be targeted just as regularly as Windows is. there is nothing technically superior in OS X that prevents it from being a malware target (prob inferior to win7)

Just like meatspace states use child pornography to justify Internet monitoring and control, Apple will use malware to justify locking down software. Not distributing software via the App Store will now remove a segment of Apple's user base from a software vendor's market so vendors will likely do whatever they can to get in the App Store. Apple now gets the ability to censor software on their non-iOS hardware.

Well you could hypothesize that that's where it's going, but at the moment, they're going to allow signed, non-app-store apps by default as well. All a dev needs to do now is to sign their binary when they build it and problem solved. I can't see why anyone actively maintaining an app wouldn't make the small change required.

Even if you sign the binary, you are still getting shut out of the market for the segment of users that select App Store only. You pay Apple the App Store cut or you limit your market... not a great choice to have to make.

Apple is ahead of the curve -- this is coming to Windows as well, although perhaps through 3rd parties.

About 2 years ago, my then employer was considered a "strategic" customer to one of the big security/AV vendors. They came in to give us their dog and pony show about the future of security, etc... which basically said that the current strategy of using AV to "blacklist" bad stuff is ineffective. (I asked the awkward question "So WTF am I paying for your ineffective AV product?")

The only thing that makes me nervous about "Gatekeeper" is that it is Apple-controlled, and Apple is a mercurial vendor whom I don't really trust to do things that are in my interest. I'd be happier if I could trust other certifying authorities, which would mitigate the impact of Apple cutting of the oxygen to unsigned applications in the future.

I agree with this; but at the same time, what is the reason for tying the iCloud and Notification Center features to App Store installs only?

Easy. iCloud syncing and storage costs money. Notifications go through Apple's servers, which also costs money to run. Apple wants its 30% share of the price to cover these costs. Make sense?

That means iCloud won't be accessed except by applications that have been scrutinized by Apple, which cuts down on an avenue of attack by malware, and makes it less likely that an application bug will cause problems with iCloud.

The first thing that comes to mind with Notification Center is that perhaps it could be used for phishing-type attacks, by presenting a notification that appears to be from something else.

I think it has less to do with a concern over malware than it does with an opportunity to further control development for the platform.

I suspect Apple will retain the right to pull applications from user's computers for any TOS violation, not just those involving malware. Even when those TOS violations are due to a change in the TOS.

There has been malware protection since Snow Leopard and Lion in the form of Xprotect. However, it can't hurt to offer an extra layer of protection with signing apps.

You're right, but Gatekeeper does something else: It marks the line in the sand. So long as that choice is there as an option in settings for me to make, Apple is in the right. If they ever take that choice away, and they start dictating what I can run or not run, they will have crossed that line, and lost me as a customer forever.

I think a lot of people think that Apple taking away that choice is inevitable. I don't think so- I think it would be completely out of character.

But if I'm wrong, I'm gone.

It's a sensible feature, and there's no reasonable way to implement it without that settings option, and the options they've chosen make total sense.

I agree with you: not having the option would be very bad... but it's very unlikely they'll ever take the option away.

Why would they? The overwhelming majority of their users will never touch it.

Right now there is no need to take the option away. You are certainly correct about that.

Microsoft is going to soon start pushing its users to buy from its app store. I can see a future in which only 'trusted' programs can be run on new computers. Trusted here means programs approved by Apple/Microsoft and the national government of the country in which your computer resides.

I don't know how likely this would be but China seems to like to have a lot of control over the computing its citizens do.

Sure is handy for China how easy it is to get a keylogger installed on someone's computer, isn't it?

I guess I missed your point. In which case it seems you missed my point.

If only approved programs can run on a computer then it is quite easy to disable undesirable programs. There's obviously a kill switch involved. If social unrest gets too great then move Twitter clients to the unapproved list and they all get deleted. This would be a lot easier than installing key loggers and...what? remotely logging into 100 million computers to delete certain programs?

Things like Gatekeeper can in the future be extended and used to exert more control of computing. It may even be a requirement for all manufactured computers as we enter the surveillance state era.

> There's obviously a kill switch involved

False. It's already been reported that this is not the case. Gatekeeper uses, and clears, the quarantine flag, the thing (which already exists) that throws up the "BLAH is an application downloaded from the Internet. Safari downloaded this file today at 4:30PM" message the FIRST time you open an application. Since after the application is launched, the quarantine flag is cleared, you don't get prompted again, and the blacklist is not checked again either. So, whether it's malware, or some kind of "subversive" app the government wants to suppress, no apps that have previously been opened at least once will ever be prevented from running by Gatekeeper. And nobody ever said anything about deleting anything.

Furthermore, even after a developer key was blacklisted, apps loaded from disks such as CDs or USB drives don't get quarantine flag. Only files that came from the network.

I'm pretty sure if China wants a keylogger they just install a custom usb hub chip on the motherboard, repainted to match whatever was specced.

Now that is a deliciously diabolical plot. Infiltrate the hub supplier in Shenzhen, coerce the people that oversee parts deliveries in the appropriate wing of the facilities at Pegatron into not reporting a thing to Apple or other integrator clients, and let the trojan hardware filter into the market. The hubs are inert until they have a driver installed surreptitiously from a compromised copy of Baidu Desktop Search or QQ. No one would be any the wiser.

I'd order a tinfoil hat at this point but I don't know who might have interfered between the aluminum refinery and the sheeting facility.

Infiltrate the hub supplier? The hub supplier is probably already owned by the Chinese army, if my experience with other Chinese companies is correct.

Yes. Unfortunately control of citizens' computing is one area that China leads in. Other national government appear to be envious of this control seek to emulate it.

I think you may be missing tptacek's point. Things like code signing make it harder for bad things to run without the user's permission.

If option 3 is removed then how is this so? It's not in Apple's interest right now to do this. In five years? Maybe China decides that in order to get access to its market Option 3 must not be available. Maybe Gatekeeper gets enhanced in the future.

Obviously this is hypothetical but given the trend toward national surveillance is it hard to imagine that this can happen?

I think he meant how easy it is now for China to install key loggers on, say, American computers.

I don't see how installing key loggers being easy is germane to whether or not enhancing Gatekeeper to delete unapproved programs is a future possibility.

I read the comment as being, "China's key logging exploits are evidence that it likes to control computing and it will seek to enhance this capability." The trend amongst world governments is to seek greater control of computing. I doubt this is going to stop with key logging software and won't be enhanced.

"The overwhelming majority of their users will never touch it."

Oh Thomas, Thomas, Thomas. You of all people should know the unimaginable power of porn and the incredibly stupid things people do in response to the promised delivery of the same.

"The overwhelming majority of their users will never touch it."

That's unless they want to install any app currently available on the Web that isn't signed. There is a lot of legacy software people keep using, even Mac users. I don't see that setting staying default for very long.

According to a screenshot the Macworld Hands-on (http://www.macworld.com/article/165407/2012/02/hands_on_with...) you can whitelist individual apps on the fly.

If that is the case, that's actually incredibly useful.

The way I understand it, one can override the setting on a per application basis by control-clicking an app and choosing "Open" _once_. I would hope that would make Apple sign those apps ins some way, bu I do not think they will, as they will not want to store the master key of doing that on the user's disk.

Also, apparently, all applications already installed get this magic applied automatically.

Not to mention DVD rippers and pirated copies of Office and Creative Suite.

There's no reason you couldn't sign a DVD ripping app; all that code signing will do is ensure that you are who you say you are. Since you don't have to distribute apps through the Mac App Store, you could sign up for a dev account, build your custom app, and distribute it however you want.

For tools like that, this could actually be a big benefit - it lends a sense of credibility. You wouldn't be able to distribute modified (read: backdoored) binaries, and if you did people would know who you were (at least, to some extent, and Apple could revoke your credentials so no one else would inadvertently run your software).

As for pirated software: I haven't seen a lot of actual 'cracks' lately; mostly it seems to be 'put in this serial plus set these hosts entries so it can't phone home' sort of thing. For app-modifying cracks, you'd have to disable this, but I'm not sure how common that is lately.

Apple would likely revoke the certificate for the developer of a DVD ripper, simply to avoid the liability.

But one of the things Apple can now do is void you keys and make all the apps on people computer unusable at least as I understand it. So for legally dubious application this wouldn't be such a good idea.

I'm curious, what makes you say that taking away that choice is completely out of character when they've already done so on a different, more popular platform?

they never gave you that choice on iOS, so they never took it away, did they?

Never giving the choice in the first place is stronger, not weaker, than giving it and then taking it away.

I disagree. Pulling access to something you've come to depend on (especially, derive your livelihood from) is worse than never fostering that dependence in the first place.

I was aiming more at the idea that it would be out of character for Apple to completely restrict access to just certain sources of apps. If we're talking about whether Apple would take something away that people had come to rely upon, well, there's a whole long list of technologies I could list off to support the idea that they have no problem doing that....

Not arguing that they won't do it. Just that it's worse than never allowing something.

Well, that's why I said stronger, not worse.

I think it’s right to make very clear that Apple overstepping that line would be inexcusable and evil, or else they might think people would be ok with that. So a bit of outrage isn’t altogether a bad thing, really.

(Although it’s pretty obvious that acting like Apple already overstepped that line or will certainly overstep that line in the future is very childish.)

Shouldn't it work the same way for iOS, too? It seems Android is the only one who's allowing you you to make that choice. Neither iOS nor WP7 allow it.

What I'm curious about is how they'll present this to users who try to install an unsigned application the first time. Will they educate the user, and provide a way to get to the Settings and change it if they want? Or will they present it in such a way that 90% of users give up and assume the installer is broken.

Remember that most Mac apps don't have an installer - they're self-contained, and installing consists of extracting the DMG and putting the app on your hard drive.

The notification will probably take the same form as the error message you get upon trying to launch a PowerPC app on 10.6 without Rosetta installed.

TO be fair, even apps without an installer will open a warning dialogue the first time it's actually run letting the user know this is an application that's "new" and hasn't been run before.

Also - as long as Apple makes it easy for developers to get signing keys, which seems to be their direction as far as OS X goes, there's no reason for developers to complain about it too much. Just sign your builds, and you probably avoid any warning message.

Just as long as they don't present it the way Windows does - pretty much the same dialog boxes but one has a blue banner (signed) and one has a yellow banner (unsigned).

I don't necessarily think Gatekeeper is a bad thing, but I worry about the impact if Apple were to make the default setting for Gatekeeper be Mac-store-only. Having the option to install other software would be great, but such a move would further marginalize non-Apple-approved software in a huge way. Assuming a large portion of Mac users are not the type to lower default security settings, then that could have a severe impact on the way people think about software in the "wild".

Agreed on all points. I think it's far likelier that this form of tiered app access will make its way over to iOS eventually.

But will you be able to leave with your data? Or will it be locked in to iCloud?

iCloud is not a drive you store your data on. iCloud syncs data and changes between your devices. So you have local copies of a document on your iPhone and Mac. Make a change on your Mac and it will show up on the iPhone. Both devices have local copies. In other words you will always have your data.

The only things stored on iCloud are device backups and iTunes purchases.

In other words you will always have your data.

In what format? If addresses and mail are stored like Apple stores my iTunes metadata, I'll never get them back if I stop using Apple products.

Addresses exportable as vcards, as noted above. Mail has export options for mail boxes and individual mails, plus icloud is using IMAP, so you should be able to export both from the server and the client.

iTunes metadata can be exported as an XML file.

I'm not sure about mail because I don't use it but you can export your contacts as a Vcard.

To me it depends on what happens when you attempt to run the binary. If there is an override button which remembers that setting, fine. If not, to hell with Apple.


Apple's pattern with iOS has actually been one of slowly opening up.

Just web apps, then native apps with massive restrictions on what you can do and how you can build them, then native apps with a few less restrictions on what you can do and how you can build them (for instance compiled from non-objective C sources).

I get that people don't like where they are now but the pattern isn't one of closing down, it's slow but in the other direction. I don't think it's a jump to assume it might keep moving if Apple see the benefit of allowing it. Gatekeeper might, just might, be them seeing how such a model might work.

then native apps with massive restrictions on what you can do and how you can build them

No. They originally allowed any programming language, then played a bit with disallowing anything other than C/C++/Objective-C.

> Apple's pattern with iOS has actually been one of slowly opening up.

Tell that to Amazon or Barnes & Noble or Netflix or Hulu or anyone else burned by the In-App Purchase mess. I'd bet none of them would say Apple's pattern has been to open up iOS.

I should possibly have been clearer - from the perspective of software development.

Even with those three it's not closed. I read Kindle books on my iPhone (and use iBooks as nothing more the a PDF reader as it goes), just the purchasing model isn't as streamlined as Amazon would like.

What Mac Defender malware? The one that affected 0.1% of OS X users?

Not to mention: Mac Defender was a TROJAN. You HAD to install it yourself for it to work.

From Wikipedia: "Mac Defender (also known as Mac Protector, Mac Security,[1]Mac Guard,[2] and Mac Shield)[3] is an internet rogue security program that can be installed by unwitting users of computers running the Mac OS X operating system". The exact same thing can happen to any operating system. You can install malware YOURSELF even in OpenBSD.

Right, which would be rendered pretty ineffective by Gatekeeper, now, at least for people that don't know about the launch-from-disk trick or other workarounds (basically, the same people that would potentially be vulnerable).

Gatekeeper's a small, small step that doesn't add much inconvenience to developers, but it does help a bit and I'm surprised at how long it's taken to arrive at something so basic & logical.

I'd be surprised that people would just turn that feature off pretty quickly after getting a new Mac. There are tons of application out there that aren't sign and aren't malware. People will come to view this feature like the annoying warning about bad SSL certs.

Hm, that's a good point: "warning fatigue" that users get. I hadn't thought about it from that point of view; I guess how fatiguing it is will really depend on how quickly developers in general get aboard the "sign your application" train, so I'd be curious to see the response from the legions of independent Mac software developers that aren't using the App Store for delivery.

...or UAC on Windows Vista/Seven.

Most people don't install tons of apps (and many of those who do use the App Store). It's hard for me to think of seeing that dialogue once a week as onerous and I bet the vast majority of people don't install more than one app a week.

I guess Mac - sorry, OS X - users never install software they didn't mean to or that was misrepresented to them? What a pleasure it must be working with such a vigilant, critically thinking group of users.

We are here, ladies and gentlemen.

    Users have three choices which type of apps can run on Mountain Lion:

      Only those from the App Store
      Only those from the App Store or which are signed by a developer ID
      Any app, whether signed or unsigned

   The default for this setting is, I say, exactly right: the one in 
   the middle, disallowing only unsigned apps.

Interesting. Let's say I'm a developer writing a Bittorrent client. Do I leave it unsigned and get lower adoption because people are afraid of malware, or do I sign it and hope that Apple doesn't someday revoke my key?

Of course, Apple could have done this before. They could push out an OS update that wiped an app from everyone's computers. But that was a huge undertaking and now they have a process that is generally accepted from the App Store, and I wouldn't be surprised if we start to see it more regularly.

Edit: Apple wouldn't even have to be against Bittorrent clients. They could just get sued by record labels and lose, and then a judge would say "You built the capability to remotely disable apps, so use it to disable this one."

Practically speaking, I don't see this being much of a problem. If Apple does disable your app, but your app is not malicious and users actually want it, they can just return to your site and download an unsigned version. This would be a minor annoyance to your users, but if you are having the kinds of troubles that cause Apple to disable your app, you probably have much bigger things to worry about than a few thousand customers downloading your app again.

Are you making the assumption that people would be afraid of your application because it could potentially be malware, or because they don't want to switch to the third mode? If it's the latter, I hope the control is on an individual applications basis so that I am alerted about other unsigned applications even after having allowed yours.

If it's about the first, I think the users who can get a Bittorrent client up and running (and have an interest in it, in the first place) are also able to read reviews and ask friends who may have recommended them this application.

We're not quite here yet. I think a better version of Gatekeeper would offer:

      Only those from Trusted Sources
      Only those from Trusted Sources or which are signed by a developer ID
      Any app, whether signed or unsigned
Where "trusted sources" is something that future Gatekeeper would give you control over.

Enterprises spend a ridiculous amount of effort in locking down and pushing out software to workstations, so allowing them to maintain their own code-signed internal "app store" could be game changing. Apple has almost no enterprise presence, and this could be an opportunity for them to steal market share from Microsoft, who lately appears directionless and out of touch.

Apple has an enterprise version[1] of the iOS App Store available. I'd wager that an equivalent for the Mac App Store is pretty likely.

[1] https://developer.apple.com/programs/ios/enterprise/

This is a preference in system preferences that is pretty easy to change. I don't think it's entirely unreasonable to say that if you can't figure out how to change it, you probably would have trouble figuring out what's safe to install on your computer anyway. You'd also probably have trouble finding things to install on your computer that you didn't get at best buy (would be signed anyway), through the app store (would be signed anyway), or through a malicious site trying to get you to install some fake virus scan scam (wouldn't want).

But it's not going to slow down developers, or even kids who like to explore.

Edit: Actually it looks like I may be mistaken about this. There is some confusion in the press currently about whether a paid developer program will be required for obtaining signing keys. If not, this is only a minor encroachment of control.

> This is a preference in system preferences that is pretty easy to change.

That doesn't matter. It means that if I want people to use my software, I will now have no choice but to join Apple's $99/year Mac Developer program.

Time to port to Linux/Windows.

FTA: "It’s a system whereby developers can sign up for free-of-charge Apple developer IDs which they can then use to cryptographically sign their applications."

Yes, as I noted in my edit, there seems to be some confusion about this in the media. Some sources are saying that you will have to be a member of the Mac Developer Program (which costs $99/year), while others are saying the signing service is free of charge.

Here's Apple's own page on the matter: http://www.apple.com/macosx/mountain-lion/security.html

> Apple wants to help you steer clear of malware even when you download applications from places other than the Mac App Store. That’s why Apple created the Developer ID. As part of the Mac Developer Program, Apple gives developers a unique Developer ID for signing their apps.

This seems strongly to imply that a Mac Developer Program membership is required for code signing.

I very much hope that their phrasing is merely imprecise, and if not, that they will change their minds and provide free signing. I love OS X as a development program, but I will leave it behind if they start down this path.

I've never understood this for a second. Xcode only runs on the Mac OS, and the Mac OS only runs (without hassle) on exceptionally expensive computers. What is $99 more per year to get a signing enrollment? Who gives a fuck about the $100? You're building apps on a $1700 laptop while sipping a $6 coffee in your $2000/month apartment, for fuck's sake.

Why waste time being outraged about something unimportant when you could be BUILDING SHIT?

Right now, the next generation of hackers is around twelve years old and screwing around on computers they can't afford, which is only possible because their parents found having a computer around (unlike a gilt-edged DRM key) to be useful for other things. Anyone who can't start until they can afford their own is is probably going to be a dud. This is yet another reason we should be alarmed and offended over trends that make the world more hostile to tinkerers.

> Who gives a fuck about the $100?

FOSS and freeware developers, I imagine.

>You're building apps on a $1700 laptop while sipping a $6 coffee in your $2000/month apartment, for fuck's sake.

Sorry, no I'm not. I'm scraping by on a laptop that cost $1100 when I bought it six years ago. My living situation is... let's just say that you're just a tad north of reality. I was making an OK living off of some shareware I wrote until Apple pulled the rug out from under its smaller developers with last year's App Store transition. $100 is not a hardship, but it is a significant chunk of change.

Now, with that all out of the way, that's not actually the point. The point is what this does to people just starting out. Consider how much free/cheap software there is out there because somebody took their little weekend project and decided to pop it up on the web. Now consider what proportion of those people are going to take that leap if they have to pay a hundred bucks for practically anyone to be able to use it. Do you think any of them will be willing to put it out there for free under those conditions?

Everyone's focusing on this switch, but the switch isn't the real issue. As many have pointed out, there's no reason Apple wouldn't want to leave it around indefinitely.

If I were a Mac developer with a skepticism about Apple's increasingly tight grip on their platform, I'd be much more concerned about the widening circle of APIs that are unavailable to non-App Store apps.

You're right that the rise of Mac App Store-only APIs is more troubling. This is a "boil the frog slowly" trick. Today, you can run all the unapproved software you want, but, someday, if Apple makes the APIs compelling enough, you won't want to.

That being said, it isn't like the switch (and its parameters) and the development of Mac App Store-only APIs can't be trends that reinforce each other, of course.

Is this just iCloud, or something else? Needing to be in the app store (or signed) to use iCloud makes perfect sense to me. If you don't want to do that, simply use Dropbox -- which works better anyway (at the moment).

This seems to me like a good feature, one that finds an actual good use for code signing on OS X. What's the issue?

The issue is that Apple is the only certification authority.

There is no other reasonable way to implement that feature that would scale across Apple's customer base. If you don't like it, they provided the third option ("Ignore all this code signing stuff").

There is a way. Allow at least one more certification authority. Let, say, Verisign sell code signing certificates for OS X. This will ensure that Apple is not the only party in control of which software runs on Macs.

I have the third option, but I will also have to explain this option to the users of my software. Plus, the option is not granular -- it seems like you cannot disallow all unsigned software, but make exceptions.

This feature would not be better if the sewer vampires that run the SSL CAs got to control it.

What moral argument are you using where Apple comes out on top and SSL CAs don't?

Is that a serious question?

Here, let's try just one response and you just (safely) assume that it stands in for a myriad of other similarly horrible issues:

Likelihood that Apple will sell its CA root key to an unnamed Fortune 500 company under NDA to make some kind of software rollout problem simpler for them at the expense of the security of every Mac computer in the world? Zero.

Likelihood that an SSL CA will, after sucking the intestines out of a freshly killed puppy dog using its razor sharp SSL CA proboscis, sell its CA root key to an unnamed Fortune 500 company under NDA to make some kind of software rollout problem simpler for them at the expense of the security of every Mac computer in the world? Not zero. Not close to zero.

1. Will it prevent Apple from controlling which software runs on Macs? Yes.

2. Will the code signing scheme be more vulnerable to malware because of the third-party CA? _____ (fill in)

   2. ___ YES ___

I agree. But it's still better than letting Apple be the only CA. Would you like to have a single CA for TLS?

Huh? It is the opposite of better.

> Let, say, Verisign sell code signing certificates for OS X.

How many security breaches has Verisign had? Allowing 3rd party authorities to issue certificates would simply weaken the security that the feature provides. Moreover, it would mean that Apple cannot revoke the certificates, defeating the entire point of the feature.

> it seems like you cannot disallow all unsigned software, but make exceptions.

That would be a pretty broken feature. The only ways for OS X to handle that would be for it to say "screw it, I don't care what's in this specific directory, you can run it", which means that the directory becomes a vector for malware, or to disallow updating the directory once you exclude it, so that the OS can be sure that what you allowed is actually what's running. Both of these are pretty terrible options.

I'm glad that you tried to install your own and failed. I wasn't convinced by second hand knowledge of a marketing presentation.

Well, there were signals that something would change as soon as Apple launched the App Store for OS X. I think having signed developer ID's, with the option of allowing unsigned, is an OK step and might even bode for a more open iOS platform ... down the line.

All in all, of the two ways it was likely to go (allowing only App Store apps by default, or allowing only signed Apps that meeting certain criteria), I think this is the much more palatable one.

Say I use my Macbook for development, and I compile a small toy C program using gcc. Does that mean now that I cannot run the produced binary by default?

Forgive me for being naive, but what does "app" mean in this context? Is a shell script an app? What about a python script with GUI elements?

Nope, you'll be able to run it: "Finally, it’s important to note that because Gatekeeper uses the File Quarantine system, it only works the very first time you try to launch an app, and even then only when it’s been downloaded from an app on your Mac like a web browser or email program. And once an app has been launched once, it’s beyond the reach of Gatekeeper." (http://www.macworld.com/article/165408/2012/02/mountain_lion...)

No, it does not mean that.


The actual article you just read, for one.

The way code signing is implemented today, for another.

C|Net reports you can override Gatekeeper on an app by app basis (even at the most restrictive setting), so as long as you trust yourself you're good:

"It's also been designed to let you manually override the protection measures and install something that hasn't been signed, even if your settings are turned all the way up to App Store only."

Even if this is the case I believe this would mean that the third setting will allow you to run anything just fine, but I believe this will only apply to .app folders that are the bundled applications.

Good question. I can't see this just yet, but it will happen. Probably by 10.9 which won't even have a command prompt -- or at least not one you can access easily without invalidating warranty or some such nonsense.

Why do you feel the need to be so overdramatic? You don't seriously believe that do you? Many users regularly need access to the Terminal. Developers for one user it all the time. I use it for git. Many people (including non-developers) use vi. People run scripts from it and use it for automation.

Yeah, or 10.30, which will not even have a UI, just an OS-to-Mind interface.

Can we please stop repeating BS?

People like to make it sound like some kind of slippery slope, but including Mountain Lion, NOTHING has been taken away from users re: freedom, from OS X 10.0.1 to 10.8.

In addition to running whatever from whatever, 10.7 gave you the option to use an App repository. You know, like the one, say, Debian had from decades, only not restricted to OSS.

In addition to running whatever from whatever AND from the App Store, 10.8 adds the ability to only run signed apps. You, know, like the security solution that is considered one of most effective ones by security boffins.

> NOTHING has been taken away from users re: freedom, from OS X 10.0.1 to 10.8.

Well, no, that's not quite true. See also: PTRACE_DENY_ATTACH in random binaries (e.g. iTunes) and the gimped DTrace implementation.

Are these showstoppers or the end of freedom as we know it? Not be a long, long way. Are they (fairly small) limitations on the freedom of users? Yes.

Introducing new features that aren't completely open is not the same as taking away existing freedoms.

Some inline context - this appears to be about protecting against malicious software. Was always going to catch flak :)


And we'll probably see that default move another level up the list by the time 11.0 comes round, before the other options disappear altogether on at least some devices (Macbook Air and Mac Mini perhaps).

I know a lot of people won't like it, it's the equivalent of locking up the box with proprietary screwdrivers, but these restrictions do make life a lot easier for regular users and the people who have to support them.

Also, it's nice to have a choice of operating systems. This kind of thing fits in with the siloed approach Apple takes across the board, so for dedicated Apple users it's not evil, it's just an improvement on what they're already used to.

And then Apple will be able to start charging for developer IDs. To help prevent malware authors obtaining developer IDs of course.

They're letting developers use a free Apple ID to sign apps. You only need to pay if you're distributing through the Mac App Store.

Yes, but my point was in the future, once apps must be signed, it is not unreasonable to imagine them introducing a fee, with the excuse that they need to do this to introduce more barriers for malware authors.

$99 apparently http://techcrunch.com/2012/02/16/os-x-mountain-lion/ but revenue from developers is not the business model here.

And then, Apple will come to your house, and eat your cat.

Who cares about $100? You're coding on a $1700 laptop.

I came here just to post this exact snippet. Does this seem at all ominous to anyone else? Perhaps I'm overreacting.

Only if one accepts the slippery slope fallacy that they'll eventually remove the "No unsigned code" option. The odds of this happening are, in my estimation, extremely low - it would make Mac software development basically impossible, and the use of Mac in educational establishments (with a lot of custom software) very hard. Heck, Apple are still sponsoring the OpenJDK port for OS X, which I doubt they'd be doing if they planned to entirely eliminate unsigned code from the platform.

The "No unsigned code default" has been coming for a while in mainstream computing, thanks to most users ability to blindly click anything attached to a random e-mail or downloaded from their favourite wallpaper site. Out of the options ("App Store Only" or some other signature system), I think they chose the right one. As long as the opt out is there, not only do I not have a problem with this, I'd suggest it's a positive step forward. The only change I'd want is to remove or massively reduce the cost of getting a developer certificate.

> Only if one accepts the slippery slope fallacy that they'll eventually remove the "No unsigned code" option.

Not at all, for several reasons. First, defaults are powerful things. The vast majority of users never change them, or even become aware that they can be changed. This remains true even if you throw an unskippable dialog box right up in their face -- lots of people will just blindly click "OK" to accept whatever the default in the dialog box is, without stopping to consider the alternatives. The result is that default settings tend to become "the new normal," even when they're sub-optimal.

(Example: why did IE6 rule the Web for a decade, despite being demonstrably inferior to the alternatives for most of that time? Because for nearly all users, it was the default.)

This seems especially true in the case of this particular preference, for two reasons. First, it's a technical question ("what's 'unsigned code?'"), which means many users will avoid changing it for fear that they don't fully understand the consequences of doing so. Second, it involves security, and users have been trained that in questions of security departing from "standard operating procedure" puts them at risk, so others will avoid changing it for fear that doing so will expose them to new vulnerabilities.

In other words, it's not unreasonable to expect that offering unsigned code will quickly become an infeasible strategy for OS X developers, even if users still have the option to accept such code. The option may be there, but those developers will find themselves marginalized simply for being something other than the default.

Apple doesn't need to remove the "No unsigned code" option, they just need to scare users into being too afraid to use apps that aren't signed. And then your unsigned app, should you choose to try and distribute it, is in the same category as MacDefender and YourComputerIsInfected.

Apple is probably making the right decision for its users, but I still feel there is something we're losing here.

Removing the "No unsigned code" option is not possible today, I agree. But one day in the future when 99% of apps are signed, because it's free right, so who wouldn't? We find ourselves in a completely different scenario... Is the freedom of that 1% of apps more important than protecting users?

It's not possible ever, as long as Apple is shipping computers outside of their buildings. People are still jailbreaking iPhones, what, six years in?

Calm down.

Well, like the article says, signing-only developer certificates are free now. You only need to pay for it if you are planning to distribute through App store.

Oh no, not ominous at all ... look for this list of three choices being reduced to the first two. Coming soon.

If Apple did that they'd kill the devotion from the development community. They may end up making App Store only the default option, but I have trouble seeing a day where you can only install Apple certified software on your Mac.

Overnight they'd lose many thousands evangelists and unpaid tech support staff (ever help a family member with their Mac?).

If Apple did that they'd kill the devotion from the development community.

Like with iOS? Hackers will be annoyed, but Apple doesn't care about them when there are more than enough developers who are either in it for the money or who agree with Apple's position.

iOS started off as a closed environment unsuitable for development. As a web developer on the Mac I'm constantly using cross-platform command line programs, system utilities, and other development tools that would never make it through an Apple vetting process. If Apple killed the ability to install those programs in an update, I would absolutely have to abandon the Mac, and I'm sure I wouldn't be alone.

I'm sure you wouldn't be alone.

However, from Apple's perspective, if there are "enough" developers who can't or won't leave (because they develop Mac software or iOS software or both), Apple might not care if you do.

They might make it harder to select the third option, but they won't ever remove it -- they're not suicidal.

And it's not like the signing process is particularly onerous -- it won't represent even the slightest barrier or inconvenience to shareware, freeware or open source app distribution.

Yeah, well, until that happens, this is great and I'm all for it. What a simple way to improve dealing with the open attack vector that is "the user being able to install their own software". I wish they had this flexibility on iOS.

Look for new scripts for Apple support:

Sir, please click on About this Mac: if there is an icon of a signed page, we are good, but if it has a circle-and-slash around it, well, your Mac is running some unsigned software. Your warranty is void. Please go to the application list in Finder to see which apps you must uninstall...

Amazingly cost-effective marketing. Most people don't go to an Apple Event, they read the press coverage. So why spend a million dollars on an Event when you can spend a few thousand dollars on your pet journalists, who will then report to all that the coffee was really good?

Yeah, hah hah, the "pet" journalists are pampered by the Apple iCoffee, but in all seriousness I'm very glad that Gruber got this one-on-one treatment because his reporting is as much about the fact of the meeting and the way of the meeting as it is about the content of the meeting. And that's entirely relevant to the audience of Daring Fireball! I don't expect the NY Times to do more than report on the content of the meeting, but I love getting this well written and well thought out little "inside Apple" from Gruber. The other guy whose account I'd love to read would be Andy Ihnatko's take were he invited to such an event.

I'm usually fairly anti-Gruber. But this was, in all respects, an interesting and insightful read, well thought out, and offered little in the way of Gruber's worshipping at the pedestal of Apple.

I also think that, prior to this, Apple was running into a problem of being unable to know when they were talking to developers and people in general, as we saw with large parts of the iTextbook presentation.

With this model, the developers will get their news in the same manner as always, and the keynotes can be reserved for a general audience.

This kind of situation has two bad effects, first being that the "pet" journalists will have a hard time criticizing Apple in the future, for the fear of losing exclusive access, and the second being that impartial journalists would want to court Apple with positive articles, in the hope of getting the exclusive access.

You're thinking in your perspective. That's perfect for Apple.

I don't even think I'd use the word journalist to describe Gruber. I really can't even read his stuff any more. I got one paragraph in to this one and was disgusted. How is he so popular? I get the whole Howard Stern shock value thing, but seriously, who can actually get through one of his Apple love stories?

He's a good blogger, but I can only ever read a few of his posts at a time without needing a break.

I assume an embargo was lifted and we'll get a bunch of these. Another possible implication may be that Mac OS X becomes a free update for everyone.

The three tiered app security thing is huge and great. I love it. I hope they've ditched some skumorphism.

> I hope they've ditched some skeuomorphism.

It's worse than ever—have a look at some of the screenshots[1]. My favourite is the tweet dialog[2].

[1] http://www.macworld.com/article/165407/2012/02/hands_on_with...

[2] http://images.macworld.com/images/article/2012/02/tweetsheet...

It's worse than ever—have a look at some of the screenshots[1]. My favourite is the tweet dialog[2]

Actually there's nothing of the "bad skeuomorphic UI" about the tweet dialog --it's just that its' background resembles a lined notepad.

Other than that, it looks and behaves like any other text entry box and has non skeuomorphic send etc buttons.

So, "worse than ever"? Hardly.

It's too much design. It's distracting. You notice it. Is the clip necessary? The lined paper background?

I've never seen a dialog box like that. What was wrong with the standard and universal "plain" native dialog box?

It's too much design. It's distracting. You notice it. Is the clip necessary? The lined paper background?

You notice the first time you use it. The 10th? The 20th? After you've used it for a while, it's just a nice detail on the back of your mind, and you're immersed in your text.

I've never seen a dialog box like that. What was wrong with the standard and universal "plain" native dialog box?

It was too plain and boring?

Besides being nice in itself, beauty also inspires productivity.

I don't think it can be both un-noticed after awhile and 'a nice detail in the back of your mind' - particularly since many users will not find it a 'nice' detail from the start. It might become a niggling detail, and that's not good.

Also, I've never felt 'bored' from seeing a native dialog box, and I've never thought of a paper clip on lined paper as a thing of beauty.

Neutrality for these kinds of quick-and-functional interfaces is probably the better UI design decision.

The tweet dialog has a paperclip, tilted askew, holding a printed page of linked content to the dialog.

And? What’s the problem with that? Are there plausible usability problems with that?

Aesthetics have no impact on usability? Aesthetics have no impact on enjoyment of a product?

First and foremost: Aesthetics are subjective.

You cannot plausibly tell me that the Twitter dialog has bad usability because you don’t like its aesthetics, at least not without extensive usability testing.

You might not like the aesthetics, others might. (I hate most of Apple’s skinning attempts but the Tweet dialog is actually one of the few exceptions to that. I think it’s aesthetically very pleasing and I like it very much.)

And because its subjective its not important? Because its subjective you cannot criticize it? A good product is not made from cut and dry rules and usability testing. Taste is involved.

Sure – but it’s much harder to make that argument.

I do think that the Tweet dialog is awesome and fits perfectly. I also cannot see how the paperclip negatively influences usability. I just cannot. It seems extremely implausible to me.

When it comes to the Tweet dialog, Apple exhibited exemplar taste. It’s well done and none of the metaphors are wonky or introduce strange behavior. That is my opinion.

If it’s only a skin there really is no problem (except if the skin makes it harder to identify standard UI elements).

It’s only when skeumorphism impacts behavior that it becomes a serious usability issue. For example: The Address Book used to have three panes. Since Apple pressed the app into book shape for Lion they had to ditch one pane to keep with the book aesthetic. That’s a problem.

Funny you should mention that particular case, because it is fixed in Mountain Lion: http://screenshots.dustincurtis.com/Contacts-20120216-082547...

I agree, the Game Center screen looks jarring every time I open it in iOS, and no better in OSX.

I think you must have missed the paperclip.

skeuomorph - an object or feature which imitates the design of a similar artifact in another material.

I think that definition misses most of the point that the similarity is a deliberate throwback. I'd say a skeuomorph is a (often otherwise unnecessary) design feature that makes a new object feel familiar.

"Skeuomorphs are material metaphors. They are informational attributes of artifacts which help us find a path through unfamiliar territory. They help us map the new onto an existing cognitive structure..." — Nicholas Gessler

I'm struck by the self-awareness that it takes to NOT have a marketing event for the announcement of your new operating system. Wow.

Also, fascinating how the iPhone is the first step in the halo effect but at the same time is also the most profitable. They are building on the halo effect and lock in of the iPhone/iPad to the Mac ecosystem.

The most worrying point to me (which other people might have already known) as that you can only access iCloud, or the new notifications, in your app if users get it through the app store.

This clearly means that non-app store apps are second class citizens. I had wanted to use iCloud in a program I'm working on at the moment. I'm now going to have to seriously think about if I'm willing to make my app only available through the app store, or not use iCloud.

It means apps with access to iCloud get some extra scrutiny, helping prevent malware tampering with iCloud.

I suppose notifications could be abused as well (perhaps some kind of notification-phising, where an app posts notifications that appear to be from something else?)

What it means is that you can't release an app that uses iCloud anywhere else.

No releasing on your homepage. No mailing out to people. No humble indie bundle. No steam. No developing an app with paying apple $99/year.

Well, yeah. The implication being that Apple doesn't want your filthy unexamined app to be touching iCloud's servers.

I think you mean 'without'


* The "Gatekeeper" concept is interesting, but I expect we'll hear a lot of grumbling about the default setting. We also all remember the concern about the App Store eventually becoming the only way to get software for your Mac; this will do little to allay that.

* Hopefully Launchpad will have some keyboard-based shortcuts, search-as-you-type (the way a Stack does), perhaps a separate/faster editing view than drap-and-drop, and other usability enhancements to make it more useful. I like it in concept, especially with the trackpad pinch shortcut, but not enough to keep using it once I got all of my programs installed.

* Whither new iWork?

* Some of the tweaks Gruber talks about really make logical sense, and I'm excited to see them. I hope that reliability & clarity hasn't suffered by the time of release; each release of OS X has seemed jam-packed with more "stuff" at the expense of much of that stuff's stability and polish, it seems.

* Gruber didn't mention a new Finder, so we're left to guess and find out in just a few days.

* I wonder who the other journalists are. This format for a press reveal of a product is... interesting, I guess, is the word I'd use right now.

Briefings like that aren't unusual ... just highly unusual for Apple. I've sat in dozens of similar ones unveiling new versions of hardware, software or services for both consumer and business. It offers less launch-day spectacle, but it also offers the chance for more thoughtful analysis that can still be coordinated with embargoes.

It is, of course, a very large departure for Apple, which generally doesn't even return calls from anyone but Pogue or the WSJ, and even then doesn't generally comment.

Right, I meant they're unusual for Big Fruit. And also, the period between this reveal and release this summer is equally unusual...

I'd say that the lag between announce & release is a little more worrisome and something that I wouldn't want to see become a trend at Apple. I've always felt that a big part of their press was their general tendency to release right at announcement of a product or soon thereafter. Though, now that I think about it, I guess their OS releases have, by necessity, had to have some lead time associated with them.

Yep, OS releases have a lot of lead time vs. physical products.

OS X Lion was demoed on stage in October 2010, made available as a developer preview in February 2011, and launched to the public in July 2011.

The lag time surprised me, too, but if you're going to tell your app developers they can no longer sell directly to their customers without jumping through a few hoops, you definitely at least want to give them a long head's up. I'd bet the trend of early preview windows correlates very strongly with how much it impacts developing on OS X.

So John Gruber is basically an official Apple announcement channel now?

I think we might be seeing is Apple acknowledging that journalists are going to have "blind men and an elephant"[http://en.wikipedia.org/wiki/Blind_men_and_an_elephant] problems, and arranging to have a sufficient number of blind men feel the elephant to get the whole description, and all tell their stories at once only makes sense.

You've got Gruber talking about only on the most visible features, but spending more thought on corporate communication strategy and iCloud directions.

Jason Snell articulates new features as clearly as I'd expect from an Apple "New in Mountain Lion" page.

Edward Mendelson I think covers even more features, but not as clearly as Jason Snell, and I think his vision of "AirPlay display to TV" -> "Mac is video game console" is fatally doomed by latency.[1] But it's ok. We have enough people touching the elephant and describing it to dilute that.

So here you have the new strategy for non-event announcements. Arrange for simultaneous views from multiple, competent sources. Let the first sounds in the echo chamber be accurate and well informed to keep the erroneous speculation to a minimum.


[1] I could also be wrong here. With gigabit 802.11ac just around the corner, one could conceive of a TV device that optimized the latency from wifi to screen. You know, by tearing apart the industry's entrenched model and doing their own vision. But I'm just groping an elephant here.

Well, MG Siegler managed to get access to Chrome for Android before it was public and he's hardly a Google fanboy.

It's being announced all over the place.

The difference is that other journalists who got the preview also write about other products, whereas Gruber only writes about Apple.

When an Apple-exclusive blog gets preferential treatment and news scoops directly from Apple, it's reasonable to ask whether it's anything more than Phil Schiller's astroturfing outlet.

You could say the same about MacWorld.

Being compared to MacWorld is hardly an endorsement of an independent blogger's journalistic integrity.

But it is rather odd to complain that getting a briefing to a "biased" reporter is unusual. It's like Thurott getting briefed on Windows stuff, S.O.P.

As someone who has Gruber's musings on baseball pop up all over his twitter and RSS clients, I'm inclined to disagree.

Gruber is not at all Apple exclusive, but he is clearly a fan.

I suspect he isn't the only one that got this treatment, though it would be amusing if he was (and I'm sure it will cause a big kerfuffle).

Gruber has a rabid following of hardcore apple lovers. Just the kind of people who are going to be most interested in these announcements. They would be dumb not to get him involved in this type of release (which I think we'll see more of in the future).

He probably believes in every word he writes, but Apple sure seems him as one channel.

"And then the reveal: Mac OS X — sorry, OS X — is going on an iOS-esque one-major-update-per-year development schedule. This year’s update is scheduled for release in the summer, and is ready now for a developer preview release. Its name is Mountain Lion."

Yearly updates? Most exciting nugget of news in the post, IMO.

The only problem is that iOS updates are free, while OS X updates are not. With one update per year, they run the risk of version fragmentation if users have to pay to keep up with the upgrade cycle.

Lion was 35 bucks I think? Maybe they will go the free update route, that would be awesome!

As long as Apple controls which versions of OS X iTunes runs on (and they've been rough on Mac users in the past - at least as compared to Windows users), they have all the tools they need to avoid "fragmentation".

There's a reason for that. U.S. accounting law requires that non-subscription devices that are upgraded have a fee associated with the upgrade under Apple and many analysts’ interpretation of the law.

This is why iPod Touch owners have to pay for upgrades while iPhone users do not.

I think Apple may have relaxed that recently though, and I wouldn't be surprised if they release Mountain Lion for free.

Either the law was changed or Apple changed their interpretation a few years ago.

If I recall, this is also why FaceTime, when it left beta, cost $.99.

iPod Touch updates have been free for a while now, I think.

Ah! That’s iOSification in a good way. It’s nice that they are finally fighting cruft. That even lets me overlook the skeumorphism. (I don’t care so much if it’s only looks and not functionality. Sometimes Apple oversteps that line but a more careful examination is necessary to figure that out.)

Next stop: De-crufting iTunes.

Next stop: De-crufting iTunes.

Totally agreed. It's been pretty apparent for a while now that iTunes should be broken up into Music, Books, and Movies, each playing to its own strength and linking to a separate "iTunes store" app. And also that iPhoto should be renamed Photos, with full iCloud syncing.

Of all the exciting new features that must be contained in this release, I am most excited about Notification Center (finally) being ported to the desktop. It's kind of a sad thing to say, because Growl was for many years a fine notifications platform. However I always wondered why there was no standard provided by Apple. It didn't matter much until Growl's development took a radical new direction. No, I'm not referring to charging for the product, the app would have been worth the $2. But I am disgruntled about its bugginess and backwards-incompatibility. Presently Growl is crippled on my system. It works for apps that have updated to the new protocol. For others it doesn't. And it still suffers from bugs. So my hope is that Notification Center will prove to be a unifying standard for Mac apps.

Notifications API is only for apps distributed through Mac app store. So, if you are independent developer, don't get too excited.

Are you sure about that? The introductory video explicitly says, "...and even notifications from third-party apps." [1] But that could be limited to apps in the App Store. Do you have a citation for that?

[1] http://www.apple.com/macosx/mountain-lion/features.html#vide...


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact