Many around these parts will make glib insinuations about the "Gatekeeper" feature heralding Apple's clawing away the freedoms of it's users, one-by-one, until we are all prisoners of "the computer as a jail made cool".
However, it seems to me that Gatekeeper's presence embodies a rather more embarrassing admission that, yes, Mac OS is on the verge of needing some kind of malware protection; in the wake of the Mac Defender malware surfacing last year, it was really only a matter of time.
I don't want to disagree with your core point, because you're right; to a certain extent, OS X has always needed more defenses against malware than it has owned up to.
But you can't find a large-scale Windows deployment anywhere that hasn't had to deal with an actual in-the-wild malware outbreak. Security people in corporate America do malware cleanups for Windows several times a week.
At the same time, you'll have a hard time finding anyone in the real world that got hit by "Mac Defender".
but that is because the target plane for OS X is so small and not worthwhile. If OS X was 95% of the corporate market and made up large networks it would be targeted just as regularly as Windows is. there is nothing technically superior in OS X that prevents it from being a malware target (prob inferior to win7)
Just like meatspace states use child pornography to justify Internet monitoring and control, Apple will use malware to justify locking down software. Not distributing software via the App Store will now remove a segment of Apple's user base from a software vendor's market so vendors will likely do whatever they can to get in the App Store. Apple now gets the ability to censor software on their non-iOS hardware.
Well you could hypothesize that that's where it's going, but at the moment, they're going to allow signed, non-app-store apps by default as well. All a dev needs to do now is to sign their binary when they build it and problem solved. I can't see why anyone actively maintaining an app wouldn't make the small change required.
Even if you sign the binary, you are still getting shut out of the market for the segment of users that select App Store only. You pay Apple the App Store cut or you limit your market... not a great choice to have to make.
Apple is ahead of the curve -- this is coming to Windows as well, although perhaps through 3rd parties.
About 2 years ago, my then employer was considered a "strategic" customer to one of the big security/AV vendors. They came in to give us their dog and pony show about the future of security, etc... which basically said that the current strategy of using AV to "blacklist" bad stuff is ineffective. (I asked the awkward question "So WTF am I paying for your ineffective AV product?")
The only thing that makes me nervous about "Gatekeeper" is that it is Apple-controlled, and Apple is a mercurial vendor whom I don't really trust to do things that are in my interest. I'd be happier if I could trust other certifying authorities, which would mitigate the impact of Apple cutting of the oxygen to unsigned applications in the future.
Easy. iCloud syncing and storage costs money. Notifications go through Apple's servers, which also costs money to run. Apple wants its 30% share of the price to cover these costs. Make sense?
That means iCloud won't be accessed except by applications that have been scrutinized by Apple, which cuts down on an avenue of attack by malware, and makes it less likely that an application bug will cause problems with iCloud.
The first thing that comes to mind with Notification Center is that perhaps it could be used for phishing-type attacks, by presenting a notification that appears to be from something else.
I think it has less to do with a concern over malware than it does with an opportunity to further control development for the platform.
I suspect Apple will retain the right to pull applications from user's computers for any TOS violation, not just those involving malware. Even when those TOS violations are due to a change in the TOS.
There has been malware protection since Snow Leopard and Lion in the form of Xprotect. However, it can't hurt to offer an extra layer of protection with signing apps.
You're right, but Gatekeeper does something else: It marks the line in the sand. So long as that choice is there as an option in settings for me to make, Apple is in the right. If they ever take that choice away, and they start dictating what I can run or not run, they will have crossed that line, and lost me as a customer forever.
I think a lot of people think that Apple taking away that choice is inevitable. I don't think so- I think it would be completely out of character.
Right now there is no need to take the option away. You are certainly correct about that.
Microsoft is going to soon start pushing its users to buy from its app store. I can see a future in which only 'trusted' programs can be run on new computers. Trusted here means programs approved by Apple/Microsoft and the national government of the country in which your computer resides.
I don't know how likely this would be but China seems to like to have a lot of control over the computing its citizens do.
I guess I missed your point. In which case it seems you missed my point.
If only approved programs can run on a computer then it is quite easy to disable undesirable programs. There's obviously a kill switch involved. If social unrest gets too great then move Twitter clients to the unapproved list and they all get deleted. This would be a lot easier than installing key loggers and...what? remotely logging into 100 million computers to delete certain programs?
Things like Gatekeeper can in the future be extended and used to exert more control of computing. It may even be a requirement for all manufactured computers as we enter the surveillance state era.
False. It's already been reported that this is not the case. Gatekeeper uses, and clears, the quarantine flag, the thing (which already exists) that throws up the "BLAH is an application downloaded from the Internet. Safari downloaded this file today at 4:30PM" message the FIRST time you open an application. Since after the application is launched, the quarantine flag is cleared, you don't get prompted again, and the blacklist is not checked again either. So, whether it's malware, or some kind of "subversive" app the government wants to suppress, no apps that have previously been opened at least once will ever be prevented from running by Gatekeeper. And nobody ever said anything about deleting anything.
Furthermore, even after a developer key was blacklisted, apps loaded from disks such as CDs or USB drives don't get quarantine flag. Only files that came from the network.
Now that is a deliciously diabolical plot. Infiltrate the hub supplier in Shenzhen, coerce the people that oversee parts deliveries in the appropriate wing of the facilities at Pegatron into not reporting a thing to Apple or other integrator clients, and let the trojan hardware filter into the market. The hubs are inert until they have a driver installed surreptitiously from a compromised copy of Baidu Desktop Search or QQ. No one would be any the wiser.
I'd order a tinfoil hat at this point but I don't know who might have interfered between the aluminum refinery and the sheeting facility.
Yes. Unfortunately control of citizens' computing is one area that China leads in. Other national government appear to be envious of this control seek to emulate it.
If option 3 is removed then how is this so? It's not in Apple's interest right now to do this. In five years? Maybe China decides that in order to get access to its market Option 3 must not be available. Maybe Gatekeeper gets enhanced in the future.
Obviously this is hypothetical but given the trend toward national surveillance is it hard to imagine that this can happen?
I don't see how installing key loggers being easy is germane to whether or not enhancing Gatekeeper to delete unapproved programs is a future possibility.
I read the comment as being, "China's key logging exploits are evidence that it likes to control computing and it will seek to enhance this capability." The trend amongst world governments is to seek greater control of computing. I doubt this is going to stop with key logging software and won't be enhanced.
"The overwhelming majority of their users will never touch it."
Oh Thomas, Thomas, Thomas. You of all people should know the unimaginable power of porn and the incredibly stupid things people do in response to the promised delivery of the same.
"The overwhelming majority of their users will never touch it."
That's unless they want to install any app currently available on the Web that isn't signed. There is a lot of legacy software people keep using, even Mac users. I don't see that setting staying default for very long.
The way I understand it, one can override the setting on a per application basis by control-clicking an app and choosing "Open" _once_. I would hope that would make Apple sign those apps ins some way, bu I do not think they will, as they will not want to store the master key of doing that on the user's disk.
Also, apparently, all applications already installed get this magic applied automatically.
There's no reason you couldn't sign a DVD ripping app; all that code signing will do is ensure that you are who you say you are. Since you don't have to distribute apps through the Mac App Store, you could sign up for a dev account, build your custom app, and distribute it however you want.
For tools like that, this could actually be a big benefit - it lends a sense of credibility. You wouldn't be able to distribute modified (read: backdoored) binaries, and if you did people would know who you were (at least, to some extent, and Apple could revoke your credentials so no one else would inadvertently run your software).
As for pirated software: I haven't seen a lot of actual 'cracks' lately; mostly it seems to be 'put in this serial plus set these hosts entries so it can't phone home' sort of thing. For app-modifying cracks, you'd have to disable this, but I'm not sure how common that is lately.
But one of the things Apple can now do is void you keys and make all the apps on people computer unusable at least as I understand it. So for legally dubious application this wouldn't be such a good idea.
I'm curious, what makes you say that taking away that choice is completely out of character when they've already done so on a different, more popular platform?
I disagree. Pulling access to something you've come to depend on (especially, derive your livelihood from) is worse than never fostering that dependence in the first place.
I was aiming more at the idea that it would be out of character for Apple to completely restrict access to just certain sources of apps. If we're talking about whether Apple would take something away that people had come to rely upon, well, there's a whole long list of technologies I could list off to support the idea that they have no problem doing that....
I think it’s right to make very clear that Apple overstepping that line would be inexcusable and evil, or else they might think people would be ok with that. So a bit of outrage isn’t altogether a bad thing, really.
(Although it’s pretty obvious that acting like Apple already overstepped that line or will certainly overstep that line in the future is very childish.)
Shouldn't it work the same way for iOS, too? It seems Android is the only one who's allowing you you to make that choice. Neither iOS nor WP7 allow it.
What I'm curious about is how they'll present this to users who try to install an unsigned application the first time. Will they educate the user, and provide a way to get to the Settings and change it if they want? Or will they present it in such a way that 90% of users give up and assume the installer is broken.
Remember that most Mac apps don't have an installer - they're self-contained, and installing consists of extracting the DMG and putting the app on your hard drive.
The notification will probably take the same form as the error message you get upon trying to launch a PowerPC app on 10.6 without Rosetta installed.
TO be fair, even apps without an installer will open a warning dialogue the first time it's actually run letting the user know this is an application that's "new" and hasn't been run before.
Also - as long as Apple makes it easy for developers to get signing keys, which seems to be their direction as far as OS X goes, there's no reason for developers to complain about it too much. Just sign your builds, and you probably avoid any warning message.
Just as long as they don't present it the way Windows does - pretty much the same dialog boxes but one has a blue banner (signed) and one has a yellow banner (unsigned).
I don't necessarily think Gatekeeper is a bad thing, but I worry about the impact if Apple were to make the default setting for Gatekeeper be Mac-store-only. Having the option to install other software would be great, but such a move would further marginalize non-Apple-approved software in a huge way. Assuming a large portion of Mac users are not the type to lower default security settings, then that could have a severe impact on the way people think about software in the "wild".
iCloud is not a drive you store your data on. iCloud syncs data and changes between your devices. So you have local copies of a document on your iPhone and Mac. Make a change on your Mac and it will show up on the iPhone. Both devices have local copies. In other words you will always have your data.
The only things stored on iCloud are device backups and iTunes purchases.
Addresses exportable as vcards, as noted above. Mail has export options for mail boxes and individual mails, plus icloud is using IMAP, so you should be able to export both from the server and the client.
To me it depends on what happens when you attempt to run the binary. If there is an override button which remembers that setting, fine. If not, to hell with Apple.
Apple's pattern with iOS has actually been one of slowly opening up.
Just web apps, then native apps with massive restrictions on what you can do and how you can build them, then native apps with a few less restrictions on what you can do and how you can build them (for instance compiled from non-objective C sources).
I get that people don't like where they are now but the pattern isn't one of closing down, it's slow but in the other direction. I don't think it's a jump to assume it might keep moving if Apple see the benefit of allowing it. Gatekeeper might, just might, be them seeing how such a model might work.
> Apple's pattern with iOS has actually been one of slowly opening up.
Tell that to Amazon or Barnes & Noble or Netflix or Hulu or anyone else burned by the In-App Purchase mess. I'd bet none of them would say Apple's pattern has been to open up iOS.
I should possibly have been clearer - from the perspective of software development.
Even with those three it's not closed. I read Kindle books on my iPhone (and use iBooks as nothing more the a PDF reader as it goes), just the purchasing model isn't as streamlined as Amazon would like.
What Mac Defender malware? The one that affected 0.1% of OS X users?
Not to mention: Mac Defender was a TROJAN. You HAD to install it yourself for it to work.
From Wikipedia: "Mac Defender (also known as Mac Protector, Mac Security,[1]Mac Guard,[2] and Mac Shield)[3] is an internet rogue security program that can be installed by unwitting users of computers running the Mac OS X operating system". The exact same thing can happen to any operating system. You can install malware YOURSELF even in OpenBSD.
Right, which would be rendered pretty ineffective by Gatekeeper, now, at least for people that don't know about the launch-from-disk trick or other workarounds (basically, the same people that would potentially be vulnerable).
Gatekeeper's a small, small step that doesn't add much inconvenience to developers, but it does help a bit and I'm surprised at how long it's taken to arrive at something so basic & logical.
I'd be surprised that people would just turn that feature off pretty quickly after getting a new Mac. There are tons of application out there that aren't sign and aren't malware. People will come to view this feature like the annoying warning about bad SSL certs.
Hm, that's a good point: "warning fatigue" that users get. I hadn't thought about it from that point of view; I guess how fatiguing it is will really depend on how quickly developers in general get aboard the "sign your application" train, so I'd be curious to see the response from the legions of independent Mac software developers that aren't using the App Store for delivery.
Most people don't install tons of apps (and many of those who do use the App Store). It's hard for me to think of seeing that dialogue once a week as onerous and I bet the vast majority of people don't install more than one app a week.
I guess Mac - sorry, OS X - users never install software they didn't mean to or that was misrepresented to them? What a pleasure it must be working with such a vigilant, critically thinking group of users.
However, it seems to me that Gatekeeper's presence embodies a rather more embarrassing admission that, yes, Mac OS is on the verge of needing some kind of malware protection; in the wake of the Mac Defender malware surfacing last year, it was really only a matter of time.