> If malware on OSX is as small a problem as you're suggesting, why is Apple bothering with any of this?
Presumably, in order to keep the problem small. If OS X grows in marketshare, it will become an increasingly attractive target for malware developers. If the default is that the majority of Apple users only run signed applications (this also means that the certificate wasn't revoked), then the number of possible "users" for your malware is greatly reduced, making OS X a much less attractive target platform for malware developers.
> After all, if developer IDs are so easy and free to get, and will make it easier for people to install your app. Why wouldn't you get it signed?
If you are a legitimate developer, then there's no reason not to (assuming it actually is free and easy, which isn't clear). As a malware developer, there's little point; as soon as the developer ID is being used for malware, Apple will revoke the corresponding certificate, and your malware won't run.
Presumably, in order to keep the problem small. If OS X grows in marketshare, it will become an increasingly attractive target for malware developers. If the default is that the majority of Apple users only run signed applications (this also means that the certificate wasn't revoked), then the number of possible "users" for your malware is greatly reduced, making OS X a much less attractive target platform for malware developers.
> After all, if developer IDs are so easy and free to get, and will make it easier for people to install your app. Why wouldn't you get it signed?
If you are a legitimate developer, then there's no reason not to (assuming it actually is free and easy, which isn't clear). As a malware developer, there's little point; as soon as the developer ID is being used for malware, Apple will revoke the corresponding certificate, and your malware won't run.