It strike me as a bit punitive that only Mac App Store applications are permitted to access iCloud and is probably a barrier to further adoption of iCloud by developers; particularly in light of the fact that there are certain legitimate classes of app for which the sandboxing restrictions have egregious impacts on a user's workflow.
Consequently developers are forced to implement their own sync solutions (e.g. Panic Sync, and Omigroup's OmniSync) - which can be a hard component to get right and increases the overall attack surface of the application + its server-side sync solution. Or rely on Dropbox, etc which I'm sure Panic had good reasons to avoid (most likely 3rd-party vendor lock-in).
Hopefully the WWDC will show Apple being more accommodating on this front, but I won't hold my breath.
Apple's refusal to even consider making their cloud services cross-platform is already a very serious limiting factor in their adoption. Requiring these extremely restrictive sandboxing controls might very well turn out to be the final nail in iCloud's coffin.
Had similar experience with a project that I was responsible to release a couple of months ago. We already had an app available on Mac App Store. We then spent about 2 months adding new features and fixing bugs. Turned out, because of stupid sandboxing, we could no longer add any new features. Only bug fixes were accepted. Release got stalled for about 2 weeks trying to find a workaround. It was really depressing 2 weeks. Eventually we decided to release on our own. We notified our existing customers and gave heavy discounts for those who wanted to get the new version. Received few angry emails from our existing customers but most of them understood our problems. Other than that, it's been going smooth. We are happy we did it. We don't have to pay 30% to Apple (there is a little cost associated with licensing but it is just like 3% of the total cost). We now can release bug fixes as soon as we want. In fact, the first bug fix we did was within an hour! I'd recommend everyone to skip MAS if possible.
Frankly the only Mac App store apps that I have bought are Apple branded apps, and that's because that is the only place to get them. When I look for a new app, the Mac App store is the absolute last place I look. The iOS mentality of apps simply does jive with how I use a computer, a tablet maybe, but not a desktop/laptop.
I love the Mac App Store. No worrying about licenses, zip files, DMGs, or updates. The Featured tab always highlights some cool app I wasn't aware of. Aside from these kinds of developer headaches, I think it's a huge win for the platform.
> I don't need to worry about some app stealing my private files or similar
This is highly unlikely. But I estimate a probability of 0.7 that you don't have notable security protecting your computer and your top secret files, even though your machine is on the net.
> If it isn't good, I can leave a review that the author probably reads and cares about
Most (any decent) 3rd party software developers have some kind of feedback channel.
I've found some great apps that were Mac App Store ONLY options, at least as far as I could tell at the time.
That said, by default I generally find apps via recommendations, random packaged deals, or via their website so I don't necessarily "go looking" for them in the Mac App Store either. All of the above mentioned apps that I found that were App Store only falls into this category.
If there is an option for both (App Store and direct purchase), usually what I do is check if there is a price difference (usually not but some times can be). Go with the lower price. If there is no price difference, I go with the Mac App Store version, then proceed to email the developer/company with proof for a copy of the non-Mac App Store version anyway. Usually this isn't a problem.
I agree with everyone about the whole sandboxing issues and how frustrating it can be, but I definitely recommend taking a look at the App Store anyway as a user. You never know what you're missing out on.
I also typically look outside the app store first for a couple of reasons:
1. I've gotten burned more than once when developers have placed major updates to their apps in the app store as separate products, requiring me to pay full price for an update to an app I already own, whereas I would have been able to purchase them for an upgrade price if I'd bought it directly from the developer.
2. I prefer the flexibility of purchasing through the developer. I use homebrew cask and love being able to install things that way. Also, developers occasionally sell cross-platform licenses if you buy from them directly.
On one hand, developer tools really are a worst case situation for sandboxing, as they are the most closely tied to a rich Unix heritage that happens to have been designed with security only to protect users from each other, not from their own compromised applications. (I suspect it would work much better if Unix were designed with capabilities in mind from the beginning, though I'm not sure exactly how such a system would work.) Plus, sending people compromised source code to build isn't exactly a common attack vector - although to be fair, if you think about how often people download random source tarballs and run the shell scripts inside, and the known existence of "watering hole" attacks targeting developers, someone somewhere has probably tried it. And of course, Apple does not require itself to implement sandboxing in Xcode.
On the other hand, sandboxing in general is definitely a good thing - you can't constantly bring up the security threat posed by the NSA et al. and then complain about the most effective type of anti-exploitation measure we know of today. Apple's sandbox implementation on OS X is reasonably flexible, and the post itself seems to concede that given more time, Panic could have come up with a reasonable experience that runs under it, perhaps with some features more awkward than without but essentially intact. So is it really that evil?
It's a shame that this stuff happens really; I think it relegates the Mac App Store to a certain niche more than anything else.
I was surprised at the limited selection I found in the store. Having just got a new Mac, I went searching for the usual suspects - no VMware or Parallels? I understand why as these apps can't be sandboxed. Hardly any commercial 3D authoring tools? Where's Illustrator and their ilk (not the Lite versions, the actual full versions). I was really surprised at the lack of big creative and high-end apps on the store - at least in the sense the big apps that the Mac is known for. It seems to be a bit of a wasteland in that regard. I'm sure there are many gems in the store from smaller developers, but I found the app discovery experience roughly on par with that of the iOS app store, which isn't a compliment :)
The convenience factor is wonderful though - it's been a few years since my last Mac and apps I purchased were right there waiting. Setting up the new machine was bliss. Hopefully many of these issues can be worked out as the store evolves.
Slightly off-topic; where do I go to find the gems on the store? What are the good review sites (something like what TouchArcade is for iOS games)? Any with a focus on creative apps?
I like Cheetah3D for creative 3D work, but I ain't a pro - YMMV. Photoshop LE has been well worth the money for me. I agree it's a shame Illustrator is not available on the AppStore.
I think a lot of it has to do with that 30% cut. 30% of a $25 app isn't that much, but I guess if I were someone big like Autodesk or Adobe and it were my big, multi-thousand dollar app, why would I want to give Apple a 30% cut when the distribution model that I have now works already? I guess that's why you see a lot of 'Lite' or 'Debut' edition apps, something to entice you over to the more expensive apps which can then be purchased without Apple taking a cut. There's no real benefit (and lots of downsides) as a developer if you don't need the Mac App Store for the exposure.
> There's no real benefit (and lots of downsides) as a developer if you don't need the Mac App Store for the exposure.
Exactly right. I would say that most people in the market for Photoshop know they need Photoshop itself. Adobe is pushing subscription based services as much as they can, which are at odds with the App Store model.
There some great alternatives though if you don't need PS: Pixelmator and Acorn are both capable image editors and both are on the MAS.
I don't get it. iCloud has its faults but I rather like it a lot.
What's better about Panic Sync? To me it seems it's actually much worse than the simple to use (and never having to think about it) iCloud sync. Its also free and isn't tied to Panic. Panic sync on the other hand is is tied to Panic app so you will likely have to make a new account so it actually adds more hassle to the end user with no real extra features. Something great indeed!
I certainly hope their new syncing is better than their Transmit Dropbox implementation. I had to stop using sync it was so bad.
I prefer MAS apps because of how easy it is to purchase, install and update. I'm particularly annoyed when an app is available in the App Store and is then pulled out later. By then, I've already purchased and have to transition, awkwardly, to a non App Store version.
This isn't the first developer tool that's done this for me.
I remember Tim Cook saying that hybrid tablets devices were doomed to fail because they tried to do two things and failed at both. That the desktop and mobile experience were separate experiences and should be treated as such. Yet it seems like this is the exact mistake they're making trying to make the Mac App Store into aa iOS App Store - Mac Edition.
No, sandboxing doesn't pose a problem to syncing, and it's not difficult to use iCloud to sync between multiple applications. Rather, since only Mac App Store apps can use iCloud, syncing was a problem after abandoning sandboxing.
Not a OS X developer but I will have a go at answering.
To open a file that isn't in the application's private space the user must select it through the default OS X file picker dialogue (the app then gets permanent access to the file). This will work well for apps working on single user selected files but doesn't work well when major parts of an app are file navigation, management and generation(which is typically the case for an IDE).
I'm not sure whether full access can be granted to whole directories or what the rules on running/debugging generated binaries are.
Sand boxing is a good thing that combined with the Apple review process means little utilities from providers you have never heard of trustable as local apps that aren't going to read your contacts and documents without your permission but it does make life hard for an IDE. It sounds like Coda haven't given up on supporting the sandbox yet but they did not want to delay product release for it.
iCloud requires the App Store, so that’s out. But we have great news. We never want to short-change our paying customers, so we’ve spent many months working on Panic Sync, our own super-easy, super-secure syncing solution that gives you power over your data. And Panic Sync will work between Panic apps—Coda and Diet Coda to start. And Panic Sync is free. In short, we’ll trade you iCloud for something great."
Consequently developers are forced to implement their own sync solutions (e.g. Panic Sync, and Omigroup's OmniSync) - which can be a hard component to get right and increases the overall attack surface of the application + its server-side sync solution. Or rely on Dropbox, etc which I'm sure Panic had good reasons to avoid (most likely 3rd-party vendor lock-in).
Hopefully the WWDC will show Apple being more accommodating on this front, but I won't hold my breath.