Of the Mountain Lion announcements, Gatekeeper has been one of the most discussed. Apple has touted OS X as being a safer, more secure environment than Windows, offering its customers a relatively malware-free experience. In the early days this was often discounted by saying that OS X wasn't a likely target for malware simply because no one used it. Today Apple claims to have a Mac installed base of 63 million users. While there are far more Windows users, that's not an insignificant number. And it's growing.

As the likelihood for significant malware targeting OS X increases, Apple must do whatever it can to maintain its pristine image. In a sense, Apple made its bed by promising a more secure, virus/malware-free experience, and now it has to sleep in it. It's not a bad thing, but it's something that is going to require a lot of work.

The easiest and most obvious solution to the problem is the Mac App Store. Every app distributed through the Mac App Store is certified by Apple and thus no malware/viruses should ever make their way to a customer's Mac if they only run apps from the Store. That's a step in the wrong direction unfortunately. Companies like Adobe and Microsoft don't make their applications available in the Mac App Store (paying Apple 30% for every copy of Photoshop sold seems unlikely to happen), not to mention the tons of useful open source or other programs that aren't distributed through the MAS. While the iPhone can sell just fine as a platform that's more of an appliance, Macs (at least today) cannot.

The alternative is to heavily warn users that what they're running isn't exactly safe but allow applications, regardless of origin, to be run. This is what's done today in Lion. The first time you run an application that you downloaded you'll get a message that looks like this:

It's the everlasting debate between freedom and security. Give up one to get the other, but what's the right balance?

The compromise in Mountain Lion comes in the form of a tool called Gatekeeper. An innocuous little radio selection in the Security preference pane, Gatekeeper lets you choose what applications can be run on your Mac.

You can choose to only allow applications from the Mac App Store, allow all (the two extremes we discussed above) or pick an in-between option: allow anything downloaded from the MAS or anything by an identified developer.

This in-between setting is the compromise.

If a developer joins the Mac developer program ($99/year) it can become an officially identified developer with Apple. The developer can then sign its applications with a unique cryptographic key that Apple recognizes, without requiring that the apps be distributed through the Mac App Store. Unlike the Mac App Store, there's no approval process that the developer's signed apps need to go through. There's only one stipulation that goes along with the identified developer label: the apps distributed with that key cannot be malware.

Apps from identified developers will communicate with Apple's servers to verify the digital signature is intact and correct only upon install or the first run of the application. Subsequent runs do not phone home and there's no remote kill switch for these applications. Should Apple find out that a developer has been distributing malware Apple can revoke the developer's key, but that would only render those apps that have yet to be installed/run from working. Without a certification process for non-MAS apps there's still a degree of risk associated with this compromise. I don't believe the ideal solution is to force everyone to buy through the MAS, but Gatekeeper's compromise isn't an impervious solution.

Apple tells us the default Gatekeeper setting in Mountain Lion will be to allow apps from the Mac App Store or from identified developers to run. Hopefully by the time Mountain Lion ships many third party developers will be on-board and identified making the transition mostly seamless. If you don't change the default Gatekeeper setting there's another way around the protection: simply control-click (or right click) on the app you're trying to run and select open. Doing so will override the Gatekeeper setting and let you run an unsigned app.

General Impressions & New Safari Software Updates & Moving Toward the Mac App Store
Comments Locked


View All Comments

  • Death666Angel - Monday, February 20, 2012 - link

    I am not an Apple buyer, so I don't use OS X. I've seen it on he MacBook and tried it for 5 minutes and couldn't get anything to work. ^^ I'm sure it works for a lot of people, though.

    What I found a bit odd in your conclusion was that there is competition in the OS space. I really don't see that. As long as Apple doesn't open OS X up to non-Apple PCs, OS X is not a competition to Windows. The Mac sales in the US may look quite good, but world wide, OS X doesn't really play a role, as far as I know. I'd like to try OS X again, but I'm not going to cough up the money for an Apple PC to do it. :-)
  • colonelclaw - Monday, February 20, 2012 - link

    I take care of a lot of Macs for friends and family. As an unscientific observation, those who have older hardware (some up to 10 years old, but mostly 4+ years old) don't care about not having the latest OS. Those on the newer hardware are always bugging me to 'upgrade' their systems (i.e put on Lion and everything Adobe makes for free).
    Consequently I would say not supporting older hardware is not a big deal. There seem to be 2 types of computer user in this world, those who want the latest and greatest of everything, and those who just don't care as long as it works.
  • Death666Angel - Monday, February 20, 2012 - link

    Since you take care of those, you should make sure that everyone is running the latest software, if only to ensure that everyone is as secure as they can be. Newer OS isn't just for added features, it is also to close bugs, exploits etc. People not wanting newer software because their current one runs good enough are the same people who will get their credit card maxed by thieves.
  • nortexoid - Monday, February 20, 2012 - link

    Quibble: there's a section titled "Unsupported Macs" and then a list of Macs just below that. If one doesn't read the paragraph above (and there's no reason to think they *ought* to), one will be confused by the list.
  • Andrew.a.cunningham - Monday, February 20, 2012 - link

    Then it's a good thing you read the paragraph above, right? I mean, what are we all here for, if not to exchange information using words?
  • Andrew.a.cunningham - Monday, February 20, 2012 - link

    Sarcasm aside, though, your point is well-taken, and I tweaked the subhead. :-)
  • repoman27 - Monday, February 20, 2012 - link

    Neither the original article nor any of the user comments I read pointed out an obvious benefit of shifting the distribution of widely adopted apps to "App Store" models—namely a more unified software update interface. I fired up a client's MacBook the other day just to change a few system settings and configure her email client with a new account. Because she had only lightly used the machine in the past few weeks, I was confronted with 5 different auto-update dialogs in the space of 20 minutes. Most Windows machines I see have about a dozen startup processes or services designed to check for software updates automatically on top of Microsoft Update. For many small businesses that don't maintain dedicated update servers, have legacy equipment or less than stellar internet connections, the only option is to disable automatic update checking for virtually everything and then periodically perform manual updates of all the software on each machine.

    I kinda like the iOS way, where every now and then when I'm at home and on WiFi, I glance at my home screen, and I can see a little red badge on the App Store icon with a number telling me how many apps have available updates. I can peruse them first, then tap "Update All" and be done with it. It really should be this easy on PC's as well (and even better if you could just as easily roll back an app to a prior installed version if the update breaks something.) Apple providing a very low overhead push notification server that any developer can use to notify their users of updates, and a centralized way of downloading and installing those updates is one step closer to things just working the way they should.

    In a previous comment, someone made the analogy to the changes the automotive industry has undergone in the past 30-40 years. I use this analogy all the time. For a while people lamented the perceived loss of ability to maintain their own cars, but the tradeoff is that most people drive vastly more reliable vehicles than they did a few decades ago and don't miss changing a water pump themselves one bit. I for one really hope that personal computers get to the point where they "just work" the way cars do these days. And despite the more proprietary nature of cars nowadays, the tinkerers and those that perform their own repairs are certainly far from extinct—they just had to acquire different tools and skill sets.

    As for software developers not wanting to give Apple 30% of the retail take, unless they primarily sell directly and can scale well with demand, they often sacrifice more than that to whatever distribution channels they do use. In most instances (i.e. for the most popular apps), those not buying volume licenses (which aren't yet available for non-Apple apps in the Mac App Store anyway) tend to buy from a discount retailer. Between the discounted price and the fact that the retailer is taking a cut, we can deduce that the publisher has probably wholesaled the license at 70% or less of full retail.
  • Death666Angel - Monday, February 20, 2012 - link

    Considering the kind of information my internet-machine has on me versus my car, I don't really see how they stack up. I don't want Apple or Microsoft or Google turning their OS into another Facebook.
  • repoman27 - Monday, February 20, 2012 - link

    Many cars already have embedded GPS and mobile communication hardware, microphones and cameras and other sensors. Some new models are touting built in Wi-Fi. Once you start browsing pron from you car, there really won't be much difference.

    And I don't really see how app stores could turn an OS into Facebook. Apple, Microsoft and Google all provide browsers, Microsoft and Google have search engines, and Apple has iTunes. I'm not sure what they'll learn about you from an OS level app store that they don't already know.
  • Death666Angel - Tuesday, February 21, 2012 - link

    So, you store passwords, private information, handle money transactions through your car? If you don't see how a machine to enter the internet and community with the world is different from a vehicle, you clearly are not living on my plane of existence.

    As for the Facebook, you were saying that we should just let the companies run these black boxes and not worry about it. But I see that this would give these companies a chance to gather ever more information from us. Your argument that they already have stuff to gather such information isn't anything contrary to my stance.

Log in

Don't have an account? Sign up now