Apple requiring software to be notarized

DSP, Plugin and Host development discussion.
Post Reply New Topic
RELATED
PRODUCTS

Post

Hi guys,
this morning I received an email from Apple that sounds a bit "disturbing".
macOS Mojave is here. Give Mac users even more confidence in your software distributed outside the Mac App Store by submitting it to Apple to be notarized. When users on macOS Mojave first open a notarized app, installer package, or disk image, they’ll see a more streamlined Gatekeeper dialog and have confidence that it is not known malware.

Download Xcode 10 and submit your software today. In an upcoming release of macOS, Gatekeeper will require Developer ID–signed software to be notarized by Apple.
I'm wondering if unsubmitted software will be automatically blocked in any near future.
Top

Post

apple sucks (for music)
my music: http://www.alexcooperusa.com
"It's hard to be humble, when you're as great as I am." Muhammad Ali
Top

Post

Big brother is watching you :hihi:
macOS Mojave is here. Give Mac users even more confidence in your software distributed outside the Mac App Store by submitting it to Apple to be notarized. When users on macOS Mojave first open a notarized app, installer package, or disk image, they’ll see a more streamlined Gatekeeper dialog and have confidence that it is not known malware.
Once again Apple is treating its customers as ritarded :borg:

What's funny is that Apple always try to convince its users there isn't malware in Apple world. This seems like a contradiction. They say we don't need any malware protection, and then claim that developers need to submit their software to Apple for users to "have confidence that it is not known malware". This seems to imply that there might be "unknown malware" :o :hihi:
Last edited by fmr on Sat Oct 20, 2018 9:25 am, edited 1 time in total.
Fernando (FMR)
Top

Post

The name "Gatekeeper" is certainly pretty suggestive. This shouldn't be too surprising, hasn't tight
control of available software for the platform been one of their chief software mantras all along?
No doubt they're looking to extend that beyond the App Store.
Top

Post

I can't remember when the App store came into being, but I have been on Macs since before that and to date, Logic Pro X is the ONLY software I have ever considered purchasing from there (oh, maybe a paid OS update back then, but can't be sure). It has always seemed to me that the better supported software (and generally more appealing) has come from outside the App store stable.
Top

Post

pekbro wrote: Sat Oct 20, 2018 9:01 am The name "Gatekeeper" is certainly pretty suggestive. This shouldn't be too surprising, hasn't tight control of available software for the platform been one of their chief software mantras all along? No doubt they're looking to extend that beyond the App Store.
Same old paranoia... :roll:

Apple didn't stop you running non App Store apps when it started the App Store, like all the paranoid people said they would.

When they introduced Gatekeeper as a security measure to stop casual users installing something nasty, it's a simple setting to turn it off and run whatever you want.

Notarisation will be required for App Store apps, so that someone doesn't submit an app, and bury a bitcoin miner or somesuch inside and trigger it afterwards - in these extreme cases, Apple can then stop that app from running on installed machines. Another security measure.

There is no requirement at this time for all apps to be notarised... maybe a few years down the line, but I think that's unlikely.

So, it's not Apple exerting control or anything like that - just useful security measures that in the main, don't stop you using your Mac in the way you always have.

The sky is still not falling... :tu:
Top

Post

beely wrote: Sat Oct 20, 2018 9:53 am

Same old paranoia... :roll:

Apple didn't stop you running non App Store apps when it started the App Store, like all the paranoid people said they would.

When they introduced Gatekeeper as a security measure to stop casual users installing something nasty, it's a simple setting to turn it off and run whatever you want.

Notarisation will be required for App Store apps, so that someone doesn't submit an app, and bury a bitcoin miner or somesuch inside and trigger it afterwards - in these extreme cases, Apple can then stop that app from running on installed machines. Another security measure.

There is no requirement at this time for all apps to be notarised... maybe a few years down the line, but I think that's unlikely.

So, it's not Apple exerting control or anything like that - just useful security measures that in the main, don't stop you using your Mac in the way you always have.

The sky is still not falling... :tu:
Lol, its not paranoia. The point being that getting software in the App Store is controlled
by apple, period. Certainly if they could get away with that beyond the App Store, they
would be all for it. Although, that smells a little anti-competitive. No doubt they could
do their best to convince the little old lady across the way, that unless it's apple approved,
it's possibly unsafe without any problem.
Top

Post

It's [hopefully!] probably going to be similar to Window's version of this:

Image

So stuff can still be run, just there'll be a big warning in your face.
Top

Post

You can always run http://www.linuxfromscratch.org/ and be assured that nobody is controlling anything. (just kidding)
~stratum~
Top

Post

mcbpete wrote: Sat Oct 20, 2018 10:13 am It's [hopefully!] probably going to be similar to Window's version of this:

Image

So stuff can still be run, just there'll be a big warning in your face.
Yes, this is Microsoft copying the worst from Apple. It doesn't make it less bad :shrug:

And the question remains: What will they do to the non-signed (and now non-notarized) apps?
Fernando (FMR)
Top

Post

Non-Notarized apps will look like this when ran:

Image

Notarized apps will look like this:

Image

Full story - https://eclecticlight.co/2018/09/24/has ... -the-user/
Top

Post

beely wrote: Sat Oct 20, 2018 9:53 am Notarisation will be required for App Store apps, so that someone doesn't submit an app, and bury a bitcoin miner or somesuch inside and trigger it afterwards - in these extreme cases, Apple can then stop that app from running on installed machines.
How do they know it mines bitcoin or sends user data somewhere? Some apps may even ask for a consent do to exactly that. No point in "notarization", software installation was always a risk. If notarization becomes a paid option, that would be much more "reasonable". (to fill Apple's pockets on non-App Store software, of course)
Image
Top

Post

Aleksey Vaneev wrote: Sat Oct 20, 2018 11:38 amHow do they know it mines bitcoin or sends user data somewhere? Some apps may even ask for a consent do to exactly that. No point in "notarization", software installation was always a risk. If notarization becomes a paid option, that would be much more "reasonable". (to fill Apple's pockets on non-App Store software, of course)
That was just an example of something secretly embedded in some software. Works the same for malware, or anything super bad - it just means there is a mechanism to stop it, if that was required. That's the whole point of it.
Top

Post

mcbpete wrote: Sat Oct 20, 2018 11:28 am Non-Notarized apps will look like this when ran:
Notarized apps will look like this:
Hardly a difference, both ways require an extra click which seems unnecessary. Seems like signing is still the most important thing to do under OS X.

Richard
Synapse Audio Software - www.synapse-audio.com
Top

Post

Richard_Synapse wrote: Sat Oct 20, 2018 6:00 pmHardly a difference, both ways require an extra click which seems unnecessary.
Only the first time, once you've said "this is ok" OSX won't ask you again.
Richard_Synapse wrote: Sat Oct 20, 2018 6:00 pmSeems like signing is still the most important thing to do under OS X.
Yep.
Top
Post Reply

Return to “DSP and Plugin Development”