I really just can't get over how bad this "you can't run unsigned apps" thing is for, well, everyone. It is a depressing thought that this might be the future of software.
It is even worse than that. I tried to edit a .tex file yesterday in TextEdit, launching from the command line with open -e. GateKeeper told me that the .tex file wasnt signed and could not be opened. This is a barrier even for very technical people.
The first thing I did after installing ML was disabling GateKeeper, problem solved. Signed apps are a good idea for "illiterate" people, it prevents them from installing malware and spyware.
At least we can turn it off... for now. Does anyone know what happens to your unsigned apps when you upgrade from a pre-ML OS X to ML? Do the programs that used to work suddenly fail? If so, that is a terrible UX!
They work just fine. The signing check is performed exactly once for new software. Once allowed, it's never checked again. As nothing on an upgraded system is "new", it works without ever showing a Gatekeeper prompt.
It's basically identical to the "You just downloaded this file from the web, are you sure you want to run it?" check built into Safari - the file quarantine system http://support.apple.com/kb/HT3662?viewlocale=en_US&loca.... However, this defaults to "No" for unsigned code, and "Yes" for signed code.
You can also easily run unsigned apps by ctrl+clicking them and selecting "open". Once you do this once the app can be opened normally from that point.
Still I also worry that Apple may get rid of these workarounds in the future and wall off the garden further.
There is actually something else going on here. I have never seen the 'this app is damaged' error and I think it is because Flash creates those 'Projectors' in some incompatible way.
Unsigned binaries are really not an issue. People who know what they are doing can completely turn the check off, or you can leave it on simply 'command-click and choose open' once to add the app to the whitelist. I do this all the time.
But really 'this app is damaged' is something different. I think the apps start working as a side-effect of code signing that masks the real issue here.
>Unsigned binaries are really not an issue. People who know what they are doing can completely turn the check off, or you can leave it on simply 'command-click and choose open' once to add the app to the whitelist. I do this all the time.
Superficially, that makes it seem like not an issue. But it's sort of like when Sony added the "no class action" waiver to their TOS. Yes, you could opt out, but it still removes virtually any possibility of a class action suit since very few people did opt out. Similarly, it is possible to run apps that aren't signed, but most users won't, and that means that it isn't viable, from a developer's perspective, to produce unsigned apps.
Now, it's true that you don't have to go through the App Store review process just to sign an app, but that doesn't mean that Apple can't revoke your key on a whim (or in error).
The cost is also an issue. $99/year is a steep commitment for what used to be a pretty big segment of the Mac developer ecosystem. The common counterargument to this is "Really, you're going to complain about $99 when while working on a $2500 laptop?" But this is nonsense. If you're unemployed, in school, or working a low paying job while developing on the side, your computer likely isn't a $2500 laptop. It's probably a low end Mac and/or a hand-me-down, and you will keep riding that machine until it breathes its last gasp. $99/year is about the cost of your whole computer.
Now, maybe Apple doesn't care about a slew of small, cheap/free apps with low hardware requirements, but their users sure as hell should.
all you see are dialogs telling you about unknown developers, or non-signed apps, or your settings keeping an application from being opened.
I have never seen the dialog being showing in this blog post ... except for a single time: XProtect binary file detection, built into OS X for defense against a few known malware attacks out there.
Pretty sure the reason that this "works" and that the author of the post is getting that dialog is that XProtect is getting a false positive on their Flash-based projects and signing the app either avoids XProtect (scary if true) or changes the signature enough that it doesn't register as a false positive any more.
it's fine for most people, allowing for only signed applications in an app store is a good thing for, you know, people like my siste or mom aka 99% of users. having some accountability and being able to trace an application back to a users/organization signing it is a long term win.
The problem is that Apple is the one and only gatekeeper here. $99 for a lot of apps, like independent games made for a competition, is a very high barrier to entry. Were Apple to allow third party certificates, and/or use the existing ecosystem for software signing certificates, there would be a lot fewer issues with this.
I agree that Apple should not be the (sole) one signing apps for their OSes.
However, I doubt a dialog "this app was signed by 'Evil Privacy Invaders, inc'. You haven't trusted their software before. Do you want to do that now?" would deter the typical user from clicking 'Yes, always'.
So, the best they could do is allow a fixed set of regulated code signers. I do not see how that would be much of a change from the current situation.
/I/ should be the gatekeeper on /my/ device. Apple's all or nothing approach means that for hobbyist usage, or internal app distribution, etc, you still have to pay that $99/year, even if it's not going into the regular ecosystem.
