Feeds

back to article New Mac OS X: Mountain Lion roars at unauthorised apps

Apple released a developer preview of Mountain Lion today before the new operating system is let out of its cage in the summer. It's the ninth major iteration of the Mac OS X operating system, replacing Lion, and from Apple's roundup of its features, version 10.8 marks a much closer integration with iOS devices. Apple goes so …

COMMENTS

This topic is closed for new posts.

Page:

Anonymous Coward

Pick your garden now while you can still see the alternatives...

Apple are building their walls even higher and Microsoft aren't far behind them... -

"With Microsoft selling the applications directly, users would also be offered a greater degree of security, he claimed. Microsoft has been studying the security implication of this and could control the marketplace better, as well as working with developers on more secure coding strategies."

Pick your garden now folks as once you're in you're in...

13
11
Silver badge
FAIL

Re: Pick your garden now while you can still see the alternatives...

Some walled garden. Just tick a box and its off, you can install unsigned content to your delight... Or the developer can get the app signed and distribute how s/he sees fit.

Given how small the wall is, I can only presume anon that you live in Smurf Village.

28
15
Silver badge

Re: Pick your garden now while you can still see the alternatives...

I can already see the counterargument: it's an optional control and well designed operating systems have always had optional controls over what a user can do. Apple are actually far behind Microsoft in allowing things to be locked down by an administrator, which is one of the many reasons (though probably not one of the main ones) that they don't do very well in corporate environments. Furthermore it's not really a walled-garden issue because you're already unable to use your Mac apps on anything other than a Mac; it's a centralised control issue.

That being said, I agree with you — there appears to be an attack on open markets for software from all fronts (with Apple being particularly involved) and it's a big concern.

8
2
Anonymous Coward

Re: Re: Pick your garden now while you can still see the alternatives...

"Just tick a box and it's off"

Oh yeah sure then when the preview of the next OS rolls around and apple say "you know what our anonymous statistics showed only 1% of users unticked the box, so we removed it and made the OS even more like iOS"

31
5
Anonymous Coward

Re: Re: Re: Pick your garden now while you can still see the alternatives...

Unticking the box may be "easy," but doesn't mean the computer-illiterate that Apple seems to draw in will know how to untick said box. Of course, developers will now be obligated to distribute their apps from the Mac App Store since that will be the "only" way (in the eyes of said illiterates) to distribute/install their apps. At which point, Apple will eat a 30% sell profit. Apple will then decide all apps should be distributed via the App Store and lock out any alternatives, in a similar fashion to what they did for paid subs....

15
6

Re: Re: Re: Re: Pick your garden now while you can still see the alternatives...

"the computer-illiterate that Apple seems to draw in"

Odd, given the VisualC code that just got dumped on me in the latest re-org, I'd call Windows developers computer illiterate.

9
8
Silver badge

THERE APPEARS TO BE.......

a lot of concern amongst the internet security companies that there will come a time when Apples walled garden will be breached.

The consensus is that it will be breached, the danger will be that many devises have no AntiVirus etc installed because users believe what they use is totally secure.

The breach when it comes could ne catastrophic for many users.

5
3
Silver badge
Devil

Re: Pick your garden now while you can still see the alternatives...

Apple is now on par with Microsoft, Debian and everyone else.

It is now also asking you to confirm that you really know what you doing and accept by default only software from their repository. The only difference is that it is actually implemented properly which Microsoft has failed to do in all of the 15+ years since it introduced driver and software signing and publisher certificates.

Applause. How wondrously restrictive...

Now, let me see exactly how many warnings would Debian throw at me if I decide to add let's say debian-multimedia.org to the repository list without getting their keyring first. Once I am done with that wondrous experiment I am going to see exactly how many warnings will Winhoze throw and how many boxes do I have to tick to install 3rd party stuff.

Sigh...

11
4
WTF?

Re: Re: Pick your garden now while you can still see the alternatives...

Right, and future updates would NEVER EVER suddenly take away that "tick box." Nope, never. But I guess a new generation of would-be hackers will feel manly for "jailbreaking" their desktop computers someday.

11
4
Anonymous Coward

@ Frobozz

Why would they need to remove the checkbox?

I'm a bit tired of this scaremongering. It's been going on for YEARS now. It has not happened yet and it's not going to happen.

10
8

This post has been deleted by its author

Silver badge

Re: Re: Re: Re: Pick your garden now while you can still see the alternatives...

If its anything like other Mac error messaages it will actually be a useful message that says "If you want to install this program, please go into system preferences and deselect install singed programs only".

Really all this conspiracy theory nonsense is just making you all look silly.

4
4
FAIL

Re: Re: Pick your garden now while you can still see the alternatives...

Would you dare to guarantee that it's going to stay optional? Or that Apple will not, eventually, be picky about who it lets sign an application?

Look at the language in the press release: it's all about security. It's the safer option. We have your back, remain calm. Convince enough people that they shouldn't tick that box and in a couple of releases you can make the box go away without any substantial protest. Another brick in the wall.

Then they can gradually make it much more attractive to use the official app store instead of signed apps downloaded from elsewhere.

I'd really be OK with that if the bar to entry for an "official app" was merely that it isn't going to do nasty things to your computer. But we already know how Apple rolls when it comes to deciding who gets to be allowed past the wall.

6
4

Re: Re: Re: Re: Re: Pick your garden now while you can still see the alternatives...

"Really all this conspiracy theory nonsense is just making you all look silly."

As silly as it would make me look, I really hope you're right.

But somehow, I don't think you're a paid Apple representative with an inside track on their future plans...

4
2
Silver badge

Re: Re: Re: Re: Re: Re: Pick your garden now while you can still see the alternatives...

@ Paul

Indeed I'm not a paid apple rep. Are the anons shouting wolf Microsoft employees?

Probably not, but since we're playing conspiracies today, lets pretend they are.

2
4
Anonymous Coward

@Paul

It'll stay optional, because it's completely optional even today. See my comment at the end explaining how this only checks files with the quarantine bit set.

Any other web browser or file transfer client on OS X can simply not set the quarantine bit and Gatekeeper won't check the file anymore. That's how easy this easy to override, no checkbox ticking needed.

Do you believe Apple would leave this if the motivation wasn't only to make things a bit safer?

3
2
Silver badge
Black Helicopters

@Probing Analyst

There were commentards (me included) saying that by 10.8 there'd be some form of lockdown and lo and behold there is.

I'm going to go out on a limb and say that by 10.10 (or XI), desktop/laptop Macs will come with two OSes, one with an OS very much like iOS and then there'll be more expensive pro machines with a more open OS.

3
2

Re: @Paul

If they do this right and don't do what the "fearmongers" and "conspiracy theorists" believe they will (that is, lock it all down in draconian fashion, piece by piece, until they are the sole arbiters of what may be developed for their OS based on whatever rules they make up as they go along), it would be a good thing, overall.

Just keep in mind that Apple's first duty is to Apple (or more specifically, their shareholders). If there's a good business case for locking OSX down a-la the mobile devices and they believe it can be done without causing too much push-back from users and developers, you'd better believe they've at least *considered* the possibility.

2
1
FAIL

Re: Re: Pick your garden now while you can still see the alternatives...

A simple box to untick this time. Last time, there was no box to untick. What will it be next time?

When the iPhone came out and it was clear it would be closed, I warned friends that Apple could very easily go the same route with the Mac. They said, 'never.' But Lion was the first warning - it seemed clear they wanted to emulate iOS on the Mac; it was the first Mac upgrade I skipped in years.

The walled garden of iOS was a slap in the face. I've boycotted the iPhone and steered friends away, while worrying whether Apple would have the audacity to wall the Mac. That people continued to buy iOS devices despite Apple's complete control only vindicated Apple's decision to keep it closed. It seems obvious they're moving towards the same again on the Mac, slowly but surely.

Mountain Lion takes us one step closer, and you make light of it. Apple is grinning all the way to the bank while people shrug unconcerned that their choice is being whittled away.

I have the sad feeling the iMac I bought last year will be my last Apple computer.

4
2
Bronze badge
Thumb Down

Re: Re: @Paul

>Just keep in mind that Apple's first duty is to Apple (or more specifically, their shareholders).

Uh, uh. Not really. Their first duty is to their customers. Screw this up too much and they won't see my cash again.

I don't mind what they're doing here much. Just give us an opt-out clause.

I think vetted/secure apps make sense nowadays, for many users. We rely on computers far too much to force Joe "non-IT" Average to moonlight as a _competent_ sysadmin to keep his personal files secure. And trusted apps can be _part_ of the answer. Though I also agree that the sense of complacency amongst Mac users re. viruses and malware is misplaced.

For me? If they start taking away MacPorts or the like, not so good. And I'll vote with my wallet.

For now, I'd call the FUD-chuckers bluff and would bet 10.10 will have that checkbox available.

2
1
Black Helicopters

Re: THERE APPEARS TO BE.......

"a lot of concern"? Sophos has been saying it every quarter for about 8 years.

Still waiting.

2
0
Happy

Re: Re: Re: Re: Re: Re: Re: Pick your garden now while you can still see the alternatives...

"Indeed I'm not a paid apple rep. Are the anons shouting wolf Microsoft employees? Probably not, but since we're playing conspiracies today, lets pretend they are."

My point was that the only opinion I'm willing to accept as canon on this would be that of someone at Apple who knows the long-term roadmap, who is speaking off the record and actually being truthful.

You can guess how likely *that* is to happen. :)

0
0
Anonymous Coward

@Dan 55

Commentards have been predicting that OS X would soon be closed since 2008. It hasn't and this latest iteration isn't closed since anyone is able to either (from easy to more complex):

1) Right click open the file

2) Turn Gatekeeper off

3) Use any download tool/browser that doesn't set a quarantine bit

4) Get the file in any way other than via the Internet (e.g. USB key)

5) Use Terminal.app to disable the quarantine bit: xattr -d com.apple.quarantine <file>

6) Certify the app - for free

If you do *any* of this, Gatekeeper won't stop you. Is this what you call lockdown?

3
1
Facepalm

Re: Re: Re: @Paul

"Uh, uh. Not really. Their first duty is to their customers. Screw this up too much and they won't see my cash again."

No. As a publicly traded corporation their first duty really is to their shareholders. Apple happen to have been providing great shareholder value by among other things providing great products and making customers happy. I'd hate to see them screw with that, but they could *if* it made business sense. It does occur to me though that given the degree of love their userbase has for them, they stand to lose badly by messing too much with that userbase. They won't push it too hard for that reason alone, I reckon.

Sadly not all corporations do it that way, which is why when I call my cable provider to report a problem I have to descend through the seven levels of hell that is their voice response system, then listen to excruciatingly bad muzak for 45 minutes or more until I can have a rep who barely speaks English walk through a checklist of really obvious crap I already tried in the vain hope I could avoid having to call in the first place. But it costs them less to do it that way, thereby increasing shareholder value. After a few times through that experience you get a good sense of how much duty a corporation really has to you as a customer...

4
4
Silver badge

@ Jarrad

At the moment there is no facility in OSX for you to be sure that the software you think you're downloading is the software you're downloading. Hence why there will be a box for you to turn off the ability to check this.

If something bad comes through, revoke the license and bang, you've killed a malware epidemic flat.

Microsoft have been wishing for this feature for about a decade.

Really, the paranoia here is outregous.

2
3
Silver badge

@ paul

So we shouldn't accept the opinion of folks saying "it problably wont happen" without apple verification, but instead accept the opinion of those that say that it will, cos thats what it seems you and others are doing.

1
2
Silver badge
FAIL

@Probing Analyst

Thank you for explaining the present. I was making an educated judgement about the future.

0
0
Boffin

@Dan 55

Oh I am so sorry, didn't realise that. As you said you were "going out on a limb" I took it as "I will now present the future as I see it, based on my own views and pre-conceptions with no facts at all"

So this new "educated" bit comes from where exactly? Coin toss, thermal noise? Both are perfectly fine, and actually used by many (non-probing) analysts when predicting Apple.

1
3
Silver badge

@AC

"Oh yeah sure then when the preview of the next OS rolls around and apple say "you know what our anonymous statistics showed only 1% of users unticked the box, so we removed it and made the OS even more like iOS""

"...so we removed it and made the OS even more /secure/".

There, couldn't help fix this for you ;-)

1
1
WTF?

Re: THERE APPEARS TO BE.......

Concerned, as in we'd like to sell shedloads of crapware, that sucks your processor dry?

Surely AV is a anachronism based on old & badly administered versions of windows. Why the heck is it even needed on W7, let alone other platforms?

0
0
Silver badge

Re: Re: Re: Re: @Paul - 16th February 2012 22:37 GMT

Paul is perfectly right here : "As a publicly traded corporation their first duty really is to their shareholders". Apple are obliged BY LAW to maximise shareholder value. For example Ford's management (can't remember exactly when but quite some time ago) were once taken to court by their shareholders to stop them from increasing workers wages which were considered in line with industry standard.

You might not like it, I don't like it, but there's no point in downvoting the truth. Apple ONLY care about their customers insofar as that customer care will keep those customers spending more on Apple stuff, keep the Apple brand image etc.

As someone who does use Apple kit, I'm not really worried that I will be prevented from installing anything I want on my iMac any time soon, however what I am seeing is a long-term trend where in 10-20 years the only way to install anything on my computer / tablet / phone / supercomputer-in-a-wristwatch will be through an officially sanctioned store where the gatekeeper is creaming off 30% in the name of 'security'.

2
1
FAIL

Re: Re: Re: Re: Pick your garden now while you can still see the alternatives...

That is incorrect. The default is the middle option and therefore the developers are NOT "now obligated to distribute their apps through the App Store as the only way to distribute their apps to the computer illiterate." The computer illiterate, as you call them, do not need to untick the easy box to get out of the "App Store only download option" as that is NOT the default. Read the article properly next time.

1
0
Anonymous Coward

@James Micallef

" Apple are obliged BY LAW to maximise shareholder value. "

If it was just about maximising profit they have given up on the Mac already and shifted production lines to iOS devices exclusively, after all "Apple sold more iOS devices in 2011 than all the Macs sold it in 28 years" (Asymco, 16/2) and production hardly keeps up with demand.

Maximise shareholder value also includes not shitting on your platforms as many other companies have found recently.

0
0
Anonymous Coward

Re: THERE APPEARS TO BE.......

"There appears to be a lot of sales pitches from the internet security companies..."

Fixed that for you

0
0
Anonymous Coward

Re: Would you dare to guarantee that it's going to stay optional?

Yes. For so long as Apple needs to sell not only to consumers but also to developers. Which is, for as long as computers need software.

0
0
Anonymous Coward

Re: "more expensive pro machines with a more open OS"

That would be commercial suicide. If anything, it would be that you unlock the Pro OS by registering as a developer.

However, to do the above would destroy sales into scientific and technical markets

0
0

Defense in Depth...

The main problem here is a lack of awareness, understanding and application of defense in depth strategy by home users.

Of course you need AV, you always will need AV, but AV alone is not enough to protect you, you need a good firewall, not some $99 special you picked up at the big box store because someone told you you needed one and just plugged it in with default settings, a real one properly configured. In addition you still need HIDS, content filtering, and all the other things corporate users have ad a lot of common sense.

I see this as an attempt at application white listing, pure and simple. Quite frankly if more companies take this approach and control what can be run on their machines it makes it much more difficult to compromise the systems though traditional means and maintain persistence control for any period of time. Drives the pen testers crazy when done right.

Now the use of certs is good, but the problem here is they will only be as secure as the certs themselves, if developers share certs or a disgruntled employee signs his malware with a legitimate cert it will still get though the wall. That's why you need other defenses, if one or two fail hopeful the third or forth layer protects you, in security parlance it's called Defense in Depth, in layman's terms don't put all your eggs in one basket.

There is no silver bullet to security, but this is a step in the right direction IMHO.

0
0
Facepalm

Re: scaremongering

Its as if a large, well funded organization with enmity towards Apple wanted to spread fear and Uncertanty about Apple products through fake grass roots campaigns and anonymous forum posts!

0
0
Gold badge

Re: Pick your garden now while you can still see the alternatives...

Erm, Microsoft built their wall higher first and Apple are catching them up. Not the other way around.

XP had confirmations about unsigned drivers years ago. Code signing and warnings are nothing now.

0
1

Re: @ Jarrad

And what happens when they use that to revoke the key for something they find objectionable

0
0
Bronze badge
Thumb Down

@Paul

>No. As a publicly traded corporation their first duty really is to their shareholders

Which is ultimately ensured by keeping their customer base happy. Any savvy investor will realize that alienating your customer base is not a good idea. Currently Apple has been the proverbial golden goose. Chasing after enhanced profits would come at a risk.

AOL for example delivered great profits as a walled garden. For a while. The only reason investors didn't get roasted too much is that AOL found greater fools @ Times Warner.

Now you can run off after all kinds of lock down scenarios, but you can bet that, if the powers that be @ Apple are in any way smart, they will be thoroughly considered before risking customer alienation. There is already a fair bit of backlash against Apple, for a number of reasons, some of them quite valid, some of them linked to its new dominance.

A lock down scenario would risk replacing selling $1500+ laptops w. high margins (those Chinese workers are cheap) with what? Selling $4.99 Angry Birds with a 30% cut? Clever.

0
0
Mushroom

Dont do it!

Macs are at least said to be virus free now anyway.

This is a slippery slope and there'll be no going back.

Seem to be hedging their bets a bit though

Really, this has to be the time to move to Linux (Mint12 with cinnamon!) - while you still can......

----------------------------

By the way I've recently read poster saying they have PCs that are 'dying'. Batteries aside (can be replaced), presumably this normally means the OS is clogged with crap. Would many out there welcome an upgrade/cleanout of ye olde XP to something newer & sexier - even if it wasn't windows? Granted I'm probably talking consumer kit rather than corporate stick-in-muds - but with all this talk of BYOD - why not?

1
2
Anonymous Coward

Re: Dont do it!

yeah lets move to a platform where there are far too many variants and confusing options for your average Joe on the street where you need to know details of the terminal line to install / remove certain applications....

There's too many distros / confusion around them for Linux to ever fly with the average punter and it will always remain the playground for geeks. The real battle will be between Microsoft and Apple and possibly Google if they get their act together, but they are running out of time and this Chromebook project is a financial black hole.

Written from my Ubuntu 10.4 Netbook

3
5

Re: Re: Dont do it!

cant agree about too many distros - it's just a matter of platform proliferation just as with smartphones tablets and many different versions on OSX & Windows etc. The monoculture days are over.

On the other hand being green with recycling is pretty trendy, electonic waste is a serious problem and people frankly just get bored with old machines and want soemthing new and shiny.

I reckon it's got legs.....

But I see you'reat least part way there with 10.04...... :-)

1
0
Silver badge

Re: Re: Dont do it!

Linux already flies with the average punter when they buy home routers or TV set top boxes, or these days, more than half of all smartphones purchased. Thing is, Linux is a success wherever it isn't sold as Linux, and more as "TomTom" or "TiVo" or "Linksys" or "Android".

People don't need to know about Linux when they know that Ubuntu and Mint are good on netbooks.

4
0
Silver badge
Linux

Mindless FUD

> where you need to know details of the terminal line to install / remove certain applications.

Like what? Stuff that's bleeding edge and hasn't been fully released to the public yet?

That's an artifact of an open development process. It doesn't mean what you are trying to claim it does.

4
2
Anonymous Coward

Re: Mindless FUD

Mindless FUD #

"Like what? Stuff that's bleeding edge and hasn't been fully released to the public yet?"

Right so I'm on my netbook at the minute running a variant of Ubuntu and using Chromium, but I want to switch to Firefox. I go to the Firefox website it recognises my distro my country / language and gives me a big button to download the latest release. You press the button and you get a tar.bz2 file in your Downloads folder and fair enough I can extract it and run Firefox from that folder, but there is no readme and no visible way to install that so the folder is in it's correct place on the system (rather than downloads) which will then put a shortcut to Firefox in my applications menu.

And that's just a simple browser nothing bleeding edge at all about it, so instead I have to open up a terminal and type something like... sudo apt-get install firefox. Linux will never be a popular mainstream alternative (and don't give me rubbish about it being in phones would you really want to associate Android with Linux?)

Mountain Lion is another step from Apple in dumbing down the whole Mac experience and Microsoft aren't far behind with their garish tiles that they insist on forcing upon everyone. Apple are getting it wrong in my opinion they need to be taking features from OS X and adding them to iOS not the other way around

1
5
Anonymous Coward

Re: Re: Mindless FUD

Or, you could just go to the Software Centre, type (or browse to) Firefox and click Install. Simples.

FUD indeed.

5
3
Bronze badge

I once...

...got lots of downvotes for a comment I made, nearly a year ago, that dared suggest that Apples desktops are going to become glorified iPads. Now this article pretty much says the same I wonder if its rating will get the same battering by the Apple fanboys faithful too?

12
10
Silver badge
Facepalm

Re: I once...

If you look at the picture, it's rectangular with rounded corners. What more proof do they need?

3
1

Page:

This topic is closed for new posts.