Apple’s Gatekeeper: Malware Protection? Or The Mark Of The Beast?

Chris Randall, over at his excellent Analog Industries blog, recently posted about an upcoming change in OSX 10.8 (“Mountain Lion”). OS 10.8 will introduce a new feature called Gatekeeper, which is being promoted as a method of protecting the user from downloading and running malicious software.

As part of this new “protection” system, Apple has created a new certificate program for software, Developer ID, that will allow developers to mark their software/plugins with an official seal of approval. In OS 10.7.3, there is a preview of the Gatekeeper function, and apparently an alert window will be displayed if you try to install any software that doesn’t have an official Developer ID:

Many developers are worried that this is the first step of Apple restricting all software on OSX, with the App Store eventually becoming the only source of software for the Mac (and with Apple taking 30% of all software sales for the Mac). This is a sinister prospect, but what if the real goal of Apple is worse…far, far worse?

The idea of needing a particular identification mark in order to buy or sell a product can be found in the Book of Revelation:

“And that no man might buy or sell, save he that had the mark, or the name of the beast, or the number of his.” – Revelation 13:17

Is Apple’s Gatekeeper program a way of protecting users from malware? Or is it the first step in a blatant power grab to control all software on the OSX platform? Or…is it one of many steps designed to hasten the onset of End Times?

The choice of the apple for Apple’s logo is starting to seem less…innocent. Newton’s apple, or forbidden fruit?

And what rough beast, its hour come round at last,
Slouches towards Cupertino to be born?

About the author:

Sean Costello is the "algorithmic reverb plugin wizard" [citation needed] at Valhalla DSP.

Comments (8)

  1. “…with the App Store eventually becoming the only source of software for the Mac…” That would be a real shot in foot. There’s a lot of software, particularly in music production that is simply too large (Ivory, Spectrasonics, Toontrack) to be made available download only, even if we do all end up with fibre right up to our routers.

    For years we’ve not needed any kind of protection on the Mac. I’ve never used any anti-virus software and I download all sorts of stuff! The one and only time I picked anything up was in 1998 when there was a worm going about that caused the finder to freeze for 30s every few minutes. It came in on a client’s disk and quickly spread across the whole network. Fortunately there was a cleaner on the then current Macworld CD and it was promptly banished in a matter of minutes.

    But times are changing and so perhaps we do need something like Gatekeeper. I’d rather that than Norton any day of the week, regardless of motives. And don’t they say “better the devil you know…”?

  2. Seems like another pain in the arse to be honest from my point of view and hopefully as nomadetech said above – It will be optional not mandatory

    1. It is optional, but a much STRONGER optional.

      I’ll actually be signing my future plugins, but as the signing requires Xcode 4, it will change my workflow, and will force me to no longer make PPC/10.4 builds.

      1. I think this is the real reason behind it. They are basically coercing everyone to develop only for newer platforms, buy an apple dev ID ($100 if I recall correctly), and if their behavior in crippling iOS competitors is any indication, filtering out and limiting the performance of apps that step on their toes. The day that the app store is the only way to buy software for mac is the day I move to linux.

  3. I wish I could find the image I did for a graphic design project in college. It’s the classic time stop photo of a bullet going through an apple, only the other half/end is faded/merged with the old 1st generation very round CRT style iMac? circa 2002-2004 (profile view) , with the bullet exploding out of a decimated shrapnel infused hole on the back of the iMac. I guess my prophecy was right.

  4. For years I’ve been using checksums (md5 and/or sha-1) and trying to convince devs to use them. It’s “kind of” like a signature and it’s unobtrusive. The only problem is people must do the check manually but this take one second. This is the big difference with the signature method. If you forget to check then you can be at risk. Checksums is also helpful to be 100% sure that every bits of a download or a file transfer was done correctly.

    Everybody should be using them. If you’re on PC I suggest “HashCheck Shell Extension”.

Leave a Comment

Rules of the Blog

Do not post violating content, tags like bold, italic and underline are allowed that means HTML can be used while commenting.