sudo spctl —-master-disable
Of course, you as the developer can’t make this choice for your users… but isn’t that as it should be? The user decides what code is allowed to run on their machines. And the default setting is restrictive because anyone who knows what they’re doing can easily change it.
P.S. Meanwhile, on iOS there’s no way to install unsigned software at all, and on Android (starting soon) the process takes 24 hours instead of ten seconds. That is actually ridiculous because it’s taking away user choice.
P.P.S. To be clear, modern macOS has plenty of other restrictions which can’t really be turned off and which I find super annoying. Gatekeeper just isn’t one of them.
Edit: I’ve just learned that as of Sequoia, you have to also tick a box in Settings after running the Terminal command. So maybe it takes 30 seconds instead of ten seconds. That’s mildly more annoying, but still doesn’t really seem like a big deal to me.
Give me the ability to choose what I trust. “You can either trust Apple and nobody else, even yourself, or you can trust literally everybody” is obviously not a good faith implementation of this. Apple excels at steering the narrative with false conflation and false dichotomy, I’d also remind you of the came-and-went secure boot debate, which Apple successfully steered into Apple owns the encryption keys vs no encryption, and people just kind of forgot to ask, wait, why can’t I have the keys to my device?
The same with SIP (system integrity protection). You can turn it off but then you have to turn it all off.
There's no way to keep secure boot but bless your own changes and sign them in some way, that you have approved. You know, as the owner and admin of your own computer. It's either leave it to Apple or be completely on your own. And to make the choice even more uncomfortable they also disable some features like running iOS apps.
You want the ability to choose a different “authorities” that verify and sign binaries? That makes sense to me but is unlikely to relieve any of the issues in the post.
Also what do you mean by “even yourself?” What would that option look like?
It’s not really even that different than a PC motherboard that gives you “Windows UEFI” and “enroll my own keys” as options.
https://asahilinux.org/docs/platform/security/
As far as code signing, again, what do you want Apple to do here? They already gave you a master switch to turn it off. You are free to turn it off then implement your own third party code signing solution if you’d rather choose who you trust. It’s not Apple’s fault if nobody else decided to make their own trust repositories and the only alternative on the market is to have no safeguard at all.
And let’s not forget who Apple markets their computers to. These features aren’t for you and me, they’re for the non-technical customers who will absolutely get pwned by unsigned code. Go to the MacBook Neo marketing page and try to find a single image of someone writing code or even being gainfully employed.
You can turn off all protection, as you point out. So who Apple markets Neo's to isn't a factor.
> Apple’s fault if nobody else decided to make their own trust repositories and the only alternative on the market is to have no safeguard at all.
Does Apple provide a means for enabling third party trust systems, without disabling Apple's protections in general? If not, that is a serious problem of Apple's choosing. Nobody (to a first order approximation) want's to dispense with Apple's protection, or re-implement it, but to be able to carve out exceptions for specific classes of software.
The added friction feels more like a way to force developers to pay Apple an annual fee for distributing rather than for my safety. Not saying it doesn't help with safety, just that it's more weighed to the former.
I am the king of knowing immediately when I have fucked up.
“Undo” has made us far too comfortable with mistakes.
People reflexively hit yes to these things.
With Gatekeeper turned off, you’ll still get a warning on first launch which you can easily click through. (Unless Apple changed something in the last few versions—let me know if that’s the case—but it would be out of character for them to remove a warning...)
The “security feature” you don’t want to disable is precisely the thing you are complaining about, so I don’t understand why you’d keep it around.
> The added friction feels more like a way to force developers to pay Apple an annual fee for distributing rather than for my safety.
I don’t imagine Apple makes a substantial amount of money from $99/year developer subscriptions. The App Store is another story of course.
You actually do get some value, you can file two DTS tickets [1] a year which are (supposedly) looked at by a real apple engineer. Assuming they haven't outsourced it, that feels worth about $100 considering how badly documented their APIs are.
It has a chilling effect on releasing free apps.
It's going to be an interesting time soon, when even your dog will have a vibecoded app he'll want you to use.
“Press command space, no no hold down the command key - gosh it’s in the bottom left - okay, now type “privacy”, now scroll, no you scrolled too far …”
The other day my mom got a text saying she had a $399 charge on Apple, and to call the number if it wasn't her. So she called, because of course, why wouldn't you? Apparently the scammer finally got frustrated and hung up on her because she couldn't understand his accent.
I've run several PiHoles for several years, primarily on latest versions (up to v5; current is v6.4.x) – recently updating to v6 has been extremely frustrating [0], e.g: realizing that even when you tell the pi's/en0 ("internet") interface to use a specific DNS server (in GUI/network settings), it still uses the DNS-server recommended by your local DHCP server [1].
[0] I am aware that this is a joint-issue between RaspbianOS and Pi-Hole teams
[1] which requires TWO sudo nmcli which newbs have no business configuring – what happened to -simple- ?
----
If you ever want to consider how crazy DNS-capture is getting, realize that Firefox/&c are all dark-patterning the abilities to turn off "secure"-DNS. The latest Raspian/Pi-Hole defaults are terrifying... [2]
[2] another example: why doesn't v6 enable HTTPS localhost web-access, by default (like all previous versions?!)? Do the developers really expect us commoners to know how to generate localhost certificates – this is obviously behavior due to how the pihole useraccount behaves differently then the previously-root-blessed v5-behavior
----
Thankfully, I've kept a local copy of my favorite distro of Pihole v5, and it is readily-cloneable.
When I attempted to pass a --version tag during a freshinstall (requesting v5 from remote installer), it went ahead and installed latest v6 (so why even.?!).
I want to be able to right-click on an app and choose "Open" to run the program with an authentication dialog. You used to be able to do this, but Apple removed it in favor of an incredibly annoying process of having to go into System Settings every time.
This provides IMO all-around goodwill while still adhering to good release practices.
macOS is slowly getting like Windows, where, on a fresh install you have to go through and turn off all sorts of unwanted software just to have a sane environment where you, the user, are actually controlling your computer.
Or would Apple categorically reject an application like that?
I don't develop on Macs myself so I wouldn't know where to start looking, but I can't help but wonder if that would be a viable answer for many people who don't want to pay $100/year to give software away for free. Get twenty people together and $5/year doesn't feel like too much.
https://stackoverflow.com/questions/48946680/how-to-avoid-th...
That's what we did for DB Browser for SQLite (sqlitebrowser.org), and it works well: https://sqlitebrowser.org/blog/signing-windows-executables-o...
SignPath also does stuff for commercial places too (https://signpath.io), but I have no idea of the pricing.
I still prefer this over having a Microsoft developer account and publishing in the store--I hate having to put my software through arbitrary store review processes--but it's not a good situation. SmartScreen is just about the worst thing ever to happen to indie developers on Windows. We're right there in the thick of it with macOS developers: different details, same struggle. Both of our corporate overlords want you to distribute software in their store, and you get the sense that they would end self-distribution entirely if they thought they could get away with it.
I note that TFA's author edited the post after-the-fact, changing the line about Windows. It originally claimed that Windows worked fine and they got "just an EXE" and that was that. I assume they finally tried it for real on a civilian computer and saw the SmartScreen block.
I can't remember how difficult it was to set up my initial Apple developer account (trauma related memory loss, perhaps) but it is dead simple to renew. Just pay the $99. I did it yesterday. Took about a minute.
For now. Enjoy it while it lasts.
Obviously you can, and you actually could earlier where you could click a bypass button for a specific app without any of this terminal nonsense
> turn it off on their machine in ten seconds
You forgot to add the time to learn that it's possible and to find the right command
> So maybe it takes 30 seconds instead of ten seconds. That’s mildly more annoying, but still doesn’t really seem like a big deal to me.
That's because you keep ignoring the actual effort/cost even after you've learned your first simplistic estimate was a mistake
To make gatekeeper happy without paying a large amount of money and own Apple hardware (same thing).
A UI option would make sense. That is what most users are comfortable with.
Apparently Apple disagrees, Apple decides. Typical users aren’t going to find their hidden 5 step process to enable non-blessed apps and obviously they know that. Gatekeeper is an appropriate name considering the user themselves are on the outside of the gate. It’s the culimination of everything Stallman and the FSF warned everyone about for decades. By its logic we should install police officers in our living rooms for safety.
This has more to do with putting up a scary dialog for normies than it does protecting anyone. A non-technical user isn't going to go bypass this in the terminal, they're going to run back to the App Store where Apple can collect that sweet 30% and analytics.