Hacker News new | ask | show | jobs
by chrisfinazzo 2538 days ago
Wait a while. Holding one's breath not recommended.

For those who don't want to (or cannot, due to the nature of their application) use the Mac App Store to distribute software, the requirements will only continue to get more specific until (to the extent possible) all executable code and resources are notarized and signed with an identity.

<Insert Perry the Cynic rant about unsigned code - "What the hell is wrong with you!?">
1 comments
scarface74 2538 days ago
This same prediction has been going on since 10.6 - over 7 versions ago. How do you propose that Apple forces code signing on programs that run on top of a VM like the CLR or JVM? How do you propose they enforce it for programs run using a scripting language? The best they could do is force signing on the runtimes.

But my point still stands. Today on July 9th 2019 you are not forced to be part of the developer program to distribute apps on the Mac. Despite all of the pollyanish the sky is falling type that has been going on for over a decade.

link
chrisfinazzo 2538 days ago
Not to put too fine a point on it, but those examples don't pass muster.

- If you're not using .NET, the CLR doesn't affect you, and although Microsoft has done well with ,NET, I wouldn't necessarily expect Apple to make Redmond's job easier.

- Java is much the same boat, and is perhaps in even worse shape as it used to be included by default in macOS releases but now isn't.

Read: security nightmare.

- From 10.16 on, scripting languages also aren't included by default. This seems less adversarial than the situation with Java, but for things like Homebrew, it's a stumbling block they will need to overcome.

https://discourse.brew.sh/t/mac-os-deprecating-system-script...

link
scarface74 2538 days ago
Apple introduced the Mac App Store over a decade ago. Since then, conspiracy theorists have been predicting that Apple will force all apps to be signed.

Are you predicting that Apple will disallow all scripting language runtimes and all VM based development environments? So if these same predictions have been wrong for over a decade - and still aren’t happening with 10.13, exactly when will this happen?

As far as Apple not including (outdated) versions of various scripting languages or Java - neither does Microsoft. That hasn’t been a major impediment to adoption.

link
chrisfinazzo 2538 days ago
Sigh, you're just not getting it, sorry to say.

I have NO TROUBLE imagining that Apple will continue to tighten the screws on this, enforcing signing through Developer TOS and requiring MAS apps to pay for distribution certs.

Direct download isn't going away, not after all the work that's gone into securing it, but if you think you can sell an app off your own site without giving Apple some identifiable info about who you are and what your code does, prepare to be disappointed.

Runtimes won't be disallowed, just that you (the user) are responsible for installing them and keeping things updated.

Oh, and for record, my reference to "Perry the Cynic" is no accident...he literally invented how code signing works.

https://weblog.rogueamoeba.com/2008/03/07/code-signing-and-y...

https://red-sweater.com/blog/514/development-phase-code-sign...

http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=H...

http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=H...

link
scarface74 2538 days ago
So you realize you’re kind of arguing against your point? He made a prediction that still hasn’t come true over a decade later.

And citing the patent office isn’t helping either. Every company patents everything they can.

Direct download isn't going away, not after all the work that's gone into securing it, but if you think you can sell an app off your own site without giving Apple some identifiable info about who you are and what your code does, prepare to be disappointed.

Well today you can. As you have been able to do since the info-Mac archives since before the World Wide Web existed. So unless you can bring back some proof from either your time machine or visiting some other world in the multiverse, I would rather talks about facts as they exist today.

And code signing still won’t stop you from being able to run code that runs on top of a VM or scripting languages without them being signed and you won’t have to do the ctrl-click bypass.

Why is it wrong for Apple not to bundle extra runtimes (scripting/JVM) software that increases the attack surface? Should they also start back bundling Flash?

link
chrisfinazzo 2538 days ago
> Well today you can. As you have been able to do since the info-Mac archives since before the World Wide Web existed. So unless you can bring back some proof from either your time machine or visiting some other world in the multiverse, I would rather talks about facts as they exist today.

Watch WWDC 2019 Session 701, you'll learn something.

https://developer.apple.com/videos/play/wwdc2019/701/

> And code signing still won’t stop you from being able to run code that runs on top of a VM or scripting languages without them being signed and you won’t have to do the ctrl-click bypass.

It is easy to do this? No, in many cases I'd expect it to be a serious P.I.T.A, but it's unquestionably the right move going forward.

https://mjtsai.com/blog/2019/06/17/notarizing-command-line-t...

link
gergles 2538 days ago
Today, on July 9, 2019, yes you are not forced to be part of the developer program.

Apple has announced that is changing very soon[0] and you attacking everyone who already knows this as 'conspiracy theorists' is kind of insulting.

0: https://developer.apple.com/documentation/security/notarizin... - "Beginning in macOS 10.15, notarization is required by default for all software".

You can only have software notarized as a member of the developer program.

link
scarface74 2538 days ago
My statement was very clear “developers are not forced to be part of the developer program.” Meaning that unlike ios, there are ways to distribute your app without signing it. “Notarization required by default” != “there is no method to distribute unsigned apps”.

https://www.google.com/amp/s/eclecticlight.co/2019/06/07/not...

Catalina still runs apps which haven’t been notarized or even signed, including those built after 1 June 2019. But you may find them more complex to run, and they don’t of course benefit from any of new security protection unless they’re signed and hardened.

link
gergles 2538 days ago
You left out the portion of the article that says only apps you built yourself don't need to be signed/notarized.

Apps distributed over the Internet, like, you know, the ones we're talking about, must be notarized according to your own source.

link
scarface74 2538 days ago
What part of Catalina still runs apps which haven’t been notarized or even signed, including those built after 1 June 2019. But you may find them more complex to run

Is difficult to understand? In Catalina just like in the current OS, there is a built in method for the end user to bypass code signing for any app. The user can choose to run unsigned third party code.

The article states that code you create doesn’t have to be signed and you don’t have to go through the “complex” process to run it.

Third party code forces you to go through the “complex” task of ctrl clucking.

link