[qz2]

It's not even that. This is a distraction from the real issue which is this technology exists not to improve the security posture but to enforce market control.

So go back a few weeks and you buy a copy of Fortnite, Apple and Epic lock horns on a dispute and they revoke Epic's certificate. Next thing you get a shiny new M1 equipped Mac and go to install it and it's gone from the app store. Slightly deflated, you go back to your Mac and copy the files off it onto your new one, thinking you circumvented this slyly, it does an OCSP check and refuses to run the binary. Eventually the OCSP check will be done, probably after an OS upgrade on your old Mac and that's gone too. So you're deprived of something you paid for and have no control over the hardware you paid for.

This is an example of what could happen.

If it improved security posture the signing infrastructure wouldn't be used to sign any old shit from millions of developers doing all sorts of nefarious things that Apple didn't pick up during the review process...

Edit: this has already been demonstrated if you refer to the Flappy Bird mess a few years back.

[3gg]

Yes, thanks for the reply. I was giving the author the benefit of the doubt, but their arguments just have no solid grounds. And like you said, this is about market control, not security, the latter just being a distraction.

Another thing in line with what you mentioned is the ability for the company to squash competition. Not only do they have the last word to veto programs from running, they also get a global view of what everyone is running that nobody else has. This kind of information has been abused by Amazon to drive out competition in favour of their own "Amazon essentials" products, for example.

[nmlnn]

Yeah, if looked at in the larger context of them booting iOS apps from the app store that don't pay the 30% Apple tax for any in app payment - it's clear where they're going. It's just a boil the frog slowly strategy of making every major OS update more restrictive and trying to placate (with amazing hardware) those who complain.

Personally I drew the line at Catalina, and I think an order of magnitude more will draw the line at Big Sur.

[zepto]

It’s about security:

https://www.zdnet.com/article/apple-update-kills-off-zoom-we...

As for Epic. They lied about the content of the software they uploaded to the store, and knowingly breached a contract they had signed. If that isn’t fraud, I don’t know what is.

They could have sued Apple without the fraud. The certificate revocation was only about the fraudulent software update.

[qz2]

Yes Epic are bastards too. And Zoom. In fact these days it's wall to wall bastards.

But the end user doesn't care. They bought something and they want to keep it and use it. And that's where the buck stops.

[tuatoru]

> these days it's wall to wall bastards.

Sometimes I really wish I owned a T-shirt printing business. Thanks!