[mikeash]

All of that applies equally to legitimate, unsigned apps. So again, either Gatekeeper is good against trojans but also good at locking out legitimate apps, or Gatekeeper doesn't lock out legitimate apps but is bad against trojans. I don't see any middle ground where both get satisfied.

[quonn]

The fact is that most apps already have been signed and the remaining few will be signed in a couple of months.

Let's assume Apple will only very rarely abuse their power (In fact I guess they won't abuse it at all, but for the sake of the argument let's assume they do.)Then running unsigned apps with a right-click is still possible, but the user will be much more aware as this is almost never required. He will therefore actually read what the dialog says and not be trained to ignore it.

In fact, that is what makes this approach different to UAC in Windows and likely to succeed: UAC came up too often and users learned to ignore it. It is already very clear to me that Gatekeeper is rapidly adopted by developers. (By the way I also think Apple has whitelisted many sufficiently outdated applications since I get the "Open" button for some of them even if they are unsigned. But maybe this is also just a bug.)

[mikeash]

If Apple rarely abuses their power and makes it easy for literally everyone who isn't making malware to obtain developer ID certificates, including people who build BitTorrent clients and Tor proxies and iOS jailbreak apps, then I agree.

However, I see no reason to give Apple the benefit of the doubt here. They have been abusive since the moment they first had the idea of restricting what their users could run on their own hardware. Given that history, I'll assume abuse until proven otherwise.

[quonn]

Transmission - a BitTorrent client - is already signed with a (free) Developer ID certificate and passes Gatekeeper just fine.

I will fil a Tor bug report, right now, requesting Gatekeeper support.

Let's see ... :)

[mikeash]

I'll be especially interested if jailbreak apps make the cut. I think that will be the real iron test of this system. Will Apple allow through a non-malware app that goes directly against them? I'm not going to bet either way on this one, but I hope someone makes them choose.

[quonn]

I'm also interested and have submitted a request to FireCore who provide a jailbreak for Apple TVs. Their bug tracker also indicates that they were considering signing recently.

I have not received feedback, yet, but will monitor this closely.

[mikeash]

Fantastic. Can't wait to see how it turns out, either way.

[wmf]

I wouldn't be surprised if Apple even issues certs to malware authors — and then uses the resulting signatures to more reliably target their blacklist (which is now updated every day).