I'll admit that the right-click workaround is a minor speedbump but it does work.
And Developer ID certificates are valid much longer than a year, I believe mine expires in 2019. They aren't revoked if you stop paying for program membership, and the expiration applies to the signing operation, apps you've signed in the past will continue to work after the certificate expires.
I can do that, but it's not reasonable to expect my users to do so. As it is, indie developers have to choose between paying rent to Apple and having most users unable to open their apps.
I mean, really, you're comparing paying rent with a $100/yr fee (which now allows you to sign apps across their platforms)? Really? I highly doubt most indie developers even have to make that choice. Finding the $100 a year is not the most impossible task in the world, even for a tiny indie developer.
Plus, more than a few apps have added instructions on their download pages to show users how to get around Gatekeeper. They can clearly take the Gatekeeper hit, so you probably can too.
I could afford $100 a month. Affordability is not the point. The point is that Apple will block your app from opening by default unless you pay them a recurring fee, and if not, you must incur additional support burden to teach users how to get around the problem.
Yes, lots of apps do post instructions on how to get around it, but lots of apps do all sorts of user-unfriendly things. We Apple users used to make fun of Windows for the endless sea of pointless dialogs its users had to go through. Those apps could take the shitty-UI hit, mine probably could too, but it still sucks. A lot of people are intimidated just looking at instructions like that, and will just give up.
I don't know about you, but I feel like that's a pretty terrible first-run experience for my app. I don't feel comfortable charging people for something they might not even be able to run. Would Apple be willing to put their own apps behind that kind of painwall?
> I don't feel comfortable charging people for something they might not even be able to run.
Honestly, if you're charging users, then there's absolutely no question about it, you get the membership. Your entire "expecting the user to do so" point completely goes out the window the second you said it's a paid app. If you have the revenue, then it's simply a cost of doing business in the Apple world. Plus, once again, you're being way overdramatic. "might not even be able to run" is taking it a bit too far. Your app will be able to run. If you don't trust your users enough to click twice, then maybe you need to learn to trust them more. It's not like it's a hard thing to do, and it only needs to happen once.
Remember, this is Apple's OS, Apple's ecosystem, and Apple's SDKs. You play by their rules or not at all. That's the way it's always been, and that's the way it will probably always be (but never say never, look at Microsoft, they're doing things nobody would have ever expected). Yes, it sucks. Yes, it isn't fair. But as with all major companies, it never is. They will always have the upper hand because they're the ones providing the user base and all the tools necessary to get the apps out there and onto their machines. As long as you are developing for their platform, you have to play by their rules. Honestly, be happy they haven't moved the default to the much more restrictive "Mac App Store" yet.
And to be fair, I see where Apple (and Microsoft, IIRC they have SmartScreen which does the same sort of thing but to a lesser extent) are coming from. I'm sure that it lowers the chance of accidentally executing viruses by quite a bit and also slowly is teaching users to think before they execute (especially if you have to right click and click Open).
> Honestly, if you're charging users, then there's absolutely no question about it, you get the membership. Your entire "expecting the user to do so" point completely goes out the window the second you said it's a paid app. If you have the revenue, then it's simply a cost of doing business in the Apple world.
Yes, because Apple demands rent. They create a problem and then charge you to fix it. This is called rent-seeking. I think that is a bad behavior.
> Plus, once again, you're being way overdramatic. "might not even be able to run" is taking it a bit too far. Your app will be able to run. If you don't trust your users enough to click twice, then maybe you need to learn to trust them more. It's not like it's a hard thing to do, and it only needs to happen once.
I used to do tech support for a medium-sized office. I would frequently get called to people's desks because their computer wasn't working, only to find that their email client had put up a dialog with the message "The email address 'somebody@thatcompany.cok' is not a valid address", I'd have to verbally tell them they mistyped the address — sometimes, even after this, they'd just stare at me like a deer in the headlights and I'd have to type in ".com" for them before they felt like they could use their computer again. And then they'd do it again the next day.
I remember patio11 once shared an anecdote about a school teacher who called his support number because she thought Bingo Card Creator had broken Google. It turned out that she'd gotten a new home computer and Bing was the default search provider, and she couldn't figure out how to operate Bing because it wasn't Google.
I have to wonder if you have had to do a lot of support work, because I think you're trusting users way too much. There are many, many people who are really not stupid, but get flustered when doing unfamiliar tasks on a computer.
> Remember, this is Apple's OS, Apple's ecosystem, and Apple's SDKs. You play by their rules or not at all. That's the way it's always been
No, it isn't. It wasn't even this way just five years ago. I was one of the early adopters of OS X, and one of the things I loved about it was how open it was, so even some kid like me (at the time) could easily make software. Apple has gotten worse and worse about this over the past decade.
Apple isn't forcing you to pay if you want to run your apps, they're warning users and forcing them to take an extra step to run unsigned code. That doesn't completely prevent malicious code execution but it definitely helps which is a net win for users.
Complaining that they ask for $100/year to use their official distribution channel (which incurs ongoing costs for them) seems unreasonable considering the quality and quantity of tools they provide for free. Xcode is a pretty awesome IDE considering it's free to use.
> A lot of people are intimidated just looking at instructions like that, and will just give up.
You realize it's probably one of the easiest tasks ever, and it's literally 3 steps. Anybody even my grandma can do that. If they know how to download your app and "install it" they will be able to do those simple steps.
And it's a one time thing, not like they need to do it every time they go to install an app.
Anybody can do it if they're of the right state of mind, but as somebody who used to do IT for a medium-sized office, all I can say is you're mistaken if you think most people are that way. The task is intimidating and involves 1) going through a context menu (something many Mac users will never even have done before), 2) dealing with a dialog (people get nervous the second a dialog shows up and often don't even read them), 3) if they have read the dialog, ignoring the fact that they're doing something it's telling them not to do.
Philosophically, it is a bummer. Instead of a developer and customer having a direct relationship, there's now an Apple tax that needs to be paid every year or the relationship gets cut.
However, I can't think of any other way to gain the security benefits of app signing.
Ultimately, all security is a web of trust. If you're going to put an automated, self-service system at the root of that web (the Apple dev program), then you need reliable ways to establish identity and discourage high-volume fraud. A $100/year credit card charge does both pretty well.
As a developer and a user, I more or less like the system. I feel general users get a decent amount of added security without too much hassle.
Thinking of the unsigned applications that I do run, if you know about them, I don't feel it's unreasonable to expect the user to know how to get around the signing.
And Developer ID certificates are valid much longer than a year, I believe mine expires in 2019. They aren't revoked if you stop paying for program membership, and the expiration applies to the signing operation, apps you've signed in the past will continue to work after the certificate expires.