jailed by default is not a sign of evil intent on Apple’s part. So here’s some more commentary around the topic.
“If Apple really wanted to restrict all app distribution to the app store, why did they come up with this Gatekeeper system?”
Because right now, there are a lot of applications that can’t be placed on the App Store because of Apple’s rules, as well as the technical restrictions such as sandboxing. There are even more applications whose authors are not interested in the App Store. I think the App Store has failed to get the critical mass Apple hoped for.
The ‘third way’ approach of “Well, you can get a key and sign your code but not actually have to use the App Store” is a way to entice everyone to sign their code with Apple-approved keys. Once all the major developers go along with that, the “Turn off Gatekeeper” option can be removed from OS X without 99% of users ever noticing.
At that point, Apple has complete control. They can set the terms for what software is allowed on the Mac, and yank apps even if they aren’t from the App Store. If they don’t want DVD rippers or emulators available, they just revoke the appropriate developer signing keys. And they can rent you developer access to your own hardware, like they do with the iPad and iPhone.
“You’re paranoid. Apple would never do that.”
If you don’t think Apple would ever do all these things, I have to ask: Why wouldn’t they? It would give them complete control over the platform, and the iPhone and iPad have apparently demonstrated that there would be no impact on sales from doing so. Even big names like Adobe and Microsoft have gone along with the iPad’s restrictions.
Compulsory signing would also eliminate the ability to run cracked pirated versions of applications. Developers would love that—and so would Apple, since they could start demanding a 30% cut.
You can see more of this cat-herding going on if you look at the new features in Lion and Mountain Lion. iCloud is only available to applications in the Mac App Store. The new notification center is the same. There’s really no technical reason for such restrictions; it’s just Apple using new functionality as a carrot to get everyone onto the App Store where they can be controlled.
“It’s just being done for the sake of security.”
You could just about make the argument that iSync needed to be limited for security reasons, but there’s no such excuse for apparent limitations on notification center access. To me, this is the smoking gun that shows Apple’s intent.
If Apple were really concerned with security, they’d be updating the out-of-date GPL software that ships with OS X to current versions that have had the security holes patched. But instead, they are purging all the GPL v3 licensed software.
The two big features of GPL v3 are disallowing use of patent lawsuits to prevent people using the code you distribute, and preventing locking down hardware so you can’t run modified code. The idea that Apple wants to be able to sue people who run GCC or the bash shell is possible, but it seems unlikely to me. Similarly, wanting to share code between iOS and OS X doesn’t really explain why they won’t distribute things like the bash shell and GCC which only exist in OS X. So that leaves locking down OS X as the most plausible motivation.
If Gatekeeper is all about security and not about control, why don’t Apple offer the same options as Gatekeeper on the iPad and/or iPhone? If Apple do that, I’ll admit I’m being paranoid and shut up about this. (And buy an iPad.) Since I submitted a request for a developer option to turn off the jail when the iPhone was launched, I’m not holding my breath.
On the contrary, unless Apple reverses their current course and opens up the new OS X functionality to all applications and not just jailed ones they get a 30% cut from, my current Mac will be my last.
© mathew 2017