Good News!

17 Feb
February 17, 2012

I lied, it’s bad news. Ha ha, don’t you feel silly now, for believing that heading?

Apple have decided to launch their next Mac OS with a feature called ‘Gatekeeper’. That’s a nice name, don’t you think, doesn’t sound like ‘Big Brother’ at all. What does Gatekeeper do? Well, it keeps your gate, dunnit? Actually, what it does is stop users installing software that isn’t certified and digitally signed through Apple.

Why is this good? Well…you could say it’s good because it provides more security for your system, if you believed that hackers wouldn’t quickly find their way around this. If you were, like, naive.

Why is it bad? Well, it’s bad because now there is A Single Source of Truth for what is acceptable to load on your Mac. You know how monopolies work, don’t you? You’ve heard the old saying about absolute power corrupting absolutely, yes? I don’t need to spell it out?

Oh, but maybe you’re part of the cult of Steve Jobs, and Apple can do no wrong. Let me give a simple example of how this could be bad. Jobs’ vendetta with Adobe over Flash was well known, it had ‘giant security flaws’, he said. Maybe it does, I dunno, I’ve somehow survived watching Youtube all these years. Anyway, imagine what would have happened if a man as famous for forcing others to do things his way had a such a ‘gatekeeper’ installed on Macs at the time? Could he have used it to force every developer wanting to build for Mac to shun Flash? Think about the kind of control this system gives Apple, not just over user machines, but over the direction of the industry itself.

This kind of control is problematic. Once there is a single gatekeeper, and end users are used to and prefer that gatekeeper, you can find yourself out in the cold for reasons that are in the best interests of the gatekeeper, not the users. As an indie, you may find yourself burdened with licensing fees you can’t afford, or excluded for not using ‘approved’ software that is prohibitively expensive. If, one day, there is a license fee and I die and thus stop paying that license fee, would you still be able to install apps I’d previously registered? Only Big Brother knows, and they could change their mind at any time. To “protect their users”, of course. It’s amazing how bullshit always gets wrapped up in “we must protect the X!” rhetoric.

There, I said I wasn’t going to spell it out but I did.

And in case you’re feeling smug about not using a Mac right now, I’d not get too gleeful too quickly, not unless you use Linux. Windows 8 is going the same way. For now, both OS’s will feature ways to disable their gatekeepers (though how many average users will even know to do that?). But once people are used to it, I have no doubt future OS releases won’t even have that option.

All hail our Glorious Overlords.

1 reply
  1. James says:

    There was work done in Linux 2.4 to support signed binaries before it became apparent that it was a nightmare (http://stackoverflow.com/a/9527322 ). One wonders how Apple is handling scripting languages.

    Limited signing may still be of use; Debian has been signing application packages since 2005 (with a tool to add 3rd party trusted sources, of course). There’s some security benefits from such an approach.

    Reply

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *