One of major new features coming in OS X Mountain Lion, is something called Gatekeeper, which is a new security offering that helps prevent users from installing malicious software.
Gatekeeper has two new ways to verify applications to make sure they are not malicious in any way. The first path is to only allow applications to be installed via the Mac App Store. The second is for developers who choose to distribute their applications outside of the Mac App Store. They will be able to register with Apple and receive a certificate that they can associate with their applications. This will give Apple a way of tracking software and pulling the plug if anything nefarious begins to occur.
It is being reported however, that Mountain Lion’s default setting will only allow apps to be installed from the Mac App Store. This can be changed in Gatekeeper’s settings, with three options being offered: “Mac App Store”, “Mac App Store and Identified Developers”, and “Anywhere”. Here is how the Macworld report describes each of these features:
Anywhere: This choice uses the same set of rules as every previous version of Mac OS X. If an app isn’t known malware and you approve it, it opens.
Mac App Store: When this choice is selected, any apps not downloaded from the Mac App Store will be rejected when you try to launch them.
Mac App Store and identified developers: This is the new default setting in Mountain Lion. In addition to Mac App Store apps, it also allows any third-party apps that have been signed by an identified developer to run.
If you use the default Mac App Store-only installation process, it can be easily bypassed the first time the application is launched by right clicking on the app, and selecting the “open” option. Once opened, Gatekeeper no longer has control regarding that specific application.
As for the developer certificate route, Mountain Lion will do a daily check against Apple’s servers looking for developers that have been blacklisted for malicious software. If applications from that developer have been detected on a user’s machine, they will be locked down and cannot be opened.
This new identified developer program does not check the developers beforehand. So, certificates are freely distributed without question. However, it allows Apple to link developers to applications, and if a malicious mishap occurs, allows Apple to shut down functionality for that app from a developer who has been up to no good.
[UPDATE] As pointed out in the comments by one of our readers, I grossly misunderstood, and poorly reported on a major fact regarding Gatekeeper. By default, Mountain Lion is set to allow for the instillation of apps from the Mac App Store and apps from developers holding Apple-issued certificates. In the report above I had incorrectly stated that, by default, only Mac App Store apps would be cleared for instillation. My original reporting was wrong. I apologize for the confusion.
Continue reading:
- Everything New Apple Just Announced (Septembe
- Apple Watch Pre-Order
- Apple Research Kit launches with 5 Apps
- Apple TV now only $69
TAGS: Mac App Store, mountain Lion, os x
