updated 01:45 am EDT, Tue August 21, 2012
Latest of many Mac developers to abandon Apple app distribution
Popular video playback application MplayerX is no longer being updated on the Mac App Store. Citing Apple's sandboxing rules, the developer is claiming that the step is coming only after "arguing with Apple over three months" trying to make the newest version of the application function under the new Apple guidelines. The latest developer to pull out of the Mac App Store has reignited the debate of Apple as software curator for its devices.
MplayerX features affected by the sandboxing rules include the automatic loading of subtitles for videos and the ability to play the next episode of a TV show in a folder. Many applications will never be able to be sold on the Mac App Store due to close integration with the kernel of the OS violating the sandboxing requirement, such as most of the Rogue Amoeba line of audio enhancements, with the exception of audio-capture tool Piezo.
The MplayerX developer isn't alone in abandoning the Mac App Store. Codebase version control app SourceTree's developers announced that after March 1 that they would not be updating the application because of Apple's addition of the sandboxing requirement. Listing seven major functionalities that would have to be removed with a restricted version of the application, the developer stated that "tools which perform more complex behaviour, particularly when that involves integrating with other apps and tools, do many things that simply aren't catalogued in the sandbox."
For now, applications can be purchased and installed outside of the Mac App Store. External distribution, the way it was done before the Mac App Store came on line, is the only way some of the kernel-altering applications can be distributed. Apple has implemented a more extensive system-wide security feature in conjunction with sandboxing, called Gatekeeper in OS X 10.8 Mountain Lion. By default, Gatekeeper only allows applications downloaded from the Mac App Store, and apps that are digitally signed with an Apple Developer ID.
Developers, in discussing their concerns with sandboxing and Gatekeeper, see a potential future where the Mac App Store becomes the only venue for OSX application distribution, in much the same way that the App Store is the only place to purchase applications for the iOS unless the device is hacked, which Apple attempts to prevent with every hardware and OS iteration. Dave Howell from Avatron discussing his AirDisplay software and its inability to ever be sandboxed, possibly fearing this outcome said "The host software [for AirDisplay], with its kernel extensions and other low-level components, would never qualify for app store distribution anyway, so no sandbox issue there (at least unless Apple finally shuts down support for third party drivers completely, heaven forfend!)"
Overall, the sandboxing effort is intended to increase security in OS X by limiting the operations a program can execute to program-essential functions, thus hindering malware. OS security is a game of one-upmanship where the OS manufacturer increases security as a result of a threat, and the malware "community" increases efforts to break the OS or changes the vector of attack. This then forces the OS developer to increase security, and the cycle continues. Security measures are often a balance between user accessibility, openness, and convenience versus saving the user from themselves and preventing an action that the user unwisely initiated from taking place, such as opening a malware-laden app. At this time, and for the foreseeable future, despite no credible, persistent malware threat to OS X, all new applications and updates on the Mac App Store are expected to comply with the sandboxing requirement.