Another vote for sandboxing and the App Store! :thumbsup:

Originally Posted by Zanziboy


Another vote for sandboxing and the App Store! :thumbsup:

Except, speaking of VMWare, tools like VMWare wouldn't even be possible App Store apps.


Apple needs to come up with some sort of middle ground, perhaps simply some level of certification for app store apps, proper warnings and caveats for other apps, and recognizing and acknowledging the limitations of the sandboxing requirement.

Besson: I agree. Maybe they should copy Gatekeeper. That seems to be exactly what you're asking for.

Originally Posted by Spheric Harlot


Besson: I agree. Maybe they should copy Gatekeeper. That seems to be exactly what you're asking for.

No, not at all, but thanks for the snide remark.

I'm talking about app store eligibility, the warnings that I was referring to would be in app-store prior to purchase, not running from within OS X, and the certification likewise indicated within the store somewhere.

You can't protect users from everything, but you can minimize security issues with proper, non-intrusive warnings. Those that want apps that aren't in the app store will get them the old fashioned way anyway, so what I'm proposing seems like an improvement to all of this.

Without sounding too cynical, does anyone else find it interesting that Kaspersky seems to be the main anti-virus/anti-malware vendor finding all these Mac problems? Are they all coming from that part of the world Kaspersky calls home so they know about them before everyone else does? I'll stop there.

Originally Posted by besson3c

[QUOTE name="Spheric Harlot" url="/t/491570/cross-platform-crisis-malware-hits-windows-os-x-vmware#post_4185694"]
Besson: I agree. Maybe they should copy Gatekeeper. That seems to be exactly what you're asking for.

No, not at all, but thanks for the snide remark.[/quote]

Sorry. :)

Originally Posted by besson3c

I'm talking about app store eligibility, the warnings that I was referring to would be in app-store prior to purchase, not running from within OS X, and the certification likewise indicated within the store somewhere.

You can't protect users from everything, but you can minimize security issues with proper, non-intrusive warnings. Those that want apps that aren't in the app store will get them the old fashioned way anyway, so what I'm proposing seems like an improvement to all of this.

Apps distributed via the App Store are already vetted and checked.

Apps that aren't distributed via the App Store require a personally accountable vendor by default (since an ID for code signing requires legitimate registration with Apple).

What scenarios would additional warnings prior to purchasing apply to?

I'm not grokking your point, I'm afraid.

Originally Posted by Spheric Harlot



Sorry. :)
Apps distributed via the App Store are already vetted and checked.
Apps that aren't distributed via the App Store require a personally accountable vendor by default (since an ID for code signing requires legitimate registration with Apple).
What scenarios would additional warnings prior to purchasing apply to?
I'm not grokking your point, I'm afraid.

Apps that aren't distributed by the app store require an ID for code signing for Gatekeeper, right? What is the eligibility here? Will Apple sign code that installs and starts kernel modules?

Originally Posted by besson3c

Apps that aren't distributed by the app store require an ID for code signing for Gatekeeper, right? What is the eligibility here? Will Apple sign code that installs and starts kernel modules?

The developer signs that code.

But the developer has to register with Apple to receive that ID, and is personally held responsible for any shenanigans that his software might cause.

So theoretically, a registered developer could sign malware, but it would be pretty stupid to knowingly include anything nefarious, since his identity is known and verified.

Originally Posted by Spheric Harlot



The developer signs that code.
But the developer has to register with Apple to receive that ID, and is personally held responsible for any shenanigans that his software might cause.
So theoretically, a registered developer could sign malware, but it would be pretty stupid to knowingly include anything nefarious, since his identity is known and verified.

So what would it take for Apple to accept signed apps into their store that do useful things that will not, and will likely never work sandboxed? I really like the idea of the Mac app store, but I'm afraid on the Mac side of things it is destined to limited success.

On the iOS side users are programmed to scavenge through the app store to find stuff, it is the only place they can find stuff, this whole experience has sort of an addictive quality to it, it is simple, easy, etc.

On the Mac side not only are there many apps not available through the store, but there are a ton of things that the store won't do that developers want/need: product demos, discounted upgrades, etc. The whole simplicity of "just go to the app store" is lost on the Mac side with this sort of fragmentation. New Mac users have to be told that there are many apps they won't be able to find there. Security conscious Mac users have to be told that there is risk of running apps not in the app store, even though there are many apps they'll likely want outside of the app store.

It is understandable to expect that it will take some amount of time to make apps available in the app store, but given that there is a fairly significant range of apps that will probably never make it there until Apple changes their tune, this seems like a fragmented mess to me.

So, to Zaniboy's response voting for the sandboxing approach, this is not an ideological thing, this approach is unfortunately limited.

The primary advantage of The Mac over iOS will probably always be that it is an architecture more open to different sources of software.

Users ARE warned when trying to run unsigned software; by default, it will not launch at all.

If code has been signed, the security risks are minimal IMO due to the personal accountability of the developer.

So the difference between Mac App Store and non-Mac App Store boils down to whether the software will be able to affect your system.

The lack of demos/discounted upgrades is the same situation on iOS, and is solved through free apps with in-app purchases or "lite" versions for the former, and new pricing models for the latter. Logic Pro has moved exclusively to the App Store and now costs LESS as a full version than the upgrade alone cost before. I'm willing to bet that sales have doubled, if not tripled, as a result.

Also, you vastly overestimate the need for anything beyond the App Store’s limitations. Most users will never need to leave the fully curated sandbox. Long-term, this also means that most users will never need a Mac, of course, since iOS will grow to fill their needs.

Originally Posted by Spheric Harlot


The primary advantage of The Mac over iOS will probably always be that it is an architecture more open to different sources of software.
Users ARE warned when trying to run unsigned software; by default, it will not launch at all.
If code has been signed, the security risks are minimal IMO due to the personal accountability of the developer.
So the difference between Mac App Store and non-Mac App Store boils down to whether the software will be able to affect your system.
The lack of demos/discounted upgrades is the same situation on iOS, and is solved through free apps with in-app purchases or "lite" versions for the former, and new pricing models for the latter. Logic Pro has moved exclusively to the App Store and now costs LESS as a full version than the upgrade alone cost before. I'm willing to bet that sales have doubled, if not tripled, as a result.
Also, you vastly overestimate the need for anything beyond the App Store’s limitations. Most users will never need to leave the fully curated sandbox. Long-term, this also means that most users will never need a Mac, of course, since iOS will grow to fill their needs.

What about Notification Center support, isn't the sandboxing approach required for that?

For discounts and promotions and stuff, handling them with in-app purchases, can these purchases purchase some sort of hidden Mac App store app or something so that users can get upgrades from that point onwards via the app store?

I'm not sure if I vastly overestimate the limitations or not, but I'm starting to compile a mental list of apps that will never make the app store for technical reasons:

- anything that requires a kernel module, e.g. all VM hypervisors
- possibly a number of VPN clients
- anything that provides integrations with other apps
- anything that uses external dependencies

these applicable titles might be insignificant enough in the grand scheme for Apple to not bother, but why would you say that Mac App Store adoption hasn't been through the roof?

Do you have numbers?

Originally Posted by Spheric Harlot



Do you have numbers?

I doubt Apple would release anything, but how many of your apps are not in the store? Most of the apps in my dock right now aren't:

- iTerm
- Chrome
- Firefox
- Adium
- Postbox
- a VPN connect app
- Github
- Virtualbox
- XQuartz (made by Apple)
- Microsoft Remote Desktop
- Spotify
- Photoshop
- Microsoft Excel
- Microsoft Word
- Textmate
- VLC
- Skype


To the best of my knowledge, adoption rates are relatively low.

App Store adoption rates will increase with each iteration of the operating system. Smaller developers do not desire to have to implement their own portals to distribute their wares. The next generation of software will be developed by smaller developers. The apps will begin to grow within the store until it is the "normal" place to buy apps.

The MacOS needs to be implemented for novice to advanced users. Therefore, novice users need to feel safe using the Mac without the fear of downloading a trojan. Advanced users will always be able to download apps which need to be installed from 3rd party sites. Sandboxing feasibility (or not), the model with the most security is for all apps to be downloaded from the App Store or from certified 3rd parties using certificates.

Originally Posted by Zanziboy


App Store adoption rates will increase with each iteration of the operating system. Smaller developers do not desire to have to implement their own portals to distribute their wares. The next generation of software will be developed by smaller developers. The apps will begin to grow within the store until it is the "normal" place to buy apps.
The MacOS needs to be implemented for novice to advanced users. Therefore, novice users need to feel safe using the Mac without the fear of downloading a trojan. Advanced users will always be able to download apps which need to be installed from 3rd party sites. Sandboxing feasibility (or not), the model with the most security is for all apps to be downloaded from the App Store or from certified 3rd parties using certificates.

I agree, but I also think that its success and training users to understand that stuff they download through the app store is safe depends on its adoption, and if there are apps that will never ever make the app store due to what they are designed to do, this might be somewhat of a bottleneck, no?

I'm also not sure about your statement about the next generation of software being developed by smaller developers. I think this is true for where there are opportunities and niches to be filled, but unfortunately I don't see Microsoft Office going away as long as what it does is useful to people. MS Office would be a fairly significant piece to add to the app store (as well as Adobe CS).