As macOS and iOS keep getting closer in terms of functionality (including low-level fundamentals and a shared software platform), I hear a lot of fear from Mac users who are concerned that the Mac is in danger of becoming a locked-down platform that will lose a lot of the capabilities that advanced users have come to expect from their devices.

The security philosophy Apple has nurtured over the past decade as it has built iOS is one that’s based on strictly limiting what third-party software can do, in turn limiting what users are able to do. But I’m optimistic that Apple isn’t planning on barring Mac power users from some of the best things about using a Mac, and there are many ways Apple can create a fundamentally more secure platform without destroying its appeal.

Trust but verify

Despite the fear that the introduction of the Mac App Store meant that Apple would eventually limit the Mac software market to App Store apps only, that has never happened. In part, this is because a huge array of important Mac apps have not qualified for inclusion in the Mac App Store, something Apple seems now to be dedicated to rectifying.

But Apple has also spent the last few years finding alternate paths to offer software security outside of the Mac App Store—an approach that I doubt the company would bother with if it was planning on dropping the hammer and killing all non-App Store apps.

macos gatekeeper Apple

Gatekeeper in macOS (System Preferences > Security & Privacy > General) allows you to determine what apps can run based on the software’s origin.

With the introduction of Gatekeeper, Apple began differentiating between Mac App Store apps, apps that had been created by known Apple developers outside the App Stores, and apps with unknown provenance. Macs can be set to refuse to launch non-App Store software, or they can run pretty much anything—it’s the call of the administrator of that device.

ALSO READ  Razer Announces 2019 Blade Stealth

Last summer, Apple introduced a new concept for Mac software distribution outside the Mac App Store, something called “notarization.” Just as the older approach allows Apple to recognize registered developers—and turn off their accounts if they’re creating malware—this new approach requires developers to pass their apps through an automated process at Apple. Apple gets the ability to flag any problems it sees, and retains the ability to shut off individual apps from a developer, rather than the entire output of an account.

Yes, it’s possible that Apple could use this approach to ban most third-party apps outside of the App Store, but I don’t think that’s the intent. Instead, I think this is yet another example of how Apple wants to gain some of the benefits of App Store-style security without forcing every piece of Mac software through the Mac App Store.

Turn on developer mode

The beauty of all of Apple’s software security features on the Mac thus far is that you can turn them off. We’ve not yet reached the point where legitimate third-party Mac software is entirely unable to reach an audience, and I hope we never do.



Please enter your comment!
Please enter your name here