6 Replies
      Latest reply on Jan 16, 2020 11:01 AM by galad87
      Sosukodo Level 1 Level 1 (0 points)

        Hi,

         

        Apple recently sent me an email declaring that notarizing applications for distribution outside of the App Store will be mandatory in the future.

         

        I don't want to start a flame war but I do have a problem with such a rigid policy as both a developer and an end-user. My problem isn't so much the idea of notarization itself. It's the fact that the end user won't have the freedom to enable or disable it.

         

        When Gatekeeper was first introduced, you were given 3 choices: Run only App Store software, Run only signed software and Run any software. 10.13 restricted to just App Store software and signed software. Now, Apple will be restricting customer choice even further by not allowing any un-notarized software to run. Doesn't anybody see a problem with this?

         

        If one can see the future from looking into the past, App Store will be the only choice left in some future version of macOS. Unfortunately, if that happens, I won't have any choice but to abandon my Mac computers.

         

        Here are my main concerns:

         

        1. I use some legacy software that will not be notarized in the future.

        2. I use a LOT of open-source software that may not pass the notarization process.

        3. What happens when the software I develop *isn't* malware but does not pass the notarization process?

         

        4. What if any of the other software packages that I use aren't malware, but Apple deems them so? Mistakes happen - Anybody who distributes Windows software can attest to the frustration felt when your customer's antivirus throws a false-positive with your program.

         

        What recourse do I have in any of these situations? Because if non-notarized software won't run and I can't turn this "feature" off, what does one do?

         

        I hope that my concerns are not construed as argumentative. I'm just worried about Apple's policies potentially destroying what has, so far, been a great experience for me.

         

        Thanks

        • Re: Implications of Mandatory Notarization
          john daniel Level 4 Level 4 (530 points)

          Apple hasn't said when this new policy will be implemented. Perhaps we'll all be long gone for other reasons before that happens.

           

          Apple's isn't necessarily restricting choices further. And Apple hasn't said how future Gatekeeper user controls will be implemented. What they are doing is deprecating Developer ID. A Developer ID without a valid notarization ticket will be considered unsigned - kind of. It sounds like just revoking a certificate wasn't good enough. They added notarization for a real-time check.

           

          It seems obvious that an iOS-style experience is the end game.

           

          However, I don't think your concerns are necessarily valid concerns. As far as I can tell, you will still be able to run unsigned software as today. You just have to authorize it at install time. That will cover 1,2, and 3. Now if you distribute software for "the masses" then you should probably use Developer ID and you should do whatever becomes necessarily to keep your ticket valid. But for any other use, it should be the same as it is now. People who currently distribute unsigned files, like homebrew, should be unaffected. If it is working for those folks as it is, it shouldn't change.

           

          4) is more interesting. Here, I think Apple is doing developers a big favour. Currently, the "gold standard" for putting a malware label on your software is Virus Total. Anyone who pays their way in can call themselves an antivirus app and start calling you a malware developer. When I first added adware checking to my app circa 2014, I left the string "Genieo" in my executable. That was enough for a number of household name AV apps to call my app adware. I fixed it in literally about two hours, but now I have this "adware" reference in Virus Total. I even have a couple of self-deputized Inspector Javerts following me around on the internet saying I write malware. Virus Total refuses remove that reference and refuses remove blatantly libellous comments on their site. And to add insult to injury, they seem pretty clueless about how the Mac works. I would much prefer to have Apple be the gold standard for such things than Virus Total.

           

          However, you should make sure to read the update to the Apple Developer Terms and Conditions. It looks like we are pretty restricted on what we, as developers, can say about Apple's notarization process. Essentially, we can and should use it, but be can't say that Apple has declared it safe or malware-free or anything. But that's OK. End users don't know the difference. They think Apple is doing all kinds of security and safety checks for Mac App Store apps. Notarize your app and let people believe what they will inevitably believe. It isn't our job to explain how easy it would be to get malware past Apple.

          • Re: Implications of Mandatory Notarization
            haikeeba Apple Staff Apple Staff (10 points)

            We encourage developers to upload all the macOS software they distribute, including versions previously released. This helps users of older versions of your software and helps us improve as well.

             

            Today, end users can override Gatekeeper in order to run whatever macOS software they want. Notarization does not prevent this.

              • Re: Implications of Mandatory Notarization
                manjinders Level 1 Level 1 (0 points)

                As per understanding, shortly notarization process will be mandatory to run MacOS software. This query is regarding the MacOS software which are presently running on MacOSX 10.12.

                Queries : -

                1) Is notarization mandatory to run the applications on MacOSX 10.12 version?

                2) There is another query regarding the EOL of MacOS versions? Do Apple provides any official statement on EOL of their specific versions? Wikipedia mentions 29,November 2019 as EOL for MacOSx 10.12, but not able to figure out any official statement from Apple on it.

                  • Re: Implications of Mandatory Notarization
                    galad87 Level 2 Level 2 (30 points)

                    1) No it's not. Only 10.14 and later (anyway, you can still run unsigned and unnotarize apps too, either by right click -> open in Finder or by allowing it in the Security prefs panel)

                    2) Apple doesn't provide a official public statement on EOL. But yes, 10.12 is EOL, the latest security updates are not released for 10.12.