OS X Mountain Lion and Gatekeeper :: The Future of the Internet

OS X Mountain Lion and Gatekeeper

February 17th, 2012 | by jz | Published in Future of the Internet | 4 Comments

This week, Apple announced that it was moving to a new, faster OS X operating system development cycle, starting with the release of Mountain Lion next summer. It previewed a number of features for the OS, and released some parts in beta.

Mountain Lion is slated to include a feature called Gatekeeper as part of the security and privacy settings. Gatekeeper allows administrators (those with full privileges on a Mac) to limit the applications that can run on the Mac. They can choose among allowing apps downloaded from the Mac App Store only, or apps from outside the Store so long as they are digitally signed to Apple’s satisfaction by their developers, or apps from anywhere. (The latter has been the way both Mac and Windows PCs have worked, for better or worse, since the introduction of the Apple II in 1977.)

We here at Future of the Internet will refrain from saying “I told you so” about the prospect of Macs only running applications from the Mac App Store. Instead, we will note that there are benefits for enterprise Mac fleet managers to limit apps to the App Store only. Most users on others’ (such as employers’) machines may not even miss the ability to “sideload” — there are plenty of Solitaire apps in the Mac App Store. Moreover, users who have administrative permission have the option to override Gatekeeper at any time by Control-clicking and affirming their intention to go “off roading.” MacWorld has more information about the way Gatekeeper interacts with the existing security measures.

The second option, allowing applications from both the App Store and signed developers, is where the meat of this story is. John Gruber of Daring Fireball, reporting on a private product briefing, stated that developers will now be able to get free-of-charge developer IDs to sign code with. If true, this is a great step forward for continued generativity on the platform. (So far the Apple Developer website has no mention of free options for signing code.) Signed code produced outside the App Store is excellent. It eliminates the concerns about App Store-pushed sandboxing (as expressed here) by allowing developers who write un-sandboxable programs to sign their code anyway, for verification purposes. It also means that developers who either don’t want to hand 30% of their revenue over to Apple (as a cost of entry to the App Store) or who want to produce applications with non-Apple approved content (like a comic by a Pulitzer Prize winner) can still signal to users that their work isn’t malware.

Will this help users make decisions about what kind of programs to install? The more that legitimate developers join the Developer ID program and start signing code, the more effective Gatekeeper will be at deterring users from installing malware. But if developers don’t sign up, it’s easy to see how Gatekeeper could turn into yet another click-through approval box, where users see so many warnings that they instantly click okay.

Gatekeeper in its current blueprint isn’t the end of Mac generativity. The middle ground of allowing non-App Store signed code may represent the best of both worlds. However, one small tweak — lose that Control-click for sideloading — and OS X could fully merge with iOS, both in functionality and in security methods. And that would be the worst of both worlds. Perhaps a successful launch of Mountain Lion in its current plan can pave the way for iOS to become a little more generative. That depends more on Apple’s desired business model for the app store than on maintaining security for the mobile platform.

–KA and JZ

Responses

Feed

Konrad says:

February 17th, 2012 at 6:54 pm (#)

Thanks for this piece. In this iteration, I was pleasantly surprised to see Apple offer a good balance. It certainly makes me nervous though. What will future releases of the operating system bring?

Another concern though, is how this might become a new way to survey the security of a user’s computer. If this kind of division between applications on our computers becomes standard, it may eventually offer an easy way for technology staff at institutions to identify “risky” computers on their network.

While we have learned to live with the fact that Harvard computers, for example, cannot see eachother on the network (to prevent the spread of viruses etc.), and increasingly strong worded statements about operating firewalls in such and such a way or using virus protection software of a particular kind, they might one day decide, “It isn’t worth the hassle of allowing users with *wild* unsigned applications running on our network” – with that, what Cory Doctorow calls the “war on general purpose computation” will have taken a bold step forward.
AC says:

February 18th, 2012 at 4:11 pm (#)

However, wouldn’t Apple have the power to revoke signing keys at any moment with a “security update” effectively locking out any undesired developers?
Links vom 19.02.2012 | Ideas are bulletproof says:

February 19th, 2012 at 1:06 pm (#)

[...] The Future of the Internet: OS X Mountain Lion and Gatekeeper [...]
The Sandbox and the Playground: Changing Rules for Software and Developers :: The Future of the Internet — And How to Stop It says:

February 23rd, 2012 at 11:12 am (#)

[...] developers time to integrate new permissions from an update, it does follow the announcement of Gatekeeper, which might be a partial substitute for [...]

Blog

Dropbox Ran Afoul of Apple’s App Store Review Guidelines: So What?

Last week, a number of developers reported that Apple was rejecting iOS applications that used Dropbox, a popular cloud file storage and backup system. An initial thread on the Dropbox developers’ forum has led to a outpouring of tech news full of hyperbolic claims. However, none of this reporting has covered the real problem – Apple is now more concerned about protecting its business model than serving its users or its developers. Read more »

Help pioneer Casebook: The Next Generation

We at the H2O project are seeking a full-time Project Manager. H2O is an online platform for textbook development and distribution, currently in a pilot stage. H2O is based on the open source model – instead of locking down materials in formalized textbooks, we believe that course books can be free (as in free speech) for everyone to access and, equally important, build upon.

Using H2O, professors can freely pull together materials for a course by selecting cases, editing those cases to the sections that are most relevant, and grouping them into readings. Once the materials are assembled, they can be copied in part or in whole by other interested faculty and then edited further. H2O has been successfully piloted in JZ’s 1L Torts class, and will be rolling out further over the coming year.

H2O’s project manager will play a leading role in shepherding H2O into its next phase, which will focus on developing new materials and incorporating additional features, in order to expand the platform beyond its law school roots.

H2O is a joint project of the Berkman Center for Internet & Society and the Harvard Law School library. The Project Manager will be housed at the HLS Library and work in close collaboration with lead members of the Library Innovation Lab team; he/she will also work closely with the Berkman Center and current H2O teams. More info and job posting here.

Meme patrol: “When something online is free, you’re not the customer, you’re the product.”

I participated in the Berkman Center’s fascinating HyperPublic symposium in the summer of 2011. When moderating a panel I invoked the aphorism that “When something online is free, you’re not the customer, you’re the product.” It’s a way of encapsulating the idea that online free services usually make money by extracting lots of data from users — and then selling that data, or using it for targeted availability of those users for advertising, to advertisers. In that sense, the advertisers are the clients, and the users enjoying free content are what’s being sold. (Of course, sometimes that happens even when the user pays.)

I didn’t coin the phrase, and since it was featured (and attributed to me!) in wordsmith.org’s wildly popular “word a day” as a thought for the day accompanying the word “enceinte” — I sought to nail down its provenance.

The first use of the quote that we can find is as a comment within the famed MetaFilter community in August 2010. The user’s name is blue_beetle, who might be someone named Andrew Lewis. It’s entirely possible I saw it there, as MeFi is one of my five favorite sites on the Web.

Similar sentiments (whether drawn from that source or independently invented) have been expressed by Bruce Schneier in October 2010 and by Douglas Rushkoff in September ’11.

The phrase “you’re the product” also apparently appeared in a 1986 speech by President Reagan about the drug war.

Just say know.

–KA and JZ

GPS-based Insurance Rates: The Devil is in the (Data) Details

A British insurance company called Motaquote has teamed up with TomTom, the GPS manufacturer to offer insurance prices based on data gathered by GPS. Fair Pay Insurance, Motaquote’s new program, is an opt-in insurance pricing scheme where drivers will get a free GPS unit in return for potentially lower (but possibly higher) premiums. The GPS unit will provide all the traditional navigational services as well as warn drivers when they corner too sharply or brake too hard. Read more »

Controlling Cyberspace

This semester, we’re starting an exciting new class, aimed not at lawyers, but undergraduate CS students here at Harvard. It’s called CS42: Controlling Cyberspace – and we’re sharing the syllabus online. Anything big we’re missing? Read more »

About Jonathan Zittrain

Jonathan Zittrain is Professor of Law at Harvard Law School and co-founder of the Berkman Center for Internet and Society at Harvard Law School

Tweets from Z

An error has occurred; the feed is probably down. Try again later.