back to article Security biz scoffs at Apple's anti-Trojan Gatekeeper

Security watchers are expressing reservations about whitelisting security that Apple plans to integrate with OS X Mountain Lion this summer. The security feature, dubbed Gatekeeper, restricts the installation of downloaded applications based on their source. Users can choose to accept apps from anywhere (as now) but by default …

COMMENTS

This topic is closed for new posts.
  1. Joe 48

    Looks more like Apple locking people into the app store to me

    Yet again Apple try and stop users getting their own software.

    In context. MS get forced to show other browsers are available instead of IE which is built in. Yet no such change for apple/safari and when they lock the systems down more to only allowing signed or app store applications, the more they corner the market. One rule for everyone and a 'special' rule for Apple.

    1. Aaron Em

      Big corner, tiny market

      Whereas a big chunk of the world runs on Microsoft products, and has done for years -- you know, stuff like governments, companies big enough to matter, and like that.

      Apple can lock its platform down so tight that you can't install anything, Apple-blessed or otherwise, without getting Steve Jobs (RIP) to personally sign on the line -- and, excepting coffee-shop denizens and colored-pencil pushers, who's it going to hurt, really? (The three or four old bearded hackers who use Macbooks don't count; they can run what they damn well please, not least because if it doesn't behave how they like then they'll just gut it down to the kernel and rebuild it to suit them anyway.)

    2. sisk

      Re: Looks more like Apple locking people into the app store to me

      Microsoft was forced to offer other web browsers because they had a monopoly that was damaging the market. While that case could be made with Apple's lock in to the app store no one has done so yet. Besides Apple doesn't come close to the dominance of Microsoft in the desktop/laptop market in any of their markets, not even the tablet market.

      Furthermore, Microsoft was opposed by the likes of Google and Mozilla, which could affford lawyers on par with the MS legal team, in that case. The only people likely to challenge the walled garden are independant developers and jailbreakers. These people have neither the political pull nor the resources to hire good legal teams that the big corporations have.

      It'd be nice if Apple users were allowed to easily tear down the walls of the garden should they choose, but I don't see it ever happening.

    3. This post has been deleted by its author

    4. Anonymous Coward
      Anonymous Coward

      Re: Looks more like Apple locking people into the app store to me

      It actually seems like common sense, the weakest link to malware of any kind in the human being.

      You can have the best security, AntiVirus, anti malware program on you pc but klick on or drive by the wrong page and you get stuffed. Hence none of my parents, and in laws have administrator privileges any more, I was fed up having to sort their computers out. No problems for a year now.

      The new Apple system will be great for those sorts of people, OAP's, the illiterate, fanbois, the computer know it alls, the socially disfunctional etc.. it will keep them out of trouble.

      Until they find the overide, can that be hidden too?

    5. Seanie Ryan
      Pirate

      Re: Looks more like Apple locking people into the app store to me

      what a nonsense article.

      There is NOTHING here to lock you down, just a select box to allow the user to pick a setting. BIG NEWS!!

      OS X will never be locked down like iOS.

      And if you want to talk about locked down, how come no-one ever said windows was locked down because it only allows me install windows apps. I want it to run my mac & *nix apps and it wont. Bloody M$ and their walled garden ! what a load of Crap.

      interesting that the companies who say this is bad are the ones who stand to lose financially.

      stop talking crap guys. Its only a setting that can be easily changed. I know I would set it to App store only on my kids / idiot families Macs so I have one level of worry less with them.

      1. Ben Tasker

        Re: Re: Looks more like Apple locking people into the app store to me

        I agreed with you right up until

        And if you want to talk about locked down, how come no-one ever said windows was locked down because it only allows me install windows apps. I want it to run my mac & *nix apps and it wont.

        and from then on your comment was tainted by the outright idiocy in the above. What Apple are (accused of) trying to do is to implement a system that ensures that software written for the Mac won't run unless they've approved it. I don't think this is actually the case (defending Apple? I'll get myself checked out by the Doc tomorrow!) but it's very different to 'My Mac App won't run on Windows"

        And unless things have changed dramatically, I suspect you'd also have problems running your Windows Apps on Macs without a bit of software in between.

        The thing that makes me laugh is the observations of the security guy - You can still run files from disk, network shares etc. To me it reads as if Apple are trying to protect the idiots from themselves whilst minimising the hassle for other use. Yet to see scareware served over the LAN but YMMV

        1. Seanie Ryan
          Childcatcher

          Re: Re: Re: Looks more like Apple locking people into the app store to me

          Hi Ben

          I have to admit a bit of tongue in cheek with that part of my post. Just highlighting how completely ridiculous people get with their arguements for/against certain things.

          I happen to like the 'walled garden' idea on my phone. I have yet to think of an App that i couldnt find in the App Store that i 'really' need and i consider myself a power user.

          I am happy that i am quite safe though.

          Its all fine getting a virus on your computer and it spewing out spam. Cost = zero (and yes i know,it can be more if it gets access to password etc, but for this example i am just identifying one issue)

          But on my phone, if i get something that , the texts/calls to premium can cost me.

          So a phone should be more guarded.

          and anyone who hates the walled garden, then answer is simple... just find a different phone, no big deal :)

          1. Vic

            Re: Re: Re: Re: Looks more like Apple locking people into the app store to me

            > Its all fine getting a virus on your computer and it spewing out spam.

            No it bloody isn't.

            Vic.

        2. Giles Jones Gold badge

          Re: Re: Re: Looks more like Apple locking people into the app store to me

          It's not about preventing apps that aren't signed, it just alerts and warns you about those that aren't.

          Windows Vista, 7 and Server 2008 do this. You can switch off such warnings.

          Wasn't Microsoft going to prevent the loading device drivers they hadn't approved also? it's more or less the same thing. It's about trust and stability.

      2. Vic
        Joke

        Re: Re: Looks more like Apple locking people into the app store to me

        > I want it to run my mac & *nix apps and it wont.

        Not discovered cygwin yet, then?

        Vic.

    6. Franklin
      FAIL

      Re: Looks more like Apple locking people into the app store to me

      Um...you do realize that developers can codesign their own apps, right? And that code signing is free? And doesn't require going through the Mac App Store? And that it takes about a minute to do?

      It's really not that big a deal, and I say this as a Mac app developer whose apps can not be sold through the MAS. Signing an app allows it to be run from any source without triggering Gatekeeper.

  2. jai

    triggering a prompt

    sounds like Wisniewski is very much a fan of Windows prompts "i see you've moved the mouse, are you sure you want to do that?" and the like.

    This isn't so much about Apple stopping trojans from entering your mac, you still need to be careful about that.

    But this is about Apple stopping virus writers from using Apple's tools to write and distribute their malware. It gives Apple a killswitch to deactivate any developer who suddenly goes rogue.

    Then again, the worry is that the developer id code becomes compromised and suddenly legit apps are being killed because some hacker reverse engineers Adobe's id code.

  3. Anonymous Coward
    Anonymous Coward

    He?

    Welcome to your new world...

  4. Anonymous Coward
    Anonymous Coward

    Security biz scoffs at Apple's anti-Trojan Gatekeeper

    Because it shows how useless their useless software is.

    'Waahhh! But we wanna scare punters into buying our useless crap"

    1. Anonymous Coward
      Anonymous Coward

      Stupid Nergatron

      You fool

      You slagged off anti virus software vendors in an anti apple thread. Ordinarily you'd be voted up, but sadly not this time.

      A whitelist is proactive, whereas a blacklist is reactive and that's all that anti virus scaremongers have got.

      Whitelists are the way forward, but if apple do it, then it's very bad indeed

  5. Cynical Observer
    Joke

    Trademarks @ Dawn

    "Computer security historians would be interested to note that 20 years ago there was an anti-virus program for Mac, also called Gatekeeper. The software, developed by independent programmer Chris Johnson, was shelved many years ago."

    Hope they've determined whether or not they need to buy the rights to use the name. Otherwise the marketing department needs to be rebranded "iShouldHaveChecked"

  6. Mondo the Magnificent
    Devil

    Protecting...

    .. the stupid from themselves.. like those gullible Mac owners who were duped into installing that "Mac Defender" Trojan last year

    Gatekeeper will probably make most savvy Mac users think twice about 'upgrading' to Mountain Lion

    As for me, well I still run 10.6.8 and haven't had any Trojans jump aboard this system... and I find that there are lost of good non Apple endorsed applications out there that are quite safe.

    It seems as if Apple may be a little paranoid now that [reports of] more home users are buying Macs. How sad..

    1. Chad H.

      Re: Protecting...

      I'm quite savvy, why would a feature I can disable at any time make me think twice about upgrading...

    2. shadowphiar
      Stop

      Re: Protecting...

      "Gatekeeper will probably make most savvy Mac users think twice about 'upgrading' to Mountain Lion"

      Oh really? How do you figure that, given that a savvy Mac user can turn it off in Mountain Lion with one click of a radio button?

      Now, maybe it would make them think twice about upgrading to the one after Mountain Lion. You know, the one where everybody knows that Apple will suddenly reveal their plan all along was to lock down the Mac into a walled-garden and that all of the previous statements to the contrary made by Jobs, Cook et al were just misdirection and lies. I don't see that happening, personally, but either way the time to cross that bridge is when we get to it, or at least not before we've crossed the previous bridge with another 2 years to go.

    3. fatchap
      Facepalm

      Re: Protecting...

      How do you know you have no Trojans?

      Is that not the point of a Trojan that you don't know it is there until it is too late? Perhaps you have never connected it to a network or used any sort of disk, is the Mac still in its box?

  7. K
    Coat

    revoking third-party peripheral drivers in order to 'secure' that experience

    Device compatibility and driver availability is poor at best... so Apple, please do tighten the screws furthers on an already miserable market :)

    Ding dong, the bells are crashing.. nope, thats MacOS sounding its death bells (oh I dream of the day!)

  8. Eponymous Howard
    Alert

    People with a massive...

    ...interest in FUD spread FUD, you say?

  9. Clay Landis

    Love the "expert" commentary here

    Look, grandma is tired of viruses and the like. She wants something to email the kids and see pictures on. She doesn't care about kernel hacking and getting some home made gizmo to work. Few people care about anything under the hood. They just want it to work and catering to them, the 95%, makes far more sense. This stuff has to be as simple and dumbed down as TV or it just won't fly.

    1. Aaron Em

      Re: Love the "expert" commentary here

      You do realize no one in the Reg comments is going to be even slightly at home to this sort of excellent good sense, do you?

    2. mccp
      Thumb Up

      Re: Love the "expert" commentary here

      Completely agree - except, have you noticed how complicated TVs are becoming these days? My wife can barely change channels these days, let alone play a VHS tape.

      1. Aaron Em

        Re: Re: Love the "expert" commentary here

        Are you sure? I mean, mine claims not to be able to either, but that's just because she'd rather I be the one to get up and stuff the tape in the slot.

        1. Paul Crawford Silver badge
          Joke

          @Aaron Em

          Beavis: Hur hur, he said "stuff the tape in the slot"

      2. Muckminded
        Joke

        Re: Re: Love the "expert" commentary here

        Who the hell is developing more and more complicated VHS-based systems? Maybe she should just buy some iTape so she doesn't have to look at the TV.

      3. Richard Taylor 2
        Happy

        Re: Re: Love the "expert" commentary here

        Well after our VHS player broke many moons ago, we purchased a very good little had disk based recorder (a PACE). 6 months later (having been using it regularly) my missus did ask me how to change the tape.... The user experience was obviously so good that the transition had been seamless until....

    3. Anonymous Coward
      Thumb Up

      Re: Love the "expert" commentary here

      That is exactly why Apple are doing this, they want to help Grandma. It has nothing to do with wanting to charge OSX developers to get 'whitelisted'.

      1. Derek Currie
        Facepalm

        Re: Re: Love the "expert" commentary here

        "It has nothing to do with wanting to charge OSX developers to get 'whitelisted'."

        UNLIKE Microsoft, who managed to hose themselves by GOUGING their developers with certificate fees for 64-bit Vista. Developers ignored MS. 64-bit Vista suffered from having very few drivers. MS saw the error of their ways and stopped their fee parasitism in time for 64-bit 7ista.

        Apple developers simply set up their own digital signature, no fee. Apple only revokes their trusted status when their software is proven to be dangerous or malware. The only problem here is the delay between initial net infection and revocation.

        1. El Andy
          Facepalm

          Flaw in your logic

          So what prevents a malware author just creating lots of certificates and distributing their malware under all of them? That's the fundamental issue with "cheap" or "free" certificates, without a certificate authority that performs proper identity checks they're pretty much useless.

        2. windywoo

          Re: Re: Re: Love the "expert" commentary here

          There is a fee. To get a signature you must be a registered Apple developer which costs 99dollars a year. In Microsoft's case, a driver is in a much better position to compromise a computer than a general app. A fee for signing deters would be hackers.

    4. durbster

      Re: Love the "expert" commentary here

      Obviously it's good for granny.

      The worry is for business users if it does indeed lead to an iOS level of control freakery.

  10. Chad H.

    Well this article sure is balanced

    It shows the hysterical paranoia from both sides - its a step towards locking down everything AND it doesn't lock down enough. Geez.

  11. Steve Todd
    Stop

    Real *nix experts I see

    Completely ignoring the fact that software on USB drives, CD/DVD/BR, network shares etc. WON'T just install without being screened. All software requires raised privileges to install and will cause a prompt for an admin account and password.

    What's more code signing means that having been installed rogue software may be remotely killed by revoking it's certificate.

    1. Derek Currie

      Re: Real *nix experts I see

      "All software requires raised privileges to install..."

      There are two scenarios to consider:

      1) The 'LUSER' Factor: Computer administrators want to lock down the Macs of those most likely to click Phishing links, download and install malware, send money to Nigeria, etc. Potentially dangerous users are not given the Administrator password, are not given privileges to install ANYTHING. However, with Gatekeeper and administrator can lock the setting to only allow downloading from the Apple Mac Store, which just about guarantees safe software. That's a nice compromise.

      2) The Sloppy Administrator: We know there are plenty of Mac owners who do everything inside administrator accounts and also do dopey stuff on the Internet. We know that the iServices botnet had at one point over 10,000 botted Macs, all of which were infected by way of installing hacked Warez/Torrent versions of Mac applications, including iWork and Photoshop. These people are going to be vulnerable whether they download this malware or copy it over from external media. Obviously some of them also downloaded and installed bad copies of the Flash installer from fraudulent sources, causing the minor Flashback malware war with Apple this past year. Clearly Apple is making a good effort to help the hapless. But the only total cure for sloppiness would of course be a Real-Time anti-malware scanner, infamous for bogging down Windows boxes. That's not going to happen from Apple.

    2. KroSha
      Stop

      Re: Real *nix experts I see

      "All software requires raised privileges to install and will cause a prompt for an admin account and password."

      Not true. It depends on the type of installation. If the software is a .pkg and requires the installer, then the developer controls where it gets installed. If this is the main /Applications folder, then all is fine.

      BUT, if the installer allows for the choice of a single user install (like for a Pref Pane) or if the software is a plain drag n' drop install (like VLC), then there is *nothing* to stop a user installing it in their home folder if they wish. OK, so the software could only run with user privileges, but there still a fair amount of havoc that can still be caused.

      I'm in favour of a whitelisted model, as long as Apple are still happy to hand out certs to developers for a nominal fee, as in the $99 one currently. It'd be a real shame to have the excellent software choice for Mac, and there's some really great small devs doing excellent work, just because Apple doesn't want it to get like Windows.

  12. Anonymous Coward
    Anonymous Coward

    So does this mean..

    That Opensource software will need to go through Apples walled garden?

    1. Anonymous Coward
      Holmes

      Re: So does this mean..

      Of course not

      You can still install anything from anywhere

      Anything that runs under X11 will continue to run for example. Though you will have to install X11 separately You forget that a great deal of gear that apple uses as it's default install is open source.

      Mach Kernel, Darwin, CUPS, Webkit etc.

      Here's 200 other open source projects that apple supports

      http://www.apple.com/opensource/

      and here's a dev link

      https://developer.apple.com/opensource/

      1. Derek Currie
        Thumb Up

        Re: Re: So does this mean..

        "Here's 200 other open source projects that apple supports"

        Actually, the number is closer to 300 and growing. Apple initiated and sponsors quite a few of those open source projects. Most recently Apple donated their Apple Lossless audio format into open source.

    2. Chad H.

      Or Alternatively

      you can get your code signed, and still stay out of the mac store.

      Is making sure software is coming from where you think its coming from really such a bad thing?

  13. Nordrick Framelhammer
    Thumb Down

    I wonder how long.....

    it will be before Apple slams the roof on their walls, turning the garden into a mushroom factory, forcing their vict^H^H^H^Hcustomers to buy all the software through the Apple store, thus ensuring a guaranteed income stream from the 30% they force the sellers to fork over.

    Thak smeg that I have managed to avoid being sucked in by the shiny, thus being able to chose what I install on my computer, rather than having my choice limited by a monopolostic, avaricious company hell bent on forcing everyone to do it the way the company want.

    Freedom of choice

    is what I got

    Freedom of choice

    is what I want

    (Apologies to Devo)

    1. Derek Currie
      Windows

      Re: I wonder how long.....

      "Thak smeg that I have managed to avoid being sucked..."

      Then let's hope you don't use Windows either and live entirely on Linux or real UNIX. Otherwise, I reserve the right to ROTFLMAO at you.

      And just to freak you out: Mac OS X is certified real UNIX. I regularly run XWindows apps on it.

      1. Anonymous Coward
        Anonymous Coward

        @Derek Currie, Grammar Nazi comment

        I think they fume at "X Windows" and insist on "X Window".

      2. Nordrick Framelhammer

        Re: Re: I wonder how long.....

        Actually, Mr Smartypants, at home I use both Windows and Linux.

        I use Windows for the thing it is best at, namely gaming, and I use Linux for pretty much everything else. I just wish I had the choice to use Linux at work, but unfortunately my employer is firmly entrenched in Microsoft's inefficient bloatware.

  14. Rolf Howarth
    WTF?

    Isn't the point that Apple should be praised for allowing non-App Store apps to be signed? The alternative to Gatekeeper is that App Store apps can be installed without a warning, and *all* other apps display a "warning, this application is from an untrusted source, are you sure you want to continue?" message. How is that better?

  15. Ilgaz

    Do you know what's worse than no security?

    False sense of security.

    1. Giles Jones Gold badge

      Re: Do you know what's worse than no security?

      It's funny, because code signing and cryptography seems to work in the games console world. They have only managed to get around the protection in consoles after a lot of hard work and in the case of the PS3 they wouldn't have so easily had Sony been a bit more clever. In some cases hardware modifications were needed.

      So why should it fail so easily in the computer market?

      1. El Andy
        FAIL

        Re: Re: Do you know what's worse than no security?

        "So why should it fail so easily in the computer market?"

        Because OS X is only checking files downloaded by Safari, which means the whole "Only run apps from the App Store or Identified Developers" is nonsense, because executables from elsewhere will run regardless.

  16. Rob 44
    FAIL

    Pfft...

    "Chester Wisniewski of Sophos notes that the technology only looks at executable files downloaded via the internet. That means files from USB drives, CD/DVD/BR or even network shares "will all install and run without being screened""

    For now.

    1. Hans 1
      Holmes

      Re: Pfft...

      Finding a purpose for his anti-virus software, he is, that is all ...

      've never had antivirus software on a mac, you don't really need it ... and I worked for Symantec training staff in removing viri, amongst other things.

      Symantec software is crap - I should and do know.

  17. Anonymous Coward
    Go

    @Apple: Well Done !

    Apple does indeed have a very good record of security measures. First, they have a useful superuser concept and people normally run their machines in non-admin mode. Big difference to windows.

    Secondly, Apple has integrated Sandboxing into MacOS and will require its use by developers soon. That's much better than the situation on windows (where there exists only the third-party Sandboxie tool and vendor-specific SBs like that of Adobe and IE). It is arguably better than Ubuntu, because they do not yet mandate AppArmor profiles for their apps.

    Whitelisting developers/apps is clearly the right way to go. If Joe Developer wants to run software on other people's machines it is just fair to require their proper identification and signing of the whole package by the developer.

    The the Virus Scanner Peddlers don't like these systematic and robust security measures is easy to understand - it removes the need for Virus Scanners. Just like proper Police removes the need for the Mafia.

    Disclaimer: My relationship to Apple is limited to owning a Mac Mini for some time a couple of years ago and some email exchange regarding a different security technology with the Apple CTO. I do not own any Apple product for several years now. I hope that absolves me of fanboi accusations. My home PC is running Ubuntu for years now, and I took the time to create an AppArmir profile for firefox. So I guess I am at least a kind of entry-level expert on this subject.

  18. Anonymous Coward
    Go

    @Apple: Suggestion

    Many, if not most applications will never need true superuser rights, even during installation. So require application developers that they allow for that, except where there is no technical way around this.

    It could work like this: The subdirectory for program installation is made writable by a MacOS system component, where the installer will write to. After that has happened, MacOS will remove the write permissions of this subtree.

    Google Chrome already installs without superuser rights, so I assume 99% of other applications could do so, too.

  19. Anonymous Coward
    Go

    @Apple, Other Sandbox Developers

    In addition to requiring Sandbox profiles, each application should also specify the types of files it wants to read and write.

    For example, it makes zero sense for an audio program to open MS Office files. It does not make sense for PDF readers to read Office files, C++ source code and Mysql database files.

    But all of these programs are prone to being exploited as a way to channel hostile code into a targeted user (phishing and other malware infections). So the OS should simply allow a PDF viewer to view PDF (and maybe PS, if it can render that) and nothing more.

    That is just one instance of "type enforcement" and I feel it could improve security greatly, without even having to create a full profile.

  20. Nordrick Framelhammer

    I must admit I am a bit surprised.

    I am surprised that no-one mentioned a link between Apple's software and the name of the "software" used in that truly awful movie "The Net"

  21. Kneel

    Because there is a big difference between consoles and PCs. Sure, consoles these days are just specialised computers but then, that's the point - they don't have to deal with the myriad tasks a regular PC has to. Flexibility is the PC's greatest asset but that comes at a cost.

    Implementing the kind of lock-downs that consoles employ would drastically reduce the appeal of a PC because it is now far less flexible.

This topic is closed for new posts.