OS X Mountain Lion is going to be the topic of much conversation over the next few weeks, but while much will center on its iOS-style evolution, it’s Apple Gatekeeper that’s arguably the biggest deal. Apple’s attempt to challenge malware with a digital signing system for apps distributed outside of the Mac App Store, Gatekeeper introduces Developer ID, a certification program that, while ostensibly optional for OS X coders, is nonetheless something most will find impossible to resist.
Traditionally, OS X has been considered free from the dangers of malware and viruses. The platform was initially said to have too small a footprint in comparison to Windows to make it a reasonable target for those with nefarious purposes, and as its user-base grows it’s Apple’s existing security features that have minimized the risk.
Greater attention brings developers both good and bad to a platform, however, hence Gatekeeper and Developer ID. While apps distributed through the Mac App Store are checked over by Apple’s team before they’re released, users are still free to download anything they choose via their browser. Developer ID takes on malware using that route, however, with each developer getting their own unique identifier. Mountain Lion can check that ID with Apple’s database, automatically preventing apps it knows to be reported malware from installing, or blocking those from developers with a history of creating other malware titles.
For those creating OS X software, Apple says, enrolling in Developer ID is simple: membership is included in the Mac Developer Program, and signing an app with your ID is the matter of a few clicks. Still, even if Apple has made it straightforward, why would you go to the extra effort if you’re a developer? The answer is in Mountain Lion’s default settings. Install the new OS – or turn on your new Mountain Lion Mac – and it’s automatically set to only allow Mac App Store and Developer ID signed titles to install.
Unlike on iOS, Apple isn’t stopping Mac users from downloading software from outside of its official store. You won’t need to “jailbreak” your MacBook if the software you want hasn’t been released through the Mac App Store. But, there’s a fair chance that most users will leave the setting at its default (or indeed even shift it up a notch, to only permit titles from the Store), which means there’s a potential huge audience that will face an extra headache trying to install your non-signed app.
Apple has made it possible to bypass Gatekeeper on an app-by-app basis, but make no mistake: preventing malware is only part of Apple’s intent here. Developer ID is another push to encircle Mac coders in a loving Apple embrace and, if you’re not playing exactly by the company’s rules, your accreditation could easily be pulled.
Still, perhaps that’s the paranoia version of Gatekeeper, though developers are already envisaging a time when that third, install-anything option disappears. For now, it’s a welcome boost to OS X security and an honest recognition that malware is increasingly becoming an issue, yes, even for Macs.
For more on Apple OS X Mountain Lion, check out the full SlashGear preview.