Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Mountain Lion's Gatekeeper to bring optional app restrictions to OS X

Last updated

The new behind-the-scenes Gatekeeper security feature in the upcoming release of Mac OS X 10.8 Mountain Lion is one of the most anticipated additions to the operating system upgrade Apple unveiled on Thursday because it provides users with additional security options for installing and running third-party applications.

Apple announced early Thursday plans to release a major update to its desktop OS annual, with the first of said updates set to arrive this summer in the form of OS X 10.8 Mountain Lion.

Among the 100+ features that will be built into the new software, Apple has placed special focus on ensuring Mac security. The addition of Gatekeeper is one of the primary ways that plays out.

According to Apple, Gatekeeper is built to help prevent users from "unknowingly downloading and installing malicious software." Mountain Lion will allow users to select from three security options for running newly downloaded apps. The highest level of security only allows applications from the Mac App Store, not unlike Apple's restrictions for iOS devices and third-party applications on the App Store.

The default level of security will allow applications downloaded from the Mac App Store and "identified developers." Apple is instituting a new Developer ID Program that will allow developers to apply for a free-of-charge unique digital ID for signing applications. That signature will then communicate with Gatekeeper to ensure that new applications are clean and have not been tampered with.

Digital signatures will be created "by combining a secret key known only to the developer with a digital summary of the contents of the application," Apple explained on a page dedicated to new security features in Mountain Lion. The resulting signature will then be "wrapped together" in an encrypted file within the app and will be checked by Gatekeeper.

The lowest security option is to allow applications downloaded from any source to be opened. Gatekeeper will warn users if apps don't have Developer IDs associated with them. Jim Dalrymple of The Loop, who spent a week with a preview copy of OS X Mountain Lion, reported that applications triggered by Gatekeeper can still be manually installed or opened by Control-clicking an app and choosing Open.

Gatekeeper

Daring Fireball's John Gruber called Gatekeeper his favorite feature in Mountain Lion, despite the fact that it "hardly even has a visible interface." He praised the default setting as being "exactly right," noting that it is a win for both users and developers. Gruber expressed hope that the feature will one day make its way into iOS.

Dalrymple also agreed that the default setting was the "best choice" since he imagines all the apps he uses will be signed by a Developer ID. "Using this setting I can download apps from a developer’s Web site and install it without any issues, but still be safe," he said.

Gatekeeper builds upon a malware detection and removal feature that was built into Mac OS X Snow Leopard. Last year, Apple updated the security feature to detect the MAC Defender malware that pretended to be anti-virus software in hopes of tricking users into providing payment information.

Though the number of malicious applications on the Mac OS X platform still pales in comparison to its long-time rival Windows, the rising sales of the Mac have begun to negate the argument that its small market share would keep it safe from threats. According to one analysis from last month, Mac OS faced 58 malicious software threats during the last three quarters of 2011.



47 Comments

tallest skil 43086 comments · 14 Years

DOOM. BEGINNING OF THE END. WALLED GARDEN. NO APPLICATIONS FROM THIRD PARTIES ALLOWED AT ALL IN 10.9. APPLE IS KILLING DEVELOPERS.

What else, what else? what haven't I covered?

pedromartins 1326 comments · 13 Years

Quote:
Originally Posted by Tallest Skil

DOOM. BEGINNING OF THE END. WALLED GARDEN. NO APPLICATIONS FROM THIRD PARTIES ALLOWED AT ALL IN 10.9. APPLE IS KILLING DEVELOPERS.

What else, what else? what haven't I covered?

android is the future of desktop OS, apple better start using it like they did with windows.
can you imagine how snappier safari will be in mountain lion?

is this good enough?

BTW, what is happening to the stock?

thataveragejoe 832 comments · 13 Years

Quote:
Originally Posted by pedromartins BTW, what is happening to the stock?

Big money trading on technical charts. Pump and dump. Profit taking on it crossing into 500 territory. Not much to see there, it'll bounce back. Welcome to Wall St.

applegreen 421 comments · 15 Years

Quote:
Originally Posted by pedromartins BTW, what is happening to the stock?

Chance to buy more. $1000 in 2 years when every electronic device in your home and pocket is an Apple.

magic_al 325 comments · 21 Years

Quote:
Originally Posted by Tallest Skil

DOOM. BEGINNING OF THE END. WALLED GARDEN. NO APPLICATIONS FROM THIRD PARTIES ALLOWED AT ALL IN 10.9. APPLE IS KILLING DEVELOPERS.

What else, what else? what haven't I covered?

Users get a scary message that their Mac is less secure if they change the default gatekeeper setting, making anything outside the walled garden seem illegitimate or questionable at least.