hmmm... I keep trying to go on and register so I can get my stuff a cert... but it appears they still only let paid membership developers actually do this... meaning if you don't pay apple, you dont get a cert. I read earlier they would let anyone get a cert even if you don't pay Apple, but so far... i don't see a way to.
hmmm... I keep trying to go on and register so I can get my stuff a cert... but it appears they still only let paid membership developers actually do this... meaning if you don't pay apple, you dont get a cert. I read earlier they would let anyone get a cert even if you don't pay Apple, but so far... i don't see a way to.
That's because Mountain Lion is still in Developer Preview, which does require a paid account to get the software and developer tools for it. Once Mountain Lion is public, anyone registered as an Apple developer (paid or unpaid) will be able to register for your Developer ID, you just don't have the ability to sign up for it before the launch date.
Apple is pushing Mac Developer Program members to apply for their free-of-charge Developer IDs so that their respective software offerings will be ready when Gatekeeper launches with Mountain Lion this summer. Monday's email is the second such invitation to developers, the first being issued in February.
Quote:
Originally Posted by hittrj01
That's because Mountain Lion is still in Developer Preview, which does require a paid account to get the software and developer tools for it. Once Mountain Lion is public, anyone registered as an Apple developer (paid or unpaid) will be able to register for your Developer ID, you just don't have the ability to sign up for it before the launch date.
The article seems to imply otherwise... since its not free of charge since you cannot get it without a paid account if what you say is true.
of course the article also implies Gatekeeper could have prevented Flashback, when it couldn't have done a thing about it.
GateKeeper does not mean your computer will only run signed apps, it means you can only install signed apps.
This was a clever distinction by Apple I think, because it prevents malware getting on there, without instantly breaking half the stuff you already have installed when you upgrade to Mountain Lion.
It is not the only new security feature in Mountain Lion. A lot more OS apps are sandboxed, or have the malware-vulnerable parts broken off and running in separate processes called XPC services. Looking at the ads for Mountain Lion you would think it's all about a few apps ported from iOS, but I wonder if security is really the main feature, Apple just aren't hyping it.
The article seems to imply otherwise... since its not free of charge since you cannot get it without a paid account if what you say is true.
I got the email in the OP about getting your apps signed, I should point out that I just have the free account and don't have any any access to pre-release software. Of course it is possible that they are sending this out to all developers paid or otherwise but it only applies to paid members.
He was most likely referring to users running non signed apps under gatekeeper after an upgrade (pre-gatekeeper). My understanding is that everything you have before gets grandfathered in.
My take is that Gatekeeper has nothing to do with running programs already on your Mac. Just those you want to INSTALL. The article states that level 3 of Gatekeeper allows you to install anything you want signed or not. Just like you do now.
While not a full-fledged anti-virus program, it is hoped that Gatekeeper will help thwart future malicious software like the recent Flashback trojan which harvested user IDs, passwords and other sensitive information from over 600,000 Macs worldwide.
Pardon my ignorance but how a security system that controls only which applications are being installed on the Mac, would be able to prevent the Flashback, or similar, infection? I just don't see how is this possible.
Pardon my ignorance but how a security system that controls only which applications are being installed on the Mac, would be able to prevent the Flashback, or similar, infection? I just don't see how is this possible.
So you believe that malware developers will get their DeveloperIDs and distribute their products via the Mac App Store?
So you believe that malware developers will get their DeveloperIDs and distribute their products via the Mac App Store?
The Flashback infection relies on a Java vulnerability and has nothing to do with the installation of applications. You visit a web site and you get infected without any warning and without installing anything, simply because there is a hole in Java that will let remote instructions to pass through it without requiring admin rights. I don't see the connection with what Gatekeeper is designed to do; at least with what is made known so far to non-developers.
Comments
hmmm... I keep trying to go on and register so I can get my stuff a cert... but it appears they still only let paid membership developers actually do this... meaning if you don't pay apple, you dont get a cert. I read earlier they would let anyone get a cert even if you don't pay Apple, but so far... i don't see a way to.
Quote:
Originally Posted by doh123
hmmm... I keep trying to go on and register so I can get my stuff a cert... but it appears they still only let paid membership developers actually do this... meaning if you don't pay apple, you dont get a cert. I read earlier they would let anyone get a cert even if you don't pay Apple, but so far... i don't see a way to.
That's because Mountain Lion is still in Developer Preview, which does require a paid account to get the software and developer tools for it. Once Mountain Lion is public, anyone registered as an Apple developer (paid or unpaid) will be able to register for your Developer ID, you just don't have the ability to sign up for it before the launch date.
Quote:
Originally Posted by AppleInsider
Apple is pushing Mac Developer Program members to apply for their free-of-charge Developer IDs so that their respective software offerings will be ready when Gatekeeper launches with Mountain Lion this summer. Monday's email is the second such invitation to developers, the first being issued in February.
Quote:
Originally Posted by hittrj01
That's because Mountain Lion is still in Developer Preview, which does require a paid account to get the software and developer tools for it. Once Mountain Lion is public, anyone registered as an Apple developer (paid or unpaid) will be able to register for your Developer ID, you just don't have the ability to sign up for it before the launch date.
The article seems to imply otherwise... since its not free of charge since you cannot get it without a paid account if what you say is true.
of course the article also implies Gatekeeper could have prevented Flashback, when it couldn't have done a thing about it.
GateKeeper does not mean your computer will only run signed apps, it means you can only install signed apps.
This was a clever distinction by Apple I think, because it prevents malware getting on there, without instantly breaking half the stuff you already have installed when you upgrade to Mountain Lion.
It is not the only new security feature in Mountain Lion. A lot more OS apps are sandboxed, or have the malware-vulnerable parts broken off and running in separate processes called XPC services. Looking at the ads for Mountain Lion you would think it's all about a few apps ported from iOS, but I wonder if security is really the main feature, Apple just aren't hyping it.
Quote:
Originally Posted by doh123
The article seems to imply otherwise... since its not free of charge since you cannot get it without a paid account if what you say is true.
I got the email in the OP about getting your apps signed, I should point out that I just have the free account and don't have any any access to pre-release software. Of course it is possible that they are sending this out to all developers paid or otherwise but it only applies to paid members.
Quote:
Originally Posted by diddy
He was most likely referring to users running non signed apps under gatekeeper after an upgrade (pre-gatekeeper). My understanding is that everything you have before gets grandfathered in.
My take is that Gatekeeper has nothing to do with running programs already on your Mac. Just those you want to INSTALL. The article states that level 3 of Gatekeeper allows you to install anything you want signed or not. Just like you do now.
Quote:
Originally Posted by AppleInsider
While not a full-fledged anti-virus program, it is hoped that Gatekeeper will help thwart future malicious software like the recent Flashback trojan which harvested user IDs, passwords and other sensitive information from over 600,000 Macs worldwide.
Pardon my ignorance but how a security system that controls only which applications are being installed on the Mac, would be able to prevent the Flashback, or similar, infection? I just don't see how is this possible.
Quote:
Originally Posted by PB
Pardon my ignorance but how a security system that controls only which applications are being installed on the Mac, would be able to prevent the Flashback, or similar, infection? I just don't see how is this possible.
So you believe that malware developers will get their DeveloperIDs and distribute their products via the Mac App Store?
Quote:
Originally Posted by Mr. Me
So you believe that malware developers will get their DeveloperIDs and distribute their products via the Mac App Store?
The Flashback infection relies on a Java vulnerability and has nothing to do with the installation of applications. You visit a web site and you get infected without any warning and without installing anything, simply because there is a hole in Java that will let remote instructions to pass through it without requiring admin rights. I don't see the connection with what Gatekeeper is designed to do; at least with what is made known so far to non-developers.