Apple amping up requirements for app notarization starting in macOS 10.14.5

Posted:
in macOS edited April 9
All new apps developed using a fresh Developer ID must be notarized to pass through Gatekeeper from macOS 10.14.5 onwards, Apple has advised, with the extra security process requirement landing ahead of an expansion to all macOS software in a future update.




Initially announced at WWDC 2018, Notarized Apps is an extension to the Developer ID program where developers submit their apps to Apple for review. While the security measure has been optional so far ahead of a later implementation, Apple has started the process of making notarization mandatory.

An update to the notarization support documentation advises "Beginning in macOS 10.14.5, all new or updated kernel extensions and all software from developers new to distributing with Developer ID must be notarized in order to run." While the process is changing to force new developers to notarize, the notice also points out everyone else developing macOS software will have to do so eventually, as "In a future version of macOS, notarization will be required by default for all software."

Notarizing an app involves sending the software to Apple's system for an automated scan of malicious content, as well as checking for code-signing issues. The process is just for apps distributed separately from the Mac App Store, which undergoes more rigorous checks before being made available.

If successful, the process generates a ticket developers can apply to their software, as well as publishing the ticket so macOS Gatekeeper, a security feature for enforcing code signing and verifying downloaded applications, can separately confirm the app.

At the time of installation or running the software for the first time, the ticket's presence in the app or online informs Gatekeeper that it has been notarized by Apple, and allows the process to install the app to continue. While effectively invisible to end users, notarization offers a level of assurance to users that the software has undergone some safety checks by Apple itself.

To developers, the notarization process adds extra steps to the development process, as well as for creating updates for apps, but does provide an audit trail for signed software, allowing unauthorized versions to be disabled. With the full-scale usage of notarization, it may help cut down the number of pirated or malware releases of legitimate apps, which in turn could help increase developer revenues.

While it will still be possible to install apps in macOS that have not gone through the notarization process, it will generally be a harder process for users to go through compared with one that uses Gatekeeper. From a usability perspective, developers certainly have an interest in using notarization.
«1

Comments

  • Reply 1 of 29
    jdwjdw Posts: 742member
    The last paragraph made be breath a sigh of relief.  "Harder process" or no, there had better be a way for us to install apps not sanctioned by Apple!
    maciekskontaktleftoverbacondysamoria
  • Reply 2 of 29
    I know this is for the security of the platform, and that it's more or less transparent to the end user. But, it feels like something else is dying in the process. I can't quite put my finger on it. 
    cornchip
  • Reply 3 of 29
    kruegdudekruegdude Posts: 340member
    jdw said:
    The last paragraph made be breath a sigh of relief.  "Harder process" or no, there had better be a way for us to install apps not sanctioned by Apple!
    Microsoft has something similar. It’s called Virus scanning software where the files and code are “sanctioned” by the various virus scan software companies, including Microsoft. 
  • Reply 4 of 29
    greg uvan said:
    I know this is for the security of the platform, and that it's more or less transparent to the end user. But, it feels like something else is dying in the process. I can't quite put my finger on it. 
    It's really ironic that the greatest threat to security is the end-user. Finding a balance between end-user choice and security is a tough one. It's what keeps the world turning.
  • Reply 5 of 29
    jdw said:
    The last paragraph made be breath a sigh of relief.  "Harder process" or no, there had better be a way for us to install apps not sanctioned by Apple!
    Can't offer solutions without creating problems, amirite!
  • Reply 6 of 29
    ajmasajmas Posts: 556member
    How much of an issue will this be for open source or apps developed by non-organisational developers?
  • Reply 7 of 29
    indieshackindieshack Posts: 144member
    I was furious when I read the title then I actually bothered to read the rest of the article. It sounds like it's just a way to help prevent installation of malicious software, obviously a good thing. My concern is that they perform a scan looking for API usage which *could* be malicious (like the private API scan they perform when you submit an app to the iOS app store), or anything else they wouldn't allow through the app store. If it gets to that point then I think a lot of us will be moving away from MacOS as their desktop. To some extent, this feels like Apple's baby steps towards a closed system.
  • Reply 8 of 29
    ElCapitanElCapitan Posts: 213member
    Another nail in the coffin...
  • Reply 9 of 29
    kruegdude said:
    jdw said:
    The last paragraph made be breath a sigh of relief.  "Harder process" or no, there had better be a way for us to install apps not sanctioned by Apple!
    Microsoft has something similar. It’s called Virus scanning software where the files and code are “sanctioned” by the various virus scan software companies, including Microsoft. 
    Yes but you do not submit to Microsoft and it is free process.
  • Reply 10 of 29
    jimh2jimh2 Posts: 137member
    I was furious when I read the title then I actually bothered to read the rest of the article. It sounds like it's just a way to help prevent installation of malicious software, obviously a good thing. My concern is that they perform a scan looking for API usage which *could* be malicious (like the private API scan they perform when you submit an app to the iOS app store), or anything else they wouldn't allow through the app store. If it gets to that point then I think a lot of us will be moving away from MacOS as their desktop. To some extent, this feels like Apple's baby steps towards a closed system.
    It won't matter to anyone if you leave. 99.9999999999999999% of users don't know and don't care about this.
  • Reply 11 of 29
    ElCapitanElCapitan Posts: 213member
    ajmas said:
    How much of an issue will this be for open source or apps developed by non-organisational developers?
    The willingness in the open source community to pay for an Apple-ID is mostly very low, yet you are going to be hard presses to find apps that don't use open source code one way or the other. So the impact will definitely be there.

    Telltale is the list of open source that went into macOS, and while some of it is Apple's own open sourced portions of macOS, a very significant portion are from developers who may not necessarily have an Apple-ID.  https://opensource.apple.com/release/macos-10141.html  
    edited April 9
  • Reply 12 of 29
    I hope Apple does not charge for that. In fact I would say that this scan should happen during installation and be part of installation by user - not by developer. And it should be free process if Apple wants to keep OS open to users that have free choice. I understand security, but I do not agree with attempt to own everything. Apple owns OS and licenses it. App developers (not Apple) own software running on it and they issue license to users. So Apple should be a bit more courtious when growing its echosystem. Scan it as much as you feel like it, but I as user get to decide if one wants it to be installed on their macOS - not Apple. I could even want to install malicious software on purpose for research. Does Apple account for that or they just run amok? Security through obscurity had never solved any problem. Ask Microsoft.
    ElCapitanelectrosoft
  • Reply 13 of 29
    kruegdudekruegdude Posts: 340member
    I was furious when I read the title then I actually bothered to read the rest of the article. It sounds like it's just a way to help prevent installation of malicious software, obviously a good thing. My concern is that they perform a scan looking for API usage which *could* be malicious (like the private API scan they perform when you submit an app to the iOS app store), or anything else they wouldn't allow through the app store. If it gets to that point then I think a lot of us will be moving away from MacOS as their desktop. To some extent, this feels like Apple's baby steps towards a closed system.
    I like the fact that my macOS systems are being made more secure. If it means it needs to be a closed system so be it. I have a Linux box as my open playground but it doesn’t contain any personal data. 
  • Reply 14 of 29
    kruegdudekruegdude Posts: 340member
    ElCapitan said:
    ajmas said:
    How much of an issue will this be for open source or apps developed by non-organisational developers?
    The willingness in the open source community to pay for an Apple-ID is mostly very low, yet you are going to be hard presses to find apps that don't use open source code one way or the other. So the impact will definitely be there.

    Telltale is the list of open source that went into macOS, and while some of it is Apple's own open sourced portions of macOS, a very significant portion are from developers who may not necessarily have an Apple-ID.  https://opensource.apple.com/release/macos-10141.html  
    The open source developer will not be affected by this and continue to develop their open source code. If the scans by Apple pick up something malicious then they’ll benefit from the free scan. 
  • Reply 15 of 29
    kruegdudekruegdude Posts: 340member
    kruegdude said:
    jdw said:
    The last paragraph made be breath a sigh of relief.  "Harder process" or no, there had better be a way for us to install apps not sanctioned by Apple!
    Microsoft has something similar. It’s called Virus scanning software where the files and code are “sanctioned” by the various virus scan software companies, including Microsoft. 
    Yes but you do not submit to Microsoft and it is free process.
    The image of a Wild West of cowboy coding comes to mind. What could go wrong? :-)
  • Reply 16 of 29
    kruegdudekruegdude Posts: 340member
    ElCapitan said:
    Another nail in the coffin...
    The coffin of malicious code development. 
    cornchip
  • Reply 17 of 29
    ElCapitanElCapitan Posts: 213member
    kruegdude said:
    ElCapitan said:
    Another nail in the coffin...
    The coffin of malicious code development. 
    You must be new here!

    The amount of malicious code development is constantly low and has been since the inception of the Macintosh. But of course, Compaq Timmy, never snapped out of his virus infested roots, did he?
  • Reply 18 of 29
    wood1208wood1208 Posts: 1,958member
    Users always welcome secured software. Biggest peace of mind.
  • Reply 19 of 29
    lkrupplkrupp Posts: 7,062member
    acejax805 said:
    greg uvan said:
    I know this is for the security of the platform, and that it's more or less transparent to the end user. But, it feels like something else is dying in the process. I can't quite put my finger on it. 
    It's really ironic that the greatest threat to security is the end-user. Finding a balance between end-user choice and security is a tough one. It's what keeps the world turning.
    Your freedom to install malware and then bitch at Apple about it?
  • Reply 20 of 29
    lorin schultzlorin schultz Posts: 2,708member
    Unless Apple is doing something more than what's described in this article, there's no reason to panic. I use a couple apps that are not signed by Apple. When I install them I get a Gatekeeper warning. All I have to do is press Command (or is it Option? I forget) and the buttons change to something that allows the installation. I assume that will still be the case. All that changes is the process for app signing becoming one step more stringent in that it now requires a scan.
Sign In or Register to comment.