WingNews logo WingNews
top | item 45742297

(no title)

s20n | 4 months ago

> It is interesting though how this same conversation doesn't exist in the same way in other areas of computing like video game consoles

Yes, there needs to be a lot more uproar for these cases as well. One of the most appalling cases is that of macOS. To distribute your app (as a .dmg for instance), you need to sign up and pay for a Developer ID, sign the app with a Developer ID certificate and then notarize it, EVEN if you don't intend to use their App Store.

discuss

order

dghlsakjg|4 months ago

You can self sign without a developer account and self distribute and all it does is notify the user that the software is from the internet the first time they run it. They can still use the app. If it is completely unsigned, users may have to bypass gatekeeper, but that is just a setting.

If you want to sign using a cert trusted by apple, and distribute on their infrastructure, you do need a paid account.

This seems like a reasonable compromise, quite honestly. That is based on remembering the bad old days of just having to trust that the software you downloaded from some random shareware site hadn't been modified maliciously.

heavyset_go|4 months ago

99% of users are not going to understand why they can't just double click the app to run it. And the second they see macOS gaslight them into thinking self-signed applications are radioactive biohazards via scary warnings, they aren't going to take additional complicated steps to run the app they wanted to run in the first place.

Users will just assume the app is broken, a virus or that you're a hacker, all because of the way macOS treats apps from developers who didn't pay the Apple tax or submit the app to Apple's panopticon for approval.

Users should not have to know some cursed and arcane ritual to run the apps they want to run.

franciscop|4 months ago

Wait, do you need to do that? I've never attempted distribution, but I've created multiple local apps with Electron and Tauri for myself, and they are just a .app on my Applications folder. Wouldn't it be as easy as sharing this file with anyone else if I wanted to distribute them?

heavyset_go|4 months ago

No, macOS treats your machine's self-signed certificates in a special way so that running apps signed with them is transparent to you, but a nightmare to anyone you dare to distribute the apps to without Apple's approval.

Barbing|4 months ago

They need to try to open it, visit Settings > Privacy & Security, scroll down quite a bit, hit Open Anyway, try to open it again, and confirm one last time.

(Might be quicker for some in Terminal if supported.)

I think it used to be Right Click > Open, then confirm.