Apple edges closer to cursory code review for all Mac apps

Apple will soon make a code review mandatory for all applications distributed outside its own Mac App Store by new developers, a first step towards requiring all Mac software to pass similar reviews.

The Cupertino, Calif. company argued that the process, which it calls “notarization,” would build a more secure macOS environment. “We’re working with developers to create a safer Mac user experience through a process where all software, whether distributed on the [Mac] App Store or outside of it, is signed or notarized by Apple,” the company stated in an April 10 message on its developer portal.

Applications delivered through the Mac App Store have long been reviewed by Apple for malicious code, and since September 2012 checked for an Apple-provided digital signature prior to installation. Notarization adds the App Store’s review – or a form of it – to programs distributed elsewhere, direct from a publisher’s website, say.

Apple made notarization sound, if not perfunctory, then certainly brief. “Notarization is not App Review,” Apple told developers, referring to the process App Store software goes through. “The Apple notary service is an automated system that scans your software for malicious content, checks for code-signing issues, and returns the results to you quickly.”

When users start to install a notarized application, Gatekeeper will intervene with a message stating that Apple has “checked it for malicious software and none was detected.” From there, the user can either cancel the install or proceed. Gatekeeper is the OS X/macOS utility that for the last seven years has blocked installation of unsigned code, and depending on how it’s set, allowed all software or only App Store-acquired programs to be installed.

Apple has not shared more than that about what users will see related to notarization. It was unclear whether there will be broad or granular settings to mitigate or disable the notarization requirement in System Preferences.

Source link