OS X Mountain Lion’s Gatekeeper slams the door on Mac trojans

“There are three ways to attack a computer — gain physical access, hit it over the network, or trick the user into running something they shouldn’t,” Rich Mogull reports for TidBITS. “Macs are reasonably well protected against two of the three.”

“For physical and network attacks, we Mac users are in pretty good shape,” Mogull reports. “But the third kind of attack? Well that’s a bit of a problem, since we humans, even the most paranoid of us, can fall prey to trickery. It’s a problem we haven’t had very good solutions for… until now.”

Mogull reports, “Mac OS X 10.8 Mountain Lion includes a transformative security technology called Gatekeeper. It’s a major new advance in operating system security designed to reduce dramatically the ability of an attacker to trick users into installing malicious software. It could be the key to preventing a future widespread malware epidemic.”

Read more in the full article here.

Related articles:
My experience with Apple’s OS X Mountain Lion Developer Preview – February 16, 2012
Apple’s Phil Schiller talks rapid speed of OS X Mountain Lion release; mere 7 months after Lion – February 16, 2012
Hands on with Apple’s new OS X Mountain Lion – February 16, 2012
Apple releases OS X Mountain Lion Developer Preview; public release coming in late summer 2012 – February 16, 2012


    1. … yeeaah! You’d have thought they would have backed off that particular argument – security via obscurity – back when either of the two latest MS OSs had released to Public Beta and quickly had multiple malware despite offering less than 1/10th the number of users of the latest OSX. Strange!

  1. … this morning about hackers. Not how they do what they do, but what they are trying to accomplish. And, a goodly number of them are trying to steal IP. And having good (enough) luck in the process. If your Mac is built in China – THE #1 base for such hackers – can you say the back door was not installed at the factory? In ROM?
    NorTel lost much of its IP over the last half dozen years of its “life”, suspected of having been stolen by the Chinese. It may take more than “GateKeeper” to close this down.

    1. On something as important as the ROM, it’s quite simple to run a binary check to make sure the code hasn’t been altered from the master. A random sample of shipping machines may take a little time, but it’s simple to do. So I think it’s nowhere near the problem the pundits are making it out to be. But so many people in the US love conspiracy theories…

      1. “…But so many people in the US love conspiracy theories…”

        Ain’t it the truth? I even think the Revolutionary War was a conspiracy. Think Freemasons and the DAR. 🙂

  2. This is also a way for Apple to “persuade” all legitimate software developers to post their offerings in the Mac App Store which funnily enough Apple gets a percentage of. All evil software imposters (as few as there must be on the Mac) must be going “WTF! It was already impossible enough to break through!”

    1. Well, that isn’t really very efficient, doncha think? I mean, who plans a virus attack by going around to random people’s houses and installing viruses manually?

  3. I said this would happen …. and here it is in its first iteration:

    GateKeeper is the logical first step toward removing the rights of the end user to install and use whatever features they want, all under the FALSE promise of greater security. Already, they are restricting iCloud features to Apple-approved apps only and Macs with built-in hardware level DRM control. Now, if you choose to allow installation “from anywhere” you will promptly be faced with a fear-mongering pop-up stating your choice makes your Mac “less secure”. Oh sweet lordy no!! Better not do that!!! Wait a minnit??? More secure than what? There are NO MAC VIRUSES or any known OSX malware in the wild. The only malware we’ve seen lately has been on iOS, *from the APPSTORE*, where Apple missed the ball and allowed many apps to mine contact info.

    Perhaps they should offer an option to “warn me when installing Apps from the AppStore”.

    In the future they will bury the “from anywhere” option, and after the predictable hubris has quieted, they’ll then quietly remove the option altogether, claiming the actions of a few rotten apples hurts many. Non-“blessed” apps will include obvious targets like; Torrent Apps, HandBrake (rippers), anything Apple deems as immoral (Wobble), competitive with their software (like iTunes competitors, browsers), diminishing the “Apple experience”, or in poor taste (I’m Rich, bikini calendars) … yeah, just like the AppStore policies today. Anyone who wants the kind of freedom we enjoy today will be labelled a Jailbreaker or thief.

  4. For sure that’s not about security, if that was for security they could at least make it not so restrictive (as a part of parental controls for example). Windows XP had a similar feature for years, and it did not help against viruses at all. Moreover, don’t you think it’s strange that yesterday they claimed “Mac os X is completely virus free” and then next day they ban ALL third party apps “to protect you”. When governments or corporations want to cut your freedom – they’re always talking about security. Most of masses are only glad to have their freedom cut.
    Also don’t you think if there was no AppStore, they would even bother with this GateKeeper? No!
    The only (only!) reason they push it is to force developers (and users) to use their AppStore. And that was very predictable. First it hits alternative online distributors and resellers, and eventually it will hit developers – cause the monopoly is always bad. That’s definitely anti-competitive behaviour and people must understand – it won’t be good for them in a long term. Eventually developers won’t own their apps, and Apple will own everything! They will be able to change their rules, commissions etc and there will be no alternative! That is what they want! That is so old practice! But in 1990th there were so many court cases against Microsoft! What now?

    Developers should complain and protest about banning their non-signed apps by default, as it’s a way to a digital slavery! It’s so obvious in the USA, are you still believe in any security and good thoughts? That’s a BS! That’s all about money and greed! Now 30% and you cannot even mention a competing OS in your app, what next? Isn’t that the dictatorship the Unites States were always fighting with? It IS! The freedom is in danger again and again!
    That the same as SOPA and PIPA – it results in the same freedom loss!
    Don’t be so stupid to think it’s about security!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.