Dev pulls MplayerX from Mac App Store over sandboxing; Latest of many Mac developers to abandon Apple app distribution

“Popular video playback application MplayerX is no longer being updated on the Mac App Store,” Electronista reports. “Citing Apple’s sandboxing rules, the developer is claiming that the step is coming only after ‘arguing with Apple over three months’ trying to make the newest version of the application function under the new Apple guidelines.”

“MplayerX features affected by the sandboxing rules include the automatic loading of subtitles for videos and the ability to play the next episode of a TV show in a folder,” Electronista reports. “Many applications will never be able to be sold on the Mac App Store due to close integration with the kernel of the OS violating the sandboxing requirement, such as most of the Rogue Amoeba line of audio enhancements, with the exception of audio-capture tool Piezo.”

Electronista reports, “The MplayerX developer isn’t alone in abandoning the Mac App Store. Codebase version control app SourceTree’s developers announced that after March 1 that they would not be updating the application because of Apple’s addition of the sandboxing requirement… Apple has implemented a more extensive system-wide security feature in conjunction with sandboxing, called Gatekeeper in OS X 10.8 Mountain Lion. By default, Gatekeeper only allows applications downloaded from the Mac App Store, and apps that are digitally signed with an Apple Developer ID… At this time, and for the foreseeable future, despite no credible, persistent malware threat to OS X, all new applications and updates on the Mac App Store are expected to comply with the sandboxing requirement.

Read more in the full article here.

MacDailyNews Take: This is a problem because, over time, the number of Mac users who know to go outside the Mac App Store for apps will dwindle to the point of not being able to support developers whose apps offer to do things the Mac App Store does not allow. It’s a conundrum for which we see no easy fix.

Related articles:
Apple: Mac App Store apps must implement sandboxing by March – November 4, 2011
OS X Mountain Lion’s Gatekeeper slams the door on Mac trojans – February 16, 2012


      1. Nerd Beautiful, that’s the BEST comment I’ve read on here since I can remember!! I’m gonna start saving right now…

        RE the article, I don’t see what the big problem is. The Mac App Store won’t ever be the be-all and end-all. When looking for an app solution, I imagine most people always search the *web* first – not the Store.

      1. i have 2 lenovo’s and a MBP at home. the MBP is my personal computer, the other 2 are work. i installed 8 on a virtual instance i use to work remotely and so far it’s annoying.

          1. now if i can only convince my employer to blow $2500 on a laptop instead of $500

            with 2 iphones and an ipad 2 at home i really don’t use the MBP that much. i bought it as a gift for my wife

            1. That’s the truth, show me a Laptop with “ALL” the features and design of the MacBook for 500.00$.

              Looks like alent1234 has been living in Never Never Land and he/she is being called out in 4-3-2-1.


    1. What a daft comment.
      Firstly, the article claims ‘many’ are abandoning the App Store but mentions only two.
      Next, sandboxing is an essential component of Apple’s security efforts. As OS X truly becomes mainstream it is not unreasonable to expect this, and only a masochist would downgrade to W8 rather than be able to buy a couple of apps in the App Store.

      I primarily use Macupdate to hunt for fresh app goodness. In fact, the App Store is the last place I look as searching is as bad as iOS.

    1. Let’s see, limited Aplications offer by the Steam Family that has only gamers at this point, no clue on the applications being offered.

      Then we have the Well established Mac App Store with more then 200 Million credit cards on file and growing daily, not to forget the massive iTunes offerings.

      alent1234, you just love jumping the Shark, how many more outrageous exaggerations are you going to keep making.

      So far your at 6 and counting Son.

      Looks like we have us a live Troll, not a very smart one either.

  1. Perhaps a solution might be for such developers to band together and create a site to promote/advertise/inform prospective Mac customers about the availability of such apps. A little bit of low level advertising in the Mac magazines and on a few sites like this one might be enough. In the meantime, the Mac App store is a relatively new development. Most of us still know how to go to developer sites and download/update software.

    1. Right, the article mentions “by default”. It might have helped if the author pointed out that independent programmers will have to recommend to users that they modify their GateKeeper preferences to allow their programs to be loaded.

    2. A dev of a popular app has an issue with ML’s sandboxing restrictions. It’s a valid concern that impacts adoption of the Mac app store (and possibly user experience across all appstore-approved programs). MDN even thinks so.

      Airing concerns is not panic.

  2. And whats stopping the developers who don’t want to be on the app store from getting an Apple Developer ID? You can get one for free. I’m a student programer and I have an Apple Developer ID, anyone can get one. It makes it easy to track some one creating malware (or at least make their program easily block able) since your ID would be linked to the program.

    1. Getting an Apple Dev ID is not the issue. Unless a program is cryptographically *signed* by Apple or some other recognized app authority, though, you can’t prove that the app you downloaded from a website was actually released by the developer whose ID is somehow attached to it.

      Think of it like email: I can end an email with your name, make it seem like I sent it from your email address (not hard to do at all). This will fool 90% of people if it’s not obvious spam or phishing. To actually prove with 99.9% probability that it came from you, you need a signed encryption key and certificate recognized by both your and the recipient’s system as valid.

      The app store might not work exactly like that but that’s the rough idea behind signed apps.

      1. OK I admit I’m not a dev, so I wasn’t aware an app can be signed without it going through the app store.

        In order to do this though, does your app *have* to come as part of an installer, like this page suggests?

        1. Thats not that hard for a developer to do. Thats pretty much what I meant. If you know enough to program something, you know enough to make an installer and get your program signed.
          The default security is to allow only programs from the app store and those with a security key. It’s really not that big a barrier. Also to install a program that meets neither of these requirements, the user just has to right click the app and select “open”. It tells you this every time you try to run a non app store or unsigned app.

  3. I think developers need to put instructions on how to turn off Gatekeeper on their download pages. It’s about 3 mouse clicks, so just about anyone with half a brain should be able to do it if given instructions!

    1. Thats not needed. Any time you try to run an unsigned app. The system tells you how to run it anyway. You just right click the app and select open. You don’t have to change your security settings each time you want to run an app that’s not signed.
      Really though, getting your app a security certificate is not the hard for the developer to do and would save the user any hassle or confusion.

  4. Possibly the main issue will come from exposure. More and more users will just go to the App store and that’s it. That said, as with iOS apps I think developers should be wary of relying on people finding them in the app store. The more apps there are the harder it is to stand out. The web is still a powerful way to get exposure (in a variety of forms) and once found people shouldn’t have too much problem installing apps. It’s not as if Macs came with instructions on how to install apps before the app store.

  5. Developers, here’s the deal, you make an app that does something that I want to do and I’ll buy, regardless of where you sell. If you’re not selling on the Mac App Store, then provide me a website link to throw my money. Thanks!

  6. Sandboxing is an essential feature needed to take OSX to the next level of security. With the millions of new users being added to the platform that just want the stuff to work they need more protection.
    For those who are more savvy it is easy to load apps. I did it myself within 2 days of installing ML. Programs like MPlayer can be distributed just like they used to before the App Store came along.

  7. There aren’t many ways around this, without sandboxing potentially nasty apps could sneak in quite easily and the resulting bad press would do far more damage to the App Store and Apple itself than a few apps not being available.

    I can see some of the media confusing it with the iOS store and suggesting that both were insecure.

    The features in question for MPlayerX seem quite minor compared to what the application really does, so why doesn’t its developer make a more limited app store version and pointing people to the more featured one outside?

  8. “At this time, and for the foreseeable future, despite no credible, persistent malware threat to OS X, all new applications and updates on the Mac App Store are expected to comply with the sandboxing requirement.”

    So the computer security community regularly claims “security through obscurity” and claims OS X is “much, much more insecure than Windows and other OSes” and your response is there is no current, persistent malware threat? Did you really just buy into the “I’m going to bury my head in the sand.” approach?

    Macs get hit with a trojan and the world hears about it almost instantly. Apple implements several steps to lock down OS X in Lion and Mountain Lion and you complain? So you’d rather NOT have a more secure OS so you can be a lazy programmer?

    Security is one of the few instances where Apple is really trying to make OS X better, and you complain, whine and take your ball and go home?

    Good riddance.

    1. you obviously have no idea. its been well documented that the new rules will gimp a lot of legitimate applications because it will not allow them to access resources they had access to before

      Steam is about to become the premier Mac Applications store

  9. The dumbing-down of Mac apps with these absurd requirements is a HUGE mistake. We have the Fisher-Price iToys for the moron masses that don’t know how to use a computer. Those of us with real computing needs, however, need more sophisticated software with real functionality and power behind them. I’m sorry, but when an absolutely fantastic app like SourceTree can’t pass Apple’s ridiculous requirements, something is truly wrong and it concerns me greatly… And PISSES me off. I use a lot of these software “forbidden fruits” to earn an effin’ living! I’ve used Macs since 1992 and have always loved Apple because they cared about me as a professional. But it’s becoming VERY clear that Apple does not give 2 shots about their base any more… (Mac Pro, anyone?) Apple has forgotten who brought them back from the brink 15 years ago. SJ did not do it alone.

    1. “We have the Fisher-Price iToys for the moron masses that don’t know how to use a computer. ”

      When I have heard that before? Oh yeah, back when the original Bondi Blue iMac was being sold. And relentlessly for every year since then, up to and including this one.

      “Those of us with real computing needs”

      Will have no problem installing apps from outside the App Store.

      You want to argue that Apple’s implementation of sandboxing is overkill? Or that it’s lame? Sure. You want to argue that it’s the deathnell of Apple? Nope.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.