[PD-dev] Mac Os now requiring Apple signatures on all SW !?

Jonathan Wilkes jancsika at yahoo.com
Sat May 11 00:12:23 CEST 2013 

----- Original Message -----

> From: katja <katjavetter at gmail.com>
> To: Jonathan Wilkes <jancsika at yahoo.com>
> Cc: Miller Puckette <msp at ucsd.edu>; "pd-dev at iem.at" <pd-dev at iem.at>
> Sent: Friday, May 10, 2013 5:20 PM
> Subject: Re: [PD-dev] Mac Os now requiring Apple signatures on all SW !?
> 
> About OSX 10.8 Mountain Lion I've read some time ago that it would run
> / install apps from certified Apple devs only, unless the user
> disables that level of security, and then it would run any app without
> such restriction (which is of course not recommended). At the time I
> read about that, I was considering upgrading from OSX 10.5, but the
> concept of 'Apple certified developer' made me think twice.
> Eventually, it made me turn towards Linux for good. Still I feel that
> Pd, externals and patches should be supported for as many platforms
> possible, as is tradition.

Pd-extended and Pd-l2ork have plenty of widely-used GPLv3 externals
that come with them so it's a non-starter.  If the security setting you
describe is a binary choice then unfortunately for the Mac user that is
the proper solution here.  But keep in mind this isn't a choice between
security and Pd, this is a choice between security and running any
free software code whose devs refuse to support a non-transparent,
arbitrarily revokable signing mechanism that has a central point of failure
and terrible track record wrt to privacy/security.

-Jonathan

> 
> I can understand why Apple wants to raise their standard for trusted
> code.
> In Linux world too, there's screening before one gains write
> access to trusted repositories, which is obviously beneficial for
> quality and security. But in Apple's case, selection rationale and
> criteria will not be open to discussion, or even fully knowledgeable.
> Therefore, being 'Apple certified developer' is more like being a
> loyal employee than an independent software developer. Frankly, I feel
> no appeal at all. Hopefully there's a way around.
> 
> Katja
> 
> 
> 
> 
> On 5/10/13, Jonathan Wilkes <jancsika at yahoo.com> wrote:
>>  ----- Original Message -----
>> 
>>>  From: Miller Puckette <msp at ucsd.edu>
>>>  To: pd-dev at iem.at
>>>  Cc:
>>>  Sent: Friday, May 10, 2013 12:41 PM
>>>  Subject: [PD-dev] Mac Os now requiring Apple signatures on all SW !?
>>> 
>>> T o Pd devs -
>>> 
>>>  I heard from a student that the neweset Mac Os (10.8?  not sure - 
> perhaps
>>>  we
>>>  can just call it 'Cheshire Cat') won't run binaries of any 
> sort that
>>>  haven't
>>>  been signed by Apple - and that to get Apple to sign your app you have 
> to
>>>  register as a developer ($100/year) and still risk getting denounced as
>>>  non-Apple-approved.  If this is really the case it puts all of us in a
>>>  bind -
>>>  for example to publish a piece of music that relies on a custom extern
>>>  you'd
>>>  have to pay out the $100 in perpetuity to keep the extern signed.
>>> 
>>>  Maybe this is overblown but if it's true it puts Pd devs in a bind 
> - I
>>>  think
>>>  we're obliged to try to suppport Pd on Apple (so as not to undercut
>>>  current
>>>  Pd users who are on Mac) but to play along with Apple would be to
>>>  participate
>>>  in what is ultimately a scheme to wrest control away from computer 
> users
>>>  everywhere.
>>> 
>>>  I'd welcom others' views on this, especially if someome can 
> tell me this
>>>  is
>>>  a false alarm :)
>> 
>>  I haven't read a single article or new story on anything resembling 
> this.
>> 
>>  Such a move would make the entire Apple ecosystem incompatible
>>  with ALL GPL v3 software.  I suppose such a move isn't outside of the
>>  realm of possibility, but if Apple did go down that road you can bet it
>>  will effect more than just Pd-extended/Pd-l2ork.  So either a) its FUD,
>>  or b) we would throw our weight behind whatever large-scale
>>  organizing effort manifests itself (probably coming from the FSF) to
>>  defeat such a move.
>> 
>>  Either way it should not affect a single line of Pd code nor the
>>  development
>>  process.
>> 
>>  -Jonathan
>> 
>>> 
>>>  Miller
>>> 
>>>  _______________________________________________
>>>  Pd-dev mailing list
>>>  Pd-dev at iem.at
>>>  http://lists.puredata.info/listinfo/pd-dev
>>> 
>> 
>>  _______________________________________________
>>  Pd-dev mailing list
>>  Pd-dev at iem.at
>>  http://lists.puredata.info/listinfo/pd-dev
>> 
>

More information about the Pd-dev mailing list