2024-08-07 16:09:00
The next version of macOS will remove an official workaround for opening unverified or unsigned software directly. Users will no longer be able to simply launch unverified apps downloaded from the web via the context menu starting with macOS 15 Sequoia, as Apple has now confirmed. This is intended to enhance the runtime security of the operating system and prevent the “bypassing” of the built-in Gatekeeper protection feature. It is now also official that this new behavior is not a bug of the operating system beta, as testers had previously speculated.
Advertisement
Cumbersome launch for unverified apps
To run not properly signed or unsigned software, users will need to navigate to the Privacy & Security settings after the operating system blocks the app from starting. There, they can allow the software to run – after entering the admin password. This step is necessary for each piece of software unverified by Apple, but it is only needed once. After that, a permitted app can be opened normally.
When opening unverified apps, macOS displays a discouraging warning message. However, the software can still be executed – if you know how.
By doing this, Apple makes it more difficult to open unsigned or unverified apps immediately after download. Malware has also long relied on this workaround and advised inexperienced users to execute the malicious software through the context menu. Apple is now closing this loophole.
At the same time, Apple is urging developers who offer their software outside of the App Store to submit apps for review and verification to Apple. The code will be automatically checked for malware. Unverified Mac apps are now relatively rare.
Apple’s extensive control over apps
This also gives Apple extensive control over apps and developers: If an app provider is removed from the company’s developer program or does not receive an account at all, they cannot offer any software that is signed and verified with a developer ID. They can only provide the software unverified and without a developer signature. Users then see discouraging warning messages and must know the necessary workaround to launch an app.
In contrast to the automated checking and certification on macOS, iPhone apps in the EU involve a human review. Despite contrary promises, Apple recently intervened again in content and denied a virtualization tool access to its platform – even outside the App Store. This decision has since been reversed.
(lbe)