Shared publicly  - 
I've started working on new book/web project on freedom in technology and communications -- a user's guide on how to have it, and why you need it.

I'm doing this because of my alarm at a long-running trend, capped by Apple's announcement today about its next operating system, which it will start selling in mid-2012. By naming a key feature of the new OS "Gatekeeper," Apple has done everyone a favor by being totally transparent about where it's taking its users: into a controlled environment like the iOS.

This only confirms my earlier decision that OS X 10.6.x is my last Apple operating system, which means that my current Mac laptop is my last Mac, since Apple configures new hardware to only run with its latest operating systems.

I don't want to be controlled. And I suspect there are enough other people who will be interested in knowing how they can move out of the proprietary systems (Web-based as well as personal device) orbit.

I'll be creating a new site for this project, and will post it soon.
Eva Schlehahn's profile photoNigel Jones's profile photoJürgen Erhard's profile photoMichael Vario (mvario)'s profile photo
I would be disappointing if Apple puts something out that I don't LOVE. At present, I remain content to live in Apple's Garden of Eden without a desire to eat the forbidden fruit of temptation - that is, choosing not to be influenced by their products.

I will be curious to read your book, though. Thanks for thinking this through and writing about it.
+mathew murphy described this as "boiling frogs". Now as it turns out the boiling frogs metaphor isn't actually true (frogs have a critical temperature at which they start making a fuss) but the metaphor is still useful.
Time to start a pool on when Apple revokes a developer certificate for someone on behalf of the RIAA/MPAA. HandBrake or VLC, which will be first?
Ron Ploof
Isn't it interesting that Apple's role has reversed from being the protagonist in the 1984 Superbowl commercial to being the antagonist?
+Dan Gillmor Perhaps you can create a circle for people who are interested in your project?

I'd love to hear more about it and be part of the discussion as this is matter close to my heart.
As long as Gatekeeper can be turned off on my machine when and if I want it, I have absolutely no problem with it. In fact, it will make my life a lot simpler with the other machines that I have to manage.
I am sure this new announcement by Apple is appealing to Asian cultures.
I agree with +Lewis Butler. As long as it can be turned off, this is a good thing. I don't see what the fuss is other than the usual "slippery slope" type arguments.
Even if some flavor of Linux is the solution it too needs a better security model that would probably act very similarly at the lower levels to this Gatekeeper. But the key difference is that it would be completely controllable by the user and designed to protect their interests.
+Lewis Butler and +Sam Knox - It's not needed for security, the corresponding features on Windows (signed applets, signed drivers) didn't significantly improve security, so what's it for? It's for control. So long as you can turn it off, you're OK with it? What are you going to do when OS X Coffee Civet requires you reboot to a mode where important OS capabilities are disabled to turn it off? You think that won't happen? That's what you have to do when you want to run unsigned drivers in Windows Vista or Windows Seven. You think Apple won't copy bad ideas from Microsoft? Really?
+Dan Gillmor the whole concept of the closed eco-system, better known as the walled-garden is alien to me.
I happen to be an adult who is capable of making decisions myself. That Steve Jobs didn´t think so only showed his deep mistrust in humans. People drive their own cars, make career choices, put children on this world. I guess clicking on a request from an app to steal your address book is a minor choice on the scale of things and yet Path and other apps could do this.
Why, because the Jobs design philosophy is not form follows function, but the other way around. Humans are considered stupid and should be spared of making choices.
If Flash could drain your battery, you can´t have it. If USB slots don´t look nice, forget about them. If apps need permissions they shouldn´t bother the user with questions. The examples are endless.
The walled garden is a ´kindergarten´ and I for one, prefer to control my own computer instead of being considered an unavoidable plague disturbing the view of Apple.
+Peter da Silva What Apple is doing is for security, and if you are smart enough to turn it off then obviously you have enough knowledge to compute wisely. But think of those who don't have a clue about computers, those who buy the "Mac's don't have virus/malware problems" line.. these are the people that will benefit by locking the system down a bit. Does it give Apple more control? Obviously, but that's the point. I still don't see the problem here.
as larry wall once said, "where is some sand when your head needs it?"
+Peter da Silva when Apple gets to the point that I can't download software from where I want and run it, then I will switch to something else. Until then, I celebrate Gatekeeper as an excellent way to keep n00bs from downloading and installing stupid Trojans.

Remember, it only applies to downloads.

+Sam Knox I wish Apple was as interested in making security fixes that didn't give them more control. The way helper applications and LaunchServices work, for example, is probably the biggest security problem OS X has right now. At least they made the appalling "Open 'safe' files after downloading" in Safari default to "off".

+Lewis Butler Until "n00bs installing stupid trojans" is a problem on OS X (which it isn't), it's a curious place for Apple to spend security effort... unless they have a reason unrelated to security.
+Edd Dumbill Will be happy for all the help I can get -- I think this is needed, and I want to do it right.
+Peter da Silva n00bs installing Trojans is the media darling. Every month or two some tech blog idiot proclaims NEW MAC VIRUS! And the most frequent question I get is "What antivirus should I buy for my Mac".

I understand why people are concerned, but they are concerned with what MIGHT happen at sometime in the FUTURE. What is happenining right now is that Macs can be set to three permission levels, Apple approved, Apple verified, any apps.

I can tell you right now machines I admin under 10.8 will be set the Apple verified, and there are probably a couple that will be turned up to Apple Approved (Mac app store only).

In addition to the perception of security, there is also the desire to get more apps into the Mac App Store where they have to be sandboxed. This is also a security measure.

The fact is, the walled garden of iOS has been wildly successful in large part because of the perceived safety. I know android users who will not download apps because they fear the malware, but I've never heard an iOS user say that. Getting that security perception into OS X will sell more Macs. Making 10.8 work closer with an iPad and feel more like an iPad will sell more Macs.

Notice how Apple says 10.8 takes the best of the iPad? That's not an accident. 10.8 is designed to get some of those tens of millions of iPad buyers to buy a Mac. 
Dan, Dan, Dan. Did you even read what the feature is about? It gives you the CHOICE of running 1) only app store apps, 2) app store and signed apps, or 3) any apps from any source. Again, jumping to the worst possible conclusion with little information, and spreading that conclusion.
"The fact is, the walled garden of iOS has been wildly successful in large part because of the perceived safety."

The penultimate word in the sentence is the important one. It's all about perceptions.
If the option to turn it off exists then I find it no different than how Android works. Can't download out of Market apps unless the user selects that in the Android options.
+Peter da Silva of course it's about perception. Windows has hundred of thousands of viruses, but it's some trojan of a pirated torrent of iWork that makes the news. this is the perception Apple has to fight.

+Will Cherone There's a reason I call Android a "walled garden construction kit". This is not the path a general purpose computer should be following.
+Marc Paul Rubin +chris vighagen I'll definitely be talking about it here, but keep in mind that I may be needing to explain why and how people need to liberate themselves from Google, too...
go ahead, monopoly is a bad thing.

Choise is always good as it shows of an alternative route to a solution. 
Highly relevant topic. The trend is towards removing control from users over their devices. We are getting used to it thanks to our mobiles, the PCs/Macs will be next. At some point we will see arguments that a user-controlled device is like a charged weapon because it can be programmed to attack infrastructure etc.
As I understand it the default setting for Gatekeeper is to allow Mac App Store apps and also apps signed with a key supplied (for free, on request) by Apple. These signed apps will not have been through the App Store approval process, and so will not have to comply with rules set by Apple. However, if found to be malicious, the key can be revoked remotely so that users can't run any apps signed with that key.

This doesn't seem to me to be the "control" you are implying. The obvious point of conflict will be Apple's definition of 'malicious' but I don't see this as being intrinsically a bad thing. I've spent enough time on the phone walking my parents through anti-virus horrors on their PC: I don't want to see that happen on Macs too.

And don't forget there's a third option for Gatekeeper: allow everything, with no restrictions. If you "don't want to be controlled", can't you select that option and carry on as before?
Sounds interesting, keep us up to date! :)
Too much control -- we're not Cylons.
+David Smith Sure... but if Apple does what we expect it to do, do not wonder "why has no-one warned me". Because we have.
+Peter da Silva I think you are being optimistic. I think Apple will be taking a cue from Windows 9 "kill switch" and mandate code signing in 10.9
Add a comment...