I found this story from MacWorld on the new certificate system that is being added to the next version of OS X. In essence, any application you wish to install and run on a Mac will need a certificate from Apple identifying the developer. Apple does not have to vet the app, but developers do need to get the certs to sign their apps with.
A few thoughts.
- On the plus side of the ledger, this is intended to and should prevent a lot of malware. That is a good thing and should make for secure systems.
- As long as Apple makes the process relatively inexpensive and easy to use, it should be good. Charging too much would, of course, be devastating to the platform.
- However, I do wonder how well this will work if you are installing an application and your Internet connection is down. Or if you are on a plane without an Internet connection.
- In Mountain Lion, you can still install unsigned applications by answering some security questions. So your computer is not totally locked down.
- I do wonder if a more free market approach would be better. Allowing trusted 3rd parties to issue certificates would provide a feeling that Apple is not trying to control everything.
- Not sure this help with browser based attacks which would seem more likely in the years to come.