What Gatekeeper means for users of 10.8 Mountain Lion
As
users of 10.8 Mountain Lion settle into their new environment, some of
the most common questions about the new operating system relate to
Gatekeeper – OS X’s newest security feature.
While Gatekeeper is a marquee feature of OS X Mountain Lion, there’s
still some confusion about what it does and how it affects Mac users in
everyday use. To summarize in a single sentence, Gatekeeper helps
protect you from inadvertently installing malicious software on your
Mac. But there’s a lot more to Gatekeeper than that basic description,
so let’s explore why it exists and how it works!Why Apple created Gatekeeper
Gatekeeper is Apple’s answer to trojan apps that trick users into installing software they don’t actually want. Trojans are a growing problem for Macs, Windows PCs, Android phones, and nearly all software platforms that let users install software from any source. These aren’t viruses that install on their own – they rely on the user’s ignorance or uncertainty to gain access to the system.Since iOS only allows users to install Apple-approved apps from the App Store, iPhones and iPads are not at risk for these kinds of threats. Macs, of course, have an App Store too – but it’s not the only place users can find and install software. We can download apps from anywhere on the internet.
Rather than lock down the Mac like they’ve done with iOS, Apple took a different approach in OS X 10.8 Mountain Lion by introducing Gatekeeper. With Gatekeeper, your Mac will be safer and more secure without taking any control away from you.
How Gatekeeper works
So now that we know why Gatekeeper exists, how does it work? In general, it’s not something you have to worry about maintaining. Gatekeeper works in the background and only alerts you when there’s a problem. But depending on how you have Gatekeeper configured, those alerts could come at different times.- Mac App Store: Selecting this option makes your Mac behave like an iOS device. It will only allow software downloaded from the Mac App Store to be installed. All other apps will be denied if you try to launch them. This is the most secure choice, but also the most restrictive.
- Mac App Store and identified developers: Mountain Lion’s default setting allows your Mac to install apps from the Mac App Store, plus any apps that you’ve downloaded from the web – as long as they meet one important criteria: The developer needs to be registered with Apple to confirm their legitimacy. More on this below.
- Anywhere: This gives you free reign to install whatever you want, from wherever you want – just like all the previous versions of OS X.
It’s important to note Apple’s developer ID program is not an approvals process like the Mac App Store. Any developer can get a certificate immediately without Apple ever seeing their app. It’s just a way for Apple to protect users if a developer is later found to be doing something they shouldn’t.
How to configure Gatekeeper
That “Anywhere” setting sure sounds good for you expert users and control freaks, right? Wait! Let’s not jump back into old habits just yet. This option leaves the door wide open for trojans to be installed without your knowledge. It’s much safer to leave Gatekeeper on its default setting (“Mac App Store and identified developers”) so you know everything you install is legit.But what about those apps whose developers haven’t registered with Apple to get a certificate? If you’re confident this app is from a safe and trusted source, it’s easy to manually override Gatekeeper on a case-by-case basis without changing the default setting. Just right-click (or control+click) the app and select Open from the menu. Gatekeeper will still display a warning, but it will also give you the option to install the app anyway. Once installed, Gatekeeper won’t bother you about that app again. Happy user, happy Mac… everyone wins!