Apple this afternoon announced that developers who create Mac apps outside of the Mac App Store will need to submit them for the notarization process starting on February 3, 2020.
Apple temporarily relaxed the notarization requirements for non Mac App Store apps in September after the launch of macOS Catalina, and at the time, said developers would have until January 2020 to get used to the new rules.
The January 2020 deadline has been extended to February 2020, but at that time, developers will need to adhere to Apple's requirements.
Apple suggests that developers upload their software and review the developer log for warnings, as these warnings will become errors starting on February 3. Apple says that all errors will need to be fixed by that date for software to be notarized.
In June, we announced that all Mac software distributed outside the Mac App Store must be notarized by Apple in order to run by default on macOS Catalina. In September, we temporarily adjusted the notarization prerequisites to make this transition easier and to protect users on macOS Catalina who continue to use older versions of software. Starting February 3, 2020, all submitted software must meet the original notarization prerequisites.
If you haven't yet done so, upload your software to the notary service and review the developer log for warnings. These warnings will become errors starting February 3 and must be fixed in order to have your software notarized. Software notarized before February 3 will continue to run by default on macOS Catalina.
As a reminder, all installer packages must be signed since they may contain executable code. Disk images do not need to be signed, although signing them can help your users verify their contents.
Apple has been requiring new software distributed with a Developer ID outside of the Mac App Store to be notarized in order to run since macOS Mojave 10.14.5, with the notarization process designed to protect Mac users from malicious and harmful apps.
For the notarization process, Apple provides trusted non Mac App Store developers with Developer IDs that are required to allow the Gatekeeper function on macOS to install non Mac App Store apps.
Notarization is not required for apps that are distributed through the Mac App Store. More information on notarization can be found on Apple's developer site.
Top Stories
Seemingly Unreleased Version of Logic Pro X With Live Loops Appears on Apple's Education Site [Updated]
Zoom Updates iOS App to Stop Sending Data to Facebook
Apple Suppliers Worried About iPhone Demand, Production Ramp-Up for New iPhones Reportedly Postponed
2020 iPad Pro Teardown Provides Closer Look at LiDAR Scanner and Confirms Incremental Update
Apple Watch Series 6 Could Feature Touch ID Fingerprint Sensor, Pulse Oximetry and Sleep Tracking Support
Bloomberg: Apple's 5G iPhone Still on Schedule for Fall Launch, But Future Products Could Be Delayed
Kuo: Apple to Launch Several Macs With Arm-Based Processors in 2021, USB4 Support Coming to Macs in 2022
Top Stories: Hands-On With 2020 iPad Pro and MacBook Air, iOS and iPadOS 13.4 Released, iPhone 12 Delay?
Deals: Huge Refurbished iPhone Sale Discounts iPhone 7, 8, X, XR, and XS (From $120)
Top Rated Comments
(View all)This is more about stopping users from accidentally executing malicious code than a strongarmed attempt to lock down the platform.
Remember that MacOS is a development operating system; they can't lock it down like iOS without crippling the ability to develop software on it.
Apple this afternoon announced ('https://developer.apple.com/news/?id=12232019a') that developers who create Mac apps outside of the Mac App Store will need to submit them for the notarization process starting on February 3, 2020.
This statement is wrong and is getting everybody upset. A critical part of Apple's statement was deleted:
In June, we announced that all Mac software distributed outside the Mac App Store must be notarized by Apple in order to run by default on macOS Catalina.
Very simply put, signed apps must now be notarized. Unsigned apps are unchanged.
Your circle is really special.Dual Boot (Mojave + Catalina) systems will soon become the norm !
Every Mac User I know has either already implemented it, OR working towards it.
NOBODY I know, including me, trusts Apple to do the right thing !
Isn't this slightly different with a higher bar of verification? All apps must be signed to run, notarized or not?
No. Users can still override Gatekeeper on a case-by-case basis or disable it altogether. The verification is also still contingent upon File Quarantine, which means that it will not apply to software that is downloaded via software that does not quarantine files (such as curl). Software that is not signed thus continues to work under the same limitations as before.
Does this mean we have to submit our proprietary source code to Apple now?
Apple does not even get to see the source code when an app is submitted for publication on the App Store. For notarisation, a compiled product is sent to Apple for verification. They do some static analysis on the object code to check it for known malware signatures and confirm that it was properly code-signed. It is an automated process as far as I know.
i'll call that bluffDual Boot (Mojave + Catalina) systems will soon become the norm !
Every Mac User I know has either already implemented it, OR working towards it.
NOBODY I know, including me, trusts Apple to do the right thing !
That's exactly the behavior hackers are targeting:
[URL unfurl="true"]https://blog.confiant.com/new-macos-bundlore-loader-analysis-ca16d19c058c[/URL]
You can only protect users so much.
I mean, if someone deliberately opens the gun safe using their combination, loads a round into the shotgun, aims it at their foot, and pulls the trigger, you can't blame the maker of the safe for being "insecure".