The local network popup thing is too overdone in my opinion. However, I do think it is a good choice (in some respects) for Apple to have the "this is a program downloaded from the Internet", even if it can be annoying. It might also be a push to get developers to publish on the App Store (where Apple can be more sure (hopefully) that the apps are safe).
It's a double-edged sword in my opinion. I think it's good that the OS is looking out for the user in a lot of cases. I also understand how it can give the users pop-up fatigue.
> It might also be a push to get developers to publish on the App Store (where Apple can be more sure (hopefully) that the apps are safe).
Apps on macOS need to be signed and notarised. Apple has the exact same capability to scan for malicious behaviour and revoke your keys regardless of how you publish. We all know the real reason they want to push apps towards the app store.
"This is a program downloaded from the internet" isn't a push to the app store. It predates the Mac App Store, iirc.
It's another quick security hack (as they often are in any OS). Many years ago someone noticed that apps can pick any icon they want. And, therefore, if you could convince a browser to download a file to ~/Downloads (not hard), the user might look inside and find what appears to be a harmless JPEG or Word document, double click it and are immediately pwnd because back then there was no app sandboxing of any kind, no SIP etc. macOS in that era was a conventional desktop UNIX.
So the quick hack - make apps that download things mark files with extended attributes, and if the Finder sees that, it pops up the warning and then removes them. Now the user realizes (maybe) that the document-looking-thing was actually an app.
That's a fair point. But did Mac have the same issue as Windows where file extensions were not shown by default? That feels like it would have been the core issue.
There is a "show all file name extensions" option in Finder, but I don't recall if it's on by default or not as I haven't had to set up a fresh macOS install in a while and I've always had it turned on.
But, macOS isn't like Windows - the file extension doesn't matter. I can have a "file.txt" but it's actually a .xlsx excel workbook, and Excel will open it just fine (albeit, with a warning that the file extension doesn't match but that's dependent on the application presenting a warning). Windows actually uses the file extension to determine the type, macOS (and other *nixes) don't, they'll use some other file metadata. You can put whatever extension you want on a file, it doesn't matter except for determining what default app will attempt to open it when double clicking it in Finder.
> It might also be a push to get developers to publish on the App Store (where Apple can be more sure (hopefully) that the apps are safe).
This is exploitation of developers, plain and simple. Apple should secure their runtime, not roleplay as a software rent-a-cop that manually (and fallibly) inspects submissions. The App Store is a blatant moneymaking racket, on mobile and desktop alike. "Security" is a fig leaf for the perverse incentive Apple has to corral developers under their thumb.
I think entitlements are the correct direction to move in. I don't like Apple's implementation. But it gives us that fine-grained control of what an app can and cannot do with things outside of the app's "bubble" (or sandbox). We need Discretionary Access Control.
And to NSO Group's delight, they don't review SMS messages or Safari contents either. The "curated security" shtick is a lie, it does not protect anyone and doesn't function reliably in the first place. Both targeted malware and generic scams are rampant and unrestrained on iOS. Many of them are promoted as iPhone Search Ads, or suggested Siri results.
The knock-on effects it has are even worse. By relying on this game of shuffling private entitlements around, Apple has less incentive to actually review what developers are doing with them. Look at the Uber iPhone app's screenrecord permissions, or when TikTok stole iOS clipboards.
Apple uses "secure" review as an excuse to not review apps or secure their runtime.
Apple's review sucks but you are very confused about your "takedown" of their security practices. It's not meant to protect against everything. Even well-made security boundaries can fail against sophisticated attackers, or be too onerous against generic malware.
Honestly, I think you have a fair point there. I personally don't believe that any system could be 100% secure. But I do think there is a point to be made on the efficacy of securing the runtime compared to individual app inspection.
In macOS 15, there is no GUI bypass. Right click -> Open no longer works. xattr is "the way". I'm sure someone has probably created an Automation or something for it.
There's a small section in System Settings that they don't really tell you about that pops up when the OS blocks a file from opening. You can then override the block there. Yes, it's extremely annoying.
> where Apple can be more sure (hopefully) that the apps are safe
Ha, they'd love to capture the 30% Apple tax on macOS too, I'm sure.
I don't think the mark-of-the-web feature is bad, but I am particularly annoyed that I have to open the system settings app to open an application.
Honestly, when I first tried modern macOS, I was surprised how bad the popups and warnings were. This is exactly what Apple (rightfully) made fun of when Vista came around. I've caught myself mindlessly approving prompts because there are so many of them and most of them don't make much sense at all ("do you want to allow iTerm access to your downloads" after I've explicitly dragged the thing to the special "developer tools" setting? what the heck?).
It's a double-edged sword in my opinion. I think it's good that the OS is looking out for the user in a lot of cases. I also understand how it can give the users pop-up fatigue.