OT: Catalina - the end of ad hoc & in-house development?

kee nethery kee.nethery at elloco.com
Mon Sep 9 18:27:10 EDT 2019


I wrote an article on this process for MacOS and it took some time for me to figure out all the steps. Once documented, doesn’t really take that long to do. Apple doesn’t judge the contents of personally signed apps and the $99 per year is not a burden for me. 

I know a bunch of users who click on everything and download stuff and agree to all sorts of silly stuff and then claim that they have been hacked (and perhaps they have been hacked). I’m OK with extra steps if the OS becomes safer for folks who really do not understand security.

Just my two cents.

Kee nethery

> On Sep 9, 2019, at 2:07 PM, Dar Scott Consulting via use-livecode <use-livecode at lists.runrev.com> wrote:
> 
> Thank you for your work in this. 
> 
> I like the idea of identity signing of files, documents, programs, messages and links. I was all PGP at one time. I am making a shortlist of Electronic Lab Notebooks, and automated time-stamping and easy page/paragraph signing are important features. I encourage customers to sign documents and I am pleased to. In principle, I like codesigning. I like the idea of customers far away and great grandchildren knowing that I wrote something and they can be assured. However, I dream of an ideal world in which I can establish an identity once and then check a box in the preferences in my IDE. 
> 
> For every person there is a cost, both in the learning curve and in money ($100 per year for Apple IIRC and about the same for Windows). The yearly vetting is a racket; I can assure folks I rarely turn into somebody else. And the Apple patronizing is a high cost psychologically. But it is like taxes and typhoons, it is the adventure I am handed in life and I address that.
> 
> So, I'm ready to renew my Apple Developer membership (cheaper than MSDN) and jump into the fray. I will take heart and enter the next decade.
> 
> I skimmed over the lesson. I'm going to go rest.
> 
> Dar Scott
> Mad Scientist
> 
> 
> PS: Wasn't Stuxnet codesigned? 
> 
> 
>> On Sep 9, 2019, at 12:07 PM, Matthias Rebbe via use-livecode <use-livecode at lists.runrev.com> wrote:
>> 
>> Although i understand anyone´s concern about Apple new requirement for notarization, i welcome Apple´s effort to make Mac OS X apps more secure for the users. I was also not very happy when i first heard that  10.14.6 will not start unnotarized apps right away. 
>> 
>> But what are our options here?
>> Either we stop developing for Apple or we fulfill Apple´s requirements. Everyone has to decide for her/himself, if the extra work for this Notarization is worth it.
>> 
>> Even if there is a way to run unnotarized apps under Mojave by going to security control panel and allow the app to be opened, i think this is not very user friendly and also not not very trustworthy, regardless if it is a free or a commercial app.
>> 
>> 
>> Under  Windows developers have to purchase a CodeSigining Certificate which costs from 79,- to 300,- USD, depending on where you buy from and depending on the type of the certificate, to be able to codesign.  And if i remember right, also under future Windows versions it will be more difficult to run unsigned Apps. At least there will be a popup with a warning message, this is currently in Win10 the case. That is also not very trustworthy, isn´t it?
>> 
>> 
>> 
>> Anyway, some weeks ago i´ve posted a link to a Livecode lesson which not only describes the required manual steps to notarize and staple an app for distribution outside the Mac Appstore , but also includes an helper stack which does all the needed steps.
>> 
>> You´ll find the lesson here: <http://lessons.livecode.com/m/4071/l/1122100-codesigning-and-notarizing-your-lc-standalone-for-distribution-outside-the-mac-appstore>
>> 
>> 
>> Regards,
>> Matthias
>> 
>> Matthias Rebbe
>> 
>> free tools for Livecoders:
>> InstaMaker <https://instamaker.dermattes.de/>
>> WinSignMaker Mac <https://winsignhelper.dermattes.de/>
>>> Am 07.09.2019 um 13:18 schrieb Peter Reid via use-livecode <use-livecode at lists.runrev.com <mailto:use-livecode at lists.runrev.com>>:
>>> 
>>> I've been using LiveCode as my development platform since 1999. Practically all the apps I've developed have been for in-house use by my family, friends and customers - all very low numbers of copies distributed in an informal manner. I've no interest in App Store distribution and the users of my apps trust me such that they do not need my apps to be "approved" by Apple. What's more important to them is how quickly I can release new apps and new versions of existing apps.
>>> 
>>> Up to and including macOS Mojave my users can run my apps with the minor inconvenience of having to right-click an app and approve its use, just once. With macOS Catalina, if I understand things, it's not so simple, instead these are the options:
>>> 
>>> 1. Code-sign and notarise my apps – I'm not interested in this for my kind of apps which are essentially in-house/at home developments.
>>> 
>>> 2. Using an active Internet connection, go through the right-click technique as now not just once, but EVERY time the app is opened.
>>> 
>>> In the past the 'Security & Privacy' General tab had a 3rd option for the setting 'Allow apps downloaded from:' which allowed you to install and use apps from any source. It seems that this is not possible with Catalina.
>>> 
>>> So with Catalina my users will need an Internet connection and will have to go through the right-click authorisation process every time they open one of my apps.
>>> 
>>> More seriously, it is becoming increasingly difficult to recommend the combination of the Mac plus LiveCode for app development. Up to now I've done all my app development on Mac+LC, even where the target platform is Windows or Android or Linux – I find it's simply faster, less error-prone and more pleasant with the Mac. However, from Catalina onwards even simple little utility apps, created for short-term use, will be tedious when opening or you have to learn about the complexity of code-signing and notarising and accept slower development cycles due to the need for Apple's approval!
>>> 
>>> This is quite depressing, especially since I abandoned iOS development due to Apple's distribution restrictions.
>>> 
>>> Back when the iPad 2 had just been released I developed for one of my customers an app to support health & safety audits for a national UK retail chain. The app took me 15 days to develop in total. As a result of being able to field a team of 10-20 staff with iPads running my app, my customer was able to carry out 350 half-day H&S audits for 3 years. However I was unable to roll-out this app to other customers as the ad hoc distribution method I was using was limited to 100 iPads per year and the App Store was not appropriate for this type of app.
>>> 
>>> As a result of the limitations Apple impose on tablet app distribution, recently I developed a speech-aid app just for small Android tablets and larger phones. I have not made an iOS app. This app is low volume (in terms of number of users) and requires significant personalising in order to be effective for its users (typically they are stroke victims). I chose to deliver the app on Android because of the facility to use developer mode and because of price – Android 7in tablet plus minimal add-ons: £80, Apple iPad plus add-ons: £320. Some of my users of this app already have an iPad but they are having to buy a cheap Android tablet. Like the Mac and Catalina, the iPad and iOS is driving away potential app developers due to Apple's rigid control of the delivery mechanisms.
>>> 
>>> Maybe I'm wrong, Catalina will be OK – if I am wrong, please correct me!
>>> 
>>> Regards
>>> 
>>> Peter
>>> --
>>> Peter Reid
>>> Loughborough, UK
>>> 
>>> 
>>> _______________________________________________
>>> use-livecode mailing list
>>> use-livecode at lists.runrev.com <mailto:use-livecode at lists.runrev.com>
>>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>>> http://lists.runrev.com/mailman/listinfo/use-livecode
>> 
>> _______________________________________________
>> use-livecode mailing list
>> use-livecode at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
>> http://lists.runrev.com/mailman/listinfo/use-livecode
>> 
>> 
> 
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode





More information about the use-livecode mailing list