Remember those 'Mac vs PC' adverts? 'Hi, I'm a Mac'. 'Hi, I'm a PC'. Low-key stuff with Justin Long as the Mac. In many ways, those ads brought home something that was esoteric and made it understandable to 'the rest of them'. Unix is very much a secure system, at least a system that can be made secure, and Windows PCs are not and never will be secure. This is something that's self-evident to the computer professional, but a puzzler to everyone else. Apple's marketing department looked for a way to make people understand this, and they did it with comedy.
Fast forward to today and you'll see the message - the 'truth' - is completely different. In fact, it's the complete diametric opposite.
'Whatever you do, do not venture outside our protective, very secure, walled garden. There are things out there you really don't want to know about. Procure your third-party software only through us, only through our Apple App Store, and you'll be safe.'
That's the basic message. And it's been programmed into just about every Mac user in the world. 'You don't know what's out there, so don't take a chance, it can be horrific, so don't even think about it.'
That sort of sounds good, but for one minor detail: You're on Unix. You already are secure. Process control and disk/system architecture have been meticulously honed over the years to make your system virtually impregnable. Yes, Windows users are defenceless against the myriad attacks roaming around the Internet. But that's Windows users, not you.
But you're not supposed to understand such things. You're supposed to be afraid. Like Chicken Little. In so doing, you're helping constrain the free Internet and the full exchange of ideas.
Apple's at times had a reputation for censorship. This is something like that, but this is more a crass, incredibly devious, plot to make lots of money.
Let's trace the path of a software idea from its inception to its final consumption, as it was in the old days. This is pretty simple and straightforward, as most things were back them. Someone sitting in his briefs in a high-rise suddenly gets this idea for a really cool program, hits away at his keyboard, days on end, then uploads the app to software sites and waits for users to find it and download it. Users find it and download it, and run it. And all is fine. The app works as expected. And it's pretty cool.
After a while, one of the users detects a minor cosmetic bug. He contacts the programmer. Who immediately sees that yes, that is a bug, fixes the bug, uploads the program again, announces the update, and everyone downloads a fresh new copy.
And, for the sake of argument, we'll presume the app is free. (You'll understand why in a moment.)
Now let's compare that with the new Apple way.
It's the same programmer, the same idea, hopefully a new laundered set of briefs of course, but he puts together the same program. Only this time he wants to distribute it through Apple's App Store.
(Actually he doesn't really want Apple to distribute it, but this version is for the Mac, and our programmer knows that the App Store is how you reach Mac users. So he starts looking into how to go about uploading to Apple's App Store.)
The first thing he learns is that he can't upload anything until he's registered to do so by Apple. He further learns that this registration costs $100 and is good for one year. If he still wants his app listed at Apple's App Store after a year, he has to pay another $100. And so forth.
So Programmer in Briefs gets out his credit card, mutters something to himself about having to pay money to give something away for free, but goes ahead and registers anyway. Apple +100, Programmer in Briefs -100.
Now the programmer reads up on how he has to build his app in a very special way to comply with all Apple's constraints. Additional files must be generated, and this can get rather complicated with nontrivial projects. Each additional file may have to be generated in a precise order, otherwise the whole house of cards comes tumbling down. He must also set important data in the overall configuration, such as 'no my app won't need to access the standard documents folder'. Finally, after hours or days of hair-pulling, he's ready to upload his rather trivial (but seemingly rather cool) app to Apple.
Apple's crack team will now inspect the app, paying careful attention to its conformance with overall Apple design guidelines, seeing whether the app defies any of Apple's arbitrary rules, and so forth. If the team at Apple are satisfied - and it's never a given - they will provide a brand new version of the app for distribution at their App Store. Note this is not the same code the programmer uploaded.
So the app is finally available for Mac users too! Except now someone finds that cosmetic bug. The Programmer in Briefs can no longer apply a quick fix and upload the new version. Now he has to go through the same Apple procedure again. This time it can be another team looking at it, and this time they might take a different view on whether the app is conformant with Apple rules and regulations. It might come to pass that the earlier version with the cosmetic bug is fine to use but the new one is not made available - all the while more and more users contact the programmer, bringing attention to the cosmetic bug, and asking when they'll get a fix. But it's out of the programmer's hands. The decision is up to an employee at Apple who might just be having a bad day. In any case, the Programmer in Briefs is no longer in control. What once was a simple straightforward dialogue between creator and user has been disrupted.
Was it worth the $100 to try to give Mac users something for free?
Our Programmer in Briefs now tries a different tack. On his own website, he announces that he indeed has an update to his program, but you download it from his site and not from Apple. What happens to those who dare take him up on the offer?
This is where Apple's engineers really show their skills. Anything downloaded anywhere, with but few exceptions, gets a 'tag' slapped onto it. (Actually as many as seven tags, yes just for downloading, but who's counting anyway. It's only one of those tags that's important here.) The special tag screams out 'QUARANTINE!' And as soon as the user tries to launch the app, several remarkable things happen.
1. The user is issued a frightening message, advising him of imminent danger. Depending on the version of the Mac system the user is running, the user might be completely prohibited from proceeding or be given an obscure clue of how to proceed if he really wants to welcome his inevitable and unavoidable annihilation.
2. Apple's tags are of course never seen by the user. Apple made sure of that. With advanced tools available from third parties, they stick out like a sore thumb, but Apple will never let you see them. Everything Apple does is 'magic'. They're always looking out for you - aren't they wonderful?
3. Software stamped with an Apple tag 'phones home'. On every launch. Apple had a system update recently, and their servers got clogged. No one could get their apps to launch - except ours, which are intentionally not stamped.
4. What Apple can do with that data is virtually limitless, bounded only by their physical storage capacity and overall computing power.
That's how Apple's 'walled garden' works today. So ask yourself: Do you feel safe?