Playing in Gatekeeper’s sandbox

With the official release of OS X 10.8 “Mountain Lion,” I’ve seen some more of the inevitable “Apple is locking down the Mac, flee now while you still can” articles and blog posts. 10.8, for those of you not keeping track (and I don’t blame you), introduces “Gatekeeper,” a system control panel which can be set to one of three security levels: only allow applications to be installed from the Mac App Store, allow applications to installed from anywhere but only applications that have been “signed” with an authorized developer ID, and allow any application to be installed from anywhere, the way things have always worked.

At least, that’s the way it’s oft described. In practice, 10.8 will allow any application to be installed from anywhere no matter what—the Gatekeeper level actually controls how whiny it will get about it. On the default median level, if you install anything from the App Store or anything that’s been signed, it’s just as it always was; unsigned apps, though, will bring up a warning dialog box and make you acknowledge that it’s not Apple’s problem if the app sends your address book to a Russian bot network and fills your Documents folder with “My Little Pony” porn.

The worry, of course, is that this is just an interim step on the way to the draconian control of your computing life that’s surely just around the corner. This is based on the increasingly pervasive notion that Apple hates apple pie, freedom and cute puppies, as evidenced by all those essential, everyday tasks you can’t do with an iOS device. Like recompiling its kernel. I can’t count the number of times I’ve pulled out my iPhone and urgently screamed, “Siri, recompile your kernel!” at it, then crumpled to the ground in despair. Same for you, I’m sure.

In all seriousness, while there’s system-level functionality I’d certainly like to see in iOS that isn’t there yet, I suspect we’re more likely to see something like Gatekeeper move to iOS than we are to see OS X move to disallowing installs from outside the App Store. While pundits often seem to divide the computer-using public into “developers” and “people who can’t find where they saved their files,” there’s a lot of ground between those two extremes, and a lot of people in that ground are going to keep wanting desktops and laptops for the foreseeable future. While I can’t absolutely rule out Apple turning its back on them, I haven’t seen anyone make a particularly good business case as to why Apple would. “Because they can” is not a particularly good business case.

My concern isn’t with apps at all—it’s with documents. Mac App Store applications must be “sandboxed” the way iOS applications are. iOS applications include documents in their sandboxes: a document “owned” by an application can only be seen by that application. If I save a Markdown document in Byword on my iPad, no other iPad application—even if I have dozens of other ones that can handle plain text—can see it, unless I can use “Open in…” from in Byword itself.

Ah ha! You may say. That’s what iCloud is for! With iCloud, documents get magically synced between devices!1 Yep. Thing is, iCloud also magically brings document sandboxing to OS X. If I want to see what I wrote in Byword on the iPad, I need to go to Byword on the Mac. If I want to preview it in Marked or do some power editing in Sublime Text, I’d still have to open it in Byword and then drag it to the other app.

Here’s why this concerns me a little: I’ve argued in the past that the kind of “open” we should really care about is open data. It shouldn’t matter whether I’m using Emacs or BBEdit or Byword for text, GIMP or Photoshop or Acorn to edit a PNG file, Alpine or Postbox to access mail on IMAP servers. If all of your meaningful data is open, you seriously reduce the friction inherent in switching applications or even computing platforms.

As neat as iCloud is, I’m concerned that it adds friction that a solution like Dropbox doesn’t. It may make “power user” tasks just within the Apple ecosystem a little more difficult—and it makes moving between ecosystems a lot more difficult. Suppose that I want to keep my Air and my iPad but replace my iPhone with whatever the next Nexus phone is? (Look, you never know.) If everything on the Air and the iPad starts adopting iCloud as the One True Sync Solution, doing this in 2014 might be a lot tougher than it is in 2012.


  1. Except when it loses data. I don’t know if this is an iCloud problem, a Byword problem or a user problem, but it’s possible to have data that’s on your iPad and not synced to iCloud that gets wiped out irrecoverably by an earlier version of the document because you opened it on your Mac. Ask me how I know. 

  1. chipotle posted this