At least on my machine, when I download the latest versions of Gargoyle, Spatterlight, or Zoom on Mountain Lion, they’ll refuse to open under the default security configuration. ("‘Gargoyle’ can’t be opened because it is from an unidentified developer. Your security preferences allow installation of only apps from the Mac App Store and identified developers.")
I can still get them to work if I right-click to Open them, or if I open System Preferences > Security & Privacy and “Allow applications downloaded from:” “Anywhere,” but you have to know the secret to get this to work.
Why’s that? Microsoft has always been the big-tent party as far as developers go (and what hardware they support). Apple has always been restrictive and exclusionary, and that’s only become stronger in recent years as they became the largest corporation in the world.
Code signing certificates are free for MacOS. However, you have to be a registered Mac developer, which is $100/year. (For as long as you continue releasing updates to the software.)
Windows is of course going over to the same sort of restriction model with Win8.
What do you think about running a small-ish Kickstarter ($1000?) to pay for Gargoyle signatures? That’d keep Gargoyle signed for several years for both Mac and Windows. I know I’d pitch in; I’m sure others would as well. (Even better would be to get Gargoyle set up as a sandboxed app in the Mac App Store.)
Speaking as somebody who’s been recently attempting outreach, it really sucks to have to explain these scary dialogs to new users!
Isn’t the certificate only valid for the particular *.exe you distribute? Or maybe that was only for drivers, not sure is it applies to installers too.
That would require a license change of Gargoyle. You cannot put GPL-licensed (or similar copyleft licensed software) on the App Store:
That is the position of the FSF. The legal advice Adium received agrees, but I don’t believe that opinion is universal.
(I don’t think it’s worth pushing a test case, and I don’t plan to try it myself. I’m just saying that this is a claim, not a settled case.)
Also: let’s really not turn this thread into an OS thrash. I was making a thumbnail point, that Microsoft is taking the same turn as Apple has, not comparing the policies in millimetric detail.
If we’ve reached the point where it makes sense to distribute signed executables, I can just bite the bullet and pay for the certs. I appreciate the sentiment but if the software is broadly unusable when unsigned, I wouldn’t feel comfortable either releasing it or holding it ransom until donations cover the cost.
IMO, we’re past “the point where it makes sense to distribute signed executables” but not at the point where “the software is broadly unusable when unsigned.”
To be clear, Gargoyle works great on Mountain Lion if you know the workaround: you can right-click on the app and click “Open,” instead of just double-clicking. Of course, most users don’t know the workaround, which is why I think signing makes sense.
But “broadly unusable” is a pretty subjective term, as we’ve seen in some of the other threads I’ve raised lately. I’d say it’s “unusable for newcomers.” Is that bad enough to make you pay out of pocket?
On Windows, on the other hand, it’s scary, but it’s glaringly obvious what to do about those security warnings: Click Run, Yes, OK, etc. until the warnings go away and your program starts. I still think it makes sense to sign the Windows executable, but I don’t expect everyone to agree, and I certainly don’t expect you to pay out of pocket for it.
Yes. Gargoyle may not be the most user-friendly app, but it is designed to be essentially invisible - if it’s on your system, you should be able to double-click any game and have it run. New players have enough friction to overcome without the interpreter setting puzzles for them to solve.
I assume this will change in Windows 8 to be more like Mountain Lion. In any event, I would rather people use the installer instead of the zip file, since that ensures that the fonts and file associations are present. Signing the installer might make it more appealing to users who would otherwise avoid it.
Yeah, there’s absolutely no restrictions on running regular desktop apps in Win8 (at least none more arduous than were present in Vista/7). It’s only if you want to release a web-store app, which runs on multiple types of platforms, that you have to conform to new restrictions.
I’d say it’s “unusable for newcomers.” Is that bad enough to make you pay out of pocket?