Jump to content

OS X App Signing Please!

jshier
 Share

Recommended Posts

jshier

jshier

Posted
Posted

I know this has been posted before but it bears repeating: please buy an app certificate from Apple and sign the app and launcher bundles as I know Unity can do. This may have been acceptable during development but a 1.0 game that still doesn't get through the Gatekeeper check automatically is rather silly.

Link to comment
Share on other sites
Murph

Murph

Posted
Posted

Absolutely, this should be a short term priority to get sorted out. It should be fairly easy to do, and is low cost. Here's where to sign up:

https://developer.apple.com/devcenter/mac/index.action

It's also the first step towards being able to sell the game via the Mac App Store, which should be a positive thing as well.

Link to comment
Share on other sites
Fel

Fel

Posted
Posted

So... if you pay apple $100, or hack a weaker company to get their key, you can sign your own malicious software and get it past gatekeeper. (Generally, you want to self-sign executables, but I get how they market these things.)

Either way, it really looks simple, pay Apple $100 (or use a third party with a shared key). Shouldn't be too difficult for SQUAD to do.

Link to comment
Share on other sites
Murph

Murph

Posted
Posted
So... if you pay apple $100, or hack a weaker company to get their key, you can sign your own malicious software and get it past gatekeeper. (Generally, you want to self-sign executables, but I get how they market these things.)

Either way, it really looks simple, pay Apple $100 (or use a third party with a shared key). Shouldn't be too difficult for SQUAD to do.

The fee prevents people just signing up with throw away email accounts, and similar. Apple can, and do, revoke keys used maliciously or in violation of their developer agreements, with the OS regularly downloading the current revoked keys list. They can also block individual apps, rather than an entire developer, for cases where there's something which is problematic but not malicious. There has been signed malware in the past, I believe, and not just on Apple's platforms. It's not a high security system, but raises the bar quite significantly and adds risk of being traced by authorities for malicious acts.

Using a 3rd party key would be a quite silly thing for any legitimate developer, as your apps could get blacklisted due to improper behaviour by someone else.

The annual fee also gets you access to closed betas (and various other closed downloads), and the ability to publish via their App Store.

Link to comment
Share on other sites
This thread is quite old. Please consider starting a new thread rather than reviving this one.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...