Mandatory Sandboxing to Beef up Mac Security, But Could Ruin Some Apps
November 4, 2011 10:35 AM
For small apps changes aren't any big deal, but for big apps Apple's new mandatory sandboxing could be game over
Great American statesman Benjamin Franklin once wrote, "They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety."
While he certainly wasn't talking about personal computers, that's exactly the dilemma PC makers find themselves in today. After all, allowing apps full system liberties opens a world of intriguing new possibilities -- but also new dangers.
I. Apple Backs Mandatory Sandboxing on the Personal Computer
Some are voicing support for sandboxing, the idea of preventing apps from "talking" to each other, accessing folders outside their own, executing shell commands, or using the attached hardware (without explicit permissions). So far only one company has
embraced such an approach
for its personal computer -- Google Inc. (
), makers of Chrome OS. But sandboxing is about to get a big new proponent as Apple, Inc. (
third largest maker of PCs
in the U.S., is about to roll out the feature on March 1.
For apps that are distributed in retail form or over the internet, developers -- for now -- won't have to comply with the sandboxing restrictions. But sandboxing will be mandatory to all new apps in
the Mac App Store
. Developers will also have to change their existing Mac App Store apps to sandboxed form if they want to post an update.
Under Apple's new sandboxing system apps will be able to request "entitlements", such as access to a web camera, access to USB devices, access to special folders (music, downloads, etc.). While this is similar to how sandboxing is handled in Google's Android operating system, Apple will take things a step further and decide whether the requested entitlements are appropriate as part of the applications submission process.
The new security features will help prevent malware, like the recent wave of trojans sweeping Apple's computers [
Apple wrote developers "the default sandbox environment is as simple as checking [the right] checkbox" in their development environment. For simple apps, that indeed may be all the intervention that is needed in order to assume compliance with the new restrictions. But for power apps, deep debugging, testing, and recoding may be required.
II. Developers Aren't Happy
Developers are upset because they fear that customers won't understand the changes and will simply blame them from removing features which can no longer be implemented under the sandboxing regime.
Some developers are also frustrated at the timing of Apple's decision. They are used to dealing with changes when there's an operating system release, but aren't used to having to make big changes mid-cycle. The latest version of OS X, OS X 10.7 "Lion",
launched back in July
Describes Gus Mueller founder of
Flying Meat Software
, a Mac software company, in
, "It’s being introduced in the middle of an OS cycle. I could see Apple turning it on with the release of 10.8, but forcing the sandbox on developers with a 10.7.x update? That’s crazy."
The changes have some developers considering rebellion -- abandoning the Mac App Store. Even Mr. Mueller a firm App Store proponent acknowledges that the changes "force me to remove one of my applications", the screenshot app FlySketch.
That's troubling because the Mac App Store has already had some struggles to succeed, in the face of
problems like piracy
. Still, it's important not to overstate the reaction -- most developers who use the App Store would be unwilling to turn their back on this
lucrative means of mass distribution
unless they had.
In the end sandboxing should beef up Mac security, although limiting the kinds of apps that can run on Macs in some cases. Developers may enjoy several unhappy months thanks to the decision, but they will likely adapt. After all, iOS -- Apple's operating system for the iPad, iPhone, and iPod Touch -- already implements strict mandatory sandboxing for all apps.
"If you look at the last five years, if you look at what major innovations have occurred in computing technology, every single one of them came from AMD. Not a single innovation came from Intel." -- AMD CEO Hector Ruiz in 2007
"Devil Robber" Trojan Infects Macs, Leeches Their GPUs for Bitcoin Profit
November 1, 2011, 10:59 AM
Apple Unleashes Lion, Revamped MacBook Airs; Plastic MacBook Gets the Axe
July 20, 2011, 8:45 AM
Analysts: Apple Now Has More Than 10 Percent of the U.S. PC Market
July 14, 2011, 1:52 PM
Apple Tries to Roll Out Trojan Protection, Only to See New Variety Pop Up
June 2, 2011, 9:00 AM
As Apple Boasts of One Million Downloads for Mac App Store, Piracy Already a Problem
January 7, 2011, 11:00 AM
Microsoft releases details of Project Scorpio console
April 7, 2017, 7:50 AM
More Security Issues for Yahoo
February 16, 2017, 7:45 AM
Android Instant Tethering Only Works for Pixel and Nexus Handsets
February 13, 2017, 7:30 AM
WhatsUp with WhatsApp?
August 29, 2016, 5:23 AM
Fuchsia – Google’s New Open Source Operating System
August 17, 2016, 6:30 AM
Windows 10: End of an Era & A New Beginning
August 1, 2016, 9:59 AM
Most Popular Articles
Surface Pro 5 Rumors - New Release Date and Price
April 22, 2017, 6:45 AM
ASUS RT-AC5300 – Ultimate Game & 4K Streaming
April 18, 2017, 7:45 AM
Dell Inspiron 17 7000 – A Premium Laptop featuring 7th Gen Intel Core i7 in a 2-in-1 Frame.
April 19, 2017, 7:45 AM
Meet the Smartphone with four cameras - Alcatel Flashphone
April 5, 2017, 11:20 AM
Vivo V5 Plus – the Selfie Softlight is on You.
April 17, 2017, 7:05 AM
Latest Blog Posts
Samsung Galaxy S8 – Warning for Pet Owners
Apr 24, 2017, 5:59 AM
Sound Bars and the Costs?
Apr 23, 2017, 6:30 AM
Link your Brain to Your Computer – In Four Years…Maybe
Apr 22, 2017, 7:03 AM
Google Home can now identify users by their voice.
Apr 21, 2017, 7:15 AM
Amazon Lex – Now Available for Developers.
Apr 20, 2017, 6:58 AM
You can now use Instagram offline on your Android Smartphone
Apr 19, 2017, 8:00 AM
Now you can livestream to YouTube from your mobile device.
Apr 18, 2017, 8:05 AM
Google Home – Is It a Spy Device?
Apr 17, 2017, 7:30 AM
Apple added to self –driving test permit list
Apr 15, 2017, 6:21 AM
Project Scorpio – Coming on June 11
Apr 14, 2017, 6:20 AM
Looks Like Samsung Has Been Forgiven.
Apr 13, 2017, 6:50 AM
United Airlines - Blasted on China’s Social Network and the Stock Market
Apr 12, 2017, 6:50 AM
Amazon's Third-Party Sellers Hacked
Apr 11, 2017, 6:25 AM
Microsoft Surface Pro5 Details Revealed
Apr 9, 2017, 6:41 AM
Own An Android Phone? Then you could be hacked over Wi-FI
Apr 7, 2017, 6:47 AM
Apple confirms iOS 10.3 bug and its effect on iCloud Services
Apr 6, 2017, 6:30 AM
Apple Rolls Out New Version of Apple Music
Apr 5, 2017, 10:35 AM
Apple in the News
Apr 4, 2017, 9:03 AM
Apple iPhones Will Soon Feature Graphics Chips Designed BY Apple
Apr 3, 2017, 6:23 AM
AMD Ryzen Desktop Processors Performance
Apr 2, 2017, 6:30 AM
What makes a camera Lensless?
Apr 1, 2017, 7:45 AM
Google halts Android Wear 2.0 Update Due to Bug
Mar 31, 2017, 7:27 AM
More Blog Posts
Copyright 2017 DailyTech LLC. -
Terms, Conditions & Privacy Information