> There isn’t a specific identity requirement for this signature: a simple ad-hoc signature issued locally is sufficient, which includes signatures which are now generated automatically by the linker. This new behavior doesn’t change the long-established policy that our users and developers can run arbitrary code on their Macs
So, the sky isn't falling yet, but it is reasonable to be concerned.
> This new behavior doesn’t change the long-established policy that our users and developers can run arbitrary code on their Macs
This irks me, I don't know why. Maybe because calling it an Apple policy is something that can be changed. I consider it more a right that I can run arbitrary code on my computer.
So yes, I would agree, quite reasonable to be concerned.
Now we are literally only one step away from not being able to run our own software on Macs without paying Apple 100$/year (or whatever amount they want).
They just need to disable adhoc blocking, and require a signed developer. All systems are in place for this. The only thing they need to justify such a change is a "catastrophe". For example, next year, some macos malware might pop up, that could have been prevented with this signing. And Apple could just use that as an excuse to fully lock their platform.
Should be possible to get around, no? I guess technically they could lock us out, but my naïve self is thinking that surely there would always be a way to disable it, like how we can disable SIP now, through Recovery-mode?
> There isn’t a specific identity requirement for this signature: a simple ad-hoc signature issued locally is sufficient, which includes signatures which are now generated automatically by the linker. This new behavior doesn’t change the long-established policy that our users and developers can run arbitrary code on their Macs
So, the sky isn't falling yet, but it is reasonable to be concerned.