Apple’s Gatekeeper Security Function Still Open for Debate

Apple has included a new – and admittedly interesting – security function in the upcoming version of Mac OS Mountain Lion (OS X 10.8). Called Gatekeeper, the function will restrict the installation of downloaded applications based on their source. Think of it as a step-up on Microsoft’s Authenticode. Yet, is it more control for the user, or more control over the user? Also, will it really prevent malicious applications from being installed?

Apple’s Gatekeeper comes with three settings. Users can opt to allow applications to be installed if they are taken from the Mac App Store, the Mac App Store and Identified Developers, or anywhere on the Web. Identified Developers need to pay Apple an annual fee of $99 USD, which most developers willingly pay to keep on Apple’s good side and promote their services. That’s not the issue however, according to Sean Sullivan over at F-Secure.

“In the future, when Apple decides to further close its platform, device drivers could also be required to use Apple Developer IDs. Apple is famous for its focus on user experience, and it isn’t really very difficult to imagine it revoking third-party peripheral drivers in order to “secure” that experience… By 2014, I expect somebody out there will be jailbreaking their Mac…,” he wrote.

Moreover, Sophos’ Chester Wisniewski adds, Apple’s idea is sound, but the implementation is flawed.

“Gatekeeper is essentially a whitelisting technology bolted onto the blacklisting technology it introduced two versions ago. While this will clearly reduce the risk for users who primarily download all of their programs through popular browsers or the App Store, it only addresses the Trojan problem that has been the primary vehicle for delivering malware to OS X,” he said.

It’s what Gatekeeper misses that counts, Wisniewski notes. For example, files from USB devices, CD ROMs, or network shares will be ignored by Gatekeeper, opening up a wider attack surface. In addition, applications downloaded from BitTorrent might be ignored by Gatekeeper as well.

“This one time check, combined with the limitations of what files are scanned from which sources significantly weakens the usefulness of Gatekeeper. The second problem is a common one to all platforms, people. If a user wishes to install something and is blocked from doing so, they more often then not will override the block. It’s human nature,” he adds.