Gatekeeper is a new security feature of OS X in Mountain Lion. It allows you to prevent apps from being installed depending upon the source of the app. You can decide to only allow Mac App Store apps, or also allow signed apps, or turn off Gatekeeper if you don’t want to use it. Learn how to set Gatekeeper and why it will help you keep your Mac more secure.
Hi, this is Gary with MacMost Now. On today’s episode let’s take a look at the new Gatekeeper function in Mountain Lion.
So Gatekeeper is a new security measure that’s in Mountain Lion that allows you to basically say only allow apps from the Mac App Store to be installed on this computer. Alternatively, you can say you will also allow apps that are signed by an official developer to be installed on the computer or your third option is to turn the Gatekeeper off and things will operate as they did in Lion and in any OS before that. Let me show you.
The Gatekeeper settings are found in Mountain Lion in System Preferences and you go to Security and Privacy and under General you will see them listed here. You have to unlock in order to access them.
So here are the three options. So if select the first one that means only software from the Mac App Store can be installed. If you try to download other software from another web site or you get software via email something like that it won’t let you install it. However you can still install software from optical disks. So for instance if you buy something like Microsoft Office on disk and you want to install it on your iMac you can still do that. This only applies to the network for getting software off the internet.
Now the second option allows you to install software from the Mac App Store but in addition to that it allows you to install software from developer’s web sites as long as the developer has signed up with the Apple’s Mac developers program and they sign their apps with their unique identifier that Apple gives them. This provides accountability. Basically the developer has identified themselves with the software and it makes sure they are held accountable if the software is actually some sort of malware which is highly unlikely if they are signing up for this program and identifying themselves to Apple. In the extreme case if the software misbehaves then Apple has the ability to identify the piece of software and send out signals through its’ malware protection software to actually disable it. Probably that will never happen as the accountability here is pretty strong. So it’s kind of a second level and expect to see some developers use this. The Mac App Store has very strict restrictions on what software can do. For instance utilities that access the operating system and do various different things can’t be in the Mac App Store. So some of the more tech geeky tools won’t be in the Mac App Store but may be available from the developer on their site as a signed app and you will be able to install it if you have the second option selected.
Now the third option, and you see when I select it it is actually going to make sure that’s what I want to do, sets everything up like every OS before. You can install software from anywhere. You can download from web sites, it doesn’t need to be signed, and you can install it.
Malware protection is still in place. This is separate from malware protection. So everything you have in Lion is available including malware protection if you select Anywhere.
Now there may be some developers that don’t want to be part of the Apple Developer Program but they are perfectly legitimate developers. You may also work in an environment where you have all sorts of software traded back and forth between say students in a university, part of a classroom work, at a work environment where apps are developed and used in-house and there is no need to actually go out to Apple and have them certified. So this might be useful for those folks.
Now it is easy to switch back and forth between these as you can see. So there is no harm in setting yourself to being Mac App Store only and then if you do need to install another piece of software you can temporarily change it and go ahead and then change it back after installing it.
The Mac App Store setting is ideal if you are maintaining your computer used by a non-tech savay family member. It makes sure they don’t go installing things when you are not around and then running into trouble. So you can set it to that and then if they really need something you can go in and change the setting, help them install that software,and then set it back.
The best thing about Gatekeeper is that it is there if you want to use it and if you don’t want it you can just turn it off.
Hope you found this useful. Until next time this is Gary at MacMost Now.