Email or username:

Password:

Forgot your password?
Top-level
Chris Alemany🇺🇦🇨🇦🇪🇸

@ieure I have been using macOS since System 7 days… while Apple did start to be a little more circumspect about running randomly downloaded applications, I have never not been able to run anything. “Open” *is* the same as double clicking.
If it says it is “damaged” it’s because of an actual problem or inconsistency with the program, not some sort of conspiracy.

23 comments
cassie

@chris @ieure Open is *not* the same as double clicking, Open will give an “are you sure” dialogue in cases where double clicking will directly reject it.

Chris Alemany🇺🇦🇨🇦🇪🇸

@porglezomp @ieure I have never seen that distinction/behaviour but I won’t dispute it.

past oral no mad

@chris @porglezomp I have experienced this firsthand with multiple programs I've downloaded with a browser.

Right-click, open *should* do the same thing as double-clicking. That it no longer does, that even users with years of experience find this surprising, is exactly why it's a dark pattern.

past oral no mad

@chris @porglezomp After removing the quarantine bit, the program launches and runs perfectly. It wasn't damaged, but Apple chose to write software which actively lies to its users. Worth pondering why they decided to do that.

Chris Alemany🇺🇦🇨🇦🇪🇸

@ieure @porglezomp I honestly can't be bothered with this kind of conspiracy stuff, no matter what company it is. Saying something is "damaged" isn't a lie if it's not conforming to *minimal* expectations. Yes, security is inconvenient but it's no big secret.

support.apple.com/en-ca/guide/

past oral no mad

@chris @porglezomp lmao are we hitting the denial stage of grief?

Is a program "damaged" because I haven't removed the quarantine bit?

Is Apple the one who gets to decide what software I run on my computer?

U.Lancier

@ieure @chris @porglezomp „Why“ seems relatively obvious: Apple believes to make more money that way.

But to me it raises the question: What else evil and maybe more subtle trickery might they do to cripple things or to keep the profitable ways for themselves and out of the reach of others, including the customers.

Zimmie

@chris @porglezomp @ieure My memory is the “damaged” thing happens when an application doesn’t have a signature at all (the system generates a local-only signature when it’s run the first time), while right-click > Open is needed for the first launch of signed applications downloaded directly rather than through the App Store.

past oral no mad

@bob_zim @chris @porglezomp Yes, it's some nonsense like this. While I'm moderately curious to understand why it works like this, the entire setup is so odious that I don't want to pretend that it's reasonable or engage with it in any way.

I get to decide what runs on my computer. Not Apple.

Zimmie

@ieure @chris @porglezomp I think it’s a pretty reasonable default to keep most users safe. It’s also super easy to disable the check:

bikeshed.party/objects/e9f4384

Rich Felker

@bob_zim @ieure @chris @porglezomp Disallowing exec and telling you why is a reasonable default.

Lying that it's damaged to trick you into not trying to find a workaround to execute it is vile and user hostile.

Brendan B.

@dalias @bob_zim @ieure @chris @porglezomp pretty much any browser will throw up a warning if you make an HTTPS connection to a website with a self signed cert too.

past oral no mad replied to Brendan

@distinct @dalias @bob_zim @chris @porglezomp It's not the same, though: the browser explicitly tells you exactly what the problem is, and offers options for you to choose what to do (proceed or not).

macOS does not do this.

Chris Alemany🇺🇦🇨🇦🇪🇸 replied to past oral no mad

@ieure @distinct @dalias @bob_zim @porglezomp
Sorry, you lost me. There is a pretty clear explanation why this is happening. I am not going to get hung up on the word “Damaged” vs. Something else. It’s not a secret, including the workaround, all someone who really doesn’t want to sign their application has to do is inform their users of the workaround. As others have said, application signing is a pretty reasonable default behaviour to protect the millions of general users.

Rich Felker

@distinct @bob_zim @ieure @chris @porglezomp The browser doesn't lie and say the DNS lookup failed or the host is unreachable. It says the certificate is untrusted and asks you how to proceed.

Zimmie

@dalias @ieure @chris @porglezomp I’m not sure I’d call the message a lie. An app bundle isn’t just a loose binary (this message doesn’t come up for loose binaries), and a signature has been an expected item in the bundle for over a decade. A bundle which is missing expected resources *is* damaged, just as much as if the bundle were missing the Info.plist or some framework it uses.

It should definitely provide a way to find out exactly what about the app bundle is weird. NSError even provides several fields like localizedFailureReason which could easily be used for this.

@dalias @ieure @chris @porglezomp I’m not sure I’d call the message a lie. An app bundle isn’t just a loose binary (this message doesn’t come up for loose binaries), and a signature has been an expected item in the bundle for over a decade. A bundle which is missing expected resources *is* damaged, just as much as if the bundle were missing the Info.plist or some framework it uses.

amd

@chris @porglezomp @ieure

It happens all the time and is by design.

Happened to me just this morning with a copy of freecad. If you have a few minutes and a few gigs of free space it will for you too.

stilescrisis

@chris @ieure They're changing/intentionally breaking this in Sequoia.

:parrot:
@chris @ieure it's not the same thing if it's not verified it won't let you open it by double clicking you have to right click. since like lion or whenever they added gatekepeer
Go Up