Apple promises to up security game following Gatekeeper issues

(Image credit: Shutterstock)

Apple has revealed the steps it will take to overhaul its security policies following the Gatekeeper bug that affected users of new Macs recently. Gatekeeper is a solution utilized by macOS to ensure that only trusted software runs on a user’s device. However, the technology appeared to need re-configuring slightly after a recent update to the Mac operating system.

Not long after Apple had released its new macOS update, Big Sur, users began reporting issues when opening third-party apps. According to reports, Gatekeeper was unable to check the developer certificates of these apps due to a server-side issue.

The bug also raised privacy concerns among users, with many wondering if Apple logged every app launched by Mac users and if such information could be used to give the Cupertino-based firm a competitive advantage. Now Apple has provided a security update in an effort to allay those fears.

New rules

“Gatekeeper performs online checks to verify if an app contains known malware and whether the developer’s signing certificate is revoked,” Apple’s security update explained. “We have never combined data from these checks with information about Apple users or their devices. We do not use data from these checks to learn what individual users are launching or running on their devices.”

Nevertheless, Apple has promised to introduce several changes to its security checks over the next year. These include a new encrypted protocol for Developer ID certificate revocation, stronger protections against server failure and, crucially, an option for users to opt out of the new security protections.

The updated policy should prevent similar disruption involving the Gatekeeper software from occurring again and will hopefully further assuage any privacy fears.

Via TechCrunch

Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things.