What is Apple's Gatekeeper and How Can it Save me?

Apple's GateKeeper can save you from Malware

If you have never heard of Apple's Gatekeeper, it is time you have.

 

This is Apple's own definition,

Some apps downloaded and installed from the internet could adversely affect your Mac. Gatekeeper helps protect your Mac from such apps.

 

The most common method for malware to get installed onto someone's computer is by tricking that person into downloading and installing it themselves. Criminals use very sophisticated ways to fool even seasoned users. Have you ever seen an ad for MacKeeper? I am sure you have.

 

Last year MacKeeper agreed to pay $2 million in a class action lawsuit claiming it used false advertising and deceptive claims. Many people feel it was simply well advertised malware.

Recently a Mac-specific piece of malware ("OSX/Keydnap") was discovered that can potentially expose the passwords stored in the Mac OS Keychain. Think of your online banking passwords. If you have Apple's Gatekeeper properly configured, it will be block the attack.

 

How does it work?

Gatekeeper works by blocking the opening of apps that might be harmful to your computer. How it determines what might be harmful is done by the computer administrator choosing between three options as seen in the screenshot below. The second choice is the default setting.

The Gatekeeper settings can be found in your Security & Privacy preference pane of System Settings (Apple menu > System Preferences… > Security & Privacy > General tab under the header "Allow applications downloaded from:").

The Gatekeeper settings can be found in your Security & Privacy preference pane of System Settings (Apple menu > System Preferences… > Security & Privacy > General tab under the header "Allow applications downloaded from:").

Of course Apple wants you to download all of your apps from their own Mac App Store. While this advice is self serving, it does have merit. You are guaranteed that the app will be safe, which is important these days when Malware for the Mac is appearing more often than we would like. However, this is almost impossible to adhere to for most of us. How many of you have encountered this alert?

Not every app we want to use is in the Mac App Store or they have not adopted using a Developer ID. This does not mean it is malware and we should be afraid of it. Many legitimate software falls into this category. So what do we do? Well, most people ask their techy friend who just goes into your GateKeeper settings and changes it to the least secure option and forgets to change it back. Now you have just turned off a very valuable protection.

What is my best option?

The best option is to leave the default setting by Apple and when you try to install an app that is not an identified developer, you will be presented with the option to open anyway.

These are instructions directly from Apple:

If you are confident the app downloaded from the Internet is the latest version and is from a source you trust, you can open an app from an unidentified developer by following these steps.

Important: Some Apple screened apps from developers that are in the process of acquiring Developer ID signatures will present the "Open" option when they are double-clicked.

Note: In most cases, you will only have to perform these steps once for all user accounts on the Mac:

  1. In Finder, Control-click or right click the icon of the app.

  2. Select Open from the top of contextual menu that appears.

  3. Click Open in the dialog box. If prompted, enter an administrator name and password.

Note: Here is more information and to see the full article on Apple's website.

Conclusion

Apple does a very good job of trying to keep you safe while also maintaining your privacy and right to choose the options you want. In the end, it really is up to the user to educate him or herself on these matters. Only install software that you know to be legitimate and safe. If you are not sure, Google it. I can almost guarantee you are not the first person to encounter this. 

If you have any questions, don't heistate to contact TechnoMinds.