Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> However, the Gatekeeper check here is overridable by users.

This is presented as a flaw, but I'm not sure they are thinking through the alternatives. It's hard to give too much credence to security experts who are't thinking holistically. Perhaps there is a flaw, but I'm curious to know what it is.



Security folks tend to have a very myopic view on things. Ever wondered why your computer got less and less useable? Security people pushing their agenda.


Yeah, because we get many sad users when their hard drive gets encrypted by ransomware, and even more so if it is a shared drive.

So the less toys to play, the better.


> Ever wondered why your computer got less and less useable

Would disagree.

I think the security changes have made the OS more usable since I now get visibility into what apps are doing.

And I love the idea that security people pushing their agenda of making devices more secure and more private is painted as a bad thing.


I've always learned:

  security = 1/convenience


They explain their reasoning right after that statement. Their concern is social engineering is still a way to convince people to override this.


It is but there needs to be a way for the user to keep full control of the system they own of they choose to have it.

And enterprises already have a way to turn this override off so I don't really understand their beef here.


Things the user can override are things social engineers can convince users to override.


Exactly. Technical measures are important, but if someone wants to play a game or do something that's been banned on Apple's stores and finds a site that claims to have an installer (which is actually malware) with instructions to disable Gatekeeper or SIP or what not, social engineering can work. Their goal is to do the thing they wanted to do, probably not thinking of security in the meanwhile. Popup alerts are going to be interpreted as something to get rid of so they can do the thing.

It's a difficult balance. Power users, engineers, developers - we can (usually) tell when warnings need to be heeded. People who use their devices to achieve a goal without really understanding or caring about what's happening usually won't.


I still recall when that viral elf bowling game was showing up on everyone's computers, and it struck me that we were all quite fortunate it wasn't secretly malware.


It's not a balance. There must be a way to override it.

I really don't want Apple to decide what I can have on my computer like they do with iOS. It'll be more secure but also a lot less free and functional.


To which my answer is — being alive is risky, get over it and stop treating all people like idiots that need constant oversight lest they do something potentially dangerous.


"... and that's why I don't wear a helmet."


This is overboard. Defaults matter a LOT. Requiring users to override defaults to deliver ad/malware is a losing proposition and ad/malware creators know this.


Yes. Note that thus is the technical argument for disallowing sideloading.


Let's also ban antifreeze because someone could kill you by socially engineering you into drinking it.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: