Is Apple's Gatekeeper a positive or a sinister move for computing?

Why Apple's upcoming Gatekeeper technology has its ups and downs

TODO alt text

Make no mistake, Apple's upcoming Gatekeeper technology is a game-changer. It's part of OS X Mountain Lion, the next iteration of OS X, and never mind whether you use that or Windows in your daily life.

The success of the App Store on both that platform and iOS is already having a major impact on the wider software world, proving that people will in fact embrace a channel completely controlled by an operating system creator, freedom be at least darned, if not entirely damned.

Microsoft has its own one in the works for Windows 8, replacing failed attempts like Windows Marketplace. Gatekeeper is the next step - an OS-level block on Mac applications not downloaded from the official App Store.

It's due to be shipped switched on, with three levels of security: allow anything, only allow approved apps, or pop up a scary looking message if you try to run something you've downloaded from somewhere other than Apple's walled garden. The latter is the default setting, and while it's no great hardship to click an 'I Foolishly Accept These Risks, O Wise Guardian' button, you can be sure it'll frighten off many less experienced users.

If it works, you can expect it to come to Windows too, along with all the obvious implications. So why don't I feel scared by this? In my heart, I know I should be.

Over the last decade or so, we've fought this kind of battle again and again - that an OS provider's job is to make the software that lets our computers do cool things, not to install itself as some kind of all-seeing overlord or stick its tendrils into our business.

Microsoft Passport, for example, was burned to a cinder for trying to be a single sign-on tool for web commerce. Ten years ago, the mere thought of allowing a vendor to be the gatekeeper of 'their' OS software would have been thinkable. It gives them incredible power to both squash competitors, and to screw up.

As just one example of many, Apple once infamously rejected a Project Gutenberg app on the grounds that kids might use it to read the Kama Sutra. They've also squashed things like Phone Story - a satirical iPhone game about its manufacturing process - while allowing stupid fart apps to roam free and flatulent across the plains.

Changing times

But things change. Priorities shift. Much as single sign-ins aren't controversial any more - indeed, many services like Netflix and Spotify prefer you to just authenticate with Facebook, while others out there use Twitter - people have largely come to crave different things into their software.

Choice is important. However, so are stability, reliability and security, and these can only be reliably enforced at OS level. As of now for instance, it's not only incredibly unlikely that a download from the App Store will be dodgy, all apps downloaded from it have to be sandboxed to prevent them causing trouble.

Not being able to run weird and wonderful stuff from the internet is worrying for us as high-level users, but on the flip-side, imagine never again having to spend your Christmas holiday painstakingly decrapifying yet another slow-loading machine full of pop-ups and toolbars and spyware. Take a moment. It's a thought to savour.

Even an ideal implementation has many implications though. What happens when an OS store changes or gets relaunched? You can see a preview of that now on games consoles, where no thought is typically given to letting you play your purchases on future equipment.

What happens when developers go out of business? What happens to politically tricky tools like BitTorrent? What will happen to software like Chrome and Firefox versus Internet Explorer if the platform owner simply drops the hammer? What if the protection stretches to encompass web pages, as with mobile phones, giving Steve Ballmer control over your porn access?

Even with its problems, Gatekeeper is a good idea. It gives Apple more control over your Mac, and yes, a PC equivalent would do the same for Microsoft. At the same time though, it gives you a fair chunk extra as well - most importantly, control over exactly what gets installed onto it.

That's never been more important than in the current online security climate, and less authoritarian tools like UAC simply aren't up to the job - and not just because they're too annoying to be left on if you have the computer savvy to find the off switch. The catch, which would ideally be backed up by law, but obviously won't, is that this type of protection is only a good idea when it's an option you want to leave on.

Mandatory, it would be dreadful beyond words - which is all the more important as the power to not only control a platform, but take a cut of every application sold for it, is the kind of thing that makes shareholders salivate. Coupled with laws like the DMCA, we could well end up with a world where people are sued for jailbreaking their own PC - and nobody at all wants that.

Maybe Gatekeeper needs a Warden. Hackers, consider yourselves challenged...