> It's easy to temporarily disable Gatekeeper, install what you want, and then turn it back on.

Please don't. Just right click and choose open. You will be able to open it, and whitelist the app in the process.

Why should I choose that over disabling Gatekeeper? Your way adds more steps but is not any safer for me.

If you forget to re-enable Gatekeeper, you're hosed. That's the big one - security-related process/workflow should be as idiotproof as possible.

> If you forget to re-enable Gatekeeper, you're hosed

Let's not exaggerate. Everyone got by perfectly well for years and years just using common sense about what to install. Gatekeeper is a welcome layer of defense but I doubt many experienced users would be "hosed" without it.

I deliberately never reenabled it. I've yet to be "hosed". What are you so afraid of?

iOS devices effectively run Gatekeeper full-time with no way to turn it off (aside from jailbreaking). I don't think it's unreasonable to think that the Mac's current Gatekeeper is just a stop along the way toward that.

Because the use-cases for phones and macs are exactly the same! Because there is no valid use-case for GateKeeper other than Apple wanting to control every piece of software on your machine. Because Apple totally doesn't care if third-party developers jump ship from their platform because the developer tools are locked down.

Because paranoia is so much more fun than rational thought.

Excuse me. I only meant to point out that Apple already has a platform where they control every piece of software on your machine, and so it's not absurd to think that they might try to do this on their other platform. I don't think my post merits your implication that I'm not thinking rationally.

I don't think jumping to that conclusion is any more rational than worrying about the Mustang getting watered down based on Ford's releasing a new Fiesta. Even if Ford does share Fiesta door handle parts with the new Mustangs.

What conclusion am I jumping to, exactly? I'm not concluding anything, just pointing out a possibility based on trends.

OS X is a certified Unix that ships with a CLI and admin accounts with sudo powers. To lock it down the way you're fearing, they would have to completely rewrite the userland of the OS.

Oh wait, they already did that: it's called iOS.

iOS is the ultimate proof that Apple does not intend to lock users out of their Macs: they already created a different product to enable that hand-held computing experience.

Yes, that's exactly what I was thinking. Their choices make me worry you'll need a licence to develop for mac in the near future. After that you can only install via the OSX App store, with Apple taking their cut.

> The point is to put another wall against unintended installs (aka exploits)

Unintended installs may be a type of exploit, but they're not synonymous with them, as 'aka' indicates. Gatekeeper does nothing to protect against, say, your browser being compromised remotely, as you can run unsigned code in a signed application. Gatekeeper raises the barrier to entry, but only slightly.

Right, but it does create a barrier to entry if you want laymen to run your software. This is especially annoying if you're a developer who doesn't own an Apple PC.