Mac OS X chess engines - digital signature for Apple?

Discussion of anything and everything relating to chess playing software and machines.

Moderators: hgm, Rebel, chrisw

Norbert Raimund Leisner
Posts: 1643
Joined: Tue May 20, 2008 4:57 pm
Location: Augsburg - Germany

Mac OS X chess engines - digital signature for Apple?

Post by Norbert Raimund Leisner »

Hello together,

although I am not a Macintosh user I put this thread for a public discussion:

George Merchant, author of Green Chess - GUI http://www.greenchess.com wrote to me this email:

Thanks. I did take a look at that engine. I did see that it wasn't digitally signed as an Identified Apple Developer.
I wish more of the UCI chess engines were digitally signed at least with Gatekeeper on the Mac now for security reasons.
It wouldn't be that hard for the UCI engine programmers to buy and put a digital signature in them. In future versions of OS X,
I'm not sure if Apple is going to let digitally unsigned code run on their platform anyway which is the way it seems things are going.

George Merchant
www.greenchess.com

Best wishes,
Norbert

P.S.: this topic concerns Critter - Green Chess was mainly tested with Stockfish - but what´s about other (free) Mac chess programs in the future? I hope that will not be the same procedure like The Crazy Bishop and Windows 8!
Top
Modern Times
Posts: 3550
Joined: Thu Jun 07, 2012 11:02 pm

Re: Mac OS X chess engines - digital signature for Apple?

Post by Modern Times »

Just another example of Apple trying to control everything you do.
Top
zullil
Posts: 6442
Joined: Tue Jan 09, 2007 12:31 am
Location: PA USA
Full name: Louis Zulli

Re: Mac OS X chess engines - digital signature for Apple?

Post by zullil »

Norbert Raimund Leisner wrote:Hello together,

although I am not a Macintosh user I put this thread for a public discussion:

George Merchant, author of Green Chess - GUI http://www.greenchess.com wrote to me this email:

Thanks. I did take a look at that engine. I did see that it wasn't digitally signed as an Identified Apple Developer.
I wish more of the UCI chess engines were digitally signed at least with Gatekeeper on the Mac now for security reasons.
It wouldn't be that hard for the UCI engine programmers to buy and put a digital signature in them. In future versions of OS X,
I'm not sure if Apple is going to let digitally unsigned code run on their platform anyway which is the way it seems things are going.

George Merchant
www.greenchess.com

Best wishes,
Norbert

P.S.: this topic concerns Critter - Green Chess was mainly tested with Stockfish - but what´s about other (free) Mac chess programs in the future? I hope that will not be the same procedure like The Crazy Bishop and Windows 8!
Hi Norbert,

I just downloaded GreenChess from the App Store. George Merchant has done a nice job, and I'm looking forward to his adding more features in the future.

That said, I have no idea what he is concerned about regarding Gatekeeper on OS X. First, the level of security that the Gatekeeper system provides is entirely controlled by the user. It can be modified even by a novice using the Security and Privacy pane in System Preferences, and an advanced user can completely customize it from the command line using the spctl command.

But even with Gatekeeper set to its most restrictive setting, it won't prevent binaries being executed from a command line or from a trusted app such as GreenChess. It will simply provide a warning if a user attempts to open an untrusted binary using the Apple OS X GUI.

In particular, I had no trouble at all installing and running Critter in GreenChess. It crushed me as always, in maybe 30 moves. :D
Top
zullil
Posts: 6442
Joined: Tue Jan 09, 2007 12:31 am
Location: PA USA
Full name: Louis Zulli

Re: Mac OS X chess engines - digital signature for Apple?

Post by zullil »

Modern Times wrote:Just another example of Apple trying to control everything you do.
Why comment stupidly about something you don't understand?
Top
adams161
Posts: 626
Joined: Sun May 13, 2007 9:55 pm
Location: Bay Area, CA USA
Full name: Mike Adams

Re: Mac OS X chess engines - digital signature for Apple?

Post by adams161 »

i've been hazy on mac rules. is it necessary to sign java applications like jin and lantern chess? I'm aware they may be stopping java in the browser but i'm lucky lantern is an application and doesn't need java in the browser to work.

Mike
Top
zullil
Posts: 6442
Joined: Tue Jan 09, 2007 12:31 am
Location: PA USA
Full name: Louis Zulli

Re: Mac OS X chess engines - digital signature for Apple?

Post by zullil »

adams161 wrote:i've been hazy on mac rules. is it necessary to sign java applications like jin and lantern chess? I'm aware they may be stopping java in the browser but i'm lucky lantern is an application and doesn't need java in the browser to work.

Mike
I tested. I set Gatekeeper to only allow applications download from the Mac App Store. I then downloaded lantern516.jar and simply double-clicked to open it. An alert panel popped saying

"lantern516.jar" is a Java application downloaded from the Internet. Are you sure you want to open it?

I clicked Open and the application opened without further warnings.

This is on OS X 10.7.5 Lion. I'm not certain that Gatekeeper is identical on Mountain Lion.
Top

Return to “Computer Chess Club: General Topics”