Litter Boxing

Application sandboxing is upon us and it's bitter sweet. Sandboxing is intended to protect Mac users from malware and poorly designed apps. I think it will accomplish some of these goals, but with a high price.1

I've always recommended buying apps like Keyboard Maestro outside of the App Store. The first hint of this came when BBEdit first rolled out onto the App Store and lacked some basic command line integration and authenticated saves. I saw this as a subtle nod that power-user apps would all be downgraded if they are sold through the App Store.

Some apps just can not work with the current sandboxing rules. The first app impacted on my Mac was Moom. The App Store version of Moom will not be updated beyond the latest release (3.0) due to sandboxing.

The latest casualty is the just-released TextExpander 4. The new version can not function under the current sandboxing rules. Their FAQ explains the consequences and they are helping people upgrade outside of the App Store.

I expect this trend to continue with many apps that control or modify the user environment. It's a consequence of the Mac's future.

Damned If You Do...

I consider myself a "power-user". I've tweaked and modified my Mac to a grotesque degree and I like it that way. But I also like what Apple is doing with sandboxing. I know how to use the internet. I can still buy apps like Moom and Keyboard Maestro directly from the developers. I also understand the consequences of doing so. Yes, there are downsides. Normal users also like convenience applications like TextExpander. However, sandboxing benefits end users in two big ways.

New Mac owners lose the fear that Windows has instilled. I've seen it happen over and over. Ever so slowly, they begin to realize that installing software doesn't have to be scary. Everything on the App Store is "safe" because Apple is moderating the content.

The second benefit, and where apps like TextExpander and Moom lose, is that a Mac behaves in a predictable way. Nothing is more disconcerting to an inexperienced user than for standard behavior to suddenly change when a new application is installed. It sounds a bit silly that someone would buy an app like TextExpander and then be confounded when it suddenly starts changing text as they type. But many people lack a context for what to expect when a new application is installed. Apple is doing their best to help. Apps are not auto-launched when installed. They are always installed in Launch Center with a visual indication of where it can be found. The App Store is for the novice.

The App Store is still a great resource. I love not tracking license codes and installers. I love browsing a single source with ratings and reviews. Unfortunately, the current App Store design was not created for people like me.

Just think about the problem for a minute. Try to design a solution that satisfies the most sophisticated user and makes the most novice user feel secure from the start. That's a hard problem. Apple's solution is this: The App Store is for the novice. The internet is for the geek.

A Modest Proposal

I'd like to see another layer on top of the App Store for power-users. A layer that would allow some easing of the sandboxing rules. Here's my suggestion: Make a "sudo" preference.3

I would like a control in the preferences app to allow App Store apps to override core OS functionality and escape some of the sandboxing rules. Let's call it "geek-mode" for now. Geek-mode should take effort to find. Geek-mode should require a password. If geek-mode is off, the App Store should not show apps that require it.

I appreciate that I am a small segment of the market. There are far more people that use their Mac the way it came out of the box than there are setting up cron jobs to scrape a website for error messages. But, I'm also part of the market that buys a new Mac at regular intervals. Each person like me spends more on hardware and the App Store than the novice. I think it would be a worthwhile endeavor to keep us shopping in the App Store.


  1. Will Shipley is an expert and has written a thoughtful article about real security on the Mac.  

  2. Chris Foresman also discussed Apple's potential willingness to compromise on sandboxing. 

  3. Of course, don't call it "sudo".