←back to thread

Grayjay Desktop App

(grayjay.app)
510 points pierrelf | 1 comments | | HN request time: 0s | source
Show context
lkurtz ◴[] No.42474314[source]
Recommending (and running) `xattr -c` can be extremely dangerous. I would suggest withholding Mac releases until they can be distributed/run safely.
replies(4): >>42474522 #>>42475419 #>>42479203 #>>42480732 #
crazygringo ◴[] No.42474522[source]
As someone not very familiar, is there any legitimate reason why they say "Our Apple signing/notarization is not entirely done yet"?

It feels extremely suspicious, given that I download lots of other popular utility software from independent devs and I've never had to do that before.

replies(3): >>42474641 #>>42474650 #>>42475640 #
jeroenhd ◴[] No.42474641[source]
As a platform that basically started as a way to watch Youtube without tracking and ads, I think Grayjay should be sceptical of any third party code signing validation requirements. The copyright lobby has gone after software and its distributors before, even if it doesn't inherently pirate any content without user configuration.

I don't know why this app would need Apple's signature in the first place, seeing as it's not distributed through the app store. Is this like how you need to pay for a certificate to make the "are you sure you want to run this" prompt look less scary?

replies(1): >>42474817 #
1. lkurtz ◴[] No.42474817[source]
There are certainly valid, conflicting opinions around signing/notarization requirements for software. But notarization does provide end users with some safety guarantees that legitimately make running the software less risky. The scariness of "are you sure you want to run this" prompts is fairly grounded in real risk assumed by the end user.