Each time I open a new copy of Blender 2.8 on my Mac, I have to approve a security exception because Blender is “by an unidentified developer.”
I think that it would be very desirable – for this and other reasons – for Blender Foundation to secure developer licenses (for Apple and for Microsoft) which would give them the necessary cryptographic keys with which to digitally sign the files. This would itself be much stronger than reliance on “checksums,” while also removing the security warnings. We would now know that the image is authentic and untampered-with. In these unfortunate days and times, that’s quite important.
The cost is minimal – for a non-profit Foundation, it might even be free.
Blender 2.8 is obviously still in beta. Windows 10 (and sometimes my anti-virus) complains in much the same way every time I run a new version of the beta. It’s to be expected. I wouldn’t worry about it. I’m sure it won’t be an issue when it is finally released fully.
I have no clue about the ins and outs of Apple and Microsoft developer licences, but I don’t imagine they are suitable for builds released automatically on a daily basis.
You should be pretty used to go on system prefs, sec and privs, check open anyway, as every Mac Os user like me and you who want to use non-store software have to do.
Countless times.
Apple doesn’t want us to use rogue software. Sadly, the Apple ecosystem is not absolutely on par.
So, it’s handjob or using Cheetah 3d. Or Autodesk.
I know that you have to pay for a license (signing certificate), and I think that this is simply a cost which the Foundation should pay routinely. Microsoft and Apple do the same thing. This completely removes the legitimate concern that an executable might be tampered with by parties unknown.
If an executable downloaded from the official Blender website could be tampered with by parties unknown before they paid for a licence then it could just as easily be tampered with by parties unknown after jumping through hoops for Apple and Microsoft.
The Release Candidate on Thursday should be a real release build with signed installers for Windows and Mac, and Steam and Windows Store availability. Edit: on Windows the MSI installers can’t handle installing 2.80 final over 2.80 RC etc., so the MSI version will only be available for the final release. I believe that the Mac version available tomorrow will be an Apple-signed app.
I think Ton’s comment is simply that it costs the foundation money to support the Mac, not that they’re not doing it because of that.
The nightly builds (2.80 beta and 2.79 experimental) and non-installer (ZIP) install methods are not signed though things might change in the future.
I fully understand the technicalities of the situation, and I simply am of the opinion that all of the “nightly” images should be digitally signed – that we should not rely on “checksums” – and that this very simply needs to be a business expense borne by the Foundation. The nightly-build automatic process for each (applicable …) platform should as a matter of course include cryptographic signing of the image. And the Foundaton (we …) simply absorbs that cost, which of course is not “incremental.”
I feel that the benefits are justifiable, and that “therefore, we should do this.” All three platforms now support cryptographic signing as a matter of course, and we should follow them – paying the respective companies what they ask. “JM2CW.”
You will be happy to hear that the 2.80 Release Candidate for MacOS has been successfully signed and notarized by Apple, and will be available for download tomorrow along with the builds for other platforms.
On Windows, there won’t be an official MSI installer until the final release, due to interactions between the Blender versioning scheme and the Windows installer that can’t deal with installing the release version on top of the release candidate.