If I make an application for Mac OS X am I required to put it on the Mac app store or can I distribute it, on my website, for free?
And what about Windows?
Thanks
No there is no such requirement you are free to distribute your program however you want.
You may wish to use the App store as a method of distribution, but to do that you have to conform to various apple requirements.
I'm not sure what the equivalent would be for Windows, but again, there is no such requirement. Think of the millions of independent apps that have no affiliation to any centralized store, I would say the majority still fall in this category.
2018 Update - With increasing security concerns, and a desire to replicate the success of the iOS App Store, Apple have been making it harder and harder to run apps from outside the store. You can get digital certificates, and become a trusted developer, but it’s clear the future is the AppStore or broke if you want users to be able to easily run your app. Note that it remains, and likely always will, very possible to install and run any unauthorised app with a simple trip to settings, it’s just that’s clearly a big deterrent for many users, as it should be.
You dont have to distribute it over the Mac App Store right now but that might change with the next OS X, make sure to check this out: https://developer.apple.com/library/mac/#documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html
you can distribute it however you'd like. It does not need to be in the Mac App store. Same thing for Windows.
Related
I have this app of mine that is distributed on the Mac App Store and outside it, from my own site.
I need to detect, at run time, what version is running, so I can do some decisions inside the code.
Is there a way to detect that? How can I differentiate that? Is there a way to know if the app is signed for the App Store or not?
Edit: I have found this library but this is not good because it tells the app is not from the app store simply if the receipt is missing. But the receipt may be missing for other reasons. The lack of receipt is not a good enough reason.
I see two ways to do this:
Make a compile-time flag. Compile it one way for submission to the App Store, the other way for distribution outside the App Store.
Rather than just checking your app's code signature validity (as the library you found does), call SecCodeCopySigningInformation to get signature details, and look at the kSecCodeInfoCertificates array to see whether it includes your Developer ID cert or the "Apple Mac OS Application Signing" cert used by the App Store.
IMO the second option is significantly more complex and fragile; for example, if Apple changes how they sign App Store apps, your code may break. I'd go with the first option.
I have an app on the Mac App Store.
To meet the store requirements I had to remove my own serial code requirement at startup and then use apples purchase mechanism.
This raises some issues.
I have no way of knowing if a user has paid or not.
The /MASReciept/receipt data appears to only guarantee that the original purchase was genuine.
So whats stopping someone simply copying the .app to another mac?
I tried this and it worked.
As I am in a sandbox and can not see the actual mac how can I differentiate between the purchase mac and the mac the app is used on?
I am actually happy for the user to install on many macs that are using the same itunes account or part of family sharing.
You can validate the receipt either locally or through the App Store.
See the Receipt Validation Programming Guide
This is basically just a deterrent like most any other protection; a clever person can generally pirate an app at will, and there's not a whole lot you can honestly do. I would recommend focusing on making your app better — if it's worth buying then usually people are willing to pay for it.
TestFlight is a welcome change for iOS. It makes distributing beta versions painless for both the developer and the testers.
Does Apple support TestFlight for Mac OS as well? I've done quite a bit of searching and haven't found anything conclusive one way or the other.
We have an OS X app store app that turns out to have an install problem with Yosemite. We failed to do a first install test against Yosemite, so we missed the problem.
I developed a fix and would love to have some new users try it out. It's petty complex, difficult and disruptive to have current users delete the entire "container" directory and kill the preferences process in order to simulate a fresh install.
I also don't like the idea of distributing an unlocked version of our app. If that gets out, it could damage sales of the app store app.
I've done things like added an expiration date to a test app (weak protection) or created developer ID builds that will only run on machines from a specific list of MAC addresses. The last approach works, but it's tedious and painful to maintain, and requires that the tester give up uniquely identifiable information about their machines.
I'd really like the ability to create apps that will only run on beta tester's machines, like TestFlight does for iOS.
This is a developer question more than a code question. It isn't a great fit for SO, but I can't think of a better Stack Exchange site to post it. If anybody has a suggestion of a better site to post the question I'm happy to move it there.
This document at Apple Developer explains it.
It says you should register the testers' devices and generate a provisioning profile that includes them. Which means, theoretically, the app won't run on any device not in the list.
Here is the strange thing about it however: I have two Mac computers and I didn't register either of them with my provisioning profile (in fact the list of registered devices is empty right now), but I can run the exported app image on both easily. The app is sandboxed and signed, ready for App Store distribution, but nevertheless it runs on unregistered computers. It might be that with an empty device list it allows to run on any, or it might be that I'm doing something wrong with code signing.
I will update the answer once I figure this out.
Good news for everyone (including me) waiting for TestFlight for Mac - it just got announced on WWDC21.
Unfortunately, it might take another few months until it is out of beta and publicly available for everyone. But since this question is almost more than 6 years old, its just a fraction!
I"ll update the answer if there are more details available
Update
TestFlight on Mac will be available to download on the Mac App Store. It will be similar to the iOS version of TestFlight offering almost the same functionality to both developers and testers.
It supports both native Mac apps and iOS apps on Apple Silicon!
It is now available.
TestFlight is not available for Mac apps.
source: https://testflight.apple.com/
😕
Many of the possible duplicates seem to address methods of updating apps both normally and via App Store.
This one mentions a few working solutions:
Mac App Store Receipt Validation Code?
for programmers like me who want to not reinvent the wheel from the Apple Docs:
https://developer.apple.com/library/mac/#releasenotes/General/ValidateAppStoreReceipt/_index.html
My problem is that I'm having a hard time finding finished "libraries" that work.
I would simply like to know if anyone has had success with any of these open-source projects and whether any of them are particularly easy to use.
I'm trying to give a license to all the users who have bought my app from Mac App Store in order to give them faster updates.
What i was thinking is to do an update for the Mac App Store version of the app that will let user register from within the application itself. But i'm having problems figuring out how to test if the application was really taken from Mac App Store and not from a pirated source.
Is there a way to test if the user bought the app from AppStore. Apple does not release this info - as if it would - i could just test if that user email is in the list of people who downloaded the app from AppStore.
Thank you in advance for the help,
Bogdan Vladu
You could have the MAS version of your application copy the Apple-issued receipt to the Application Support folder.
The independent version could look there for a valid receipt. If there is, it will behave like the fully licensed version. If there is not, it would go to demo mode.
If you're making enough money from this app to pay money for DRM and obsfucation, go for it. It might slow down the pirates enough for it to be a profit for you.
Otherwise, you're pitting your own time and skill against everyone who's interested in pirating your app. It's a losing battle, unless your app is really unpopular, in which case you've lost again.
In short, there's no algorithmic way of making sure. Code obsfucation is the way to go, and hope that the pirates don't find the "check-for-tampering" module.