Comments

11 comments

  • Avatar
    rotblitz

    If you want it to "just work", why didn't you follow the instructions at the link you posted?

    Gatekeeper options are found in Apple menu > System Preferences… > Security & Privacy > General tab under the header "Allow applications downloaded from:" > Select Anywhere

  • Avatar
    randallw

    I know where Gatekeeper options are. The recommended setting from Apple is the selected setting as you demonstrate in the image. However, that setting does not allow the OpenDNS Updater to run, but the less restrictive setting "Anywhere" means that no software verification takes place.

    This request is specifically that the OpenDNS Updater software be runnable with the default (and reasonably secure) settings, not that I need to disable a security mechanism on OS X to make this work.

  • Avatar
    rotblitz

    "However, that setting does not allow the OpenDNS Updater to run"

    It does allow to run, but may need confirmation, as shown at the link you posted.

    "This request is specifically that the OpenDNS Updater software be runnable with the default"

    But following the link you posted it explains:
    "Note: The default setting for Gatekeeper in OS X Lion v10.7.5 is "Anywhere"."

    By the side, I treat this "feature" more for an Apple marketing strategy than a security measure.  One should know where applications are downloaded and trusted from...

  • Avatar
    Dominic Bannister

    Hi,

     

    Please try the Control-click/right-click option described on http://support.apple.com/kb/ht5290 in the How to open an app from a unidentified developer and exempt it from Gatekeeper

    section. 

     

     

     

  • Avatar
    randallw

    I know how to work around the certificate security mechanisms (aka Gatekeeper) in OS X. This was not a request for documentation on how to bypass that. This was a request to not have to bypass that.

    Since 10.8, the default has not been to accept any software from anywhere, but only to accept software that can be digitally verified not to have been tampered with. I would like to be able to recommend OpenDNS to other OS X users, but will not be able to recommend that they use the Updater without also recommending that they either disable or bypass a software security mechanism built into their systems.

  • Avatar
    rotblitz

    "This was not a request for documentation on how to bypass that. This was a request to not have to bypass that."

    This "feature" comes from Apple, not from OpenDNS.

    "Since 10.8, the default has not been to accept any software from anywhere, but only to accept software that can be digitally verified not to have been tampered with."

    This also comes from Apple, not from OpenDNS.

    "I would like to be able to recommend OpenDNS to other OS X users, but will not be able to recommend that they use the Updater"

    The Updater software is the least part of OpenDNS.  OpenDNS is a recursive DNS service, not a DDNS hosting service, so the Updater plays a small role within the service.  And the API is very well documented, so it's easy to create a script being able to keep the IP address information updated at OpenDNS, eventually via DNS-O-Matic..

  • Avatar
    joshuajabbour

    Thank you randallw. Amazed at the responses in this thread... no way am I going to instruct users to choose less secure settings in order to use OpenDNS on their Macs. The default settings Apple uses are their for a reason: to increase the security of users' Macs. Which is likely the reason many users sign up for OpenDNS.

    So please OpenDNS, set up a developer certificate with Apple and sign your software.

  • Avatar
    crun

    i'm with randallw and joshuajabbour. i know how to get around the signing restrictions on osx as well but no user of a reputable product should need to. get a developer certificate from apple and sign your code.

  • Avatar
    emilio.ramirez

    It's March of 2015 and the updater app still isn't signed. In case you were looking for more support behind this support, here's mine: OpenDNS, please become an identified Apple developer.

  • Avatar
    mpflug

    It's a new year - January 1, 2017 and still the issue exists.  I have been using the free service and was considering upgrading to the paid service, but seriously having second thoughts.  Not having a trusted app after all this time is totally inexcusable. Someone at Cisco needs to pound a table and get this very simple issue taken care of!  I will have to resort to regularly checking my front-facing IP and manually updating (deleting the old network, adding the new one and re-setting all my custom filters). Or - looking for another service or product. :/

  • Avatar
    rotblitz

    "manually updating (deleting the old network, adding the new one and re-setting all my custom filters)."

    No, this is not the way manual updates should be done.  How useless is this?
    You simply visit https://dashboard.opendns.com/settings/ and click the green arrows icon between the former and current IP address.  That's all!  No other custom settings changes.

    Or you visit this URL (this is the one Updaters use too):

    https://updates.opendns.com/nic/update?hostname=YOURNETWORKLABEL

    Alternatively use another update client like the built-in on your router, NAS, DVR, IP camera or whatever device, or another software for a computer.  You do not have to use this Mac OSX updater.  Any applicable updater would do.

Please sign in to leave a comment.