The existence of the Mac App store split Mac apps into two categories - those certified by Apple as safe and everybody else. The "everybody else" category was a bit broad, though. As people began to see apps from the Mac Apps Store as safe, they began to think of "everybody else" as unsafe.
The fact of the matter is that there are many legitimate Mac apps that aren't available in the Mac App Store. Some app developers don't want to sell their apps in the Mac App Store or they can't because their app breaks some of the very strict requirements to be allowed into the Mac App Store.
Really, "everybody else" can be broken down into two categories: legit apps by legit developers and the shadowy apps that no one knows much about.
Here is where Gatekeeper enters the picture. Apple has created a system where developers can apply for a "certificate" to include with their apps. Apple doesn't check out the apps that include a certificate to make sure they don't have any malware, but Apple does have the contact info and credit card information of the developer which makes is much less likely that a developer with a certificate is going to do anything bad with their apps.
When you download an app and run it for the first time, Gatekeeper takes a look a where the app came from and decides if the Mac can open it. You have three options for how Gatekeeper operates:
- At its most strict setting, Gatekeeper will only allow the Mac to open apps from the Mac App Store.
- At the middle setting, Gatekeeper will only allow the Mac to open apps from the Mac App Store or from a developer with a valid certificate. This is Gatekeeper's default setting and probably a safe one.
- The most open setting of Gatekeeper will allow any app from any source to be opened. If an app is going to contain a Trojan Horse, it will most probably fit into this category.