2
points
milisp
Joined 4 karma
- You’re right — those numbers are illustrative. It’s a hypothetical estimate based on a real-world scenario where a minor install issue (like Gatekeeper rejecting downloads) leads to a non-trivial drop in conversion. Even if it’s just 1% of downloads failing, at a $5 CAC, that’s serious money at scale.
I’m open to better sources — and would love to improve the repo with more concrete stats if anyone has them.
Not trying to spam HN, promise — but yeah, I want to change this situation for indie devs, and I’ll keep improving and sharing until it actually helps more people.
- Thank you for the thoughtful questions!
Why It’s Different From Windows
On Windows, unsigned apps usually trigger a “Unknown Publisher” warning, which: - Clearly labels the app as unsigned — not “damaged” - Still allows the user to easily override the warning and open the app - Doesn’t falsely imply the app is corrupted
On macOS, the message is:
“App is damaged and should be moved to the Trash”
This: - Strongly implies the app is broken or dangerous - Misleads non-technical users into deleting safe software - Can trigger across all user files or multiple apps after updates, as seen in real cases
Cost to the Ecosystem
It’s not just about the $99/year: - Small devs, educators, hobbyists, open-source projects often can’t justify the fee for a free tool - Explaining this to every user takes hours of support time - Thousands of safe apps are abandoned or ignored due to the scary warning - Users lose trust in perfectly good software
We’ve estimated: - Over 1 million users have abandoned apps due to this message - Devs waste millions of dollars worth of time explaining workarounds
The Goal Here
We’re not asking Apple to remove security — just to make the message accurate.
Changing “damaged” to something like:
“App is not signed and may be from an unknown developer”
…would solve 90% of the confusion, with no loss in security.
- I'm sorry, miss a g word, here is the new url:
- macOS often shows this message: App is damaged and should be moved to the Trash. But most of the time, the app is just unsigned — not actually damaged. This repo collects real-world cases, time lost, and proposes a fix. https://github.com/milisp/misleading-macos-damaged-warning
- 6 points
- 1 point
- 3 points
I built a desktop app (Tauri + React + MCP) where you browse your files in a tree view, and just click + next to any file to add it to your AI conversation.
- No more manual context setup - Works offline, privacy-first - Cross-platform (macOS, Windows, Linux) - Connects to 600+ tools via MCP server
It feels obvious in hindsight, but it's been a game-changer for my workflow.
Would love feedback or ideas. Repo here: [https://github.com/milisp/plux]
Blog: https://github.com/milisp/plux/blob/dev/docs/BLOG.md