The Mac App Gold Rush in the Age of Vibe Coding
11 points by Caio
11 points by Caio
This article describes everything I've been feeling lately. boringBar was announced on the orange site recently and I was interested, but it requires all of the permissions, and the site doesn't even have a human's name on it.
I ended up looking up the LLC before asking myself what I'm doing with my life. I just don't feel comfortable tossing something on my machine that has zero existing footprint that I can easily find.
Funny enough, it looks like someone vibed OpenBoringBar which I might give a go since I can at least easily verify it isn't exfiltrating data anywhere.
The permissions thing is highly sus, yes, but, how much creator info would assuage you?
There's potential harm in exposing information to Internet randos, and using legal entities as a way to abstract over that is helpful for individuals wanting to avoid that.
And regardless of how established a company is, if its app is requesting permissions it has no need for, that’s a big old smell. I’d stay away.
For what it’s worth I’ve done just enough macOS dev futzing with similar problems to feel pretty confident the app does indeed need those permissions to do what it’s trying to do.
Doesn’t address your other concerns but I don’t think the permissions request is that suspicious.
One nice thing about macOS is that you can either give an app no permissions, or a ton of permissions but no network access. I use Little Snitch to lock everything down that has any big permissions like accessibility, screen record, etc.
I’ve been able to avoid having to run software that needs both, with very few exceptions.