Absolutely! For me it feels as if Mac OS repeats the errors of MS Windows Vista and 10. For instance, the horrible telemetry as well as the suboptimal "one interface for touch and mouse pointer" paradigm.

I feel the Mac os ui is still a lot better than both win32 ui and the new "modern" ui in uwp apps. Mac os ui is functional, easy to use, enough information density. And the animation, styling and graphics that looks great on a high dpi screen. And there is cohesive design and animation on the system and the apps. Apple's design is both beautiful, fluid to use and functional. While microsoft's design? It's still non existent. Even app design is just... Like teams ui is clunky to use, has huge title and side bars, low information density.

Win32 ui just looks 90s, and some looks broken on high dpi screens. While microsoft's new ui is just broken for the desktop use. Text size is different between uwp apps like mail, and win32 apps like word. They are even from the same company and same product team.

I don't think ever mac will be touch based. They share design style with ios. But it's going to be optimized for mouse and keyboard. And I love how you can search for commands in a app on the Mac in the help menu. It allow you to access app features all by typing what you want. You can use gui like a cmd.

Can you expand on "horrible telemetry" please? And since no Macs have a touch screen, I'm not sure what you mean by the "one interface" thing. Big Sur may resemble iOS but it is not the same interface at all.

When installing Windows, I had to unplug the ethernet during a particular setup screen to avoid having every login checked against my cloud account. It put Candy Crush and Farmville ads in my start menu without consent. I remember having to spend effort to get Cortana to go away and (maybe) not send my searches to the cloud.

In MacOS, we've recently seen: pushy siri, sending search results to the cloud, and yesterday the OCSP failure made it obvious they were sending logs of every app launch to the cloud :/ . It's the same direction, even if they aren't yet quite as lost as Microsoft.

You opted in to enabling Siri and they are simply validating the signatures on the apps.

I know, right? What's with all these people, expecting their personal computers to respect their privacy? If you want cool features, just be quiet and let Apple send whatever data they want to their servers. It's fine!

Did you miss the part where the parent reply said "opted in enabling Siri"?

I mean, if you enable a completely optional feature that requires giving up a bit of privacy for its literal intended functionality, how is it Apple's fault? And unlike Cortana on Windows 10, you can disable Siri feature just with a click of a button, or you can just click a button to not enable it in the first place. When you start your new Mac for the first time, it asks you very explicitly if you want it enabled or not.

I complained about Siri being _pushy_. It is. That's Apple's fault. If you opt out of Siri, that should be the end of it. It should not constantly nag you to enable it with an update-available style box and it should not drop a button in the button bar right above the delete key where it is guaranteed to get accidental presses.

This annoys me too. Every time I update my phone it asks and doesn’t go away until I go into settings.

Really off-putting and unexpected from Apple.

They could use bloom filters and inherited trust to avoid having to send the signature of every executable to the internet. And there really should be a switch to turn this off for people who don’t want to be treated like children and will accept the risk of malware. Make it something on the command line and I guarantee no regular user will enable it.

There's probably a middle ground but you know that within a day of making it optional, the various "Clean my Mac" utilities will have an option to disable it and soon enough instead of 99% of people having it enabled, 75% will have it dibbled. And then some malware hits and spreads like wildfire and the same people who were so adamant on disabling it are now complaining that Apple isn't doing enough to protect them and woowee Macs are just as insecure as Windows.

Speaking of Windows, they also moved to a "we know what's best for you" model with Windows 10.

Definitely a "damned if you do, damned if you don't" situation.

I understand why "power users" feel frustrated but also understand the company's POV. A story like "Macs are invulnerable to this latest ransomware attack" looks pretty good to investors; the random complaints of nerds and power users go mostly unnoticed.

I bet $100 this latest scandal will not affect Apple's bottom line nor will anyone care within a month - there'll be other reasons to be outraged over on Twitter.

I don't think I ever opted in to Siri. How can I turn it off? I've disabled it from the menu bar but it's still on the touchbar, just waiting for me to slightly miss the delete key

To remove Siri from the touchbar:

System Preferences -> Keyboard

Click on "Customize Control strip"

You then drag and drop items on and off the touchbar. It is a totally inane, unintuitive interface and it took me forever to find it. Also, I couldn't figure out how to change it because the option DISAPPEARS if you're trying to customize in clamshell mode. The touch bar has to be open

I can't tell if it's deliberately bad UX, but I spent months being asked if I wanted to turn on Siri typing on this keyboard...

It’s one of the installer screens you get every time you install or upgrade OSX.

You would’ve seen it at least a dozen times by now.

I feel like macOS asks me about Siri and privacy at login after every major update, with an unskippable setup window, but at least after account creation. Open System Preferences > Siri and disable Ask Siri. You can edit the Touch Bar via a menu in Finder.

System Preferences -> Siri and then disable the Ask Siri checkbox in the left.

Alas, that didnt remove it from the touchbar

System Preferences -> Keyboard -> Personalize Control Strip

It is hard with sys Perf. and keyboard ... and not good in interpreting one’s voice as well.

How does one disable the signature validation?

In /etc/hosts:

  0.0.0.0 ocsp.apple.com

then:

  sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder # refresh hosts

Or alternatively:

  defaults write /Library/Preferences/com.apple.security.revocation.plist CRLStyle None
  defaults write /Library/Preferences/com.apple.security.revocation.plist OCSPStyle None
  defaults write com.apple.security.revocation.plist CRLStyle None
  defaults write com.apple.security.revocation.plist OCSPStyle None

Disabling OCSP (I believe you have a typo in your hosts file suggestion, by the way) presumably doesn't actually disable notarization, just the OCSP (checking for revoked certificates) part of that process.

Yes, thanks. Edited to fix.

I'm currently opted out and haven't been getting nagged at all on MacOS 10.15

How'd you do it? Any chance you remember the command that worked?

Just uncheck the box on System Preferences: https://i.imgur.com/FCuNZMO.png

I don't even remember Siri also exists on Mac OS most times.

If I put my preferences in that state I get nagged to enable Siri every morning. I'm on 10.15.5 (19F101).

I guess I'm in the wrong leg of the A/B test. Fing fantastic.

This sounds like you may have a corrupt preference file somewhere - perhaps deleting ~/Library/Preferences/co. On a normal install, you'll only be asked to enable on major OS releases. Since you're also on an old version of Catalina it'd be a good idea to install the security updates, too.

You could try to delete all of the preference files:

    find ~/Library/Preferences/ -iname com.apple.siri\* -delete

> Can you expand on "horrible telemetry" please?

Phoning home on every executable launch. Both because it's bad for privacy, and because the implementation of it is absolutely horrific such that when Apple's servers went down it basically locked up everyones computers at the same time.

It's on the front page still, even: https://news.ycombinator.com/item?id=25074959

Is it even really telemetry as we'd consider it? It's OCSP digital signature verification... to check if an app signature wasn't revoked. (or a website cert, or anything really)

It sends a hash of every executable you launch to Apple, how would that not be considered telemetry?

Not the hash of the executable, but the certificate that it's signed with.

What's the ratio between certs and applications on your Mac? Is it pretty close to 1:1, excluding Apple's own products?

Big Sur incorporates apps from iOS using Catalyst. iOS devices all have touch screens.

Not sure what you mean by telemetry.

Apple asks you every time you upgrade OSX whether you want to send anonymous data to Apple and third parties. You just need to click no.

They also check app signatures for revocation at first launch (and maybe other times).

By the standards of modern disk and network, couldn't they download revocation caches the way they do with malware?

>By the standards of modern disk and network, couldn't they download revocation caches the way they do with malware?

The whole point is to check if a cert has been revoked. If you have an out of date cache, you'll falsely approve a cert that should be revoked. I'm not defending the system as a whole, but if you care about revoking authentication – which they clearly do – then a cache directly undermines that goal.

A malware hash doesn't get revoked, new ones just get added.

So update it every hour.

Or every time it feels the need to check a program, instead of asking about that program, it could ask for all revocations from the last day.

They are checking the certificate. Not app signatures.

The certificate can be (and is) hashed.

They send MUCH MUCH more than that - and you cannot opt out.

I think I've blocked 20 different processes from talking to apple.

Little Snitch helps - but we've seen where that's heading.

Don't forget the incessant nagging and notifications. That was what drove me to MacOS back in the days of 10.3.

You cannot reasonably turn off all the security warnings and permission requests.

turn them off

They (Craig F) stated that’s not what they are doing. They aren’t merging paradigms.

They are bringing the best bits of iOS to macOS

It’s designed to unify the Mac and iOS experiences.

Why ? Because once everyone starts using iOS apps on their Mac eg. Netflix, Outlook Mac-only apps will slowly disappear. Hence you will need a look and feel that works on touch.

Do people really see this happening? It's been one of those big promises for nearly a decade and we're really nowhere near closer to it.

You can run android apps on chrome(/chromium) and other than for novelty I don't know anyone who does so.

The Android tablet scene is almost non existent. With the ipad pro and magic keyboard you could realistically use an ipad as a laptop if the software you needed was on it.

I imagine that eventually devs will target pro software for the ipad and have it come to macos for free.

How are we nowhere close when you can run iOS apps today on M1 ?

The promise that people use mobile apps in lieu of desktop apps, not that it's technically possible.

As I mentioned, chrome and chromium have enabled this for android for awhile now.

Agreed. Giant titlebars taking up vertical screen space is a clear concession for fingerability.

No, it's a "concession" for legibility. And I think they look very nice (much nicer than the old grey ones), too.

They just struck me as absurdly large for mouse interaction but sensible if you plan to introduce touchscreen at some point. Ditto for all the control center controls.

See also this marketing asset that shows finger interaction with Mac OS: https://twitter.com/mantia/status/1327055883025539072?s=21

As someone who wants a minimal experience for developing, I like the changes.

You can turn off the menu bar, the rounded corners just look nicer, and I’d rather have simple looking icons than a bunch of words in the UI.

Exactly this. The idea of seriously powerful machines with great battery life is awesome. An even more proprietary, locked down system with software that keeps getting worse? Not at all.

I wonder if there's a standard of change somewhere that disable most/all of Apple's security/lockdown features.

As late as today I believe you can still turn off most of it.

I understand Apple making it super secure for non tech people, but it should provide a way to disable all that stuff for power users. And I mean some setting in the preferences, not hacking the hosts file.

I agree with your premise (a way to disable), but isn’t it better they make it hard to do? Kinda like a competency test to make sure you know what you’re doing.

I do agree. You don't want your grandma or teenager kid changing that setting. But it should be an official way of doing it, not a series of hacks on the OS.

I don't agree, there should be a clearly defined way to do it for safety sake.

Exactly. This thing would be a killer dual-boot linux machine. But they won't release any drivers, and I think secure boot will probably only do MacOS.

I'm an ancient IT guy (35+ years). I used Linux on desktop/laptop/server from 1995 onwards. I got a Mac Pro laptop 5 years ago (before the keyboard debacle) because I wanted quality hardware.

I'm running Big Sur and have been since the public beta. I also run iTerm2 and Macports and Firefox and Thunderbird. My editor is Neovim.

MacOS is still a BSD Unix underneath. I can't think of anything I want to run on Linux that I can't run on MacOS.

I also get a nice UI, native first class apps for all my various WFH chat/video clients, MS Office for work etc.

Why exactly would I want to dual boot into Linux? What runs on Linux that doesn't on MacOS?

Personally, I like the UI on linux. I can customize it to my hearts content, and run whatever style I want. I can switch from my i3 setup, a tiling wm, to GNOME in an instant. MacOS is alright, its UI is just a tad bloated and some things I don't like. But I can change and choose my UI in linux.

MacOS just doesn't run great on my 2015 MBP (dual-core) either. I have a 4k monitor, and launching 5 chrome/safari tabs, zoom, and VSCode creates noticeable lag. Window dragging being 24fps, choppy scrolling, etc. I'm sure linux would run better on the same hardware. Its not what doesn't run, its how it runs.

Some pieces of software are Linux only, like Singlularity(scientists aren’t allowed to run Docker). And getting some of scientific packages can be a hassle due to compilers, but I can get 99.99% of very niche packages working on Mac.

MBP is a killer machine because it lets you install Unix software AND you don’t have to know what a driver is. That’s the selling point for me. Every time I’m seduced by XPS 13’s slick design, I read couple horror stories from users trying to troubleshoot driver issues on Ubuntu. It’s just not worth it.

>I've never been so excited and so turned off at the same time.

Oh yes. Apple Hardware are still in great shape from a high level overview. But Software and Services.....

Despite both having its own sets of problems, they are still industry leading. Which always make me unsure what to make of it, are Apple really that good? Or Microsoft and Google just doesn't know how to compete? Or more likely a bit of both.

Every time I read comments like this I’m wondering what’s going on. I’ve used MS DOS, Windows 98, Ubuntu since 8.04...And never have I been so happy with an OS as on Mac.

I could not agree more strongly.