

Apple releases dev preview of Mac OS X 10.7 Lion with AirDrop, FileVault - sandipc
http://www.appleinsider.com/articles/11/02/24/apple_releases_preview_of_mac_os_x_10_7_lion_with_airdrop_filevault.html

======
thought_alarm
So it looks like they are removing the need for the Quit command and the Save
command, and are adding automatic document versioning.

In other words, Apple has finally brought the key features of Lisa OS to the
Mac. It took a little longer than expected.

~~~
whatusername
It took 6 years for the iPod to gain Wireless and more space than a Nomad. So
I don't see why you are shocked about 27 years for complicated stuff like
Versioning.

------
gks
Am I reading this right? That Lion Server is included in the normal OS X Lion
release?

That's pretty awesome if so. Means I'd be willing to fork over the cash for
one of those Mac Minis to use for Calendar/Contact syncing instead of using
MobileMe.

~~~
tshtf
Previously, only OS X Server was allowed to be virtualized (on Apple
hardware). I wonder if Apple is going to open it up to everyone.

~~~
CountSessine
Probably not, but I really wish they would. It would make experimenting with
programming kexts a lot less painful.

------
tptacek
Block-level full disk encryption would be a huge win, eliminating dependence
on PGP, which is pretty close to abandonware at Symantec (a recent 10.5 dot
release corrupted PGP WDE drives, for instance). Presumably, if it's cool
enough to have a brand name at Apple, it'll also gracefully handle
hibernation, which no FDE currently does.

Fingers crossed!

~~~
mapgrep
Sadly this feature comes just as SSDs are heading toward ubiquity -- whole
disk encryption greatly slows down SSDs to near hard drive levels when done in
software, as PGP users have learned ([http://forum.pgp.com/t5/PGP-Whole-Disk-
Encryption-for/PGP-WD...](http://forum.pgp.com/t5/PGP-Whole-Disk-Encryption-
for/PGP-WDE-very-slow-with-OWC-Extreme-Pro-RE-SSD/td-p/35153)).

That said, some SSDs can do their own encryption in hardware, but they need OS
support (via Trusted Computing Group standards) for it to be effective
(storing the key within the controller would defeat the point). Hopefully
this, too, will be supported under Lion. Certain versions of Windows 7 already
support it.

In any case it's a very positive (if long overdue) move.

~~~
ryannielsen
Whole drive encryption (e.g. TCG Opal) has many drawbacks. Most importantly:
it's "whole drive". There's no way to segregate individual user data and still
get the benefits of hardware accelerated encryption. For systems that need
segregated users (or even something like an unencrypted system volume with a
single encrypted user), you need to toss encryption hardware into the upstream
IO pipeline for any benefit. Sticking such hardware into the drive is too
restrictive, and also raises the cost of each drive.

Furthermore, many chipsets (such as Nehalem and Sandy Bridge) have integrated
AES acceleration that offer _significant_ encryption/decryption performance
improvements. While encrypted reads/writes will never match the performance of
standard reads/writes, Nehalem and SB very much mitigate the performance hit
and will still give multi-hundred MB/s throughput on fast SSDs.

If I were Apple, I'd ignore TCG Opal and focus on distributing Nehalem and
Sandy Bridge throughout the product lineup. (Or, in the case of iOS devices,
toss custom ASICS on the upstream IO pipeline.) Then you can offer true
encrypted user segregation (or one encrypted user and an unencrypted OS
volume) while still buying standard HDDs and SDDs in bulk. Win-win.

~~~
tptacek
The point of WDE isn't to do fine-grained separation of interests by security
level; it's to ensure that a stolen drive yields nothing to an attacker. In a
lot of settings, anything less than whole disk encryption sets a process in
motion requiring formal disclosures.

Segregated users and accelerated filesystem-level encryption is all good
stuff, but even with it, you still need WDE.

~~~
ryannielsen
No, you don't. Only user data needs to be encrypted. There's no value in
encrypting the OS or any apps. None. By definition, they must ship on
unencrypted media. Why pay any encryption/decryption cost for information that
exists unencrypted?

Assuming a perfect implementation, whole disk encryption costs money and
power. Any additional logic on the drives will raise their cost (at no benefit
if there's already CPU provided acceleration for the same operations) and will
raise power consumption.

The biggest benefit comes from truly segregated, properly and completely
encrypted user volumes, where all user-created is always encrypted with their
private key at all times. Chrome OS does exactly this, and all OSs should
strive to do the same. [1]

Opal solves a single use case. Flexible per-user encryption solves all cases
and offers better performance.

[1] [http://www.chromium.org/chromium-os/chromiumos-design-
docs/p...](http://www.chromium.org/chromium-os/chromiumos-design-
docs/protecting-cached-user-data)

~~~
kogir
Without WDE, how can you verify that the OS and apps haven't been altered? If
a laptop with WDE is left in my control for days and then returned, you know
you're still safe. Without WDE, you have to completely wipe the unencrypted
portion lest modified apps upload your encrypted user data once the system
boots.

~~~
ryannielsen
Arguably, all binaries comprising the OS and installed apps should be
individually signed to ensure they're never modified, even by a malicious user
who can access the encrypted disk.

Whole disk encryption guarantees nothing more than your disk is encrypted. On
pure single-user systems that are _never_ accessible by other users, that
might be fine. The second you allow more that one user, remote or local, to
access the disk, you may as well treat the disk as unencrypted. At that point,
you need to rely on per-user data encryption and OS and app signature
validation to prevent malicious attacks.

~~~
tptacek
Yes! WDE only makes sense for single-user systems (ie, most systems). Yes! WDE
does nothing about malicious software. You are correct on both counts.

------
blinkingled
Still no talk about resolution independent UI or some sort of DPI scaling. I
have to wonder how people are using OS X on their 27" iMacs with very high-res
screens. My eyes bleed on my 17" MBP with 1920x1200 - Windows DPI scaling
works quite well for the most part.

~~~
Stormbringer
Well, working on a larger monitor eventually weans you of the obsessive need
to full screen everything.

Once you get used to working with documents scattered all over, and clicking
on them to move them to the front and so forth, it becomes a more productive
way of working.

I'm not sure what it was about Windows that drove everyone to the full screen
way of doing things. I think possibly the thing is that all windows look so
similar on Windows that there was never really any visual clue about where the
window you wanted had gotten to, so it made doing that style of navigation
much harder.

I don't think the scaling is particularly good in Win 7. From memory it used
to be better. I recently had a crack at using it, and I played around with
different resolutions. Every single resolution that I tried other than the
native one was blurry. Some were only a little bit blurry, but some were very
blurry. I remember it being better than that (maybe I've just gotten fussier).
I ended up in the native (highest) resolution because anything else was too
horrible.

~~~
Groxx
> _I'm not sure what it was about Windows that drove everyone to the full
> screen way of doing things_

For myself, it's because so many applications have massive amounts of chrome
and tiny vertical scrolling content areas. Height is necessary. Add to that
that you can drag things above / below the borders of your screen, and
unnecessary borders on everything, and no shadows to show "height", and your
desktop becomes a cluttered, disorganized mess with too much scrolling in
almost no time.

7 fixes a _lot_ of that. You can drag things to the top of the screen to
maximize, and pull away to un-maximize. Height via transparency and shadows.
And a regression to thicker-than-ever borders :\ I guess you can't have it
all.

~~~
Stormbringer
My experience with 7 was that it made the clutter worse, not better,
especially in the Microsoft Office programs (not part of 7 I know, but first
time I'd used the most recent one coincided with the first use of 7. But I'm
thinking of things like how the buttons and toolbars are laid out in the UI
rather than drop shadows.

Didn't know that about dragging stuff to the top of the screen to maximise,
that's a good tip, thanks.

How does Win 7 perform with multiple monitors? Good? Bad? No change?

~~~
Groxx
Pretty well (I use two for work). The drag to top & bottom, and Windows +
arrow keys (try it if you haven't) make for some pretty fast screen
organization. You can also resize vertically to the top or bottom of the
screen, and you'll make the window fill height but not width.

Not that many applications have a rational layout if you drag them across two
monitors' worth of width, or restrict them to a half-screen. _Especially_
Microsoft applications. But omg is it nice to have full-width code from two
sources side-by-side... it almost makes Visual Studio bearable (though I'd
vastly prefer being able to rip windows _out_ of VS). I still keep a _decent_
programmer's text editor handy for quick changes and better side-by-side
comparisons, but it's not too bad.

------
beaumartinez
Apple has updated their page on Lion with descriptions and screenshots of
(all? At least all those mentioned in the linked article) its new features:
<http://www.apple.com/macosx/lion/>

~~~
psykotic
How many of the coolest-sounding features like Auto-Save, Versions and Resume
will require special support per application? Resume is the only one that
seems doable without that; they can piggyback on the existing OS support for
suspend-to-disk hibernation.

~~~
smackfu
Exactly. Currently OS X supports per-app Time Machine rollbacks, yet the only
app I've ever seen support it is iPhoto.

~~~
danssig
Mail.app supports it as well. It's saved me more than once.

------
Samuel_Michon
From Apple's Mac OS X Lion page [0]:

    
    
      "When you’re done with AirDrop, close *the Finder* and 
      your Mac is no longer visible to others."
    

I wonder if that's a typo and they really meant 'Finder window' instead of
'Finder'. In the current Mac OS X, you can relaunch the Finder but you can't
keep it closed.

If the copy on the Lion page is accurate, then Apple is moving towards
operation without the Finder, replacing it with Launchpad and Mission Control.
I can see how that could work for first-time Mac users, especially those who
already have an iOS device.

It reminds me of At Ease [1], an environment that hid the Finder from new
users, offering something similar to Lion's Launchpad.

[0] <http://www.apple.com/macosx/lion/>

[1] <http://en.wikipedia.org/wiki/At_Ease>

~~~
seanb
Ah, good ol' At Ease. The crippled app-launching interface it provided seemed
to be entirely responsible for the nearly universal hatred of Apple computers
by students at my high school. Compared to Windows 95, At Ease gave the
impression that Macs were only capable of performing simple tasks. Everyone
was thrilled when the Macs were replaced with cheap Windows machines.

------
jarin
Mail 5 looks almost exactly like Sparrow: <http://sparrowmailapp.com/>

Although, if Mail 5 is inspired by Mail on the iPad, it's probably more fair
to say that Sparrow looks almost exactly like Mail on the iPad. Also, is that
right that the developer preview is being distributed via the Mac App Store?
How does that work?

I will say though, I'm looking forward to impressing potential clients with
some fancy swiping at the coffee shop :)

~~~
charlesju
The power of sparrow isn't the UI, it's the deep integration with gmail. More
specifically, the labels are the killer feature.

~~~
Tyrannosaurs
For me it's the completeness of the integration - labels, starring, spam.
There's not much you can do it the web client you can't do in Sparrow.

~~~
narkee
Then why not just use the web client? It has 100% integration.

~~~
jarin
Sparrow is faster, doesn't take up the same memory that a tab does, and it's
faster to find the icon in your Dock than dig through 40 tabs, plus it's nice
to be able to quickly switch between Gmail/Google Apps accounts.

~~~
sjs
<http://fluidapp.com/>

~~~
scrod
Cool, now I can add the memory footprint of an entirely separate browser
instance just to check my email! What a great idea.

~~~
sjs
That's definitely a valid concern.

I use fewer site-specific browsers than I otherwise would because of memory
usage, but these days many of us have 4-8 GB RAM and running one or two SSBs
doesn't break the bank, so to speak.

------
samps
Anyone else catch this tidbit from Apple's site?

 _File Sharing for iPad: Lion Server delivers wireless file sharing for iPad.
Enabling WebDAV in Lion Server gives iPad users the ability to access, copy,
and share documents on the server from applications such as Keynote, Numbers,
and Pages._

This sounds like the OTA iOS file sync we've been waiting for.

~~~
schrototo
Sounds more like the "Copy to WebDAV and "Copy from WebDAV" options currently
present in all iWork apps.

------
smallegan
Any reports from HN users who have done the upgrade?

------
Stormbringer
From the article: _"Resume, which conveniently brings your apps back exactly
how you left them when you restart your Mac or quit and relaunch an app;"_

I really really hope they offer a "blow it away and restart from scratch"
option for apps. Having to delete and reinstall apps on the iPad that have
properly crashed (as in fall over, and then when restarted just crash straight
away again†) is annoying.

I actually preferred the 'inferior' way of doing things back when iPad was
single tasking, because hitting the home button would undo most programmer
screw-ups.

†Not sure how they manage this, probably via some settings in their core data
that they read in and then get borked up again each time. My theory is that
removing the app and then putting it back in works because the persistent
storage for that app gets reclaimed when removed.

~~~
swilliams
You can force quit iOS apps. Double tap home to bring up the menu, then tap
and hold the offending app icon. This will bring up the "jiggle" and a kill
icon.

~~~
Bud
That's not force quit. That's uninstall.

To force quit, you stay in the app you are quitting, hold down the power
button til you get the power-off bar, then hold down Home til the app quits.

~~~
jbrennan
No, the GP said "Double tap the home button", which brings up the Multitasking
tray. If you go into jiggle mode there, you can terminate the app. You'll see
a red icon instead of the X used for uninstall.

------
andymoe
I'm really excited about the new version of wiki server. (Scroll all the way
down to the bottom)

------
Synaesthesia
Netkas has confirmed the following about Lion: >Lion requires hardware with a
Core 2 Duo processor or better. A lot of apps are sandboxed. OpenGL 3.2
support

I'm happy about the OpenGL 3.2 support. But what about 4?

~~~
robin_reala
Every Core 2 Duo processor onwards has been 64-bit compatible; any Lion-only
software can safely drop the 32bit portion of its binary.

------
CountSessine
No word on an HFS+ replacement.

Also, what's AV Foundation? Is this what QuicktimeX was supposed to become?
Will we finally get codec plugins without having to program for the crusty old
Component Manager?

------
lovskogen
Finally. Apple is getting rid of the default, always-on, scroll bar.

------
stevenp
Tried it briefly, but Dropbox won't even install on it. In addition, Evernote
doesn't work (it seems to be relying on a private API that doesn't exist
anymore) and NewsRack sync with Google Reader is completely hosed due to a
memory leak that I'm assuming is a problem on 10.7 (but not 10.6 for some
reason). Needless to say, I'm going back to Snow Leopard for now, since
Dropbox is a vital tool for me.

------
darren_
Does vmware fusion's support for installing OS X Server guests allow Lion
Server?

------
yoavniteflip
Anyone else catch the new power key to the right of the eject key on what
looks like the 13"? Maybe I'm slow, but I was pretty sure the last generation
still had a circular power button - is this from today's update on the
machines? Scroll down to "Gestures and Animations"
<http://www.apple.com/macosx/lion/>

~~~
yoavniteflip
My bad. That's the MBA.

------
Corrado
Its funny, but the first thing I thought of when I read about Versions is the
old Vax/VMS file versioning
system([http://en.wikipedia.org/wiki/Files-11#Disk_organization_and_...](http://en.wikipedia.org/wiki/Files-11#Disk_organization_and_naming)).
That feature alone saved me tons of re-work in college. :)

------
rst
Full-screen apps, increased emphasis on gestures, an app store... looks like
they're trying to add an iOS feel to the user experience (at least within apps
that use the new features).

~~~
YooLi
I believe that was the whole point of the 'Back to the Mac' introduction to
Lion from a few months ago--bringing iOS back to the Mac.

------
jason_slack
if I enroll for $99 now would I still get a dev preview of Lion? I am already
an iOS member.

~~~
allwein
Yes. Whenever you enroll, all current member benefits are available to you.

You'll also be able to download the latest 10.6.7 build if you'd like.

~~~
DarthMark
Do you still have to buy the production version when it ships?

~~~
quux
In the past, apple seeded the GM build to developers shortly before the
release date. So no need to go buy the same build in the store.

~~~
schrototo
Although it's worth noting that Apple sometimes has a very weird definition of
"Gold Master". The latest Xcode 4 GM, for example, is pretty much just another
beta version. It's not production ready at all.

~~~
yardie
Wait, is this true?

iOS GMs have always been ready to ship, minus a few 3rd-party apps and last
minute exploits(JBs). If they are throwing GM designator on anything that
isn't usable than I'm severely disappointed.

------
mwg66
Is it me or is Aqua being dropped?

------
enterneo
no fullscreen mode for safari?

~~~
strmpnk
Safari does fullscreen just fine from my own testing.

------
st3fan
Screenshots or it did not happen!

