Which is completely pointless. If a hacker wants to hack your system, the very last thing they want to do is destroy your OS. Who cares about the OS, it's just one re-install away and you got it back. If a hacker were to hack into your system they would want your data, your passwords, your bank account details etc. Or they would want to use your system to do illegal things that look like you did it.
It's in the best interest of the hacker that broke into your system that your system continues to work flawlessly for both you and the hacker. This is why Mac OS X "rootless" is just yet another obstacle for the power user, yet another obstacle when compiling and installing POSIX code from source, and yet another step closer to locking down OS X to be an appliance like iOS.
The point of rootless (SIP) is to prevent malware from being able to embed itself into the system such that it's difficult or impossible to remove. And it's also a completely different technology than sandboxing.
No it doesn't. It should be vanishingly rare for software not shipped by Apple to be impacted by rootless. The whole point of the feature is to prevent files that should never be modified from being modified. The only software that I can think of that's impacted by rootless is Xcode, which is of course Apple's own app. I can't think of anything else that should be hampered by the inability to modify system files. Can you name any other software that has a problem with this?
And if you really want to disable rootless anyway, you can do so. Boot into the recovery partition and there's an option there to turn off rootless.
I'm also completely baffled by the claim that, just because no security solution is 100% perfect, that we shouldn't even try. That makes no sense at all. Yes, security is hard. But protecting you from 99% of all malware, even if there's the rare case of malware that gets past you, is still extremely useful. Besides, it's awfully cynical to declare that SIP is an impossible goal before you've even looked at it.
Oh geeze. That doesn't even have anything to do with rootless. The issue there is library interposing. Asepsis works by interposing itself into every process that links DesktopServicesPriv.framework and replaces several libc calls.
Good catch on finding something that breaks with SIP, but even if you philosophically disagree with the idea of rootless, you should still agree with the notion that library interposing is a serious security threat and should welcome the changes to block interposing of system processes[1].
[1] From the What's New In El Capitan docs[2], the specific aspect of SIP that applies here is "Code injection and runtime attachments to system binaries are no longer permitted".
I don't really know enough to form an opinion one way or the other, I just had recalled seeing it at the time I read your post. I wouldn't have used Asepsis even if I wasn't on El Capitan as I definitely didn't like the sound of how it achieved what it claimed (which you also pointed out).
There really aren't better ways to solve that on a mass scale at this time. I intend no offense but to be honest I care much more about my system's security vs your need to interpose system processes. SIP is a step in the correct direction for security. Is it perfect or a catch all? No of course not but it's another layer of security that helps the situation overall.
I recommend that you tally up the revolutionary technologies produced over the last 30 years that allowed us to get to this point (including the web), and then consider how many of them could be invented on Mac OS or iOS today.
