As a long time Mac user, I keep hoping that Apple will decide to double down on better and deeper focus on all its products, including the Mac, its OS and ecosystem, and make the changes necessary across its organization and its teams.
It's even worse than that according to Mark Gurman:
In another sign that the company has prioritized the iPhone, Apple re-organized its software engineering department so there's no longer a dedicated Mac operating system team. There is now just one team, and most of the engineers are iOS first, giving the people working on the iPhone and iPad more power.
That took some time for me to sink in. I can fully understand the aversion towards dedicated teams á la Jobs, but we are talking about an OS that is used keenly by developers, an ecosystem essential to maintain. I was baffled by Apple not pushing ZFS further, the clear lack of interest in developers by not working on e.g. virtualisation, e.g. containers, a polished OpenSolaris or similar with tools we could make MacOS even greater. Like they couldn't afford it.
For the Darwin team which is the actual core OS they would have to deal a lot with CPU architectures. But they again they have always dealt with this since back in the NeXT days. ARM and x86 isn't a big deal to manage and there isn't much evidence that something is wrong in that area.
For the UI teams i.e. System Frameworks, Cocoa, WindowServer etc. They are abstracted away from worrying about CPU architectures and they are the ones responsible for all the bugs we are seeing today. You can argue context switching is an issue here but again we don't have much visibility that iOS/OSX engineers are jumping back and forth every day.
A few years ago there was a noticeable increase in the frequency of point updates at the expense of quality. In agile, testing either (a) relies heavily on automation or (b) only tests that particular story. In highly complex systems that's often not sufficient and rarely do security teams for example involve themselves on a per story basis.
Personally I think the industry as a whole needs to sit back and realise that Agile wasn't the panacea it was made out to be.
But the TDD cargo-culters and UncleBob fans forget that inconvenient fact and think TDD solves ALL problems
The exception is the kernels and drivers of each OS, which have to consider things like architecture, but I would expect that it'll still be the same individual engineers working on these who always have, no matter what their team structure looks like now. Whether or not Apple has a formal "macOS kernel team" or "iOS kernel team", those groups definitely exist and have rather static membership.
(In fact, one main benefit you might see from this is that Apple has hardware hires—many from Intel—who have stepped up to apply their knowledge of formal verification methods to the iOS kernel and drivers, but haven't necessarily had the flexibility to spread that love to macOS. That can change now.)
 https://danluu.com/cpu-bugs/ (search for "Apple")
Also: “Mythical man month” etc.
You do not solve your problem by having a bunch of engineers from a different domain and having different priorities.
Is it possible that this is related to that?
At the same time the Apple seems to be dropping the ball, some of the more noob-friendly linux distros are starting to look very attractive. And while Apple still seems to have the best hardware overall, a Lenovo Carbon X1 seems like a very decent option. I'm by no means a "pro" user (I have a decent understanding of computers, can get around on linux command line, some basic experiences in programming, etc), but I'm probably going to start making the switch, at least for my laptop.
Slightly off topic, but one of the only software issues holding me back previously was 1Password compatibility on linux, but apparently, it is now available (1). Anyone tried it? It's not a stand-alone application, but I'm probably okay with that.
The example comparison you gave, an X1 Carbon, has a more reliable keyboard with more travel, a matte-screen option without fragile glass, a user-replaceable battery, a user-replaceable NVMe drive, a variety of ports new and old, a docking solution, security cable lock etc
It's also probably not coincidental that a wider screen ratio allows the manufacturer to sell less screen (in terms of area or total pixels) at the same diagonal size.
Well, it's a Chrome extension. For some people (including yours truly), it's a deal breaker.
I would suggest `password-store` if you don't need to share your vault with anyone.
I use dedicated subkeys for work and mobile so that I don't have to share my main key, or indeed every password with every device.
Or any other devices? Or even have rudimentary browser integration? How is this an alternative?
For multi-platform password managers with browser extensions, Enpass (enpass.io) is an option. Dash lane is another, though it's about as expensive (or more) than the 1Password subscription that AgileBits pushes (the dark pattern on the AgileBits website about completely hiding the standalone license is something I don't like).
That's been the big reason I've never really taken to Linux. The GUIs all look like Windows with a skin. Where's the innovation?
As for innovation, Linux desktop UIs had virtual desktops and window tiling features long before Windows and MacOS.
Well, all commercial UNIXes had them before Linux was even a thing.
The criticism towards Gnome 3 is due to the reduced usability, customizability, constant breaking of backwards compatibility (especially when it comes to parts that allow customization), treating the desktop like an overgrown tablet and a general tendency of its developers to treat their users like they don't know what they are doing - if not outright ignore them. For examples, check out Reddit's /r/linux whenever anything towards Gnome is posted to get an idea of what people are actually saying about it (both positive and negative).
> (due to patent concerns). Of course, there are some fringe "garage effort" Linux distros that don't care about patents and do just give some part of the community what they want.
Sorry, but this phrase is incredibly loaded. Are you affiliated with Gnome? Let me try to break it down:
"due to patent concerns" - this is textbook FUD that tries to present Gnome as a project that cares about patents (why would Gnome care about patents any more or less than other projects?) and create the impression that other desktops do not care. Moreover it implies (but doesn't explicitly say so that it can be denied later on) as granted that patents are indeed a concern for an open source desktop environment to the point that not only it is worth mentioning but actually Gnome making an active effort towards avoiding patents by redesigning their UI.
"there are some fringe "garage effort" Linux distros" - implying that any distribution that does not share Gnome 3's concern (assuming they exist and isn't just an excuse) is a fringe and garage effort. BTW i've noticed this with several Gnome developers: they tend to downplay anyone and anything that doesn't fit in their worldview as unimportant (for fun, try to ask them about Wayland and X11 and suggest that Xorg will continue to exist after -say- 5 years - some cannot even fathom the idea that even if all Xorg developers lose their senses, others can fork the project and continue its development just like the Xorg devs forked XFree86 and just like XFree86 was forked from X386).
"that don't care about patents" - again the implication that patents are something that Gnome alone cares about and that only unimportant, fringe garage effort distributions can ignore them, but Gnome - being the big and serious project that it is - has to abide by the patent masters and...
"just give some part of the community what they want." - ...being unable to give to the community what they want. Although i have to say, i like the backhanded "some part" here and the implication that it is only a small part of the community that wants something better.
Of course the entire phrase is based on the assumption that a) patents matter so much that Gnome has to design their UI around them and that b) everything else that does something closer to what the users actually want can only do it because it is fringe and unimportant. Both being false of course since there are tons of other efforts that are as important as Gnome while giving to users all sorts of options - with KDE being the obvious elephant in the room, but also with efforts such as Cinnamon, Budgie, elementaryOS/Panteon, etc. Also avoiding working on stuff because they might be patented (and honestly, most of the stuff users want - like a desktop, icons, a start menu, etc - are things that even if they were patented would have their patents expired by now - again assuming these patents are even valid and enforceable) is a fool's errand since patents exist for pretty much everything and the best an open source project can do is simply ignore them unless someone comes after a project at which point you can try to change the specific part that is a problem. It isn't like anyone can even kill a project or anything, otherwise even Linux would be dead.
Honestly i dislike this sort of "implied mudslinging" towards a ton of other projects and efforts, trying to paint them in a negative way in an attempt to both give excuses for why Gnome is the way it is today and downplay not just the concerns of its users but the users themselves as unimportant.
Try to avoid it please. I don't know if you are a Gnome developer or just an overenthusiastic user, but attacking every single other project that isn't Gnome on nebulous and arbitrary grounds is not the best way to make a good impression.
I take your point that Gnome 3 is criticised for many additional reasons other than deviating from Windows.
Gnome is basically controlled by RedHat, a billion dollar company and they absolutely do care about software patents, they are not like most projects. Linux Mint is what I had in mind as a "garage effort" providing, IMHO, a Windows clone.
I know that older versions of KDE could be configured to do this, but not sure if more recent ones can do it, or if other DEs can do it. Every now and then I do some research on it, but the results are never promising. (From what I remember, the Ubuntu/Unity bar gets close but still feels weird.)
But there are so many options! Including IMHO the best one on any platform for a developer: no desktop environment and a tiling window manager.
There are even NeXTStep clones with binary compatibility! So saying Linux GUIs copy Windows is nonsense.
Two of the three most popular DEs (Gnome and Unity) both don't look like Windows. I'd say only KDE does, and most major distros have Unity or Gnome as the default. So I think you're a bit off with your assessment.
I run Gentoo on two Dells without any major issues. I really prefer Linux over MacOS and have been lucky that at my last three jobs I've been able to use Linux natively on my work laptops/desktops. Using a tiling window manager like i3 also make things so much easier as well. It may not look as pretty, but from a utility standpoint, it's far above the usability of MacOS for developers.
It's largely the same OS since back in 10.0 DP1. Sure they try to lock down applications to those that are signed. But it's trivial to override and is great for OSX users that can't immediately identify malware.
My own stuff I keep in a ccrypt-ed text file that I view and edit with Emacs.
Edit: I just checked an old work machine that we have and the lock isn't even included on the App Store pane in Sierra. This leads me to believe that the only bug here is the inclusion of the lock icon and prompt without the actual code behind it to do the authentication. Seems like the bug is that someone put a lock where it wasn't supposed to be or it was added for a future addition to this panel. Either way, definitely not as major as I first thought.
QA and dev approach software with different mindsets, and I've noticed in Agile projects where QA is mostly or entirely missing, there is a skill gap.
People - I'm not trying to be flippant. I really have seen a decrease in quality in the transition to Agile. We use Scrum or Kanban where I work, and while overall the approach to estimation and the smaller scheduling and estimating increment is better, in many projects where I work there is no _separate_ QA group. A few project do retain it (though re-branded as "Performance, Stability, Reliability" - PSR) and it does help, but generally this PSR doesn't cover everything our old QA groups used to cover.
In any case, I have no insight in to what is happening inside Apple. I'm really just suggesting that given the prevalence of Agile methodologies these day, perhaps a non-ideal transition to Agile is a contributing factor to their quality issues.
Years ago I started seeing companies combining QA and product teams. It required product people with a bit of technical background but, when done right, worked incredibly well. Nowadays not only I've stopped seeing that trend, but most product teams I see are completely ignorant of technical matters. QA teams seem to be more or less missing or seriously understaffed.
 Not to speak of the need to be "agile" without changing a single thing in the process. I can't count the number of times I've seen teams using what is, essentially, a waterfall process (including long development cycles with no contact with the customer at all) self-describing themselves as agile.
 So the same team defining the new features also creates the tests, both automated and manual, and checked the results.
Because that right there is the problem when you are dealing with systems with lots of interconnected components. There just isn't enough time for the "randomly try to break anything" phase.
However, on every build the unit, integration and acceptance tests should run and should alert if something is not right. Automated testing can't cover all the use cases, but there's no reason they couldn't catch most of the issues we've seen with OSX lately (a good example of a system with plenty of interconnected components). On top of that, the good QA people I know always run some random manual tests not related with the story itself on every feature release just to make sure everything is still as expected.
The time is there if it is, along with the expectations, managed correctly. Only in smaller chunks instead of a big, single block of time at the end.
Even though, there's always the chance that there's a completely unforeseen side effect (a test can prove that there's an error, but can't prove that there are no errors), all of this is to try and minimize that chance. In general, I think that these issues appear more often related to specific systems (lots of interconnected components) or environments (lack of proper testing), rather than with specific methodologies (back in the non-agile methodologies days, programs still had bugs).
 Like, for example, an edge case of a method being fixed. That can have knock-on effects if other parts of the system were relying on that method failing.
It is possible that the team in this area is applying a methodology that has different QA best practices. It could be a poorly applied Agile methodology at fault here.
Although it's impossible to know without more information.
Even on iOS, which rumors have being more of a focus compared to macOS, still has a long way to go to catch up to other platforms. If they required these tools internally, no way would they be this far behind.
And to be clear, they provide these things in the form of XCTest, XCUITest, and Xcode bots, but they aren't good enough. Tons of resources have been spent by the community and major corporations trying to fill in the gaps and offer useful alternatives, but the closed nature of Xcode and its build environment make this difficult.
WTF are you talking about, there is no Agile methodolgy about getting ride of QA. Sounds like you have a problem with Agile, so are looking for some reason to drag it in. You might as well blame the keyboards they use.
They released exactly one version (Mountain Lion IIRC Edit: Snow Leopard) which was just fixing bugs and improving system stability. Everything else was “oh look another shiny toy” where toys are increasingly inane, iOS-like and unfinished (hell, they can’t even fix Photos).
I don't know about local authentication, but iCloud account authentication was changed a couple of times in recent macOS versions (from 1FA to optional pseudo-2FA to real 2FA.) I know that parts of the App Store prefpane (e.g. "remember password after purchases") require the iCloud auth flow. That might have affected the local auth flow somehow.
I disagree, I think Apple can continue to release sub standard products for macos with little or no consequence as long as people are willing to hand them $1000 for an iPhone.
This was the last good MacOS in my opinion. Starting with Lion they removed Expose, and they removed the workspace grid and replaced it with that shitty Mission Control rubbish. I hated I couldn't down-grade (or really upgrade depending on how you look at it) my Lion laptop back to Snow Lepord. It was so unusable I actually went back to Linux and tried a bunch of different tiling window managers. I've been on i3 ever since.
Now if only they would put full screen on a separate button again, I HATE that the zoom button was been hijacked and I have to hold down option just to zoom a window. Why can I not change the default behavior? That would be a nice compromise at least.
Or you know, apple users can start acting like concious beings with agency, and start buying better products. It's not like there is a lack of choice out there. If you absolutely hate M$ Windows, dell has a laptop that ships with Ubuntu now. Vote with your wallets.
On the other you have giving access to your data to people who shouldn't have access, be it making them root, giving your encryption password in the hint field, ... You're not prepared against that, you have no mitigation and no remedy other than picking the right tool; either the tool you're using is secure or it is not.
Better everything gets deleted than someone not meant to have access getting it. And better something happens that I could insure myself against, than something against which I cannot do anything to protect myself.
I would fork over money to Apple for them to do another SL-like OS release.
Are you listening Apple?!
High Sierra switches solid state drives to the new APFS file system and the WindowServer is now rewritten to use Metal2.
So I would suggest that High Sierra is far from a stability release like Snow Leopard was. It was about ripping out the foundations and building new ones. The APFS transition, to Apple’s credit has been mostly painless while the WindowServer changes has been hit miss depending on your hardware.
These were things Apple had to do and they benefit all their platforms.
Other panes validate the password correctly
If you try the same thing with say "Time & date prefs", it pauses with an incorrect password for a few seconds, then visually shakes indicating it's a wrong password. With the App Store prefs, it just instantly closes the authentication dialog, even with a blank password.
I don't really understand the logic as to why some panels in preferences have padlocks and others don't... Why does date/time need admin rights whereas Network (delete/add/reconfigure networking), Internet Accounts (delete/add any accounts?), iCloud (do all manner of things), Time Machine (back a machine up elsewhere?) don't require it?
The global prefs that can be reconfigured by "regular users" (i.e. non-"sharing only" users) are precisely those prefs required to keep the system in a working state if you're physically in possession of it and doing the things that possession of a computer implies. For example, you can move a computer you physically possess to a new location–at which point the same wireless networks won't be available, and maybe you won't be able to get online without a proxy. So, in order to ensure that just going places doesn't necessitate a call to corporate IT, the default† is to let any non-"sharing only" user configure networking.
† "Default" because these prefs can be locked down using a configuration profile (like a windows Group Policy Object) by corporate IT if they need a computer specifically secured against these changes, such as a public-use kiosk.
This is also the behaviour of the App Store preferences in version 10.13.1
And that scares me even more because of the unknown of how long such bugs must've existed in the system.
Is this Apple's Windows XP moment? (Like when MS stopped everything and did massive security training that resulted in XP SP 2 being worlds more secure?)
So it's not that much pen tensting, but Apple making changes and not validating them correctly. Maybe they have their Vista moment with High Sierra, maybe we forgot previous buggy versions.
This only appears to be when logged in as a local admin.
Tested with a non-admin account and I cannot unlock the prefpane with incorrect credentials.
So basically they are checking to see if you have credentials already. I guess this is a caching issue since you locked it.
A) You have the resources
B) This is the type of bug that any semi decent QA process should catch anyway
This prevents a situation where the actual admin logs in, their attention is taken away from the computer, and someone sits at their chair and does awful things with the computer.
For example you could let your kid use your Mac, but you don't want them spending your money via your app-store linked credit card. If they have access to the App Store Preferences panel they can disable the requirement and do so.
Disabling/enabling automatic updates
I fail to see how automatic updates would be "awful".
If that's the case, no-one told the `sudo` command...
Maybe you already saw this but I see they also made the same security/ease of use tradeoff for the (non-buggy) locks in the other preference panes. After unlocking, it stays unlocked for a period of time while you are in preferences, even if you visit different areas within preferences and come back.
Nobody said, "We want to lower the security level of this feature, so let's keep the password prompt but allow any input to the password prompt."
Also this wasn't possible on Sierra.
In this case, any credentials work, meaning that if a "guest" user (semi-trusted by the account owner, obviously using the owner's credentials. ) were attempting to change these settings, they could bypass the prompt with a bogus password instead of the alternative which requires the guest to ask the owner to enter their password.
And a raise.
But, wow, how many bugs is this for High Sierra where a password prompt can be bypassed?
It’s like password prompt flu is going around Apple.
Was there bad sample code distributed or some change in the default behavior of some key API? (In addition to the obviously inadequate testing.)
I guess it would make more sense to me if there was something connecting all these issues. (Besides the inadequate testing.)
Can anyone describe a possible scenario where this would pose a security risk?
Installing a Mac OS update could be considered a security risk? That makes little sense since the security risks you're alluding to were solved by updates. 10.13.2 partially fixed the Intel problem in December and 10.13.3 will have more fixes. If you were still running 10.13.1, you'd have both the root login bug and the Intel security issues.
If you were still running Sierra, keeping Sierra updated results in solving the following security issues: https://support.apple.com/en-us/HT207483
The Mac OS version out right now is more secure than the previous minor or major version. There really isn't any credible evidence to the contrary.
It's irresponsible to not update your system. I understand not moving up to a new version of an OS because of compatibility issues (i.e. audio interfaces often are sluggish to update, libraries you need might not work, etc.,) but not updating because of security fears -- that's just ridiculous. 10.13.3 is more secure than 10.12.2.
Also, in order to "exploit" the reported bug, you would have to already be signed into the computer AS AN ADMIN. Which means that you could already change the updating behavior. So unless you are sharing your admin login/account with non admin users, the risk you cite is pretty trivial.
If you are in a higher risk computing environment, it would be logical that you would sign out of your account after you've finished using the system -- you would essentially have to provide an unauthorized person access to your Mac while you were signed in before this would be an actual threat. That doesn't make the bug less "real," but it does make the real-world security ramifications much less dire than being implied.
So, the most that can realistically happen is that if you leave your Mac unattended while logged in as Admin, a co-worker or friend might get in and install some app to play a prank on you.
I mean, unless somehow a malicious app has been approved on the Apple store and is available to download through the changed setting (and the "evil" co-worker/friend knows about it), but still the base security risk remains leaving the device unattended and making it phisically accessible by smeone else while still logged in as Admin.
Interesting bug, unnecessarily hyperbolic title for it.