Hacker News new | past | comments | ask | show | jobs | submit | page 4 login
MacOS Catalina: Slow by Design? (macromates.com)
2031 points by jrk 77 days ago | hide | past | favorite | 997 comments

Nearly every article I see about macOS or Windows these days further confirms to me that switching entirely to Linux was the right call. Maybe 2020 will be the year of the Linux Desktop by default.

anyday now...

This is also the case with APFS on rotational disk drives. Why does APFS perform so much worse on HDD vs SSD? Will Apple fix it? https://bombich.com/blog/2019/09/12/analysis-apfs-enumeratio...

APFS was not designed for spinning disks. No, they won't fix it; because they don't even sell a computer that ships with only a spinning disk (asterisk on the iMac's hybrid drive). HFS+ is still available, just use it if you need to format a spinning disk. I think this is a very different type of issue, with much more reasonable trade-offs.

Did apple make any comments on this? I haven't been able to find any public responses from them. I'm really interested on reading their side of things. This is quite jarring, it's hard to believe it is a thing. However, as I read through tests people did, it seems just as bad as it sounds.

I was actually getting a mac mini now that I'm working from home (I thought I'd get better integration with some of the company's wfh infrastructure while still having a unixy environment, so a win/win situation), but I cancelled the purchase after reading this. I get that you can jump some hoops and set some apple specific flags to things so that it works better, but the reason I wanted a mac was to make things easier and not having to look into obscure APIs and features to get simple things working. I was really looking forward to that, but I don't feel that sort of investment will be justified with issues like this in their OS :/

This is frankly hyperbole. A single checkbox in a GUI menu that is routinely accessed for managing other system-wide sandbox privileges isn't exactly obscure. It also isn't some difficult, inconvenient task. It needs to be done once.

From what I've read it's not available by default and you need to run some commands (which seem to be hard to google). And that solves only part of the problem, the article had other examples that may be harder to solve. It seems like, if your internet connection is not great, then you're going to have a bad experience.

Perhaps related: "How come someone notarized my app?"[0]

It mentions that anyone with an apple developer ID can notarize a qualifying app and submit this notary to the Apple Notary Service. However, the proof of notarization—the notarization ticket—might not be stapled to the application.

In the case of no stapled ticket, Catalina contacts the notary service to see whether a ticket exists. If so, the app is good to go.

[0]: https://eclecticlight.co/2020/05/22/how-come-someone-notariz...

EDIT. More informative link here[1]. It specifically outlines what happens on first run of an app. (and there's a great diagram if you scroll down)

[1]: https://eclecticlight.co/2020/01/27/what-could-possibly-go-w...

I feel like the continual development of MacOS is making it worse and worse. Similar to Windows, where every extra feature causes more and more complications.

But alas the 1000s of engineers gotta be put to work somehow.

There are significantly fewer than 1000 engineers working on macOS.

Increasingly I find macOS only to be tolerable with iCloud (and Siri, location, suggestions, bug reporting, et c) entirely disabled, and Little Snitch’s built in/automatic whitelisting for Apple services disabled, and most of the background processes entirely denied networking access. It phones home constantly even with all of the services disabled/opted out.

It’s indeed a huge mess, from a privacy standpoint too, not just a performance one. It’s sad also to lose things like AirPlay or iMessage as collateral damage in the process. :/

I just can’t tolerate a machine that hits the network hundreds of times a day when doing normal computing tasks that do not involve the network. They even tolerate this sort of spyware in App Store apps, too.

Is it too much to ask for a polished workstation OS that lets me boot and edit a local text file of notes and save and quit without notifying 4 different parties that I did so?

and there are a lot of background processes.

running just firefox and terminal, ps -ef|wc -l is 198

and many of them have no reason to be on my system.

I run a pihole at home, which has intermittent issues. When macOS can't resolve a hostname, almost every user-facing UI grinds to a halt. It's truly bizarre. Applications won't launch, menus don't respond, etc. Feels like a decade ago when your spinning disk was going bad. Not cute :(

If it checks with Apple servers every time you execute a new binary, what happens if you don't have an Internet connection? Are you just unable to run new code?

> One way to solve the delays is to disable your internet connection.

I think it just skips the checks if internet isn't available. But doesn't that kind of defeats the point of notarization?

Hopefully you're also less likely to get new unsafe binaries when disconnected. But it's all still awful.

The linked website isn't loading, so I don't know what it says, but: if we're talking about notarization, you can "staple" the notarization to a .app or a .pkg, which means you don't have to do the internet lookup at all, and you can run the apps without having access to the internet. I'm not sure about the technical details, but I would assume you add some sort of signature that's like "This .app with hash X has been notarized and it's fine" signed by Apple's secret key.

EDIT: how to staple: https://developer.apple.com/documentation/xcode/notarizing_m...

That doesn't help with self-written code, however, since you can't notarize without internet either.

The article says "One way to solve the delays is to disable your internet connection" so I assume it just doesn't bother with notarization when you do that.

Which makes a mockery of the whole security angle - how can this be utterly essential for security while connected and then just tossed aside as optional as soon as you exit Wifi range? It can't be both.

> If it checks with Apple servers every time you execute a new binary, what happens if you don't have an Internet connection? Are you just unable to run new code?

It waits 5 seconds while trying to connect, and then it gives up and caches the program as un-notarized, allowing it to run faster on later executions.

Notice that notarization seems to be disabled if the network is disabled from within the OS. To observe the 5 second delay you need to cut the connection outside (e.g., on your router), while the mac still thinks it is connected. I observed it by running catalina inside a virtualbox, and disabling its network.

> With internet enabled, it was reproducible by relaunching the application and triggering the code that called SecKeychainFindGenericPassword.

I have issues with a lot of APIs, but SecKeychain has got to be one of the worst. I don't think it's gotten any love in many, many years. Unlike literally every other Apple API that a Macintosh application might reasonably use, you call its functions (even from Swift) by passing strings as (length:UInt32, data:UnsafePointer<Int8>?) pairs, and getting results out by passing (length:UnsafeMutablePointer<UInt32>?, data:UnsafeMutablePointer<UnsafeMutableRawPointer?>?) pairs, and checking OSStatus return values. Every aspect of it is painful.

In Apple's "Documentation Archive" there's three "Sample Code" downloads related to Keychain. The newest one is for TouchID, and the oldest is for PowerPC. This is an area of the OS that doesn't get much attention.

> This issue has been reported to Apple and assigned FB7679198. Apple has responded that applications should not use this function, though the documentation for SecKeychainFindGenericPassword does not state that it is deprecated

I see that it's now grouped in a section of the docs called "Legacy Password Storage", but not actually "deprecated". Strange. That means you won't get any indication of its non-current status from Xcode, or even reading the release notes.

I like that there's a newer (and presumably less awful) interface. I don't look forward to having to rewrite/retest that corner of my application. Seeing all the CFString/CFDictionary casting and OSStatus checking with the new functions, it still doesn't look all that great.

What a ridiculous feature. The people involved in making this decision ought to be fired.

I'm showing 20-200ms longer on first run of the exec. Modified the test script a bit to show that it doesn't happen again if you modify the executable's contents.

    echo $'#!/bin/sh\necho Hello' > /tmp/test.sh && \
    chmod a+x /tmp/test.sh && \
    time /tmp/test.sh && \
    time /tmp/test.sh && \
    echo 'echo Hello2' >> /tmp/test.sh && \
    time /tmp/test.sh

Another slight modification to make this show the effect every time:

    f=$(mktemp) && \
    echo $'#!/bin/sh\necho Hello' > $f && \
    chmod a+x $f && \
    time $f && \
    time $f && \
    echo 'echo Hello2' >> $f && \
    time $f

On my system:


    real 0m0.131s
    user 0m0.001s
    sys 0m0.002s

    real 0m0.004s
    user 0m0.001s
    sys 0m0.002s

    real 0m0.004s
    user 0m0.001s
    sys 0m0.002s

I got hit by this yesterday, borgbackup (installed using home-brew) had a 5 second delay on every invocation.

Setting Terminal as a Developer Tool in Security&Privacy fixed it

One frustrating experience on the Mac is keyboard shortcuts.

Yes, they have polished the GUI, which makes it easy to navigate by mouse. But, when you need to work in speed mode, then you reach for the keyboard shortcuts.

The problem, is that there are plenty, too much sometimes, and they are often inconsistent between applications.

And yes, the Mac has a keyboard shortcut assignment tool, but it often doesn’t work correctly.

I must give credit to Microsoft here. They at least seemed to have perfected most of the common keyboard shortcuts.

Some good features about Windows shortcuts.

1. Alt-Spacebar to open the windows control menu, to move, minimize, maximize, or close the window.

2. Alt combinations are used to control the active Window application itself.

3. Alt-F4 to close the window. But, I would have preferred Alt-Escape instead, to close the window.

4. Control key for shortcuts inside the application. Like, Ctrl-C for copy. O for open. P for print. Etc.

5. Then the Windows key, to control Operating System level shortcuts. Like Win-M to minimize all windows. Win-L to lock the computer. Win-R to launch a command.

Some feature I would like are to use, Win-Spacebar to open a command search, similar to Win-R, but with the ability to list all possible commands. Similar to activating the command palette on VSCode.

And Ctrl-Spacebar, to activate keyboard commands for the active window. Kinda like Emacs, where I can run macros on it, like highlighting the words that I want, and execute something on it, like changing to uppercase, or converting to comma separated, or whatever else is needed.

this has always been the case. the underlined shortcuts in menus are a godsend in non-osx OSes. I am still astonished at the hostility of macos when it comes to Yes/No dialogs - you usually can't hit Y or N! This changed at some point after snow leopard. If I could run HDCP on my old macbook, I'd still be using snow leopard. aesthetically, they have made no innovations of use since then.

This seems to be, once again, a case of user experience being degraded due to lack of attention, testing and measurement of impact by security engineers.

Once you have security engineers, security is no longer the responsibility of all engineers equally, and you've already lost at security.

The weird thing is the price of windows laptops have skyrocketed with the shortages. New MBPs are cheaper than X1 Carbons and XPSs with 10gen chips.

New MBP with a 10th gen chip is a $600 upgrade over the base model with an 8th gen chip.

Every other week Lenovo has some crazy 25-50% off coupon for their laptops.

Windows + VSCode + WSL2 + Terminal + PowerToys = Just one love, never looked back.

The only problem I have with that is "Windows"

I'm currently trying to figure out how to emulate windows from a *nix distribution using qemu. I plan to use this as a "home lab" (k8s cluster or just plain fucking around), but still retain the ability to play an occasional AAA game.

You don't need to emulate windows if you have windows as parent host ;). Windows with WSL is the best linux desktop which i had for past 20 years

I have been running OpenBSD for all my dev work in a VM for quite some time now.

This just makes me wanna start using it for more things besides dev work :(

How do people put up with the complete brokenness in commercial OSes? Is this really better than having to edit the occasional config file?

Personally, I know which process to kill when things go south. It's not early to acquire this information, though.

Just did a test using the command the author listed. Benchmarked on ArchLinux and got 0.00s. I then did the same test on MacBook Pro and got 0.332s. I feel like that's pretty bad. 0.332s might sound inconsequential, but that's just for a single echo command. I would imagine it gets exponentially worse as your executable grows in complexity.

Last year I was preaching that if you can't develop in a submarine or a space station (or on the metro), from a fresh git clone to your next git push, then your development environment is broken and you should burn it to the ground and start over.

It'll be interesting to see how much power we developers will let Apple take from us before we jump the garden wall.

Interestingly, I hear that iPads cannot be used on the ISS because apps will stop launching if you disconnect from Apple's servers for too long.


I'm getting 10-15 minute beach ball of death freezes on a month old MBP 16". That recur until I hard reboot. I can't open the 'force quit applications' window during this nor the apple menu. Can't reboot or shutdown from the cli or otherwise. Some apps lose network connections, some don't. The entire system becomes unusable. It requires a hard reboot. I think it's related to Intellij IDEA and similar IDEs somehow, but profiling those shows the slowdown is not in their apps but in the OS. It won't start with anything plugged into the USB ports, not even just power. Been trying various things but if it doesn't go away, I will return this when the Apple store here reopens. The only good thing about this coronavirus is that I've had more than 14 days to test this and find out what a clusterfuck this OS is even on a $4400 brand new mbpro. Do they even test anything anymore?

Do you think developers make up a significant portion of Mac buyers? I think it's possible, but I'm not sure.

I am pretty sure the laptop market has been shrinking generally (as more people have a phone but no laptop). And most developers I know have macs. They probably don't want to make the OS significantly worse for developers...

After this, you can be sure the developer interest will go down even further

This why having a vibrant open-source ecosystem is so important. Firstly, the needs of users is the main priority (as opposed to profit or liability minimization or advertising...), and secondly, users have so many options to pick from. For example, if you don't like systemd, you are free to pick an OS without it.

I don't want to send over the Internet a record of every program I run. Is there a way to opt-out completely?

Buy a machine not from Apple.

Unplug from the internet.

I used to use Mac pretty heavily for design and audio work, but around 10.14 because of Apple switching the way they do things, I've now entirely switched to Windows for that, and Linux for everything else. I just don't want to deal with the nonsense described in this post, among several other things.

“ Another way to reduce the delays is by disabling System Integrity Protection. I say reduce, because I still do get some delays even with SIP disabled, but the system does overall feel much faster, and I would strongly recommend anyone who thinks their system is sluggish to do the same.”


"Another way to reduce the delays is by disabling System Integrity Protection."

Definitely agree on this one here - I've noticed a big speed improvement when disabling SIP debugging with "csrutil enable --without debug" while in recovery mode.

I should note that the main reason I disable SIP isn't for speed, but to install the yabai window manager to make Aqua far more useful as a developer. I wrote a recent blog post on this, actually (https://triosdevelopers.com/jason.eckert/blog/Entries/2020/5...).

I believe disabling System Integrity Protection actually carries over to everything you boot off the computer.

> [...] it appears that low-level system API such as exec and getxattr now do synchronous network activity before returning to the caller.

WTAF. If this is really true, this is a reason for me to leave the platform for good. This is just in-acceptable in so many ways.

> a degraded user experience, as the first time a user runs a new executable, Apple delays execution while waiting for a reply from their server.

Wow, this is extremely infuriating! I just ran the "hello world" test script with the network connection disabled and it took 5 seconds to run!

     $ echo $'#!/bin/sh\necho Hello' > /tmp/test.sh && chmod a+x /tmp/test.sh
     $ time /tmp/test.sh && time /tmp/test.sh
     /tmp/test.sh  0.00s user 0.00s system 0% cpu 4.991 total
     /tmp/test.sh  0.00s user 0.00s system 77% cpu 0.005 total

I'm so confused about the comments here.

There are a bunch of people who can't reproduce the slowness at all, but nearly all downvoted or you have to wade through 100's of comments to get to them.

The majority of comments are just dumping on Macs, nothing whatsoever to do with the content of the article, and seem to be blindly assuming it's true.

And I can't seem to find any substantive discussion of whether this is actually real or not, or just some weird bug on the author's machine.

I don't see any evidence that Catalina is "slow by design", just a single anecdote from the author. I was definitely hoping for some more substantive critique/discussion...

Op linked validated bug reports.. One of which Apple responded with "by design" of which op derived the title.

The down votes are because it seems pretty clear that the people who don't experience have long lived instances of their os and likely have grandfathered or disabled security settings. There are a lot of people saying ita pretty easy to replicate with a new os.

And it is, I just did it. Did you?

No they didn't, there's no link. They said it's "FB7674490" but Googling that reveals nothing, so I can't read it.

I don't know what the bug report said, or what specifically was by design. Surely "the entire machine freeze for 1-2 seconds every 10th minute, not to mention everything just being sluggish" is not by design.

And I was unable to replicate it (I was one of the comments that got downvoted), although I don't have the luxury of trying a fresh OS. I haven't disabled any security settings, and I don't know what would have been grandfathered -- that's not mentioned anywhere in the article as a factor.

So that's what's bothering me -- the assumption that contradictory evidence isn't valid while the original post somehow is, and no discussion around that, or what tradeoffs there might be.

Now, finally, there are actually some substantive comments from people testing it. There wasn't before though, and it's still unclear as to whether this really is bad design, a wise tradeoff, or if the author's machine has something else going on. Because their experience of a frustratingly slow Mac is just not the norm at all.

Did you run the test yourself? Why do you assume people are blindly assuming it's true? For me first run was 0.5s, second run was 0.004s, so there's definitely something going on.

I did. It got downvoted with no replies. I don't have any security settings changed or anything. First and second run were both around 0.005s.

That's why I wrote this new comment, in the hopes that maybe it would be seen.

Weird. I just noticed that the difference was only the very first time I ran that test. After that the second one was only 100% faster than the first one. That could easily be explained by filesystem / caching things.

> There are a bunch of people who can't reproduce the slowness at all, but nearly all downvoted or you have to wade through 100's of comments to get to them.

It's possible that they have certain security features disabled.

> The majority of comments are just dumping on Macs, nothing whatsoever to do with the content of the article, and seem to be blindly assuming it's true.

Welcome to Hacker News…this is common on any discussion on any topic, especially one that many people can understand in some way.

I've noticed the negativity on macOS. There may be reasons for it, I don't know. I'm pretty happy with it and I've started skipping some discussions because of the amount of comments that lack any curiosity, or worthy discussion.

It's not just macOS. What you really want is a topic that most commenters have no background knowledge or preconceptions about, and you have to make sure that you can't link to one in any way whatsoever. The latter is a little hard to do, because people will cling to the most tenuous of relationships in order to be able to provide their input: you could be talking about a Windows API and someone will bring up EEE through some convoluted path and from there the conversation will go downhill. The best comments are the ones on articles about dolphin psychology or whatever and someone might ask a simple question and a real expert will chime in with something like "I have worked with dolphins for 17 years and also I wrote my doctoral thesis in cetacean-human interactions" and it's just a page of an interesting viewpoint that you just never knew about.

With Apple degrading the developer experience with each release and Microsoft working hard on things like WSL(2) and the new "package manager" I think within a year or 2 lots of developers will go back to Windows-based machines.

As a security engineer myself, what Apple is doing here is completely fucking insane. I honestly cannot believe that anyone thought it was a good idea.

An issue I've been dealing with forever on my mbp 2013 is the machine just pausing input for 2-4 secs (video and audio don't hitch, just keyboard/mouse input).

I recently took the trouble to completely wipe the disk and reinstall macos mojave and it's still happening so it's not due to cruft installed over time in OSX. I dunno. I'll deal with it until it gives up the ghost and probably move to a windows machine with the work they're putting into WSL2

High quality laptops shipping with Linux have been available for some time now. I know of a couple of companies that are providing an option for employees to switch.

This coupled with the horrible docker 100% cpu usage bug (https://github.com/docker/for-mac/issues/3499) might be the top reasons why I hate WFH right now. My Linux desktop in office was so much faster at everything (granted its desktop vs laptop but still, it's a laggy mess developing on OSX now)

Has anybody in the tech media picked up on this? Doesn't seem like it from a cursory browse of my favorite sites (HN do your magic) This seems like something that Apple really ought to be taken to task for. I'm sure the privacy concerns if not the performance will rile up the broader non-HN public if only the information reaches them. Perhaps then we can get Apple to move to a less stupid system.

It gets even worse. I was doing some web dev in the last couple months and I noticed that my "localhost" was ridiculously slow. At first, I thought it was NPM/Gulp but then I noticed that it behaved irrationally, sometimes it is slow and sometimes it works.

The problem was: Parental Control. Apparently, every request was checked and thus slowed the whole thing down. Needless to say, a couple days at least were wasted in this.

The only time I’ve seen similar delays is when my mac decides it needs to do something on an external disk that needs to spin up. I have a 12Tb external that can take 10 seconds to spin up, so get a 10 second stall waiting for I/O once in a while.

I do wonder if the author has something similar going on, either with a directly attached disk or a network share.

Just switch to Windows and WSL. For most cases, it works just great/not noticeably slower.

There's a lot of bullshit on Windows too but nothing near OSX levels of wannabe big brother shit.

Can't think of a better long term short right now in the market than Apple (and sister cult Tesla but the electric story is at least in the early days so they may do ok)

Windows has SmartScreen and MAPS (which was previously called "SpyNet") turned on by default, on top of telemetry level that goes to eleven and cannot be turned off in consumer editions.

They're not implemented in a braindead way that's being discussed here but they're at the same level big brotherness-wise, if not worse.

Did the site get hit by the Slashdot effect? Can't access it.

Archive: https://web.archive.org/web/20200522164507/https://sigpipe.m...

Apple has an opportunity here - to fix all these issues in the first release of ARM macOS and disable some more functions that "don't really work well" or are "insecure" - all of a sudden ARM Mac will be so much better there will be many blog posts and videos about it smugly proclaiming how Intel could not keep up!

Sorry but it's just not happening for me, on macOS 10.15.3, on my late 2016 MBP. (And I've certainly never done anything like disable SIP.)

I run the commands and get:

  /tmp/test.sh  0.00s user 0.00s system 8% cpu 0.045 total
  /tmp/test.sh  0.00s user 0.00s system 75% cpu 0.005 total
If I'm reading this correctly, the first run takes less than a twentieth of a second, and the second a two-hundredth? I've never experienced anything like "have the entire machine freeze for 1-2 seconds every 10th minute". And I have the slowest internet package I can buy.

The only delay that's ever noticeable is when running a program I've installed for the first time, which yes usually seems to take a few seconds, before often telling me the application couldn't be verified or something, do I want to run it anyways. Which makes sense if you're running a checksum on a 400 MB application binary. But after that first time, starting an app is always instant.

Can anyone else elucidate what the author is talking about? They're presenting it as a universal, but maybe there's something else going on with their machine? Clearly something's wrong on their end, but possibly it's just some kind of bug. I'd avoid jumping to conclusions that executables taking a second to launch is "by design".

EDIT: switching from zsh to sh gives more granular results:

  real 0m0.009s
  user 0m0.002s
  sys 0m0.003s
  real 0m0.005s
  user 0m0.001s
  sys 0m0.003s

I intend to stay on Mojave for as long as possible, but I am curious to try out Catalina. I believe it is easy enough to install Catalina on an external SSD. My concern is whether this would be safe enough and if my computer would remain unmodified (e.g. could there be changes to firmware settings or firmware updates?)

I can see the delay when I remove my terminal from the DevTools permission in Security preferences.

So it's real.

However, scripts are NOT notarised, so what is it doing?


So after digging the scripts are being "checked" for malware, as part of XProtect.

This is interesting, it seems to be hashing scripts and testing to see if its known malware.

Anyway, easy to disable, but weird stuff.

"Modern" OSX, iOS, and Android are so secure and safe they even protect you from using your computer.

10.15.1 and then 10.15.4 both introduced random kernel panics on my iMac. Only way to solve was to reinstall MacOS on top of itself (via Recovery, kept files/apps intact).

Still no idea what or why the panics would happen, or why the reinstall solved it.

Catalina has been a very bumpy road for me so far.

I don't think they do the notarization for shell scripts and program you build from source. I've been doing large scale software development on my Catalina for quite some time and I observed zero performance degradation compared to previous OS X version.

I really hope the mess that is Catalina is fixed in the next round, or I might be on Mojave until I can switch to another OS. I've been on macOS for a long time, and I really like it. I'm productive on it. But Catalina... no, I won't touch that.

Anyone of packet captures of this behavior? I'm still on 10.14, or I would check it myself.

Man, I think I was having this issue earlier in the year and thought it was some funkyness with the firewall or application -- custom golang apps.

Who at apple thought it was a good idea to hop on the internet when invoking an application without any warning? This is loony.

Just wanted to drop this here but WSL & WSL2 makes a compelling case to move to Windows.

I can't upgrade IntelliJ any more, because it's trying to write to privileged file locations that I (the owner of the computer) no longer have access to. Believe me, I've tried to work around this, macOS has it locked down completely.

... Can you elaborate? I use IntelliJ on a daily basis on Catalina, and I have zero issues updating it.

The latest IntelliJ 2020.1.1 works out of the box on macOS 10.15.4, without disabling System Integrity Protection (SIP).

Whatever problem you're having, it's a problem specific to your machine.

I use and upgrade IntelliJ fine. Install Jetbrains Toolbox and everything is installed in your home dir. What kind of locations are you having troubles with?

I agree: use Jetbrains Toolbox.

A few months ago I installed Rider (an IntelliJ-based IDE) on my Mac without toolbox, and upgrading it was a pain. I don't remember the details, but using JetBrains toolbox makes upgrading as simple as clicking a button and waiting until the download / install is complete.

Why do you need access to the areas protected by SIP?

Beats me - it's a common problem, though: https://stackoverflow.com/questions/40251201/upgrading-intel.... The only thing that ever worked was uninstalling and reinstalling the whole thing.

You can disable SIP in recovery mode.

I have this kind of issues on Mojave. I blamed the firewall. With ethernet disconnected, everything runs smoothly. Connected: random freezes of 1-2 secs.

Why does it need the internet all the time?

Upgraded only in Spring. Waited long enough. Never have been I saw wrong. Now when I want to reboot my computer I just try to pair my Bluetooth headphones - instant hard reboot

Does this literally panic your machine?

Can we get a MacOS @BruceDawson0xB up in here?


Lack of upgradability of MacBook Pros, numerous bugs in Catalina (ImageCapture Im looking at you), T2 chip and secure boot issues. It all adds up...

Why would they send off binary hashes synchronously before execution of the program?

Are they checking if the app is dangerous? Are they logging all my activity?

If microsoft was doing this there'd be a riot but since it is Apple but will rationalize this bad behaviour and say it is for the best.

NSA had a "hardening macOS" guide on GitHub that I can't find.

I wonder if that defeats the phone home that this article is highlighting.

I like the fine grained permissions on Catalina, but along with dropping support for 32 bits binaries, this is getting ridiculous.

Did anyone try the setting the terminal to "Developer Tools" permissions and find that things go worse?

I noticed recently that the first `git` command I run takes longer. This is insane. What's the status of debian on macbook?

Last I heard you can't even access the SSD on newer macbooks. If you want a good experience with running Linux on a laptop, don't use a Mac.

Wow, this is incredible and clearly a huge step in the wrong direction.

I clearly won't switch to their system anytime soon...

My 2011 era MacBook Pro has run Linux most of its life. It runs super fast compared to its performance under MacOS even a year into its existence.

I've heard people ask me "why bother with Linux when MacOS is Unix?". Well technically it is from its heritage, but it gets less unixy by the day.

Disabling SIP and amfi kills all the process startup delay and limitations.

I feel like this is one of those times, a wut moment.

The slowness seems like the smallest concern here

How many new applications are you people running?

One more reason to stay away from corporate OSes

So should we disable SIP on our Macs?

By this logic, HTTPS is "slow by design" and a nefarious plot by Big Certificate to siphon money away from tech companies.

Linux is waiting for you.

now I understand the importance of niche OS.

When will computer and OS companies start telling us exactly what data they’re taking and who they give it to? I was an Apple user from 2002 until last year. I just can’t be spied on and telemetized any more. It’s not beneficial to me and I can see all kinds of downsides. Especially since big tech has it in for anybody politically to the right of Bernie.

I switched to a sleek amd based setup and ubuntu, 64 gigs of ram, tons of nvme storage and for a decent price. Sad to see macos go out my daily toolkit, but fortunately i no longer have to deal with this kind of crap. I still use mac occasionally but day by day it becomes less relevant.


Please don't post unsubstantive comments and/or flamebait here.


Switch to Linux and forget about it.

You should know by now:

Apple is the Father, Apple is the Mother.

After Apple has re-invented or re-written the MSFT playbook of the 90s, nothing surprises me anymore.

Yet I cling to these machines, that take away the freedom to do with my hardware as I please. It's odd.

The UX is good. Freedom has always been a little more subtle.

In many unrelated ways, Mac OS X has just always been slow.

The first computers I ran OS X on were a Pismo Powerbook and one of the first iMacs. Both with upgraded hard drives and maxed out RAM. They were almost unusable, and we'd put classic OS back on them, a new release of OS X would come out, and repeat.

I later got a chance to use a shiny new G5. I couldn't believe how slow it felt. Same goes for the PowerBook G4. The first Intel MacBook Pro didn't feel any faster.

Somewhere around the i5, Mac OS started to feel 'okay'. But I'd always still feel blown away at how fast a similar machine felt running Windows or Linux.

But I've stuck with it ever since 2010. I remember talking about my 16", saying "It's really fast...for a Mac."

All of these complaints are about security features.

Yes these features could be better implemented, but I'm happy they're there. It's very important to be able to opt out of them, but I like that they're the default.

Notarization needs a cleanup pass and the rest of it seems like it needs an optimization pass.

P.S. The rationale for notarization is to not distribute and thus advertise the filters and detection mechanisms Apple uses to detect malware. If these things were distributed then malware authors could analyze and evade them. Security through obscurity does make a certain amount of sense here as the Church-Turing thesis means there are an infinite number of ways to implement any given thing including malware and there is no single filter or analytical step that can detect all possible malware permutations.

Being able to run arbitrary software on the hardware Apple has graciously lent me is an annoying level of power that I'm not fully comfortable with either. I'm liable to shoot my foot off if Apple the all-seeing doesn't save me from myself.

The OS phoning home for every executable I want to run on my machine is a “security feature” the same way a key logger is.

> the Church-Turing thesis means there are an infinite number of ways to implement any given thing

That's true (or else there are 0 ways), but it's not what the Church–Turing thesis says.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact