Hacker News new | past | comments | ask | show | jobs | submit login

OCSP is Online Certificate Status Protocol, generally used for checking the revocation status of certificates. You used to be able to turn it off in keychain access, but that ability went away in recent macOS releases.

Ah, Apple. When you can no longer innovate, just start removing features and call it simplicity...

Another way to look at it is that Apple is making it harder to run the system in an insecure fashion. You may not agree with that decision, but I certainly appreciate how Apple is looking out for the safety and security of the user.

Tangent: as much as some developers hate that the only way to distribute apps for the iPhone is through the App Store, as a user I consider that walled garden of apps to be a real security benefit. When John Gruber says “If you must use Zoom or simply want to use it, I highly recommend using it on your iPad and iPhone only. The iOS version is sandboxed and reviewed by the App Store.” There’s a reason why he can say things like that and it’s because Apple draws a hard line in the sand that not everyone will be happy with.

Another way to look at it is that Apple is making it harder to run the system in an insecure fashion. You may not agree with that decision, but I certainly appreciate how Apple is looking out for the safety and security of the user.

"Those who give up freedom for security deserve neither."

(Yes, I know the original intent was slightly different, but that old saying has gotten a lot more vivid recently, as companies are increasingly using the excuse of security to further their own interests and control over their users.)

The ability to control exactly what millions of people can or cannot run on "their" computers is an authoritarian wet dream. People may think Apple's interests aligns with theirs --- but that is not a certainty. How many times have you been stopped from doing what you wanted to because of Apple? It might not be a lot so far, but can you break free from that relationship when/if it does turn against you?

The quote isn't at all relevant to technical decisions though. Eg, there is enforcement that a program can't arbitrarily access any RAM it likes on the same machine. That is trading freedom for security and it is a good trade. And there isn't really an argument against gatekeeping software - users as a body don't have time to verify that the software they use is secure. I'd be shocked if the median web developer even reads up on all the CVEs for their preferred libraries. Gatekeepers are an overwhelmingly good idea for typical don't-care everyday users.

The issue is if it becomes practically impossible to move away from Apple to an alternative. Given that they have a pretty typical market share in absolute terms that doesn't seem like a risk right now. They don't even hold an absolute majority in what I assume is their strongest market, the US, let alone globally.

Of course it's relevant! Software is a form of expression. Apple controls what types of expression are allowed on your phone.

A developer made a game depicting bad practices at FoxConn. Apple removed it for "Objectionable Content"[1]. How is this inherently different from Apple saying you can't use your iPhone to read a certain book?

Apple's restrictions also make it easy for authoritarian governments to ban software they dislike: https://news.ycombinator.com/item?id=21210678

[1] https://www.theverge.com/2012/10/12/3495466/apple-bans-anoth...

It is identical, and if I considered my phone to be primarily a research platform I'd be really upset. I got really upset with YouTube mucking around curating what videos they allow on their platform because I want to choose my own videos.

But ultimately I own an iPhone because I need a GPS map, SIM card and web browser on the go. Apple doesn't exercise any creative control over those things. Apart from that they explicitly sell a highly curated platform. I expect them to make decisions I don't agree with; that is what curators do. That is the service they sell so I'm not going to complain.

If someone used that walled garden approach on my PC I'd be furious. On my phone, I give them hundreds of dollars for the privilege. If I were going to get upset about freedom and phones, which is reasonable, I have a loooong list of problems before I get to Apple's security model - starting with government interception of messages and moving down to having my name attached to my SIM card. Apple's activities don't really rate, and they have better incentives than Google.

PS. I'm not arguing against phones being scary. Look at the COVID tracking apps that some companies and governments are bringing out that might become mandatory one day. Or the way the US is known to use phone GPS to target drone strikes. Phones are terrifying. Apple's curating/censorship/what have you really doesn't rate on my threat model when dealing with a phone.

If someone used that walled garden approach on my PC I'd be furious.

As this article shows, Apple is slowly moving in that direction for their PCs. They aren't going to be satisfied with locking down their phones only.

Are they really moving in that direction, though?

An App Store from which you can download software with confidence is a pretty sensible first step for most users.

Complementing that with a Notarization service for apps that can't live in the App Store, while still giving both users and developers confidence that the user is installing the "real" app, and not something malicious, seems like a pretty sensible way to protect most users outside the App Store.

And if all else fails, there are ways to allow running that un-Notarized, non-App Store app that you're sure you trust.

None of that seems like something that inherently means to take away your ability to run what you want on your PC, it just sounds like a common sense approach to giving your users confidence in what they run, and guiding them to do so safely by default, while allowing overrides as needed.

Are these ALSO things that Apple could use to lock down your PC completely?

Sure... but then, why bother with any of it if that was the intent?

They already have Mac App Store, and they already have the infrastructure to deal with a "whitelist only" approach, so why bother with this Notarization and Gatekeeper stuff at all?

Don't get me wrong, there's plenty of room to criticize Apple for their implementation. They are clearly figuring out some of this as they go, and trying to find a proper balance. That isn't easy, despite how many people make it out like it is.

Give the average user too many prompts or chances to override security, and they will do that, every time, without thinking it through.

On the other hand, bury the overrides too deeply, and risk making things miserable for the developers and power users who need to use your platform freely.

So far, I see only evidence that Apple is trying to find that balance, but no evidence that they intend to lock the entire platform down entirely.

Are they doing it perfectly? Clearly not. But I think if we're being honest, no other platform has either. I appreciate Apple's approach the most so far, but time will tell if they are able to figure this balance out or if another platform will at some point.

> They already have Mac App Store, and they already have the infrastructure to deal with a "whitelist only" approach, so why bother with this Notarization and Gatekeeper stuff at all?

Change management. For the same reason why Ebay had to backtrack changing their background color and do it again, slowly.

That's certainly possible.

But as someone who has been using Macs on and off for about 10 years now, I've heard people shout that Apple was locking down Macs from the moment the App Store was created on iOS (and long before it came to MacOS). So far, that hasn't happened.

Is it possible this is the next step in a 10+ years plan to "boil the frog slowly"? Of course! Not sure how they would accomplish this without also losing the developers they need to continue making both MacOS and iOS viable platforms for users, but I guess if they just don't care and want to lock everything down, this could certainly be one more step towards their long term nefarious goal.

But it also still seems like a reasonable step towards making their platform more trusted and secure for the average user while continuing to give devs and power users control.

So far, I see no evidence for the former, and enough evidence for the later, that I'm not too worried.

Last time I checked, they force you to use the safari engine for your web browser on IOS. Also having a curated app store doesn't mean they have to disallow any other means of installing software. It's even ok if they say: You installed other software, no support for you. But making it not possible is a money grab.

Not at all, you are always free to buy computers, phones and tablets from other vendor.

Don't go buy Apple and then cry in the corner that you aren't getting the right set of toys to play with.

I use Apple devices and fully support don't having random app uploading my stuff into the world.

Sure, you can buy whatever you want, you aren't living in a dictatorial country. Sadly enough, most people can't say this. Therefore it is important for you to fight decisions like this. If something doesn't exist, it cannot be abused by some regime.

I am going to say something very cynical now, if the reader doesn't like that, he should tune out now. But I guess Apple can't wait to have that special China deal. ^_^

Except Apple isn't a dictatorial country, and there are other computer vendors to choose from.

Apple isn't Mafia, doing personal visits while giving advices to buy Apple computers otherwise accidents do happen.

Buying an Apple computer is a conscious decision.

I love how many around here make their decisions, and then feel entitled to complain and point the finger to big corporations, as if these corporations are the only ones to blame and they poor souls were mislead.

Multinationals are not countries, but they are operating in multiple countries and there actions can have influence on the people in those countries. If Apple makes it possible to stop certain software to be installed then China can abuse the mechanism.

And I am entitled to complain about big corporations. That is the beauty if you life in a free country and even if it wasn't free to complain about them, I still would do it.

I rather see them all burn today than tomorrow.

Buying a house and suddenly getting your water cut off because the county"doesent feel like it" is also similarily a "conscious" decision, and similarily bites you only a time after you bought something.

You might say that's illegal, and I'd recommend thinking about why that has become the way it is. Things are deemed important to everyday life, and suddenly they aren't free game.

Which fails again as an example, because legally is not the same thing.

It's can vs. can't, which is perfectly comparable, in both cases you cant know what you get until afterwards, which is not acceptable. When the freedom to use the your own devices is in question, it needs to be addressed.

Shifting the blame onto the victims by saying they should have known the county can do that, is just sheltering yourself from the uncomfortable truth.

I don't want to feel like I'm being taken advatage of either, believe me. It's just better to fight back than let it roll over you.

When they force their proprietary standards on everyone else... https://news.ycombinator.com/item?id=23250831

Apple was the first major HEIC adopter, but it’s not really something proprietary they came up with: https://en.wikipedia.org/wiki/High_Efficiency_Image_File_For...

I agree. I'd take your point on gatekeepers being a good idea further.

Gatekeepers are a good idea for even experts. There's a reason it's still in your best interest to use battle tested crypto libraries instead of writing your own, even if you're a security expert. The reason stands that it's possible for experts to make mistakes, which is why auditing is so important.

Now for this to hold, we need to assume Apple has done a good job with their notarization system, and that it's regularly audited to ensure it's not causing too many issues.

In this case, I trust Apple isn't doing these things to make developers life harder. They're doing it because it's incredibly difficult to make something both ergonomic for experts (developers) and secure/safe for non-experts (average end-users), and they would rather ship something less-than-perfect for developers if it's going to help non-developers.

So keep a Linux box if you want. Don't shit on people for using a mac.

I can use macOS, Windows 10, and any distribution Linux I want without having to pick one. That's freedom. I have choices. I choose all of the above in my personal setup. I'll fight to keep my free software but, at the same time, you can pry logic on the mac from my cold dead hands. I've been using it for 15 years and I am not going to stop now. Use the best/preferred tool for the job you have to do.

I expelled Apple from my life 5 years ago and couldn't be happier. Before that, I'd been using their stuff for longer than you. I was quite close to the company for a time, covering them as a journalist full time. I have 3 Linux boxes and a Windows box. I shit on Apple from great height. Their entire ethos has been lost, and they don't make anything easier. My folks continue to use them, and my father's business life has been nearly ruined by their CONSTANT updating of the OS and ending of support. He's almost 80, he's not going to learn anything new, but he hit one button accidentally when it prompted him, and now he's been updated to god knows what newer-yet-still-unsupported version of their OS and his email client stopped working and his legitimately paid-for iTunes music stopped working. Apple has not only contempt for its users, it has contempt for its developers and fans. It treats them all like morons.

I thought this was computing for the masses.

The original quote from Franklin was about liberty not freedom. A suttle but vitally important distinction as freedom requires security where liberty does not. If you sacrifice freedom for security you still at least have security, as in a despotism, but if you sacrifice security for freedom you have neither. Conversely if you sacrifice liberty for security you have less liberty without any increase in security just resulting in a net loss.

This is perhaps, strangely enough, the most contentious comment I have placed on HN. Last night when the comment was fresh it was quickly up voted at least 7 times. This morning I awoke to the comment down voted back to it’s original 1 karma. I am unclear as to how this comment is so polarized.

Here is the Franklin quote (I encourage you to read the whole article): https://www.washingtonpost.com/news/volokh-conspiracy/wp/201...

I always thought the two words are synonyms. (That belief somehow survived decades of philosophical reading, media, and more than a few moral/political philosophy courses.) Here in Australia, liberty sounds like a USA word. We talk of civil liberties etc, but not liberty on its own like that. That sounds 18th C and/or estadounidense.

Your distinction sounds like (what I learnt as) Berlin's negative and positive liberty:

"Negative liberty is the absence of obstacles, barriers or constraints. One has negative liberty to the extent that actions are available to one in this negative sense. Positive liberty is the possibility of acting — or the fact of acting — in such a way as to take control of one's life and realize one's fundamental purposes. While negative liberty is usually attributed to individual agents, positive liberty is sometimes attributed to collectivities, or to individuals considered primarily as members of given collectivities."

"The idea of distinguishing between a negative and a positive sense of the term ‘liberty’ goes back at least to Kant, and was examined and defended in depth by Isaiah Berlin in the 1950s and ’60s."


That article goes on:

"Many authors prefer to talk of positive and negative freedom. This is only a difference of style, and the terms ‘liberty’ and ‘freedom’ are normally used interchangeably by political and social philosophers. Although some attempts have been made to distinguish between liberty and freedom (Pitkin 1988; Williams 2001; Dworkin 2011), generally speaking these have not caught on."

Ah that's what I thought!

Also, referring to your other comment, if a "despot can do whatever he wants to you or to your family", like disappear you in the night, and it's not a loss of security, I'm not sure what you mean by 'security'.

In despotism, you do not have security either - the despot can do whatever he wants to you or to your family.

That is a loss of freedom, not security. Compare that to living entirely on your own in the wilderness where you will enjoy maximal freedom with no security from people or nature or starvation.

That distinction is why, in history, non-civilized people find civilization abhorrent and why other people would choose to live under a despot opposed to living on their own. In the ancient world people were not friendly to the idea of abandoning freedoms for class distinctions but once they had it they were not willing to sacrifice personal security or quality of life increases for risk of death and starvation.

That is why people claim freedom isn’t free, because many people, even now, are frequently ready to abandon freedoms for increased security opposed to the extra effort required to increase both.

That’s not close to the original quote. And it was just Ben Franklin politicking, not the word of god.

No one cares, it's the concept that matters. This is on the same tier as saying "haha hey buddy looks like you typed 'there' instead of 'their' haha #rekt".

> No one cares, it's the concept that matters. This is on the same tier as saying "haha hey buddy looks like you typed 'there' instead of 'their' haha #rekt".

While the content / concept is the main point, facts matter. Even if it is ancillary to the intended message. Why suffer misinformation no matter how small?

Another way to look at it is that Apple is moving towards a future where all software for the mac must be purchased from the app store.

Bubye Apple, my next machine will likely be a Dell Ubuntu.

Yeah, this is the future I've been foreseeing for years. Every new OS update just ever so slightly decreases your ability to control what software is on your device, and how you can use it.

For example, you used to be able to back up your purchased iOS apps to your computer, and restore them from your computer. In one iOS update (9 IIRC?), they removed the ability to back up the apps from your phone. In a later iOS/iTunes update, they removed the ability to restore backed up apps from your computer, making your existing backed-up apps useless, if you still had them.

Now, the only way to keep your software on your iPhone indefinitely is to never delete it, and never reformat your phone. Ohh and never update iOS because they will break backwards compatibility with apps you already have. For any app that is no longer supported by the developer, you're just out of luck (and I have purchased MANY such apps, being an iPhone user since 2009).

> making your existing backed-up apps useless, if you still had them.

This isn't true. You can still install existing IPAs you have saved in the past by syncing it with Finder. You can also just AirDrop an IPA to your iOS device to install it.

> Now, the only way to keep your software on your iPhone indefinitely is to never delete it, and never reformat your phone.

You can still back up IPA installers by downloading them with Apple Configurator 2. https://ios.gadgethacks.com/how-to/download-ipa-files-for-io...

I can't seem to find documentation about AirDrop installation of .ipa backups I have. Also that Apple Configurator 2 process appears to force me to update the apps before they are backed up (I have automatic updates turned off because of how often app updates tend to be regressions rather than improvements)... Also, how do I "sync it with Finder"? (what is "it"?)

If I may ask, why do you still persist with apple products then? Sounds like masochism from here...

I have no intention of buying more at this point. The last was the iPhone 8 in 2017. No clue yet what I'll do in the future for a smartphone, because I don't see Android as an option at all. Hopefully this iPhone 8 lasts forever :)

Personally I find smartphones less and less useful. I use them mostly to stay in touch with people or to read articles online, and I do all my work from a laptop anyway. I used to buy flagship Android phones but I realized that it's wasted money. Now I have a 200€ Samsung phone, it works fine, yesterday it fell and the screen glass broke a bit, I couldn't care less.

If I keep going at this rate, I think I will quit smartphones within a few years.

Get a server or some hosting, load it with whatever you need - mail, web, cloudy things, media, communications etc - and use a portable terminal to access it when on the move. That portable terminal can be a phone with a browser or some future device which is more tailored to this type of application. With the current generation of SoC, Wasm and a capable browser (Firefox Nightly Preview is shaping up nicely) this setup is a viable replacement for most 'apps'. One of the advantages of such a setup is that those 'apps' do no get to track your every move - that is, as long as that capability is not built into the browser at some stage (persistent web workers etc).

iPhone SE is iPhone 8 on steroids.

this is sort of an ecosystem pattern.

First xbox was offline, subsequent xboxes were more intrusive

first windows pcs were offline, now they have become spy ("telemetry") machines

Apple has reigned itself in (a bit), but they just as stubbornly put business decisions above user wants.

Mine is already about to be a Linux workstation since, in addition to all the developer hostility the past few years, Catalina essentially killed off Mac gaming (something like 75% of Mac games are 32 bit? or something?). Prior to that it was merely a joke, but it was nice to have an occasional game to play. Now? Nope, Apple Store and recently updated game code or GTFO

Dell Ubuntu is not a good choice, they don’t provide proper drivers and their support has zero knowledge about Linux

Ubuntu phones home a lot too.

motd-news, apport, snaps, whoopsie, kerneloops, ubuntu-report, unattended-upgrades, ...

> Dell Ubuntu

Casual Manjaro and Arch rolling distro with AUR is better drop.

The problem is that there is more than one market here. There is a general market where people love the vendor looking after their security and doing things for them, and there is a pro/hacker market where people want to control things themselves and dont want a lot of this stuff.

This. Yes the option of a walled garden is a great thing and I wouldn't recommend anything but an Apple device to my non-technical relatives. But if Apple also wants to make the $$ that comes from selling "pro" gear, they need to stop relentlessly consumerizing and turning OS X into iOS. I don't think they realize the level of ill will they are engendering in the developer/pro market.

Perhaps it's time for a "Pro" and "Home" Mac OS.

I've been doing software development on macOS/OS X for quite some time now and the consumerization aspects don't bother me. I install almost everything I need via Homebrew, from software libraries to desktops apps, and the fact that there's an App Store isn't particularly relevant (although I do use it for consumer apps now and then).

I'm trying to think of how macOS is so different from 10/20 years ago. What's missing? What can I not do now? Maybe my brain has just been consumerized and I forgot something important.

I was going to switch to Linux 10 years ago when people were talking about the iOSification of OS X back then, but that never happened.

Do you write much system-level software? I feel like Apple's changes don't affect the XCode crowd much - but under the hood, things are slowly getting worse for command-line developers.

How about when Apple removed /usr/include in its entirety from Mojave? Or when they decided to make the root filesystem read-only? Or when they removed the ability to permanently disable the "only run verified apps" option? Or when they even made that the default in the first place?

How about when they stopped supporting or updating the MacOS X11 server, which doesn't have proper GPU support and probably never will?

How about when Apple replaced gcc with a thin wrapper around clang, so that /usr/bin/gcc generates identical code to /usr/bin/clang? Or how they froze all GNU tools (including bash) at the last-released GPLv2 version, just so that they could retain the option to lock you out from modifying your OS install?

How about the fact that Apple has officially deprecated Python on MacOS?

How about the increasingly slow filesystem access? Not a big deal for app users, but terrible for shell-scripts and system software kind of generally.

How about when Apple removed the ESC key from two generations of Macbook Pro? And also how they replaced the function keys with a touchbar?

Did you know that Apple will soon be using zsh for /bin/sh? Without much regard to how many shell scripts have a #!/bin/sh hashbang and some bashisms in them? You can call those scripts buggy or poorly designed if you want - but they're plentiful and widespread, and will be broken so that Apple can steer clear of GPLv3 code. All so that they can block you from modifying your OS installation.

MacOS was a Unix nerd's dream 10 years ago. It was fast, reliable, and it had a good terminal paired with amazing hardware and software that "just worked". Over time, everything that attracted me to the platform has slowly eroded. I stopped buying or recommending Macbooks in 2016, and only use one now because my employer is an Apple shop.

Interesting analysis, thanks for sharing.

command line apps installed via home-brew don't have gate-keeper/notarization though.

I don't know why ppl seem to think they do...

What am I missing? I'm on the latest Catalina and, for me, anything installed via home-brew / scripts/c++/python/rust I write and run/compile myself, just run.

I also don't see any time different between my apps on linux and macOS.

I use itemr2, with Fulldisk access and it's specified as a devtool in privacy.

What am I missing that's a big problem here?

Maybe you're missing to foresee the future step in Apple's strategy which will make it harder if not impossible to run something like Homebrew? As far as I know there is no such thing on (non-jailbroken) iOS. Apple seems be be steering macOS in that direction, a curated platform instead of a general-purpose computing device.

You realize Apple employs engineers right? The same engineers who use homebrew for their own job? If they go down that route, it's likely they'll need to support something like homebrew or similar.

Honestly, it wouldn't surprise me if it just meant distributing package via homebrew means signing the package, much like any other package manager. Yes, you can get something similar with checksums, but it doesn't provide any method of authenticity of the distributor.

Is it friction? Hell yeah. A pain? Yes. Is it purely bad? No. Does it have positives? Some. It's not black and white.

If they do that, I am gone. Parent mentioned that they feared that though 10 years ago and it never really happened.

Apple seems to be trying to walk a line with MacOS and keep all of its user bases happy, but it's a hard line to walk.

Agree with you completely.

I would move to Arch or Debian.

That said, how can they lock it down? You need macOS open to develop apps for their other devices.

They can’t get rid of homebrew et al, as they’d lose their iOS developers! Don’t you agree?

The fact they explicitly have a “Dev tool” category you can use here says a lot about their approach being open for power users.

By writing system level macOS software, although I think you mean old style POSIX UNIX stuff.

Here is a thing, already with NeXTSTEP, UNIX support wasn't never something worthwhile looking for, NeXTSTEP was used for its Objective-C tooling and frameworks, like Renderman and Improv.

The UNIX stuff was just a solution for having a quick ramp up for their OS development, and just like Microsoft with Windows 3.1 NT, to have a tick in the box when selling to the government,

Their famous commercial against Sun, hardly touches on UNIX like development.


You aren't going to see a CLI on that NeXTSTEP screen.

Just like the SDK is all about Objective-C related stuff, even the device drivers were written in Objective-C.


The only fouls here are those that keep giving their money to corporations instead of supporting Linux OEMs, as Microsoft cleverly discovered.

In fact, had either A/UX not been discontinued or Microsoft seriously supported their POSIX personality, Linux would never taken off, as the same crowd would be happily using these systems.

> Did you know that Apple will soon be using zsh for /bin/sh? Without much regard to how many shell scripts have a #!/bin/sh hashbang and some bashisms in them? You can call those scripts buggy or poorly designed if you want - but they're plentiful and widespread, and will be broken so that Apple can steer clear of GPLv3 code. All so that they can block you from modifying your OS installation. MacOS was a Unix nerd's dream 10 years ago

Yep. Sorry. I’m struggling to connect “Unix nerd” to “thinks /bin/sh and /bin/bash are the same”, especially as that’s very much a Linux distro created problem, and (the clue’s in the name) Linux Is Not UNix.

I feel everything you say, and still don't see a better alternative. They're just too good at the hardware and integration.

Methinks you don't grok how Apple uses the term ”Pro”

It comes in Space Gray?


No - it's for people who want to Get Stuff Done™ and not worry about all the crap under the hood.

Why can’t they have their walled garden App Store and also allow me to install other app stores?

It’s an authoritarian usurpation of the spirit of property rights. I should be able to decide for myself what software to run on my hardware, Apple HQ’s opinion should be irrelevant.

Why would any developer even want to release their app in walled garden when they can do whatever they want by releasing elsewhere?

Analogue question in the linux world: Why would anyone get something in the debian package repository, when they can just release their package on their website? Because it gets added support, a bigger reach and a safer and easier installation for users?

There are special people: maintainers. They collect software from the world and package them for Debian. They often are different from original developers. Original developers might not even know that their software was repackaged. It's possible because of free software licenses. Apple can't do that even if they would want: proprietary software typically does not allow redistribution.

Good point, it wouldn't work that way with proprietary software.

Usually on the walled garden they get paid.

On macOS, they do. On a phone, if you want to side load, there’s the option of Android.

Wouldn't a sandboxed Zoom downloaded directly from them be equally secure?

> Wouldn't a sandboxed Zoom downloaded directly from them be equally secure?

More relevantly, wouldn't a sandboxed Zoom downloaded from Apple's store be equally secure even if you could install different apps from developers you trust more outside of the store?

Apple’s rejected a huge number of App updates for security reasons. It’s not a huge benefit, but it does exist.

And also allowed a jailbreak app in the iOS App Store. Yes, it only happened once (that I know of), but it still shows you can't really be oblivious to their practices.

So out of the millions of apps on the App Store, they slipped up once? Sounds like a really good success rate.

That's just the one jailbreak that ended up in the news. There's been many other of bad things that have been pulled.

>been many other of bad things that have been pulled

A jailbreak app making it to the app store being bad, and "apple's walled gardens are bad", are fundamentally incompatible.

Apple can be bad at doing what they claim to be doing and also be doing the wrong things. The nice way this works is that Apple curates a bunch of software they think is safe, and I can run whatever I want on my device. The worst of both worlds is that I can't run what I want, but sometimes malicious things get through Apple's checks.

Jailbreak apps are bad for Apple. Walled gardens are bad for users. It's not complicated.

I, a user, am extremely appreciative of Apple's walled garden. I've never once had to worry that the app I'm downloading is crammed full of malware because I trust that Apple's processes are robust and will work well in 99.999% of all circumstances.

A walled garden is not the same as a curated app store. You could have the same benefit if apple would allow non-app-store apps to be installed after flipping a switch, tethering with a Mac or some other voodoo.

Apple does give you the ability to install non-app-store apps (some without tethering), e.g. sideloading or enterprise certificates, although I agree it's not as easy as flipping a switch.

They should also provide a way to downgrade iOS via Xcode for those with a dev account, but that's another story.

People who are precious about security never obtain apps that aren't generally approved and vetted by professionals anyway. Forcing this deciscion onto everybody is just going to push the people who want a free and open platform into places you dont want them. The benefits of openness don't go away just because apple said so.

We get Zoom, we used to install Java (remember when it was bundled with crapware in hope you'll forget to uncheck a checkbox?). Companies routinely strong-armed users into getting malware. And I doubt popular game mods are all that strongly reviewed by security experts, but are quite popular with tech people.

App Store policies are a poor replacement for collective action, of course, but let's not pretend we can just become immune to hostile by sheer force of will.

I care about security, but that doesn't preclude me from jailbreaking my iphone and running dozens of tweaks that haven't been "vetted by professionals", along with sideloaded apps that haven't been through Apple's vetting process either.

My MacBook runs homebrew which currently lists 84 packages installed plus their dependencies, very few of which will have been professionally vetted, and of the 127 apps in my /Applications folder only a third of them came from the Mac App Store, and I would estimate that a quarter of the others aren't even signed with a paid developer certificate.

I want the apps that I get from Apple directly to be safe. I want to know that when I put my faith in the App Store that I'm not lulling myself into a false sense of security. I want my parents and girlfriend, who are not technical people, to have that same sense of security without them having to learn entire programming languages to vet source code themselves.

The benefits of closed systems don't go away just because you say so.

Yes, but would a typical user know or care if the app they downloaded from a web site was sandboxed and would otherwise have been approved by the App Store if it was submitted there? And if not, how could someone like John Gruber make that claim of safety on anything other than iPhone and iPad? Taking the Zoom example on a parent thread above, look at what happens when you’re installing a Zoom client on the Mac without the strict enforcements of the iOS App Store: https://news.ycombinator.com/item?id=22736608

This just doesn't seem like a terribly difficult problem. Web browsers have figured it out. Any webpage that isn't served over SSL says "Not Secure" right at the top.

I can think of a dozen ways which the OS could prominently display "Not Secure" for non-sandboxed applications, in a way that wouldn't preclude or hinder users from using such applications if they really wanted to.

I wonder what's a decent way to do this with a CLI app

I don’t really understand this argument. Apple has long been heralded for its safety and security. It’s why in three decades of owning macs we’ve never installed antivirus software.

What is the point of all this security these days? What are they protecting us from?

Who is this Gruber person you quote and why is he relevant here?

He's the person who made the markdown format, which you've used as your username.

Other than that, he's mostly known for writing and talking about Apple.

> He's the person who made the markdown format, which you've used as your username.

That's news to me. My username is my name plus down (I use up for work-related accounts, and down for leisure).

> Other than that, he's mostly known for writing and talking about Apple.

Ahh, ok thanks.

if gruber wants to dictate what i run on my computer maybe he can pay for my computer instead of me.

Honestly I'm trying to think of a reason you would WANT to disable OCSP, I'm having enough problems thinking of more than 2 developers I know who can actually articulate how it works enough to evaluate this. Not that it's complicated—it's just mostly invisible.

Even when OCSP is a problem, generally you're more worried about issuing a new certificate than an immediate workaround. What are you going to do, ask all your customers to go into keychain access to work around your problem?

This behavior of slowing down appears to be because apple is making HTTPS connections apparently synchronously (probably unnecessarily) and you'd only be potentially harming yourself by disable OCSP.

Though, I am often frustrated FLOSS desktops and Windows don't allow the behavior I want—maybe this is just cultural.

How about it's totally ineffective? OCSP is pointless if you "soft fail" when the OCSP server can't be reached. [1]

This is why Chrome disabled OSCP by default all the way back in 2012-2013 era. Not to mention the performance cost of making all HTTPS connections wait for an OCSP lookup. [2]

[1]: https://www.imperialviolet.org/2012/02/05/crlsets.html

[2]: https://arstechnica.com/information-technology/2012/02/googl...

That's why there's OCSP stapling and OCSP must staple. Ever seen an nginx server fail HTTPS connection exactly once after rotating the certificate? That's nginx lazily fetching the OCSP response from upstream for stapling purposes.

Notarization has a similar "stapling" workflow as well.

Well, security starts from the user. If you're not mindful of what websites you visit, or what files/apps you download and run, there's no OCSP or anything else there to save you.

OCSP enabled or not, you're still one website click away from being pwned to oblivion, giving full control to the hacker – which, of course, is inevitable to an extent, since bugs always find their way into software.

So why not make it easy to disable?

Well, are you going to manually look up certificate revocations yourself? This necessarily requires a network lookup—you can't just glance at the certificate. What's the benefit of disabling this functionality that actively alerts you to revocations?

> Well, security starts from the user. If you're not mindful of what websites you visit, or what files/apps you download and run, there's no OCSP or anything else there to save you.

Sure, but we're discussing good-faith security here. Presumably if people complain about a missing feature they can envision using it. The scenario here is not visiting a shady website and doing something stupid, the scenario here is something like a man-in-the middle attack using a revoked certificate, which would by definition by difficult for the end-user to detect.

> So why not make it easy to disable?

Because then people would disable it for no discernable good effect.

I mean let me be clear, if you're a security researcher you can just modify your own HTTP stack, run a VM, control the hardware, whatever. This isn't a blocker to investigating HTTPS reactions sans OCSP—this is about denying secure connections when they've publicly revoked the cert used to sign the connection. The only reason this is even considered a discrete feature is that most people have never written an OCSP request in order to then trust an HTTPS server—you're just opening yourself up to be misled without even realizing this (and this goes for most of my very network-stack-aware coworkers).

If you're in a browser, you want the browser to be using best practice security, which necessarily includes OCSP. If you know what you're doing this is trivial to bypass.

Feature-removal has been the most aggravating part of my Mac life for the past several years. Admittedly I tend to use unusual features, but it's just another PITA when they go away.

Not sure they have removed anything, but add something.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact