Some people are smart, informed developers that install a trusted tool to monitor their traffic and have legitimate reasons to want to inspect Apple traffic. They're dismayed.
Most people are the opposite and this move protects the most sensitive data from being easily scooped up or muddled in easily installed apps, or at least easily installed apps that don't use zero days.
Is the world better or worse due to this change? I'd say a touch better, but I don't like the fact that this change was needed in the first place. I trust Apple, but I don't like trusting trust.
I think it makes the "world" slightly worse in that it will be harder to discover malware. Little snitch has a small user base, but it's been used to identify many forms of malware and protect many more people once the threat is identified.
But it's like installing a custom HTTPS cert in your OS to inspect potential traffic that malware may use through, say, a Google Doc or Sheet. It's helpful to true professionals dealing with highly sensitive information, but it's ultimately a bigger source of compromise for the vast majority of software users.
I don't think there is an easy answer here. That's why I said I thought it made the world a "touch better" and I can see from your response that you understand the tradeoffs roughly as well as I do based on the wording of your response. The fact is that contemplating these hard tradeoffs belie the underlying truth: Securing computers is hard and getting harder and the stakes keep going up. I can't say if this move by Apple will ultimately be worth it, but I certainly understand the predicament they are in. This is no easy work.
When you rent space in a building, do you get access to every single apartment/office space in the building? No. You get access to specifically what you rented and the front door. The maintenance people for the building will have access to the front door and other maintenance areas, but won't have access to your space. We can clearly conceptualize models like that. We even have something like this on phones.
No, they really don’t. Unsigned software is a little onerous, but signed software can come from outside the Mac App Store.
No. That's what people need to start understanding.
Even if you decide to trust that someone will attempt to act in your best interests (you really shouldn't, see Google's extinct "do no evil" mantra), you can't trust anyone to do so perfectly.
All this aspirational goodwill that fans express on behalf of their favorite FAANGMUULA is the tech equivalent of flat earthing. The facts are simple: no software is perfect, you can't trust any software.
It's a matter of degree of trust and hazard at failure.
And with DNS-over-HTTPS, DNS-over-TLS and encrypted SNI, that makes it all the more harder.
Even if you believe all the MPs / representatives are trustworthy and intend to act in your best interests, their competence is going to be limited, so we need to checks and balances and a limit on their power.
If pinning is used then you can't interfere by interposing a middlebox, the connection would just fail. I guess it's possible Apple would find corporate pushback is too strong, but maybe not.
Don't use things you don't trust. If you trust Apple's proprietary software at least you are getting exactly what you signed up for. Apple gets to do whatever they want, which you apparently trust them to do. Will they accidentally let in bad guys? Maybe. You signed up for that too.
I recognize that this won't necessarily apply to all users or all apps, but there needs to be a way for the user to designate trust. Apple services and traffic should not get special treatment.
It is too bad - the Mac hit this sweet-spot where it was pretty much my perfect machine for several years - a kickass Unix workstation in a decently built laptop, with a decent GUI, with access to consumer apps, too. It was great while it lasted.
Thing is, this is a reasonable thing for Apple to do. Back when they weren't enormous, it made sense for them to at least make token gestures to the Unix-weenie/developer market - we threw a lot of money at them and made them hip when they were down and out. Now we're in rounding-error territory, and that we got what we wanted for a while was sort of a happy accident, anyway. Building developer dream-machines was never Apple's thing.
I bought my first Mac in 1991, and this one will last a while longer. Can't really complain too much about 30 years of decent-to-awesome tools.
It's a touch of hubris to think that we are and will continue to be taste makers, certainly. Maybe Apple won't get burned by alienating this crowd. But it seems a risky strategy for dubious return.
It's not just that tech people are customers, it's that ten other customers will look at what the tech people are carrying and assume they're the ones to know what's good.
And developers write code for the platform they actually use first. And spend time fixing the problems with that platform that are keeping other people from using it. Then more non-developers switch to it because it's improving.
Not only is it an application firewall, but also gives you DNS filtering (ie. Pi-Hole basics) and DNS-over-TLS.
If you check it out, we'd love to hear some feedback! (Full UI revamp incoming)
However, I would like to limit that potential as much as possible, partly by creating a stigma against practices that remove control from the user.
1. Have functionality only accessible through system frameworks, so that the OS can be responsible for prompting for informed consent and granting it to a process. This means that the system itself has to have functionality to prompt for that informed consent in a way that users can understand.
2. Require processes which an application cannot script that are technically complicated enough that users might realize they are pulling off the warranty-voiding stickers. A prime example would be rebooting into recovery mode to turn off system integrity protections via a terminal command.
Both of these wind up getting gated in priority, but such is the priority of their system - limiting the ability of arbitrary software to act as an unrestricted agent of the user so that user security and privacy (as well as device operation like battery life and radio reception) can be protected.
I actually think the way Apple implemented this downright brilliant. As you say, it can't be done automatically, and it's definitely made to be a bit intimidating. At the same time, it's not difficult or onerous, that's a pretty hard balance to strike.
By contrast, when I try to install unsigned drivers in Windows, I feel as though Microsoft is fighting me, and I get annoyed basically every time. I've never had that feeling with SIP; when I get a new computer, I take off the training wheels I don't need, and move along.
Now put yourself in the Apple's position where "an iOS app" or a "mac App" is about as trusted as a random website. Tech people have a strong culture of locally installed apps being extremely trusted but that doesn't extend to everyone. Can you imagine if websites could control your firewall?
I don't think it's that ironic. From my vantage point, the big tech companies specifically and consistently invoke the security arguments that are best aligned with their agendas.
• We need to enforce automatic Windows 10 updates to keep your computer secure. (But also, we won't let consumers use the security-patches-only LTSC branch we offer businesses.)
• You cannot install an app on your iPhone that we have not personally vetted. (As part of the vetting process, we enforce a 30% cut on all digital goods.)
• We need to hide URLs in Chrome to protect users from phishing websites. (But isn't it nice how it makes AMP more seamless?)
• We need to give browsers Bluetooth and USB access, because web apps are safer than random Windows executables. (But also, we can advertise inside of web apps more easily.)
I could go on. The problem with all of these arguments is that they aren't wrong so much as they're selective. The iOS App Store does protect users from malware, and hiding URLs does protect users from phishing. What goes unacknowledged are the trade-offs of these decisions—some of which may themselves be bad for security.
Real question: how? I would expect it to be the opposite, a perfect phishing site will have the wrong URL.
Oh that has google in it (twice even) we can go there.
There's also arguments that URLs are too complex for normal people to understand.
I agree with you though, hiding or redirecting URLs is the opposite of protecting users from phishing.
This was solved a decade ago by rendering the 2nd+1st level domains (and sometimes other parts of the URL) in a different style.
> There's also arguments that URLs are too complex for normal people to understand.
That argument is an insulting attempt to justify a form of illiteracy. Most people don't need to know all of the technical features of a URL; they just need to be able to use it as an address and recognize basic features like the hostname.
Street addresses are a good analogy. Most people understand the basics easily even though physical addresses are far more complex than URLs!
The mistake is in creating a category called "iOS app" or "mac app" and trying to fit every piece of third party code in the universe into that category.
What there should be is different categories of apps with different levels of trust. Then 95% of apps can go in the totally untrusted category because they don't actually need any special privileges. Which then makes asking for a trusted privilege a red flag rather than something the user clicks through because they see it for every app they install.
> Can you imagine if websites could control your firewall?
Realize that this has already happened. You wanted to block DNS to untrusted servers so everything would have to use your Pi-hole? Say hello to DoH. You could block AOL Instant Messenger by blocking port 5190, good luck doing that with Facebook.
The web made every protocol run over HTTPS to bypass your firewall, even if it has nothing to do with transferring hypertext.
Because that's what happens when you do security wrong. It has to be usable or it gets routed around. People started blocking unknown ports by default, or blocking/mangling protocols both of the endpoints didn't want blocked or mangled, so firewalls got displaced.
You don't actually want that to happen (again). You don't want the only options to be living in a cage or rooting your device with some unaudited 0-day code you got from some Russian hackers. There is value in the existence of the middle ground.
Oh, they can. Cross-site scripting and request-forgery attacks aren't dead yet thanks to widespread terrible security practices :)
Security as an industry is generally all about protecting the interests of corporations and governments. Just look at how they react when normal people use subversive technology like encryption. The people in power simply cannot tolerate anything they have no control over.
…is not a monolith. There are plenty of people in security interested in giving you freedom as a user, actually, many do it specifically for that reason.
Trust, but verify.
The problem with this is that it's taking away the ability to verify. Which takes away the ability to trust.
You start with trust, if you attempt to verify that trust by examining behaviour and discover a covert side channel surely you can no longer trust.
A kernel and the core OS capabilities are a high security domain and I expect Apple to be extremely careful and put a lot of attention into making it secure. Desktop applications are a different domain where security is not quite at the same level and Apple will not and can not provide the same level of security for all of them that it can and does provide for the base OS.
As a simple example, compare Safari and the OS. The domains in which they operate make it extremely hard, if not impossible, for Safari to have the same level of security as the OS and kernel because the use case of Safari opens it to far more attack vectors.
Does anyone believe that exempting all Safari traffic from firewalls would be a good idea? If not, then why should we accept that it's a good idea for some arbitrarily set of other Apple applications?
The issue here is simple, it's the same as it always is with Apple. There's a choice to do the thing that's slightly more complex and requires users to provide even a minimal amount of input that they might have to think about ("An application is attempting to change the traffic flow required by X service, if you allow this it may cause problems with this service. Yes/No?"), but instead they opt for "Users must trust us implicitly and entirely in everything we do", which is their go-to solution. It all comes back to control, does Apple control the user, or the the user control their software? Apple has built their empire around the former, so while we can't expect the latter without if being forced on them, that doesn't mean we shouldn't.
Adding exceptions means adding more points of failure, more complexities in code, more opportunities for attackers to bypass restrictions placed on them but not on OS services. Not only that, but you get the upside of having a unified model for Apple and your app developers "for free"–the latter which is of critical importance to Apple in particular, since they have had years of trouble in this area.
So no, I don't trust OS providers. I tolerate them and defend myself against them.
Apple has clearly betrayed users’ trust in this situation.
People don’t install Little Snitch only to prevent nefarious third party activity. Some may want to know what traffic is going to and from their computers. Other may want to block all traffic for testing and/or research purposes.
I can trust that Apple is not doing something nefarious and still see that Apple is blatantly betraying the fact that people trusted when switching stuff like firewalls away from kext that it wouldn’t build backdoors for itself.
Also, any backdoors Apple builds for its own apps and services are simply an additional attack vector that could potentially be used by non Apple malicious actors.
That's a perfectly reasonable opinion to hold, but 99.9% of macOS users won't know the difference and will be safer for it.
Some of the folks who know the difference will also be fine with it. FWIW, I've used Little Snitch (only to prevent nefarious third party activity), and its biggest UX problem is that it treats legitimate OS traffic no differently than untrusted traffic.
Apple hasn't weakened the security of their devices to provide a secret way in, in fact, they made their systems even more robust.
The question absolutely is whether Apple can be trusted. Little Snitch works for other apps, just not Apple's apps. The remaining slice of the pie you're arguing for is whether or not we can trust Apple.
So what delta in security and trust over Apple are we getting by asking for this change, and how much insecurity and brittleness are we inviting to all other users with our ineffective software based firewall?
This is a false dichotomy. I choose to use a Mac, but I also choose not to let my Mac phone home to Cupertino unless I allow it. Why can't I have that choice? Why does it have to be all or nothing? I'm only interested in the Mac, I have zero interest in Apple "services". It's a fine computing device, but I see no reason why the device has to continue to talk to Apple after I purchase it, except to download software updates — which I manually trigger.
It's not about trust, it's about choice.
EDIT: Now if Apple provided a way to easily disable all of those "services" that phone home, there would be a lot fewer complaints about this issue. But they don't.
I'd consider poking a hole in firewalls to be providing "a secret way in", particularly in the context of Little Snitch. This isn't some antivirus bloatware that comes preinstalled, or a firewall imposed by corporate networks. The entire pitch of Little Snitch is that it enables you, the user, to monitor and control any bit of traffic that leaves your machine. No one was asking for Apple to bypass that.
Whether this is malicious, not malicious, secure, insecure etc. is irrelevant to whether this is an untrustworthy action. It’s not what one would reasonably expect and is therefore a betrayal of users’ trust.
If Apple switched gatekeeper on MacOS to completely remove the option and the workarounds to run unsigned apps, it would certainly be more secure. It would also be a huge betrayal of users’ trust in Apple and the MacOS platform.
I would disagree with that statement. The user bought an Apple computer so they clearly trust Apple already. If anything, the new frameworks make the system more secure which strengthens that trust for users. The only people really affected by this change are users who want granular control over everything whether it comes from Apple or not.
We buy things from companies we don't implicitly trust all the time, because we can isolate and verify those things.
I don't always trust the supermarket to sell me non-moldy produce, but I can look at the produce and see whether it's moldy.
I don't trust oil companies not to destroy the environment, but if they sell me bad fuel it will be very clear.
I don't trust OS makers, but I can run firewalls and network sniffers to verify that the OS is behaving reasonably, and isolate it when it isn't. Until I can't.
This is false, maybe I bought X because it was the least shitty choice.
A back-channel that you can't inspect but Apple can use is a back-channel that you can't inspect but malicious actors have found a way to use waiting to happen. Preventing you from seeing that traffic doesn't protect you, only protects Apple at your expense, since you have no way of detecting whether something fishy is going on.
Trust relies on faith or evidence, the overwhelming circumstantial evidence is that Apple can not be trusted with anything other than their commercial interests.
You can not trust Apple with anything else, therefore you must have faith.
[ ] Do not trust Apple, trust only me
I am not a "developer" (nor am I particularly "smart") and yet I monitor traffic to/from computers I own. Maybe some incorrect assumptions are being made about so-called "users". I find it perplexing that any company should be able to prevent me from monitoring traffic to/from computers I own. I own the computers, I pay for the bandwidth. I do not buy Apple computers for the Apple software.
However, making it impossible to route the traffic of the system apps through a VPN of my choice (whatever the reason), is just broken functionality.
The difference between the two is subtle, but true. I want true masters that understand what the tradeoffs are to make those hard choices for themselves. I want the rest of the world to have a blanket of privacy and security that protects everyone.
Especially the elderly that are too trusting with what they believe.
When I was in college, Little Snitch was an absolute must for using Macs in our networking labs, because it was the best way to analyze and control our network. Without it the mac was not a feasible option.
This change by Apple would have essentially eliminated the macs use in several of these experiments, and I suspect that’s true today as well.
Further, this has a regular advanced user impact as well, for users on metered networks who would like to control their data usage.
This is the false shortcut behind any attempt to weaken security. Security makes access harder, therefore let's weaken security to improve access.
The fact is that weakening security also makes malicious behavior easier and/or more likely. Changes like this are bad particularly because Apple users pay for a protected walled garden.
It's pretty clear what they think - they allow basically any app to access the network on ios.
Wouldn't say I'm that smart. Wouldn't call myself a developer either. But I'm still kind of dismayed. I used to love macOS (or OS X to be precise), but the clock has been ticking for years now. Near every decision made about macOS future goes in the wrong direction (for me). Right now I'm looking at Manjaro. But still, I need the Adobe CC suite to get my work done, so I will have to use two machines. I hate running two computers. But that's probably where I'll end up.
Either Apple doesn't trust Little Snitch and shouldn't let it interfere with any apps, or Apple does trust Little Snitch and shouldn't block it at all. There's no reason to implement this halfway.
There's an availability consideration here, but that's about it.
Developing a truly polished operating system with a whole ecosystem of services is far, far beyond what volunteers and hobbyists can achieve. It's just too much work. It also requires focus and coordination and someone who is able and willing to say no. Without that the FOSS community rewrites everything over and over again instead of doing the not-fun parts of programming like fixing bugs and edge cases.
TL;DR: we get what we pay for. We don't pay for freedom so we don't get it.
> Those who pay set the agenda for everything.
And this different from non FOSS software how?
> Developing a truly polished operating system with a whole ecosystem of services is far, far beyond what volunteers and hobbyists can achieve.
As someone who uses Linux as my primary workstation I disagree. My coworkers that use Mac or Windows seem to have about the same number of issues overall. I mean- look at the article this is about. I’m pretty confident that would be much harder to get away with in the Linux community. Gnome shell is more polished than windows or macOS were at the same age.
> It also requires focus and coordination and someone who is able and willing to say no.
Clearly you haven’t dealt with the Gnome folks who are perfectly willing to say no to features some users scream for. Or read any of Linus’s rants about nvidia.
I've been a FOSS user and sometimes contributor since 1994 when I installed Linux with floppy disks, and have consistently watched FOSS lose the mainstream because they don't grasp the critical importance of UI/UX.
I want to write "it has to just work" on a sledgehammer and bash people about the head with it over and over again until they understand that user experience is f'ing EVERYTHING and every installation or setup step required to adopt something roughly halves adoption.
This is largely because we are in an age of time and attention poverty.
I don't want to see Arch Linux, for example, to start prioritizing for attracting non-technical users who want it to "just work."
Technical doesn't mean "unnecessarily complicated", it means "rich, expressive and built for users that are willing to spend some time to learn" (at least it should)
Citation needed. If you look at app store pricing models the opposite seems true. If I were going to take a random guess I would say that tech savvy users use open source software to avoid anti-consumer bullshit more than anything else.
My point is that the vast majority of people don't say that, only a very tiny minority. The vast majority of people want convenience, not control. They want their stuff to "just work" because even if they do have the technical knowledge they don't have the time to screw around with fixing their computer. Apple is giving the market what they want as evidenced by actual buying behavior, not posts on HN.
My other point is that while there probably are enough tech-savvy people who care about freedom to support a viable alternative platform, the majority of these users are not willing to pay for anything so there is not in fact a market for it.
Basically what it boils down to is that people don't actually care. Even the vocal people who say they care don't care because they won't open their wallets or change their buying habits. If you won't actually do anything about something, you don't care. Whining on the Internet is not doing something.
“The market will price this out” doesn’t actually work because it assumes that 1. Apple’s product strategy is done to match market desires perfectly and 2. The decision to buy is solely predicated on this particular thing. The first is false because nobody can do that and the second is because people buy Apple products for other reasons than just that. I personally know many people (although this sample is of course unbiased) that buy Apple devices for a number of reasons (they work well, they look nice, they have good support) but hate that they can’t do thing on them. But their purchase decision doesn’t reflect their opinions on this particular issue.
People aren't buying features off a list. In a situation like this a missing feature has to be so important that it completely disqualifies the product, which is a very different thing from a willingness to open the wallet.
It's similar to how you can get a kindle with or without lock screen ads. If the only option was with ads, you'd see more people buying that version because it becomes artificially hard for them to say "I don't want ads". Even though they're willing to pay for the feature.
And for convenience vs. control, well, this firewall bypass doesn't help convenience.
And that's why I picked up an MBP this year; it's caused me way less grief than my various Linux boxen have.
Bologna. I spent $4,000 for this MBP, and I've spent many hundreds on accessories, and thousands of dollars on software to run on it. I do everything on it. It is the center of my digital life.
That being said, the day I go to do something on this machine and find that I can't is the day I go buy a sub-$1,000 PC laptop, and go back to Linux (which I ran on the desktop for 19 years). Apple should be very careful how hard they squeeze here.
With trust you get trade. Trade is commerce and the more trust you have the more money changes hands.
If I could firewall my phone I would upgrade every year no question.
Similarly, all macOS machines will test a DHCP supplied default route before applying it by trying to reach something on the internet. So if you happen to have some firewall rules that block internet access, no default route will be applied until the internet check times out.
I won't share the other sentiments about the above, but is it really that hard to document these behaviors?
That's what FileVault is for. I don't understand what's the problem T2 is trying to solve by its existence. Being able to use something else to read the data from a drive you pulled out of your computer, after decrypting it with your password, is a feature, not a bug. T2 is a regression, not an improvement in security. You can't call it a security product if you keep the master key, which Apple does.
As for actual data security you are probably right
It's sure one of those nice to have features, but there's no good reason why it has to be mandatory like it is. All in all, having a device purposefully retain some information when you factory reset it is user-hostile.
The "lost or stolen" argument also hardly holds for desktop computers like Mac Pro or Mac Mini or iMac, yet they still have T2s in them.
Why ? People's houses get broken into all the time.
And probably 99.999% of laptops never leave a person's house.
> ..Using the checkm8 exploit originally made for iPhones, the checkra1n exploit was developed to build a semi-tethered exploit for the T2 security chip, exploiting a flaw. This could be used to e.g. circumvent activation lock, allowing stolen iPhones or macOS devices to be reset and sold on the black market.
> Since sepOS/BootROM is Read-Only Memory for security reasons, interestingly, Apple cannot patch this core vulnerability without a new hardware revision.
Crouching T2, Hidden Danger (2020-10-05) https://ironpeak.be/blog/crouching-t2-hidden-danger/
From what I could find, the encryption keys of the T2 are still secure but the OS running on it is not. Wiping the SSD and/or repairing another might be enough to resell the device without any locks but I'm not 100% sure about that.
watch the 2 security briefings that Apple delivered at black hat. i think they are 3 years apart and each touched on different aspects. i might be misremembering and T2 is covered in just one of them.
Okay, I'm going to test this.
I noticed odd hangings and cpu hitting high temps on a MBP 2018' w/ dell usb C dock on left side, meanwhile right side is fine but I had to reboot randomly and sometimes it will just crash.
And this is a MBP on a laptop stand.
It's a little funny because the advice used to be you should use the left-side USB-C ports first because they were faster (both for data and charge, IIRC?)
But replacing 2.5k every year with additional repairs in the 700 Euro range isn't viable.
Sadly we are primarily a Mac shop and I have to say that Keynote is by far the best piece of presentation software I know of. But none the less. The hardware is currently unacceptable imho.
I have also seen many android devices bricked by the same anti theft protections.
However Apple does unlock them if you can prove ownership. You need an invoice with serial number. It's a lot of hassle but it works. The reason for that box is that we didn't get serial numbers on the invoices for a long time :(
It's another one of those things that are supposedly for the benefit of the consumer but also really supports the company's bottom line by having to buy a new product. I'm always a bit dubious of their motives. I do see the benefit of such features. But they should have some kind of workaround for unlocking it. Such as a card with a QR code that you get with the phone and keep on file or something. Because theft isn't the only way you can get locked out. And since the fappening Apple is really difficult with resetting passwords, in some cases people just can't make it happen.
Android is even tougher but our local carrier can send them for repair to unblock them. Also, Samsung KME overrides the lock, which makes sense because it proves the device is company owned. I wish Apple DEP could do this too.
That's not a security thing, really. It's easy enough to layer encryption on a normal SSD. It's their desire to make it some kind of do-everything auxiliary chip, which has the end result of weakening security.
The absurdity of sitting in front of a frozen keyboard and trackpad for up to a minute before I can unlock the screensaver on a 2k machine has driven me spare. And now has driven away from these astounding lemons.
This is the last Apple laptop for me.
If you still have time, get your keyboard replaced for free: https://support.apple.com/keyboard-service-program-for-mac-n... (it also means they have to replace your mobo and battery due to brilliant Apple engineering).
It doesn't fix the problem, but it resets the clock until they fall off again. In Texas, it was <48 hours between dropping my Macbook off at the Apple shop and receiving it on my doorstep.
Can't even get far enough to see if the repair would be covered. Good job Apple
I heard it would take weeks and even had a backup laptop ready, so it surprised me when it came <2 days later. It was my original laptop too (had all my data and the same dent).
Oh well, the new models don't have this issue anymore. What a fuck up.
I had the same thing happening to me but Apple changed the complete keyboard under their extended keyboard warranty programm (even though it was out of Apple Care already).
I’m so accustomed to flaky peripherals with Apple products I wouldn’t even be alarmed at the behavior.
The idea is that if your keyboard is replaced with a keyboard that has modified (hacked) firmware, your computer will refuse to let you use it.
To do this, it must obtain a cryptographic attestation from the keyboard firmware, proving that it has not been modified. Further, to avoid replay attacks it must include the current time in the message it signs. NTP is used by macOS to determine the current time, so as to verify the signature provided by the keyboard.
So, if NTP is slow to respond or time out, you are stuck waiting for your Mac to verify your keyboard's signature.
At least give the user the ability to turn that off.
> At the same time, if you were to not be connected to a network, this kind of verification wouldn't do anything.
Use a counter...?
I blame Apple though for their terrible software.
I imagine it is, given the bureaucracy of a big company. Apple's documentation has long been really dreadful, mostly nonexistent and where it does exist, usually incomplete and even wrong. I've assumed it was because the code itself is developed by isolated groups while the documentation presumably has to touch all sorts of people (publishing, translation, language checks, ...) in a kind of Conway's law.
However, hard or not, writing comprehensive documentation is quite doable. I have never been a fan of the Windows programming model but I have long admired not just MS's documentation but the amount of effort and commitment they obviously put in.
Apple cares about some things but in this regard it appears they simply don't give a shit.
Developer docs for most of their libraries are usually just the method name in a large font and the parameter types and that's it.
Anyone want to tell him about Microsoft's Azure or .NET documentation?...
It's the same all over.
When did they start doing this? I'm still using High Sierra on my 2018 MBP work laptop, because the keyboard and trackpad was freezing for anywhere up to 5 minutes or more with Mojave after a wakeup (usually after a long sleep). Downgrading to High Sierra fixed it, but fighting with the machine was such a pain I haven't dared touch it since.
I'm wondering if you're describing the problem I was having, but could never figure out.
Documenting means revealing the edge cases and the limitations, which engineering knows is the best kind of documentation. But marketing people are invested in the "magic".
Marketing people have too much sway at Apple.
Holy shit, this is why my macbook sometimes won't let me log in for like 15 seconds on my shitty cellular hotspot connection? Absurd. Apple software has fallen so far from just 10 years ago.
I really wish Apple executives were forced to use their computers on crap wifi. Who am I kidding, I would imagine Tim Cook hasn't used a Mac in years.
It feels rather heavy handed as there are ways other systems have worked around this that don't hijack routes.
A quick search for Captive Network Assistant shows it’s not documented.
It was also compounded by the VPN setting I use to disable all traffic until it successfully reconnects. Meaning whether my computer works or not is dependent on my VPN providers reliability.
Now that I know Apple thinks I need an internet connection to wake up my laptop securely I'm quite pissed by this. Brand new $4k laptop is a paperweight if my VPN can't connect.
Sometimes when my MBP goes to sleep it loses wifi connection and VPN disconnects. When it wakes up, Tunnelblick asks for password, but it doesn't restore routes (I guess?). Basically no internet until I either enter password or click disconnect. At that moment I'm typing in my OS password and pressing Enter.
What then happens is that it waits for ≈30 seconds and then logs me in, as if it made a network request and waited until it timed out.
Could it be related to the issue you're describing?
I just wish the font rendering situation on Linux was better though. Text (in browsers) just looks so bad on Linux compared to both Windows and mac.
... and what if your network is down? You can't even use your keyboard?
But on the other hand, there are use cases where checking for the existence of a default route is the best heuristic.
> Similarly, all macOS machines will test a DHCP supplied default route before applying it by trying to reach something on the internet. So if you happen to have some firewall rules that block internet access, no default route will be applied until the internet check times out.
So if the default route doesn't exist yet since it's still checking for internet, it would let you use the keyboard. DHCP probably runs every time the NIC is turned on (like from sleep), and they could just disable this function if you've set a static default route (since they may not be able to reach their NTP server on that route).
The machine is basically frozen at login until some timeout hits.
Aha so this is why I need to put my MacBook back to sleep after waking on a spotty WiFi connection or when it was previously connected to vpn which timed out during sleep!