As someone who builds industrial/scientific machines, the consumer oriented devices that Apple makes are completely unusable for me. Locking down completely capable computing devices seems like such a waste. I'm also not a fan of how Apple controls devices and the market of software after the device has changed owner. I'm staying the hell away from this ecosystem. Not sure why many so-called "hackers" are so enthusiastic about these "hood-welded-shut" systems.
I'm one of the most technically-inclined people I know in my personal social circle (not true in my professional circle.) I'd even probably go so far as to label myself a "hacker". But I do care about UX (which Apple nails). I do care about convenience (which Apple nails.) And I do care about privacy (which, and I know I'll get flak for this, Apple _also nails_ when compared to any other device on the market that isn't explicitly marketed to developers.)
However, despite being an actual software engineer, I'm no security researcher. I don't understand kernels or privilege elevation or anything deeper than the UNIX shell I work in. So it's nice to have a system that's 99% safe by default, but still allows me to run crons, or programmatically open/modify things, and generally script my machine to look and behave the way I want.
Apple is the perfect middle-ground for people like me. Just because you can't fiddle with a kernel hardly makes this a "hood-welded-shut" machine. There are processes on my Windows machine that I'm not allowed to kill even as an administrator. I can `kill -9` whatever the hell I want on my Mac.
There's a very large group of people who operate like me, and are even less technical than I am, but love things like Keyboard Maestro or Apple scripts which allow them to tweak little things. Windows has no comparison and as far as I've witnessed it's one of the most frustrating operating systems in existence. Most people do not have the time or desire to run Linux. So, you are left with Apple which nails several of selling points that no other ecosystem nails.
That's why people, including "hackers", are enthusiastic about this "hood-welded-shut" system.
> I can `kill -9` whatever the hell I want on my Mac.
Note that the Mac is way more open than the iPhone (or iPad, which is funny considering how some chips are shared between Mac & iPad), specifically to preserve (some) of the kind of control people expect from their Mac.
That's why you can run Asahi Linux on Macs, but not iPads.
So you & GP may be talking past each other, them grousing over the locked-down nature of the iPhone, while you celebrate the control of your Mac.
You can permanently uninstall Microsoft Edge, it just takes some tinkering.
Last time I was playing with a Mac, even the root account was a problem to try and access. Apple are just way too nannying with their devices, but people like that.
I'm not talking about sudo su, but actually accessing the root account directly. I remember back in the day I put a file on someones desktop to prove a point, and they couldn't delete it because logging on as root was harder than it should be and they didn't know how.
One thing in particular that bugs me about Macbooks is the fail-deadly hardware security. Disk encryption is good, yes - I use LUKS myself - but it tends to backfire on regular consumers if done poorly. I've had to tell far too many people that their data is perma-gone from a fried Macbook motherboard. (And no, "they should have used Time Machine" is not a valid excuse for such poor design.)
Such scenarios are trivially recoverable on better-designed machines with removable storage and consumer-friendly software FDE. BitLocker does this reasonably well - yes, there are privacy concerns w.r.t. key backups, but one must strike a balance between convenience and security.
ETA: To be clear, this setup would be entirely tolerable to me, but I (and everyone else in here) is hardly an average consumer when it comes to technology.
Personally, I do not like MacOS, and I do not like using a Macbook for work, because I am a developer and a hacker. It is harder to do my job and harder to be efficient at my work.
That being said, I love iOS on my phone and tablet. I used to prefer android, because of how much I could customize it, but it slowly became less reliable and more centered around selling me products and services sponsored by Google or my carrier. I switched to an iPhone and iPad about 7 years ago and am much happier with a reliable set of mobile devices that I know are relatively secure and wont get in the way of what I want to do.
Point being, the OS you want on, and ecosystem you want around your devices absolutely depends entirely on what you want your devices to do (or not do against your will).
I'm a self-branded hacker so I'll share my motivation:
Shit. Works.
This is critical. I can focus on my actual task at hand, rather than fiddling with the system.
Some perspective: I've been on Debian for 15 years, and I still hold it in very high regard for servers. I'm also an occasional Alpine & OpenBSD user; and Windows for games. I've tried Ubuntu, couldn't stop it from getting in my way. Before you suggest Fedora, Arch, NixOS, whatever: I'm done distro-hopping. The experience is about equal everywhere. No amount of "choice" beats thoughtful design, accessibility, and vertical integration.
I'm a software engineer at a company that does all macbooks. I hate my M1 macbook because it's way less reliable then my desktop, both software and hardware. I have to hold the power button to force it off roughly twice a month, it absolutely refuses to play nice with my KVM (that my desktop has no issues with), and the "keyboard secure input" feature regularly goes on the fritz and breaks anything that taps into the keyboard, including stuff that I've specifically installed.
Much of these complaints are usually better directed at Crowdstrike and other EDRs. The performance difference between my employer-provided Macbook and my personal one are like night and day.
Hell, half (but only half...) the reason I try to get MacBooks anywhere I work is because they're usually not quite as shitted up with broken surveillance software eating half the company's potential productivity, as the Windows ones.
> I have to hold the power button to force it off roughly twice a month [...]
Hmm...
$ last | grep reboot
reboot time Sun Feb 16 14:10
reboot time Fri Feb 14 19:40
reboot time Thu Jan 30 09:52
reboot time Fri Dec 13 16:20
reboot time Tue Oct 29 15:32
reboot time Tue Sep 17 12:19
[...]
I guess most of these are from macOS updates. I don't think I've used the power button at all in the past year or so? FWIW I'm using a Mac mini (also M1) rather than a Macbook, but "it works for me" was the entire point of my original comment.
> it absolutely refuses to play nice with my KVM (that my desktop has no issues with)
Honestly I'm with you here, but I'm pretty sure KVMs are just pure lottery. I plug the mini via USB-C/DP to a screen that has a simple built-in USB hub (which in turn handles mouse/KB/audio interface); this also works perfectly fine with my Thinkpad T495. However an expensive TB3 dock with a dozen ports doesn't work with either, but it's just fine with a 2017 MBP. TBH I wouldn't blame any of the involved parties; USB-C/TB always came off as a finicky mess to me.
> I'm a software engineer at a company that does all macbooks.
I can't say anything but extend my sympathy. In an ideal world, companies prioritise employee satisfaction and productivity. There's an argument that this is a trade-off vs increased IT support cost/workload, but I guess SWEs don't need much support to begin with?
You could at least appeal on the basis that the HW you've been provided with is clearly unreliable. Come up with some numbers about lost productivity. Bosses love numbers.
> There's an argument that this is a trade-off vs increased IT support cost/workload, but I guess SWEs don't need much support to begin with?
IME, it's also about being able to ensure that everyone has access to the same software. I worked at a company that used macOS-specific software for development (I think it was Sketch?) so I had to have a MacBook around, even though I primarily used a Linux desktop for work. Anecdotally, I don't think this is uncommon.
Yeah I'm using enough Mac-specific (Logic, Compressor, Sketch, ...) or otherwise proprietary software that it makes perfect sense. I'm lucky that this is already my platform of choice. And honestly it's been getting better (OrbStack!), and I don't even have to touch XCode too often :,)
Sorry to be that person but: As someone who's been using NixOS as their daily driver for about three years (after switching to it from Debian) and is currently trying out a MacBook I can tell you that NixOS provides a very different experience than everything else you've mentioned (including macOS). The only other OS I'm aware of that it's comparable to is Guix System which is distantly related to NixOS.
NixOS in its unofficial "endgame" is more like a container where you can strictly define what files to keep between reboots and everything else gets thrown away. Except unlike a container it covers your entire filesystem (not just a single application) and it's actually usable for things like a laptop since you don't have to reboot between making changes. There's a popular blog post titled "Erase your darlings" that explains it in more detail[1]. And, like with a container image (but different in how it's done), NixOS forces you to write any and all changes to your system's programs or config as code that can be introspected and delivers repeatable results.
This is definitely not to everyone's taste but for me this is now the only way to keep computers "clean" in the long term (sans specialized distros like Talos Linux). I can just look at the source code to know exactly what I'm running and I can delete stuff I no longer want without having to think about leftover files or anything like that. Backups also get a lot simpler when you only have to think about the persistent volume of your system and your config and full restores are just a matter of reinstalling with your config in place.
macOS is gorgeous and I love how everything just works pretty much (except defining global keyboard shortcuts). But I've been so spoiled by NixOS catering to my config management obsession that everything else feels kind of primitive in that regard. My dream would be the macOS userland and kernel on top of Apple hardware but built and assembled with the Nix module system. And then some APFS magic to make an ephemeral root filesystem work.
(Also yes I've tried nix-darwin. Love it and I'm infinitely grateful it exists because I'm also using a MacBook at work but it's not the same kind of "complete" experience that NixOS provides.)
I've been using NixOS for a couple of years; I still have it on one of my RasPis. I've had a moderately elaborate config for my laptop. I could enumerate all of the problems I've had with it, but back to my point: not that different from every other distribution. Once you get past the insane level of ecosystem fragmentation and DIY fixes (which NixOS adds to- with "regular" configs vs flakes), there's still the UX department, where both KDE and Gnome are severely lacking.
Of course, the software that goes onto a NixOS installation is the same as on most other Linux distros so it's not any different in that regard. What I was trying to say is the config management aspect - especially when used with an ephemeral root FS - provides an entirely different way of managing your computer that's not really possible to replicate anywhere else (except Guix as I've mentioned).
Not that that makes it objectively better or worse. The config shtick of NixOS can also be really annoying to someone who just wants to install stuff and move on. It comes down to personal preference.
Personally I prefer the approach that the BSDs took: your OS has a "base" that is designed and integrated as a whole, provides basic services (SSH, httpd, mail, etc) plus a spartan GUI and all the tools to support its own development. Everything else is in ports/packages, which theoretically can be erased all at once with no loss in core functionality. It's conceptually simple and works OK in practice.
Notably, macOS (a BSD in my book) took the next logical step and completely sealed the base OS, all the way via logical volume management, verified boot chain, SEP (aka TPM), etc.
I agree that NixOS solves configuration management in a much more elegant way, but that elegance carries a heavy cost: it requires domain knowledge to comprehend. Personally I just keep /etc in git, and use judo to propagate changes. <https://github.com/rollcat/judo>
Fedora is really good though. I’ve daily driven Windows, MacOS and Linux, Fedora is by far the best developer experience I’ve had so far. But then again, I tend to setup my devbox quite spartan, so that it just works.
Does Fedora support ZFS (without building from source) yet? Filesystem snapshots is not something I'd ever give up on, and Btrfs still doesn't seem production-ready.
Also - I'm done distro-hopping. The problem is KDE/Gnome- KDE is aping Windows (badly), Gnome is aping macOS (also badly). I'd list all of the problems but it would take an essay.
I don’t know, it’s my workstation so everything is in Dropbox/Onedrive/Github/Gitlab, making the machine itself ephemeral… Come to think of it I should
probably get a NAS and mirror Dropbox/Onedrive onto, just in case.
Does Dropbox or Onedrive keep hourly+daily+weekly+monthly deduplicated snapshots of everything that's happened on your machine, that work without any network connection?
It's no substitute for backups (I use Borg), and syncing is good (I use Syncthing, I guess iCloud also counts). But snapshots should be ubiquitous at this point, just like having a "trash bin" was mainstream in 1995.
Well, I may be an oddball, but I never really find myself having the need for snapshots, I have a tendency to not really delete files. Once upon a time i recall Dropbox having versions?
I'm also confused when I see threads like this. For dev work I've yet to try a distro that didn't "just work". The only real friction I've run into is the tradeoff between stability versus package freshness but that's going to be a tradeoff with any software environment.
> Not sure why many so-called "hackers" are so enthusiastic about these "hood-welded-shut" systems.
I think the term 'hackers' has become diluted to the point it just means 'enthusiastic coder' - it hasn't seemed tied to creative thinking or pushing boundaries in some time. That probably stopped around the time the LifeHacks site became popular.
They prefer Apple because most are young and grew up with iPhones and Apple being cool due, all while MS starting continually shooting themselves in the photo with Win 10 and 11. They probably approve of Apple standing up to the FBI also.
I totally agree. I think the best time was when they switched to the intel architecture, and their machines were good at interoperating with the rest of the world.
But I think they're regressed. I think sj was good at getting apple to interface with the rest of the world, and make course corrections. But now they've forgotten how.
Everything apple does is more apple ecosystem, ignore everyone else.
Sort of like the 7-habits dependent, independent, interdependent. Now they're back to independent.
so... they ignore the rest of the world. their own hardware, their own languages, everything else comes from their store. admittedly macos still allows people to run their own software, but ios doesn't let you run software or even access your own filesystem.
Let's step back for a moment and think about this example:
Do I, a highly technical person, want a machine that has been made in to an appliance, where I have very little control over what's going on in the background, where I have to trust one of the largest companies on the planet to Do The Right Thing™?
Well, I know I don't want to run an OS like Windows where the end user is treated with contempt and distain, where the price of the license means nothing because I'm still treated as someone who doesn't know enough to even choose my own browser, where third party programs have more control over my own machine than I do, unless I happen to have a lot of specialized knowledge and plenty of time to circumvent these biases.
But let's compare the Apple appliance to an open source OS running on an Intel CPU. Now I have an OS that gives me more freedom to do what I want and need, that has only documentation and technical issues as roadblocks, not intentional design. Better, yes? But now I'm also required to trust a company that has a literal hardware back door built in to it, that comes from a company that acts like they have no real understanding of security but might just be playing dumb, that has lied to users many times over years, that has knowingly chosen speed and marketing numbers over security time and time again.
Now add the fact that we need to trust binary blobs for wifi chipsets, some ethernet chips, GPUs, et cetera. Not great, if we want to both control our machine and trust it.
So, really, would I want to run an open OS on top of a janky CPU with lowest common denominator hardware, where each part might have issues, possibly security issues, or would I want an appliance?
I wish there were more options... AMD is better than Intel, but not sufficiently. They have less of a history of lying, of manipulation of marketing information, et cetera, but they still have that hardware back door. People are working on open source firmware for wifi chips, et cetera. ARM is nice, but ARM laptops and desktops still come at a premium.
So do I see the appeal of an appliance that has incredible performance, battery life, the best exploitation of the hardware on the planet, excellent quality and security? I do, particularly when all aspects of that appliance are in the hands of a company that makes their insane profits from being "premium". So long as their profits depend on being premium, I will trust them, because my trust needs align with their profit desires. When that stops, my trust stops.
Would it be nice if I could run my own choice of OS on it? It would. But sometimes we need a device that gets things done, and in many instances, an appliance is better than the alternatives.
Can I still run pretty much what I want on this appliance, aside from my OS of choice? Yes, I can. So unless I'm interfacing directly with hardware, these appliances mean less work for me.
That's not to say your case isn't valid, but it's easy to see a case for most people having appliances.
One thing I can do when I need an OS that I can mess around with is running a VM, with for example Linux. This allows me to do the things I want in an open OS, while still have the nice appliance-machine. In the VM I can mess around as much as I want, need. I can even checkpoint the VM, saving myself from over-messing.
Yes using a VM means taking a performance hit. But with the latest Apple machines, and for what I do in the VMs, I haven't experienced any lack of performance that annoys me.
One example for what I do is to run double Wireguard tunnels. In MacOS it has been nigh impossibly to get working (and esp not reliably). But works easily in a Linux VM. With this I can proxy through the VM to access remote resources from applications in MacOS.
