What sucks is that you can't disable SIP without _also_ disabling disk encryption ("FileVault"), because Apple changed from full disk encryption to only encrypting user data, and relying on SIP and crypto hashes to protect the system partition. Therefore, you can't "safely" disable SIP, as you'd be able to boot into recovery mode and perform an evil maid attack.
This is really irritating, both that:
- I can't "accept the risk" and force disk encryption anyway. This may be technically possible if you bludgeon the OS enough, but it's definitely not something the built in CLI tooling supports.
- I can't use the old full disk encryption mode. Presumably, this code does or did still exist somewhere, but isn't supported because it's not used in any supported configuration.
So you're left with the option of having no disk encryption on your laptop, or having SIP.
EDIT: I'm thinking of SSV, not SIP per se. But when it comes to disabling the built-in launchd services like Spotlight, you have to disable SSV to do so, and that requires disabling FileVault.
You appear to be confusing System Integrity Protection with the Signed System Volume. FileVault works fine with SIP disabled. But you can't disable SSV without disabling FileVault.
Yes, this is true! I was thinking about "disabling SIP" in the sense of being able to modify the system to e.g. disable the Spotlight launchd service. My mistake.
But still -- you can't "unlock" the system (in this sense) without disabling SSV, which requires disabling FileVault.
(Unless I'm wrong about that too, and there is a way to disable Spotlight without disabling SSV)
I know the writing has been on the wall for a while but as a former fanboy, I just didn't see it. When SIP was released, it was my first "ah ha" wake-up call that Apple is no longer building software for me. Ten years later, it's still getting worse. This idea that the owner of the computer is not the ultimate authority over what is running on that computer is slowly seeping its way into macOS and with every release it seems to get worse. That and the ecosystem of apps that abandon you if you're running N minus 3 or earlier macOS.
I'm finally starting to de-Applify my home computing and slowly removing my and my family's dependence on the Apple ecosystem. Replacing an old Mac Mini here, replacing an old MacBook there. It's been a long time coming, but I'm out.
I'm not even mentioning Tahoe which is a disaster but doesn't bother me because I don't have a single machine that can run anything past Ventura anyway.
As far as I know, recovery mode doesn't let you do anything without either successfully authenticating or wiping the entire disk. An evil maid could theoretically compromise recovery mode at the login screen (with a USB device or something) but if they were able to do that, they could probably disable SSV themselves even if you hadn't done so. Therefore, disabling SSV shouldn't create additional risk involving recovery mode.
If the evil maid could boot macOS from an external disk, on the other hand, that would definitely be a problem. I think you need to authenticate in order to boot from an external disk for the first time (cf. [1]) but I'm not sure how this works.
Edit: Actually I guess an attacker trying to disable SSV themselves (via exploit of recovery mode) wouldn’t have the machine owner key needed to sign the new LocalPolicy. But could they reset it and still keep the data somehow? I don’t know.
We shouldn't ban children from drinking. It doesn't even help, because kids drink anyway, just illegally and largely unsupervised by adults. I certainly drank like a fish when I was underage.
Let me make a parallel argument: We shouldn’t ban drinking and driving. It doesn’t even help, because people do it anyway.
You seem to be setting the bar at “if anyone violates the law then the law is a failure and should be revoked.” But that’s why we have court systems. They don’t just determine if someone broke the law, but also what to do when people inevitably do. You’re operating in a world where the only restrictive laws we should have are ones where it eradicates certain behaviors 100%.
You’re basically arguing against having laws rather than the merits of the law and its efficacy. Also “drinking like a a fish” when you were a kid was terrible for your development even if you turned out ok. Many people do not. It’s not even debatable, we know the numbers on this.
> We shouldn’t ban drinking and driving. It doesn’t even help, because people do it anyway.
> Do you see the trouble with the logic here?
I think you misunderstood my comment. The second sentence was not intended to be an argument or justification for the first sentence. The first sentence stands alone: I think it's unprincipled to ban children from drinking. The second sentence is merely a corollary. Also, I think that legalization and the introduction of adult supervision would ameliorate some of the problems associated with youth drinking, would "moderate" it to some extent.
My view is that the government should not try to be a parent, should not restrict personal freedom, not even of kids, except in so far as one's exercise of freedom harms others, and even there it has to be significant harm, e.g., you can ban violence but not hurting someone else's feelings. The drunk driving laws, which apply to all ages, may be justified by the known role of drunk driving in car crashes. The same principle apples to public smoking bans: the issue is not the first-hand smoke, which is your own business, but rather the second-hand smoke, affecting people who choose not to smoke.
Preventing children from smoking has entirely to do with the very well established and understood health impacts on children as they develop, same as alcohol. It is not because of secondhand smoke. The latter informs where we can smoke, such as (not) around a hospital.
> Preventing children from smoking has entirely to do with the very well established and understood health impacts on children as they develop, same as alcohol.
There are very well established and understood health impacts on adults too, for both smoking and alcohol.
> It is not because of secondhand smoke. The latter informs where we can smoke, such as (not) around a hospital.
Duh? I mentioned second-hand smoke in the context of "public smoking bans," by which I meant smoking in buildings and other public areas. That has nothing specifically to do with children. So it appears that once again you misunderstood my comment.
The point is the enforcement/adherence part. They are saying “people do it anyway, therefore we shouldn’t have the law.“ What you are arguing is actually more valid than their argument.
That’s how it read. Which is what my previous comment responded to. This is getting kind of silly and the tone is not necessary. I think maybe it’s better for us both to move on.
> That’s how it read. Which is what my previous comment responded to.
My problem with your previous comment is that it was written after my clarificatory reply to you, and indeed after your reply to that, so you obviously read my clarificatory reply, but instead of revising your initial interpretation based on my clarification, you chose, for whatever reason, to repeat the initial misinterpretation.
> Apple’s insistence on publishing them on the App Store means availability is still restricted.
This is not true. You can distribute Safari extensions outside the Mac App Store.
While it's true that you can't distribute Safari extensions outside the iOS App Store, mobile Chrome doesn't even have extension support, so in this case, Safari has vastly better extension support.
You do still need to notarise it with an Apple Developer membership, right? Else you have to enable unsigned extensions every time you open Safari. The cost barrier is still there even if the approval barrier isn’t.
Yes, but your initial comment was kind of a strange way to phrase a cost complaint. After all, Google insists that extensions be published in the Chrome Web Store, and that requires Google's approval, a process that can often take much longer than App Store approval.
I suspect that the difference in extension availability is mostly due to desktop market share, since Safari is nonexistent on Windows and Linux.
There’s quite a difference between a one time $5 fee and an annual $99 fee for the economics of publishing a free browser extension.
Given almost 100% compatibility with the same Web Extension APIs that Chrome uses, I think you’d expect near-parity in extension availability between Chrome and Safari if that barrier didn’t exist.
> There’s quite a difference between a one time $5 fee and an annual $99 fee for the economics of publishing a free browser extension.
Yes? I didn't deny that. I said your initial comment didn't mention cost.
> Given almost 100% compatibility with the same Web Extension APIs that Chrome uses, I think you’d expect near-parity in extension availability between Chrome and Safari if that barrier didn’t exist.
It feels like you ignored the points I made in my last comment. Why would you expect near parity in extension availability when you can't even develop Safari extensions on Windows and Linux computers?
“publishing them on the App Store” was intended as (perhaps imprecise for you) shorthand for all of these distribution issues.
You very much can develop Safari extensions on Windows or Linux because they use largely the same APIs as Chrome extensions as I already mentioned. Any differences are well documented. The only thing you need a Mac for is, again, distribution. If not for that it’s really not that different to developing a website that will open on Safari without access to an Apple device.
Once upon a time Apple had a separate Safari extensions website where they allowed extension developers to publish or sign extensions after registering for free as they recognised these barriers. They could either be distributed on Apple’s extensions gallery or you could distribute the files yourself.
> Apple invests every day to ensure the App Store remains a safe and trusted place for users to find great apps.
Last quarter, gross margins on "Services" revenue were 75%. The App Store is almost pure profit, with relatively little investment.
See also: https://www.apple.com/app-store/ "Every week, nearly 500 dedicated experts around the world review over 130K apps." Astonishingly, Apple appears to be bragging about these numbers, but if you do the math, 500 reviewers working 40 hours per week doing nothing except reviewing apps—no training, no meetings, no breaks, etc.—must spend an average of less than 10 minutes on each submission, to review the app and the App Store metadata (text, screenshots, etc.) for conformance with all guidelines, not only safety but also, more importantly to Apple, it seems, ensuring that the app doesn't somehow avoid giving Apple its cut of revenue. Not to mention that the salary of 500 reviewers is basically a drop in the bucket compared to App Store revenue.
My spouse tried out for the people who sub-contract the app store reviewing and it was very much as you surmise, they require you to do a very oddly specific number of reviews in an hour (29, IIRC) and do not pay very well. Pay and time per review might have gotten better if he'd stuck with it and climbed to a similar level as his previous position in a mapping company but we are not at that level of desperation yet.
The page does say, "100% of apps are automatically screened for known malware," but that's also true of Mac app notarization, which costs the developer only the $99 per year developer program fee.
Gross margin doesn't tell you much about their level of investment. Gross margin is only revenue minus COGS (i.e. hosting, support, potentially infra teams). To understand further investments you'd have to know R&D or at least Opex broken out for Apple Services (which AFAIK they do not share).
SaaS typically expects 80% gross margin, so Apple is not out of line here.
> To understand further investments you'd have to know R&D or at least Opex broken out for Apple Services (which AFAIK they do not share).
Total R&D for the entire corporation was $9 billion compared to $29 billion just in Services revenue. How much of that R&D do you think the crApp Store needs, compared to the hardware and the operating systems? https://www.apple.com/newsroom/pdfs/fy2025-q4/FY25_Q4_Consol...
> SaaS typically expects 80% gross margin, so Apple is not out of line here.
App Store is essentially an online retailer (or consignment store), not SaaS. Apple is selling software written by other developers.
How is this reply relevant to my comment? What you care about is irrelevant to whether the HN submission title is accurate.
I'm not employed by Logitech, so I'm not here to handle your customer service complaints. In any case, Logitech has already released a fix, so I suggest that you contact them if you're still experiencing the problem.
It is highly relevant because what should had been done in the firmware of the hardware instead was done in a very overcomplicated shitshow of a program what:
a) should be run constantly to rewrite the keypresses
b) can't be run if the certificate lapses
If Logitech goes out of business they would never renew the certificate and the hardware you bought for the options (and for Logi+ Options lol) would became just a regular mouse with a prebaked function keys what you can't do anything with - despite you probably overpaid for this mouse exactly because it was advertised what you can.
Yes of course apps will continue to operate after the signing cert expires, and this is documented by Apple in several places. It would be absolutely insane if apps stopped working, because all Developer ID signing certs expire after 5 years.
The valid dates for code signing certificates apply, naturally, to signing. You can't sign an app anymore with an expired certificate, but if an old app was signed with a cert that was valid at the time of signing, then the app will continue functioning forever.
This issue was just a dumb screwup by Logitech. If apps stopped functioning when the signing cert expired, you'd see Mac apps dying all the time.
OP said something confusing about the Go compiler, so I was only added clarification for that one statement.
You walked by half listening to a conversation, stuck your head in the room and said something tangentially related but more confusing.
There are distribution and development certificates that can all be used for signing a binary. Different rules for each, and there's also auto-signed (com.apple.provenance). It's all documented on Apple's website if you want to read more about it. But I suspect you already know this and are just trying to pick a fight.
This is a gross mischaracterization of the thread. I replied to spondyl, not to you. Then you replied to me, so if anyone was "trying to pick a fight" involving me, it was you.
The crucial point is this: there are no builds that expire on macOS. Developer ID signed builds do not expire. Ad hoc signed builds do not expire. When the Developer ID code signing certificate expires, it cannot be used to sign new builds, but the old builds last forever. Build expiration is not a thing in any case.
So when spondryl asked, "Just to be clear, you're saying that .app bundles (and CLI tools) distributed outside of the App Store (and CLI tools) will continue to operate once the expiration date of the signing certificate has passed?" and you responded "No, sorry. That's not what I'm saying." that was actually confusing, not what I said.
The only reason the Logitech software died is that Logitech itself was doing some custom and badly designed validation above and beyond anything that macOS itself does. Your mention of App Store apps and CLI tools was itself a tangent and completely irrelevant to the issue.
The irony about that is that a lot of the Confederate flag-flyers (ironically enough, overlapping with the Don't Tread on Me crowd) seriously hate the government.
The administration's kept them on side with culture wars red meat so far...
But the further ICE / police militarization goes, the more awkward the situation with right-wing militia types is going to get.
They hate the "government" which is an abstract evil entity. They love Trump, the police, and ICE.
MAGA was chanting "president of peace" only a few months ago, and did anyone complain about Venezuela? Not a peep. They thrive on logical contradictions.
reply