Comment by elmo2you
4 years ago
Sincerely and without any intention to troll or be sarcastic: I'm puzzled that people are willing buy a computer/OS where (apparently) software can/will fail to launch if some central company server goes down. Maybe I'm just getting this wrong, because I can honestly not quite wrap my head around this. This is such a big no-go, from a systems design point of view.
Even beyond unintentional glitches at Apple, just imagine what this could mean when traffic to this infra is disrupted intentionally (e.g. to any "unfavorable" country). That sounds like a really serious cyber attack vector to me. Equally dangerous if infra inside the USA gets compromised, if that is going to make Apple computers effectively inoperable. Not sure how Apple will shield itself from legal liability in such an event, if things are intentionally designed this way. I seriously doubt that a cleverly crafted TOS/EULA will do it, for the damage might easily go way beyond to just users in this case.
Again, maybe (and in fact: hopefully) I'm just getting this all wrong. If not, I might know a country or two where this could even warrant a full ban on the sale of Apple computers, if there is no local/national instance of this (apparently crucial) infrastructure operating in that country itself, merely on the argument of national security (and in this case a very valid one, for a change).
All in all, this appears to be a design fuck-up of monumental proportions. One that might very well deserve to have serious legal ramifications for Apple.
> I'm puzzled that people are willing buy a computer/OS where (apparently) software can/will fail to launch if some central company server goes down. Maybe I'm just getting this wrong, because I can honestly not quite wrap my head around this. This is such a big no-go, from a systems design point of view.
The answer is pretty simple: these problems are extremely rare, they don't last very long, and they tend to have fairly simple workarounds. You seem to have a principle that any non-zero chance of being affected by a problem of a certain type is a complete deal-breaker, but most people when buying a computer probably just subconsciously estimate the likelihood and impact of this type (and all other types) of problems and weigh that against other unrelated factors like price.
It's even simpler than people not caring, people don't know.
Furthermore, if you’re one of the few who do know and it bothers you, you can turn it off.
3 replies →
Exactly. Today was the first day when I knew this was possible. If I had been buying a computer a month ago, this would not have been a factor in my calculations whatsoever, because I didn't know it was even a possibility to consider.
A month from now? Different story.
2 replies →
And they don't know because the hidden source of the binaries their overpriced hardware is running. So users can't inspect the source and look for hidden "gems" like this one, let alone fix those intentional bugs themselves - not just due to not having the source, but the hardware refusing to boot anything not signed by the blessed key of Apple.
2 replies →
"I'll do YOU one better." /Drax
I know, and I _want_ this. In general, it effectively eliminates the possibility that I'm going to install malware.
As an Apple user of 10 years: I had no idea macos phones home like this.
That's one potential issue, if you have privacy concerns. But the real problem here is that there's a blatant bug in the phone-home code that causes apps to crash if Apple's servers have a problem.
14 replies →
It's a certificate check.
I knew and didn't care. If you care, you're going to be real upset when you look at your other alternatives.
That said, I don't think many people here actually care. I firmly believe that most of the people on this site just like to shit on Apple, because they prefer that to trust their privacy to an Advertising company.
I agree with your point about it being a principle, although I would add that the decision to build a product in this manner is also a principle.
Furthermore, I would sort of disagree with the answer to why people would buy this. In terms of "most people buying a computer", the overwhelming majority of Apple customers are likely ignorant to this issue, and will continue to be.
> rare, very long, simple
in this context those are simply weasel words in my opinion
It's true that I don't have data on how often this type of problem happens, how long they last, and what the workarounds are, but I'm using those words not to be intentionally vague, but to reflect my own impression from my own experience, and I strongly suspect my impression matches most people's.
14 replies →
Without principles, your freedom will be (is being!) slowly chiseled away, pragmatically accepting each small step. By the time even pragmatism tells you to refuse, it'll be too late.
That's exactly what happened in Hong Kong: https://www.nytimes.com/2019/10/09/technology/apple-hong-kon...
But it could never happen here...
(As someone pointed out, this does more than just prevent apps from running - it also leaks which apps you use and how often. Someone could ask Apple exactly when you started Tor browser, for example)
The payoff for the very slight risk is an effective built-in malware prevention system that doesn’t treat me abusively and reacts in a timely manner to abusive circumstances.
After decades of production operations, I have no complaints about how this was handled, and I expect they’ll investigate and patch any defects exposed by the outage.
I went for a walk when this happened and when I got back it was fixed. Works for me.
Normally I'm of a similar opinion to yours...but in this case I'm not.
What happens if you're trading securities, or if you have an imminent deadline? Apple sells a fail-closed security feature, without investing the resources necessary to keep it as near to 100% serviceable as possible, and never really discusses it with the user. When it hangs, most users don't even know why.
WTF!
Seems like they could partner with Akamai (or one of its competitors) to make the server-side component of this feature more robust.
If they are going to sell the MBP as a premium professional product, then they must recognize that it will sometimes serve as the linchpin of users' mission-critical activities.
Take a billion dollars out of the stock buyback, invest it in the product instead, and make this problem go away.
1 reply →
What's it like renting a computer?
1 reply →
I think more specifically it's rare enough that it hasn't happened to most people yet or people blame themselves ("my internet is bad" and the like)
There's software "EazyFlixPix" which shut down its authentication server - so everyone who purchased the app can no longer install it (unsure, but they might be also prevented from running it too).
Feels problematic.
That's different mindset — ability to fix, right to repair. No way to comfortably run another OS on MacBook, has to use macOS. It is closed source, users at mercy of the company. Think different.
Also, which is the bigger risk for most people: disruption to the cert verification, or malicious runtimes on their system?
(Hint: I have literally never seen an example of one of our bank's customers being unable to bank because of this. I have seen heaps and heaps of examples of endpoint compromises resulting in people having their accounts cleaned out.)
How do you use your computer if you don't have an Internet connection and one is required?
People chose to use Apple because it seems like a benevolent dictatorship.
And frankly, a benevolent dictatorship is basically the best government you can have, as long as you're part of the "in-group" who doesn't push boundaries, doesn't cause trouble, and supports the supreme ruler, Kim jon... cough* Apple.
---
The problem is that no matter how good the dictatorship might be today, it will eventually bite you. You will either develop a need that isn't addressed, or they will change the rules so you are no longer able to satisfy an existing need.
We're seeing this now with Google - Their motto was literally "don't be evil" for a long time. And during that golden period their users loved them. But as Google has shifted from "don't be evil" to "Make lots of money" people are starting to shift away.
Apple is still in the golden phase, but I'm not really convinced they're going to be there much longer.
Speaking as an ex-Google user and an ex-Apple customer (still tied to Apple Music and iCloud for family phones), I'd compare Google to Russia - not particularly benevolent, a bit chaotic/random, citizens tend to shrug and accept their lot. Apple is more like Singapore, slick, seemingly benevolent, citizens honestly question why the rest of the world isn't run the same way.
EDIT: I'd add another way in which Google is like Russia and Apple like Singapore. Everyone kinda knows that Russia's leaders are a bit/a lot evil. There's still a debate about whether Singapore's leaders are evil.
I like that.
I think it makes Linux some sort of United States: users like the principles, but almost all use one of the 50 major implementations, which tend to have small differences. When defending any perceived shortcoming, they will point to a different implementation without the particular flaw, or argue that the feature is not only unnecessary but undesirable.
Many outsiders are uncomfortable with the unwavering commitment these users have for the principles. Others often talk about moving to the USA, or how they plan to, but few make the effort to do so.
[The last paragraph convinced me the analogy was better with the USA than the EU.]
10 replies →
That's a perfect analogy.
> Apple is more like Singapore, slick, seemingly benevolent, citizens honestly question why the rest of the world isn't run the same way.
Apple is more like a Vatican and Google is like Saudi Arabia. Both corrupt in different ways.
> Apple is still in the golden phase, but I'm not really convinced they're going to be there much longer.
The honeymoon is already over. A post like yours would have got several downvotes up to less than two years ago. I noticed that honest critics to Apple are tolerated now, since at least about one year ago.
I actually agree with you (and as someone who's been complaining about Apple for a looong time, I have the posts with the downvotes to show you're probably right), but I don't think HN is representative of the general populace.
I also still consider Apple's PR game to be top notch. Which is why so many folks are talking about loving the Apple app store in the thread about the recent Epic case that also popped up today. Although I'll note it's interesting that originally those threads seemed about evenly divided on the topic, and currently the pro-apple, pro-dictatorship voices seem to be getting mostly downvoted.
Regardless - I'd strongly recommend everyone out there to consider free and open software, on devices that you own (and you don't own a device if you don't have root access). Open source just keeps getting better - We happily re-implement the ideas and products generated by these companies, but we care about you - not the bottom line -because we are you.
5 replies →
Technology has become a bit like politics, most people tend to choose the least worst option now.
I think the difference between the Google and Apple dictatorships is the business model.
Google's customers are not the users, they are the advertisers who rely on the data harvested by Google. The incentive to be evil is directly baked into the business model, and most users end up tolerating it because it is "FREE", and often the only viable option.
Apple's customers are the users. If Apple rocks the boat too much, their users might not feel so good about paying the premium prices Apple demands for its products. Making users upset is a direct threat to their business model.
> Apple's customers are the users.
This doesn't mean, however, that Apple's incentives are aligned with the user's incentives. It's important to see that Apple's devices are also a sales channel for Apple. For example, an iPhone is essentially a vending machine for entertainment. And Apple will exert its power to use that sales channel (using the same techniques as advertising companies, like user tracking), whether the user likes it or not.
> Apple rocks the boat too much, their users might not feel so good about paying
Just today I heard a colleague say how tough it would be to move away from Apple because of their iCloud. Then you have all the apps and content (iOS and macOS) you already paid for.
The difference in business model between G, Apple (or other tech behemoths) are very superficial. Yes, to google and apple operations they are very different, but to a consumer: it's the same. Both try to become essential, all encompassing locking you in and increasing the cost of switching. All brands try to do this. But it's much easier for me to pick a new brand toothpaste after I'm done with previous one than for me to move app ecosystems, specially when those apps ecosystems are all locked down as all non-libre app ecosystems are.
You may "feel" like you're an Apple product because you think you can just buy less Apple products or not at all. That's until you consider the consequences of losing access to third-party content/products you purchase.
Making users upset is also a direct threat to Google's business model. It doesn't really matter whether you're paying them $20 directly, or whether you're generating $20 of ad revenue - either way, you're worth $20 to them.
Of course, you are quite right to point out that Google's business model does incentivize behavior that isn't what their users would want. But the same is true of Apple - their business model strongly incentivizes them to create lock-in to the platform. Whether this bothers you more or less than Google's need to mine your data is I guess a matter of personal preference.
I definitely think there's some truth to this, but there are more network connections involved here than a simple Seller->buyer relationship.
In my opinion, right now Apple is rocking the boat for 3rd party developers. Historically, that hasn't worked out that well for platforms, but we also don't have a ton of data to work with. It's conceivable that Apple becomes the "Company store" on Apple hardware, and their users only use Apple software.
But if that happens, I think they'll suffer more regulation and governmental interference (and rightfully so, imo).
> Making users upset is a direct threat to their business model
You can't really compare Google to Apple. You can switch to a different company if you don't like pixel phones and get almost the same experience. You can switch between manufacturers and use windows/Linux as well. The same isn't true about Mac os or iOS.
While you may think customers still have a choice, the reality is that they are locked in through their school, work or relationships (can't use imessage to talk to your spouse?). Apple makes it difficult to use third-party hardware and software it competes with so you will buy more and more Apple over time. People are prone to sunk cost fallacy and consistency. It's sales manual 101. I really can't recommend reading a good sales manual enough.
2 replies →
You are a product for any private company, they are just different kinds of evil. It is in Apple interests to limit users freedom to run another OS on their hardware, to funnel applications through App Store.
Users en masse would not switch, not from Apple, not from Microsoft. Their price is not that high in dollars, it is high in freedom. And most users do not value that.
> Apple's customers are the users.
As are a crack dealer's.
From https://en.wikipedia.org/wiki/Don%27t_be_evil
> "Don't be evil" is a phrase used in Google's corporate code of conduct, which it also formerly preceded as a motto.
> Following Google's corporate restructuring under the conglomerate Alphabet Inc. in October 2015, Alphabet took "Do the right thing" as its motto, also forming the opening of its corporate code of conduct.[1][2][3][4][5] The original motto was retained in Google's code of conduct, now a subsidiary of Alphabet. In April 2018, the motto was removed from the code of conduct's preface and retained in its last sentence.[6]
I know saying Google removed Don't Be Evil is something of a trope, but the truth is a little more complicated. And, of course, the presence or absence of this phrase has no necessary bearing on the degree to which they are perceived as evil or not!
Right, but it's funny how these things tend to correlate. For example, the US Department of War became the US Department of Defense in 1949, arguably around the time when its primary business switched from Defense to War.
3 replies →
Evil is frequently caught masquerading as “do the right thing”.
“Don’t be evil” is nearly the opposite guidance.
> benevolent dictatorship
Have you seen Louis Rossmann's videos on Apple hardware repair?
Think about Apple's policies regarding IAPs. You're not allowed to tell your customers in your app that they can do the purchases on your webserver etc.
The benevolent days of Apple ended when they removed the expansion slots from their computers, if not earlier.
In defense of Google, they really like having a lot of money.
Let P = "Don't be evil" and Q = "make lots of money".
Q was nothing new. They always wanted Q. But Google made a fundamental breakthrough in business logic, discovering that P -> ¬Q.
It should be noted that ¬P -> Q is not automatically implied. Plenty of companies are ¬P ∧ ¬Q. Perhaps they are not ¬P enough? Perhaps they are too much ¬P? But very few manage to be purely P ∧ Q.
Apple, for some reason, didn't advertise this change very widely, so it isn't precisely an informed decision.
Like so much of the modern security activity, it doesn't seem to be fully thought out, nor was the possibility of failure considered.
Or maybe such failures were considered and then dismissed? I don't know.
It times out and the app runs, so the failure mode was considered.
They may move to edge servers instead of centralized datacenters now though...
> the failure mode was considered
Considered but not tuned. I've never noticed any delay launching or using software that doesn't require an internet connection while not being connected to the internet. (I definitely did notice slowdowns today - Zoom in particular which I tend to quit out of when I'm not using it because I don't trust it one bit but am compelled to use it for work)
Seems like apple was accepting connections for the signature check but were unable to actually service the connections, leading to the timeout/failover.
I honestly like the idea of signature checks on software that give me some confidence that the code that is running is the code that it claimed to be when it was published/installed and has not been manipulated via some other vector.
Whether apple is the appropriate steward of that system is certainly up for debate, but certainly other companies that run app stores have similar systems and similar risk. It certainly doesn't seem obvious to me what a secure, anonymous, performant and federated system to solve such a problem would actually look like.
2 replies →
This has been happening for a long time. Hardware and software that you can't control is becoming normalized. If they had done this 10 years ago with the same customers, those customers would be shocked or weirded out but right now, many of them will just wait it out or change their host.
Don't limit freedom at once. Do it one by one so the impact seems low.
What are the chances that any of the big tech companies take orders from a fascist to block all the harmful software in their country?
Non zero. People in HK know this. I want to know how they felt about their choice to buy iPhone at that moment.
Welcome to 2020.
Because we can't have nice things, Apple has to check that apps are signed with a current certificate for safety and security reasons. OCSP tells the client if the certificate has been revoked or not.
Try opening a non-https web page; you'll get a bunch of ominous warnings from all major browsers.
Browser certificates need to be OSCP signed for the browser to trust them. You can't even get a new cert if the issuer’s OCSP server goes down, which does happen on occasion.
There are so many dependencies to ensure we're not running malware infected apps that sometimes things break.
Let’s not get carried away; every major tech company has had some version of this happen at one time or another.
FWIW, I haven't experienced any issues with my iMac running Big Sur running Apple or 3rd party apps all day.
This used to be true, but neither Chrome nor Firefox actually check CRLs or OCSP that much. They'll accept OCSP-stapling, but that's about it.
This is a very serious concern for Enterprise PKI systems: revoking certificates is now virtually impossible. CRLs and OCSP do practically nothing.
Google especially has unilaterally decided that Enterprise PKI systems don't matter. They have established a new "standard" called Certificate Transparency, which they use to make CRLSets that they publish as Chrome updates.
Which is fine I suppose for public CAs, but utterly useless on internal-use private CAs on local networks, especially those with lots of BYOD or guest/partner systems. Think universities or hospitals.
Google has become a juggernaut with more control over computing in general (not even just the Internet!) than all of the world governments put together.
They're getting truly terrifying.
It's a shame you're being downvoted as you're right, CRLs and OCSP do practically nothing _for webbrowsers_
OSCP is flawed because you can block the connection, meaning
1) Your browswer has to accept it (thus an attacker feeding you the bad certificate can bypass OSCP)
2) Your browswer blocks completely (thus DOSsing all connections), and people use another browser
CRLs don't scale - you can't keep a cached list of every revoked cert globally.
However I pull down the CRLs for my internal CA every few hours onto my internal https sites, which rely on a client presenting a valid certificate to connect. If that doesn't get pulled down, I get a warning about it in the monitoring system. When a client with a client certificate connects, I check against my local cache of the CRL, and if it's been revoked, it can't connect.
What problem do you have on your private CA internal network that CRLs fix but browsers don't? Are you that concerned that your server certificates get compromised? You should be working to massively reduce the time those certificate are valid.
Firefox has historically checked OCSP by default everywhere but for Firefox mobile, where it was only checked for EV certs.
With the introduction of CRLite, the default is disabled, but those using Firefox with internal-use private CAs on local networks can renable via preferences, which can also be controlled by enterprise policies and tooling.
https://cloud.google.com/docs/chrome-enterprise/policies/?po...
This is all true; OCSP-stapling is the thing these days.
But these browsers won't trust a cert if it can't be found a Certificate Transparency log. Yes, a cert should be in at least two of them but if there's a networking problem or infrastructure issue, you're SOL.
I have no problem with checking binaries when I launch them for security. I imagine many of the virus checking apps for windows probably call home with similar information. I doubt very much I’m leaky in any personal information.
What is frustrating is they didn’t handle this situation like they do if I’m offline - don’t get a ping back in less than 500ms or whatever? Go ahead and open anyway. would have solved this eventuality
> don’t get a ping back in less than 500ms or whatever? Go ahead and open anyway
how do you do that without defeating the security? Now a malicious attacker just has to wait for a moment when you aren't connected before launching their payload.
Well it already just lets you launch the app if you’re not connected to the internet so my answer would be “no different to the situation we have now”?
Also, my understanding is that it’s a hash of the binary being checked so if it failed the verification the first time when you were connected you would have received a warning and the OS would block that executable on your system or given a warning or something? Not sure tbh.
The feature needs to be implemented using some kind of regularly updated local database, rather than requiring a phone home every time.
6 replies →
> I have no problem with checking binaries when I launch them for security. ... I doubt very much I’m leaky in any personal information.
You should. It's noones business when and how often you run a known tor browser binary.
I don’t run a tor browser so I’m good in that example.
Even when it works right, it’s transmitting the apps that you use, as well as your timestamped coarse geolocation (from client IP) to Apple, which logs all of it. It’s good for city-level location.
They know what times you're at home, and what apps you're using there. They know what times you're at work. They know what times you're tethered. They know when you travel, and to which cities. They know when you're on a friend's Wi-Fi, and they know which apps you open from that connection.
Apple is a partner in the US military’s PRISM spying program, so this log is available to US military intelligence at any time without a warrant.
Thanks to API changes in Big Sur, it’s impossible to use Little Snitch to block these system level connections, and they will also bypass any configured VPN. To control this, you’ll need to use external network hardware, like a travel router that you can operate a vpn/firewall on.
Big Sur is the only OS that will run on the new Apple Silicon macs, so it’ll be impossible to use the new machines without leaking your track log and app usage history in a way that is available to the FBI/CIA/et al whenever they want it.
Note also that Apple recently backdoored iMessage’s end-to-end encryption by defaulting the non e2e-encrypted iCloud Backup to on for all users: it backs up (to Apple) your device’s complete plaintext iMessage history, as well as your device’s iMessage keys, using Apple keys, each night when you plug it in. You should immediately stop using iMessage as a result of this, because even if you have disabled iCloud or iCloud Backup, your conversation partners likely have it enabled. iMessage is no longer meaningfully encrypted.
Apple’s marketing about privacy is lip service, not real.
> Apple is a partner in the US military’s PRISM spying program, so this log is available to US military intelligence at any time without a warrant.
False
Whoa - thank you for sharing that.
I just ordered one, and let me tell you something - I didn't expect this to happen.
If I knew - I might still have ordered one, because I like ARM and battery life. But this reaffirms the observed trend of Apple becoming more of an owner of the machine that supposedly I own.
I'll attempt to shut it down (at least now, it still observes /etc/hosts) - but when I can no longer do that, I'll leave Apple forever, hopefully by then other hardware manufacturers have caught up in UX.
In short, the vast majority of users never need or want fine-grained control over their computers. In the HN community, we are mostly edge cases in terms of computer usage & functionality requirements.
I believe this is why there has never been any mass pushback against iOS/Android (even if Android is slightly better in this respect).
Further, neither iOS nor Android (and now OS X) have instituted huge restrictive changes all at once. Restrictions are gradual & creeping, basically moving the overton window of what is accepted.
> fine-grained control over their computer
Or just run BlueStacks, which is necessary to run Among Us (the popular game since lockdown), which isn’t signed because it’s an emulator. And it requires the “Control this mac” permission. Unsigned. There are many, many cases in which users are faced with unsigned apps.
I thought BlueStacks was just to emulate Android on a Mac/PC? Though I suppose you could run Virtualbox on a Mac to get an OS you "own"
I think it comes down to humans being creatures of habit and conservation of energy. I've seen people buy macs even after seeing all the flaws because it's what they're used to and don't want to exert energy learning a new OS and environment. Apple used to make great products and I think people still cling on to that thought, even though their quality has been degrading these past years. Something needs to be 10x better (or at least perceived that way) for people to switch and switching to a new OS for them is probably like a 1x improvement so not worth the time cost.
The alternative to a poor binary checking and cert revocation process isn't to get rid of binary signing and cert revocation.
I don't want that. I don't think it would serve Apple's customers to get rid of binary signing either.
Since there are no legal ramifications for security bugs that cause downtime, or for bugs that cause other functionality that goes down, I'm not sure why this particular bug would be any different. It's certainly not as bad as losing one's Google account permanently without recourse.
I'm puzzled that people are willing buy a computer/OS where (apparently) software can/will fail to launch if some central company server goes down.
I really had no idea until today.
This issue is clearly a bug. It is an accidental denial of service attack on the client.
It will get fixed pretty easily: Apple will add some combination of a timeout and a request back-off to their client, to properly handle the situation of a server that is reachable but not sufficiently responsive.
Apple clearly does not mean to make their devices unresponsive if the server is offline, because pointing requests at localhost resolves the issue.
I disagree. It isn't a bug because it was explicitly designed to behave this way.
The solution won't be to fix a defect, but to change the design, which is completely flawed. They should have pushed revocations from the beginning rather than requiring every system on the planet to poll a service. What were they thinking? And that does make one wonder whether there weren't other reasons for this behaviour besides "security".
> I'm puzzled that people are willing buy a computer/OS where (apparently) software can/will fail to launch if some central company server goes down.
For the same reason every human frequently makes decisions with greater-than-zero risk: because we're either unaware of the risk, or because we believe the tradeoff is a good one, and the benefits are worth the risk-adjusted costs.
I don't like this behaviour at all, and find it frustrating at times (e.g. apps slow to launch when my internet connection drops out temporarily).
Having said that, it's not enough to get me to switch platforms. I'm able to work around the problem (using Little Snitch, see other replies), and there are a ton of factors that go into my decision of which hardware/OS to use, all of them involving tradeoffs. The only viable alternatives, Windows and Linux, have their downsides too. Some people prefer those over macs and that's fine; it's a choice people make based on their particular situation.
This is a soft failure. If the computer didn't have access to the Internet, it would still open.
That's all nice and well, but what if some country decides that your country will still have Internet access, but a "degraded experience" to Apple's central infrastructure?
Still sounds to me like Apple rolled out a huge (logical) trojan horse, as a potential weapon in terms of nation state cyber warfare.
Probably not at all with that intention. But I doubt that any government willing to abuse this "opportunity" will give a fuck about that. Don't underestimate the power (and disruptive) effects of being able to practically disable a whole brand of popular computer hardware. Heck, even the ability to threaten with it (privately, through diplomatic channels) can (and probably should) be considered a serious weapon. So yeah .. "thank you" Apple.
From my experience during this outage, the ability for the computer to "open" may not actually mean much. While trying to fix what I assumed was a localized software issue I rebooted my machine. Typically this takes a minute or two. However during Apple's systems outage my rebooting took approximately an hour before my computer was in any way functional again.
so you can't even reboot without phoning home.
Or can you still reboot without wifi?
In this case, any app would take five to ten minutes to open. While that technically means "it still opens", it effectively renders the computer unusable.
(And that's after I realized that they will eventually open. Originally I rebooted the machine before any app had had a chance to open.)
And I keep hearing how Linux is a toy whereas macOS 'just works'.
A lot of it is just people parroting the same old boring tropes. They couldn't believe Linux had gotten easier to use than windows. I know this. I installed Windows few days ago. I can't install steam or chromium without getting blocked by windows. I have to download it from external sites while both of these are available in the software store on Ubuntu. It didn't nag me to login, switched my browser to edge after updates, forced me to read a marketing manual before starting the OS.
The search is useless. On Linux, it's so much better.
I had to download and run a bunch of scripts to get rid of the amount of data it was sending back home. I had to remove the bloat and ads it came with.
Give https://pop.system76.com/ a try if you don't believe that Linux is easier to use. Most people don't need to open the terminal anymore.
> I know this. I installed Windows few days ago. I can't install steam or chromium without getting blocked by windows.
Sorry what do you mean you can't install steam or chromium in Windows? Millions of people run this software on Windows. - A mint user.
3 replies →
The new MBP that I just got got befuddled by my bluetooth mouse (Razer Mamba X), to the point that it was literally unusable for a few hours...
While OSX was demanding that I identify a bluetooth keyboard... I don't have a bluetooth keyboard at all.
OSX is buggy and getting less and less usable. I'm finding myself working on Ubuntu and Windows more, than OSX these days.
I used to be a MacOS user from System 7 to Sierra. I owned an iPhone from 2007 until a few months ago. I have completely switched away from Apple. It absolutely boggles my mind how popular Apple still is. Apple's quality is absolute garbage now, this latest incident is just a drop in the bucket.
I'm sure I'll get downvoted, but I just had to get this off my chest. Why people still buy Apple today, I positively can not comprehend.
best os, best hardware.
i really don’t get these kinds of comments.
The main design fuck-up is that instead of independed Personal Computers we have terminals connected to one huge server which violates the whole idea and meaning of Personal Computer and what the word "Personal" should mean.
The worst part of this is that Apple could have easily predicted this, that there would be demand to download the new OS, and put in place measures to prevent this from happening. I guess they just do not care.
All in all, this appears to be a design fuck-up of monumental proportions. One that might very well deserve to have serious legal ramifications for Apple.
Apple gave a detailed explanation. It was a server misconfiguration combined with a CDN issue which caused the OCSP certificate check to stop working, which caused Apple's system for ensuring certificates haven't been revoked to stop working:
https://news.ycombinator.com/item?id=25108108
not only do I see fewer macbooks every year among the affluent crowd…
Turns our Apple's MacBook business grew 39% last quarter: https://appleinsider.com/articles/20/11/16/apples-macbook-bu...
To your first paragraph, how many people globally do you think know that this is how it works?
Apple don't publicly go out of their way to tell you that this is how it works. You make a great point that the way it works is bad and I think everyone agrees with that. But it's the limited knowledge that the OS operates this way that keeps consumers purchasing their products.
I don't think most people are aware that this could happen or even understand what happened and how it was Apple's fault.
I need XCode to build software for iOS and OSX, and there isn't to my knowledge any other feasible, performant and off-line capable way to do that beside running OSX on a Mac.
This is the only reason I had to move away from (arch) linux and it saddens me every day.
I think it is because a lot of people still believe and repeat old trope which are demonstrably false these days. Despite having the worst keyboard, buying third party apps to have features which most of the other OS in the market provide as standard, more lock down of their OS every year, Apple fans continue to buy them. Appke's powerful marketing, which is full of weasel words, keeps them in their own bubble.
Which third party apps do you mean? And the worst keyboard? I understand it being subjective as a taste, but the worst? Idk...
I buy em cause apple laptops just maintain their quality way longer than other laptops. All the other laptops I’ve had start losing all their charge within 30 mins after a year or two. My 5 year old MacBook still can go probably 2 or 3 hours on a full battery charge
What if the café you went just blocks Apple's domains or your ISP decides to do that until Apple pays them "connection tax"?
Hey, it can never happen. Similar to a global pandemic.
Bitcoin people (like me) feel the same about currency. Why out your entire life savings in the hands of a single government when they have proven again and again that the can't be trusted.
> software can/will fail to launch if some central company server goes down
The central company server didn't go down. If it was down there would be no problem. The problem is that the server is slow.
You're missing the point. I don't care if Apple has the most reliable servers in the world. Phoning home the hashes of the binaries you run is an outright violation of user privacy.
wait till you find out about antivirus software
I think the problem is that almost all the software you buy a mac for (or even things that mac users like) has this built in but calls to the developer's servers instead.
Consumer and commercial software is just all bad.
Although the open source software is copying this "always connected to the mothership" model as well.
I'm thinking specifically of Firefox, but others too.
Yet another reason why free software is essential for human technological freedom.
The amount of time you save by having a computer that "just works" 99%+ of the time is far greater than the occasional time lost by shit like this.
I'd love it if someone other than Apple made a competent PC that was as clean, reliable, and comparatively free of bullshit. Unfortunately Apple has a monopoly on cleanly designed computers.
This is almost as bad as relying China on Personal Protective Equipment and quickly running out during the pandemic earlier this year.
Imagine if the USA actually comes under an attack.The apple spaceship would be high on the list of targets. All of sudden hospitals can't run their computers or communications. Disaster!
Please stop fear mongering.
If Apple servers actually go down, there's no issue.
Referring to the USA, this might indeed be leaning towards fear mongering .. on the other hand, for any other country .. the "opportunity" to systemically disrupt Apple computers in that country might now be considered a (diplomatic) soft power (of the USA), from this day forward.
1 reply →
That is why a smart attacker would not make them go down, instead they'd degrade performance to such an extent that it'd cripple Apple-encumbered products.
1 reply →