Comment by GeekyBear
2 days ago
> If they're really interested with data integrity they should add checksums to APFS.
Or you can spend half a billion dollars to solve the issue in hardware.
As one of the creators of ZFS wrote when APFS was announced:
> Explicitly not checksumming user data is a little more interesting. The APFS engineers I talked to cited strong ECC protection within Apple storage devices. Both NAND flash SSDs and magnetic media HDDs use redundant data to detect and correct errors. The Apple engineers contend that Apple devices basically don't return bogus data.
https://arstechnica.com/gadgets/2016/06/a-zfs-developers-ana...
APFS keeps redundant copies and checksums for metadata, but doesn't constantly checksum files looking for changes any more than NTFS does.
> Or you can spend half a billion dollars to solve the issue in hardware.
And hope that your hardware/firmware doesn't ever get bugs.
Or you can do checksumming at the hardware layer and checksumming at the software/FS layer. Protection in depth.
ZFS has caught issues from hardware, like when LBA 123 is requested but LBA 456 is delivered: the hardware-level checksum for LBA 456 was fine, and so it was passed up the stack, but it wasn't actually the data that was asked for. See Bryan Cantrill's talk "Zebras All the way Down":
* https://www.youtube.com/watch?v=fE2KDzZaxvE
And if checksums are not needed for a particular use-case, make them toggleable: even ZFS has a set checksums=off option. My problem is not having the option at all.
When the vast majority of the devices you sell run on battery power, it makes far more sense from a battery life perspective to handle issues in hardware as much as possible.
For instance, try to find a processor aimed at mobile devices that doesn't handle video decoding in dedicated hardware instead of running it on a CPU core.
> […] handle issues in hardware as much as possible.
1. There is hardware support for (e.g.) SHA in ARM:
* https://developer.arm.com/documentation/ddi0514/g/introducti...
But given Apple designs their own CPUs they could add extensions for anything they need. Or use a simpler algorithm, like Fletcher (which ZFS uses):
* https://en.wikipedia.org/wiki/Fletcher%27s_checksum
2. It does not have to be enabled by default for every device. The main problem is the lack of it even as an option.
I wouldn't necessarily use ZFS checksums on a laptop, but ZFS has them for when I use it on a not-laptop.
1 reply →
Good point.
That solution doesn't help anyone who's using external storage, though, so it kinda feels like a half billion dollars spent on a limited solution.
There is nothing preventing you from running OpenZFS on external storage if you are worried that the hardware you purchased is less reliable.
That's my point, though, is that it seems weird to spend a half billion dollars just to solve the problem for an extremely common use case by saying "use OpenZFS".
Why not come up with a solution that covers external storage too, instead of spending all that money and relying on external solutions? I just don't understand why they couldn't have optional checksums in APFS.
5 replies →
Every time I tried OpenZFS on my iMac, it absolutely crushed the performance of the entire machine.
We’re talking “watch the mouse crawl across the machine” crushed. Completely useless. Life returned to normal when I uninstalled it.
Also, I’ve heard anecdotes that ZFS and USB do not get along.
I’ve also heard contrary experiences. Some folks, somewhere, may be having success with ZFS on external drives on an iMac.
I’m just not one of them.
Apple does not care about external storage at all, as in external disks. They offer iCloud for external storage. They don't sell external disks. They don't like cables. They make lots of money selling you a bigger internal disk.
Their store has a whole section dedicated to storage, most of it external. https://www.apple.com/shop/mac/accessories/storage
No one requires you to use APFS for your external storage!
And yet it's the default when formatting a device on macOS.
3 replies →
maybe apple doesn't want you to use external storage, because storage size is how apple upsells devices and grabs larger premium.
By using external storage, instead of paying $10k more for more storage, you are directly harming Apple’s margins and the CEO’s bonus which is not ok /s
Externally connected devices are not sexy, and Apple is concerned about image and looking sexy.
That is a weak excuse to rely on data integrity in the hardware. They most likely had that feature and removed it so they wouldn't be liable for a class action lawsuit when it turns out the NAND ages out due to bug in the retention algorithm. NTFS is what, 35 years old at this point? Odd comparison.
The point is that NTFS makes zero effort to maintain file integrity at any level.
Handling file integrity at the hardware level is a big step up.
NTFS is an ancient but well designed file system, a more apt comparison would be ZFS or BTRFS both of which checksum metadata and data.