Comment by dangus
2 months ago
I think you should read up on how secure boot works with macOS and alternate operating systems before speaking this negatively about the implementation. Apple is already giving you exactly what you’re asking for.
It’s not really even that different than a PC motherboard that gives you “Windows UEFI” and “enroll my own keys” as options.
https://asahilinux.org/docs/platform/security/
As far as code signing, again, what do you want Apple to do here? They already gave you a master switch to turn it off. You are free to turn it off then implement your own third party code signing solution if you’d rather choose who you trust. It’s not Apple’s fault if nobody else decided to make their own trust repositories and the only alternative on the market is to have no safeguard at all.
And let’s not forget who Apple markets their computers to. These features aren’t for you and me, they’re for the non-technical customers who will absolutely get pwned by unsigned code. Go to the MacBook Neo marketing page and try to find a single image of someone writing code or even being gainfully employed.
This is that false dichotomy.
You can turn off all protection, as you point out. So who Apple markets Neo's to isn't a factor.
> Apple’s fault if nobody else decided to make their own trust repositories and the only alternative on the market is to have no safeguard at all.
Does Apple provide a means for enabling third party trust systems, without disabling Apple's protections in general? If not, that is a serious problem of Apple's choosing. Nobody (to a first order approximation) want's to dispense with Apple's protection, or re-implement it, but to be able to carve out exceptions for specific classes of software.
Sounds like you should pick something other than MacOS.
Right, all they need to do is convince every end user they’re trying to distribute software to that they’re using the wrong OS and should replace their MacBook with something running Linux. No problem at all.
1 reply →
I decided to get into this subject in my comment before I edited it out because I thought it would be too much of a tangent/ruffle too many feathers.
But, yeah, macOS power users these days seem to spend a lot of time criticizing the OS and the company and never seem to just switch to something else.
Apple is the 4th most popular PC manufacturer on the market. You can use something else. It's not a monopoly, nor a duopoly like with iOS.
I switched to Linux, and I've been beyond shocked at how smooth it's been. It's been better than both Mac and Windows in more ways than I expected. And sure, not perfect, but still.
9 replies →
Unfortunately, your tone deaf comment is in an HN cliche.
1) People complain about the imperfections of what they love.
2) Imperfections are highly unlikely to tilt the benefits from one device to another, given there are few device choices, devices have hundreds of other pros/cons, and people accrue years of familiarity and functional investment.
If you can enable a third party trust system you completely open it up for abuse. If I put my threat actor hat on, I love your idea because now I have an alternative codepath to try and exploit (where you do store third-party trusted roots for code-signing/notarization evaluations that cannot be tampered with, how do you load them, verify them, etc), but now instead of having to dance around bypassing Gatekeeper, I can just try and convince the user to install my certificates and voila, my malware behaves like a legitimate app.
Apple's root of trust for the OS and thus anything that passes AMFI/Gatekeeper scans is built into the hardware. There is no safe mechanism for introducing other roots of trust that is worth the effort.
If you don't trust Apple, why the hell are you buying their computers at all?
> If you don't trust Apple, why the hell are you buying their computers at all?
This is the exact same false dichotomy they mentioned; it's perfectly reasonable to have a set of trusted software vendors that includes Apple but also some others, while the only choices that they support are either just Apple or literally anyone in the universe. You're conflating "trusting Apple" with "trusting no one but Apple to make it sound like the opposite of the latter is somehow also contradictory with the former.
Claiming it's "not worth the effort" is a lot easier when you've already muddied the waters like this.
> There is no safe mechanism for introducing other roots of trust that is worth the effort.
Gee, if only Apple had a reason for implementing this entire feature for themselves…
> If you don't trust Apple, why the hell are you buying their computers at all?
Well, you see, I quit buying Apple hardware. But I did buy this MBP M1 back in the days. It still serves me well, but now there is an insane US president who'd have no shame whatsoever to pressure Apple into pushing nefarious software (or, say, not fix a security bug or two).
Also, another example. I got a second hand iPad Pro for my pre-teen daughter a couple of years ago. It is still on the original battery. Device still works though. It does not get iOS updates anymore though.
Do you see where this is going? Regarding the latter: I should have root on an EOL product.