Exactly.
1 Like
Exactly who? 
2 Likes
I’m asking you who’s on first!
Great episode. Really good reminders for me!
I love the Unlock with Apple Watch feature, but it only works with WiFi enabled. Working from home, I’m doing a ton of zoom meetings and VOIP calls through my Mac mini, so I moved to an ethernet connection, for the reliability.
This makes me want to ask the hive-mind: It seems like if I have both ethernet plugged in and wifi turned on, the computer defaults to the wifi. So to get the benefits of things like “unlock with Apple Watch”, I have no choice but to go wireless. If I’m missing or not understanding something, please correct me!
I first noticed Macs “WiFi first” behavior several years ago. At that time all our servers, printers, etc. were available on ethernet only, and couldn’t be reached if WiFi was enabled. Setting Service Order had no effect so our only solution was to disable WiFi.
I had this, but I’m pretty sure that I went into network settings, removed the wifi entirely, added wifi back and clicked apply, and it was better (ie favoured LAN).
Sorry, I can’t confirm that today.
I played around, just for fun. I do have both working, with Ethernet above wifi. Each of the two concurrent connections has a different IP address. That can’t be good, can it?
Unless there’s some kind of aggregation going on (there isn’t in this case), it’s necessary.
What? 
(20 characters)
What’s on second!
1 Like
I’m enjoying the episode as I listen to it.
I will offer one alternate point of view on encrypting drives: In this day and age, I think that pretty much all data at rest should be encrypted. This is less because I’m worried about drives being stolen out of a house than it is about adopting a practice that costs very, very, very little and alleviates users from having to consciously make the choice about whether or not data should be encrypted.
If everything is always encrypted then if a drive or device goes missing, for whatever reason, there is absolutely no worry about whether the data it contains is okay to be in someone else’s possession. It’s simply not a concern.
Always encrypting storage devices as a matter of course really reduces the chance that someone will copy something to an unencrypted device “just this once because I’m in a hurry” as well. Nearly every incident that I have to deal with in my work has an element of someone having done something silly, “Just this once.”
There is some added risk too, but that’s mitigated with other best practices such as having robust password management and data backup strategies.
Those are my midnight rambling thoughts so far 
And consider: already implemented in the OS, no additional costs, no added effort. Very few use cases could be argued for not encrypting.
Encrypting external drives also provides some peace of mind when it comes to eventually disposing of them. If an unencrypted drive fails in such a way that I can’t erase it, I generally resort to physical destruction. If the drive’s encrypted I have a lot less worry about tossing it.
1 Like
I agree 100% in principle, but I’m curious. I used to run Linux quite a bit, and I currently admin some Linux servers - and my experience is that most people don’t do a code audit of everything they download.
Do you do a code audit on the software you download?
1 Like
I hate that. Encouraging to hear that it’s not just me that has the problem, although obviously not encouraging that it is a problem.
1 Like
I’ve been a proponent and user of open source/free software for decades, and while this is frequently cited as a benefit, I don’t think it bears out. If it did, the instance of bugs of all sorts in open source software should be nearly zero because they would be discovered by the legions of people inspecting the code, something that is, sadly, not the case. Very serious security flaws have gone unnoticed in open source software for years and least one of the most serious is suspected to have been deliberately introduced.
1 Like
A relevant quote from a classic paper, "You can’t trust code that you did not totally create yourself… No amount of source-level verification or scrutiny will protect you from using untrusted code. " - Ken Thompson
3 Likes
Nobody does that. (OK, I used to work in IT and we had some occasions where we looked at code, but it was rather for fuctionality).
Linux has 28000000 lines of code. GIMP has ~830000 lines of code. Nobody is going through that and see if it`s secure before editing some photos.
I think the argument of “open source is transparent” is valid. It makes sense than OpenSSL, OpenSSH, GPG can be audited. But nobody who sets up his computer is really going to audit the stuff before installing. Most people don’t even compile, because binaries can be installed from the repos.
I am a proponent of open-source, but I think the “people can watch their code” argument is exaggerated.
3 Likes
Look, I’ve been a Unix and Linux sysadmin for 20 years. This is absolutely not true. One of the things that keeps me up at night is the possibility of some bad actor sneaking malware of some type into a package we use that gets deployed to our servers. There are too many packages with too few eyes on them anymore.
Also, as others have pointed out, there’s also too much code in any open source system to do a real code audit, unless you are OpenBSD I suppose.
These open source vs proprietary discussions still pop up every now and then, but my response is always the same. If you want good software, get it from indie developers you trust. Pay them for their work so they can keep developing it. Get involved in the community and you can run your Mac without worries. It’s worked for me for a long time.
And yes, you do have to trust that Apple is doing their best to keep their systems secure, and sometimes failing, or going too far. But considering the alternatives, I’ll take that risk to keep my trusted software running.
3 Likes
I welcome disagreement – in fact I have disagreements about this episode as far as concerns about things that were not addressed.
But your points are mostly open-source fables and fantasies.
First of all, if you can’t be bothered to proof-read your post, you’re making it harder on every person who reads it. And I understand that not everyone may be a native English speaker, but that doesn’t explain what’s going on here when even things like sudo are misspelled.
I’m going to assume you meant:
There are good reasons to be logged in as a guest for example you can’t use sudo.
Being logged in as guest on Mac means, I believe, that you can only access Safari. If you mean there are good reasons to use a non-admin account, I will say that there may be theoretical benefits, but in practice, there aren’t.
I say this having recently done it.
It is nearly impossible to use a Mac as a non-admin. The only way it is possible, IMO and IME, is if you have someone else who is taking care of the admin tasks for you: updating software, installing software, running updates, etc. For most single-users, they don’t have someone like that, so they will either need to log out and log in as another user or use Fast User Switching which will get tedious fast.
You’ve answered your own question. Why do developers have to sign anything? Because without it, you have to trust the developer to not do anything malicious. If they do something malicious, Apple can make it so their app doesn’t run.
The idea that people are going to compile their own software is utter nonsense and complete fiction.
but open source [is] still good enough
There have been huge security holes found in extremely popular open source apps which existed for years and which nobody noticed.
This advantage of being able to audit open source software is mostly a myth and a fairy tale that open source advocates tell themselves and try to convince other people who aren’t aware of the multiple clear examples of where this has failed to produce any actual benefit in the real world.
Is it? Why is it? Just asserting something isn’t evidence. You might even say it’s a closed source proprietary argument where you want us to just trust you that it’s true without showing the source code of your reasoning and argument.
I dunno… maybe… reality?
You’re asserting a theoretical threat that does exist without any consideration for a) the fact that no one has ever done it or even come close and b) even if someone did manage to do it, Apple would be able to undo it in a matter of, what? Minutes? Hours?
Meanwhile, the protections that are being given are in place every minute of every day.
There are lots of valid criticisms to be made of Gatekeeper (see Apple Server Outage Makes Mac Apps Hang on Launch for one recent example) but this is not one of them
You mean, like Parler? Where Apple decided that an app was being used to promote and coordinate hatred and violence and gave the moderators and developers time to clean up their act before making the app unavailable?
What prevents Apple from doing this is that Apple isn’t a sullen teenager in a closet out to get revenge because their parents are being mean to them.
More baseless FUD. What’s next? Asking what’s stopping Eddie Cue from coming to your house and beating you with a wrench?
Why would Apple want to destroy its own reputation by harming their own user base? What would be their motivation? What would they have to gain by using “the system they have carefully created to protect users and their own reputation” to make their Macs “useless”? Do the Apple Executives want to kill the company? Alienate users? Get destroyed in the tech press? Lose all credibility? Ensure that no one ever buys another Mac? What’s their endgame?
… What?
Still absolutely no hint of why Apple would have any interest in doing this ridiculous thing that is almost certainly technically impossible because once you have created a FileVault password and encrypted your system, no one can just come along and change the encryption password. That’s not how any of this works.
What config files? If you want to disable an external GPU, you can always just… unplug it. Seriously, where are you coming up with this stuff?
Oh look! An actual bad decision that Apple actually did (see Apple Apps Exempt From Network Filters and VPNs) and then undid after getting negative feedback (see ContentFilterExclusionList Gone in macOS 11.2 Beta 2).
Again, there are plenty of good arguments to make about bad decisions that Apple has made (follow Jeff Johnson (@lapcatsoftware) on Twitter for a steady stream of them, or Michael Tsai’s blog for a wide-range of input and criticism of Apple. They exist, and they’re real. But nothing approaching these bizarre fantasy scenarios.
Absolute non-sequitur. Spectre and Meltdown had nothing to do with how many eyes were on Windows, macOS, or Linux. It had to do with a design flaw in processors. It was discovered not because of anything having to do with Linux but because of extremely bright people who are dedicated to looking for security issues.
Windows, macOS, and Linux all responded to the crisis quickly. Did Linux do so faster? Probably some of the distros which don’t have to worry about commercial installations. Was the speed at which Linux responded to Meltdown and Spectre meaningfully different than Windows and macOS? Nothing I’ve been able to find suggests so, but if there’s a credible summary/timeline out there, please do share it.
That’s why we have encryption.
First of all, that 99% statistic is as much of a fantasy as the rest of your argument. That said, the number is probably around 95% for the majority of sites that anyone would care about.
But “breaking Linux” is a meaningless phrase. Where would this hypothetical money come from? Any system that deals with anything financial is going to revolve around encryption more than the operating system. And again, here is where I will mention that a vulnerability in OpenSSL (an open source program used by literally millions of websites, including Linux) went unnoticed from 1998 - 2014.
Most servers run Linux because it is designed to run without a GUI, which means that it can be easily managed from the command-line, and because it is very fast.
Of those 95% of servers running Linux, how many of them are managed by people who have done any meaningful investigation of the source code to Linux, apache, nginx, openssl, or any other crucial system? I don’t know but I bet it’s well-below 1%. I wouldn’t be surprised if it is 0.1%.
That’s why you’re encouraged to have a backup. Or multiple backups. Such as Time Machine, which Apple builds in and actively encourages you to encrypt.
Citation needed.
How do you know they didn’t fake the moon landings? How do you know that the moon isn’t made out of Swiss cheese?
If you want to try to untangle that word salad, maybe I’ll be able to understand what you’re trying to say.
Well, based on LastPass’ reputation, I would never trust them… but not because its proprietary and on the cloud, but because they’ve shown themselves to have a terrible track-record.
OTOH, I would trust something like 1Password which has faced intense scrutiny and security audits, not to mention the entirely livelihood of the company rests on protecting your data, and they’ve been doing this for years.
Again, there are dozens of valid criticisms to be made about Apple’s security practices. That’s why I follow Patrick Wardle’s Objective-See Blog and financially support & use his Objective-See Security Apps. What you have offered… is not that.
5 Likes