Kinda lousy that they tell people to open additional feedbacks when they gave no information about the behavior they are actually seeing with network extensions (leaking where? what sort of data?)
I wish there was an independent unit test suite for operating systems and other proprietary software.
The suite would run the most-used apps and utilities against updates and report regressions.
So for example, the vast majority of apps on my Mac can't run, because they were written for early versions of OS X and OS 9, even all the way back to System 7 when apps were expected to still run on 4/5/6. The suite would reveal that Apple has a track record of de-prioritizing backwards compatibility or backporting bug fixes to previous OS versions.
You don’t need to do anything special to “reveal” that Apple doesn’t prioritize backwards compatibility. That is very well known. For example, standard practice for audio professionals is to wait a year or more to upgrade MacOS, to give all the vendors a chance to fix what broke.
Funnily enough, that’s what the UNIX™ certification is, in some—much too limited for your purposes—sense :) See also Raymond Chen’s story of buying one of everything[1].
Eh, I agree in a sense, but I'm also ok without the same level of backwards compatibility that Windows is beleaguered by. Every new version of Windows is little more than a thin veneer of whatever they think is a popular choice for UI design that year, and with that comes a clumsy amalgamation of hugely varying settings dialogs, the classic registry, all the goop. Meanwhile on macos, I don't expect very complex software to maintain perfect compatibility, but I can reasonably expect most of the stuff I use to carry forward 5+ years. Parallels and Omnifocus were the exceptions, but 1password from 2012 is still kicking, Data Rescue 3 somehow still works, I'm sure even Adobe CS6 would even though it's from the Carbon era.
Just as well, although I loathe some of the choices Apple's made over the years, such as it's own Settings app, the overall UI would be pretty recognizable if me from 20 years ago found a time machine (pun intended). I recently bought a new mac, and it occurred to me that it feels basically like the E-Mac I used in middle school all those years ago, albeit with the occasional annoyance I wouldn't have been aware of then.
Huh? In service of what? There’s not all that much inherently good about backwards compatibility, but you’re really implying that deprioritising it is a misdeed. If I wanted to use an OS that prioritised backwards compatibility more than macOS, I’d use Windows, and suffer through the downsides of that trade-off. I’m happy using an OS that balances things in a way that’s more in line with my priorities.
meanwhile my Lulu alternative to littlesnitch is barely leaking anything after running for weeks:
sudo leaks com.objective-see.lulu.extension | grep "total leaked bytes"
Password:
Process 851 is not debuggable. Due to security restrictions, leaks can only show or save contents of readonly memory of restricted processes.
Process 851: 1086 leaks for 108576 total leaked bytes.
base sudo leaks at.obdev.littlesnitch.networkextension | grep "total leaked bytes"
Password:
Process 310 is not debuggable. Due to security restrictions, leaks can only show or save contents of readonly memory of restricted processes.
Process 310: 314990 leaks for 967643488 total leaked bytes.
brett@algol minikube / default ~/Documents/misc sudo leaks at.obdev.littlesnitch.networkextension | grep "total leaked bytes"
Password:
Process 43619 is not debuggable. Due to security restrictions, leaks can only show or save contents of readonly memory of restricted processes.
Process 43619: 2194911 leaks for 6742615664 total leaked bytes.
Process 575 is not debuggable. Due to security restrictions, leaks can only show or save contents of readonly memory of restricted processes.
Process 575: 747950 leaks for 2294465728 total leaked bytes.
Make it harder to use the original way, push developers to a suboptimal mechanism and deprecate the original way, then eventually deprecate and remove extensions entirely.
"See? This is why extensions are bad!"
It's 100% in Apple's culture to do so. They don't even need to do it deliberately --- just ignore the inevitable bugs that appear.
Damn if only they told us yesterday before I restarted for the first time in a month. I wonder how big my memory leak would have been. I have only been online for about 11 hours (~9 of those were in hibernation) now and already at a 13MB leak.
> For the time being, until Apple fixes this serious bug in macOS, we therefore highly recommend to turn off the built-in firewall of macOS when also using Little Snitch or Little Snitch Mini.
I remember back in the day when installing two firewalls or two antivirus programs on Windows would break it, so it will have to be reinstalled. That was 20 years ago, though, one would think we're better at making an OS by now.
We like to wishfully think of human systems (software, government, anything) as immune systems that accumulate knowledge in the system itself over time so that it's increasingly resilient to the systemic problems it's encountered before.
Instead, human systems require eternal vigilance from the humans inside it. Even governmental systems which can encode knowledge into laws rely on the eternal vigilance of judges, prosecutors, and defenders to utilize that knowledge.
So GGz if you're writing a new subsystem in an OS and you're expected to learn from mistakes a team of two people made in some subsystem 20 years ago that someone quietly patched.
True, and having the benefit of hindsight, it’s easy for us to judge.
The trouble is, Apple’s feedback process is so opaque that we can never know the details. All we have is the feeling of “a simple test of macOS with a third party firewall before unleashing it to the world would have shown the problem”.
For a piece of software on which countless people rely upon (which macOS and iOS are), the “beta” begins after exhausting all internal means of detecting regressions and unwanted behaviour. It’s not cheap but they can’t just dump something and expect unpaid, third party developers to report all the bugs (while never getting a reply on that feedback app).
I mean... sounds like we are if you only have to turn off one of the firewalls and not reinstall. I think ancient windows firewalls would routinely replace the system networking driver files, and that's why things got really messy. At least we're beyond that.
I generally don't sleep my macOS machines these days, as hardware has gotten faster and faster, the pain of booting up is less and less. Unless I want to be able to wake on network etc., at least.
The suite would run the most-used apps and utilities against updates and report regressions.
So for example, the vast majority of apps on my Mac can't run, because they were written for early versions of OS X and OS 9, even all the way back to System 7 when apps were expected to still run on 4/5/6. The suite would reveal that Apple has a track record of de-prioritizing backwards compatibility or backporting bug fixes to previous OS versions.
Edit: integration test suite
However, these days it seems that even point releases only introduce new bugs in the rush to deliver late features, and rarely address any issues
…of course I’d rather stay on Sonoma if I could go back in time…
[1] https://devblogs.microsoft.com/oldnewthing/20050824-11/?p=34...
Just as well, although I loathe some of the choices Apple's made over the years, such as it's own Settings app, the overall UI would be pretty recognizable if me from 20 years ago found a time machine (pun intended). I recently bought a new mac, and it occurred to me that it feels basically like the E-Mac I used in middle school all those years ago, albeit with the occasional annoyance I wouldn't have been aware of then.
sudo leaks com.objective-see.lulu.extension | grep "total leaked bytes" Password: Process 851 is not debuggable. Due to security restrictions, leaks can only show or save contents of readonly memory of restricted processes.
Process 851: 1086 leaks for 108576 total leaked bytes.
Process 310: 314990 leaks for 967643488 total leaked bytes.
Ouch!
Process 43619: 2194911 leaks for 6742615664 total leaked bytes.
jesus.
"See? This is why extensions are bad!"
It's 100% in Apple's culture to do so. They don't even need to do it deliberately --- just ignore the inevitable bugs that appear.
I remember back in the day when installing two firewalls or two antivirus programs on Windows would break it, so it will have to be reinstalled. That was 20 years ago, though, one would think we're better at making an OS by now.
Instead, human systems require eternal vigilance from the humans inside it. Even governmental systems which can encode knowledge into laws rely on the eternal vigilance of judges, prosecutors, and defenders to utilize that knowledge.
So GGz if you're writing a new subsystem in an OS and you're expected to learn from mistakes a team of two people made in some subsystem 20 years ago that someone quietly patched.
The trouble is, Apple’s feedback process is so opaque that we can never know the details. All we have is the feeling of “a simple test of macOS with a third party firewall before unleashing it to the world would have shown the problem”.
For a piece of software on which countless people rely upon (which macOS and iOS are), the “beta” begins after exhausting all internal means of detecting regressions and unwanted behaviour. It’s not cheap but they can’t just dump something and expect unpaid, third party developers to report all the bugs (while never getting a reply on that feedback app).
Process 665: 874477 leaks for 2686387600 total leaked bytes.