An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
2016 WWDC Comments
#40900 06/13/16 05:32 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
As I am watching the WWDC I am wondering how others here are feeling about the new announcements. I think there are some changes that may fundamentally change the way we view and use our MacOS and iOS devices include
  • The same desktop extending from the Mac to iPhone and iPad
  • Storage optimization freeing up local storage on all our devices through enhanced use of iCloud.
  • Siri with AI enhancement
Not that these have not been coming but the level of integration across all the devices raises the bar several notches.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
joemikeb #40902 06/13/16 06:26 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
If such things become mandatory, I'll be climbing back into my Luddite cave.
(Being totally opposed to the "cloud" from a security/privacy perspective, I'd actually be looking forward to the peace and contentment that would afford.) crazy cool

Re: 2016 WWDC Comments
joemikeb #40905 06/13/16 09:38 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Originally Posted By: joemikeb
As I am watching the WWDC I am wondering how others here are feeling about the new announcements.

• The same desktop extending from the Mac to iPhone and iPad

I'd be bugged. I quite like the OSX environment and am not crazy about iOS.

• Storage optimization freeing up local storage on all our devices through enhanced use of iCloud.

Another nope. I kinda like the idea of keeping everything on my drive. Besides, I still have 140 gigs of space on a 320 gig drive, so I don't really need any space "freed up".

• Siri with AI enhancement

Two threes or a six, as it would not affect me. I have Siri on the iPad but don't use it.

Last edited by ryck; 06/13/16 09:41 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: 2016 WWDC Comments
ryck #40906 06/13/16 11:48 PM
Joined: Aug 2009
Likes: 4
Offline

Joined: Aug 2009
Likes: 4
Is that a roundabout way of suggesting I put a granny suite in my Luddite cave ... just in case? wink

Re: 2016 WWDC Comments
grelber #40908 06/14/16 12:36 AM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: grelber
If such things become mandatory, I'll be climbing back into my Luddite cave.
(Being totally opposed to the "cloud" from a security/privacy perspective, I'd actually be looking forward to the peace and contentment that would afford.) crazy cool

Did I forget to mention end to end encryption and iCloud data encryption?


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
grelber #40913 06/14/16 12:10 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Originally Posted By: grelber
Is that a roundabout way of suggesting I put a granny suite in my Luddite cave ... just in case? wink

Thanks for the offer but I'm not so much a Luddite than a stubborn mule and, like the mule, can be finally forced to move. Think: your move from OS9 to OSX; or the time it took many of us to advance from Snow Leopard.

What the heck, I'm staying with Mountain Lion as long as I can. smile


ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: 2016 WWDC Comments
joemikeb #40914 06/14/16 12:20 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Originally Posted By: joemikeb
Did I forget to mention end to end encryption and iCloud data encryption?

This could be of interest. I'm very security conscious (careful where I go, change passwords, et cetera) but am always concerned when I read all the latest ways that bad guys are getting around roadblocks. This recent business about ransoming computers really irks me. (Jeez, am I talking myself into grelber's cave?)

Anyway, I was an early user of FileVault until I read a few horror stories, and haven't looked at it since. However, all the current stories about the effectiveness of Apple's iPhone security make me wonder. I realize that there's a chip involved, that I wouldn't have, but perhaps the software is more robust.

What's the scoop?

Last edited by ryck; 06/14/16 12:27 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: 2016 WWDC Comments
ryck #40917 06/14/16 02:11 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
FileVault 2 is a very different animal from the original FileVault. Where FileVault only encrypted the user's home folder, FileVault 2 encrypts the entire boot drive (and optionally any other attached drive). FileVault 2 actually boots from the Recovery Drive, requests the password and then boots the encrypted drive. Many of the horror stories involved forgetting passwords and Master password problems. The Master password is apparently a matter of history and Apple provides the ability to get in using the Apple ID password. FileVault 2 goes a long way toward alleviating any of my concerns about data recovery.

Admittedly I have not turned FileVault 2 on -- YET. If I used a laptop it would DEFINITELY be FileVault encrypted. Although I have confidence in the six digit login number and fingerprint security on my iPhone and iPad, I wish there were a FileVault 2 solution for both of them as well. They are obviously the most vulnerable if for no other reason than their portability and the fact I seldom go anywhere without the iPhone or both the iPhone and iPad.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
joemikeb #40918 06/14/16 04:36 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Do I assume that the "end to end encryption and iCloud data encryption" are based on FileVault 2 ?


ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: 2016 WWDC Comments
ryck #40919 06/14/16 05:22 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
As I said previously, I have not enabled FileVault 2 — YET. So I admit to not being clear on all the details. However I believe the answer is yes and no. End to end encryption includes iOS devices and services which do not have FileVault per se. iCloud encryption uses the same encryption algorithm as FileVault 2 and my understanding is an option when enabling FileVault 2.

My question is how iOS devices access encrypted iCloud data?


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
joemikeb #40921 06/16/16 07:24 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Here is a security "feature" of MacOS Sierra that some people are going to be unhappy with.

Quote:
Starting with macOS 12, Apple is making it more difficult for unsigned apps to be launched. The option, present in OS X 10.11 to always allow unsigned apps to open has been stricken from Gatekeeper, limiting users by default to App Store and App Store plus identified developers. The ability by users to launch unsigned apps remains in the operating system in a different form, however.

Double clicks will no longer work to open an unsigned app. Users must control-click, or right-click, and select open, and then authenticate user credentials. Additionally, while there is a pointer to the app wherever the user has installed the app, the app itself is stored elsewhere in the drive in a "random" fashion, effectively preventing the Gatekeeper Bypass vector of attack from functioning.

This is one that may cause the third party utility developers to burn a good amount of midnight oil to create support for.

Quote:
...the forthcoming new Apple File System (a replacement for the 30-year-old HFS that will be fully implemented in a future release, but supported in Sierra). Not mentioned but recently discovered is that Apple has reintroduced RAID support into Sierra's Disk Utility, which will please advanced users.

Last edited by joemikeb; 06/16/16 07:46 PM.

If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
joemikeb #40923 06/16/16 07:46 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: joemikeb
Although I have confidence in the six digit login number and fingerprint security on my iPhone and iPad, I wish there were a FileVault 2 solution for both of them as well. They are obviously the most vulnerable if for no other reason than their portability and the fact I seldom go anywhere without the iPhone or both the iPhone and iPad.

The iPhone secure enclave already has that covered. They use a pretty complicated, sometimes layered approach to security. Data flows through that chip, and is encrypted as needed as it streams off to the flash. It doesn't encrypt the whole drive though, but there's very little reason to encrypt the OS or apps.


I work for the Department of Redundancy Department
Re: 2016 WWDC Comments
Virtual1 #40924 06/16/16 07:50 PM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Originally Posted By: Virtual1
The iPhone secure enclave already has that covered. They use a pretty complicated, sometimes layered approach to security. Data flows through that chip, and is encrypted as needed as it streams off to the flash. It doesn't encrypt the whole drive though, but there's very little reason to encrypt the OS or apps.

I suppose it will take new hardware for that to make it to MaxOS but I suspect many would find that a welcome feature in their desktop and especially laptop Macs.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
joemikeb #40928 06/17/16 04:24 PM
Joined: Sep 2009
Offline

Joined: Sep 2009
I'm stating the obvious in saying that I wish existing technologies would be improved before piling on new ones.

During recent years, mainly the Tim Cook reign, I haven't liked much of what Apple has done, but that may mean I'm not in the mainstream, not the target audience. Obviously there are many people interested in iPads, iphones, watches, Siri, the cloud, mobility, streaming, Apple Pay, Apple Music, smarthomes.

I was worried about the new file system, but according to Ars Technica, you can convert your old data so there won't be any loss. I'm still on 10.6 and see little reason to change except for having to catch up to the internet and latest versions of browsers, which in turn demand higher versions of the OS. And so on, the treadmill.

I will say that I never saw anything especially clever or profound about the lowercase.

Re: 2016 WWDC Comments
joemikeb #40936 06/18/16 11:59 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: joemikeb
Here is a security "feature" of MacOS Sierra that some people are going to be unhappy with.

Quote:
Starting with macOS 12, Apple is making it more difficult for unsigned apps to be launched. The option, present in OS X 10.11 to always allow unsigned apps to open has been stricken from Gatekeeper, limiting users by default to App Store and App Store plus identified developers. The ability by users to launch unsigned apps remains in the operating system in a different form, however.

Double clicks will no longer work to open an unsigned app. Users must control-click, or right-click, and select open, and then authenticate user credentials. Additionally, while there is a pointer to the app wherever the user has installed the app, the app itself is stored elsewhere in the drive in a "random" fashion, effectively preventing the Gatekeeper Bypass vector of attack from functioning.

I certainly hope Apple provides us with a workaround as they did with SIP!

Enabling protection from ourselves is one thing, but they're still OUR Macs...uhhh...I hope. (If it's iron-clad, the change suggests that do-it-yourselfers will no longer be able to run their own creations on their own machines without first getting permission from Apple.)

Last edited by artie505; 06/19/16 12:06 AM. Reason: Clarification

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: 2016 WWDC Comments
artie505 #40937 06/19/16 12:32 AM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
Read a little further in the quote and you will see where it describes the work around.

Quote:
<snip>...Users must control-click, or right-click, and select open, and then authenticate user credentials. Additionally, while there is a pointer to the app wherever the user has installed the app, the app itself is stored elsewhere in the drive in a "random" fashion, effectively preventing the Gatekeeper Bypass vector of attack from functioning.

So you can run unsigned apps, albeit with some inconvenience and those apps will be blocked from deploying a common form of attack on your system.

The reality is securing a system against malware attacks almost guarantees some minor inconveniences. By the way the third party developers can get get around this inconvenience by registering with Apple and paying a small fee. So technically the inconvenience is a choice made by the third party developer.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: 2016 WWDC Comments
joemikeb #40938 06/19/16 01:47 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
I saw that workaround, but Apple has given us a user-friendly Terminal command for SIP, and they should follow suit with Gatekeeper! (In fact, I'll be quite surprised if they don't.)

Originally Posted By: joemike
The reality is securing a system against malware attacks almost guarantees some minor inconveniences.

Enabling that security is an admirable endeavor, but ramming it down the throats of those who aren't interested in it is NOT, and continual control-clicking/authentication is more cumbersome than I, and, I'm quite certain, many others will want to deal with.

(I wasn't talking about third-party developers, rather ordinary users who want to whip up programs for their own use who will now apparently have to pay Apple a fee for the privilege of conveniently running their own apps on their own Macs.)


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: 2016 WWDC Comments
joemikeb #40939 06/19/16 02:56 AM
Joined: Aug 2009
Likes: 16
Moderator
OP Online
Moderator

Joined: Aug 2009
Likes: 16
More on APFS

Although it will not be fully implemented until MacOS 13 (Sierra's successor) APFS could be a real game changer for utility developers not to mention users. If I understand correctly...
  • APFS appears to be optimized for SSD/flash storage but apparently it will work on spinning rust as well. (I wonder if APFS will impose an additions performance hit on spinning rust)
  • APFS provides multiple levels of encryption
  • different levels of encryption for individual folders and/or files.
  • files are broken up into fragments and those fragments are located on the drive randomly
I can't imagine there would not be backward support for HFS+ in MacOS 13, but maybe not in MacOS 14?

In any case it is dead certain Alsoft (DiskWarrior), Micromat (TechTool Pro), and Prosoft Engineering (Drive Genius) will have their work cut out what tools will be needed and developing support for APFS. I would be surprised if some pf their tools/functions were dropped entirely and others may have to be redesigned and recoded from scratch.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein

Moderated by  alternaut, cyn 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.035s Queries: 50 (0.026s) Memory: 0.6694 MB (Peak: 0.8053 MB) Data Comp: Zlib Server Time: 2024-03-28 18:43:54 UTC
Valid HTML 5 and Valid CSS