An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Topic Options
#40900 - 06/13/16 10:32 AM 2016 WWDC Comments
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
As I am watching the WWDC I am wondering how others here are feeling about the new announcements. I think there are some changes that may fundamentally change the way we view and use our MacOS and iOS devices include
  • The same desktop extending from the Mac to iPhone and iPad
  • Storage optimization freeing up local storage on all our devices through enhanced use of iCloud.
  • Siri with AI enhancement
Not that these have not been coming but the level of integration across all the devices raises the bar several notches.
_________________________
joemikeb • moderator

Top
#40902 - 06/13/16 11:26 AM Re: 2016 WWDC Comments [Re: joemikeb]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
If such things become mandatory, I'll be climbing back into my Luddite cave.
(Being totally opposed to the "cloud" from a security/privacy perspective, I'd actually be looking forward to the peace and contentment that would afford.) crazy cool

Top
#40905 - 06/13/16 02:38 PM Re: 2016 WWDC Comments [Re: joemikeb]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: joemikeb
As I am watching the WWDC I am wondering how others here are feeling about the new announcements.

• The same desktop extending from the Mac to iPhone and iPad

I'd be bugged. I quite like the OSX environment and am not crazy about iOS.

• Storage optimization freeing up local storage on all our devices through enhanced use of iCloud.

Another nope. I kinda like the idea of keeping everything on my drive. Besides, I still have 140 gigs of space on a 320 gig drive, so I don't really need any space "freed up".

• Siri with AI enhancement

Two threes or a six, as it would not affect me. I have Siri on the iPad but don't use it.


Edited by ryck (06/13/16 02:41 PM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS High Sierra 10.13.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 320GB OWC Mercury OTG Pro
Super Duper on 500GB OWC Mercury OTG Pro

Top
#40906 - 06/13/16 04:48 PM Re: 2016 WWDC Comments [Re: ryck]
grelber Offline


Registered: 08/05/09
Loc: North of 49th ||
Is that a roundabout way of suggesting I put a granny suite in my Luddite cave ... just in case? wink

Top
#40908 - 06/13/16 05:36 PM Re: 2016 WWDC Comments [Re: grelber]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: grelber
If such things become mandatory, I'll be climbing back into my Luddite cave.
(Being totally opposed to the "cloud" from a security/privacy perspective, I'd actually be looking forward to the peace and contentment that would afford.) crazy cool

Did I forget to mention end to end encryption and iCloud data encryption?
_________________________
joemikeb • moderator

Top
#40913 - 06/14/16 05:10 AM Re: 2016 WWDC Comments [Re: grelber]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: grelber
Is that a roundabout way of suggesting I put a granny suite in my Luddite cave ... just in case? wink

Thanks for the offer but I'm not so much a Luddite than a stubborn mule and, like the mule, can be finally forced to move. Think: your move from OS9 to OSX; or the time it took many of us to advance from Snow Leopard.

What the heck, I'm staying with Mountain Lion as long as I can. smile
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS High Sierra 10.13.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 320GB OWC Mercury OTG Pro
Super Duper on 500GB OWC Mercury OTG Pro

Top
#40914 - 06/14/16 05:20 AM Re: 2016 WWDC Comments [Re: joemikeb]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Originally Posted By: joemikeb
Did I forget to mention end to end encryption and iCloud data encryption?

This could be of interest. I'm very security conscious (careful where I go, change passwords, et cetera) but am always concerned when I read all the latest ways that bad guys are getting around roadblocks. This recent business about ransoming computers really irks me. (Jeez, am I talking myself into grelber's cave?)

Anyway, I was an early user of FileVault until I read a few horror stories, and haven't looked at it since. However, all the current stories about the effectiveness of Apple's iPhone security make me wonder. I realize that there's a chip involved, that I wouldn't have, but perhaps the software is more robust.

What's the scoop?


Edited by ryck (06/14/16 05:27 AM)
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS High Sierra 10.13.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 320GB OWC Mercury OTG Pro
Super Duper on 500GB OWC Mercury OTG Pro

Top
#40917 - 06/14/16 07:11 AM Re: 2016 WWDC Comments [Re: ryck]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
FileVault 2 is a very different animal from the original FileVault. Where FileVault only encrypted the user's home folder, FileVault 2 encrypts the entire boot drive (and optionally any other attached drive). FileVault 2 actually boots from the Recovery Drive, requests the password and then boots the encrypted drive. Many of the horror stories involved forgetting passwords and Master password problems. The Master password is apparently a matter of history and Apple provides the ability to get in using the Apple ID password. FileVault 2 goes a long way toward alleviating any of my concerns about data recovery.

Admittedly I have not turned FileVault 2 on -- YET. If I used a laptop it would DEFINITELY be FileVault encrypted. Although I have confidence in the six digit login number and fingerprint security on my iPhone and iPad, I wish there were a FileVault 2 solution for both of them as well. They are obviously the most vulnerable if for no other reason than their portability and the fact I seldom go anywhere without the iPhone or both the iPhone and iPad.
_________________________
joemikeb • moderator

Top
#40918 - 06/14/16 09:36 AM Re: 2016 WWDC Comments [Re: joemikeb]
ryck Offline


Registered: 08/04/09
Loc: Okanagan Valley
Do I assume that the "end to end encryption and iCloud data encryption" are based on FileVault 2 ?
_________________________
ryck

iMac (Retina 5K, 27", 2017), 3.4 GHz Intel Core i5, 8GB RAM, 2400 MHz DDR4
OS High Sierra 10.13.6
Canon MX710 Printer
Epson Perfection V500 Photo Scanner
Time Machine on 320GB OWC Mercury OTG Pro
Super Duper on 500GB OWC Mercury OTG Pro

Top
#40919 - 06/14/16 10:22 AM Re: 2016 WWDC Comments [Re: ryck]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
As I said previously, I have not enabled FileVault 2 — YET. So I admit to not being clear on all the details. However I believe the answer is yes and no. End to end encryption includes iOS devices and services which do not have FileVault per se. iCloud encryption uses the same encryption algorithm as FileVault 2 and my understanding is an option when enabling FileVault 2.

My question is how iOS devices access encrypted iCloud data?
_________________________
joemikeb • moderator

Top
#40921 - 06/16/16 12:24 PM Re: 2016 WWDC Comments [Re: joemikeb]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Here is a security "feature" of MacOS Sierra that some people are going to be unhappy with.

Quote:
Starting with macOS 12, Apple is making it more difficult for unsigned apps to be launched. The option, present in OS X 10.11 to always allow unsigned apps to open has been stricken from Gatekeeper, limiting users by default to App Store and App Store plus identified developers. The ability by users to launch unsigned apps remains in the operating system in a different form, however.

Double clicks will no longer work to open an unsigned app. Users must control-click, or right-click, and select open, and then authenticate user credentials. Additionally, while there is a pointer to the app wherever the user has installed the app, the app itself is stored elsewhere in the drive in a "random" fashion, effectively preventing the Gatekeeper Bypass vector of attack from functioning.

This is one that may cause the third party utility developers to burn a good amount of midnight oil to create support for.

Quote:
...the forthcoming new Apple File System (a replacement for the 30-year-old HFS that will be fully implemented in a future release, but supported in Sierra). Not mentioned but recently discovered is that Apple has reintroduced RAID support into Sierra's Disk Utility, which will please advanced users.


Edited by joemikeb (06/16/16 12:46 PM)
_________________________
joemikeb • moderator

Top
#40923 - 06/16/16 12:46 PM Re: 2016 WWDC Comments [Re: joemikeb]
Virtual1 Offline


Registered: 08/04/09
Loc: Iowa
Originally Posted By: joemikeb
Although I have confidence in the six digit login number and fingerprint security on my iPhone and iPad, I wish there were a FileVault 2 solution for both of them as well. They are obviously the most vulnerable if for no other reason than their portability and the fact I seldom go anywhere without the iPhone or both the iPhone and iPad.

The iPhone secure enclave already has that covered. They use a pretty complicated, sometimes layered approach to security. Data flows through that chip, and is encrypted as needed as it streams off to the flash. It doesn't encrypt the whole drive though, but there's very little reason to encrypt the OS or apps.
_________________________
I work for the Department of Redundancy Department

Top
#40924 - 06/16/16 12:50 PM Re: 2016 WWDC Comments [Re: Virtual1]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Originally Posted By: Virtual1
The iPhone secure enclave already has that covered. They use a pretty complicated, sometimes layered approach to security. Data flows through that chip, and is encrypted as needed as it streams off to the flash. It doesn't encrypt the whole drive though, but there's very little reason to encrypt the OS or apps.

I suppose it will take new hardware for that to make it to MaxOS but I suspect many would find that a welcome feature in their desktop and especially laptop Macs.
_________________________
joemikeb • moderator

Top
#40928 - 06/17/16 09:24 AM Re: 2016 WWDC Comments [Re: joemikeb]
deniro Offline


Registered: 09/09/09
I'm stating the obvious in saying that I wish existing technologies would be improved before piling on new ones.

During recent years, mainly the Tim Cook reign, I haven't liked much of what Apple has done, but that may mean I'm not in the mainstream, not the target audience. Obviously there are many people interested in iPads, iphones, watches, Siri, the cloud, mobility, streaming, Apple Pay, Apple Music, smarthomes.

I was worried about the new file system, but according to Ars Technica, you can convert your old data so there won't be any loss. I'm still on 10.6 and see little reason to change except for having to catch up to the internet and latest versions of browsers, which in turn demand higher versions of the OS. And so on, the treadmill.

I will say that I never saw anything especially clever or profound about the lowercase.
_________________________
OS X 10.11.6
iMac 21.5", Mid 2011
2.8 GHz Intel Core i7, 24 GB
AMD Radeon HD 6770M
Using Apple computers since 1980

Top
#40936 - 06/18/16 04:59 PM Re: 2016 WWDC Comments [Re: joemikeb]
artie505 Online


Registered: 08/04/09
Originally Posted By: joemikeb
Here is a security "feature" of MacOS Sierra that some people are going to be unhappy with.

Quote:
Starting with macOS 12, Apple is making it more difficult for unsigned apps to be launched. The option, present in OS X 10.11 to always allow unsigned apps to open has been stricken from Gatekeeper, limiting users by default to App Store and App Store plus identified developers. The ability by users to launch unsigned apps remains in the operating system in a different form, however.

Double clicks will no longer work to open an unsigned app. Users must control-click, or right-click, and select open, and then authenticate user credentials. Additionally, while there is a pointer to the app wherever the user has installed the app, the app itself is stored elsewhere in the drive in a "random" fashion, effectively preventing the Gatekeeper Bypass vector of attack from functioning.

I certainly hope Apple provides us with a workaround as they did with SIP!

Enabling protection from ourselves is one thing, but they're still OUR Macs...uhhh...I hope. (If it's iron-clad, the change suggests that do-it-yourselfers will no longer be able to run their own creations on their own machines without first getting permission from Apple.)


Edited by artie505 (06/18/16 05:06 PM)
Edit Reason: Clarification
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#40937 - 06/18/16 05:32 PM Re: 2016 WWDC Comments [Re: artie505]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
Read a little further in the quote and you will see where it describes the work around.

Quote:
<snip>...Users must control-click, or right-click, and select open, and then authenticate user credentials. Additionally, while there is a pointer to the app wherever the user has installed the app, the app itself is stored elsewhere in the drive in a "random" fashion, effectively preventing the Gatekeeper Bypass vector of attack from functioning.

So you can run unsigned apps, albeit with some inconvenience and those apps will be blocked from deploying a common form of attack on your system.

The reality is securing a system against malware attacks almost guarantees some minor inconveniences. By the way the third party developers can get get around this inconvenience by registering with Apple and paying a small fee. So technically the inconvenience is a choice made by the third party developer.
_________________________
joemikeb • moderator

Top
#40938 - 06/18/16 06:47 PM Re: 2016 WWDC Comments [Re: joemikeb]
artie505 Online


Registered: 08/04/09
I saw that workaround, but Apple has given us a user-friendly Terminal command for SIP, and they should follow suit with Gatekeeper! (In fact, I'll be quite surprised if they don't.)

Originally Posted By: joemike
The reality is securing a system against malware attacks almost guarantees some minor inconveniences.

Enabling that security is an admirable endeavor, but ramming it down the throats of those who aren't interested in it is NOT, and continual control-clicking/authentication is more cumbersome than I, and, I'm quite certain, many others will want to deal with.

(I wasn't talking about third-party developers, rather ordinary users who want to whip up programs for their own use who will now apparently have to pay Apple a fee for the privilege of conveniently running their own apps on their own Macs.)
_________________________
The new Great Equalizer is the SEND button.

In Memory Of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Top
#40939 - 06/18/16 07:56 PM Re: 2016 WWDC Comments [Re: joemikeb]
joemikeb Offline
Moderator

Registered: 08/04/09
Loc: Fort Worth, Texas
More on APFS

Although it will not be fully implemented until MacOS 13 (Sierra's successor) APFS could be a real game changer for utility developers not to mention users. If I understand correctly...
  • APFS appears to be optimized for SSD/flash storage but apparently it will work on spinning rust as well. (I wonder if APFS will impose an additions performance hit on spinning rust)
  • APFS provides multiple levels of encryption
  • different levels of encryption for individual folders and/or files.
  • files are broken up into fragments and those fragments are located on the drive randomly
I can't imagine there would not be backward support for HFS+ in MacOS 13, but maybe not in MacOS 14?

In any case it is dead certain Alsoft (DiskWarrior), Micromat (TechTool Pro), and Prosoft Engineering (Drive Genius) will have their work cut out what tools will be needed and developing support for APFS. I would be surprised if some pf their tools/functions were dropped entirely and others may have to be redesigned and recoded from scratch.
_________________________
joemikeb • moderator

Top

Moderator:  alternaut, cyn