Phil Stokes (via John Gruber):
If you have Dropbox installed, take a look at System Preferences > Security & Privacy > Accessibility tab (see screenshot above). Notice something? Ever wondered how it got in there? Do you think you might have put that in there yourself after Dropbox asked you for permission to control the computer?
No, I can assure you that your memory isn’t faulty. You don’t remember doing that because Dropbox never presented this dialog to you, as it should have[…]
[…]
Indeed, even with your admin password, it still shouldn’t be able to get into Accessibility. Clearly Dropbox’s coders have been doing some OS X hacking on company time.
Duncan Davidson:
Furthermore, it doesn’t look like they are storing a copy of your password, as some reports have said—and which would be really, really bad. No, they’ve simply been installing things in a way that let’s them retain root privileges so that they don’t have to bug you again when they want to change things up later.
Rosyna Keller:
Dropbox could have saved a lot of pain had they just made a first-run dialog that asks if they want to enable certain features…
Phil Stokes (Hacker News, MacRumors):
After a little digging around in Apple’s vast documentation, it occurred to me to check the authorization database and see if that had been tampered with.
[…]
The string output for dbfseventsd binary didn’t reveal anything much interesting, but with the deliciously named dbaccessperm file, we finally hit gold and the exact proof I was looking for that Dropbox was using a sql attack on the tcc database to circumvent Apple’s authorization policy[…]
[…]
The upshot for me was that I learned a few things about how security and authorisation work on the mac that I didn’t know before investigating what Dropbox was up to. But most of all, I learned that I don’t trust Dropbox at all. Unnecessary privileges and backdooring are what I call untrustworthy behaviour and a clear breach of user trust.
Dropbox:
This is an Apple system dialogue box, not a dialogue from Dropbox. Mac OS X requires password authentication for changes to certain permissions, and this dialogue box is a standard way for a Mac OS X app to ask for your permission.
[…]
Yes, you can choose to click Cancel rather than approving these additional permissions. However, this means that the Dropbox features listed above will not function on your computer. If you don’t give your approval, you will be asked to enter your username and password again the next time you start or restart Dropbox.
[…]
Dropbox uses Apple Mac OS X Accessibility permissions to function properly. Specifically, we use Accessibility APIs for the Dropbox badge (part of Microsoft Office integrations).
[…]
You cannot currently disable Accessibility access for the Dropbox Mac OS X desktop app. We realize this isn’t a great experience, and we’re actively working to make this better.
Phil Stokes (MacRumors):
With the release of the latest version of the Mac operating system, 10.12 macOS Sierra, it’s pleasing to see that Apple have fixed a bug I reported against El Capitan in October of last year, and wrote about on this blog here and here.
The TCC.db is now under SIP, which means hacking the Accessibility preferences is no longer possible.
Surreptitiously modifying the permissions database is a violation of user trust. It seems to be well-intentioned, but I’m surprised that Dropbox would go to such lengths in order to ease the setup of a feature that probably few of its customers use. I do sympathize, however, as a developer who has had to guide customers through the confusing process of manually granting accessibility permissions.
Accessibility Dropbox Mac Mac OS X 10.11 El Capitan macOS 10.12 Sierra Microsoft Office Security System Integrity Protection Transparency Consent and Control (TCC)
The first impression of downloading a major OS update is still discouraging.
Adam C. Engst:
Fujitsu (a TidBITS sponsor) is warning users of the company’s ScanSnap document scanners and accompanying software to avoid upgrading to macOS 10.12 Sierra at this point. Fujitsu has identified a variety of problems associated with its ScanSnap software when running in Sierra.
People have been blaming Fujitsu for this, but I wonder whether the issues are instead caused by bugs from Apple’s rewrite of its PDF subsystem, which has also been affecting EagleFiler. (I’ve also updated DropDMG and SpamSieve for Sierra.)
Andrew Cunningham and Lee Hutchinson (Hacker News):
It has been a long time since the Mac was Apple’s favorite child, and there are places in Sierra (like the Messages app) where it clearly feels like Mac users are getting a second-tier experience compared to people on iOS. Add in the Mac’s stale, aging hardware lineup and Apple’s total lack of communication about it, and there seems to be real problems for the Mac as a platform.
[…]
When Snow Leopard, Lion, and Mountain Lion dropped older Macs, there were clear reasons why the hardware that went unsupported was being left behind (PowerPC CPUs, 32-bit Intel CPUs, and 32-bit EFI and driver limitations, respectively). In Sierra, aging hardware and drivers are a factor—drivers especially, since a lot of the GPUs, networking hardware, and chipsets in those older machines have long since been forgotten by the hardware companies that made them—but there are no hard-and-fast hardware cutoffs. I’ve seen many attempts to define a strictly hardware-related cutoff, but none of them quite work.
[…]
If you don’t want universal clipboard to work, you can head into the General preference pane and disable Handoff. As best we can tell, there’s no way to keep Handoff but not the universal clipboard.
[…]
The main change in Notes is a real-time collaboration option. Hit the button at the top of the screen and enter some Apple IDs to invite others to view and edit the note with you. You can send anyone you’ve invited a link via one of many different apps or services, including Mail, Messages, AirDrop, Twitter, Facebook, and more.
[…]
The Gatekeeper options in System Preferences will no longer let you choose to allow any and all apps by default. The only two options are to allow signed apps and Mac App Store apps (still the default in Sierra, as it always has been), or just those from the Mac App Store.
[…]
In discussing APFS checksumming directly with Apple, the company told Ars that user data integrity is a top priority, and that the decision to checksum metadata but not file data (and other major architectural decisions made around Sierra) are driven by decades of data on what does and does not work well with file system design.
[…]
One tack Apple didn’t take is writing multiple copies of an object’s metadata to disk. The reasoning given is simply that solid state disks offer no real way for the operating system to ensure that the multiple copies would be written to different physical NAND cells—and that concurrent writes are in fact often grouped into the same cell. Writing two redundant copies to the same physical location kind of defeats the purpose of having two redundant copies.
[…]
Disk Utility was redesigned with El Capitan, and the few tweaks Apple has made are unlikely to appease you if you miss the old version.
Stephen Hackett:
There is one big difference between these sets of results worth pointing out. Spotlight can surface email attachments, while Siri can just show what’s in my user folder.
[…]
Lastly, shared clipboard content is only available for two minutes. This helps make Universal Clipboard feel much more intentional. In my month or so of using it, I’ve never once felt surprised at my devices doing the “wrong” thing.
[…]
This does screw with clipboard managers on the Mac. I use Alfred for this, and it only sees Universal Clipboard content after I paste it somewhere on the Mac. In short, I can’t use Alfred as a running clipboard history for my iPhone or iPad when they are in range of my Mac. This isn’t a big deal, but something to be aware of if you use a clipboard manager.
[…]
This is one of the features Apple ships that feels like it was designed in a bubble. Universal Clipboard is great if you work in a very intentional way. If you’re at your Mac and go to pick up your iPad to finish a task, it’s great. If you share your tablet with someone else in the house, however, you can very be quickly in the situation where devices in the same location are over-riding each other’s clipboards.
Roman Loyola:
To use Universal Clipboard, you copy from your Mac or iOS device just as you normally would. Then go to your recipient device, and perform a paste. If you’re pasting on a Mac, you may see a progress bar indicator. On iOS, you see a message window stating the device your paste is coming from.
I did find one hiccup involving Microsoft Word. When copying text from a Word document, it pasted in iOS 10 Notes as Chinese text.
Jason Snell:
What I’m saying is, the Universal Clipboard feature is really cool and clever when it works, and I wish it worked more reliably. I’ll keep trying to use it. I hope it becomes more reliable as time goes by.
[…]
Still, I gave it a whirl. I turned on iCloud syncing for my Desktop and Documents folder (you have to sync them both), knowing I’d be watching a few gigabyte-sized audio projects slowly uploaded. What happened was a bit more disturbing: The entire contents of my iMac’s Desktop disappeared. This turned out to be a function of the fact that I’d already turned on syncing a MacBook Pro, and rather than merging the contents of the laptop’s Desktop with my iMacs, Sierra created a new folder and moved all the items on my Desktop into it. (The same happened to my Documents folder.) So my files were still there and uploading, but I had to drag them back out onto the proper Desktop and restore them to their proper positions.
[…]
Sierra also offers a feature that lets your Mac arbitrarily delete any of the items in your Desktop and Documents folders that have been stored in iCloud. […] Here’s what happened: I was editing a podcast in Apple’s Logic Pro X, and my project was stored on the Desktop. All of a sudden, the voice of one of my podcast panelists simply vanished from the mix. I quit and re-launched Logic, only to be told that the file in question was missing. Sure enough, a visit to Finder revealed that Sierra had “optimized” my storage and removed that file from my local drive. I’ll grant you, the file was a couple of weeks old, and very large as most audio files are. But I was also actively using it within a Logic project. Apparently that didn’t count for anything?
[…]
To add insult to injury, at the time my files were deleted, my hard drive had approximately 80GB of free space. Why were the files deleted? I have no idea, but I suspect a bug in how Sierra was viewing the stock internal SSD of my iMac, because it’s also warned me that it didn’t have enough space to back up a 64GB iPhone with more than 100GB free, and gave me a “you’re about to run out of disk space” warning with 60GB free. So not only did Sierra remove files that I was using, it did so without any necessity.
Adam C. Engst:
For those struggling to free up space, particularly on a notebook Mac with relatively little internal flash storage, Optimized Storage sounded great, at least if you don’t mind paying for online storage in iCloud Drive. And while it could be a great boon for such people, it turns out to be a somewhat confusing collection of seemingly unrelated features, burdened by one of the stranger interfaces that Apple has produced in recent years.
[…]
Amusingly, Microsoft Windows has been capable of automatically deleting files from its Recycle Bin at least since Windows 98, although back then it deleted older files when adding a newer file to the Recycle Bin caused it to exceed a user-specified size. I’m surprised it took Apple this long to get to the point of taking the trash out for the user.
[…]
My second warning is that turning off Desktop and Documents folder syncing is stressful. When you do this, in System Preferences > iCloud > iCloud Drive > Options, Sierra tells you that all your files will be available only in iCloud, which seems wrong: if you’re turning off syncing, you’re doing so because you want them locally. However, that dialog is followed immediately by another that tells you that you can recover your files from iCloud Drive.
Tom Bridge:
This is a great concept, designed to save space on your SSD-based Macs that are very definitely space constrained, but there are pitfalls. I am glad that Rich Trouton has made available his configuration profile that blocks this setting for organizations to use on their computers. I’m not interested in turning this feature on any time soon.
Rich Trouton:
Siri is a welcome addition to macOS Sierra, but in certain environments it’s a service which needs to be disabled. For those Mac admins who need to do this, here are the relevant keys.
Jesper:
On macOS Sierra, when you click the play/pause button on attached headphones and Siri is Off, an alert comes up asking you whether you want to enable Siri. Every. Single. Time. No matter what you do.
Keir Thomas:
With the macOS Sierra update Siri finally makes it onto the Mac.
However, did you know about the following Mac-specific tricks?
Nick Heer:
It’s a little frustrating that this kind of stuff is gated behind a spoken Siri command. Not only does this require talking to your computer — a task which I still find a little bit weird — it also means that the computer must interpret what you’re saying absolutely perfectly for this feature to be of any use.
David Pogue:
Siri on the Mac—that is really big. Siri is far more complete and powerful than Cortana is on Windows, and having voice control of your computer is a game-changer.
Lloyd Chambers:
Unlike the past 3 or 4 releases, macOS Sierra is probably safe to go ahead with right away. Finally, relief from the Apple quality failure onslaught.
Lloyd Chambers:
Clicking on my Sent mailbox (and others) results in delays of up to 30 seconds in showing the mailbox, along with multiple rainbow beach balls. The system has had ample time to do whatever it is it does after a system upgrade. Then trying to open one message may take another 20 seconds. Apple mail pins a CPU or more during this time.
Peter Maurer:
TIL that Icon Composer uses Garbage Collection and thus can’t run on Sierra. Dammit, I was still using that, mostly for quick scaling.
See also: Alex Guyot and Rene Ritchie.
Previously: Testing for macOS 10.12 Sierra.
Update (2016-09-23): Andrew Abernathy:
Well, Aperture is pretty broken in Sierra. Just switching to the Info tab gets an uncaught exception; “continue in an inconsistent state?”
Update (2016-09-24): I continue to run into PDF and Preview issues. I’m also having problems with new application windows being added in tabs despite disabling that in the preferences.
Josh Marshall:
When I did that everything disappeared. So all the files on my Desktop were gone. All the files in my Documents folder were gone.
[…]
The guy on the line explained to me that the system was really more intended for users who had a single desktop and iOS devices rather than trying to use this syncing function on more than one desktop.
Update (2016-09-27): Benjamin Mayo:
I’ve barely used macOS Siri and I already have a list of niggles and unfinished edges. I’m even ignoring things that are potentially debatable and just focusing on things that are unequivocally wrong.
[…]
There is nowhere to check Universal Clipboard connectivity so I’m basically left in the dark about how to fix this because it fails silently. If it was done properly, it would flag up a ‘Universal Clipboard Failed’ alert with details of the error. As it is, I have no recourse apart from crossing my fingers and hoping it sorts itself out.
Update (2016-09-28): Keir Thomas:
We’ve already described macOS Sierra’s new window-snapping feature but we didn’t realize Sierra also introduces a new feature that lets you ultra-quickly expand windows to the edge of the screen.
Aperture Apple File System (APFS) Apple Mail Apple Software Quality Bug Disk Utility File System Fujitsu ScanSnap Garbarge Collection Gatekeeper iCloud iCloud Drive Mac Mac App Store macOS 10.12 Sierra Messages.app Notes PDF Photos.app Preview.app Siri Spotlight
My initial impression is that I don’t have a strong reaction either way. A lot of things are a little nicer. Some are a little worse.
I initially ran into a lot of errors syncing with iTunes on my Mac, but that mysteriously fixed itself after a day or so. I continue to see a bug where there’s a delay before dictation works with my Bluetooth headset.
Probably the worst problem is that auto-correct is much less accurate. I went from typing pretty quickly and very accurately to frequently typing long strings of nonsense. They don’t even look like words, and it takes multiple tries to correct them. And, secondly, when I am typing slowly and not making mistakes, it is more aggressive about “correcting” to a completely different word. Hopefully, either iOS will adapt to the way I type or I will fix whatever I’m doing wrong.
The camera audio bug is finally fixed. HDR still doesn’t stay on. Importing photos via Image Capture now requires me to unlock the phone.
The Bedtime feature is interesting but a bit odd. It doesn’t consistently remind me to go to bed, and there seems to be no way to preview the wake-up sounds. [Update: The sounds do play, but very quietly. The preview seems to use the ringer volume (which I had set to the minimum) rather than the one in Bedtime (which I had set to maximum).]
For full reviews, see Andrew Cunningham, Nick Heer, David Pogue, Rene Ritchie, and Federico Viticci.
Jason Snell:
The biggest change in iOS 10, the thing that required the most retraining for me, happens right at the beginning of every interaction.
In iOS 9, I began using my iPhone by putting my thumb on the home button of my iPhone 6S and pushing. Touch ID would sense my fingerprint and unlock the phone. Yes, it blew past all my notifications, but it was fast.
With iOS 10, I’ve needed to train myself to do things in an entirely different way.
Steven Frank:
I’m confused by this new iOS 10 device unlock process. I have to do this 100s of times a day and now suddenly it’s possible to do it wrong.
David Chartier:
Each major iOS release brings big headline features that Apple announces on stage. But there’s always a lot of great little improvements and polish, many bringing improvements worthy of their own headlines. I kept a running list of these big little iOS 10 features while testing the public betas. Now it’s time to share with the rest of the class.
Josh Centers:
I’d like to share ten of the most useful and relevant highlights to help you make the most of iOS 10.
Nick Lockwood:
OMG the new Messages interface is so much worse than before. Mystery meat unlabelled buttons for everything.
Ashley Feinberg (via John Gordon):
Apple seems to be using search (in this case powered by Bing) to pull GIFs from a number of different sources. Its only censorship method thus far seems to be blocking potentially problematic words like “boobs” and “penis” and—as of this morning—“butt.” And there’s no reason for Apple to think that the word “huge” would bring up anything more than, say, a particularly large pillow or strawberry, except for the fact that of course it fucking would.
Simon Ganz:
After iOS 10 update, all shortcuts are gone and when re-added, don’t sync.
Kirk McElhearn:
Lots of people have been asking where the Shuffle or Repeat buttons are in the iOS 10 Music app. And it’s true, they’re not easy to find.
John Gruber:
The problem is, the screen where you swipe up to reveal them doesn’t offer any sort of visual indication that there’s a reason to swipe up.
Kirk McElhearn:
Genius is one of my favorite features in iTunes and the iOS Music app. It’s full of surprises. But it seems that Apple doesn’t like it any more. They changed the way you make Genius playlists in iTunes 12.3, and now they’ve removed it from the iOS Music app.
Mike Clay:
It's been a few days now, and the reality of the iOS 10 music ecosystem is beginning to settle. The redesigned Apple music player has been polarizing, to say the least, and one of the most dismayed groups are users who rely heavily on star ratings.
In iOS 10, ratings in general are buried deeper in the UI. Apple has made it a little more tedious to access their proprietary Love/Dislike algorithm, but the older 5-star system has been removed entirely.
Andrew Cunningham:
I’ve been tracking the performance of new iOS versions on the slowest supported hardware for four years now, and I don’t think my findings have been positive since I wrote about iOS 6 on the iPhone 3GS. iOS 7 was a bad fit for the iPhone 4, and iOS 7.1 was only an improvement in a relative sense. iOS 8 and iOS 9 were tolerable on the iPhone 4S, but they were still significant slowdowns compared to iOS 6 and 7.
But we have some reason to be optimistic about iOS 10 on the iPhone 5.
Kirk McElhearn:
With iOS 10, you can use your iOS device as a magnifying glass.
Benjamin Mayo:
I like the move back towards thicker fonts.
heyeased (via Isaac Halvorson):
The history of the 1px wallpaper effect, iOS 7.0-7.1: It could not set to wallpaper (App crashed), 8.0-8.2:Folders were pale blue tone (I vaguely remember Dock had a dark color also on 1px.), 8.3-9.3: these were gray tone and the background was never darkened on any color, and 10: the background is darkened on any color but Dock and folders are the original color. It has been changed three times since iOS 7.
Jeremy Burge:
This release (iOS 10.0.1) contains a total of 37 new emojis, or 632 emoji updates in total. This latter figure includes completely new characters as well as redesigned images for existing emojis.
Nick Heer:
Despite all of the things I thought Apple did right in iOS 10, I found their lack of support for the iPad as a unique platform to be disappointing. I know they can’t hit every item on their internal wish list with each release, but after the robust enhancements to the iPad experience in iOS 9, seeing many of this year’s improvements be scaled-up versions of the iPhone experience was not encouraging. In particular, the lack of significant improvements for the 12.9-inch iPad Pro seems worrying.
Auto-Correction Bluetooth Bug Camera Dictation Emoji High Dynamic Range (HDR) Image Capture iOS iOS 10 iPad iWork Keyboard Messages.app Music PDF Typography Wallpaper
