Archive for November 2, 2022

Wednesday, November 2, 2022

Ventura Bug Disables Security Software

Thomas Reed:

In the case of security software using Apple’s Endpoint Security framework, it is an Apple-enforced requirement that the software get a higher level of permission from TCC - namely, Full Disk Access.


Unfortunately, in Ventura, affected software will appear to have FDA within this settings pane, but in reality it does not. Worse, you cannot simply “turn it off and back on again,” as the switch for turning off FDA for the security software refuses to turn off. This leaves the software in an unfortunate state where it cannot function, and the user (seemingly) cannot give it the access it needs.


It all began with a bug in macOS that was presented by security researcher Csaba Fitzl[…]. The bug was almost ridiculously simple: Execute a simple, short command (tccutil reset All) in the Terminal and you could revoke Full Disk Access from all security clients installed on the machine, rendering their real-time protection features inactive.


In essence, Apple’s “fix” for this vulnerability ended up causing the results of the vulnerability, for all security software on all Ventura systems. 🤦‍♂️

Ventura Drops Older SSH Support

Richard Staats (via Charlie Stross):

The reason for this issue is that MacOS 13 ships with OpenSSH_9.0p1 which has disabled RSA signatures on SHA-1 hash algorithms. If upgrading OpenSSH on the server and/or regenerating your SSH key isn’t an option you can workaround this issue by adding the following to your ~/.ssh/config file[…]

Update (2022-12-01): Stefan Reitshamer:

If you’re using Arq 7 to connect to a macOS Ventura SFTP server and you’re getting the error “Username/PublicKey combination invalid”, it may be due to Ventura’s upgrade to OpenSSH 9.1.

The Raspberry Pi Ventura Problem


Apple appear to have implemented a change in “Ventura” to the way extended attributes are written which is causing it to fail on devices that present a “virtual” USB Mass Storage device.

Via Rui Carmo:

In short, macOS Ventura is the only operating system where you can’t program a Raspberry Pi Pico (and, potentially, any other board that supports MicroPython or CircuitPython, not just RP2040 ones) by just dragging files onto its virtual USB drive.

Like pretty much every single filesystem-related weirdness we’ve been subject to throughout the history of macOS, it may look like an edge case to the Finder team at Apple, but it is a breaking issue for anyone using their otherwise perfectly good Mac for a perfectly normal thing that just works on every other operating system.

See also: Alasdair Allan.

Apple’s Use of Swift and SwiftUI in iOS 16

Alexandre Colucci (tweet):

The number of binaries composing iOS continues to increase: iOS 16 contains 5403 binaries, up from 4738 in iOS 15. That’s 665 new binaries.


Without surprise, we can clearly confirm that some of the new iOS 16 features have been built using SwiftUI[…]


When performing this analysis, one number surprised me: iOS 16 only contains 4 apps using the SwiftUI-based app lifecycle[…]


Yet the Swift and SwiftUI adoption continues its exponential climb: iOS 16 contains 226 binaries using SwiftUI, which doubled the number from iOS 15. Likewise the number of binaries containing at least one line of Swift code increased consequently between iOS 15 and iOS 16[…]

Dave Verwer:

That said, Objective-C still dominates the iOS codebase, with it being a part of over 65% of all binaries, which should answer the question of how close Apple is to deprecating it.


It’s important to remember that going “all in” on SwiftUI isn’t necessary. Despite the famous message from this year’s keynote, the fastest and best way to write an iOS app today is with a mixture of technologies, and it appears that’s exactly what Apple is doing internally.

David Kopec:

It’s all about how you interpret data. You could read this as, “Wow, SwiftUI is doubling in number of binaries!” Or, you could read this as, “Wow, SwiftUI is growing the same as UIKit in absolute terms and will therefore never catch it.”