Cesare Forelli:
I want to file a constructive Feedback to Apple about the developer experience with the Feedback process itself (very meta, I know), and I need yours!
5 quick & unbiased questions, please 🙏 answer them now.
Previously:
iOS iOS 18 Mac macOS 15 Sequoia Programming Radar and Feedback Assistant
Will Dormann:
[Running] nslookup clearly causes a DNS request and a response to go over the wire, but nslookup eventually gives up thinking that no servers could be reached.
[…]
So if I turn off the macOS firewall, this all works fine. 🤔
[…]
Problem #1: “Block incoming connections” includes DNS responses is new as of macOS Sequoia. Prior to macOS 15 Sequoia “Block incoming connections” meant “Don’t poke a hole in my firewall for this”. Starting with Sequoia, this also includes “Don’t allow responses to DNS requests”, which is clearly a bug in the macOS stateful firewall. Any response to a request that I initiate should be allowed in.
Problem #2: The macOS GUI for firewall rules being disconnected from the existing rules (e.g. cannot change some) is apparently an artifact of macOS switching underlying storage for the firewall rules at some point. And the GUI apparently is only hooked up to the old storage. If you’ve had a Mac for a while, you’ll probably get bitten by this.
Wacław Jacek:
It seems the OS firewall can sometimes start blocking access to web browsing after upgrading to macOS Sequoia. At least this was the case for me and some folks on Reddit.
Going to the firewall settings screen, there can be no way to toggle access for the browser.
Ivo Damjanović:
I have an issue with the firewall too. It does not accept incoming SSH connections. But they are allowed. I think this is a bug. I can tell you how to edit the entry list. You are able to edit some of them because the UI uses an old firewall rule storage. You can not edit the rules that use the new storage. You may edit them with sudo /usr/libexec/ApplicationFirewall/socketfilterfw --listapps.
I’m also hearing that firewall and other security and networking settings were silently reverted by the Sequoia update.
See also: MacRumors, Reddit, ESET.
Previously:
Domain Name System (DNS) Firewall Mac macOS 15 Sequoia Networking SSH
Ryan Naraine (via Hacker News):
Apple has abruptly withdrawn its lawsuit against NSO Group, citing increased risk that the legal battle might unintentionally reveal sensitive vulnerability data and difficulties in acquiring essential information from the spyware vendor.
In a court filing Friday, Apple said continuing the lawsuit now poses “too significant a risk” of exposing the anti-exploitation and threat intelligence efforts needed to fend off the very adversaries involved in the legal dispute.
[…]
Apple also cited concerns that NSO Group and unidentified officials in Israel may have taken actions to avoid producing information during discovery. “This means that going forward with this case will potentially involve disclosure to third parties of the information Apple uses to defeat spyware while Defendants and others create significant obstacles to obtaining an effective remedy,” the company said.
Nick Heer:
It also downplays the effects of a successful suit — a win would, according to Apple, “no longer have the same impact as it would have had in 2021” because there are plenty of NSO Group competitors.
WhatsApp appears to be continuing its suit against NSO Group. On the same day Apple filed its request to dismiss its case, WhatsApp attorneys were scheduling depositions (PDF).
Previously:
Apple iOS Lawsuit Legal NSO Group Security WhatsApp
Denham Sadler (via Hacker News, Slashdot):
Canva has announced a tripling of their prices for some of its users as the Australian tech company prepares for a public listing in the US.
In the US, some users have had their subscription increase from $119.99 per year to $300 per year for the first 12 months, then $500 per year thereafter– an increase of 316 per cent.
[…]
A spokesperson for Canva said the price rise was due in part to the introduction of a number of new features on the Canva platform, including many powered by AI and generative AI.
That’s the largest increase I can recall seeing.
Previously:
App Subscriptions Artificial Intelligence Business Canva Web
