{"id":44444,"date":"2024-08-12T16:11:36","date_gmt":"2024-08-12T20:11:36","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=44444"},"modified":"2024-08-14T10:26:01","modified_gmt":"2024-08-14T14:26:01","slug":"the-mac-is-a-power-tool","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2024\/08\/12\/the-mac-is-a-power-tool\/","title":{"rendered":"The Mac Is a Power Tool"},"content":{"rendered":"

John Gruber<\/a> (Mastodon<\/a>, tweet<\/a>, Hacker News<\/a>):<\/p>\n

\n

The Mac is a platform where you need to be able to shoot yourself in the foot. Increased protections that make it less likely that you’ll shoot yourself in the foot are, obviously, a good idea. Many of them are downright necessary. But such protections are only undeniably good ideas when they don’t get in the way of sophisticated users using software that requires a high level of system privileges. Then they become a trade-off. There are some power users who’ve been annoyed every step of the way as Apple has increased such protections in MacOS, but I think, until recently, Apple has managed this balance well. MacOS, on the whole, has been welcoming and safe for unsophisticated users while remaining powerful and efficient for experts. But in recent years MacOS has clearly started slipping down the slippery slope of being too protective.<\/p>\n

[…]<\/p>\n

It’s good to be reminded of the software you have installed that requests, or outright requires, access to private data and sensitive hardware APIs. It’s very good to be alerted to any software you might have installed that has acquired such permissions without your knowledge or recollection. […] But it’s infuriating to play whack-a-mole to dismiss a barrage of permission prompts to confirm the same permissions you’ve previously granted to the same software, and it’s even worse when you need to dig three or four levels deep into System Settings to do it.<\/p>\n<\/blockquote>\n\n

As Jason Snell has said, partly this is offensive because the attitude is that you, the user, can never be trusted to know what you’re doing. You can click through the alert after every daily boot for a year, but it will never be enough.<\/p>\n

But more important, I think, is that the system just wasn’t designed with much care. There is no place where you can go to see all the things that a given app is allowed to do. Nor can you see a log of when and how often the app is doing the things that you permitted. And when you do want to grant access, the steps are often obscure, as if to provide an additional hurdle to make sure you really mean it. (And good luck fixing the TCC database if it gets corrupted.) It feels like it was designed, not to help the user understand what’s going on and communicate their preferences to the system, but to deflect responsibility. You were warned, so it’s your own fault if you clicked the wrong button after being bombarded by repetitive dialogs interrupting your day.<\/p>\n\n

Adam Engst<\/a>:<\/p>\n

\n

It’s bad for usability, increases user frustration, and decreases security awareness.<\/p>\n

[…]<\/p>\n

The prompts recur weekly, whenever you reboot, or, as I discovered, when you log out and log back in.<\/p>\n

[…]<\/p>\n

We’ve already passed the point of security alert overload. The first time or two that the Sequoia beta prompted me to reauthorize, I admit that I didn’t read the text of the alert beyond determining that I should click Continue To Allow to capture the screenshot I needed for whatever I was writing.<\/p>\n

[…]<\/p>\n

In none of these cases would extra prompts have made any difference because users had no way of knowing that downloads were compromised or that an app had a new owner.<\/p>\n

By prompting for continued permission, Apple is asking if we still trust previously trusted apps. What would change in any short period of time that would have us reconsider this action? We would need new information to make a different choice. […] The easy answer is that Apple’s security team believes that apps regularly go over to the dark side within a week and<\/em> we will figure that out by getting a prompt to remind us that we have already granted it screen-recording permissions. But that’s patently stupid.<\/p>\n<\/blockquote>\n\n

Christina Warren<\/a>:<\/p>\n

\n

MacOS is still the best desktop operating system but Apple seems content on trying to change that every year as they make decisions that are bad and also diametrically opposed to anything a pro user would actually want.<\/p>\n<\/blockquote>\n\n

Miguel Arroz<\/a>:<\/p>\n

\n

One argument I really can’t understand in the whole permission dialog debate is saying this may be useful to detect software installed by an abusive partner.<\/p>\n

Well, technically yes, maybe, but you all realize that if an abusive partner has administrative access to your computer, it’s game over, right? From that point on you need to assume nothing, absolutely nothing at all that goes through that machine is private. And the permission dialogs won’t change this.<\/p>\n<\/blockquote>\n\n

See also: Accidental Tech Podcast<\/a>, Craig Grannell<\/a>, Luc Vandal<\/a>.<\/p>\n\n

Previously:<\/p>\n