Comment by move-on-by

Comment by move-on-by 10 months ago

17 replies

View on Hacker News

> “As a developer of macOS security tools, it’s incredibly frustrating to time and time again have to deal with (understandably) upset users (understandably) blaming your tools for breaking their Macs, when in reality it was Apple’s fault all along,”

I would like to understand this better. Were there not any beta releases that these companies could have tested with in advance? Or were changes made between the beta and the release that broke things? Or something else?

sephamorr 10 months ago

Per Patrick Wardle, this was well reported to Apple during beta.

https://x.com/patrickwardle/status/1836862900654461270

Reply View 6 replies
  • move-on-by 10 months ago

    Thank you, this makes the frustration in the above quote more understandable. For anyone wanting to avoid the x click:

    > Worth stressing this was reported to Apple before the GA was released (by multiple people, to multiple teams/orgs within Apple) so Apple 100% knew about this, and shipped macOS 15 anyways

    Reply View 3 replies
    • bzzzt 10 months ago

      IMO those Mac anti-virus tools are basically malware exploiting all kinds of loopholes and hacks to get their hands on everything going on in the system. It's a good thing Apple fixes those loopholes and it's not Apple's responsibility to make sure every hack used by these tools keeps working.

      Reply View 0 replies
    • MichaelZuo 10 months ago

      Apple, or at least their teams responsible for answering feedback, rarely ever give substantial responses nowadays, regardless of how well documented the submission was. So it compounds the frustration.

      And this isn’t even the most egregious case, sometimes the bugs are so obvious that they generate multiple hard faults, per hour, logged in Console, on a fresh installation with only the default apps running.

      Reply View 1 reply
  • aaomidi 10 months ago

    Apple is not responsible for ensuring your malware (yes, that’s what I personally consider this software) or even your software runs on Mac.

    The betas are there for you to test your code against future Mac releases. Apple can and probably will take away APIs that your business is built around. Especially when those APIs are actually decreasing security.

    Reply View 0 replies
  • jhbadger 10 months ago

    I'm not a big fan of these tools myself (although like many people my employer insists on them). But still, isn't it the responsibility of the tool maker to make their software work with new OS versions and not Apple's?

    Reply View 0 replies
Spivak 10 months ago

This is the part I'm missing too. Major versions are the time to ship braking changes, did none of these companies bother to test their software that mucks deep in the plumbing of the OS?

Reply View 9 replies
  • 1over137 10 months ago

    It is very typical to file bugs against even the first beta and not see them fixed before GM, or even ever.

    Reply View 0 replies
  • eviks 10 months ago

    They did, reported it, nothing changed.

    It's an OS bug, you can't make it look good by invoking some generic "time to break" principle

    Reply View 2 replies
    • ywvcbk 10 months ago

      Or they fixed a bug/loophole that allowed this software to function?

      Reply View 1 reply
      • eviks 10 months ago

        Or they didn't since this software is supposed to function and has been functioning for all the previous many years/OS versions?

        Reply View 0 replies
  • RockRobotRock 10 months ago

    Is there even an equivalent to WSUS on macOS that lets admins block an update until it's tested?

    Reply View 4 replies
    • salmo 10 months ago

      Yeah. There’s Jamf and similar tools. Companies often block major updates until their 100 agents all officially support it. Oh, and do cool things like not letting you change your background or whatever random settings some admin decides are good.

      Reply View 1 reply
      • ripa 10 months ago

        Yep, a lot of these policies seem to come from some random person scrolling through a list of supported options and arbitrarily making up values that are enforced on people.

        One of our policies enforce that screen savers must start after 20 minutes, and it’s not possible to reduce it (I have my personal on 3 minutes). Or the fact that it will constantly reset the UI notification volume to 100% and speaker output, even though have headphones almost always.

        Infuriating.

        Reply View 0 replies
    • wpm 10 months ago

      There is a configuration profile payload that can stop updates like major version changes for up to 90 days. You cannot stop them indefinitely from appearing in Software Update.

      Reply View 0 replies
    • colechristensen 10 months ago

      Yes, it's called MDM (Mobile Device Management) and lets admins set all kinds of policy on apple devices. There are several vendors out there that implement it.

      Reply View 0 replies