| HN Mirror

I sort of agree with the sentiment behind what OP is saying here, but perhaps not the way he is saying it. I'm not sure if I'd call it "security" as much as "system integrity." The model that Apple has moved to with the signed and sealed system volume is pretty interesting. I didn't even realize how much had changed with macOS until I was hunting around to change the startup wallpaper on Monterey and realized that macOS today is totally different from the macOS I remembered administering many years ago.

UAC on a Mac has always been good, but now there is this new layer that even protects the system from the admin. I think the real risk with Apple's model is that there are these choke points now that, if compromised, can cause truly catastrophic failure—especially because of the false sense of security that's out there. If an Apple update server or signing certificate were compromised it would be a potential company ending event. Other ecosystems are much more fragmented, and there is some resilience baked into that. I remember a few years back when an OCSP server went down and internet connected Macs around the world ground to a halt. You couldn't open any application because it took 10 minutes for the server that verifies its certificate to time out.