[sunny_sigara]

Most annoying problems so far..

1. Screen-recording permission once every week ?

2. No more sudo spctl —master-disable. Alternative way is bit complicated.

2. No more control+ click to bypass gatekeeper.

3. Why tcutil reset Accessibility not working for a specific app? It works for “All” .

4. Script to convert NSURL node ref url to posix url not working.

5. Normal usb Mouse pointer acceleration is not smooth. May be need to re tweak those again.

Anything else ? Otherwise all good.

[ericol]

Thank you for this. I'm not an advanced user but I do use some advanced features, and having to fight the OS in order for it to make what I want is not in my list of desirable "features".

Will delay this update as long as possible.

[ilrwbwrkhv]

> macOS Sequoia, the latest version of the world’s most advanced desktop operating system.

From their opening sentence in that press release. Lol.

[kemayo]

> 1. Screen-recording permission once every week ?

Every month.

(Which is still annoying, but not the raw level of frustration that weekly would be.)

[gorkish]

Do you still have to quit and restart the entire application after you give the permission? Holy shit mac users are gonna become a meme in meetings.

MacOS is turning into quite the poo log lately. I respect that Apple has every right to completely destroy the legacy of the Macintosh, but they are slow playing it so that it's just a little bit better than the alternatives. The end result is my life gets just a little bit more difficult with every release.

I feel like the freaking frog on the stove while the water slowly heats up. When is it time to jump out?

[iknowstuff]

Lol calm down its only for apps which failed to upgrade to their new window selector API.

[jonathanyc]

Ironically, the last time I checked, the built in screencapture command-line program hadn’t been updated to use ScreenCaptureKit yet. The company I was contracting for ended up shelling out to it because its window picking UX was a lot better than ScreenCapureKit’s. (You can’t do this if you’re sandboxed, though, AFAIK).

[gcr]

Which major apps (chrome, google meet, zoom, tuple) have actually done so yet?

[nl]

Zoom and Chrome both seem fine

[ezfe]

That requirement doesn't apply to most apps even though it says it does. Zoom/Teams/Slack all pick up the permissions immediately.

[OJFord]

Slack seems to randomly lose microphone access (whether permissions or not) requiring restart anyway, so doesn't really help.

And unless that's really recent, no, I have colleagues drop out of Teams meetings to enable microphone or screen sharing access all the time.

[ezfe]

Yes because it says you have to. The system claims it won't work, but it works fine.

[latexr]

> I feel like the freaking frog on the stove while the water slowly heats up. When is it time to jump out?

Whenever you feel like it. Just like frogs do:

> While some 19th-century experiments suggested that the underlying premise is true if the heating is sufficiently gradual, according to modern biologists the premise is false: changing location is a natural thermoregulation strategy for frogs and other ectotherms, and is necessary for survival in the wild. A frog that is gradually heated will jump out.

https://en.wikipedia.org/wiki/Boiling_frog

[Elidrake24]

You do not, providing you have given permission previously. Most Video Conferencing solutions have you test your hardware prior to joining a call, so shouldn't be an invasive issue.

[tl]

> I respect that Apple has every right to completely destroy the legacy of the Macintosh

I disagree. Apple's various machinations to control the best available supply lines (deals with TSMC, etc...) make me feel quite entitled in saying what is and is not acceptable behavior on their part. This feeling amplifies with every "courageous" announcement they make sunsetting some useful feature they no longer feel like supporting.

[seec]

I would also add that since Apple chose to lock their software and support of various file format/data storage to their own hardware solely; they have a responsibility toward their longtime customer to provide a good long-term experience. Otherwise, the only "solution" is to get stuck in time at a particular OS release and it doesn't work in IT for many different reasons.

There is a large difference in computing devices versus other simple objects, in that they need software and software can change which is problematic but should not be a problem for the customer/user...

In my opinion Apple is largely failing at providing a worthwhile platform, when they don't just discontinue stuff for their bottom line, most of the changes are for marketing reasons or increasing lockdown to extract more money from customers.

There is not a whole lot of useful stuff that have been added in the last 5 OS iterations but a lot of major annoyance or downgrades/roadblock/complications for usage, etc...

[valval]

What a pompous and annoying message you’ve written. Apple is one of the most successful businesses in the history of the world for good enough reason — providing value to customers.

[mystcb]

> Do you still have to quit and restart the entire application after you give the permission?

The funny thing about this, even on Sonoma - I could click the button to allow it, when it said "restart app" I closed the box (or clicked cancel), and it worked anyway. Specifically, I noticed it more on things like Teams/Zoom where I was doing a screen share, it just "worked" - no need to restart the entire application.

[e40]

And how are our parents going to do this without us being there? It once took be 3 hours to accomplish it with my father. He’s 3000 miles away but it was only marginally better than a plane trip.

[clumsysmurf]

Seems that bclm no longer works

https://github.com/zackelia/bclm/issues/49

I had to start using it because macOS insisted on keeping my battery charged to 100% no matter what I did, and that can damage the battery.

[illiac786]

Doesn’t optimised charging ensure it’s not always at 100% natively?

Additionally, AlDente is even better than the native battery management.

[clumsysmurf]

When I first got my M1 mac, optimized charging worked OK. Eventually it would settle at 80%. But since macOS 14.6-15.0, it's always charging to 100% and staying there no matter what.

Luckily, I gave 'battery toolkit' a try, and it has been working great:

https://github.com/mhaeuser/Battery-Toolkit

[clumsysmurf]

Edit: Seems like its also broken on 14.7 now, battery went straight to 100%.

[robinsonrc]

macOS is very gradually moving in the wrong direction for me. I never really saw myself considering desktop Linux again but I’m almost starting to get excited by the idea. For now I’ll just hold off on the update as none of it seems particularly compelling, especially as a happy Rectangle user (with all its key bindings nicely isolated from macOS preferences and synced along with the rest of my dotfiles)

[rahen]

I feel the same and decided my next update would be to Asahi (Fedora or Ubuntu). I switched from Linux to macOS a few years ago, but I never really felt like I was the target user for this environment. It always feels like I have to adapt to the walled garden of Apple's ecosystem, rather than it adapting to me.

[thisislife2]

The iShittification of the Mac platform continues ... I predicted this a long time ago when Apple released its first Mac mini with soldered SSD. Then the ones with security chip. And now we have soldered RAM + SSD behind a custom SoC that can only run macOS (yes, it is a macOS only system despite the PR of "ARM Linux / xBSD on M1+" because all these are crippled version of OS that cannot fully exploit the hardware because there are no literature on it for system developers, and they have to literally reverse engineer at a slow pace to make the OS run on it).

As the hardware iShittification continued, macOS too was also being slowly stripped of features to ensure Apple controlled your data and what you could run on it. Support for independent Kernel extension (outside of Apple's control) was removed mainly to cripple existing independent Application Firewall and virtualisation software. Apple-made OS APIs for these were integrated to the newer macOS and offered as replacement to ensure Apple controlled how Application Firewalls and Virtualisations should / would work on macOS. (Such restriction on the kernel extensions for independent system developers is also meant to prevent support for other filesystem, like ZFS for example - the OpenZFS project is maturing fast on Linux, Windows and macOS and can be a game changer as its usage has the potential to "free" our data from a closed and controlling ecosystem, to be used on any platform of our choice.

Whether you are a developer or a user, a "consumer relationship" with Apple feels like a relationship with a controlling and abusive spouse who repeatedly gaslights you that you are imagining things and are the one at fault because "you just don't understand them".

[n42]

> No more control+ click to bypass gatekeeper

Can someone expand on this? How do you run software that isn't code signed?

[frankjr]

> The right-click/control-click option for easily opening unsigned apps is no longer available. Users who want to open unsigned software will now need to go the long way around to do it: first, try to launch the app and dismiss the dialog box telling you that it can't be opened. Then, open Settings, go to the Privacy & Security screen, scroll all the way to the bottom to get to the Security section, and click the Open Anyway button that appears for the last unsigned app you tried to run.

https://arstechnica.com/gadgets/2024/08/macos-15-sequoia-mak...

[veeti]

Oh, but I was assured by Cupertino sycophants that you "just" need to CTRL-click open an unnotarized app and there is no protection racket for distributing apps, no big deal. The frog continues boiling.

[Pesthuf]

One huge step closer to iOS. Damn it. I actually liked macOS but these changes are terrible for everyone but the most basic users.

[simonask]

Really? This is _huge_ to you? How many unsigned apps are you downloading and running?

This is one of those features where the benefits seem to very obviously outweigh the drawbacks. 99.9% of users just aren't running unsigned software, so the moment that happens, it is most certainly malware.

If you're developing software yourself, this isn't an issue either, since all the relevant toolchains, debuggers, etc., work just fine under this model. That's a supported workflow. The only thing that isn't supported is downloading some random unverified app bundle from who knows where and treating it as if you could trust it. You 100% can't.

And yes, I also believe that if an OSS project considers "muggles" their target audience, they should prioritize setting up code-signing. Consider it a service to their users. If the fee is a problem, it's important enough to spend the effort to find a way to finance it. If you can't find someone who is willing to put their name on it, you shouldn't ask people to run your software on their machines in the first place.

[mort96]

> How many unsigned apps are you downloading and running?

For me, quite a few? Internal tools at work, open source projects which publish builds on their github, that sort of stuff.

(And no, paying Apple a yearly subscription for the privilege of letting users run an app is not a reasonable expectation of small open source projects)

[samtheprogram]

Yeah, but you only need to approve an app once. I think I Ctrl+Open an app like once a quarter on average, sometimes going most of a year. This really isn't a big deal.

[throwme_123]

Just tell these advanced users to compile it themselves.

Problem solved.

[jezek2]

As a creator of a programming language that can compile binaries of any supported platform from any platform it is an unsolveable problem.

I can't do the signing as it requires Apple stuff. Not to mention it is unethical to require it as it's used for gatekeeping not just security (requiring Apple to decide if you can run an executable is unacceptable).

Compare it to Android where you can use self-signed certificates and it has an actual function, it allows updates signed with the same certificate to access the existing stored data on the device. It improves security without gatekeeping. At least that was on the older Androids, haven't done work on any newer ones.

I can't do some kind of universal launcher that is signed by me because it would allow to run arbitrary code and therefore it would be banned.

Therefore the only solution is to search for various workarounds (eg. by teaching the users how to run the software) or if not possible anymore stop supporting newer versions of MacOS and rely on web applications to support the platform (like it's the only way on iOS).

Which would be even worse on the desktop as the usability can be quite bad, but at least users would have some chance to use the applications even on their closed system.

[simonask]

I hope you're able to see how your use case is incredibly niche, and should not be a priority for a general security model for an operating system.

Your problems are extremely insignificant in the big picture, where the priority of a serious operating system should be to support regular people in avoiding malware and malicious social engineering. macOS is a general purpose operating system, not a hobbyist or tinkerer OS, and the vast majority of its users are non-technical.

I get that it's annoying, but pushing the work on you is a massive benefit to your users.

[shepherdjerred]

You can sign macOS executables without macOS hardware

[eviks]

> How many unsigned apps are you downloading and running?

Enough for this to be annoying. Plenty of tiny tools don't pay for the privilege of doing free work, so aren't signed

> This is one of those features where the benefits seem to very obviously outweigh the drawbacks. 99.9% of users just aren't running unsigned software, so the moment that happens, it is most certainly malware.

You're obviously wrong with your made up stats (you don't need to be a power '1% user to want to install some a single useful unsigned app over the whole lifetime of using a Mac) and ignore the fact that part of the reason why it's 99% and not 88% is precisely because of features like this that make it harder to do so.

But there is an easy way to reconcile - make the old behavior configurable then the imaginary nonexisting 0.0000% users can continue without permanent disruptions

[Pesthuf]

Quite a lot apparently considering how often I have to bypass gatekeeper.

I don't really see how the average user is positively affected by these changes - it's not like they will accidentally open terminal and enter random strings infinite monkey theorem style until they hit sudo spctl –master-disable. Ctrl-click was at least possible to stumble over, but I see no good reason not to at least provide a .plist setting to re-enable that behavior. Except to bully more devs into getting signing certs.

[simonask]

The problem is not - and has never been - accidentally stumbling on insecure features. The problem is social engineering, where inexperienced users are guided by malware operators to run insecure software, either over the phone or through countless malware sites on the web that claim to solve their problems.

These are real, tangible risks.

[raxxorraxor]

> This is one of those features where the benefits seem to very obviously outweigh the drawbacks

That has never been true. Neither for pro- nor casual users. This might be good for the bottom line of Apple, but I doubt that too, since they squander their reputation. This is non-engineers calling the shots, just like Jobs warned us about.

I do run quite a few unsigned apps and I don't even use a mac that often. This is just stupid...

[pxc]

> This is non-engineers calling the shots, just like Jobs warned us about.

Link to the talk or interview or whatever where he talks about this?

[__jonas]

My god, I had no idea there was a shorter way than that, can't believe I'm finding this out just as they remove it, so annoying!

[mmmlinux]

Yeah same. Ive been doing it the long way for years apparently.

[IshKebab]

We're getting closer to the bottom of the slope! I wonder what their next step will be.

1. Need to disable gatekeeper to run unsigned code. 2. Need an active developer account. 3. You can't run downloaded unsigned code.

[api]

That's when I think about jumping ship. If they require the App Store that's the end.

[deafpolygon]

They can't, and they won't. Just look at the upcoming changes being forced on iOS in the EU with sideloading.

[raxxorraxor]

If these features need to be forced by legislative action, the product itself is probably shit. And most importantly, not in the interest of users, like some like to argue.

[IshKebab]

Apple doesn't have a monopoly on Mac (or they're not a "digital gatekeeper" or whatever) so that wouldn't apply there.

[ryandrake]

If you zoom out and look at the trajectory release after release, all of these things are obviously coming. Every release we act surprised that it's slightly more difficult to run unsigned, un-notarized, un-sanctioned code, but somehow that Voice Of The Fanboy within us has us convinced that "surely this last change is where Apple will draw the line and stop!"

[schrodinger]

dev machines are their bread and butter though! if they were going to have done this and merge iOS and macOS, I think they'd (stupidly) have done so.

[jezek2]

Yeah, but such concerns are from a long ago and it didn't happen yet. So the best approach is (and has been) to just support the platform until it is not possible anymore and don't be emotional about it. We just know that one (still quite distant) day it will happen.

Then the usage of the platform will end for many users & developers. One could still live a quite long time on the older systems to ease the transition out.

[weaksauce]

at least it's still possible (and maybe more accessible) if not a bit more inconvenient. the ctrl-click thing was kinda a hidden feature.

[whywhywhywhy]

lets stop pretending this is anything other than trying to make apps that don't pay $100 a year feel scary.

[quesera]

Are you suggesting that Apple is making it less convenient for users to run unsigned binaries, because they want to increase developer program revenue?

[rpdillon]

Not developer program revenue. At every turn where they have a choice, Apple does the same thing: sell devices increasingly locked to their own ecosystem, and sell it as a feature to protect folks. This strategy works really well: they actually have folks arguing that giving all Apple users fewer choices is a feature.

They have been ratcheting down on freedom in OS X (and then MacOS) since 2011 or so when I stopped using Apple for personal use. The introduction of the Mac App Store, subsequent lackluster performance, and introduction of scary warnings about running unsigned code in MacOS tell most all of the story. This latest update is just another step in that direction, making running unsigned code that much more difficult. The obvious endgame is to raise the next generation of Mac users to only use the Mac App Store for software, effectively replicating the golden goose that the iOS App Store has proven to be.

[smsm42]

Yes. Not only, though. Mainly they are making it less convenient for users to run unsigned binaries because being an universal gatekeeper for the whole platform and being able to control every binary that runs on it is an incredibly lucrative position, and Apple wants to be in this position. This is, of course, completely contrary to the interests of the users, but what they are going to do?

[drexlspivey]

Don't Windows do the same? I feel like every single program I run, signed or unsigned, a dialogue pops up where I have to give permission.

[makeitdouble]

This change is about macos removing the pop up altogether so you need to go dig into the settings to give permission.

[lokar]

They don’t care about the money

[nozzlegear]

Wouldn't they just make it impossible to bypass gatekeeper in that case?

[wpm]

Precisely the kind of hidden feature that makes it easy for power users to bypass the "rules" Apple imposes on the platform, while still making it highly likely every day users won't know how to bypass the rules meant to protect them.

More and more, I find that these sorts of "we know best" attitudes towards security utterly distasteful and the total opposite of empowering. Infantilizing, more like.

[schrodinger]

I want that for my mom on her macbook pro. had an ipad, prefers laptop form factor.

What I'd like is upon setup it asks if this is a dev machine, and change the preferences.

[raxxorraxor]

These rules do not protect the normal user. At some point they fail to install something they want to have and then my phone rings because their OS is shitty.

[smsm42]

Wow, this is really hostile design. They obviously know they can't ban third-party software on macos like they did on iphone, but they surely intend to come as close to it as possible, and make it as inconvenient as possible to install any.

[deafpolygon]

Weird, that's been how I was doing it ~4 years ago before I switched to Windows for a while.

[nailer]

Same nightmarish UI path as installing an app store on an iPhone.

[captaincrowbar]

Does the command line to remove the quarantine flag (xattr -d com.apple.quarantine filename) still work?

[lapcat]

Yes.

[givinguflac]

From the same place is system security settings you could always approve it, bummer about ctrl click though.

[crindy]

Before this update you could hold control and click the application, then select "open" from the menu. It would give you a warning and let you confirm you'd like to run it anyway.

[deergomoo]

I’m having difficulties with the keyboard shortcuts for the new window snapping stuff. My desk keyboard doesn’t have a Globe key (like most non-Apple keyboards), but the shortcuts don’t work with Caps Lock remapped to Globe. It doesn’t work with the MacBook’s built-in keyboard either, so I think it’s a bug rather than an issue with my keyboard.

[josephd79]

aerospace tiling app is the bees knees.

[Hamuko]

Apple locking down the OS even more by making Gatekeeper harder to bypass makes me want to skip this version for as long as possible.

The screen recording permission thing also doesn't help since I'm using Ice (https://github.com/jordanbaird/Ice) because somehow Apple still can't Sherlock this feature.

[user3939382]

The way it's even implemented now is like the nightmare realized from everything Richard Stallman warned about for decades. Especially for non-technical users, they've practically implemented a system where Apple decides what software you are and aren't allowed to run on your own computer. They can muddy the issue by claiming it's for safety/security but I don't buy it. They could have made the override still clear but much easier to access.

[chongli]

Especially for non-technical users, they've practically implemented a system where Apple decides what software you are and aren't allowed to run on your own computer.

For non-technical users the choice is simple: either Apple decides what is allowed to run on their computer or cybercriminals do. After years of getting burned, non-technical users made their choice. I think it was the right one but the jury's still out for the future.

Perhaps one day these users will get squeezed out of computing entirely. That will be a terrible shame. The same thing is playing out with everything else though. Look at cars and household appliances.

[willtemperley]

It’s still perfectly possible to run whatever you like on Mac via virtualisation, which Apple have tried to make easy with a reasonably decent API

[simonask]

Also, let's not fool ourselves. I'm not sure even most technical people running macOS or Linux would know if they had malware running. I probably wouldn't. It's not like antivirus is commonplace on those platforms.

The notion that you can reasonably have knowledge of and control over all the software that is actually running on your machine has not been realistic for decades.

[AStonesThrow]

My router was pwned, not once but possibly 3 times, and the major compromise I only discovered due to the third-party DNS filtering service I'd set up on it. It is practically impossible for any consumer to detect a compromised router, due to their embedded systems and lack of meaningful logging or diagnostics. Therefore I concluded that consumer routers are the weakest link in anyone's home network, and I was pleased as punch to begin renting one that my ISP manages. Peace of mind indeed.

My Windows 10 box became so bogged down that I was convinced it was running some undetectable malware. AV detected nothing, but after a critical look at open ports I just decided to wipe and go to Windows 11.

Here are some of the biggest risks today. Running third-party apps at all, unless they are absolutely necessary. I try to do everything possible with Google-provided apps within the Google ecosystem on my Android phone and the other devices as well, which limits the third-party attack surfaces. My Windows machine runs practically nothing outside of MS or Google. I don't need to.

Other big threats are beyond personal devices at this point. Connecting third-party SaaS to your accounts is a real problem. Facebook, Google Workspace, Slack, GitHub, any service that acts as a platform and runs third-party integrations, that's where you'll get bitten nowadays, and your local AV scans are powerless to shield you from footguns. Just to use HP printer features, HP wanted full, unscoped, read/write/delete access to my Google Drive!

Everyone's "hacked Facebook account" has really been just some stupid game that went rogue. Supply-chain attacks through browser extensions and the rest. Extremely difficult to police from the end-user's position, but deadly and dangerous, because they're out on the net and in the cloud.

[doodaddy]

I’m a fan of Stallman and his ideology toward computing as much as anyone but tend to think that the ship has sailed long ago. We are not living in a world where everyone who touches a computer has the knowledge or skill set to know a good idea from a bad one. Long-gone are the days when our passwords could be blank because the other guy using the system was also a kernel developer. And so unfortunately Stallman’s ideas are mostly a thing of computing utopia fiction.

It’s fine to let the experts worry about securing our systems. The Internet is safer for it. And it’s fine to not think so, too. But for those people, realize that the product may not be for you. That’s why we have a dozen flavors of Linux.

But maybe I’m just getting old.

[adastra22]

Anything you compile on your own system you can run. This only affects downloaded binaries.

[chongli]

Yes, so we should move to a source-based package manager and build system, like FreeBSD ports.

[adastra22]

There are plenty of options for that on macOS, the most common being homebrew and MacPorts.

[Hamuko]

Homebrew defaults to downloading binaries.

[IshKebab]

Thanks for confirming the nightmare.

[steve_adams_86]

I mean, you can download source if you want to run it. It isn’t a complete nightmare yet. I think we’re still in a grey area. This will help some people still, though it’ll definitely hinder others (myself included).

Once you need to be in the apple developer program to build and run from source or something, that’ll be a legitimate nightmare. But we’re nowhere near that yet.

[ryandrake]

> Once you need to be in the apple developer program to build and run from source or something, that’ll be a legitimate nightmare. But we’re nowhere near that yet.

When Quarantine was released in Leopard, and Gatekeeper in Lion, and System Integrity Protection in El Capitan, and then "Allow from Anywhere" was removed as an option in Sierra... Each time, people were saying similar things. "Yea, it's bad, and it's getting consistently worse with every release, but surely we are nowhere near 'really bad' yet!"

[skrrtww]

> Once you need to be in the apple developer program to build and run from source or something, that’ll be a legitimate nightmare. But we’re nowhere near that yet.

This is the case for building and running things with restricted entitlements and system extensions.

Unless you disable system integrity protection entirely, which locks you out of your purchased App Store software, DRM content, etc.

[adastra22]

Care to explain the nightmare to someone who seriously doesn't get it?

I can run any open-source software I want. Other people can't run my precompiled binaries unless I opt into an attestation system that lets the OS respond to and pre-emptively block binaries from developers found to be issuing malware. Open source is unaffected.

I seriously fail to see what is wrong here.

[int_19h]

That would kill a lot of old software, though. Especially games.

[conradev]

> They could have made the override still clear but much easier to access.

The level of difficulty is absolutely intentional. For you, it's a small speed bump. For the guy on the phone with my grandma trying to hack her computer, it's more of a hill to climb.

[kcb]

Yea, i too want my pro device designed around my grandmas use case. Make sure we think about the children too.

[raxxorraxor]

And it is not even true and pure FUD. The most widely spread attack surfaces are different today, people wouldn't try to install malware on your machine.

And even if, we had issue with malware infecting iPhones like Pegasus. Locking down environments with these specific mechanisms isn't improving security.

[wpm]

Grandma probably needs an iPad.

[raxxorraxor]

Jobs too for that matter. Seems he wasn't able to protect his own company from idiots either.

Not that Microsoft doesn't salivate about such "improvements" as well.

[NotPractical]

I tend to not really care about these things as long as powerusers have a way around it. Yeah, it'd be great if everyone was technically literate, but most people simply don't care to be, and I think that's okay?

IMHO there's a huge difference between no freedom for anyone (iOS) and secure-by-default, freedom only for powerusers (macOS / Android / Chromebooks / ARM Windows devices) ¯\_(ツ)_/¯

[iknowstuff]

the permission for screen access is only for apps that failed to start using the new API where the OS lets the user select a window/screen they want to share.

[latexr]

Like Apple’s own screencapture command-line tool.

[lostmsu]

Can I do it once and for all, or will I have to do it every time?

I bet I know the answer.

Did this conveniently break Rewind AI?

[threecheese]

Not sure if it is broken, but I took the opportunity when upgrading today to say No and just disable it. The product is EOL anyway, there are a few upstarts in the open source world, and I am hoping the best for Apples on-device SLMs (or oss ones) mooting the requirement for OpenAI.

[lostmsu]

What do you mean EOL? I see nothing of the sort on their website.

[gcr]

again, i keep asking: which apps have actually switched to the new screen sharing API and which apps have not?

does zoom, chrome, google meet, etc still require this?

[gareim]

You sound entitled, phrasing it that way. No one owes you an answer here. Discord updated to the new API already, as one example.

[nozzlegear]

Of all the apps I use that record my screen, literally all of them have updated to this new API ages ago. That includes Discord, Slack, Teams, Zoom, FaceTime, OBS, and Safari. I want to say that Firefox has as well but can't remember for certain.

[nailer]

Is there some way to get things like strace working? Recently it's got weird and strange with the OS protecting me from myself. Or content makers from me breaking their DRM. Or something.

Some app tries to open a file and fails. Doesn't tell me what the file name is. I just want to see the open() call.

[semiquaver]

Presumably you mean dtrace? strace is a Linux thing. dtrace should still work but you need to disable SIP first.

[nailer]

No I mean strace. There’s no need to learn D just to see syscalls.

[gcr]

How do you bypass gatekeeper now?

How often do you have to re-authenticate your existing binaries?

[ezfe]

The official way, which is by going to the Privacy & Security screen to click the override button

[kccqzy]

No the official way is the control-click. It was suggested by Apple in the UI of System Preferences back in the Mountain Lion days.

https://cdn.arstechnica.net/wp-content/uploads/2012/07/gatek...

[ezfe]

Okay, in Mountain Lion sure. However that phrasing has not been around for a while.

[lostmsu]

Screen recording breaks remote access apps

[wlesieutre]

There's a separate entitlement used for remote access software without the repeated prompts (com.apple.developer.persistent-content-capture), so you basically need Apple's permission to build that category of software now, and open source remote access software is not possible.

So the category of software will still have some working entries (existing players will try to get approved, and probably will), but it's hard to imagine anyone will want to build a new one knowing its viability on modern macOS completely depends on filling out a form and hoping Apple's approval bureaucracy likes you.

Anyone who's used these unusually locked down entitlements know whether you can apply for it before building the software, or if App Review needs to have their hands on something functional first to approve it?

[antfie]

In my experience the app submission needs to be fully functional and then it will be rejected for this reason.

[raxxorraxor]

This sounds like enshitification and transforming MacOS to its far more useless cousin iOS.

Is the gist of it that it got locked down more?