Hacker News new | ask | show | jobs
by OhMeadhbh 212 days ago
There are objective criteria that macOS definitely fails at. Various government agencies here in the states can't use macs even if they wanted to due to lack of #a11y support or the ability to load their own root cert stores.

I agree with you that for MOST people, MOST of the complaints boil down to "I just don't like the Mac UX," but there are organizations that cannot tolerate the risk of forcing employees to use equipment that doesn't follow even the basics of section 508 or DoD guidance.
3 comments
ricardobeat 212 days ago
That is a quite strange reason, as Mac and iOS have by far the most investment in accessibility of any system. The amount of accessibility features both systems have is bewildering.

Every company using Macs I’ve ever worked for has MDM and their own root certs, that’s basic device management. Are you thinking of something else?

link
astrange 212 days ago
What accessibility is it missing?
link
mrkstu 212 days ago
You can import new roots via Keychain, correct?
link
OhMeadhbh 211 days ago
You can't install roots for all apps, notably the app store. Various government agencies occasionally like to install apps that are not web apps.
link
Aloisius 211 days ago
I'm not sure I understand. What software do they expect to install via the App Store that can't be installed with the Apple's root certificates? Apple signs everything listed on the App Store, does it not?

Also, why would they need the App Store to distribute software signed by their own keys anyway?

link
OhMeadhbh 198 days ago
Assume you're a government agency. Assume you want to install software that isn't in the AppStore. Perhaps some software you wrote yourself. Sure, the security of the system should be based on keying material, but you still don't want the general public to know you're installing Coup d'Etat 2.1 on your devices. And you don't want Apple to know that you're installing Corporate Fiscal Surveillance 1.1 on your iDevice.

It would be nice if you could maintain the many security features that DO exist while at the same time installing apps on your devices you want to install without having to have them blessed by Apple's dev CA.

link
cosmic_cheese 212 days ago
Yes.
link