By John Gruber

• Archive
• The Talk Show
• Dithering
• Projects
• Contact
• Colophon
• Feeds / Social
• Sponsorship

Linked List: November 14, 2020

Saturday, 14 November 2020

A Technical Look at the Privacy Implications of MacOS’s OCSP ★

Jacopo Jannone:

No, macOS does not send Apple a hash of your apps each time you run them.

You should be aware that macOS might transmit some opaque information about the developer certificate of the apps you run. This information is sent out in clear text on your network.

You shouldn’t probably block ocsp.apple.com with Little Snitch or in your hosts file.

Apple should publish information about this system in the excellent — but alas, not comprehensive — Apple Platform Security report, including a clear statement regarding whether they keep logs of these checks. I’m guessing they do not — why would they? — but it would be good to be able to point to a clear statement.

Intel’s Disruption ★

James Allworth:

He might not have realized it at the time, but when Grove was reading Christensen’s work, he wasn’t just reading about how Intel would go on to conquer the personal computer market. He was also reading about what would eventually befall the company he co-founded, 25 years before it happened.

I’m not sure if Intel’s disruption is complete, as Allworth suggests. It remains to be seen if other ARM chip vendors will surpass the x86 platform in performance and efficiency. But it’s starting to look like that’s inevitable — Apple is just far ahead of the pack.

MacOS Big Sur Launch Overwhelmed Apple’s CDN, Which in Turn Triggered a Bug in ‘trustd’ That Ground App Launching to a Halt ★

Samuel Axon and Lee Hutchinson, writing for Ars Technica Thursday:

Mac users today began experiencing unexpected issues that included apps taking minutes to launch, stuttering and non-responsiveness throughout macOS, and other problems. The issues seemed to begin close to the time when Apple began rolling out the new version of macOS, Big Sur — but it affected users of other versions of macOS, like Catalina and Mojave. […]

It didn’t take long for some Mac users to note that trustd — a macOS process responsible for checking with Apple’s servers to confirm that an app is notarized — was attempting to contact a host named ocsp.apple.com but failing repeatedly. This resulted in systemwide slowdowns as apps attempted to launch, among other things.

As a pedantic note (and once again thanks to Jeff Johnson), trustd checks the status of Developer ID certificates, not notarization. But that’s beside the point — the point is that when Apple’s CDN fell down, Apple’s OCSP servers stopped responding, and when that happened many users’ Macs stopped working if they were on the internet.

This lookup is designed to fail gracefully if there’s no network connection at all (otherwise you couldn’t launch apps without an internet connection), but apparently isn’t designed to handle the case where trustd can reach Apple’s OCSP servers but those servers do not respond. Just an embarrassing bug for Apple on a high-profile launch day.

The Mac App Store Promo Animation That Showed Touch and Then Didn’t ★

A Mac App Store animation for a feature promoting Big Sur’s new Notification Center widgets set touchscreen Mac proponents’ hearts aflutter because it clearly showed a hand touching on-screen elements. Apple updated it to remove the hand (and, thus, the entire animated aspect of it). I would read nothing into the original other than that some poor artist working for the App Store had no idea people would read so much into an abstract idea.

Update: Via Jeff Johnson, here’s an older example where the same style was used to show a hand “touching” Mac Safari extensions. This has nothing to do with touchscreens; it’s just artistic license to humanize these interactions.

Joz, Federighi, and Ternus on the M1 Macs – and Cold Water on Big Sur Being Designed for Touch ★

Andrew Griffin scored an interview with Apple’s Mac leadership for The Independent. It’s a good read. This bit on whether Mac OS 11 Big Sur is somehow designed for touchscreen use reiterates my feelings:

This has led to ideas including the theory that Apple had redesigned its new macOS to make way for touch screen Macs. The Big Sur aesthetic borrows from the iPhone and iPad – buttons are bigger, with more space, which numerous commentators pointed out would make them perfect for manipulating with your fingers – but not because of some secret plan to change the way the Mac works, Federighi says.

“I gotta tell you when we released Big Sur, and these articles started coming out saying, ‘Oh my God, look, Apple is preparing for touch’. I was thinking like, ‘Whoa, why?’

“We had designed and evolved the look for macOS in a way that felt most comfortable and natural to us, not remotely considering something about touch.”

Touchscreen Mac advocates can pooh-pooh this on the grounds that Apple executives — having learned from the master — routinely say X is a bad idea, not forthcoming, not something they’re thinking about, etc., right up until the point when they release X and claim it’s a new Apple innovation. But I’ll just point out that Federighi’s remarks here aren’t about whether there should or ever will be touchscreen Macs. He’s just saying what to me is rather obvious when you look at Big Sur — it looks different, yes, but it wasn’t designed for touch.