There is a HUGE difference between passive secure defaults, which a normal user will never change, and active blocks / overrides that can not be removed.
An example of this is iphone vs android store policy, by default on Android you can not install untrusted APK's or other stores, however inside the phone there is a simply way to disable this block. This is an example of a passive secure default. Where on iPhone it is simply impossible to disable this block
One OS (android) is respecting your ownership rights while protecting the normal users, the other (iOS) is asserting their ownership over the device.
Surely you can see the difference
it is clear that apple intends to bring this type of Active Ownership control to the Mac ARM platform, this is just the first step, a warning shot if you will, of what is to come
Yes. That's why I think while this change is OK as a default, it's problematic to not be overridable -- and even if it was just a default it should be communicated clearly as a change, so those affected (e.g. people relying on VPN under some regime) know about them.
Those people are not the typical user case, but it's an important consideration still.
>An example of this is iphone vs android store policy, by default on Android you can not install untrusted APK's or other stores, however inside the phone there is a simply way to disable this block. This is an example of a passive secure default. Where on iPhone it is simply impossible to disable this block
One problem with this duality is that people will disable the block, and then complain plus have their info/data and those of others compromised etc, when they install malware at the first BS prompt that tells them to do so (to get some cool new game or some pirated stuff).
That is, it's not just those "knowing what they do" that will bypass those kind of defaults....
Apple chose to go with the "Most people don't know what they're doing, and if we allow it they will do it anyway", which is a defensible position. You use their OS knowing that they do that.
But this change now, was not the same kind or communicated as well.
>it is clear that apple intends to bring this type of Active Ownership control to the Mac ARM platform, this is just the first step, a warning shot if you will, of what is to come
If "what is to come" is a machine that "just works", has no malware, but has to get its software from the App Store and/or notarized by Apple, I'm fine with it. And hundreds of millions will probably also be.
Apple was never about tinkerers and customizations, they were always about cohesive, all-in-one, curated -- and that's ever since the Apple II.
It's not their fault that people who don't like this model feel like they have to still stay with Apple.
It's not 1999 anymore. Those days if they broke into your computer or if you got a virus you would lose some useless files and a few hours/day to reinstall your Windows. Nowadays you can lose a lot, and with working from home etc becoming more the norm, even more so...
It is also revisionist history to say "Apple was never about tinkerers and customizations", Apple was born out of the "tinkers" market, and did infact become popular pre-iphone days due to this hacker mentality, to deny this is to deny actual history
Further your comment it it "not being 1999" anymore and if your system becomes infected to the point wher you need to "reinstall windows" you lose alot simply because you are working from home..
I fail to see the connection, today there are far better tools on both windows and make to backup and restore systems.
For windows with OneDrive unless you have a massive amount of custom apps to install it is litterally just logging in to any other win10 computer and connecting your OneDrive to that computer and you have all you files
If you do not want to use Cloud services, Free Agents like Veeam for Windows empower users to backup and restore a complete computer is just a few minutes.
Also to claim mac is "Virus free" is moronic, and implies a level of security that is not really warranted, Mac like Linux is security through obscurity, Windows still has a 90+% market share, so of course threat actors will target windows more. Apple Mac is not target simply because there is not enough people to justify the investment.
As Mac's have become more popular, the number of threats have increased, and has shown Apple is not this secure enclave simply because they are Apple, they are secure simply because no one cares enough to target the platform,
Go read the feature list of Copland to see how much "tinkers" market they cared about.
I was there in the pre-iPhone days, and Apple was never about the "hacker mentality".
In the early days (and up to now) it was all about "computers for the rest of us" (as the slogan famously said, which is also what the 1984 ad was about -- freeing computing from being a serious/enterprise/business affair, not about hacking ideal - the target was IBM and the PC).
During the Jobs-ousted era (Scully etc), it was mostly about selling expensive boxes to vertical markets (printing, design, and so on).
Their first popular post-Jobs products were the all-in-one iMac, the powerbooks, and of course, the iPod. And they always insisted on the vertical integration (they make the hardware and OS/basic software) - with the brief pre-Jobs exception of the Mac-clones, which nearly killed the company.
>I fail to see the connection, today there are far better tools on both windows and make to backup and restore systems.
It's not about backing up and restoring, it's about third parties getting access to your documents, data, personal pics and videos, account passwords, files, etc -- which today are a much larger and more important part of your life and business than it ever was.
>Also to claim mac is "Virus free" is moronic, and implies a level of security that is not really warranted
I didn't claim it, but now that you said, I will: Mac is, if not virus free, effectively virus free, and can be even more so. There has not been any major outbreak for the Mac (tons for Windows). The biggest outbreaks were confined to sub-10% of users, and were invariably trojans, not viruses (users had to actively run them).
>Mac like Linux is security through obscurity, Windows still has a 90+% market share, so of course threat actors will target windows more. Apple Mac is not target simply because there is not enough people to justify the investment.
That's an old fable that doesn't hold. In the 90s, when the Mac (Mac OS then, pre-OS X) had 2% to Windows 98%, it still had tons of viruses.
And of course iOS has 0 or no viruses and malware, whereas Android has a ton, and there are not only close (30-40% to 60%) but also richer people on the iOS phone side to justify resources. It's just more secure, for various reasons (and no side-loading is one):
https://www.pandasecurity.com/en/mediacenter/mobile-security....
