1. 21
  1. 9

    One thing this announcement makes obvious is that Apple marketers see macOS primarily as an application suite. They don’t mention system-wide changes like security improvements until the last quarter of the page — it’s all about the apps.

    1. 9

      Or most users/most of the target audience does not care about OS changes. E.g. my dad is also a macOS user – he probably cares more about that iTunes is now split in several apps, or what changes there are in Photos, than that developers have to do notarization or that macOS supports and will migrate to user-mode drivers.

      Of course, the OS changes will benefit users, but they are harder to explain.

      1. 1

        iTunes is now split in several apps

        LOL what? How can a music player be this complicated?

        1. 4

          iTunes was where Apple used to dump anything iPod related, and it was a bit hairy as a result. Now each function is broken into its own application or folded into Finder.

          1. 2

            There was a point (it may still be true; I don’t use XCode anymore) where updating XCode required quitting iTunes because… iTunes had a dependency on XCode?

            The mind reels.

            1. 1

              Round and round we go.

            2. 1

              You have no idea.

              1. 1

                I don’t. That’s why I use Linux.

          2. 2

            Users shouldn’t have to think about technical things like security improvements

            1. 4

              They really should, though.

              1. 2

                They should publish it somewhere, but not here. This is not a technical document. This is a marketing piece aimed at non-technical consumers.

                1. 1

                  Stop dividing users by “technical” and “non-technical”. Also, he’s right - rising security awareness in a gentle yet sill informative way should be a top priority for company which people rely on so hard.

          3. 8

            The MacStories review is up - that’s the closest to the old Siracusa ones I’ve seen, FWIW.

            1. 5

              I’ve never owned a mac or used one for more than a few hours - and still I often read (or at least skim) those release pages - they are really good, imho.

              Or maybe I’m just an average Linux user that dreads updates in the desktop environment of choice because something will absolutely break and of course a team of 10 people won’t have the resources to test, let alone use the marketing machine this billion dollar company company has.

              1. 6

                Over the past year or so I have switched from using macOS on the desktop 90% of the time to using Linux 90% of the time. People always complain about the degradation of QA in macOS (which is definitely true), but they have still nailed desktop stuff much better than other platforms. macOS simply has fewer papercuts. E.g. on Linux GNOME Calendar still does not reliably sync my work CalDAV calendars, I usually get a random subset of the calendars, whereas on macOS it has always been completely reliable. Or when my Linux desktop wakes from sleep, 25% of the time my Microsoft Natural Keyboard keyboard comes back unusable (repeats characters, etc.) until I plug and unplug the USB connector, and 5% of the time I have to restart the machine for the keyboard to work again. Never happened on macOS.

                If I could only manage macOS completely using Nix, have user namespaces, Docker/podman, and the millions of other developer conveniences that Linux has. ;)

                1. 2

                  If I could only manage macOS completely using Nix

                  Have you looked into nix-darwin at all? It’s not able to specify the entire system the way NixOS does, since it’s just sitting on top of macOS, but it does look like it lets you configure a lot of things in one place. (Disclaimer: I haven’t tried this yet either!)

                  1. 1

                    Yes, I use nix-darwin. It’s really handy for settings that normally require a lot of defaults invocations. I don’t really use it for system-wide package installation, since I use home-manager for configuring my environment in Linux and macOS.

              2. 5

                Some devs are not very happy with that new notary thing.

                1. 4

                  It only applies for binaries downloaded with the browser. Anything on a game launcher or similar is already unaffected.

                  1. 1

                    Isn’t it related to every executable (and kext) that is being built by every developer?

                    1. 3

                      No. it’s only related to binaries marked as quarantined. It’s up to the transferring application to set that extended attribute. Compilers don’t. Browsers do.

                      Stuff you build for yourself is unaffected. Same goes for whatever pre-built binary brew downloads.

                      1. 1

                        Compilers don’t. Browsers do.

                        The Notary service does it. Not the browser. The browser (well, only Safari AFAIK) leaves a note so that the OS can tell you where a document, file or binary came from. But that is not the notarization process. That happens on Apple’s servers. You have to send your app to the Notarization API and you will get back a binary that has some special signed meta data attached.

                        If it were as simple as the browser adding this then every piece of malware would be doing that.

                        Note that this does not cost money. You don’t need a $100 developer subscription. All you need is an Apple ID.

                        1. 1

                          I was talking about setting the quarantine xattr. Unless an executable has that flag set, the OS will execute it even when it’s not signed.

                          Of course notarization has to be done by Apple and not each user individually. That was the main goal of the change.

                    2. 1

                      I don’t get it, how is downloading a binary with a browser different than a game launcher?

                      1. 3

                        Game launcher (e.g., Steam) is verified. It’s now Steam’s job to police the contents of their platform. If they fail Apple can blacklist Steam for everyone at a moment’s notice, so Valve is incentivized to not ship malware through Steam.

                        1. 2

                          Browsers set the gatekeeper flag, game launchers don’t. It sounds stupid.

                          1. 0

                            Browsers don’t set any flags.

                            1. 2

                              http://ix.io/1Y1C

                              I beg to differ

                              1. 1

                                Yes but this is not used by Gatekeeper to decide whether or not to run a binary. This is just for the notification you will see in the Finder when you open the app. Notarization is a signing process. If it were just as simple as adding some meta data to a file then every piece of malware would be doing that.

                    3. 4

                      Excited to upgrade to Catalina when .3 comes out. Give it until next year and wait for the extremely exciting bugs that inevitably will pop up.

                      1. 2

                        My keyboard is entirely broken on this release. There are periods where it just decides to type everything twice (fulfull words or sentences). This also applies to keyboard shortcuts, so sometimes I close more tabs than I thought I would.

                        https://apple.stackexchange.com/questions/371897/duplicate-keyboard-input-after-upgrading-to-macos-catalina

                        1. 1

                          Update: It was Wacom’s fault. If anyone else has this issue, uninstall Wacom drivers.

                        2. 1

                          What’s the story behind the name? At first I mistook it for the Roman senator Catilina, which would be a weird reference.

                          1. 3

                            It refers to an island off the coast of California, keeping with the theme of California names (Mojave, Sierra, Yosemite, etc)

                            https://en.wikipedia.org/wiki/Santa_Catalina_Island_(California)

                          2. 1

                            iTunes used a different format than the new Music application uses, so DJ applications no longer work completely as they did.

                            https://www.theverge.com/2019/10/7/20903391/apple-macos-catalina-itunes-dj-software-breaks-xml-file-support-removal-update

                            1. 1

                              Despite some small issues this is by far the best macOS release for me.