Most active commenters
  • tshaddox(4)

←back to thread

macOS unable to open any non-Apple application

(twitter.com)
2603 points mattsolle | 17 comments | 12 Nov 20 21:00 UTC | HN request time: 1.146s | source | bottom
Show context
elmo2you ◴[12 Nov 20 22:26 UTC] No.25076037[source]
Sincerely and without any intention to troll or be sarcastic: I'm puzzled that people are willing buy a computer/OS where (apparently) software can/will fail to launch if some central company server goes down. Maybe I'm just getting this wrong, because I can honestly not quite wrap my head around this. This is such a big no-go, from a systems design point of view.

Even beyond unintentional glitches at Apple, just imagine what this could mean when traffic to this infra is disrupted intentionally (e.g. to any "unfavorable" country). That sounds like a really serious cyber attack vector to me. Equally dangerous if infra inside the USA gets compromised, if that is going to make Apple computers effectively inoperable. Not sure how Apple will shield itself from legal liability in such an event, if things are intentionally designed this way. I seriously doubt that a cleverly crafted TOS/EULA will do it, for the damage might easily go way beyond to just users in this case.

Again, maybe (and in fact: hopefully) I'm just getting this all wrong. If not, I might know a country or two where this could even warrant a full ban on the sale of Apple computers, if there is no local/national instance of this (apparently crucial) infrastructure operating in that country itself, merely on the argument of national security (and in this case a very valid one, for a change).

All in all, this appears to be a design fuck-up of monumental proportions. One that might very well deserve to have serious legal ramifications for Apple.

replies(35): >>25076070 #>>25076108 #>>25076117 #>>25076130 #>>25076131 #>>25076194 #>>25076232 #>>25076348 #>>25076377 #>>25076414 #>>25076421 #>>25076460 #>>25076514 #>>25076630 #>>25076635 #>>25076649 #>>25076707 #>>25076786 #>>25076858 #>>25076908 #>>25076965 #>>25077109 #>>25077171 #>>25077401 #>>25077488 #>>25077655 #>>25077729 #>>25077764 #>>25077960 #>>25078164 #>>25078511 #>>25078513 #>>25079215 #>>25080127 #>>25108729 #
tshaddox ◴[12 Nov 20 22:59 UTC] No.25076414[source]
> I'm puzzled that people are willing buy a computer/OS where (apparently) software can/will fail to launch if some central company server goes down. Maybe I'm just getting this wrong, because I can honestly not quite wrap my head around this. This is such a big no-go, from a systems design point of view.

The answer is pretty simple: these problems are extremely rare, they don't last very long, and they tend to have fairly simple workarounds. You seem to have a principle that any non-zero chance of being affected by a problem of a certain type is a complete deal-breaker, but most people when buying a computer probably just subconsciously estimate the likelihood and impact of this type (and all other types) of problems and weigh that against other unrelated factors like price.

replies(11): >>25076548 #>>25076582 #>>25076599 #>>25076627 #>>25076657 #>>25076697 #>>25076821 #>>25076877 #>>25076970 #>>25077145 #>>25077228 #
1. Swizec ◴[12 Nov 20 23:42 UTC] No.25076877[source]
As an Apple user of 10 years: I had no idea macos phones home like this.
replies(2): >>25077015 #>>25077266 #
2. amznthrwaway ◴[12 Nov 20 23:58 UTC] No.25077015[source]
It's a certificate check.

I knew and didn't care. If you care, you're going to be real upset when you look at your other alternatives.

That said, I don't think many people here actually care. I firmly believe that most of the people on this site just like to shit on Apple, because they prefer that to trust their privacy to an Advertising company.

3. tshaddox ◴[13 Nov 20 00:30 UTC] No.25077266[source]
That's one potential issue, if you have privacy concerns. But the real problem here is that there's a blatant bug in the phone-home code that causes apps to crash if Apple's servers have a problem.
replies(3): >>25077451 #>>25077637 #>>25078628 #
4. floatingatoll ◴[13 Nov 20 00:52 UTC] No.25077451[source]
“Bug” is an unverified assumption. For all we know this could be a designed outcome.
replies(1): >>25077586 #
5. wtetzner ◴[13 Nov 20 01:07 UTC] No.25077586{3}[source]
Then it's a bug in the design.
replies(1): >>25077763 #
6. akoncius ◴[13 Nov 20 01:13 UTC] No.25077637[source]
simply doing “if server does not respond, don’t check anything” would be bigger flaw in design because that would mean just modify hosts file to localhost or something and the security check would be worked around.
replies(3): >>25077693 #>>25077695 #>>25078292 #
7. Swizec ◴[13 Nov 20 01:20 UTC] No.25077693{3}[source]
This is how you could make Photoshop free back in the day. Add their stuff to /etc/hosts and voila
replies(1): >>25078370 #
8. tshaddox ◴[13 Nov 20 01:20 UTC] No.25077695{3}[source]
But Macs already work fine with no internet connection, and apparently modifying the hosts file does resolve this problem.
9. floatingatoll ◴[13 Nov 20 01:28 UTC] No.25077763{4}[source]
I would accept "flaw", "incorrect choice", or "mistake". But if they considered it, and chose this path, knowing full well this would happen, that's not a bug.
10. theonemind ◴[13 Nov 20 02:57 UTC] No.25078292{3}[source]
Doesn't this bigger design flaw you describe apparently exist? I (and many others) did exactly that to get our machines responsive again, ocsp.apple.com 127.0.0.1 in the hosts file.

I don't understand what you mean.

11. notnap ◴[13 Nov 20 03:09 UTC] No.25078370{4}[source]
Modern Adobe cracks are note that different in nature
12. hungryforcodes ◴[13 Nov 20 03:49 UTC] No.25078628[source]
No, I don’t think you should just dismiss the privacy issue. It seems every time I launch an app, MacOS tells Apple. That’s also a REAL problem — and I guess I won’t be buying a Mac again unless the feature can be turned off.
replies(2): >>25078871 #>>25079344 #
13. lukeholder ◴[13 Nov 20 04:27 UTC] No.25078871{3}[source]
Not every time, just the first time an untrusted app wants to run. And there is no information in it but a hash.
replies(2): >>25079364 #>>25080099 #
14. tshaddox ◴[13 Nov 20 05:52 UTC] No.25079344{3}[source]
I’m not dismissing it, just pointing out that it’s completely ancillary to a bug that causes programs to crash.
replies(1): >>25082167 #
15. hackerfromthefu ◴[13 Nov 20 05:55 UTC] No.25079364{4}[source]
Apple has the db of apps matching the hash.

What you said is like saying nothing except a social security number is used to identify you, as if that wasn't linked to the rest of the info about you.

16. jb1991 ◴[13 Nov 20 08:00 UTC] No.25080099{4}[source]
Not in this case. This particular thread is about any app that was not an Apple app having problems launching, regardless of how many times have been launched before. It has revealed that actually every opening of any application phones home.
17. hungryforcodes ◴[13 Nov 20 14:00 UTC] No.25082167{4}[source]
I like this piece to summarize situation:

https://sneak.berlin/20201112/your-computer-isnt-yours/