Why cant Apple use their TimeMachine tech to take a snapshot of the prefs on the existing, then do their image based update, then have it automatically apply the prefs from the timemachine mod-integration?
The richest company in the world can't think different?
They know exactly what files were customized in the previous OS-base-image. There’s a reason the whitelist is a whitelist, rather than a blacklist. Just guessing here, but it’s probably something to do with “iteration speed” vs. QA SLAs made to large enterprise customers like IBM.
In my hypothetical, there’s a set of preferences overrides Apple have been forced by contract to guarantee they’ll validate during their QA process, and then allow the OS to retain between updates. For any other file not forced by contract, they don’t bother with that QA process (“takes too long!”), and so default-distrust the ABI-stability of the file, and so don’t let the OS retain it between updates.
Just my opinion here, but I feel like Apple again doesn't really care about power users. 98% of their users won't be making any customizations like this, so they don't care to spend money working on those "edge cases." Their primary mission is to sell devices and apps to average people who aren't tech geeks. And I don't think Apple cares about general purpose computing. I see MacOS getting closer to iOS with every update, and I'm betting that at some point we'll lose filesystem access and sudo access.
Have you ever been FORCED to upgrade/update against your will for a new release whereby you say NO NO NO - then you make the mistake of falling asleep with your phone plugged into the charger to wake to a forced update to your device?
Yeah - fuck apple - and fuck Jonny Ive - they claim to be the masers of all aspects of designs, but really they're they masters of /r/assholedesign
Their hardware is in the top 70th % - but their UX is IMO <25%
(just look at how many clicks you need to do certain tasks, such as bluetooth. They have a slide-up menu to toggle BT and WIFI - but you have to go to desktop->settings->bluetooth->(toggle it on off/refresh)->find the device-> "cant connect" - Toggle BT on both phone and device -> attempt to connect...
But you cant up-swipe hit BT and have it show you the FN menu on screen.
You cant backup and manage all your prefs via icloud - such that you can apply profiles, save profiles, etc from your device to your linked cloud account and say "I always want my privacy to be thus, these are the networks I trust.
Their photos library mgmt is absolute garbage. You have no photo details available to you.
Their albums are garbage.
There are so many interactions that require like 5x more clicks than they should.
Their screens suck.
Their device accessory ecosystem sucks and punishes you for profit with impunity.
They exploit chinese slave labor.
They try to charge you for flaws in the HW provided (recall the balloon battery problem?
I had a macbook pro CATCH FIRE while I was asleep in bed. They said they "recognize that was a safety problem, but because our engineers (after two months of having the machine) determined that at one time the liquid sensor was set off, we cannot replace your machine EVEN THOUGH IT WAS UNDER RECALL FOR THE CLASS OF PROS THAT WERE RECALLED FOR CATCHING FIRE.
That’s a lot of anger and words over something that, in the grand scheme of things, is so utterly unimportant and almost contemptuously irrelevant.
Things are always a trade-off. There are big positives to keeping the ecosystem on a consistent, new and secure version of iOS. Similar positives apply to MacOS.
The problem I have with your argument, is you assume that my frustration is just over a single device from Apple.
I have literally had every single apple product since the Apple ][e -- aside from their server systems.
I have had every iPhone (even had pre-launch phones from them) since launch up until I stopped at the 6s+ which is the only phone I will ever own from them.
I have a history with apple that is not shallow and I have had ~35 years of judgement against them.
I recall getting into a talk with a fellow engineer at Lockheed where I said "Trust me, Apple will switch to intel procs - and this apple boi almost had a heart attack saying that would NEVER happen...
You already have to reboot into the Recovery environment and disable both System Integrity Protection (with csrutil) and OS root-volume signing (with bputil) in order to even (persistently) modify any of the files in /System now.
Malware can't do that, because there's no way for any executable that runs in the regular OS—and isn't signed by Apple—to get anything to automatically happen over in the Recovery OS.
(That's not to say you can't have persistent malware in macOS; just that it can't persist itself into the OS boot volume. It has to persist into the user volume—which is great, because that means the OS can, on boot, mount the user volume noexec and scan it for malware while running in a known-good base state. That's even without needing to boot into the recovery OS.)
So, other than OS updates, basically the only reason these files get modified is when people modify them manually. And the only people doing that are 1. people developing kernel extensions (or their friends, the Hackintosh community); and 2. enterprises burning low-level configuration changes into OS images for image-based deployment.
And both of those cases involve modifying things that are effectively "underneath the OS API abstraction", and therefore don't have the same ABI guarantees that the OS APIs themselves do. Thus the whitelist.
You know =what would be cool: If all apps had to register their pref config files into a single dir and that would be tracked and snapshotted - and then you could just have ALL apps look to the same dir for where their configs come from and you could have a single repo for ALL apps on your or ANY system - and then you could walk up to a terminal and plug in your "license key" which said what apps you had access to and what ones you had configs for and you could just run that app with all your input and prefs and mappings etc...
I actually wrote a white paper on just this in ~2003 or so - and met with several engineers from google and they said it was impossible.
The idea being that you only carried around with you your profile, and you could just come to a dumb terminal, plug in your key, three factor auth - and the terminal would give you access to the apps and resources they had...
This was basically the idea behind the Windows registry - a single configuration store. With mostly the same tree structure on Machine and User level, so your local prefs could override machine-level prefs. The 'user' part was portable between machines on a domain. And you have a single API to access or change settings
Opinions may differ on how well it was executed in practice. I'm not sure /etc/ with its hundreds of different file formats and Ansible or Chefs as an 'API' is that much better
> This was basically the idea behind the Windows registry.
Was it? I got the impression that the original (Windows 3.1) registry was a Windows-internal thing—a store of Windows settings, and a set of APIs to read and modify those Windows settings, e.g. COM/OLE class registrations. (See https://devblogs.microsoft.com/oldnewthing/20080117-00/?p=23...)
But then, third-party ISVs found the registry, and exploited it to store their own settings. And Microsoft being Microsoft, they accepted that unilateral design change and continued on with it.
Prior to the registry most settings were in files like WIN.INI, and ISVs put settings there. The registry took this idea, added more structure and an API so simultaneous writes don’t screw up.
With the registry, each vendor puts its stuff under a path like HKEY_LOCAL_MACHINE\Software\VendorName, even Microsoft.
Yep. The INI files were the original ways to store config info...
The registry was the next step. What would be great is an online serve for such - a machine gets booted and it asks for your config unam UUID etc - and then just slurps your snapshot down.
OK, disclaimer - I am going on over a decade since this happened:
There was a phone that came out (nokia??) that had a docking station and you could have a screen on it and a keyboard attachement etc...
I presented this in ~2004-ish as a white paper... (lost to hundreds of machines since, and poor data mgmt over time)
I met with a few engineers friends from google over this idea and they said they didnt think it was possible (which at the time it was not - even though I wrote about it in 2001) - and then there was that phone that came out which allowed you to have a phone docking station and use it as your primary computer.
This was at the same time whilst I was talking to my buddies at Intel about stacked procs - and they were doing 64 cores in ~2004 in test dies... and they worked.
It was in 1998 when I was at Intel that I asked "Why cant we just stack multiple CPUs on top of eachother?" and was laughed at...
I sat right next to Andy Grove, but I only spent all my time in the DRG Game lab testing games on AMD and Celeron procs to get subjective results on game perf.
Anyway... I posed a lot of things that were laughed at, which then became reality later.
I worked with a MIPS proc eng about Slot-Rack-Servers, in 1995 - this was deemed impossible... later we have HPE based systems... His name was Kent... he was one of the chief MIPS designers...
I was saying "lets make 'slots' that we can install a switch, a server, storage or whatever on the backplane..."
Yes - I am not lying - these were just things I imagined in the early-mid-late 90s....
I had a good career - but I cannot take any credit for these taking production due to I didnt ever implement any of these ideas... aside from expressing them earlier than others who were far more capable of executing.
Its just like IFTT - I literally whiteboarded IFTT for a bunch of engineers from Lockheed a few years before that existed... They have built a lot of what you interact daily with (netflix) among others...
My soul flaw - is that I think of something early, I have no ability to bring it to fruition and even though I have exceptional famous engineers as friends, I cant bring my ideas to market...
and then a few years later - things I designed hit the zeitgeist and hit market...
I have, as a consultant, made people MANY billions of dollars - and havent received anything in return.
The richest company in the world can't think different?