Designed for the most demanding needs of photographers and videographers.
Connect and charge all of your devices through a single Thunderbolt or USB-C port.
FUJIFILM X100VI NEW!

40 megapixels, IBIS, 1.2 pounds!

Disable macOS Major Software Update Notifications: "defaults write com.apple.SoftwareUpdate MajorOSUserNotificationDate"

re: macOS Sonoma
re: Apple Core Rot

re: Botchware: Apple Forcibly Upgrading Macs to macOS Sonoma without User Permission or Input + How to Defeat Upgrades

Apple has no respect for its users these days; Apple vandalized my iMac 5K via a forced unwanted update. Fortunately after some hours I was able to reinstall macOS Monterey.

UPDATE: it’s not clear if the forced/unwanted update issue still exists, or if it has been fixed. Shame on Apple for never acknowledging the headaches it caused me and many others.

Disable macOS Major Software Update Notifications using com.apple.SoftwareUpdate MajorOSUserNotificationDate

This simple hack might do the trick, according to Jeff Johnson.

You can still upgrade if desired. What this does is set the date before which the sytem will not notify you of a major macOS update eg the annual dumpster fire "upgrade" in October. That’s important, since the way Apple vandalized my iMac was via the notification, which proceeds no matter what you click on.

In Terminal:

First, see what the current status is for software update notifications:

defaults read com.apple.SoftwareUpdate MajorOSUserNotificationDate

Next, set that date to something far in the future. As for myself, I probably never want to update, thus years out from today in 2026:

defaults write com.apple.SoftwareUpdate MajorOSUserNotificationDate -date "2026-02-15 22:00:00 +0000"

As for the time of day: +0000 would meant Greenwhich mean time eg about 8 hours earlier Pacific time, so 22:00 (10PM) would be 14:00 (2PM) in California.

The line above can be copied and pasted into Terminal as-is. Or you can change the date to something else.

The 'MajorOSUserNotificationDate' gets changed, now let’s see if that makes it shut up.

MacPro:MPG $ defaults read com.apple.SoftwareUpdate
{
AutoUpdateRetryCount =     {
};
MajorOSUserNotificationDate = "2026-02-15 22:00:00 +0000";
}
defaults write com.apple.SoftwareUpdate MajorOSUserNotificationDate -date "2026-02-15 22:00:00 +0000"
defaults write com.apple.SoftwareUpdate MajorOSUserNotificationDate -date "2026-02-15 22:00:00 +0000"

Reader Don H writes:

Howard Oakley has been looking further into the problem of unwanted upgrades, and offers the following: https://eclecticlight.co/2024/02/12/can-you-avoid-a-forced-upgrade-to-sonoma/

A few points that I’m reading from that:

1) If you’re blocking the notifications (a worthwhile action), be sure to do so with every user account on the Mac, if more than one user exists.

2) Blocking the notification is not quite the same as blocking an unwanted upgrade - it is simply ‘shooting the messenger’. If Apple really screws up and initiates an upgrade through some other action then the notifications alone aren’t going to reflect that.

3) Creating a bogus installer app to cause an error won’t work with Ventura and later, as those apparently no longer copy an installer into the Applications folder but instead proceed ‘out of sight’ with a more obscured software installation process. The bogus installer will not serve any purpose in that case.

MPG: Howard Oakly is a hard read for some, but his insights are usually spot-on.


Connect and charge all of your devices through a single Thunderbolt or USB-C port.

OWC Helps Put Storage Disk onto Moon

re: security
re: OWC articles by Lloyd

What a curious mix of stagnation and advancement the world has become.

Click title to read more.

OWC Helps Put Storage Disk onto Moon

2024-02-15

...Odysseus is carrying several payloads—some of which belong to NASA and some of which are commercial payloads. Inside one of those commercial payloads is a special data storage disk made with help from the folks here at OWC.

Made with support from OWC, the storage disk aboard Odysseus is a small 15-layer nickel stack microfiche time capsule made by space archival storage company NanoFiche in coordination with Galactic Legacy Labs subsidiary Lunaprise. 

The disk contains much of humanity’s knowledge, songs, and messages from more than 1 million people called “Lunagrams.” It is designed to survive for millions of years on the lunar surface, preserving a record of human life on Earth. You can read more about the IM-1 mission here.

...

The Lunagram microfiche. Image credit: Bruce Ha via LinkedIn

WIND: let’s hope this mission succeeds, other recent attempts have failed.

View all handpicked deals...

Sony X80K 75" 4K HDR Smart LED TV
$1198 $1098
SAVE $100

Backup Best Practices: How to Make Fast Clone Backups on a Mac

re: security
re: OWC articles by Lloyd

See prior related posts:
Backup Best Practices: How to Use Time Machine Optimally With Other macOS Backups
What to Do Your When Mac’s Time Machine Says Its Backup Drive Is Full.

Click title to read more.

Backup Best Practices: How to Make Fast Clone Backups on a Mac

2024-02-15

Clone backups are nominally identical copies (“clones”) of your volume(s), updated incrementally meaning only the stuff that changes. 

A clone backup is extremely fast. Only the first backup might take a while since everything has to be copied the first time. But after that first backup, the software is incredibly efficient at only copying the changes, making short work of bringing things up to date.

...

Backup Best Practices: How to Make Fast Clone Backups on a Mac

Connect and charge all of your devices through a single Thunderbolt or USB-C port.

Computer Security: 7 Rules to Keep Hackers at Bay

re: security
re: OWC articles by Lloyd

This post builds on my previous post:
How Corporate Security Sloppiness Threatens Your Online Life and How You Can Reduce Your Risk.

A fact of life is that security is extremely hard—not for technical reasons, but for people reasons.

When I was working as an engineering manager in the computer security field, the top issue was never the security itself, but how to make things as secure as possible while keeping things usable. Endless discussions lasting hours. Security is as weak as its weakest link, and today that is almost always the people involved.

...

Click title to read more.

Computer Security: 7 Rules to Keep Hackers at Bay

...

Login user "test" with home dir on volume "X8"

Zoom Security Does not Look Good—  Alternatives?

re: security

POV: I’m not concerned about privacy very much. Mainly, I’m concerned about compromise of my systems with Zoom as a vector for that compromise. It’s already bad enough with Apple security bugs.

I have a need for Zoom or equivalent, but I am not willing to compromise the security of my main computer or travel computer. What do I do? I used Zoom on iPad, but even there it has high risk security issues (see below). Specifcally, my requirements are:

  • Capture an interview of 2 or more people that can be downloaded for upload/editing, etc. This rules out Zoom on iPad.
  • Unbounded time limit (eg 37 minutes in non-desktop clients is unacceptable). This rules out Zoom on iPad.
  • Must be acceptable for the other party to also without unusual software requirements eg MS Teams or similar is a non-starter. Zoom is of course the most used.

Maybe GotToMeeting or GoogleMeet or some such could do the job.But it’s a ton of work to evaluate the dozen or so out there, evaluating features and security.

Or, maybe the new Rumble platform’s ability to live-stream to multiple other services simultaneously would be the smart move, though I don’t necessarily need or want live streaming. And that would likely take a lot of effort to get it all working, based on what I’ve heard.

I considered Apple FaceTime, but it does not appear to have the recording capabilities I need, at least not that I can see. You can for exampe record the screen with sound, but it does not lay-up the participant video streams side by side, and it does not capture the sound bits over the wire; I think it just records the microphone meaning it would record the sound that is played from the other party, which is poor quality. Maybe I am wrong, but the online suggestions for how to do it look like pretty poor support and a real hack to do it properly (record your screen generically like anything else while making a Facetime call—lame). And what if text messages or alerts pop up while Facetiming? That could be a privacy/security headache.

Zoom security risks

Zoom is super popular,but it has an ongoing history of very high risk security flaws, and very recent history lying about its security issues and generally being dishonest, etc. Corporate culture does not change much, so I assume the Zoom organization is not to be trusted. And while you would be foolish to trust Wikipedia for much these days, the Wikipedia summary is pretty damning.

And Zoom’s privacy statement in essence says they can examine all your content for any reason whatsoever eg “public safety”. It is carte blanche. Then they can also basically sell your info to all sorts of places too. And I wonder who really controls Zoom, is the CCP involved?

Finally, Zoom.app for macOS is not available on the Apple App Store, so it does not have review by Apple either.

Below, I applaud the public listing, but the frequence and severity of high risk security bugs with no apparent trend change is troubling. This listing are the bugs that the company was forced to address by public scrutiny, but what about all the ones not yet found, or known (or deliberate!) that the company is aware of but does not list or care to list?

Zoom Security Bulletins

Zoom Security Bulletins

 


Connect and charge all of your devices through a single Thunderbolt or USB-C port.

How Corporate Security Sloppiness Threatens Your Online Life and How You Can Reduce Your Risk

re: security
re: OWC articles by Lloyd

...

Click title to read more.

How Corporate Security Sloppiness Threatens Your Online Life and How You Can Reduce Your Risk

2024-01-30

It’s hard enough protecting yourself, but too many big corporations out there put you at risk.

There is not a lot you can do about it other than looking elsewhere, which is often impractical. This article discusses some of the most common Worst Practices and offers some ways to minimize the risks.

Corporate Security Worst Practice #0: The really dumb stuff

Believe it or not, many companies out there are still doing really dumb stuff with security. Hopefully, no company still stores cleartext passwords, but some probably do. Some store hashed passwords—passwords that are run through a hashing algorithm to convert the password text itself into letters and numbers—but fail to ‘salt’ them, making a brute force password cracker’s job easy. That’s the really dumb stuff.

...

How Corporate Security Sloppiness Threatens Your Online Life and How You Can Reduce Your Risk

Reader comments

Anon (requested to be) writes:

In case you think I am doing something stupid, please let me know. I am 76 years old and might be using bad practice.

Here are some thoughts on passwords and login credentials and account security.

I have a Mac Studio M2 Ultra and run BiteDefender anti-virus software on it.

I maintain a password file for 275 or so accounts in an excel spreadsheet. The spreadsheet is stored in a 256K encryption sparse image file on my Mac. The closed sparse image can be passed around and based upon everything I know, it is very secure. The spreadsheet is protected by a 20 character password. I have been using this approach for 25-30 years or so, before password managers existed. I keep a copy of this file and the password in my safe deposit box so my kids can unravel my online world if I get hit by a beer truck.

I do not use the same password on more than one site. KeyChain nags one if you do.

I like Apple’s Keychain for automatic password entry on sites where there is no real or a minimal threat to me if the password or credentials are stolen. Keychain is really only as good as the weakest entry door to it on any of your devices, which can be 4 or 6 digit entry code for your iPhone or iPad (or if one is smart a real password on the iPhones and iPads) and once that entry has been made all of one’s passwords are visible without limitation as long as you know the 4 or 6 digit passcode. To circumvent this, we (my wife and I) have gone to a passphrase on our iPads and iPhones and a screen time password before any account info can be changed. So the passwords stored in KeyChain are reasonably secure.

Some years ago I read where several password manager systems were compromised at black-hat security challenge conference events. Maybe I should look harder at a Keychain alternative, but stories are a plenty about some of these password outfits being hacked doing dumb-ass stuff storing and/or handling the password and ID credentials as you noted in your recent article. So I have never gone down the road of a password manager other than KeyChain - I figure, Apple has a higher probability of not hosing up KeyChain than Joe Password does, but who knows. And everybody probably leaves data remnants in memory for mining.

Some sites do not allow any user names other than one’s e-mail address. On those, you have no choice other than to use a lesser used email address. And you should think about if you really want to do business with such a bonehead site.

All banks, credit unions, insurance companies, credit card issuers, grandkid 529 plans and important accounts where a bad guy getting access can steal my money have the following:

  • The user name does not contain any reference to may real name it looks like a 20-28 character password. So a bad guy looking to see if I have an account with say Bank of America, will have to bang around for an awful long time to find if I have an account there.
  • The password is also 20-28 characters long. I don’t care what it is and make no efforts to remember it or the user name, I login to these accounts on my desktop or laptop and copy and paste the password from the password file to the browser login screen. User names on these accounts are not re-used on multiple accounts.
  • If one wants to hack into my accounts, in affect they need to come up with two long passwords - one for my identity/user name and one for actual account access.
  • I do not use Keychain for bank, credit card, or other similar types of sites where my real money or important info can be stolen.

I have found that banks, credit unions, and two of the largest investment firms in the US require one to:

  • Turn off all browser safety precautions to work with their sites such as Preventing Cross Site Tracking - must be turned off for most financial institutions bill pay systems to work
  • Allow them total access to all files on your machine - especially where the investment firm has a stock tracking and account management software application they load onto your machine. And I can name them.
  • So the folks who should care the most about your security are the absolute worst at helping you protect it - go figure! They do this because it is easier to set up their software to run on your machine if they don’t have to care about normal security precautions - my opinion.

For the reasons above, I do not use any financial apps on my iPhone or iPad. There is no reason to do so. Why put your financial data on a device that if stolen and kept open for a bit potentially allows a thief to get a peek at one's financial situation. And keep in mind that a lot of these outfits creating these apps are selling the apps to numerous banks, credit unions, etc.. And they are the same folks that write software for your desktop that wants total access to everything you own. If they don’t let me use good computing practices on my laptop or desktop, what makes me think they will use good practices on my iPhone or iPad? Why go there?

I don’t leave credit cards on any sites (except for Amazon and PayPal) so there is fairly limited ability to cause me any real financial pain if these site credentials are somehow stolen. When purchasing I usually use a one time credit card entry or PayPal.

We don’t use debit cards because there is little protection if your info is hacked.

My credit accounts at the three major credit rating agencies have been frozen for 10 years or so and are opened up for a day or so as required for a car loan or credit card application.

Security questions are answered with nonsense answers. What school did I attend? "Reform school in Anchorage Pakistan on Mars”. These nonsense answers are stored in the password spreadsheet.

We have several bank accounts. I only allow a very limited set of vendors to pull money from a bank account. And we keep a limited amount of funds in the “pull” account to avoid a number of potential exposures.

Bills are paid online with Online Bill Pay to prevent paper checks being stolen and check washing, which is a growing fraud issue.

Periodically I check if the passwords on major money accounts and e-mails have been pawned.

I have about 6 passwords memorized and that is it.

Maybe there is a nugget in here somewhere.

I enjoy reading you articles and insights on various issues. Thanks for the effort you put into it.

MPG: this is overall an outstanding approach.

One thing I would emphasize: if you copy/paste passwords for logins, after pasting immediately copy something else in order to clear the clipboard of the password.

Some brief comments:

  • I do not recommend anti-virus for Mac as it causes various problems. And I am not aware of any actual benefits.
  • It is not my experience that cross site tracking is needed for financial sites, but that could well be. It is one of the Worst Practices that corporations engage in. I deem it irresponsible incompetence in design.
  • Excepting utility software whose core function requires access to all files (eg backup software, IntegrityChecker, etc), no software should need more than strictly limited access to your files. Do NOT grant “everything” access to such files. Usually you can deny access to all sorts of places with no downside.
  • Sadly, most web sites require email as a login ID. Avoid it if you can, as per the notes above.

Sebastian B writes:

A few notes/thoughts on your reader's security practices:

– I've used basically the same approach (encrypted disk image with spreadsheet inside) before switching to 1Password when that became a thing. I agree it's generally a good approach, and your reader is obviously very thoughtful about handling sensitive information in general, so kudos to him.

– As you emphasized already, copy/paste is a risk, not only because passwords might remain in the clipboard indefinitely (which, mind you, may now be auto-synced by Apple to all your iDevices!) but also because you might inadvertently paste a password into an unsafe place (think some unsecure text box on the web— or paste into the address bar to send it directly to Google!). Good password managers offer restoring previous clipboards contents after a minute or so (beyond largely obviating the need for copy-pasting anyway), greatly mitigating this risk.

– With disk images, passwords are there for everyone to see as long as the disk image and your device are open/unlocked. There's no readily available way to close a disk image after, say, an hour of inactivity short of remembering to do so. You might inadvertently leave it open indefinitely, in which case it becomes no more secure than an unprotected spreadsheet. Again, password managers reduce this risk by automatically locking the database after a given period of time or when, e.g., the device is locked or goes to sleep. Considerably less potential for human error. (Actual impact varies greatly depending on how and where the device is used—maybe not a big issue with a stationary computer at home, but possibly a huge issue with mobile devices in public places.)

– If the macOS keychain is (at least partially) used for easy website password filling, all risks of the keychain apply. Those used to be low, but now keychains are synced to your iCloud account and all your iDevices by default, greatly expanding the attack surface and likely introducing much weaker links into your security chain. I would strongly recommend turning off iCloud Keychain/Password syncing on all devices (eliminating storage of your passwords in iCloud), and thinking twice about manually storing them in the keychains of mobile devices (esp. phones) at all.

– I don't know how it is with Excel these days, but with Apple's Numbers there are basically yearly app updates with file format changes that are usually backward-incompatible, and the latest-and-greatest Numbers is often exclusive to the latest-and-greatest macOS version. Thus, unless all devices are running the latest version of everything, an "innocuous" app update on one device may make the spreadsheet unreadable on all others. (Though manual syncing of the file eases this risk.)

Of course, password managers also have drawbacks (forced cloud syncing, possibly with insufficient security, and never-ending subscription costs being two important ones).

WIND: solid advice.

Thunderbolt 4 Dock

Thunderbolt 4 hub and ports!

Any Mac with Thunderbolt 3.


Is the OWC ThunderBlade X8 the Ultimate SSD? A Pro’s Review and Performance Breakdown

re: SSD
re: OWC articles by Lloyd

Click title to read more.

Is the OWC ThunderBlade X8 the Ultimate SSD? A Pro’s Review and Performance Breakdown

2023-01-23

It doesn’t get any better for an external SSD: Silent. Up to 32TB of capacity. Hyper-fast reading and writing. Fault tolerance. Professional build quality. Daisy-chainable. Compatible with Mac and PC.

Here in early 2024, the OWC ThunderBlade X8 arrives with 8 internal SSD blades and faster performance* along with capacity options of 8/16/32TB. The venerable OWC Thunderblade(“ThunderBlade X4”) used 4 internal SSD blades up to 32TB, but the X8 is significantly better in every way.

...

Is the OWC ThunderBlade X8 the Ultimate SSD

Connect and charge all of your devices through a single Thunderbolt or USB-C port.

TESTED: OWC Thunderbay X8 SSD, Single SSD Blade

re: OWC Thunderbay

re: TESTED: OWC ThunderBlade X8 Thunderbolt SSD RAID-0, RAID-5

Tested with the fill-volume command of diglloydTools DiskTester.
disktester fill-volume

For this test, a single SSD blade (1 of 8) was tested. Speed is quite modest, for unknown reasons possibly having to do with the way PCIe lanes are mapped to each individual blade (?).

My interest was in seeing the potential performance should a Thunderbolt 5 version of the ThunderBlade X8 become available.

Total potential bandwidth: 6.2 GiB/sec write and 6.4 GiB/sec read —  which (just) matches or exceeds the bandwidth of even Thunderbolt 5 — looks future=proof.

Write: 778 MiB/sec = 797 MB/sec
 Read: 803 MiB/sec = 822 MB/sec

CLICK TO VIEW: OWC SSD

OWC ThunderBlade X8: single SSD blade

Connect and charge all of your devices through a single Thunderbolt or USB-C port.

Deals: Gorgeous 5K Display with Built-In Computer (2020 iMac 5K)

You can’t go wrong with a gorgeous 5K display with a free built-in Mac.

The 2020 iMac 5K (see review) is the last and fasted iMac 5K Apple produced, and Apple has seemingly discounted the possibility of making an iMac 5K ever again.

For a little more or quite a bit less less than the price of a 5K display alone, you can get a full Apple warranty Apple iMac 5K:

$1379 Apple 27-inch iMac Retina 5K Mid 2020, 3.8 GHz 8-core / 32GB / 500GB SSD <===== WOW!

Perfect for anyone for home use—student or parent. Upgrade the memory at any time all the way to 128GB.

Laptop deal? Look here.

The iMac 5K is the best all-around machine Apple ever made! Grab one cheap while you can.

See also OWC Trending Winter Deals.

 



Connect and charge all of your devices through a single Thunderbolt or USB-C port.

Reader Comment: a Way to Move the Entire Home Folder

re: Storing Important Data on the Boot Drive is Asking For Trouble — Always Make a Separate Volume

Mike’s comment relates to yesterday’s post and Add a Separate macOS Volume for Important Data Instead of Storing It All in the Home Directory.

Login user "test" with home dir on volume "X8"
Login user "test" with home dir on volume "X8"

Reader Mike B writes:

Another way you can keep your data on another drive is to set your Home folder to a folder on a different volume (an additional volume that you create on your main internal drive). 

Under System Preferences or Settings, open Users and Groups, control/right click on your account, choose Advanced Options, and then select the new location (under ‘Choose').  You can drag that folder over to set the path without typing it.

Thereafter, unless you specify otherwise, all your stuff (including your Desktop) will default to the new location.

MPG: good point.

The user home dir can be on any volume, not just a volume based-off the internal drive. However, on a volume based on the internal drive, the risks that I discuss below are lessened.

Dubious rationale

Adding complexity based on dubious articulable benefit while adding risk is a bad system.

Why relocate the home folder at all when it’s not even the issue? The very premise is faulty.

The issue is where to store the data that you directly create. Why feel constrained to store it in some subfolder(s) of the home folder? The purpose of the home folder has never been storing 100TB or even 10TB of stuff. It’s a UNIX-ism from 41+ years ago (I’m old enough to have started using Unix back in 1983…!)

No one has to use the Documents, Pictures, Downloads folders. And that is mostly what is driving this whole idea. Ignore them and put your stuff wherever you like, on a separate volume, external volume, etc. Moreover, apps like Photos.app and Music.app can just as easily store their databases elsewhere (which I do). Or you can symlink Pictures, etc elsewhere. But moving the entire home folder is a solution in search of a problem.

The Desktop is handy. And if you really want to store 3.8TB or 11.3TB of stuff in a few folders on your desktop or home directory, the tip above should get the job done on a nice big SSD like the OWC ThunderBlade X8 or OWC Express 1M2. But... why?! You can just as easily put it onto an external drive and have an alias icon to it on your desktop = no meaningful difference and no added complexity.

Downsides to relocating home folder

With a home folder on an external drive:

  • Reduced speed—external drives even the fastest are about half the speed of Apple’s internal SSDs, though this might change with the advent of Thunderbolt 5.
  • Doubled failure possibilities (or worse) that could prevent login—external drive could fail or have a bad cable or a corrupted file system, some RAID-setup incompatibility that arises, etc. Create a separate admin account on the internal drive, just in case.
  • Encryption of home folder (important) — can an encrypted drive be unlocked (required) prior to logging in? (not sure)
  • Risks— Apple does a poor job testing unusual scenarios (if at all), and moving the home folder is probably a 1 in 50K situation. Risks rise as more complex macOS features are added.

Not scalable and makes little sense anyway

Allowing the system to decide where your stuff ends up is poor computing hygiene. The smart move with your important data means controlling where it goes and how it gets organized and having a disciplined backup strategy.

For photographers and videographers, the appropriate place for Your Stuff might not just be one external volume, but possibly several external volumes, and possibly RAID or network-based. You can’t put a home folder on several volumes. But most important, a single home dir is a non-scaleable idea that does not work in 'production' scenarios.

BTW, much of the contents of the home folder stuff is replaceable junk, stuff that sorta needs to be there, but junk nonetheless (not your stuff)—200K files, an entire landfill of cruft. A portion of this has value, eg various Apple SQL databases for Contacts and Calendars, etc, but that’s all buried down there and not very large. I don’t like mixing my stuff with what is mostly garbage.

Finally, if work is project-based as mine is, perhaps you work alone but maybe you share with a workgroup. In that case, it makes little sense to have workgroup-shareable data in one’s personal home folder.


Connect and charge all of your devices through a single Thunderbolt or USB-C port.

TESTED: OWC Thunderbay X8 SSD

re: OWC Thunderbay

The original OWC ThunderBlade ("ThunderBlade X4") with 4 SSD 'blades' offered up to 32TB capacity. I own two of them (8TB each), and they still run like champs for me ~5 years later.

In early 2024, the OWC ThunderBlade X8 takes the concept to a new level, with 8 internal SSD blades and significantly faster performance* with capacity options of 8/16/32TB.

CLICK TO VIEW: OWC SSD

TESTED: OWC ThunderBlade X8 Thunderbolt SSD RAID-0, RAID-5

OWC ThunderBlade X8: RAID-0 vs RAID-4 performance

Connect and charge all of your devices through a single Thunderbolt or USB-C port.

Storing Important Data on the Boot Drive is Asking For Trouble — Always Make a Separate Volume

re: backup
re: Apple Core Rot
re: OWC articles by Lloyd

If someone enters your property without your permission and then proceeds to trash it and lock you out as well, is that a criminal act? How is that different with a computer? It’s akin to malware, at the least.

Today’s all day recovery from IMO criminally negligent Apple property damage is a good reminder of why this is some of the best advice I can give you:

Never store your important data on the boot drive!

Had I failed to put most of my data onto a separate volume, all my data would have been wiped out as part of reinstalling the system today. It’s bad enough that I had to spend hours reinstalling all my apps, redoing dozens of preferences, etc.

Do not trust Apple with your data. It will end badly.

Add a Separate macOS Volume for Important Data Instead of Storing It All in the Home Directory

2024-01-17, by Lloyd Chambers of MacPerformanceGuide.com

Separate data volume enjoys lower risk of wipe-out from system meltdown, faster and smaller backups.

Most users buy a new Mac and happily go about their business, letting all their Stuff get stored willy-nilly onto the internal SSD of that Mac into folders of their home directory: DocumentsPicturesMusic, etc. This seeming simplicity has great appeal, but sooner or later the price for it will be paid. 

That is, it is only a matter of time before there is a problem with the startup volume. If that issue means also wiping out all your important data in order to recover, you might pay a heavy price, if only in downtime as a professional, and maybe worse in data loss.

...

MPG: the video below shows (in part) how to create a separate volume on any drive including your internal SSD (boot drive). Make sure it is backed up with a minimumof two backups stored safely away from the computer—see external backup drives here.

Botchware: Apple Forcibly Upgrading Macs to macOS Sonoma without User Permission or Input + How to Defeat Upgrades

re: macOS Sonoma

re: Apple Core Rot

Apple ignores Software Update settings!
Apple ignores Software Update settings!

UPDATE: in addition to the “blocker” fixed discused below, a system preference can be set.

...

It’s bad enough that multiple workflow bugs introduced in macOS Ventura apparently will never be fixed, bugs that hurt my productivity every hour of every day dozens of times.

Now, Apple has really screwed us over.

Ray R writes:

I ran across your post from late September titled: BEWARE: Apple Software Update may Force 'Upgrade' to macOS Sonoma

It’s worse than one could imagine. For some reason people (myself included) who are running Ventura are getting upgraded to Sonoma with no user input. I’ve never seen anything like this. It all must have started about a week ago.
[MPG: my forced upgrade was from macOS Monterey and on Intel, so it’s not just macOS Ventura]

I have an iMac Pro and hadn’t powered it up for a few days. After a while I got a "Upgrade to Sonoma” notification that I promptly clicked the “X” to dismiss.

I restarted the machine a little while later and it immediately went into software installation mode. I was hoping it was a security update as I only had “Check for updates” and “Install Security Responses and system files” enabled in the settings. When it finished I had Sonoma 14.2.1 installed. Unbelievable!

Here’s a thread on MacRumors that’s filling up with people having the same problem:

“Ventura magically updated to Sonoma"
https://forums.macrumors.com/threads/ventura-magically-updated-to-sonoma.2416284/

I’ve been around since the 6.0.7 days and haven’t run across anything remotely like this…

MPG: I personally confirmed that this is happening, on my 2019 iMac 5K. And not willingly—Apple just did it.

The geniuses at Apple are at their incompetent best, yet again.

Apple is force-updating Macs to macOS Sonoma, whether you like it or not and whether you OK it or not (you’re not asked!)—it just happens after you click on the nagware to dismiss it, the next time you reboot. Even worse, the macOS Sonoma forced-update effectively bricked my machine and even when totally reinstalled Sonoma a 2nd time I still had a machine that would hang and then freeze when logging-in. Double incompetence.

That’s right: an unwanted and unauthorized and no-warning upgrade that de facto wiped-out my machine. I spent my entire day it back to macOS Monterey, which required erasing the boot volume—total destruction. It would take my business down if this happens on my servers. Luckily, I follow my own advice in keeping most of my stuff on a separate volume, which spared me another half day of effort.

I presume this is just the usual gross negligence/incompetence we have come to expect from Apple software. It shows the out-of-control abysmal software Q/A processes in place at Apple. But can we rule-out some nastier policy of contempt for users justified (legally) by fine print on page 17 (or whatever) of some legal agreement that no one reads?

Just after I received the above, I rebooted my 2019 iMac 5K. It is still doing a triple ninth-reboot doom loop of some kind which I never asked for in any way shape or form; all I did was reboot. It has now been out of commission now for 10 60 minutes and it looks like Apple has bricked it.

UPDATE: I forcibly powered-off the iMac because it was stuck for an hour. Sure enough, it was forcibly “upgraded” to macOS Sonoma. When I try to login, I get a spinning rainbow beachball which then stops spinning; my iMac is bricked/unusable . Booting into recovery mode offers only to reinstall Sonoma. I want macOS Monterey back! But just for giggles, I reinstalled macOS Sonoma... after that it hangs and I can never login. Apple has BRICKED MY iMac 5K!

I want compensation (meaning $$$) for this criminal trespass and having to spend most of my day unf*cking my bricked iMac 5K.

Broken/unusable iMac 5K after macOS Sonoma forced update
Broken/unusable iMac 5K after macOS Sonoma forced update

As far as I’m concerned, this is an act of criminal negligence and trespassing that should be prosecuted with major financial penalties, say $5000 per user, tripled if willfulness can be shown. It forcibly deprived me of the use of my property and altered it without my permission. Of course, I am sure some lame software license agreement argument is there, but I never agreed to update anything. F*** you Apple!

See also Mac Rumors forum, many people are seeing this, along with a passle of useless ignorant idiots in denial about it based on not having any experience or knowledge... the usual dreck.

Possible prevention: block creation of installer

Placeholder application preventing; “Install macOS Sonoma.app” from being created
Placeholder application preventing
“Install macOS Sonoma.app” from being created

Too late for my 2019 iMac 5K. Even booting into recovery mode offers only to reinstall Sonoma. I want macOS Monterey back!

This might or might not work, but it worked some years ago with prior macOS versions. Basically, when macOS tries to create the update installer in /Applications, an app of the same name that is locked and there already causes it to fail to creating the installer, thus stopping the fiasco.

Create a locked application (any application, just duplicate something) with the same name as the macOS Sonoma installer into the /Applications folder, as shown.

I am unsure, but I think the correct name is “Install macOS Sonoma.app”. You might also want an “Install macOS Ventura.app” etcetera if you are on older OS versions.

Even if there is an unauthorized update, this ought to error-out the process when the download finishes. And set those preferences above to not download.

Reinstalling macOS Monterey

See also: Apple: Create a bootable installer for macOS

I strongly recommend NOT putting your data on your boot drive.

This process seemed to worked for me along with hours to restore everything on the boot drive. UPDATE: no, it did not quite work: file sharing hangs with a rainbow beachball. The system quickly becomes unusable. I suspect that the firmware of the machine was also whacked, which means it now will not run Monterey properly.

You will need:

  • macOS Monterey Installer.app
  • External USB drive (SSD preferred) that can be erased.
  • Several hours

Download a macOS Monterey installer

Download from Apple (nowhere else!). This is pretty confusing. I had one already on another machine but somewhere you can find it.

Create a bootable drive

Step 1

In Terminal, type "sudo " (include the space character) then drag the macOS Monterey Installer.app into the Terminal window, then add "/Contents/Resources/createinstallmedia". It should look something like this, though it might have "\ " stuff instead of quotes:

sudo "/Applications/Install macOS Monterey.app/Contents/Resources/createinstallmedia" --volume /Volumes/install

where the name of the external drive is "install" (change the name if different and don't use spaces in the name).

Then press ENTER or RETURN and wait a minute or two until prompted to proceed.

Step 2 —  Attach this external drive to the Mac, and boot off it.

That varies by computer model, but on older Intel Macs typically holding down the Option key provides a list of bootable devices. Then go through the various steps to reinstall macOS Monterey.

Reader Comments

Don H writes:

Thanks for the head’s up - my biggest fear with any forced upgrade is if it irreversibly changes my mail files. That would be catastrophic!

I too got a reminder for (yet another) software update this morning, and when I checked my Preferences (still running Monterey here) there was the usual Sonoma upGRADE nag but no upDATES. That alone was suspicious.

I did your trick of creating a bogus "Install macOS Sonoma.app” and locked it. The existing app I duplicated was ‘Photos’ (since I will never use that anyway), and after renaming it I also gave it a ‘stop sign’ icon just so it stands out and I’ll remember why it’s there. If, at some point, I get the unwanted file-duplication error (because it’s locked) I’ll have to drop everything and find a way to halt the installation.

Here’s the GitHub page on the Sonoma Blocker procedure (which confirms the installer’s name): https://github.com/Theile/sonomablocker

Here’s the Mr. Macintosh page on how to get the Monterey installer from Apple:

https://mrmacintosh.com/macos-12-monterey-full-installer-database-download-directly-from-apple/

(That site, by the way, is an invaluable source for Mac administrators who want to find old installers and learn about the various changes from one release to the next. I think the guy downloads every software update, dissects them to catalog the contents, and keeps a copy of them before they disappear from Apple. Highly recommended.)

Hopefully the brief detour into running Sonoma didn’t substitute some files that are now incompatible with Monterey. What a mess (but I don’t have to tell you that).

Others have postulated that the auto-upgrade action that installed Sonoma may have been a bug and not entirely intentional on behalf of Apple, but that doesn’t make it any more forgivable. That would only substitute incompetence for malice.

Well, as terrible and time-consuming as this experience might be, it is at least forcing you to review your emergency recovery plans. What was once hypothetical is now front and center.

MPG: when I rebooted, there was no way to halt anything—it sent into the simple narrow progress bar for which there is no canceling.

My assumption is that this is all about the growing apple incompetence with software development, not an actual plan. But if it’s intentional, I consider that a form of battery, and it should be prosecuted criminally.

As for the “Sonoma blocker” thing, I’m not willing to install a launch agent to accomplish that. Hopefully my tip above works as I expect.


Connect and charge all of your devices through a single Thunderbolt or USB-C port.

OWC Thunderblade X8: RAID-0 Stripe or Fault Tolerant RAID-4/RAID-5?

re: OWC ThunderBlade

re: OWC Thunderblade X8: NVMe RAID SSD with 8 blades

The OWC Thunderblade X8 arrives for testing on Jan 15. I’m not sure what capacity is coming.

To review, RAID-0 striping gives maximum capacity and performance*, but a failure of a single blade means total loss of the volume.

RAID-4/RAID-5 (same thing in terms of behavior) delivers the ability to survive failure of one blade at the cost of losing 1 of N capacity eg 16TB (8 X 2TB blades) becomes 14TB usable.

I personally don’t want to give up 2TB of the capacity (16TB => 14TB) for the fault tolerance. Mainly because my capacity requirements are already in that ballpark, so losing 2TB would crimp things.

The thing is either 'bulletproof' or it is not—or so I hope.

Still, for many people the difference between 16TB and 14TB might not matter, and the performance should be little different—soon we’ll find out.

* In general, but in the bandwidth limits of the Thunderbolt/USB-C bus may prove the limiting factor.


Connect and charge all of your devices through a single Thunderbolt or USB-C port.

My Most-Used Software, Enhanced: BBEdit 15

re: BBEdit

re: My Most-Used Software on Sale: BBEdit

BBEdit

Still the best text editor available. Super nice tool, my #1 used program.

Hans M writes:

I cannot but agree with your praise of BBEdit. It is so long ago that I bought my first copy of the program, I can't even remember. In my opinion it is the number one program-text editor.

MPG: yep!

Bare Bones Software Releases BBEdit 15.0

New ChatGPT Worksheet, Minimap, Text Merge, Expandable Cheat Sheets, Among the Many New Features

NORTH CHELMSFORD, Mass. – January 9, 2024 - Bare Bones Software today announced the release and immediate availability of BBEdit(r) 15.0, a major new version of its professional strength text and code editor.

BBEdit 15 introduces ChatGPT worksheets, a Minimap palette, Text Merge, expandable Cheat Sheets, and enhancements to the Projects and Text Factories features, as part of a vast array of improvements intended to make working with projects and text documents more efficient and more productive.

"In addition to exciting new features, BBEdit 15 contains a wealth of improvements to its unique features and core capabilities," said Rich Siegel, founder and CEO of Bare Bones Software, Inc. "We've made all of these changes in order to enhance the quality of life for everyone who uses BBEdit to work with text, and we're looking forward to seeing them put to work."

BBEdit 15 brings its unique "worksheet" interface to the world of generative AI: the new ChatGPT Worksheet feature facilitates interacting with ChatGPT from within BBEdit itself for those with a ChatGPT account and API key (available from OpenAI).

A new Minimap palette shows a high-level overview of the active text document. This facilitates visualization of the document's overall structure, as well as navigation within larger documents.

New commands from the Git menu to push and pull the current branch to/from its remote, and Discard Changes from the contextual menu, improves the ease of workflows. Interface improvements to BBEdit's unique Text Factory feature make it even simpler to set up multi-step text transformation processes.

A more approachable, significantly redesigned interface for BBEdit's Project... feature makes it easier than ever to group and edit related files, no matter their location on disk. Also, the new top-level project item for workspace settings, web site settings and project settings help project functions work better, such as making completions more accurate.

BBEdit 15 also introduces expandable “Cheat Sheets,” customizable reference documents for pieces of text and their descriptions, with built-in examples for Markdown and Clippings placeholders. A new Text Merge feature provides a powerful transformation capability, conceptually similar to the idea of mail merge.

BBEdit offers a generous evaluation model in which its full feature set is available for the first 30 days of use. At the end of the 30-day evaluation period, BBEdit will continue to run with a permanent feature set which includes its powerful editing capabilities, but not its web authoring tools or other exclusive features. BBEdit's exclusive features may be re-enabled at any time with a purchased license. BBEdit 15 offers a fresh 30-day evaluation to everyone.

BBEdit 15.0 requires macOS Big Sur (11.0) or later, and runs on macOS Sonoma (14.0). In total, BBEdit 15 includes more than 180 additions and refinements to this award-winning, professional strength text and code editor. Detailed information on all of the new features and changes in BBEdit 15.0 can be found at:

https://www.barebones.com/support/bbedit/notes-15.0.html

For more information on BBEdit, or to download the software, please visit the company's web site:

https://www.barebones.com/products/bbedit/

BBEdit window, editing Java code

Connect and charge all of your devices through a single Thunderbolt or USB-C port.

TESTED: 4TB Samsung T9 USB-C SSD vs 8TB Samsung T5 EVO SSD

re: SSD

This review looks at two SSDs: the 4TB Samsung T9 along with the 8TB Samsung T5 EVO Portable SSD.

TESTED: 4TB Samsung T9 USB-C SSD vs 8TB Samsung T5 EVO SSD

You get what you pay for—old and stale compared to new USB4 SSDs.

CLICK TO VIEW: Various SSD at BH Photo

CLICK TO VIEW: OWC SSD Lineup

Sustained write/read speed: Samsung T9, T5 EVO

China Says It Cracked Apple’s AirDrop Encryption to Track Senders

re: security

How about fewer emojis and more attention to security?

China Says It Cracked Apple’s AirDrop Encryption to Track Senders

2023-01-11

This allows local police to find ’several suspects’ who use the iPhone feature to transmit files containing ‘inappropriate remarks,’ Chinese authorities say.

Chinese authorities have claimed that they can identify individuals who use Apple’s wireless file-sharing tool to spread content that Beijing considers “inappropriate.”

Experts had managed to identify the phone number and email address of an AirDrop sending device using logs found on the receiving device, the Beijing Municipal Bureau of Justice said in an article published on Jan. 8. That allows local police to find “several suspects” who use the iPhone feature to transmit files containing what authorities have referred to as “inappropriate remarks,” according to the agency.

...In late 2022, after protests against Beijing’s draconian COVID-19 measures erupted in Shanghai and other major Chinese cities, Apple restricted the sharing feature in the mainland following reports that young demonstrators used the AirDrop function to share images and slogans denouncing the Chinese Communist Party (CCP) and its leader, Xi Jinping.

...Apple hasn’t offered an explanation as to why it chose China to be the first country with AirDrop restrictions....

China Censorship

For years, Apple kept Chinese customers’ data locally on servers run by a state-owned company, adhering to Beijing’s request to keep information within its borders.

Experts have pointed out that this method gives the CCP unfettered access to consumer data. Apple, in response, stated that it holds encryption keys to the data stored in those server facilities and has “never compromised the security” of its users and their data. [MPG: vote of “no confidence here”]

This local storage means that although the United States has laws against companies sharing data with Chinese authorities, Beijing can demand the data from the server storage company rather than from Apple.

....

MPG: in other words, a Chinese citizen might be jailed or worse thanks to Apple’s sloppiness. Or is it intentional to leave log data around for security compromises?

Apple surely does what the CCP tells it to do— follow the money. At least up to the point of reputational damage, hiding as much as possible. Apple is not going to risk having its product pipeline shut down. Has Apple ever criticized China? Figure it out. Individuals are guilty until proven innocent but governments and countries are guilty until the full light of day proves otherwise.

Could this have any bearing on why Apple iPhone sales in China are down 30%!

What to Do Your When Mac’s Time Machine Says Its Backup Drive Is Full

re: OWC articles by Lloyd

A previous post discussed how to use Time Machine in your backup strategy: Backup Best Practices: How to Use Time Machine Optimally With Other Backups.

But what do you do when the Time Machine volume is full? The reasons can seem mysterious.

Read more...

What to Do Your When Mac’s Time Machine Says Its Backup Drive Is Full

 


Connect and charge all of your devices through a single Thunderbolt or USB-C port.

diglloyd.com | Terms of Use | PRIVACY POLICY
Contact | About Lloyd Chambers | Consulting | Photo Tours
Mailing Lists | RSS Feeds | Twitter
Copyright © 2020 diglloyd Inc, all rights reserved.
Display info: __RETINA_INFO_STATUS__