A user has to use the CLI to turn off the Apple DRM to install software on an Apple laptop. The CLI is often cited as the reason people won't try Linux. This makes the entire user experience on those machines a restricted use case.
My daily driver for the past 20 years or so has been a Mac, doing everything from software development to music production to general computer use.
I’ve never had to use the CLI to turn off Apple DRM to install software. I use the Homebrew package manager to install all types of command line and GUI software and I download and install all manner of software outside the App Store regularly.
The only times I’ve had to do anything is if the app isn’t signed which is rare to come across, and even then it is a couple clicks in the macOS GUI to allow installation (I’ll grant you the fact they’ve made it more cumbersome in the past years by requiring you to go into the settings panel and click a button there, but it never outright prevents installation and never requires CLI use).
I really have to question if you’ve actually used a Mac or if you’re just repeating something you’ve heard because it doesn’t match my daily experience at all nor that of any Mac user I know (all my coworkers for example).
I think they're referring to disabling system integrity protection, which I've admittedly had to do for some specialized use cases that I can't remember.
SIP is similar to an enhanced secure boot. It's not (at least not primarily) for DRM.
He might be talking about a Gatekeeper override which is available by digging into the system settings? This allows you to run insecure resigned software (like pirated software is a common use case, honestly). But you only have to do this once, it isn't some constant headache.
I'm not sure what exactly he's referencing, actually. But it can almost all be disabled on macOS (the same is not true of iOS).
I've been using a Mac since 2012 for all manner of work and personal use cases. I haven't needed to disable SIP to do anything in quite a long time. I used to need to do this to install kernel extensions for audio, but this is no longer required for systems that support AudioKit.
Basically, I don't see any impediments to doing anything I need to do with SIP enabled at this point. I'm not sure what GP thinks the impediment is.
Regardless you still had to do it. Anyone that doesn’t do it is in a restricted use case for the machine. That’s my point which I made clear in my original comment. Disabling it allows you to use the machine outside of restriction. Fancy that!
I only had to do it years ago. I have a new M5 Max MBP and it has never had SIP disabled, neither did my M1 Max MBP I replaced. That's at least 4-5 years where it's been unnecessary. Never needed it on Apple Silicon devices, although I don't think the SoC arch is related to why.
I like how Apple related conversations, I can’t make a point about how restrictive the OS has become and how most users are probably using restricted devices without apologists telling me “not enough people need to disable that stuff so it doesn’t count”. I’m sure you will brag about the merits of Apple’s locked down security of the App store, that’s not a restriction right? It’s just “security”.
Wherever you pundits want to move the goal post I guess.
Nobody is moving the goalposts. You just poorly choose words.
I don’t think you actually understand the problem space of what you’re describing or you wouldn’t call it DRM.
And as such I don’t think you actually have a grasp of what is affected. But you’ve deles that everyone who doesn’t think it’s the same level of issue as you is somehow beneath your intellect based on your other comments.
Enough actual Mac user have asked you wtf you're talking about. I'm more interested to know where you picked up the idea, if you care to speak to that too.
Occasionally, but not often. BUT in no case do they need to use the CLI to do that. When they do need to, they allow the app in System Settings app, under Privacy & Security.
Heck, I am a "power user" who installs all kinds of weird apps and I haven't had to do that, except in my hackintosh days when modifying the system.
Yes but you admit they dont need to do that but they can and probably have. That’s the simple point I’m making between restricted and non restricted devices. You may see them as guard rails or whatever but they’re still restrictions.
As soon as you let macports through Gatekeeper you are breaking through device restrictions. Does macports/homebrew have a UI?? They might not need to use the CLI to do that but they might still use it. Heck their AI assistant even might.
Another example my company doesn’t allow me to adjust OSX notification settings. Another restriction making my device use restricted.
I mean a lot. I purpose left it vague because I fear unpacking it is going to turn into the worst parts of a reddit thread, something that I would definitely be contributing to myself.
The big bullet points though are:
• Apple has crazy opinions about hardware
• And increasingly crazy opinions about what software you can put on it.
• And goes out of it's way to not work with open standards because 'fuck you'.
So examples here - non-exhaustive, just examples.
Hardware is not something I need to explain. You are stuck on their hardware. You can't upgrade it, by design.
Software has been touched on re: DRM nonsense, but they are leaning more and more into 'only signed apps' and even 'only apps you get on the app store' (which I assume is the future for that OS). They also just don't really give a shit about compatibility and will happily break API when it suits them.
Open standards is completely obnoxious and just an unforced error, but it's not actually an error because they want users and developers both to be exclusively in their ecosystem. Vulcan is example prime in my head. They could support that, but they choose not to because they want everyone on Metal. The platform is not about being useful - it's about generating mind share and revenue.
---
There are a lot of Apple users who will insist they don't feel like they are missing anything, and I do genuinely believe that they do feel that way. They just don't know what they are missing and if something isn't introduced as an option, it's not even in their mental model when choosing a solution for a problem. It's like trying to explain the virtues of a mouse and keyboard and an OS that supports multi tasking to a modern day teenager attached to an iPad and a phone - the idea of a more capable, more complex input stack is so foreign that it doesn't even register meaningfully. I don't mean to be a dick here, but I wouldn't go around saying, 'I've used Mac for 20 years and haven't ran into any issues with the OS' -- You're kinda telling on yourself a bit there.
Where are you getting the information that only signed apps are allowed on macOS? macOS will, just like windows, issue a scary warning when running a program of unknown origin, sure, but there’s no indication of just letting macOS open it anyway going away. As much as the quality of Apple’s software is declining, the macs are not getting more restrictive
I’m very curious what you mean by this.