sneak @sneak@sneak.berlin

@josias@theres.life no, i'm thinking about mitigating it. i just got new hardware yesterday (insanely great, i might add) that only runs the latest macos major version, so i have to mitigate any privacy issues related to this new os.

@sp1rit it was a kernel extension before 11.0. 11.0 basically banned kernel extensions/modules (again, security), so apple made an api to let them do it.

it's great... except that apple apps are whitelisted by the OS and bypass it. :(

Apple forbids the use of the VPN apis on macOS outside of App Store apps. This means that if you don't have an Apple ID, you can't use a VPN on a mac.

You have to identify yourself... to use privacy software.

This is... upsetting.

@sp1rit for one (of several) example, little snitch/lulu allow you to confirm/deny every outbound connection an app makes, so no invisible calls to data brokers. there's a linux port called opensnitch but i don't know if it still works anymore, is unmaintained in any case.

@sev i think about this meme all the time

@sp1rit privacy and security are closely related. the apps you use can easily violate your privacy without these new os-level protections and you'd have no idea it happened. there are tools for macOS, both native in the platform, as well as available add-on software, that prevent/surface that, and nothing comparable exists for linux.

@novaburst@mstdn.social as to your why, it's because the admin doesn't like me because i hold a different opinion from him on the value of censorship.

@novaburst@mstdn.social oh hrm i'm still listed there. i guess i am still defederated, although my mastodon can see toots from users there. who knows

@purlupar signal desktop is available as a direct download.

https://signal.org/download/macos/

(although the actual download button unnecessarily requires javascript to work because apparently someone hasn't heard of this thing called a hyperlink)

@novaburst@mstdn.social what list?

@Cj yes, os updates are built in, no app store. safari too, i imagine, but i don't use safari as it's spyware by default.

@sp1rit because macos has vastly better security than any other os that runs programs.

linux desktops (i have several here) are super insecure by comparison. it's possible you are ignorant of the security features added to the macOS in the last 5-7 years.

ha looks like my instance got un-defederated by m.t.

@ashfurrow@mastodon.technology was this your doing?

@happybeing@mastodon.technology you can't force employees to use anything

@BrodieOnLinux then you don't know what you're missing. it's not how it was designed, and there are webfonts explicitly provided in the css to make it look right, and your environment is not displaying it correctly.

if you do not sign in to the mac app store or do not use an Apple ID, macOS will pester you with notifications of updates for apps that you are not allowed to download.

i wonder if apple could be persuaded to giving out enough info for a linux gpu driver to be made for m1 and subsequent chips.

of course, that's assuming there's some way to get the thing to boot linux in the first place...

crazy to me that wireguard provides direct download links to their windows gui installer from wireguard.com, but for the macOS installer they only link to the mac app store, where you can't download from if you don't identify yourself to apple (even free apps).

if you make free, open source privacy tools, don't force your users into identifying themselves to PRISM partners to get the free software, mmmkay?

anyone know how to crack MAS apps so they'll open on computers not logged in to MAS? i want to use free apps distributed in the MAS but i'm not ever logging in to anything that requires an apple id on a mac ever again, including MAS