| ▲ | cwillu 18 hours ago |
| “Mac will try hard not to let you run this; it will tell you the app is damaged and can’t be opened and helpfully offer to trash it for you. From a terminal you can xattr -cr /path/to/OpenCiv3.app to enable running it.” How far OSX has come since the days of the “cancel or allow” parody advert. |
|
| ▲ | rpdillon 4 hours ago | parent | next [-] |
| The lockdown has been slow and steady. Slow enough that at every juncture, apologists point out that it is still possible to run software you choose. I think we enjoy freedom that people do not appreciate because they never had to earn it. Gaining it back will require extraordinary effort. |
|
| ▲ | WildWeazel 16 hours ago | parent | prev | next [-] |
| Mac support is the bane of my existence. It doesn't help that none of us core contributors have one, so if anyone is willing to be a lab monkey... |
| |
| ▲ | AceJohnny2 16 hours ago | parent | next [-] | | Apple has been slowly tightening the screws on app notarization (code signing) requirements for running apps on macOS. To do it properly you need to be a registered developer ($100/year), and they're certainly not making it easy if you don't have access to a Mac. https://support.apple.com/guide/security/app-code-signing-pr... > On devices with macOS 10.15, all apps distributed outside the App Store must be signed by the developer using an Apple-issued Developer ID certificate (combined with a private key) and notarized by Apple to run under the default Gatekeeper settings. Re: Developer ID Certificates: https://developer.apple.com/help/account/certificates/create... I suspect the friction that users are facing are due to dodging the above requirements. | | |
| ▲ | hellzbellz123 7 hours ago | parent [-] | | The whole sdk has a restriction that you can't use it off platform. The code signing thing is just a tax on ios devs |
| |
| ▲ | sssilver 13 hours ago | parent | prev | next [-] | | I have a Macbook Pro M4 Max, an Apple Developer account, a bit of time, and some enthusiasm. Would love to help! | | | |
| ▲ | darthcircuit 16 hours ago | parent | prev | next [-] | | You can run macOS in a docker container. There’s no hardware acceleration for gpu, but works well enough. You can also try macinabox if you have unraid: https://hub.docker.com/r/spaceinvaderone/macinabox It’s probably the easiest way of setting up a Mac VM if you have unraid. I know there are similar options for qemu and kvm based hypervisors. If you have an amd gpu you should be able to pass it through. | | |
| ▲ | hellzbellz123 7 hours ago | parent | next [-] | | But you can't distribute whatever you build legally as far as im aware. The apple sdks prevent you from shipping legally. The only way atm is installing homebrew and using a gnu tool chain if I understand the license of the official sdks correctly? | | |
| ▲ | tomrod 3 hours ago | parent [-] | | Tangible thing versus conceptual thing. License never stood a chance. |
| |
| ▲ | mherrmann 14 hours ago | parent | prev | next [-] | | quickemu [1] is good at running macOS VMs. 1: https://github.com/quickemu-project/quickemu | |
| ▲ | WildWeazel 13 hours ago | parent | prev | next [-] | | My only experience with docker is headless in CI. I do have AMD. I'll have to look into this. Thanks | |
| ▲ | Cloudef 12 hours ago | parent | prev [-] | | Emulating mac or using mac SDKs on non apple devices is against apple's bullshit license though. | | |
| ▲ | freakynit 11 hours ago | parent [-] | | BS needs to be countered with rejection. | | |
| ▲ | chongli 5 hours ago | parent [-] | | If Apple finds out they’ll ban your developer certificates and then all installed copies of your app will stop working. | | |
| ▲ | Wowfunhappy 5 hours ago | parent [-] | | Has this ever happened? Not revoking certificates, which they've certainly done for malware or e.g. iOS "signing services", but because a developer used non-Apple hardware. | | |
| ▲ | chongli 3 hours ago | parent [-] | | I don’t know the answer to that but a quick search shows lots of examples of people complaining that their developer certificate has been revoked, demonstrating a willingness by Apple to revoke certificates if they believe the developer violated their terms of service. I doubt Apple would go out of their way to include language in the agreement that binds developers to their own sanctioned platform if they didn’t intend to enforce it. | | |
| ▲ | admax88qqq 2 hours ago | parent [-] | | I would wager all of those are distributing malware. | | |
| ▲ | chongli 2 hours ago | parent [-] | | I would take that wager. I highly doubt Apple’s revocation team has a 0% false positive rate. |
|
|
|
|
|
|
| |
| ▲ | Catagris 7 hours ago | parent | prev | next [-] | | I have a MacBook m4 Pro, m3, mac Mini m3, an apple developer account and willing to help. | |
| ▲ | tclancy 9 hours ago | parent | prev | next [-] | | I volunteer. | |
| ▲ | fragmede 6 hours ago | parent | prev | next [-] | | https://github.com/fragmede/civ-iii/releases/tag/v0.3-mac-si... | |
| ▲ | fullstackwife 12 hours ago | parent | prev [-] | | Why not build it as a web app and play via browser? |
|
|
| ▲ | ghgr 9 hours ago | parent | prev | next [-] |
| > How far OSX has come since the days of the “cancel or allow” parody advert. In case you're wondering like me, this is the advert in question: https://www.youtube.com/watch?v=8CwoluNRSSc&t=0 |
|
| ▲ | tclancy 18 hours ago | parent | prev | next [-] |
| What is going on with this? I tried that and the alias I have built in for this problem, `make_safe() { xattr -d -r com.apple.quarantine $1 }` The application cannot be opened for an unexpected reason, error=Error Domain=RBSRequestErrorDomain Code=5 "Launch failed." UserInfo={NSLocalizedFailureReason=Launch failed., NSUnderlyingError=0xae1038720 {Error Domain=NSPOSIXErrorDomain Code=163 "Unknown error: 163" UserInfo={NSLocalizedDescription=Launchd job spawn failed}}} |
| |
| ▲ | freakynit 16 hours ago | parent | next [-] | | The situation is actually worse than it looks. This error exists because Apple has effectively made app notarization mandatory, otherwise, users see this warning. In theory, notarization is straightforward: upload your DMG via their API, and within minutes you get a notarized/stamped app back. …until you hit the infamous "Team is not yet configured for notarization" error. Once that happens, you can be completely blocked from notarizing your app for months. Apple has confirmed via email that this is a bug on their end. It affects many developers, has been known for years, and Apple still hasn't fixed it. It completely elimiates any chances of you being able to notarize your app, thus, getting rid of this error/warning. Have a loot at how many people are suffering from this for years with no resolution yet: https://developer.apple.com/forums/thread/118465 | | |
| ▲ | consp 3 hours ago | parent | next [-] | | > It affects many developers, has been known for years, and Apple still hasn't fixed it. Not a feature they care about. Same for deleting apps not released yet. Haven't looked in a while but for over a decade it has been impossible to delete ios apps submitted and not released. So either you have to release the app, make it "apple approved" and then immediately kill it or have an app always present (I think you can hide it but I've not checked that in quite a while. | |
| ▲ | bornfreddy 12 hours ago | parent | prev | next [-] | | Yikes. Why anyone would willingly develop for Apple platforms is beyond me. But then I also don't understand why some some people like using the crap^WmacOS. To each their own I guess. Hardware does look nice though, too bad about their software. | | |
| ▲ | spacedcowboy 9 hours ago | parent | next [-] | | Well, mainly because it's a better unix than Linux for the desktop, and I'd rather pull my eyes out of their sockets with a rusty screwdriver than use Windows. Other than developing my own (without using any other OS...) which is a ... significant ... task, there's not much other option. YMMV. | | |
| ▲ | pastage 7 hours ago | parent | next [-] | | MacOS is a better desktop in the sense that the desktop is locked down. GNOME trie to be the same as MacOS but being the default desktop for nerds and build for people who lives the Apple way makes it a bit schizofrenic. As a Linux lifer I agree that the hard diamond surface of the Mac desktop has a solid feeling to it. The Linux way is harder and also more brittle. Windows and Linux are both better than MacOS even as a desktop as long as you do not look at the in the wrong way. The thing is I have only minor problems doing that on either Linux or Windows, but the walled garden of the Mac, Android and iOS is a joke. MacOS is designed to be a somewhat stable desktop, that is good. It is not a better Unix, it is a political stance that means hacking will forever die. | | |
| ▲ | chongli 5 hours ago | parent [-] | | I don’t know anything about “hard/brittle” analogies for operating systems. What I do know is that Linux distributions don’t seem to have a coherent strategy for building an operating system with sensible defaults and a consistent design that makes it easy to use for non-technical users. Linux developers seem to almost-universally believe that if the user doesn’t like it or it doesn’t make sense then the user will fix it themselves either via configuration files or patching the source code. That model works fine for users with a lot of knowledge and time on their hands. In other words, it’s an operating system for hobbyists. MacOS, for all its faults, is still pretty easy to use (though not even close to the ease of use of Classic Mac OS 9 and earlier). |
| |
| ▲ | pimeys 8 hours ago | parent | prev [-] | | Better is subjective. |
| |
| ▲ | philipallstar 5 hours ago | parent | prev | next [-] | | The advantage is you can just develop it once and publish, rather than pushing things through multiple different packaging processes, and a MacOS person might be more likely to spend money. | |
| ▲ | rjh29 12 hours ago | parent | prev | next [-] | | Because they "have" to have the nice display or good battery life I guess. Everyone has different priorities. Personally for me it's Linux or nothing. | |
| ▲ | freakynit 12 hours ago | parent | prev | next [-] | | Well, gotta sell wherever the customers are, unfortunately. | |
| ▲ | dmitrygr 10 hours ago | parent | prev [-] | | Because that is where the users with the money are. |
| |
| ▲ | Wowfunhappy 4 hours ago | parent | prev [-] | | Can't you (as in the user) still just type `sudo spctl --master-disable` to get rid of the nonsense? |
| |
| ▲ | tclancy 18 hours ago | parent | prev [-] | | And it inspired me to buy it for $0.99 and that doesn't work on Mac either. The [your least favorite tribe] really are revolting. |
|
|
| ▲ | ceejayoz 18 hours ago | parent | prev | next [-] |
| To be fair, the threat landscape changed, too. |
| |
| ▲ | antiframe 17 hours ago | parent | next [-] | | Not terribly fair. When Windows decided running everything as administrator was bad and to add a visual sudo-like prompt, Apple made fun of them for it, but it was Microsoft reacting to a changing threat landscape then too. | | |
| ▲ | klodolph 17 hours ago | parent | next [-] | | Vista gets maligned but UAC is a good feature to have around, and Vista introduced it. | | |
| ▲ | Semaphor 12 hours ago | parent [-] | | My first thought was "But back then those prompts were constant, making them almost useless", though maybe that did actually help by making software vendors rely less on admin rights? | | |
| |
| ▲ | charcircuit 12 hours ago | parent | prev [-] | | UAC is not a security boundary. Malware can bypass it if it wants. | | |
| ▲ | pjmlp 12 hours ago | parent [-] | | It helps to actually enable having to type a password instead of clicking on Yes. However yes, security is much more than an UAC dialog. | | |
|
| |
| ▲ | SomeHacker44 4 hours ago | parent | prev | next [-] | | Yes. The threats are now from Apple and other vendors who increasingly want, build and enforce lock in. | |
| ▲ | Folcon 17 hours ago | parent | prev [-] | | I mean it has, but the situation is getting ridiculous, I'm at the point where I'm honestly not sure what special set of magical incantations and rituals I need to do to get this process to work, it seems to change between different bits of software and get more complex with time as if Apple keeps finding proverbial bigger fools who can get through this mess without intending to and so they're solution is to keep making it increasingly more Byzantine The thing that really irks me is I've got a paid developer account with Apple, I've already done the xcode dance, notarized binaries and all that nonsense, shouldn't this have activated some super special bit on my Apple account that says “this one needs to do random stuff now and again and after saying, `Hey just checking in, doing this will do X to your computer probably, and maybe set it on fire, but if you say "go for it, I promise I know what I'm doing', I'm gonna trust you champ`, finger guns“ (not sure why in my head the personification of Apple would do "finger guns", but here we are I guess :shrug:) Hell at this point I'll take a checkbox in my settings that says, ”Some people are into extreme sports, I love to install random binaries, just get out of my way“ | | |
| ▲ | imglorp 17 hours ago | parent | next [-] | | You shouldn't need the company's permission to run whatever you want on your machine. | | |
| ▲ | chongli 16 hours ago | parent | next [-] | | It's not an issue of permission, it's an issue of trying to make a computer that's safe for grandma to use. Criminals can and will convince grandma to navigate a byzantine labyrinth of prompts and technical measures in order to drain her bank account. That's the threat model we're dealing with here. | | |
| ▲ | nkrisc 8 hours ago | parent | next [-] | | At a certain point you have to let adults be adults and make adult mistakes. | | | |
| ▲ | wtetzner 5 hours ago | parent | prev | next [-] | | Is that really true though? It kinda just feels like a way to force people to have to pay $100 per year, own Apple hardware, etc. | | |
| ▲ | chongli 5 hours ago | parent [-] | | How else are you going to have the ability to revoke malware’s signing keys to get it to stop running on every machine immediately? |
| |
| ▲ | 9 hours ago | parent | prev | next [-] | | [deleted] | |
| ▲ | lokar 13 hours ago | parent | prev | next [-] | | I think a time-lock feature to enable “I know what I’m doing mode” for a year, after a 48h delay would be ok. Or something like that | | |
| ▲ | miki123211 11 hours ago | parent | next [-] | | I like Chrome OS's approach where you essentially choose your security level at initial setup, and need to wipe your machine if you wish to change it. | | |
| ▲ | fc417fc802 5 hours ago | parent [-] | | But what if a scammer walks grandma through backing everything up, unlocking the machine, installing a rootkit, and then restoring from backup? /s (Joke is on you. You thought you'd be given access to app data to back it up? That's against the security model.) |
| |
| ▲ | Gud 10 hours ago | parent | prev [-] | | No, that would still suck. |
| |
| ▲ | anthk 7 hours ago | parent | prev | next [-] | | Any inmutable distro with Flatpak will solve this forever. No need to restrict anything. | |
| ▲ | Der_Einzige 15 hours ago | parent | prev [-] | | [flagged] | | |
| ▲ | fsiefken 12 hours ago | parent | next [-] | | I helped my mother out with a computer, gave her a mac after she called twic a wee about a windows popup. Eventually she became a grandmother, and later in old age, with dementia she stlll using the mac more or less successfully to google and e-mail.
Intentionality, coordination are important for keeping cognitive faculty.
It all sounds so easy, but letting her send e-mail through voice could create confusing situations. | |
| ▲ | skeltoac 14 hours ago | parent | prev | next [-] | | We are all creeping toward old age. Let’s be kind to our future selves. | |
| ▲ | chongli 15 hours ago | parent | prev | next [-] | | Who's to say the criminals won't use a genAI agent to call grandma and social-engineer her so they can drain her bank account? | | | |
| ▲ | lostlogin 15 hours ago | parent | prev | next [-] | | This attitude is worse than Apple’s. | |
| ▲ | Gud 10 hours ago | parent | prev | next [-] | | No thanks. | |
| ▲ | anthk 7 hours ago | parent | prev [-] | | Apple is the personified Enshitification among Microsoft. |
|
| |
| ▲ | klodolph 17 hours ago | parent | prev | next [-] | | …you don’t, just like you don’t need the bank’s permission to withdraw funds… but they will still try and stop you pulling out $10,000 so you can buy iTunes gift cards to pay off your taxes. | |
| ▲ | miki123211 11 hours ago | parent | prev [-] | | And you don't. THIs is not iOS, gatekeeper can be bypassed if you know how. |
| |
| ▲ | spockz 12 hours ago | parent | prev | next [-] | | IIRC everything you compile on macOS yourself, possibly only when using Apple’s llvm toolchain, already gets the proper bits set to execute just fine. This also seems to work for rust and go binaries. I’m not sure whether that is because they replicated the macOS llvm toolchain behaviour for the flag or whether another mechanism is at play. | | |
| ▲ | wtetzner 5 hours ago | parent [-] | | I don't know about Go, but I think Rust uses the system linker by default. |
| |
| ▲ | BirAdam 4 hours ago | parent | prev | next [-] | | You used to be able to boot into the rescue mode and disable their security system. Is that not a thing anymore? | |
| ▲ | foldr 8 hours ago | parent | prev [-] | | The command line incantation is just a convenience. You can unblock the app that you just tried to run by going to Privacy and Security in system settings and clicking around a bit. | | |
|
|
|
| ▲ | heavyset_go 17 hours ago | parent | prev | next [-] |
| This is the reason I dropped macOS as a platform target. Apple will make users think you're a hacker trying to trick them, because macOS acts as if your app is radioactive if you don't pay the Apple tax, and refuses to let users run the apps they want. Maybe 1 out of 1,000 users will know the magic ritual required to run what they want on their machine, and for every one of those, 10,000 are gaslit into thinking you were trying to harm them by macOS' scary warnings and refusal to do what they want. |
| |
| ▲ | xpe 4 hours ago | parent | next [-] | | Taking a legitimate concern (which of course does factor into the overall trade-offs) but exaggerating it into a tirade is uninteresting. Trade-offs are complex. There is more than one sensible mix depending on one’s values and position. Only seeing the worst potential explanations of other parties whom make different trade-offs than you is uncharitable. It can also look like what I would call
counterfactual hypocrisy, by which I mean, if you were in those shoes, would you actually behave differently? E.g.: If you were in Apple’s shoes (think about what this entails), what actions would be compatible with a business’s MO from that point of view? From various ethical points of view? If you say you would’ve behaved differently, is it even possible that you would’ve ended up in their shoes in the first place? A common response here is early mistakes compound. Or actors have poor character which leads to an inevitable fall. That’s the stuff of Greek tragedies. I’m more of a system thinker. If you look at the patterns, it is pretty easy to see that the leverage points are human systems rather than human nature itself. If you don’t like the environmental conditions that led to the decision space, then think about changing the system rather than blaming parts of it. Casting blame on individual parts of the system arguably plays into maintaining the status quo. The most effective changemakers understand how things work and how they got that way without alluding to convenient oversimplifications. Rant now concluded. | |
| ▲ | llm_nerd 6 hours ago | parent | prev [-] | | > Apple will make users think you're a hacker trying to trick them Apple will make users know that there are loads of hackers trying to trick them. The threat is extremely real. > 10,000 are gaslit into thinking you were trying to harm them Gaslit? Again, many are absolutely trying to harm users. Pretending this is some fake threat is perverse. As much as people like to complain about downloaded software having restrictions, or encouraging the developer to be verified by Apple, we had already entered a world where users were told to never, ever run any software not by one of the bigs. I mean, I've told relatives that, for good reason after they installed malware and other nonsense repeatedly. It sucks having to get an Apple account and sign your executable, but for any normal user outside of the foolish, that was the only way they were ever going to run your app. And honestly, for the case given this should be a web app. People shouldn't be trusting some random executable by some random group. | | |
| ▲ | wtetzner 5 hours ago | parent [-] | | How does paying $100 per year to sign your binary ensure it's not malicious? | | |
| ▲ | llm_nerd 5 hours ago | parent [-] | | It doesn't ensure anything. But it does force an identity trail (you have to prove your identity), and more importantly allows Apple to have a rapid kill switch: If a developer uses their account to distribute malware, Apple revokes the cert and those apps will no longer run on user devices (as soon as the revocation hits). Should it be $100 per year? No, that is ridiculous and usurious. |
|
|
|
|
| ▲ | DeathArrow 11 hours ago | parent | prev | next [-] |
| I got a Mac only because of the excellent battery life. But I dread Os X. Not only it is dumbed down and it is harder to accomplish what is trivial in other operating system, but I have to actively fight against it if I want to run software that is not downloaded from the app store or I want to open files with apps I downloaded from elsewhere. And the UI is broken. |
|
| ▲ | neocron 4 hours ago | parent | prev | next [-] |
| And yet people still support it by finding ways around it instead if just leaving mac in the dust, simply not supporting it. Worked for Internet Explorer, will work the same dor mac |
|
| ▲ | 6 hours ago | parent | prev | next [-] |
| [deleted] |
|
| ▲ | adarsh2321 17 hours ago | parent | prev | next [-] |
| [dead] |
|
| ▲ | miki123211 11 hours ago | parent | prev [-] |
| "cancel or allow" (which Microsoft still does) makes no sense, it just trains user to click "allow" every time. Users don't know what they should allow or not. It makes a bit more sense on accounts that have a password set, as it requires you to confirm identity when introducing significant changes to the system (and this is something that Apple also does). Gatekeeper is a different thing, it basically makes sure that the software you're trying to run has been pre-scanned for malware by a trusted party, similar to Windows's "smart screen" and Defender or APt's GPG keyring integration. It's a mechanism that is completely invisible to 99+% of users. If you see a Gatekeeper pop-up and the app in question is not mlaware, the developer is doing something very wrong. |
| |
| ▲ | bpye 8 hours ago | parent [-] | | > If you see a Gatekeeper pop-up and the app in question is not mlaware, the developer is doing something very wrong. Refusing to pay $100 for notarization is not "doing something very wrong". |
|
