> Most Apple users will definitively want those on, and will break your system in subtle ways if you disable them.
What happened to the good old days of "ask for user consent before phoning home"?
I mean, Apple is miles ahead of Windows in that regard, but your average Linux or BSD setup won't phone home outside of repository downloads unless requested.
I think you have your target demographics mixed up for MacOS and Linux. Once you reframe it in that light, you've answered your question. One is a poweruser who wants complete control of their environment, the other is a much broader user who wants a convenience of experience and safe environment. Trade offs to both of them.
The only happy medium I would consider to your approach is that if MacOS had two set up routes, one defaulting as a power user turning everything off and then initiating things are you want and another as a general user. Maybe that would solve it (though would be a heavy lift I am sure).
This is the Little Snitch[0] problem. If you have ever used Little Snitch, you will soon realize that 1) there is so much crap phoning home and 2) most people do not want to deal with giving permission to each and every one of these services.
I have tried giving permission and at the end of the day, it's just not worth the time. For me, Little Snitch is great as a reporting tool but it's just too much work as a firewall.
> most people do not want to deal with giving permission to each and every one of these services.
It’s far worse than just annoying: if people have to give permission to a bunch of things they don’t understand, they will absolutely give permission to something they shouldn’t.
You want the user to make a few decisions as possible, and every single one should be an actual decision: where the user knows what the options are, has an actual stake, and might legitimately choose either option depending on their preferences and circumstance.
The more times they have to click “yes” without thinking, the more susceptible to malware they become.
I think this is a bit of an odd take, given that the alternative is that the computer just silently allows you to download content from anywhere. I don't think this makes someone any more susceptible to malware than they already were. Little Snitch is the sort of software that the average person wouldn't install, anyway.
I understand the point, though. Going to just about any major website you will be pummeled with prompts to allow for a dozen different domains just to view one page, and it doesn't really give any indication of what those are used for. They have a what seems to be infinitesimally small list of connections that they do recognize and explain their use, but ultimately it's pretty useless for the vast majority of prompts.
I'd like there to be a better way to deal with this, but I'm not really sure what the solution to it would look like. You can download blocklists and just silently allow other connections, but I don't think that's significantly better than just using a hosts file.
The most useful thing Little Snitch does is alert me when individual applications try to phone home. For browsing the web it feels more like a chore.
> the computer just silently allows you to download content from anywhere
How many times have you been asked to approve a download? How many of those times have you said "no"?
If the answer is "hundreds" and "zero," what's the point? If the answer "hundreds" and "ten just in the past week," then that's exactly the point, and it serves a valuable purpose.
My response was mostly to your last sentence, "The more times they have to click 'yes' without thinking, the more susceptible to malware they become." There exists a dichotomy of you click on a link, it loads the page or begins the download or alternatively, you click the link, Little Snitch checks its filters and if it doesn't have a rule set, it'll prompt you to set one. In no case is the second one going to make someone more susceptible to malware, because the worst case scenario, where someone approves every single download, results in exactly identical outcomes as the person who does not have Little Snitch installed.
I agree broadly with your point that prompt fatigue or decision fatigue is problematic and should be avoided when possible. I think this is a problem in particular with Little Snitch even, which doesn't do enough to provide. However, the point of Little Snitch is to allow someone to monitor and control the traffic at a granular level and the consequence of providing that utility is the frequent prompts whenever you're visiting a new site. To Obdev's credit, silent mode exists and you can set it to deny or allow all traffic without a prompt (and evaluate the traffic at your leisure).
Yep. I have a system tray CPU monitor running on both my Linux mint and mac computers. On mint when I don’t touch the computer it just sits at 0% basically all the time. On macos there’s always some junk flitting around doing who knows what. photoanalysisd, or sending telemetry for 3rd party apps, or iCloud syncing or something. It’s like the 2 E cores are there just to run apple’s bloaty crap. Shame those processes don’t limit themselves to E cores.
What happened to the good old days of "ask for user consent before phoning home"?
I mean, Apple is miles ahead of Windows in that regard, but your average Linux or BSD setup won't phone home outside of repository downloads unless requested.