Originally published at: Apple Releases iOS 16.3, iPadOS 16.3, and macOS 13.2 Ventura with Hardware Security Key Support - TidBITS
The latest versions of Apple’s main operating systems add Security Keys for Apple ID, celebrate Black History Month with a new Unity Lock Screen wallpaper and Unity Mosaic Apple Watch face, and fix bugs and security vulnerabilities.
1 Like
Advanced Data Protection came to Blighty at last, so I enabled iCloud Backup to avoid the passcode prompt. Going well, so far, after a bit of flakiness turning ADP on which appeared to slow things down for a while. Curiously, the change reflected on iOS 16.2 devices immediately, even before upgrading—I guess the region check is gated by version, but not the use, so once enabled I could use it right away. Great stuff.
1 Like
YES !
Please consider a hardware key system.
Is it necessary for most users, no.
But for any application where security is a top priority, yes.
Or
So how do hardware keys work on iPhones & iPads? Do you need to have USB-A to Lightning and USB-C adapters? Or do you have to buy a separate key for each port used?
Based on what I see on their product page, that would seem to be the case for the OnlyKey.
The Mooltipass device is Bluetooth based, so it should just work with whatever phone you’ve paired it with.
I use one of these hardware keys for accessing bank accounts, credit card accounts, etc. It gives me a code that I can use in the 2FA part of the log-in process and works very well. Most institutions now send a code to your mobile phone/cell phone and that code is to be used as part of the log-in process.
This hardware key is particularly useful when I am travelling in countries and not using global roaming because of the high cost and low need for such a service.
But the downside is that it is not universal and I can only use it for accounts I have with the issuing organisation. So I am hoping that this key might be helpful. There’s no indication if it works outside the US.
Regarding security keys, a good post from Ricky Mondelo, who works on passkeys at Apple:
"This feature is designed for users who, often due to their public profile, face concerted threats to their online accounts, such as celebrities, journalists, and members of government.”
~ apple.com/newsroom/2022/12/app…
I really don’t think that many/any of us need this.
1 Like
Well, I wish I would have waited before upgrading to 13.2. Seems it broke my Pioneer drive. From Pioneer’s website:
Important notice: We have confirmed that our optical drives are not recognized by macOS Ventura 13.2 released by Apple on January 23, 2023. We are currently investigating this symptom. We would like to ask our customers who are using our optical drives to refrain from updating to macOS Ventura 13.2.
1 Like
This is an early report; still working on it.
Quick summary:
-
I went to pay a (late) tuition bill. Web site wouldn’t let me because it said my Safari version was out of date with latest security patches.
-
I checked Software Update and, sure enough, found there was a Ventura security update. So I installed it.
-
Ever since, my 2017 27" Retina iMac has been in a boot loop, punctuated by this lovely (but thankfully international friendly!) screen.
Powering off/on doesn’t help. Waiting overnight didn’t help. Unplugging all peripherals didn’t help. The only odd thing about my setup is that I’m booting from an external (Thunderbolt) drive. (Internal drive is wiped).
Now to start hunting for solutions.
But I just wanted the community to have a heads up. Maybe I should have tried Chrome before updating :-D
Update:
Based on a tip from here:
https://discussions.apple.com/thread/254314281?answerId=258202882022#258202882022
I disabled “SIP”:
by booting into Recovery Mode:
Unfortunately, I still get the screen from hell and boot loop. I went back into Recovery Mode and ran “csrutil status” to confirm SIP was disabled, and it was.
So whatever fixed it for that guy didn’t work for me. And, for some vexingly exasperating reason, Apple locks such threads pretty promptly so that they can be useful for as few people as possible.
Not happy. Open to suggestions.
Update:
I booted into Recovery Mode and selected the Reinstall Ventura option. After that completed, the Mac booted.
A couple hiccups… My photo library, loading from (yet another) external SSD, would not open. Rebooting appeared to resolve that. And earlier on, attempting to recover by booting from my bootable clone (made by Carbon Copy Cloner), only brought me to a Recovery screen; it didn’t actually boot. Not sure why, except that I had forgotten that that task was disabled since I wanted to make sure my boot drive, which is a new setup, was stable before resuming that cloning. So it was a bit out of date; not sure why that would make it unbootable, but macOS is weird these days.
Also, my “SIP” is still disabled. So I’m going to let the CCC sync catch up (could take a day) before I try re-enabling SIP. That way, hopefully I have an easier way to get back in.
1 Like
Strangely enough…it bricked my Studio as well. Did the update on my M1 MBP Just fine then a day later did my Studio…it’s got an OWC Thunderbay Mini RAID on it and a handful of Seagate 2.5” spinning drives. It downloaded and was in the “preparing” mode when we left for dinner and when we got home there was a dialog on the screen saying “there are no users on this drive”. Tried recovery several times and could not get to the reinstall macOS portion…it would let me select the internal drive for startup and identified it as Ventura.2 but would hang 3/4 the way across the progress bar. Disconnnected everything but the BT keyboard, mouse, and ethernet cable and tried several more times…no joy.
Called Apple the next day (well, they called me after I had a Messages discussion with the 1st line support…and second tier called back. I did have the Erase Macintosh option in Recovery but neither of us really wanted to go that route unless we had no other option. Spent another hour or so trouble shooting and trying a variety of things but finally ended up selecting Erase and then it let me back into Recovery mode with reinstall as an option. Reinstalled Monterey with minimum setup from there…upgraded to Ventura.2 successfully, and it’s still doing the restore from Time Machine process…one lesson learned from this is that I’m going to get an SSD for TM instead of one of the slower USB Seagate spinning drives (mine are the Backup+ from Seagate) so that backups and restores will be faster.
I’ll make sure I have a good clone of my wife’s M1 Air before upgrading hers…been doing Macs and macOS since 1985 or so and this is the first OS update that blew up on me over at least 15 machines between my wife and I and probably another 50 that I helped clients update back when I was consulting on the side while working in DC.
1 Like
I went back into Recovery Mode and ran “csrutil status” to confirm SIP was disabled, and it was.
Just a quick tip - you don’t have to be in Recovery Mode to check SIP status, just if you want to change it. You will need “sudo”
$ sudo csrutil status
1 Like
Yes, thank you! I went into Recovery Mode because I was back in the boot loop!
Wow, thanks for sharing! Lots of great points.
Yes, I should have made sure my CCC clone was up to date before upgrading the OS, especially since I’m booting off an external drive. This type of problem has been rare, so I probably got complacent!
1 Like
I feel like Apple has gotten less and less friendly toward booting from external drives lately. In general, their focus on security, while completely understandable, has become over-the-top annoying: multiple repeated requests for your Apple ID/ICloud password, immediately after entering it elsewhere on the system, etc, etc.
1 Like
omg, absolutely.
And the external drive clampdown feels real. And inability to repair their filesystems. So many things.
1 Like
This is good advice for everybody.
Assume the OS update will hose your system so you’ll then be forced to re-install macOS and use MA to get back all your apps, settings, and data. You’ll want to have a very up-to-date backup for that, be it TM or clone (or both). It should be reliable and it should be reasonably fast so the whole exercise doesn’t take forever (spinning rust is bad at that, SSDs are great).
2 Likes
While I do have backups, on site and off site, I actually have a different strategy for this. I install from scratch and everything of importance is in a cloud service or synced with other devices (well, Macs) using syncthing (desktop, downloads, ~/Documents, plus my MoneyDance file, which I actually don’t need, as I have that set to sync with Dropbox). I have steps I follow to reinstall apps and change settings, but once I get the cloud services syncing and syncthing running I get everything back.
The exception is the Mac mini that holds my music library, mostly in Apple lossless, which I would restore from backup if that machine every goes south (or I replace it, which I did last year.)