Thanks, @Shamino. I should have thought of ‘man softwareupdate’ on my own. It sure seems like I would have come across && in a previous life, but I have no recollection of it. Well, memory is the second thing to go.
If I’m typing the commands in Terminal, why wouldn’t I type the first command, see the result, and then type the second command if desired? (I didn’t follow the link; did the original source mean for the compound command to be in a script?)
Nope, it’s a MacBook (Retina, 12-inch, Early 2015).
That is good news. Other than (a lot of) inertia and no pressing need, the main thing holding me back from ordering the M1 MacBook Air was nervousness about Big Sur.
Commands are often displayed this way because that is the way they are scripted and automated. You hit return once and you’re done. It’s very common on UNIX/Linux systems to connect commands with && or | or >/>> depending on what task you’re trying to accomplish—not few would probably claim it’s a key advantage of these systems and their CLIs. In this case somebody is presenting you with a compound workflow, not a list of single commands that achieve something on their own that you’d want. But as you suspect, you can take these workflows apart and run one after the other (assuming the preceding command completes successfully) and you’ll get the desired result.
But new vulnerabilities will be patched, generally quickly,
Newly-reported vulnerabilities are usually patched quickly, but Goto Fail and Snowden are both quite troubling about vulnerabilities that aren’t reported. I know only enough about security to know that I don’t know enough to balance the risks from a newer but sloppier OS against those from an older one.
there aren’t many “essential features” that actually disappear.
Running Windows is still essential for some of us, and there seems to be no prospect of x86 Windows emulation on ARM anytime soon. (Every few years I investigate moving two decades of Quicken data to MacQuicken, and recoil in horror. I hope next time is different; I did not enjoy administering a physical Windows box.) Organizing the apps on my iPad and iPhone is fairly close to essential, as is running my preferred and paid-for version of Word.
I’ve been dry-running modern iOS versions on a new iPad Pro, and that seems less dire; I can replace the Shorter Oxford with a combination of two apps and a subscription.
if you’re not enjoying yourself, you should switch gears and focus on something you do like.
Funny you should mention that; that was fairly close to the last question my manager’s manager at Apple asked me when trying to talk me out of my second attempt at resigning. (More complicated than that, and mostly not relevant—I did believe that Xcode was getting less bad, and that the compilers were getting better.)
But wisdom sometimes consists of knowing what is enough, and the right combination of recent Apple hardware and software is good enough for a lot of purposes. Civilization advances at different rates in different fields at different times; the last generation or two has been a Golden Age for Silicon Valley innovation, but forced innovation is not necessarily an improvement.
We’d have to ask a security expert like @rmogull, but absolutely everything I hear from that world revolves around staying up to date with security patches. So it’s hard to imagine that running a version of the OS that isn’t patched regularly would be a win through “security through obsolescence.” :-)
No, but given that Intel-based Macs will still be sold for several years and supported for roughly five years according to Apple, and that there’s Windows for ARM and virtualization support from VMware and Parallels, I’m not too worried about this. The extra oomph from the Apple silicon may also enable reasonable emulation in the future.
It does seem that we have different definitions of “essential feature.” I see an essential feature as something like “being able to collaborate with others using documents in DOCX format,” whereas your definition seems to be “running Word 2008 and not paying for an upgrade.” Or, I’d say “manage my personal finances” whereas you’d say “maintain my personal finances in Quicken for Windows running in emulations on a Mac.”
True, and everyone’s needs vary. You could probably put together a Mac that worked on a sufficiently old version of the OS and with sufficiently old apps that it wouldn’t need Internet access or suffer from security issues. That’s not really possible—or at least advisable—with modern Macs.
The problem comes when you both want to interact with the evolving tech world and have everything remain as it was at some arbitrary Golden Age.
Personally, I enjoy looking backward mostly for nostalgic reasons. Most of what I do is better, faster, easier, and more accurate than it was in the past. Your mileage may vary!
If I would go even further back in time and set up an OS/2 system, there won’t be any malware at all.
But these systems would be extremely limited in the amount of Internet communication I could do with them because there don’t exist (as far as I know) any modern web browsers or e-mail clients for these platforms.
I think this is the crucial issue in this saga “That’s problematic because it teaches users to ignore the badge, which could prevent them from installing a critical security update in the future.”
By disabling the SoftwareUpdate Terminal command Apple is forcing some Mac users to use other means to suppress the nagging (i.e. badge in the Dock). These could result in an important Mojave or Catalina security update being overlooked.
Even with the badge showing, if there is an important Mojave update and I go so Sys Prefs all I see is the Big Sur “Upgrade” promotion and a less prominent button about other updates. Clearly the priorities should be the other way around.
And further depends on the target. As an example, the state sponsored attacks against Tibetan activists were purposely written to attack older macOS and application versions, because the targets were known to use older Macs with well known vulnerabilities that have been patched on newer systems.
If you are the target of a state-sponsored attack, then nothing normal people do to protect themselves will be effective. Your only hope in that case (and even that isn’t certain) is to go completely off the grid and never connect any of your equipment to a network you don’t completely control.
But I think that is beyond the scope of normal people guarding against the usual viruses and malware.
I agree. I never like when these discussions get into listing past events where somebody got hacked by someone because their old system was not patched for this or that.
You’ll always find somebody or something that got hacked if you look for it long enough. But you’ll never hear about the millions of people who run old systems and are perfectly safe simply because they aren’t a target of interest and present no real vector.
I’m not an Uighur, I’m not the CEO of a Fortune 500 company, I don’t work for any 3-letter agencies, I’m not a dissident under an oppressive regime (lucky me), I’m not some inflated social media starlet, I don’t have any influence or vast riches. I’m a regular Joe. I’ll be perfectly fine running a HS Mac (last OS it runs). I don’t click on stupid links and I routinely run a malware checker. I’ll be just peachy.
I’m a lot more scared by the implications of Goto Fail than you are; in this area at least, that seems to be exactly what happened: All of iOS 6, and 7.x before 7.0.6, were presumably radically less safe against this sort of attack than iOS 5. (Similarly MacOS 10.9 and 10.9.1.) This was new code (admittedly only one line) which was not just worse and inadequately tested: The code was completely broken and there was no testing at all in a large area of functionality. It wasn’t an obscure government-actor only vulnerability: Anyone trying that kind of attack would receive a pleasant surprise at the first step, skipping a lot of subsequent ones.
through “security through obsolescence.”
It’s not that, more like “new insecurity through innovative deterioration.” I fear that innovative deterioration has started to apply to other areas of Apple as well, but I can say less about that, both because of what I don’t know and what I do.
I see an essential feature as something like “being able to collaborate with others using documents in DOCX format,”
Fair point; I suppose I should be grateful that there was ever any version of Word I was happy to pay for, and with a finite price.
Or, I’d say “manage my personal finances”
My personal finances, or those of anyone with a complicated Quicken data file, do seem to be a special case. None of its competitors (especially MacQuicken) seemed to be serious about data integrity on import. Happy to be corrected on this.
Like everyone else here, I am frustrated with Apple’s move to prevent users from easily “nagging” them for an update that they can’t use, or do not want at this time. I, too, on Catalina, have an App update for ARD (Apple Remote Desktop) and updating the app, it states its now compatible with Big Sur but not applicable. ??? No, I know I don’t have, nor want at this time/date, Big Sur. Thanks for the tips to stop this “red means danger” badge!
PS- Its an Apple Loop: Have Mojave, select System Preferences Update, Select More Info under the available Catalina update, opens page on web to Apple’s Big Sur, select Get, pops up Choose App store, pops up in System Preference Can’t be found. I know last week, I was able to download the Big Sur, on my “no longer supported 8yr old Mac Mini”. Apple must have fixed something because…how’d I get the installer that is ver 11.01 at 12.18GB in size then and not able to now.
Big Sur (11.0.1) is working reasonably well for me on both my 8-year old Intel Mac Mini and on my new M1 Mac Mini. I have the latter attached to my monitor, wireless keyboard and wireless mouse. The former is accessible via Screen Sharing.
So how about a list of which Macs are dangerous to keep using? I can’t be the only 70sh guy out here who still has a 512ke gathering dust except when I run Pinball Construction Set, but I know not to let anyone mess with it. On the other hand, I still have a Pismo that’s damned useful for making stereo movies with EvoCam and a couple of Fire-i cameras, a feature that went away with more recent Macs.
But would it be safe to connect the Pismo to the Internet? I just don’t know. Can you tell me?
With Windows, I have a competent niece who forbade me to ever connect my XP laptop to the Internet, but she doesn’t know Macs.
I have a simple solution to all this chatter. Don’t put System Preferences in the Dock and if it is in the dock, remove it. For many years I have always accessed System Preferences from the Apple Menu. It can also be accessed by placing interested preferences such as Sound, Bluetooth, and Input Sources in the Menu Bar. If you are a ‘Power User’ you can assign a keyboard shortcut in Keyboard Preferences as an App Shortcut.
However I find this issue to be an artifact of a larger issue - That of Apple attempting to being ‘Big Brother’ and constantly coercing and forcing us to manage the machine that we bought and paid for in a manner as they see fit. And what seems to be the focus? Profit rather than a delightful user experience with the machine operating in a manner as we the customer and user wish it to. In my opinion Apple’s paradigm has shifted from creating a delightful user experience to treating all customers as dummies who are incapable of managing and configuring their own machines, to maximizing profits as quickly as possible; keeping their ‘hands’ constantly in users’ wallets and arbitrarily deciding for all users what is best for them fed by ‘bean counters’ and management decisions that remain isolated from the real user experience. This is being continually demonstrated by forced obsolesce of perfectly usable hardware and the regular release of buggy versions of MacOS. It seems as though SQA is now depending on user feedback to report software bugs so that engineering can identify and fix them for the next version. Unfortunately, I am at a loss as to how to get traction on encouraging Apple to redirect their moral compass and company values to once again focus their efforts on their users rather that the bottom line. It isn’t like they lack the financial resources to do so.
So my case is limited to the GB update badge issue (I have a 2013 iMac, but had the perpetual “Install this”-“You can’t install this” loop). I had earlier started a thread in the GarageBand for Mac community in the Apple discussion forums. A user there came up with a solution, which I modified to the following. This has solved the problem for me:
Move GarageBand to the Trash (it may work to simply move it out of the Applications folder–not tested)
After restart, note that the update no longer appears in the App Store, and the corresponding badge has been removed from the App Store icon in the Dock.
Right-click on GarageBand in the Trash folder and select “Put Back”