macOS 15 Sequoia’s Excessive Permissions Prompts Will Hurt Security

ace · August 12, 2024, 4:10pm

Originally published at: macOS 15 Sequoia’s Excessive Permissions Prompts Will Hurt Security - TidBITS

macOS 15 Sequoia displays permissions prompts for apps that require screen recording permissions—more than just screenshot apps—at least once per week and after every restart or logout. Adam Engst explains why this is both unnecessary and counter-productive.

Dominic_D · August 12, 2024, 5:52pm

I look forward to Maps, when I start a route to somewhere Apple considers unsafe, asking me to confirm that I really want to go there, and not letting me do anything on my iPhone until I’ve answered. And doing the same thing every time I want to go there subsequently.

ddmiller · August 14, 2024, 1:43pm

Regarding the screen recording security prompt, I’m glad that people with a lot of visibility like Jason Snell are raising the issue now, but I’ll get more concerned about it when Sequioa actually ships rather than getting worked-up over a beta.

I believe I read somewhere that Apple has an API for screen recording and that these prompts affect apps using older methods to screen-grab. But that may also have been wrong.

I kind of understand why Apple is doing this, especially after Microsoft’s Recall debacle. It is a potential security issue for anyone to be grabbing screenshots at any time without us being aware. As mentioned in this thread, frequent security prompting can make a bad habit to always hit allow. But only asking once and never again seems also not to be the right answer.

ace · August 15, 2024, 2:52pm

14 posts were split to a new topic: Revisiting “Trust This Computer” with local iPhone backups

ryoichi · August 12, 2024, 6:19pm

I get the prompts every time after the machine wakes up from sleep. It is very annoying, to say the least.

Technogeezer · August 12, 2024, 7:24pm

It might be worthwhile for everyone that is impacted by this to provide feedback to Apple indicating that this “feature” severely impacts productivity and usability of macOS and needs to be re-evaluated. (It’s been done in the past).

Providing examples of applications that would generate these prompts and keeping the feedback fact-based – eschewing the outrage – might get Apple’s attention if enough of us do this. I, for example, use VMware Fusion which needs screen recording privileges - and it would be an extreme annoyance to re-authorize the function on any regular basis.

Perhaps the ability to permanently white-list applications, or provide application-by-application control would be preferable than this blanket “authorize everything after 1 week”.

ShermanWilcox · August 13, 2024, 12:23am

Constantly treating users like idiots, destroying their productivity, ultimately does not lead to better security. It leads the user to NOT trust (in fact, to hate) the very entity who is trying to protect them. It’s an ignorant case of the boy who cried wolf.

SciFiOne · August 13, 2024, 2:30am

I agree! Overuse of security, including forcing password reentry and alternate authentications, causes decreased security overall.

ryoichi · August 13, 2024, 2:45am

I installed Sequoia 15.1, Beta 2 this afternoon. Apple changed the “Open System Settings” button to read “Allow for One Week” instead. It’s a lot less annoyance.

rcostain · August 13, 2024, 10:18pm

I’m all for security, but there needs to be more trust left to the user.
My wife works for a large company that uses Okta for authentication and identity verification. It’s so NOT user-friendly. I can’t tell you how many times over the past few years that she’s been locked out of her work Mac because of permission and login issues caused by Okta security requirements (password changes, session timeouts, multiple levels of login, etc).
Apple, don’t be Okta. Give your users a little more credit.

hyperchris · August 14, 2024, 1:01am

spells · August 14, 2024, 4:59am

Oh dear - I read this with a heavy heart. I am already growing weary of Apple ID security issues with Sonoma where I have had to reset my Apple ID 4 or 5 times in the last few weeks for no apparent reason (and each time to regenerate app-specific password). I have already made my Apple ID password much less secure in order to make the process marginally less painful. I agree - measures like these have the effect of reducing rather than increasing security.

jdelaphant · August 14, 2024, 11:32am

Don’t forgot the downstream effects - early in the pandemic, we all sat through meetings where someone went to share their screen but couldn’t had to figure out that they had denied the permissions, search for the setting to change it - and quit Zoom (or whatever) then rejoin the meeting for the change to take effect.

Given a choice, some people will make the wrong one. And when they do, they’ll go to share their screen, but can’t… and now this has the potential to happen after every reboot, and after every log out? In many workplaces, mandatory logout is required for security, so this can become an everyday occurrence.

Even people who don’t use a Mac will suffer from it.

silbey · August 14, 2024, 2:21pm

Aha! The next beta changes the wait period to a month.

ace · August 14, 2024, 8:19pm

In the macOS 15.1 beta, which is what I’m running, Apple changed the text from Continue to Allow to Allow for One Week and made it the default button.

Screenshot 2024-08-13 at 3.31.52 PM

It sounds like the macOS 15 beta is slightly ahead in upping the time to a month. That’s 4 times less annoying than weekly but still 12 times more annoying per year than it should be.

silbey · August 14, 2024, 10:34pm

What would be reasonable, from your perspective?

ace · August 15, 2024, 2:59pm

In thinking about it more, I’m going to stick with what I said in the article, which is the first launch plus another sanity check several days later. It is entirely reasonable to prompt on the first launch because that’s when the user is most aware of what’s happening. But if we assume that the user could have been fooled into installing malware, it’s worth asking again fairly soon so they’ve had a chance to use the app a little and decide what they think. It wouldn’t be entirely unreasonable to ask after an app is updated, but I think that would get annoying for some apps and might dissuade some developers from releasing quick bug fixes.

Repeated permissions prompting without good reason is like requiring people to change their passwords repeatedly—something that sounds good but actively hurts security. (And that’s just an analogy, not an invitation to change the topic to scheduled password changes.)

ddmiller · August 15, 2024, 3:26pm

The latest episode of Accidental Tech Podcasts reports someone who wrote in reporting the potential scenario of personal abusive behavior - so, for example, a former abusive spouse or partner who has installed some sort of screen recording application, as well as perhaps a keylogger, audio recorder, video recorder, etc., to continue monitoring the person who was abused. (I know someone this happened to, though not in this way - it wasn’t anything like a key logger or screen recorder, but someone who made sure that she had Apple ID access before the relationship was severed, access to the automobile’s account online to keep track of the location of the car, among some other things.) We know that video and (I think) audio show an indication (with hardware or software light indicators). Somebody in that situation may welcome these repeated prompts, if only to make them aware that perhaps they are being spied on.

Perhaps there is a way for users to be able to say that I don’t need that level of scrutiny, but, again, this is part of a beta process, so maybe Apple is already thinking of this.

jzw · August 15, 2024, 3:31pm

There was an excellent discussion of this on this week’s Upgrade (#524) and Jason specifically talks about why an alert some days after first run is important for abusive situations. Highly recommended listen. It’s the fifth chapter at 40m38s.

silbey · August 15, 2024, 3:42pm

Seems reasonable to me!