This isn’t the blog post I intended to write. In fact, last night I drafted up one about my problems sending background push notifications with Amazon SNS (coming soon!). And after the ridiculously over-the-top shit-storm that blew up over my dumb tweet earlier this week, the last thing I wanted to do was step back in that arena. But this needs to be said. But, first…
I’m an Apple developer. It’s the specific nerd sub-culture that I identify with the strongest. I’ve been writing and selling my own software for macOS since 2003 – back when it was still Mac OS X – back when apps were called software. And I had apps in the iOS and Mac App Stores on day one of their respective openings. I’m not rich from it, and I don’t claim to even be that successful. But for a few wonderful years my own apps were my full time income. I’m not part of the old guard of Mac developers, but I’ve been around the block and doing this for over a decade and a half. I hope I’ve earned the right to spout off my stupid opinions on the internet occasionally.
And as an Apple software developer, I live through the Summer beta periods. On my secondary machine. And, in recent years, within virtual machines that allow me to do more intricate testing. I’ve seen easy-going mostly spit and polish releases as well more substantial user-facing and under-the-hood ones.
But Catalina has been different in two particularly gruesome ways that get even worse when combined.
The first, is purely from a stability and functional standpoint. The early betas of Catalina were really, really broken. But that’s OK! That’s what betas are for. And while I can only speak for myself, I think most developers are more than happy to offer input to Apple and report bugs. So I’m totally fine using a wonky OS for a few months on a spare machine while I test my own software in addition to Apple’s.
But here’s the bad part.
Apple is becoming (already is?) a services company. And, let’s face it. Apple has never been good at anything involving the internet. I feel like they could have all the money and engineers in the world (which they basically already do) and still never completely get their services right because it’s just not in their DNA. Applications are. Hardware is. But put a network layer in there and they crap themselves. (Ok, not in every case. I’m obviously exaggerating to make a point. But the overall track record is iffy at best.)
And so when they decide to overhaul how CloudKit and iCloud Drive work and then merge those changes into an already buggier-than-usual beta OS, disaster can ensue. Because now those bugs – file corruptions, missing data, broken APIs and fundamental things that simply stop syncing – can spill over and infect your other Macs running a stable OS.
It’s my own fault for not knowing any better and signing into my Catalina machine with my personal Apple ID, but I needed to do some iCloud development this Summer and using my own ID just made things simpler. But after I ended up with (not joking) two-hundred duplicated ~/Documents directories – each with a random assortment of duplicated files of different revisions – I swore off dealing with Catalina and iCloud for the rest of the Summer. I put all of those new features on hold and planned to pick them back up after the GM when everything stabilized. I signed out of iCloud on every Catalina machine and VM and assumed Apple would get their problems sorted by Fall.
And I wasn’t alone in that assessment and strategy. Just google around for developer blog posts and tweets from the beta 3-ish time period. And that’s the puzzling and quite scary thing about all of this and the ultimate point I want to make. We (developers) were making it loud and clear that this stuff was very, very broken. And, somehow, someone at Apple made the call that it was OK to release a Public beta onto the world. A buggy, broken OS is one thing. Users installing it should know to beware. But a buggy, broken OS that also puts their data in jeopardy both on that machine and all their others linked by an Apple ID is unconscionable.
And still the betas marched on. And eventually it seemed like Apple realized what they were up against and threw in the towel and reverted the OS-level iCloud changes – much like discoveryd a number of years ago.
Again, I just read and heard about all of this. I was completely off iCloud on Catalina at this point and assumed the massive rollback would fix things.
So when Apple officially released Catalina to the public this week without so much as a press release or heads-up to developers (yes, there had been a GM build, but still, would an email to developers ahead of time have been so difficult?), I was ready to upgrade and go all-in.
Perhaps I was being naive, but I truly care about the experience my software customers have. And that means I have to live with the same system they do – even if that means dealing with OS bugs that just couldn’t be fixed in time for the .0 release.
But, damn.
I’ll go through some of the highlights (lowlights?) I’ve run into below, but I guess this is my thesis: The final (well, first) Catalina release along with the outright awful public beta makes me think one thing. And that is Apple’s insistence on their annual, big-splash release cycle is fundamentally breaking engineering. I know I’m not privy to their internal decision making and that software features that depend on hardware releases and vice-versa are planned and timed years (if not half-decades) in advance, but I can think of no other explanation than that Marketing alone is purely in charge of when things ship. Why else would stuff so completely broken and lacking the attention to detail that Apple is known for and (ahem) markets themselves on have shipped if not than to meet an arbitrary deadline? Apple has so many balls in the air – and this metaphor doesn’t really make any sense now that I’m typing it – but they’re all interconnected now that Apple is a services company. And as a services company they must find a way to ship features, fixes, and updates outside of the run-up to the holiday season. They need to be more (and, oh god, this word makes me want to vomit) agile.
An Annotated Summary of the Catalina Crap I’ve Noticed So Far
Allow or Deny
Let’s start with my now infamous tweet from the other day. (I’m an influencer!) This screenshot has absolutely been manipulated to make a point, but everything in it is real. It’s all of the security warnings and permission dialogs that I ran into (and screenshotted and arranged for maximum effect) during my iMac’s first startup after installing Catalina as well as about ten minutes of poking around and launching a few apps.
The point I was hoping (but probably failed) to make, is that there are many thousands of way smarter people inside Apple than me, and a frightening, pop-up frenzy that will absolutely condition non-technical users to blindly click “Allow” is the best solution they could arrive at or ship in time?
Maybe they did countless user studies and determined this really is the safest and best approach. But I doubt it. I think it was a combination of poor management, hard deadlines, and probably a cavalcade of upper management and C-level executives who only use iOS as their daily driver and simply lack the imagination, experience, and technical vision to realize a modal pop-up flow that (kind of) works on a touch device does not scale to an overlapping, multiple-window, keyboard and cursor driven interface, i.e., the desktop computer.
“Security”
Let me go ahead and silence the Hacker News crowd and openly admit that, yes, I’m a geek, a developer, a technical person, and most definitely not a normal user.
That said, there needs to be an I’m-Not-A-Dummy switch in System Preferences because all my shit’s broken and I can find zero guidance from Apple on how to fix it.
I have a number of background jobs and processes on my iMac, which I basically treat as an always-on, home server. Some are run via cron, others by launchd. Some are run under my user account, others as root. A few examples:
I have an AppleScript that runs every ten minutes and downloads photos from a server and imports them into Photos.app. After upgrading to Catalina, it failed every time. I stopped cron so I could debug and run it manually. The first time I execute it, Terminal.app asks for permission to access my ~/Photos directory. OK. Then it prompts to allow Terminal.app to control Photos.app. OK. And, finally, and I’m not sure why given I already granted permission for the ~/Photos directory, it asks for permission to control Finder.
sigh
With all those permissions granted, I add a few log statements and turn cron back on. The job runs. And fails. Again. Because even though I granted permission moments ago, now that it’s being run in a slightly different way, Catalina decides to lock it down again. How is this decided by macOS and how do I fix it? My googling has failed me so far.
Next. Because I’m an idiot with reasons, I have a python daemon that launches as root via launchd and remains running in the background. It is now silently failing because it isn’t allowed to access an external USB drive.
Oh, and while debugging the AppleScript example from a paragraph above, every time I saved my cron changes in vim, the system would throw up a dialog asking for my permission to allow Terminal to modify, you know, my own personal crontab that I explicitly invoked an editing session of. (Although I’m pretty sure this was also a thing in Mojave. But the point still stands.)
I guess Apple is trying to protect less-technical customers who might inadvertently install a malicious recurring background process as root? Or accidentally read a file from an external volume while running a shell script that this non-technical user opened up a Terminal, edited, made executable, and invoked themselves? I suppose there’s an attack vector there.
iCloud Password Shenanigans
After upgrading to Catalina, like basically every other recent macOS release, I found myself logged out of iCloud. Facebook and Gmail have never once in my life expired my session on purpose. But since my iCloud data is stored on an encrypted, non-removable hard drive, protected by a T2 chip and biometric security, I can see why it’s best if Apple logs me out every time I install a software update.
OK. Fine. I’ll log back in, but of course iCloud rejects my password in System Preferences so many times that they eventually lock me out and force me through a forgot password flow just so I can change my password back to what it always was.
That done and finally logged back in, all of my iOS devices start beeping and I find this:
To be expected given that I just logged in on a new(?) device. But, why is my iMac’s hostname now duplicated “(2)”? Reasons, I’m sure.
Local Account Password Shenanigans
After the Catalina upgrade and spending some time getting my apps, settings, etc. kind of back to normal, my wife tried to login to her account on that iMac.
Everything went fine, and we got some of her software updated, too.
But then the Mac went to sleep.
Her local Mac account password is a simple, all-lowercase English word without spaces or numbers or special characters. macOS wouldn’t accept it when she tried to login again.
It wouldn’t accept it when I typed it in. Nor when I decided the keyboard must have somehow malfunctioned during the last half hour and I thought I was extremely clever by trying to login as her via a remote screen sharing session and it failed as well.
That was about 36 hours ago and the problem persists through multiple restarts. I don’t have it in me right now to try and debug this. But I’m not worried. All of her data is backed up. I’m ready to blow away her account and create a new one. But,…Apple?
Photos.app
It took around eight hours for Photos.app to upgrade my 200GB iCloud Photos library the first time I opened it on Catalina. Since then, across multiple reboots, it simply refuses to update with new photos added to iCloud from other devices. Or upload new photos to iCloud that I imported directly on that machine. It just says “Updating…”, forever.
More Little Things
I found earlier today that I couldn’t restart my Mac because an application was still running. The only thing open (but idle) was Xcode. I did a quick ⌥⌘⎋ and discovered this:
I had no idea System Preferences was even running. It wasn’t visible in the Dock?
As I mentioned earlier, I had to sign in to iCloud again (a few times) after upgrading. A day later, this popped up while I was using TextMate:
?♀️
After upgrading to Catalina, macOS made me reauthorize every app that wanted to send me notifications. Ironically, the following alert appears every time I reboot despite always dismissing it using the most definitive option Apple provides and never giving whatever-process-is-showing-it permission to notify me of anything in the first place:
Anyway…
I love the Mac and everything its software and hardware stand for. The iMac Pro and new Mac mini are phenomenal. The revamped Mac Pro (six years? really?) is a damn beast. And, honestly, I don’t even mind USB-C.
But the keyboards, the literally hundreds if not thousands of predatory scams on the Mac App Store, whatever the fuck is going on with Messages.app on macOS, iCloud Drive, the boneheaded, arrogant, literally-put-on-the-consumer-facing-marketing-website claim that iPad-to-Mac with Catalyst was merely a checkbox, all the dumb, stupid little bugs I mentioned above, and the truckload of other paper-cuts I’m sure to run into once I’m on Catalina for more than 48 hours…
My god.
It is absolutely clear that the Mac is far outside of what the upper-ranks of Apple is focusing on.
I’m not trying to throw Engineering under the bus. I’m friends with many wonderful, talented, hard-working, and caring Apple developers who want the Mac to fucking thrive. What I am doing is explicitly shitting on management and blaming the executive team for allowing all of the above to ship.