Due to an extremely weird series of troubleshooting maneuvers, I recently found myself having to set my Mac up from scratch without migrating any of my preferences for the first time in longer than I’d like to admit. Think decades, not years.
This meant that I had to experience every single Apple software default, enter license numbers into software not bought in the Mac App Store, and generally need to re-make every decision that I had taken over the last few years in order to get back where I wanted to be.
More than anything else, though, the experience reminded me that Apple has a lot of work to do when it comes to making the experience of upgrading or migrating to a new Mac more pleasant–and that its Security and Privacy team clearly has too much say in the overall macOS experience.
You ruined New iPhone Day!
A few years ago, Apple had a real problem: It was kind of a drag to buy a new iPhone. What should have been one of the most exciting days of a person’s tech-buying year–I got a brand new iPhone! Hooray!–was too often a frustrating mix of long pick-up lines, failed backups, failed restores, failed activations, and then a painful recovery process when you discover many of your app preferences and logins are gone. Not great.
But I have to hand it to Apple: over the last seven years or so, the company has expended an enormous amount of effort to make the iPhone upgrade experience much more pleasant. When we all talk about major iOS feature updates, we generally focus on the experience when you’re using the iPhone, but there’s a lot of work that goes into the stuff you only ever see when you’re transferring from one phone to another.
These days, Apple’s activation systems seem vastly more reliable. You can transfer data from one iPhone to another, and that process has served me pretty well. If you do need to restore from an iCloud backup, Apple prompts you to backup on the old iPhone first. OS versioning is checked. Pairing the two phones together has been made easier thanks to proximity sensing and pairing by pointing one phone’s camera at the other phone’s screen.
The result is that when you upgrade your iPhone, there’s a pretty good chance that things will just work. And even when things break down a little bit here or there, it’s never as bad as it was in, say, 2016.
Asking permission
This brings us to the sad state of macOS. In the last month, I’ve done multiple macOS device transfers, clean installs, and finally, the creation of an entirely new home folder. And what I’ve learned is this: In the name of security and privacy, setting up macOS stinks.
Foundry
Pick your poison: You can die quickly thanks to a barrage of privacy warnings, or you can die slowly by having to deal with privacy warnings every time you run a new app. Either way will kill you.
Let me back up: A few years ago, Apple realized that while iOS and iPadOS were designed from the ground up to be entirely locked down, macOS was based on an entirely different philosophy for a different era. Anyone could install any software on a Mac and run it–and that meant the Mac was much less secure than iPadOS and iOS. So, how do you solve that problem?
Apple didn’t do what we all feared they might try: declaring the Mac App Store the only way to run software on the Mac. Instead, they added a load of security features to macOS. Most of today’s Mac apps are cryptographically signed and registered with Apple. (The ones that aren’t will only run after the user jumps through some hoops to authorize them.)
It’s really remarkable work, finding a balance between offering the freedom to install any software the user wants and protecting users from dangerous software that might compromise their personal data. (The lessons may come in handy should Apple be forced to open iOS and iPadOS to sideloaded apps in the future.)
But while I can praise the overall approach to Mac security, I can’t approve of some of the details. To put it plainly, Apple’s security regime on the Mac just goes too far.
My software, my Mac
Every time I opened an app on my Mac after starting from scratch or migrating or installing a major OS update, I was barraged with security warnings. This is because Mac apps can’t do much of anything (outside a very constrained sandbox) unless they ask the user for permission. So, if an app wants to read files on my Desktop, there’s a permission request. Documents folder? Another permission request? Use my microphone or video camera? Permission request. Reading random files and folders? Reading the disk? Using accessibility features? Using automation? Yep, yep, yep.
Third-party app developers have tried to make some of this better, but I’m not sure it has had the desired effect. When I first launch some apps, I’m greeted with a multi-step process that walks me through granting permission to each item, one at a time. And if multiple apps are asking for help at the same time, it all becomes a jumbled mess of requests, all of which are trying to open different parts of the Settings app.
(Also, every time I grant permission, Apple puts another alert in my face, asking me to choose to re-launch my apps later to gain permission or have the system quit and re-open them right now. Except somehow, it seems like those apps already do work with permission… and since some of them are in the middle of a series of setup instructions, I’m reluctant to force them to quit.)
Foundry
This all feels like an enormous waste of time. While the idea that Apple should request user approval before granting access seems like a good one, it doesn’t empower me as a user to grant approval more broadly. Instead, every single permission request pops up, one at a time, until the system is finally satisfied.
It’s incredibly frustrating. This is my software, running on my computer, yet there are moments when it feels like Apple thinks it’s really in charge. It needs to back off.
What needs to happen
macOS needs to find a better way to let users broadly approve permissions for specific apps. Why am I asked to approve three or four items in sequence instead of being given some sort of simple window indicating all the permissions that are being requested, allowing me to approve or disapprove individually or all at once?
Some of Apple’s permissions are also simply too granular. I’m frequently asked to approve Desktop access, then Documents access, then access to files on removable media. After all of that, I may still have to manually add the app to Full Disk Access permissions before it works the way it should. You know, if I went to the trouble of downloading an app, maybe I should be able to just say, “let my app use my disk,” and be done with it?
Users should also be able to set levels of permission granularity. I’d like to be able to globally grant my software permission to read my Desktop and Documents folders, for example. Why in the world would I ever not want the software I install to read files in the Desktop and Documents folders? It doesn’t make sense!
In addition, Apple should probably let users enter a sort of “restore mode” that automatically approves many common permissions requests for a limited amount of time, which would reduce the pain of recovering from a restore or migration.
Now, I can anticipate the responses to these requests. Technical people absolutely love to pull out doomsday scenarios in order to explain why they have to exert tyrannical power over regular users. Yes, asking for batch approval of permissions or temporarily approving all permissions does open the door for a nefarious piece of software to slip in undetected and wreak havoc on an innocent user’s system.
But asking too many times for permission has the same effect. We all get exhausted from clicking these warnings and just decide we’re going to approve everything so we can get on with our lives.
The bottom line is this: Apple’s admirable security regime on macOS has been implemented without enough care for the user experience, especially during upgrade or migration processes where new permissions need to be granted. It’s a usability disaster.
But as the iPhone has taught us, the experience of getting new software or migrating to a new device can be made a lot better–but only if Apple is willing to make an effort.