With macOS Sequoia this fall, using apps that need access to screen recording permissions will become a little bit more tedious. Apple is rolling out a change that will require you to give explicit permission on a weekly basis to these types of apps, and every time you reboot your Mac.
If you’ve been using the macOS Sequoia beta this summer in conjunction with a third-party screenshot or screen recording app, you’ve likely been prompted multiple times to continue allowing that app access to your screen. While many speculated this could be a bug, that’s not the case.
↫ Chance Miller
Everybody is making comparisons to Windows Vista, but I don’t think that’s fair at all. Windows Vista suffered from an avelanche of permission dialogs because the wider Windows application, driver, and peripheral ecosystem was not at all used to the security boundaries present in Windows NT being enforced. Vista was the first consumer-focused version of Windows that started doing this, and after a difficult transition period, the flood of dialogs settled down, and for a long time now you can blame Windows for a lot of things, but it’s definitely not throwing up more permission dialogs than, say, an average desktop-focused Linux distribution.
In other words, Vista’s UAC dialogs were a desperately necessary evil, an adjustment period the Windows ecosystem simply had to go through, and Windows as a whole is better off for it today.
This, however, is different. This is Apple having such a low opinion of its users, and such a deep disregard for basic usability and computer ownership, that it feels entirely okay with bothering its users with weekly – or more, if you tend to reboot – nag dialogs for applications the user has already properly given permission to. I don’t have any real issues with a reminder or permission dialog upon first launching a newly installed screen recording application – or when an exisiting application gains this functionality in an update – but nagging users weekly is just beyond insanity.
More and more it feels like macOS is becoming an operating system for toddlers – or at least, that’s how Apple seems to view its users.
Funny that you complain about Apple asking once a week when Wayland-based Linux desktops ask *every single time something wants to record the screen*. Sounds a bit like you’re only complaining about it because it’s Apple, while for Linux it’s perfectly fine for you when it’s every single time instead of weekly.
// Edit: And no, obviously this is not because it “is becoming an operating system for toddlers”, but for the same reasons you need to confirm it every single time on a Wayland desktop: To avoid anything secretly recording your screen. macOS here opted to be more on the side of convenience with only asking weekly.
>when Wayland-based Linux desktops ask *every single time something wants to record the screen*
I think that’s only GNOME, and KDE for anything that’s not Spectacle
Other Wayland desktops like Hyprland don’t do it at all
Running Wayland, KDE Plasma on Arch. Tried a few screenshot apps just now and none resulted in any warning or asking for permission..
smoothsky,
Can anyone else confirm wayland asking for permission?
It’s possible that screen shots apps use a different API than streaming apps like OBS, teams, VNC, etc. Also as you hinted, it might not be a wayland thing, but the desktop environment…? Maybe I’ll test this in a VM to see what happens.
Userland needs to have security mechanisms retrofitted onto it. We’re well past the time where we could run as root/admin or unprivileged user without consequences. There are major programs which are spyware and then there are the malicious programs. They all need to be sandboxed to make sure they behave.
Routinely auditing the system is good, and it’s better if the audit is automated.
People are going to forget they allowed a program access, and programs could ask for overly broad access. Mobile OSes have been fighting this fight for a while. Periodically checking in and asking if perms are still needed seems reasonable. An alternative is perms expiring after a set period of time and the OS asking if they should be extended, which sounds more annoying.
What is a screen recorder exactly, does remote utilities classify like TeamViewer? What about sharing the desktop over Discord?
I can see why this could be a good thing, maybe even as default since I guess a majority of Mac users are not planning to have screen recording software running at all times so it would be a way to discover if something sketchy is going on. However for the people who actually want that kind of software installed this would be super annoying and I truly hope there is some kind of option to disable it but knowing Apple I doubt that. But heres hoping.
fx__,
My thoughts as well.
The “once a week” policy doesn’t make much sense to me. If I wanted to trust an application for a single use, it would be far more appropriate to ask me for permission every single time. Say I’m allowing someone else to connect to my computer for support or whatever, I’d want to be prompted to share every time. However another use case I have personally is to be able to remotely connect to several of my own headless machines. This needs to be permanent to be of real use. Defending apple would be to concede that macos is no longer suitable for remote users.
Several years ago there was a debate about whether macos was turning more into IOS in terms of users being in control versus apple taking control away. Maybe what they need to do is have macos support several different OS security profiles, one is applied by default for normal users to protect them from themselves, but owners who needed more could install other OS profiles when they require more control over their computers. Otherwise if apple really does intend to deny all power users the ability to control their own computers, then those of us who thought macos would turn into IOS were right.
If you check the average skills of computer users in a work environment you might conclude that, yes, they can be treated as toddlers. People often click on whatever is prompted to them to get the job done, otherwise why would anyone click on the link in an email saying their paypal account is blocked and they need to login to unlock it ?
I believe we need more virtualization in macos to run each application in its own separate container. We also need a network screen like Little Snitch integrated into the system. And don’t forget about permissions for different folders, not just the usual ones like Desktop and Documents.
The real challenge is to teach everyone how to use it.
a_very_dumb_nickname,
+1
I’d rather see better tooling than to dumb down our expectations of what we’re able to do with our computers.
Containers are very important for security, but IMHO we need better tools to configure and manage them.
Avalanche, or is avelanche a European thing? ¯\_(ツ)_/¯
> This, however, is different. This is Apple having such a low opinion of its users, and such a deep disregard for basic usability and computer ownership, that it feels entirely okay with bothering its users with weekly
I sort of disagree: this is Apple having such a low trust in ISVs and their applications, especially now that windows Recall almost became reality. Every app is one update away from becoming Recall.
The Mac electrically disconnecting the built-in microphone when the lid is closed feels quite similar in target.
What kind of people and software annoy me? Naggers