Apple Silicon Macs ditch startup key combos, alter Target Disk Mode
Apple Silicon Macs are changing some long-time user interface methods, and startup key combinations for restore or Target Disk Mode have been significantly changed.
Xcode building Apple silicon code on a MacBook Pro
The existing methods for booting a Mac from an alternative volume in Startup Manager, booting into macOS Recovery mode, or booting into Target Disk mode or Safe Mode, all involve holding down a specific key sequence while restarting. With Apple Silicon Macs, that process is dramatically streamlined. On new hardware, users simply hold down the power button and they will be presented with a graphical set of startup options including OS restore or reinstallation.
Target Disk Mode, which turn a Mac into an external hard drive to access the hard drive, is also being replaced with a new Mac Sharing Mode. Rather than sharing the disk as a mountable and local volume that needs to be directly connected to another Mac, it sets up an SMB network file share that can be accessed for file-level access to user data on the machine, that requires user authentication to access.
Data Protection, another feature that originated on iOS devices, will also be available on Apple Silicon Macs, thanks to support for hardware accelerated encryption built into Apple's system on a chip. This feature enables full data volume encryption by default, which prevents stolen devices from being hacked to gain access to your private data.
Users can turn on FileVault to tie this encryption to their local account credentials. This feature is already supported on recent Intel Macs equipped with Apple's T2 chip.
As detailed in a WWDC session on Wednesday, Apple Silicon Macs will also include a hidden System Recovery partition that can be used to reinstall macOS and the System Recovery if those volumes are damaged.
Xcode building Apple silicon code on a MacBook Pro
The existing methods for booting a Mac from an alternative volume in Startup Manager, booting into macOS Recovery mode, or booting into Target Disk mode or Safe Mode, all involve holding down a specific key sequence while restarting. With Apple Silicon Macs, that process is dramatically streamlined. On new hardware, users simply hold down the power button and they will be presented with a graphical set of startup options including OS restore or reinstallation.
Target Disk Mode, which turn a Mac into an external hard drive to access the hard drive, is also being replaced with a new Mac Sharing Mode. Rather than sharing the disk as a mountable and local volume that needs to be directly connected to another Mac, it sets up an SMB network file share that can be accessed for file-level access to user data on the machine, that requires user authentication to access.
Data Protection, another feature that originated on iOS devices, will also be available on Apple Silicon Macs, thanks to support for hardware accelerated encryption built into Apple's system on a chip. This feature enables full data volume encryption by default, which prevents stolen devices from being hacked to gain access to your private data.
Users can turn on FileVault to tie this encryption to their local account credentials. This feature is already supported on recent Intel Macs equipped with Apple's T2 chip.
As detailed in a WWDC session on Wednesday, Apple Silicon Macs will also include a hidden System Recovery partition that can be used to reinstall macOS and the System Recovery if those volumes are damaged.
Comments
This seems like a much better way to handle startup options. Start up key combos were rather clunky and since they're used so rarely I always had to go searching for them. Having a simple, intuitive way to get to a startup utility screen is a great improvement.
I didn't realize that how it worked now but I still find it confusing. I would assume that's how the system works by default. Why does it need to be enabled?
sounds like a bad move to me.
I can’t say how often TDM saved my butt. You can’t run a low level disk utility or data retrieval software on an SMB mount, or clone sections of a file system with permissions and ownerships intact from a network mount with full permissions for everyone.
TDM is one of the really smart things Apple invented, to let that go would be really dumb.
Another reason is that on non-T2 enabled Macs (those lacking T2 hardware) the process of enabling FileVault involves actually encrypting the raw disk data... and that can fail.
Worth noting that the T2 does encryption and decryption (AES-256) on the fly. And on Macs with T2, the disk is always "encrypted" in the sense that T2 is always processing data read/written. But the encryption password is set to a known (known by OSX) password in the case of FileVault being "off". However when FileVault is "on", the encryption password is set by the user to something that is not shared with/known to OSX. This is why turning FileVault "on" on a T2 mac is basically instant... whereas on a non- T2 mac this process can take hours (depending on size oh your datastore) and it can actually fail.
Hardware-based full disk encryption is an amazing leap forward in protecting data "at rest". Macs are bringing that to the masses, although it is normally considered a server/enterprise class security feature.
Unfortunately with this amazing capability enabled, macs cannot reboot themselves fully after a power failure, which is a scenario that must be considered in the case of a high-availability service e.g. a live/production web server
We'll see. I would imagine that the SMB options have been thought through for such things, but again a good concern to raise once we have the public beta (or earlier for devs).
I'm looking forward to a new OSX without having to reply on Adobe CS anymore when the iPad apps work as well.
It hasn't been called OS X for years, it's macOS.