I don't mind an opinion piece. However the title of this "what happened during ..." led me to believe that this might shed a bit more light on yesterday's outage more than just a vague resurfacing of the common experience.
Additionally, opinion pieces usually telegraph an insightful point-of-view, often one that might not have been considered by the reader. Perhaps this could have been a piece about the follies of a wholly-digital work environment, or how relying on a single company can affect so much change. This piece merely reconfirmed that something unexpected and bad is indeed unexpected and bad, it added nothing to the ongoing dialogue and that made it a disappointing read.
Also don't interpret this reply as being a response to reading bad-news. Despite what is said, Apple isn't a cult, and writing about Apple's short comings isn't frowned upon. When Apple legitimately mess up criticism is warranted and explored. This is a good example of that, clearly something went wrong and we're all eager to understand the why and how.
People that follow Apple's news are pretty switched on to what is a legitimate failure (such as this) and what is an invented 'click-bait' failure, the type of thing that The Verge routinely publishes. Apple also receives a lot of competitive criticism: others want what they have and take creative routes to get there. (E.g. Spotify and Epic right now.)
In other news I was researching the new Eero Pro 6 wifi system (offered by Apple) I came across this:
"STEP 2: Create an eero account
To begin setting up your new eero network, you will need an eero account first. You will need to enter your phone number and email address. "
Now why would I need to have an account to set up my own wifi system? So I phoned Eero and was told that an authentication code is needed to activate the hardware, but I was assured that the ONLY data collected (other than my name, email and phone) was bulk anonymous usage data (how many Gb went through). BUT when I asked to see the Privacy policy (Eero is owned by Amazon now) the rep and I found this:
Types of data we (Eero) collect
“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data, and may also include Device Data. “Device Data” means product and performance data that are automatically collected when you use eero Devices and Application(s) to the extent that such data is associated with or linked to data that allows someone to identify or contact you, for example:
performance statistics, including network speeds, network internet service provider (ISP), and other eero Device data (e.g., temperature, CPU, memory),
network bandwidth usage statistics (i.e. the volume of data transferred and the protocol of packets),
MAC addresses for eero Devices and connected devices, IP addresses and network SSID and password,
family profile names, device hostnames, firmware data, Application clickstream, Application crash data, WiFi channel usage information, types of connected devices, the association of devices with a specific family profile, and WiFi signals from other WiFi systems in the area.
OOPS - they can, and apparently do, hoover up everything, and because the Eero sits between your modem and your computer, none of Apple's privacy measures can stop this. Further down the Privacy document it details what all Amazon can (and will) do with all that data. See:
The only thing the rep and I decided could be done would be to use a VPN (or possibly another router that the user controlled that would sit between the modem and the Eero). Both have overhead and management concerns.
The future of privacy on Apple products is looking very bleak...
The lack of transparency around some of Apple's recent issues has been the reason they've blown up into something bigger than they should - the battery throttling being one that could have been nothing if they'd explained the reasoning, and the 2016 MBP keyboard. And this is another they should have been transparent about. When there are issues Apple seems to think if they shut their eyes the issue will disappear, but the media loves to see Apple make a mistake and as such it's better to explain what they're doing to fix it rather than letting the media have a field-day. Also having a proper error message helps, because then people know what's going on. A message saying an error has occurred is barely more useful than no message at all.
The systems status page is useless, as it claimed issues were fixed but 6 hours later the updates were still failing. As the article alludes to, it's pretty stupid that Apple's minimalism even bleeds over to error messages, the lack of information on Apple's status page is a detriment to all, for example "Some users couldn't access mail" should have more detail: "Some users were getting authentication failed errors when using Mail.app" would be better, so people know if their own issue is related and don't keep trying to diagnose something that might be an Apple issue. Similarly the obscurity around what updates actually do, they often don’t list fixes, only the usual “bug fixes and performance enhancements” - which everyone expects anyway.
As I posted elsewhere, amongst other previously reported bugs that weren’t fixed during the long beta period, I am still seeing a fairly critical bug with Python despite it being reported to Apple in beta 1. Apple actually pushed a fix to the Python Github repo - and then forgot to include the fix in Big Sur's version of Python. That kind of thing really should not have got past QA.
I gave up early in the download process and waited until this morning. What I hadn't anticipated was being stymied by the installation of LastPass to my Mac. I use DataVault secure my information and I wanted to get a look at LastPass because of overwhelming acceptance for it.
After review yesterday I found LastPass was not going to be adequate.
However, this morning, LastPass was preventing the download of Big Sur. It took me several restarts to finally get rid of LastPass -- it seems to have too much in common with malware.
This is the part where I say that I am embarrassed to be a part of modern society where people whine and complain that they can't get their computers updated or working for a few hours, and those that write articles claiming it to be a bigger deal than it really is. People NEVER say anything about the countless days, weeks, or years that something's been working well. It's only that ONE day, or hours that the twitterverse gets their undies in a wedgie. It's embarrassing really and those that think the world is falling need to take a step back and contemplate what's really important.
I guess it's me being born before modern technology took over. I know tech's not perfect and things go wrong, but damn... some people.
Disclaimer: After all the complaining yesterday, I decided to upgrade my 2017 MBP that I rarely use just to see how bad it was. I was fully prepared to experience the same problems as others complained about. My MBP downloaded BigSur and upgraded it all in under and hour. I was shocked. I expected to leave it on the entire day/night while I do my other work. On top of that, after a few hours of using it - so far - I've had zero issues with my apps, and was pleasantly surprised that my crucial apps (Java-based) worked perfectly.
Go figure.
The "opinion piece"? Whatever. People place way too high a value on these kind of articles. Most folks have the attention-span of a gnat. Today most will have forgotten about it. By the weekend... completely forgotten about and now looking forward to their next 15-minute fix.
Apple will take this event as something they need to work out. It never ends, and it will happen again. Nothing is perfect, but funny how some expect that from others knowing what they do could certainly be put under scrutiny as well. Get over it.
I don't think there's anything wrong with expecting that a company -- especially Apple -- delivers on what it promises to deliver. After all, it is that ability to execute that sets apart some companies -- especially Apple -- from others.
In my case, I am more puzzled by the frenzy over what I think is large an eye-candy update, one that seems more like a nice-to-have than must-have. (New security and privacy features are always welcome, but those do not need a new OS designation to make happen).
As always, I'll wait a few weeks to download, say, wait for 11.1.
This is the part where I say that I am embarrassed to be a part of modern society where people whine and complain that they can't get their computers updated or working for a few hours, and those that write articles claiming it to be a bigger deal than it really is. People NEVER say anything about the countless days, weeks, or years that something's been working well. It's only that ONE day, or hours that the twitterverse gets their undies in a wedgie. It's embarrassing really and those that think the world is falling need to take a step back and contemplate what's really important.
I guess it's me being born before modern technology took over. I know tech's not perfect and things go wrong, but damn... some people.
Disclaimer: After all the complaining yesterday, I decided to upgrade my 2017 MBP that I rarely use just to see how bad it was. I was fully prepared to experience the same problems as others complained about. My MBP downloaded BigSur and upgraded it all in under and hour. I was shocked. I expected to leave it on the entire day/night while I do my other work. On top of that, after a few hours of using it - so far - I've had zero issues with my apps, and was pleasantly surprised that my crucial apps (Java-based) worked perfectly.
Go figure.
The "opinion piece"? Whatever. People place way too high a value on these kind of articles. Most folks have the attention-span of a gnat. Today most will have forgotten about it. By the weekend... completely forgotten about and now looking forward to their next 15-minute fix.
Apple will take this event as something they need to work out. It never ends, and it will happen again. Nothing is perfect, but funny how some expect that from others knowing what they do could certainly be put under scrutiny as well. Get over it.
The complaint is not that people couldn't download Big Sur, though that was the case, but that Apple (if this analysis is correct) managed to nuke a lot of Macs when the launched it. My entire department's Mac's were essentially bricked for about an hour and a half and none of us were trying to download the update. Applications would either not launch or launched and worked so slowly as to be unusable. I have two MacBook Pro's and they both became unresponsive at the same instant.
I will say that neither AI's news article from yesterday nor the opinion piece issued today adequately explain what happened, what caused it, how many people were affected, and why people are upset. That is why the comments here are hard to interpret.
Real controversial take. Big companies shouldn't make customer facing mistakes.
I question the bit about "it can't happen again!" however. If we were talking about the Boeing debacle that grounded hundreds of airplanes, resulting in loss of life, and forever tarnished the company's reputation, I would agree. But it's WAY too soon to pontificate about the blow back over this. Frankly, if I hadn't read about it here, I wouldn't know anything had happened. I expect the typical Mac user is in the same boat, but I could be wrong.
My disappointment with this "issue" as well as others that we have all engaged/commented on at one time or another in regards to Apple's secrecy about... EVERYTHING!! This ultimately hurts Apple's integrity and standing with their customers, fans, media, etc. Not that Apple was up to something nefarious, the lack of transparency after the first issues were starting to appear on the web and Apple goes into "clamup" mode, that does not help Apple.
Apple is hurting themselves with potential early adopters (IMO) with the new Apple Silicon M1, they need to be open with the specs on these things and translate them into comprehensive every day language that every one is use to looking at when it comes to making decisions about purchasing a computer. They have been so vague or in some cases totally unresponsive to questions that they knew were going to be asked. I don't get it, they should have had a full court press from the marketing folks to explain what the initial M1 products can do and not do, they shouldn't make potential buyers of these new machines (Beta Testers) attempt to ascertain some of the basic info by using cryptic Apple speak. Just my $.02 opinion...
Real controversial take. Big companies shouldn't make customer facing mistakes.
I question the bit about "it can't happen again!" however. If we were talking about the Boeing debacle that grounded hundreds of airplanes, resulting in loss of life, and forever tarnished the company's reputation, I would agree. But it's WAY too soon to pontificate about the blow back over this. Frankly, if I hadn't read about it here, I wouldn't know anything had happened. I expect the typical Mac user is in the same boat, but I could be wrong.
Yeah really. We were delayed hours from our new shiny. Oh well.
This is the part where I say that I am embarrassed to be a part of modern society where people whine and complain that they can't get their computers updated or working for a few hours, and those that write articles claiming it to be a bigger deal than it really is. People NEVER say anything about the countless days, weeks, or years that something's been working well. It's only that ONE day, or hours that the twitterverse gets their undies in a wedgie. It's embarrassing really and those that think the world is falling need to take a step back and contemplate what's really important.
I guess it's me being born before modern technology took over. I know tech's not perfect and things go wrong, but damn... some people.
Disclaimer: After all the complaining yesterday, I decided to upgrade my 2017 MBP that I rarely use just to see how bad it was. I was fully prepared to experience the same problems as others complained about. My MBP downloaded BigSur and upgraded it all in under and hour. I was shocked. I expected to leave it on the entire day/night while I do my other work. On top of that, after a few hours of using it - so far - I've had zero issues with my apps, and was pleasantly surprised that my crucial apps (Java-based) worked perfectly.
Go figure.
The "opinion piece"? Whatever. People place way too high a value on these kind of articles. Most folks have the attention-span of a gnat. Today most will have forgotten about it. By the weekend... completely forgotten about and now looking forward to their next 15-minute fix.
Apple will take this event as something they need to work out. It never ends, and it will happen again. Nothing is perfect, but funny how some expect that from others knowing what they do could certainly be put under scrutiny as well. Get over it.
It seems to me you are conflating problems with the OCSP server with the rollout of Big Sur. I have seen nothing that actually links the problems with that server with Big Sur's availability, other than the fact that that server's timeouts slowed or stopped just about every app upon startup. I wonder if OCSP would have failed yesterday, regardless of Big Sur being made available.
Mission critical machines “bricked “on a day one release of a major OS replacement?
Darwin award contender.
I’ve endured enough application software incompatibilities upon OS changes that I really prefer the application developers to get the time to take a deep breath and get their code in order before going for that pretty new home screen.
That’s leaked over into my home devices. Once the independent application software people have time to work out their comparability bugs: time enough to migrate.
It seems to me you are conflating problems with the OCSP server with the rollout of Big Sur. I have seen nothing that actually links the problems with that server with Big Sur's availability, other than the fact that that server's timeouts slowed or stopped just about every app upon startup. I wonder if OCSP would have failed yesterday, regardless of Big Sur being made available.
The two are inter-related. Apple users DDOSed Apple's servers (but shouldn't have been able to, as the article discusses, as it's a smaller impact than an iOS update), and the OCSP server wasn't sufficiently insulated from that impact. This also caused the Big Sur downloads to not authenticate, and induce failures in installation -- and redownloads, which compounded the problem much longer than it should have.
As reported by 9to5 Mac, the problem goes far beyond Big Sur slowdowns. It centers on MacOS constantly sending detailed app usage data back to Apple, which in turn can be access on demand by governments and is even readable by ISPs! Read that article.
Thankfully, that can be mitigated by Little Snitch in Catalina and earlier versions of MacOS, but as the article states, Big Sur doesn't allow Little Snitch to block the outflow of data to Apple's servers. While most of us probably don't mind Apple knowing what apps we use, when and where we use them, the fact that an ISP or a government can easily gain access that personal info is highly disturbing to say the least. This is truly one of the biggest security and privacy related stories to come out in a long time, especially when you consider how strongly Apple has been trying to protect our privacy and personal data.
As reported by 9to5 Mac, the problem goes far beyond Big Sur slowdowns. It centers on MacOS constantly sending detailed app usage data back to Apple, which in turn can be access on demand by governments and is even readable by ISPs! Read that article.
Thankfully, that can be mitigated by Little Snitch in Catalina and earlier versions of MacOS, but as the article states, Big Sur doesn't allow Little Snitch to block the outflow of data to Apple's servers. While most of us probably don't mind Apple knowing what apps we use, when and where we use them, the fact that an ISP or a government can easily gain access that personal info is highly disturbing to say the least. This is truly one of the biggest security and privacy related stories to come out in a long time, especially when you consider how strongly Apple has been trying to protect our privacy and personal data.
You're misinterpreting a bit of what the researcher said and what 9to5 accurately relayed in its reporting yesterday.
What gets sent back to Apple is a hash of the app that's been launched, so yes, Apple knows what app you're using, and when you launch it. But, Gatekeeper doesn't send to Apple what you're doing, how long the app is open, how long the app is active, or when the app is closed. While the hash that is sent is not further encrypted (other than being a hash), you're making a big assumption that Apple is either sharing this data, or that the hash is readable by a MITM attack by the ISP or the government.
The ISP already has your location information, and depending on locality, basically provides that to anybody who asks, so I'm not sure why the researcher is baffled by an IP giving away your location. Plus, if you have an app that connects to the internet for any reason including license authentication, the data it sends, and the port it sends it on, tells anybody watching you with a MITM attack more about you than a single hash at launch will.
This behavior has existed since Gatekeeper's launch in 2012. AI talked about it then, and I talked about it in a different venue.
This all said, we have renewed our queries to Apple about what it keeps, what it knows, and what it does with the data.
This is the part where I say that I am embarrassed to be a part of modern society where people whine and complain that they can't get their computers updated or working for a few hours, and those that write articles claiming it to be a bigger deal than it really is. People NEVER say anything about the countless days, weeks, or years that something's been working well. It's only that ONE day, or hours that the twitterverse gets their undies in a wedgie. It's embarrassing really and those that think the world is falling need to take a step back and contemplate what's really important.
I guess it's me being born before modern technology took over. I know tech's not perfect and things go wrong, but damn... some people.
Disclaimer: After all the complaining yesterday, I decided to upgrade my 2017 MBP that I rarely use just to see how bad it was. I was fully prepared to experience the same problems as others complained about. My MBP downloaded BigSur and upgraded it all in under and hour. I was shocked. I expected to leave it on the entire day/night while I do my other work. On top of that, after a few hours of using it - so far - I've had zero issues with my apps, and was pleasantly surprised that my crucial apps (Java-based) worked perfectly.
Go figure.
The "opinion piece"? Whatever. People place way too high a value on these kind of articles. Most folks have the attention-span of a gnat. Today most will have forgotten about it. By the weekend... completely forgotten about and now looking forward to their next 15-minute fix.
Apple will take this event as something they need to work out. It never ends, and it will happen again. Nothing is perfect, but funny how some expect that from others knowing what they do could certainly be put under scrutiny as well. Get over it.
The complaint is not that people couldn't download Big Sur, though that was the case, but that Apple (if this analysis is correct) managed to nuke a lot of Macs when the launched it. My entire department's Mac's were essentially bricked for about an hour and a half and none of us were trying to download the update. Applications would either not launch or launched and worked so slowly as to be unusable. I have two MacBook Pro's and they both became unresponsive at the same instant.
I will say that neither AI's news article from yesterday nor the opinion piece issued today adequately explain what happened, what caused it, how many people were affected, and why people are upset. That is why the comments here are hard to interpret.
90 minutes? Wow. There's 525,600 minutes in a year. Glass half empty kind of person? Go make a cup of coffee.
disclaimer: I'm in IT and I understand outages in our enterprise as well. We calculated that each hour of downtime at our company costs about $80,000 of lost productivity. At the same time, I also understand that everyone complains when something doesn't work, but never complements the uptime and countless weeks when everything is running smoothly and without issue. Think about it.
Technology brings amazing benefits in speed and productivity. If 90 minutes really burns your backside, maybe you should consider unplugging everything and running your company on paper & pencil and see how efficient that is. That 90 minutes will suddenly feel like nothing.
People are just a bunch a entitled whiners that either have no idea how things were, or have very short attention spans.
Comments
Additionally, opinion pieces usually telegraph an insightful point-of-view, often one that might not have been considered by the reader. Perhaps this could have been a piece about the follies of a wholly-digital work environment, or how relying on a single company can affect so much change. This piece merely reconfirmed that something unexpected and bad is indeed unexpected and bad, it added nothing to the ongoing dialogue and that made it a disappointing read.
Also don't interpret this reply as being a response to reading bad-news. Despite what is said, Apple isn't a cult, and writing about Apple's short comings isn't frowned upon. When Apple legitimately mess up criticism is warranted and explored. This is a good example of that, clearly something went wrong and we're all eager to understand the why and how.
People that follow Apple's news are pretty switched on to what is a legitimate failure (such as this) and what is an invented 'click-bait' failure, the type of thing that The Verge routinely publishes. Apple also receives a lot of competitive criticism: others want what they have and take creative routes to get there. (E.g. Spotify and Epic right now.)
https://sneak.berlin/20201112/your-computer-isnt-yours/
This is at the heart of the failures yesterday.
In other news I was researching the new Eero Pro 6 wifi system (offered by Apple) I came across this:
"STEP 2: Create an eero account
To begin setting up your new eero network, you will need an eero account first. You will need to enter your phone number and email address. "
Now why would I need to have an account to set up my own wifi system? So I phoned Eero and was told that an authentication code is needed to activate the hardware, but I was assured that the ONLY data collected (other than my name, email and phone) was bulk anonymous usage data (how many Gb went through). BUT when I asked to see the Privacy policy (Eero is owned by Amazon now) the rep and I found this:
Types of data we (Eero) collect
“Personal Data” means data that allows someone to identify or contact you, including, for example, your name, telephone number, e-mail address, as well as any other non-public information about you that is associated with or linked to any of the foregoing data, and may also include Device Data. “Device Data” means product and performance data that are automatically collected when you use eero Devices and Application(s) to the extent that such data is associated with or linked to data that allows someone to identify or contact you, for example:
performance statistics, including network speeds, network internet service provider (ISP), and other eero Device data (e.g., temperature, CPU, memory),
network bandwidth usage statistics (i.e. the volume of data transferred and the protocol of packets),
MAC addresses for eero Devices and connected devices, IP addresses and network SSID and password,
family profile names, device hostnames, firmware data, Application clickstream, Application crash data, WiFi channel usage information, types of connected devices, the association of devices with a specific family profile, and WiFi signals from other WiFi systems in the area.
OOPS - they can, and apparently do, hoover up everything, and because the Eero sits between your modem and your computer, none of Apple's privacy measures can stop this. Further down the Privacy document it details what all Amazon can (and will) do with all that data. See:
https://eero.com/legal/privacy
The only thing the rep and I decided could be done would be to use a VPN (or possibly another router that the user controlled that would sit between the modem and the Eero). Both have overhead and management concerns.
The future of privacy on Apple products is looking very bleak...
The systems status page is useless, as it claimed issues were fixed but 6 hours later the updates were still failing. As the article alludes to, it's pretty stupid that Apple's minimalism even bleeds over to error messages, the lack of information on Apple's status page is a detriment to all, for example "Some users couldn't access mail" should have more detail: "Some users were getting authentication failed errors when using Mail.app" would be better, so people know if their own issue is related and don't keep trying to diagnose something that might be an Apple issue. Similarly the obscurity around what updates actually do, they often don’t list fixes, only the usual “bug fixes and performance enhancements” - which everyone expects anyway.
After review yesterday I found LastPass was not going to be adequate.
However, this morning, LastPass was preventing the download of Big Sur. It took me several restarts to finally get rid of LastPass -- it seems to have too much in common with malware.
\Otherwise things went smoothly.
In my case, I am more puzzled by the frenzy over what I think is large an eye-candy update, one that seems more like a nice-to-have than must-have. (New security and privacy features are always welcome, but those do not need a new OS designation to make happen).
As always, I'll wait a few weeks to download, say, wait for 11.1.
There were others in pst with similar problems.
I will say that neither AI's news article from yesterday nor the opinion piece issued today adequately explain what happened, what caused it, how many people were affected, and why people are upset. That is why the comments here are hard to interpret.
I question the bit about "it can't happen again!" however. If we were talking about the Boeing debacle that grounded hundreds of airplanes, resulting in loss of life, and forever tarnished the company's reputation, I would agree. But it's WAY too soon to pontificate about the blow back over this. Frankly, if I hadn't read about it here, I wouldn't know anything had happened. I expect the typical Mac user is in the same boat, but I could be wrong.
Just my $.02 opinion...
🤷♂️
Darwin award contender.
Thankfully, that can be mitigated by Little Snitch in Catalina and earlier versions of MacOS, but as the article states, Big Sur doesn't allow Little Snitch to block the outflow of data to Apple's servers. While most of us probably don't mind Apple knowing what apps we use, when and where we use them, the fact that an ISP or a government can easily gain access that personal info is highly disturbing to say the least. This is truly one of the biggest security and privacy related stories to come out in a long time, especially when you consider how strongly Apple has been trying to protect our privacy and personal data.
What gets sent back to Apple is a hash of the app that's been launched, so yes, Apple knows what app you're using, and when you launch it. But, Gatekeeper doesn't send to Apple what you're doing, how long the app is open, how long the app is active, or when the app is closed. While the hash that is sent is not further encrypted (other than being a hash), you're making a big assumption that Apple is either sharing this data, or that the hash is readable by a MITM attack by the ISP or the government.
The ISP already has your location information, and depending on locality, basically provides that to anybody who asks, so I'm not sure why the researcher is baffled by an IP giving away your location. Plus, if you have an app that connects to the internet for any reason including license authentication, the data it sends, and the port it sends it on, tells anybody watching you with a MITM attack more about you than a single hash at launch will.
This behavior has existed since Gatekeeper's launch in 2012. AI talked about it then, and I talked about it in a different venue.
This all said, we have renewed our queries to Apple about what it keeps, what it knows, and what it does with the data.