Apple announced a new Black Unity watchband and wallpapers this week. That post mentioned (in a footnote) in that iOS 17.3 will drop next week. (Not a big surprise, as we got RCs for iOS 17.3, macOS 14.3, and siblings this week.)
We have the Toronto Mac Admins community meetup coming up (Jan 30), and PSU MacAdmins Conference has announced their dates (July 9-12) and is calling for speakers and sponsors.
Do you think your company or product are a good fit to sponsor MacAdmins.news? There are a few sponsoring opportunities left!
Logistics: the macadmins.news website moved to the new host. This means the RSS feed URI has changed. Next week, I will move the email newsletter to the new service. You don't need to do anything, but the email you get next week will look different and come from a different sender (weekly@macadmins.news). Many thanks to those that have already subscribed to the new service and helped with the testing!
πΈ Focus
There were two separate news items regarding the Apple Store. First, the US Supreme Court decided not to hear Apple's and Epic's appeals in their case, which is regarded as an overall win for Apple. However, as a consequence, Apple will allow links to websites with payment options outside of the App Store in the US (The Verge, Michael Tsai).
On this side of the Atlantic, Apple seems to be preparing the EU App Stores (there is still, unbelievably, one App Store per country) to allow some form of sideloading to comply with the upcoming Digital Markets Act (DMA). No details are yet known how exactly that will look like, but there are less than seven weeks left until the deadline on March 7. (Which means, we might see what this looks like in the iOS 17.4 and macOS 14.4 betas that should drop next week after the release of iOS 17.3 and macOS 14.3.)
The move in the US is an absurdly minimal concession to "opening" up the App Store, especially since Apple still demands 27% (12% for developers in the App Store Small Business Program) of proceeds generated by links from Apps on Apple Platforms. While I understand that Apple has a duty towards their shareholders to defend and maintain profits, I consider this an extremely developer and user hostile move on Apple's part.
The 30% cut for software distribution was a revolutionary concept when Apple introduced the iTunes (Music) Store in 2003. A mere five years later, Apple transferred the concept to the new iPhone App Store. The App Store was a huge success for Apple. For many developers it started a price race to the bottom, with the vague hope of "making it up in volume." The notion that apps should be 99 cents, or free became somehow part of public consciousness. Developers and users have always been asking for upgrade pricing in the App Store but Apple has pushed in-App purchases and subscriptions instead.
The main argument in favor of the closed-garden model of the App Store is that Apple can reject malicious and scam software. While it is certainly true that Apple filters huge amounts of malware and scams, there are still scores of scammy apps and developers that somehow circumvent the review process, in many cases repeatedly. On the other hand, there are regular reports from legitimate apps and developers that are harassed by capricious review decisions.
Managing and curating the App Store is certainly a gargantuan task and there will always be false positives and negatives. But Apple took this job on themselves. No-one had asked them for this. The Mac was doing great before the App Store and still has a rich software market outside of it. Any goodwill Apple might have earned when they set out with noble intentions in 2008 is used up. Now, it is difficult to avoid the impression that Apple is not competing on quality, but instead taxing access.
Epic, a company whose most lucrative game has a profit model based on lootboxes, i.e. the gambling dopamine surge, was, despite all their marketing attempts, never an adequate paragon to "fight for the user." The result is the toothless concession that Apple has to allow links to outside payment systems, but is also allowed to still demand a share of those profits. Apple's implemention, with specific entitlements a developer has to request (and that can be revoked) and an amazingly dramatic "warning" screen, cannot be called anything else but spiteful. It is the users, and developers who are getting the short end of the stick.
Apple claims they compete with quality and ease of use, and their customers are willing to pay for a better experience. Generally, they succeed with this. But with the App Store, Apple has a strange blind spot. They have no competition and it shows. The App Store is neither safe nor easy to use. It is littered with ads (that Apple earns more profit from). It has a significant cost for developers, and instead of getting good value in the form of a safe market place, small developers live with the permanent risk that their income disappears because of some unpredictable review decision or because some scam developer outspends them on ad placements.
More than 15 years after its introduction, entire categories of apps and tools are still excluded from the App Stores. Many creative ideas will never be realized, because developers believe they will never pass review. For Mac admins, despite the fact that Apple has been cajoling developers to use in-App purchases and subscriptions, we cannot manage either with Apps & Books (formerly known as VPP).
I had a glimmer of hope that regulations like the DMA might have forced the App Store to compete on quality and improve the experience for users and developers (and maybe for admins).
But after the spiteful implementation of external purchase links in the US, my hope that Apple's "solution" will have the users' or developers' interest in mind seems futile. I have long given up hope that Mac admins needs in distributing and managing apps are even the slightest consideration in Apple's plans for the App Store. The Apps & Books (formerly known as VPP) will remain the broken kludgy afterthought solution we have.
This is even more frustrating, as other parts of Apple's Enterprise strategy and management technology have improved significantly over the last few years.
π° News and Opinion
Just Passed the 2024 Apple Device Support Exam!
"Two weeks ago I posted an honest and candid article about how I failed the brand new 2024 Apple Device Support exam that leads to ACSP certification. Today I just re-sat it⦠and I aced it! What made the difference? And how can you benefit from my experience?"
π Security and Privacy
The Many Faces of Undetected macOS InfoStealers: KeySteal, Atomic & CherryPie Continue to Adapt
"In this post, we provide details on three active infostealers that are currently evading many static signature detection engines. We provide a high-level overview of each along with relevant indicators to aid threat hunters and defenders."
Jamf Threat Labs Discovers Pirated macOS Apps Similar to ZuRu Malware
"Jamf Threat Labs has detected a series of pirated macOS applications that have been modified to communicate to attacker infrastructure. These applications are being hosted on Chinese pirating websites in order to gain victims."
Alleged FruitFly malware creator ruled incompetent to stand trial
"On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware."
π¨ Support and Tutorials
Configuring Mac Settings: MDM, Configuration Profiles, or Scripting?
"When it comes to managing Mac computers, there are several ways IT teams can configure their settings remotely."
Resolving Trusted Execution Problems
"I help a lot of developers with macOS trusted execution problems. For example, they might have an app being blocked by Gatekeeper, or an app that crashes on launch with a code signing error."
Find Out What Apps & Extensions (Like Ours) Are Doing On A Mac
"An important aspect of apps that run on Apple devices is that they are not able to access resources outside of themselves unless the route to do is is very well defined, users opt into giving access, and ultimately the user privacy is preserved."
Restore a Deleted Configuration Profile in Jamf Pro
"The Jamf Pro user interface contains a lesser known ability to restore deleted objects, such as Configuration Profiles. Deleted objects with an object name that is able to be selected and clicked, can be restored."
Mac Evaluation Utility: What It's Good For, How to Use It
"Apple recently released version 4.5 of MEU. It includes an improved interface, making it easier to run reports and to control which tests are run. It adds tests for secure tokens and bootstrap tokens, volume ownership, and iCloud FileVault Recovery."
π€ Scripting and Automation
Mac Shell Scripts: Introductory Guide for Apple IT
"Smart Mac admins know that anything you can do in the GUI you can usually also do from the command-line interface (CLI)."
Building a Jamf Self Service policy for Homebrew
"The Homebrew package appears built to be installed by humans, not in an unattended fashion as a management framework, or even Installomator, would."
Unlocking Insights: An Introductory Guide to Integrating Jamf Pro and Microsoft Power BI for Powerful Reporting
"In this post, we will configure Power BI to grab some information from Jamf Pro using API calls."
β»οΈ Updates and Releases
πΊ Watch
XCreds 4 Video
"The big change in XCreds 4 is prompting users who have existing local accounts to use those accounts instead of creating a new local account and home directory."
πJust for Fun
Year of the Dragon
"Apple launched an early Lunar New Year promotion in China with discounts across its product lines. With this upcoming lunar year being the Year of the Dragon, the graphic showcasing the sale shows a dragon composed of Apple products, including AirPods, iPads, iPhones, and more (no polishing cloth though)."