Thinking back to the prosecution against MicroSoft in the late 1990s decade which indirectly lead to Microsoft injecting cash into Apple to keep Apple afloat as a competitor to MicroSoft (and thus offer an alternative to Windows), I wonder why this apparent requirement that users must use iCloud and two Apple devices as well as use only Apple software doesn’t violate USA anti-trust laws.
Cheers, Michael. > On 6 Oct 2015, at 3:30 pm, Ronni Brown <ro...@mac.com> wrote: > > Hello WAMUGers who are contemplating upgrading to OS X 10.11 El Capitan, > > I thought I would post about the New Security Improvements for members who > might not be fully aware of the changes. > Take note of the changes to Two-Factor Authentication in iOS 9 and OS X 10.11 > El Capitan. > > El Capitan - New Security Improvements > > There are new security improvements in El Capitan that should protect Mac > users from malware, but unfortunately it may also mean that some of the > software utilities you use no longer work. > > System Integrity Protection: Also called “rootless,” this feature makes an El > Capitan Mac more resistant to attacks and malware, but it also limits what > power users can do to their systems—unless they disable it. > > What Rootless means in OS X El Capitan? > > In OS X 10.11 El Capitan, System Integrity Protection, also known as > rootless, will prevent the modification or removal of certain system files > even by administrative overrides. This means that no user, application, or > process will be able to write files or modify files in the root System folder > or the /bin, /sbin, and /usr directories, which are hidden by default in OS > X’s Finder. The /usr/local folder will still be accessible though. > > By locking down the core system Apple will scupper the attempts of any > malware to gain access to files, folders, running processes (software that > manages tasks in the background) and system apps, such as the Finder and > Dock. > This might lead to some changes in third party apps you use regularly, for > instance, prior to El Capitan Dropbox showed sync status in the Finder, > luckily this won’t be gone completely, Apple has added generic code to > support it. > > How will Rootless effect app developers? > > Kernel extensions will still be allowed, but developers will need a valid > certificate from Apple to get them cryptographically signed. > > However developers of programs like SuperDuper! were busy trying to adapt to > the new way of working. SuperDuper needs to read everything on a drive to > perform a clone and, to restore or write anywhere. Which could make it > impossible to restore a volume without disabling System Integrity Protection. > > Update Note: Update SuperDuper! has now released SuperDuper 2.8(v96) and > available for automatic upgrade! SuperDuper 2.8(96) is El Capitan compatible. > > How will Rootless effect me in OS X El Capitan? > > These new security measures are designed to avoid the circumstances where a > user is fooled by some malware and types in their password, allowing a Trojan > horse to install. > > When you update to El Capitan any non-Apple files in those directories will > be removed. This might mean that some of the software you use no longer > works, but it’s perhaps worth it if it removes horrors lucking within. > > What this means is that it will no longer be the case that a superuser, or > root, can do anything to the system. Root is something that is fundamental to > Unix. However, because it is possible to have this root power on Unix (on > which OS X is based) OS X is vulnerable to attack if a malicious user gains > root access. > > Can I disable Rootless in OS X El Capitan? > > It is possible to disable this protection, however I would certainly NOT > recommend you do and therefore won’t post to WAMUG mailing list how to > disable Rootless. Apple especially in El Capitan is doing everything possible > to keep your System (& you) Safe, so why break it? > > Changes to two-factor verification for Apple ID > > • Two-factor authentication: Apple has beefed up security by adding > two-factor authentication for your Apple ID in El Capitan and iOS 9. > > Apple’s current “two-step” system requires users to specify a trusted device > or trusted phone number to which a four-digit code can be sent which you can > use to confirm your identity. Without both the password and verification code > you won’t be able to access your account. > > Apple has posted an explanation of its plans for two-factor authentication in > El Capitan and iOS 9, here > <https://developer.apple.com/support/two-factor-authentication/>. > Similar to the existing system, users will set up at least one iOS and OS X > device as “trusted devices.” These devices appear in a list in your Apple ID > account and can be removed from there. They can be found in OS X in iCloud > system preferences, by clicking Account Details, and in iOS 9 in Settings > > iCloud > Account. You also have to verify at least one phone number. > > Following set up, whenever you sign in with your Apple ID on a new device or > browser, you will need to also verify your identity by entering your password > plus a six-digit verification code that will be displayed automatically on > any Apple devices you are already signed in to that are running iOS 9 or OS X > El Capitan. If you don’t have one of your trusted Apple devices handy, you > can receive the code on your phone via a text message or via phone call > instead. > > Cheers, > Ronni > > 13-inch MacBook Air (April 2014) > 1.7GHz Dual-Core Intel Core i7, Turbo Boost to 3.3GHz > 8GB 1600MHz LPDDR3 SDRAM > 512GB PCIe-based Flash Storage > > OS X Yosemite 10.10.2 > > -- The WA Macintosh User Group Mailing List -- > Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> > Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> > Settings & Unsubscribe - > <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
-- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Settings & Unsubscribe - <http://lists.wamug.org.au/listinfo/wamug.org.au-wamug>
