Linux vs Open Core Legacy Patcher for an old MacbookPro?

Hello,
I would like to know what would be the most secure & private option for a 2011 Macbook Pro between :

  • staying on official High Sierra (unsupported os and web browsers)
  • switching to a linux distro like Fedora
  • updating to Monterey with OpenCoreLegacyPatcher (SIP disabled, APFS seal,…) ?
    Thanks in advance for your answers !
1 Like

Just from a security/privacy perspective you’ll be better off with Linux in this case, but if you do stick with macOS using OCLP is better than not updating at all.

1 Like

Thanks for your answer Jonah !
I understand that Linux is the way to go for greater control over my system. It might have greater security/privacy potential but I will need to learn a new system I’m not used to. Will try to dual boot with Fedora and play with it.
However, reading Madaidan’s blog article Linux is less secure than MacOS. Maybe not for casual users like me…

If I stick to macOS which is an OS I know and like, I’ve read some Deeveedee post on macrumors saying that disabling SIP and injecting post install patches with OCLP could lead to create some vulnerable breaches. He no longer wants to use it as its daily drive (banking, personal account, email, …).
It looks a little bit like rooting or jailbreaking and as PG doesn’t recommend rooting nor jailbreaking for security reasons…
On the other hand I understand that sticking to High Sierra without any OS support and no browsers anymore coud also lead to security vulnerabilities but my system is still sealed.

Not quite sure what to do …

Well, I’m not sure if hardening Linux could actually make it more secure, but the main attrait for your case, is that, whatever you can do with OpenCoreLegacyPatcher, it will not be able to patch and correct as much vulnerabilities the same way a Linux operating system can. Also, while as a stock operating system, High Sierra might be fairly secure, the inability of receiving security updates will make flaws found until them, be virtually unpatcheable (Except perhaps if you do often check for newly security exploits found for that OS/Machine version and perhaps find way to prevent some of them).

2 Likes

Linux actually isnt as difficult to use as many people make it out to be. Mainstream distros usually have auto updates (at least with a prompt and a button) and everything is graphical.

1 Like

I’m sure Linux is as easy to use as MacOS I just feel that it seems to need some tweaks with stuff and terms I don’t even know about yet that I need to learn along the way (Selinux/Apparmor/Kernel/flatpak/snap/immutable……) to be as secure as a ready to use OS like Mac OS. Just like Firefox vs hardened Firefox vs Brave out of the box. Doesn’t mean that Firefox is hard to use.
Maybe the already tweaked solution from SkewedZeppelin here is the way to go

To make my decision I would like to know what are the real risk I take and their potentiality/possibility to happen when :

  • Using a ten year old MacBook Pro with high Sierra
  • Using the same MacBook Pro with OCLP
  • Using Fedora out of the box on the same machine without knowledge

Indeed, if I get on a plane, I risk dying, and if I leave a Louis Vuitton bag on a café terrace with my wallet in plain view, I risk having it stolen. Now, it’s better to keep your bag safe than not to get on a plane, because the risk is absolutely not the same. In IT, I sometimes get the impression that we’re told all the potential risks without ever tempering that opinion.

This is just for a normal use : web browsing, banking, paying tax, printing personal pictures, listening music, watching videos. I’m not a journalist nor an activist. Also my mother is in the same situation so I would like to implement the same solution for her. That’s why I’m kind of picky with Linux but If it’s the only real secure option….

Thanks for your help and advise.

Fedora out of the box is perfect for these kinds of use case. You don’t have a preconceived notion of what a good Linux is and it may be best to start with Fedora.

I am also a regular end user with great enthusiasm when it comes to privacy. Its ok to live here but there is a learning curve to learn, though not as bad, I’d argue. GNOME is sort of a MacOS wannabee and I mean it in a good way and it works well with gesture navigation compared to other window manager/desktop environment.

1 Like

To simplify my request :
Can I do my banking, use my credit card on eshop and enter password on my webmail, for instance, without risk on an updated OSX with opencore legacy ?
Could it be worse on the unsupported High Sierra as I use it today ?
This is the major risk I think about as I don’t have other important information that could be targeted.
:upside_down_face:

1 Like
1 Like

This is a really tough decision to make.

Either installing a Nix OS like Linux or running High Sierra which is no longer receiving security updates and it stopped receiving security updates all the way back in 2020… :face_holding_back_tears: :face_holding_back_tears:

This was the last update:

I wouldn’t touch a patch running something that’s unofficial and not made by Apple. Who knows what problems you’ll encounter in the future and Apple will not help you…

You could try hardening up High Sierra with something like LittleSnitch?

After doing SO much research on this topic, I’ve found this to be the best article that gives you important information and nicely sums up your options very nicely: