macOS

Yes I thought you were referring to a different incident.

IMO Yes. An OS is perhaps the most sensitive software, so we need to be very careful about what we recommend. Trust is paramount.

The 1Password issue lives in your head rent free.

This makes me question whether this is a good faith suggestion or just another joke post.

I don’t think recommending an OS that, sometimes, didn’t respect the users’ privacy toggle is a good idea in a privacy-focus community like this one.

What exactly are you referring to here?

Any application that can control the Finder (listed in ‘Automation’ in the Privacy pane) also has Full Disk Access, although you will see neither the Finder nor the controlling app listed in the Full Disk Access pane.

Because of this complication, administrators must be aware that even if they never grant FDA permissions, or even if they lock down Full Disk Access (perhaps via MDM solution), simply allowing an application to control the Finder in the ‘Automation’ pane will bypass those restrictions.

I don’t know whether this is fixed.

Apple in general have 1 issue regarding privacy. They use privacy as a selling point in their marketing. But that’s only true against 3rd parties, not them. You can see privacy issues in many of Apple’s 1st party products, e.g. iCloud that’s integrated in macOS that even with the encryption and advanced data protection enabled, not all data is end-to-end encrypted, including emails, calendar events, contacts, and file metadata. And there are Siri, etc.

Apple clearly states on their support site what is encrypted:

Well that’s not the case on macOS, only iOS. macOS allows side loading.

I don’t really understand. I’m sure google, Microsoft, and any Linux distro would remove software from their repo under legal threat. The App Store is equivalent to a Linux distro’s first party software repo essentially.

They could absolutely target a specific windows user’s Microsoft account as well it’s no different.

The suggestion is to add macOS though, iCloud is a seperate product and is entirely optional on macOS.

There are a lot of strawman fallacies (and the horn effect) here. Using iCloud and/or App Store is entirely optional in macOS. It’s good to talk about their privacy implications but not in this situation. Also, when we examine Apple’s privacy policies, we should only examine parts that are related to macOS.

There’s one thing that I think no one has mentioned. You cannot just download macOS like Windows and Linux distros. Sure, hackintosh exists, but it breaks the chain of trust that Apple built for macOS. So, when we recommend macOS, we essentially recommend buying Mac computers.

On the other hand, you can say that we recommend buying Pixel phones by recommending GrapheneOS. And we do recommend Pixel phones in the hardware section.

What I want to say is recommending macOS but not mac computers makes no sense.

PS: We lack hardware recommendation for laptops and desktops. If we do add them, I think it’s reasonable to mention laptops and desktops separately. Some people, due to their scenario, can’t use desktops.

How common is distribution of programs outside of App Store? I know that most of opensource ones provide .dmg files, but what about proprietary and commercial programs?

It’s very common. In fact, I think it’s the de-facto way to get popular software on macOS. Looking at our recommendations for desktop browsers, all of them can only be downloaded directly from the source. You won’t find Mullvad, Firefox, and Brave in the App Store.

Popular proprietary software like Chrome and Adobe Suite can only be downloaded directly from the source. For Office 365, you can choose between the App Store version and the… Microsoft… version? What I mean is that the way Office 365 handles updates is different between the two.

PS: I think it should be noted that platforms like brew exist on macOS.

I just checked our standards for desktop OSes. There are two criteria that macOS fails:

• Free and open source.
• Supports a wide variety of hardware.

@Lukas wants us to reevaluate the former. Even then, I think macOS still fails because of the latter. Maybe we can split them into minimum standards and ideal standards. We do this a lot, after all.

PS: It’s not uncommon for us to encourage/discourage users from doing something regarding a specific recommendation. This fact is crucial if we reevaluate our standards and add macOS to the mix. For example, with Fedora Atomic Desktops, we note:

Fedora Atomic Desktops come in a variety of flavors depending on the desktop environment you prefer. As with the recommendation to avoid X11 in our criteria for Linux distributions, we recommend avoiding flavors that support only the legacy X11 window system.

I think I laid it out pretty well here. People use an operating system for a lot of reasons outside of just which one is the most secure, they might not even have a choice. With something like email they all do basically the same thing, but that’s not really the case here. So it makes more sense to have guides on major operating systems that people use rather than recommendations. Plus it doesn’t meet our current criteria as was pointed out already and I don’t really want to weaken the criteria here.

Since macOS objectively doesn’t meet our current criteria I’m marking it rejected for now.