Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

DSP, Plug-in and Host development discussion.
User avatar
stratology
KVRist
152 posts since 31 May, 2004 from Ireland

Post Tue Oct 22, 2019 7:08 am

Recent article on CNN that shows how trivially easy it is to exploit data we make publicly available - like Instagram posts, tweets, etc.:
https://edition.cnn.com/2019/10/18/tech ... index.html

User avatar
Urs
u-he
24076 posts since 8 Aug, 2002 from Berlin

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 8:02 am

Your pornstar name is the name of your first pet + your mother's maiden name + the street you first lived in. What's yours?

(but I won't tell you that I'll use that information to access your social media accounts)

JCJR
KVRAF
2862 posts since 17 Apr, 2005 from S.E. TN

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 8:29 am

Tis hard to judge FUD (fear uncertainty and doubt). EVERY political party and most other commercial and social action concerns thrive on FUD. FUD makes people do silly stuff. But it is hard to judge FUD because Even Paranoids Have Enemies. :)

Tis awful hard to legislate away stupidity (as Urs's phishing example above).

On the other hand even the most careful and skilled craftsman will probably leave the blade safety guard on his circular saw. Even the most alert skilled person can screw up once in awhile, and if you screw up with the safety guard off the saw then get used to the nickname "Old Stumpy." :)

It is easy to mock fools who get conned, but some kinds of internet safety blade guards probably make sense even to the most cautious individuals. Just don't get stampeded by the FUD. FUD makes bad guys money and gives bad guys power. Fight the evil-doers by giving up some more of yer freedom. Yeah that works just fabulous.

User avatar
stratology
KVRist
152 posts since 31 May, 2004 from Ireland

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 9:14 am

JCJR wrote:
Tue Oct 22, 2019 8:29 am
It is easy to mock fools who get conned
I agree with what you're saying.

But I think it's also important to remember that it's very, very easy to behave foolishly - even for rational people. Have you ever used a (not very strong) password in more than one location? I certainly have. Foolish. And also human and understandable.

That's where technology comes into play - making it easier to use a password that is automatically suggested by the OS and stored in the Keychain (which is synced across all devices) than coming up with your own, which is almost certainly weaker.


Always working on the assumption that the vast majority of the world population are 'non-technical' people is always a good starting point, IMHO.

JCJR
KVRAF
2862 posts since 17 Apr, 2005 from S.E. TN

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 10:00 am

stratology wrote:
Tue Oct 22, 2019 9:14 am
JCJR wrote:
Tue Oct 22, 2019 8:29 am
It is easy to mock fools who get conned
I agree with what you're saying.

But I think it's also important to remember that it's very, very easy to behave foolishly - even for rational people. Have you ever used a (not very strong) password in more than one location? I certainly have. Foolish. And also human and understandable.

That's where technology comes into play - making it easier to use a password that is automatically suggested by the OS and stored in the Keychain (which is synced across all devices) than coming up with your own, which is almost certainly weaker.
Oh yeah am not mocking fools. Why I brought up the example of the circular saw blade guard. Even the least-foolish, most skilled craftsman probably leaves on the blade guard. Taking off the blade guard is probably evidence of foolishness except in remarkable circumstances.

Everybody qualifies as a fool. I qualify quite routinely. It is just very difficult to legislate away foolishness or to prevent or protect a determined-enough fool. Was thinking back on some I.E. Safety Engineering courses I took shortly after the invention of fire.

I don't keep passwords on computer-accessible locations. A secure keychain seems too risky to me. "Hackers Can't Crack That." "Hold my beer and watch this." My computer might get hijacked but they can't harvest non-existent passwords or financial data.

User avatar
stratology
KVRist
152 posts since 31 May, 2004 from Ireland

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 10:30 am

JCJR wrote:
Tue Oct 22, 2019 10:00 am
I don't keep passwords on computer-accessible locations. A secure keychain seems too risky to me. "Hackers Can't Crack That." "Hold my beer and watch this." My computer might get hijacked but they can't harvest non-existent passwords or financial data.

I don't know if you watched the CNN video I linked to above. "Hacking" does not necessarily refer to breaking into a computer. It's about exploiting the weakest link. Which is, usually, not technology like strong encryption, but humans.

The 'hacker' in the video describes how she (with obvious joy and mischief) exploited the CNN journalist's public postings, and used those as identifiers for calling others, like airline representatives, pretending to be the CNN guy. She got those people to disclose further information, and used that for further exploits.

JCJR
KVRAF
2862 posts since 17 Apr, 2005 from S.E. TN

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 10:49 am

stratology wrote:
Tue Oct 22, 2019 10:30 am
JCJR wrote:
Tue Oct 22, 2019 10:00 am
I don't keep passwords on computer-accessible locations. A secure keychain seems too risky to me. "Hackers Can't Crack That." "Hold my beer and watch this." My computer might get hijacked but they can't harvest non-existent passwords or financial data.

I don't know if you watched the CNN video I linked to above. "Hacking" does not necessarily refer to breaking into a computer. It's about exploiting the weakest link. Which is, usually, not technology like strong encryption, but humans.

The 'hacker' in the video describes how she (with obvious joy and mischief) exploited the CNN journalists public postings, and used those as identifiers for calling others, like airline representatives, pretending to be the CNN guy. She got those people to disclose further information, and used that for further exploits.
I didn't watch it, maybe will sometime. Long ago read at least one article either Scientific American or Dr Dobbs, describing how various "human engineering" was the preferred method of breaking into computer systems and organizations, that the people were lots less secure than the computers, even back then.

But the "human engineering" is just old-fashioned conman stuff. Mark Twain, Charles Dickens, Leo Tolstoy and even Hermann Melville wrote amusing conman stories. So far as that goes, we can probably find conman stories in such as Aristophanes plays. How can Apple protect you from old-fashioned conmen, regardless whether they have phones and computers?

Back about 1971 I worked counseling for a couple of years at a drug rehab unit in a psychiatric hospital. Some of the heaviest druggies were fabulous conmen. Natural talent. I recall one junkie who gave the impression of being "borderline retarded" who managed to con substantial sums of money not only out of his lawyer, but also out of his freakin judge!

Angus_FX
KVRAF
4697 posts since 18 Jul, 2002 from London, UK

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 11:14 am

If I remember correctly, Apple was able to blacklist developer certificates which were stolen through phishing attacks. That was why they made two factor identification mandatory. So those cracks will work for a while and then boom.
No, there are ways to inject bogus keys locally. In some cases as simple as finding the key in the binary which it uses to verify its signature and replacing it with the cracker's own (they got us that way once). Or if required they can go further up the chain of trust. Now.. installing dodgy certificates to your system and compromising the chain of trust at system level is a pretty bad idea, but I guess if your crackintosh is air-gapped and not the machine you use for email, instagram, banking and everything else, it's probably a manageable risk.
ROLI | FXpansion
FX Twitter | FX YouTube

User avatar
stratology
KVRist
152 posts since 31 May, 2004 from Ireland

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Tue Oct 22, 2019 4:19 pm

Presonus Studio One now joins Ableton, Logic and Digital Performer as DAWs that officially support Catalina. Presonus also released hardware driver updates for Catalina.

User avatar
JunSev
KVRian
736 posts since 14 Sep, 2017

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Fri Oct 25, 2019 11:28 am

stratology wrote:
Tue Oct 22, 2019 4:19 pm
Presonus Studio One now joins Ableton, Logic and Digital Performer as DAWs that officially support Catalina. Presonus also released hardware driver updates for Catalina.
There is a thread already created by Forgotten (and I know he loves apple as much as you) about Catalina ready software, this is not the topic we are discussing here.

What you're doing is like "guys the future is bright for Apple, software companies are joining, Apple is very cool"...

I mean Wake up already.

User avatar
stratology
KVRist
152 posts since 31 May, 2004 from Ireland

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Fri Oct 25, 2019 12:05 pm

Oops, I thought Studio One, Ableton Live and Digital Performer were cross platform. My bad.

dayjob
KVRian
1368 posts since 6 Nov, 2006

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Fri Oct 25, 2019 6:45 pm

stratology wrote:
Fri Oct 25, 2019 12:05 pm
Oops, I thought Digital Performer was cross platform.
from everything i've read it's debatable if DP actually functions on windows :scared: 8)

machinesworking
KVRAF
1862 posts since 15 Aug, 2003 from seattle

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Fri Oct 25, 2019 7:24 pm

dayjob wrote:
Fri Oct 25, 2019 6:45 pm
stratology wrote:
Fri Oct 25, 2019 12:05 pm
Oops, I thought Digital Performer was cross platform.
from everything i've read it's debatable if DP actually functions on windows :scared: 8)
I use DP regularly enough to visit DP centric forums, and it's already got good traction as far as people posting using it on Windows. Haven't heard too many complaints, but the first .0 version for Windows had lots of issues for sure.

dayjob
KVRian
1368 posts since 6 Nov, 2006

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Fri Oct 25, 2019 7:37 pm

machinesworking wrote:
Fri Oct 25, 2019 7:24 pm
dayjob wrote:
Fri Oct 25, 2019 6:45 pm
stratology wrote:
Fri Oct 25, 2019 12:05 pm
Oops, I thought Digital Performer was cross platform.
from everything i've read it's debatable if DP actually functions on windows :scared: 8)
I use DP regularly enough to visit DP centric forums, and it's already got good traction as far as people posting using it on Windows. Haven't heard too many complaints, but the first .0 version for Windows had lots of issues for sure.
that's good to know. i've read a lot of "not ready for prime time" type comments from people who've used it on windows.

machinesworking
KVRAF
1862 posts since 15 Aug, 2003 from seattle

Re: Catalina: Apple turns macOS into a closed platform; many audio-devs warned from the upgrade

Post Fri Oct 25, 2019 8:44 pm

dayjob wrote:
Fri Oct 25, 2019 7:37 pm
machinesworking wrote:
Fri Oct 25, 2019 7:24 pm
dayjob wrote:
Fri Oct 25, 2019 6:45 pm
stratology wrote:
Fri Oct 25, 2019 12:05 pm
Oops, I thought Digital Performer was cross platform.
from everything i've read it's debatable if DP actually functions on windows :scared: 8)
I use DP regularly enough to visit DP centric forums, and it's already got good traction as far as people posting using it on Windows. Haven't heard too many complaints, but the first .0 version for Windows had lots of issues for sure.
that's good to know. i've read a lot of "not ready for prime time" type comments from people who've used it on windows.
IMO, it's a weird DAW, beyond a glitch or two when you first instal a new DAW, it presents a completely different way of working with arrangement windows, and the whole enigma of Chunks really throws people. The alien workflow makes any glitches with setting it up seem worse etc.

I'm sort of glad they made a windows version, but also saddened since theoretically developing for a single OS should be easier, and development has to slow down because of it.

Return to “DSP and Plug-in Development”