Old 04-12-2018, 11:31 AM   #1
serr
Human being with feelings
 
Join Date: Sep 2010
Posts: 6,890
Default Apple's 'filevault' faux pas. Important!

The recent OSX 10.13 installer has enabling Filevault (a disk encryption feature) selected by default. If you just cruse through the setup screen after a fresh OSX install you might miss this and end up with Filevault enabled!

This is a feature that severely sacrifices performance for security. Something appropriate for an FBI agent or bank CEO with sensitive data at risk of physical access but no need for any performance.

Open System Preferences, click Security & Privacy, click the Filevault tab.
If you see it turned on, please turn it off and follow the prompts to un-encrypt your drive.

Also note that OSX updates are sometimes failing with Filevault enabled. Leads to a full OSX reinstall and restore.
__________________
Mac Pro 8x 3.33GHz i7, 16GB, various SSD's and systems; MacBook Pro 4x 3.6GHz i7, 16GB, various SSD's and systems; 2x True Precision 8; Apogee AD-16; 2x MOTU 828mk3, Evolution UC-33e; Faderport; WiRanger, iPad. Remember hardware mixers? Me neither.
serr is online now   Reply With Quote
Old 04-13-2018, 03:19 AM   #2
Skijumptoes
Human being with feelings
 
Join Date: Mar 2018
Posts: 13
Default

Wha?!

Firstly, It doesn't severely sacrifice performance whatsoever, particularly if you're running an SSD.

Secondly, I have 4 machines running ALL with filevault, and as someone who relies on those machines professionally to earn a living, filevault is huge piece of mind for all my hardware for not only my own personal data but for my customers also.

Only applicable to a Bank CEO/FBI Agent - what a stupid thing to say, this whole post is really scare mongering beyond belief and pro-actively promoting ignorance and ill-advice to fellow users that is not to their benefit.

If you've some firsthand experience of this happening, then by all means relay it back. But in my experience after having a mac stolen at a live gig i was so glad that i had the security offered to me enabled, and certainly no 'real world' performance impact. So let's not push out such alarmist information based on hearsay, eh?

Maybe it would be more reasoned to offer the suggestion that if anyone has experienced slow down after a period of a few days from updating or installing MacOS (i.e. after things have settled) to then look into whether Filevault is enabled, as a possible issue?

Last edited by Skijumptoes; 04-13-2018 at 03:27 AM.
Skijumptoes is offline   Reply With Quote
Old 04-13-2018, 09:51 AM   #3
serr
Human being with feelings
 
Join Date: Sep 2010
Posts: 6,890
Default

You need to understand what Filevault actually is.
This encrypts your hard drive volume. This is security against physical access to your hard drive. It would not protect you online or in any other way. Specifically protection from physical access to your drive. (Hence the comment about a good fit for someone like an FBI agent or CEO with business secrets on their machine that someone would be motivated to steal and access.)

Anything in or out of the drive is encrypted/decrypted and this is obviously a performance hit. A fast machine with a SSD might not be fully crippled but you would be sacrificing significant performance none the less.

If you ARE at risk of theft and theft of sensitive data, then you absolutely want to make this kind of security first priority. Either put up with a slower machine for secondary uses or use a machine with no expensive company secrets on it instead. Bricking an OS update/install is an acceptable risk if this kind of security is a priority.

High security against physical access and theft is a lower use case and absolutely a faux pas to have enabled by default for the average user.

And Apple are screwing up. Updates are crashing and bricking the OSX install in filevault enabled systems. They currently are aware something is very wrong as they shut down their update server some 24 hours ago and it's still down. So we have users that clicked on an update and now their even their USB OSX installer will not bail them out because 10.13 requires a connection to their server for current updates (even if you have made a full USB installer). Not a good look!

Today, if you try updating from 10.13.3 to 10.13.4, a download will appear to start, your system will reboot into the installer mode, and it will quietly give up and restart back to 10.13.3. But if you had filevault enabled it will now hang on startup and you will be in "paperweight" mode. Seen a number of systems with this happen now. One in front of me right now. Apple's server is still down.



Do what you will with this info and believe it or not. I see things, I spill the beans on them. I've never seen Apple crashing and burning this hard before. This is Windows-esque stuff.

I tried playing along even with the extra work and feature regressions but I'm back to recommending avoiding both 10.12 and 10.13 again. (10.13 was supposed to be a bug fixed 10.12)
__________________
Mac Pro 8x 3.33GHz i7, 16GB, various SSD's and systems; MacBook Pro 4x 3.6GHz i7, 16GB, various SSD's and systems; 2x True Precision 8; Apogee AD-16; 2x MOTU 828mk3, Evolution UC-33e; Faderport; WiRanger, iPad. Remember hardware mixers? Me neither.
serr is online now   Reply With Quote
Old 04-16-2018, 02:58 AM   #4
Skijumptoes
Human being with feelings
 
Join Date: Mar 2018
Posts: 13
Default

Quote:
Originally Posted by serr View Post
You need to understand what Filevault actually is.
This encrypts your hard drive volume. This is security against physical access to your hard drive. It would not protect you online or in any other way.
I work with security every day of the week, so i have a rough approximation of what Filevault is, but i'm always keen to learn more.

And, If by 'any other way' you include physical loss or theft of your hardware then yes it would very much protect you, may be the one thing that keeps your data safe infact, so really YOU need to understand what disk encryption means, HOW it works and WHY it protects you, because again, you're going to be posting nonsense in a vein attempt to protect your own integrity vs providing fellow users accurate information.

If that's the line you tread, then i can't help you, but as a professional who's been covered via disk encryption and have actively chosen to use it for many years i shall stand to correct such nonsense, mainly for the benefit of anyone reading, and zero desire to argue with you on the matter - because it's such clearly ill-advised information that you're promoting.

Quote:
Originally Posted by serr View Post
Anything in or out of the drive is encrypted/decrypted and this is obviously a performance hit. A fast machine with a SSD might not be fully crippled but you would be sacrificing significant performance none the less.
Not a clue have you? You realise CPU's have encryption sets built in, so the majority of the encryption is handled direct via instructions within the CPU itself? i.e. basically means it's using areas of computing that your machine wouldn't even be using if encryption was disabled? It's like putting shopping in the engine bay of your car cause you've 'heard' putting it in the boot will slow you down.

Look into AES-NI, as you're clearly oblivious to how it works.

Quote:
Originally Posted by serr View Post
If you ARE at risk of theft and theft of sensitive data, then you absolutely want to make this kind of security first priority. Either put up with a slower machine for secondary uses or use a machine with no expensive company secrets on it instead. Bricking an OS update/install is an acceptable risk if this kind of security is a priority.
There is no noticeable trade off, and we ARE ALL at risk of theft, or machine loss - particularly laptop users. There is NO priority to be considered, it's really not an issue, and as i've said before if you have some first hand experience of it causing you issues then go ahead and post them, as it is this is all just hear say and nonsense, and regurgitation of false information.

But to use that further and recommend people disable a very well implemented security for their devices is really really ill-advised. I would even be willing to make a case that by not using it you could be walking in to more problems as Apple are strongly advising it to be used.

As i've said before, i use multiple devices ALL encrypted, have done so for years, i lost a MacBook at a live gig, and luckily it was fully encrypted. On top of that, companies i work for have all 100's of their machines encrypted, and i've not heard of any of them having to disable it for the massive 1% CPU boost they 'may' see.

If you've got a studio that cannot be broken into, or a house that you never leave unattended, or you're a laptop user who never takes it out/leaves it in a car/on holiday, or you trust any computer repair shop where you may send your machine to be fixed, or you have shared accommodation where you can trust everyone coming in and out of, and you destroy all media after use - Then go ahead, disable it and revel in the CPU boost that you'll probably never even notice with modern encryption. Furthermore, Keep working AGAINST what the OS provider recommends, and see what happens.

Quote:
Originally Posted by serr View Post
High security against physical access and theft is a lower use case and absolutely a faux pas to have enabled by default for the average user.
I suppose holding multiple backups is a 'faux pas' too, right? I mean, why even backup externally (via cloud/ftp/nas etc) when by your advice nothing can happen to an 'average user's physical machine? An unencrypted Laptop with USB drive is enough, right? Unencrypted local backups also pointless in your opinion also?

Quote:
Originally Posted by serr View Post
Do what you will with this info and believe it or not. I see things, I spill the beans on them.
No, you read 'things', and then post ill advised recommendations to fellow users that's not to their longterm benefit, it's nothing to do with 'believing' you, in fact, this isn't anything do with 'you' at all and i think that's the problem you're having.

Quote:
Originally Posted by serr View Post
I've never seen Apple crashing and burning this hard before. This is Windows-esque stuff.
Yeah sure, it's really confusing how millions of professionals around the world are cashing in their invoices with this clear burning and crashing of apple that's happening around us!! It's absolutely insane. I don't know how i made it through last month alive... Luckily i was able to fight all these issues and get through the work. But next month... wow, may have to swap to windows, which, actually is a really good OS too - oh wait, now you have me confused. How an earth have people be running on windows all these years too?!!

Are you without a machine by the way? Have you been crashing and burning too? Or is this just more 'spilling the beans' kinda stuff, that you've seen?

And are Apple now so windows-esque that they're selling your personal details to the highest bidder? All i see is them putting some great technology in place to protect it's users both physically and virtually. But hey, if you want to fight against that, then do so. But please, don't recommend that others should do so by default, even if you caused one person to have their data stolen a year down the line, one is still too much.

Quote:
Originally Posted by serr View Post
I tried playing along even with the extra work and feature regressions but I'm back to recommending avoiding both 10.12 and 10.13 again. (10.13 was supposed to be a bug fixed 10.12)
Again, i'm running all the latest updates, encryption enabled, has been for years, multiple machines, i service approx 70-80 machines directly over the course of a year and i have not known one occurrence of having to disable disk encryption. But then, i don't sit and read stories, i just get to work.

As you're a guru on recommending which OS we should also be using, could you please confirm that you still recommend running without encryption enabled by default?

Last edited by Skijumptoes; 04-16-2018 at 03:21 AM.
Skijumptoes is offline   Reply With Quote
Old 04-16-2018, 09:42 AM   #5
serr
Human being with feelings
 
Join Date: Sep 2010
Posts: 6,890
Default

I stopped after the first bits about it being possible to commit physical theft over the internet and magic instruction sets that execute in zero time. Sorry, I don't think you're trying to troll me and there's certainly some miscommunication or typo at the root of that but still...

I'll simplify it: Don't invite trouble!

Do understand that security measures designed to protect against physical theft are sometimes a priority. Use them when appropriate. Don't use them when performance and/or data integrity is the priority.

Aside: I suspect what got a little confused above is related to integrated chip level security like that available in some of the secure flash memory (like that used to store encrypted EFI passwords). There will come a day when perhaps everything is made like this in a way that supports performance. It would be premature to treat OS based hard drive encryption this way.

Care to explain to the last guy who lost the recording of his last project and further had to come for help with a machine that would no longer boot how he's still better off with this enabled? Yes, he screwed up by 1. not catching it on day 1, and 2. really screwed up by clicking that OSX update button before backing it up. That IS the root screwup! So don't invite trouble.


Want the 'conspiracy theory' version?
Apple is being accused of doing this intentionally to really hit anyone still using a spinning HDD for their system drive (as originally came stock in many of the pro machines they used to make) so they can tell them they need to buy one of their new disposable models. I think they're just good old fashioned screwing up on this one too but it's getting harder to make Rube Goldberg-like excuses for how it's still innocent as they devolve.


Anyway, the trouble stories I've told are all real episodes. I'm suggesting 'better safe that sorry' approaches to prevent disaster and erring on the side of caution. Operator is a thing for sure but it isn't reasonable to get dinged for it like I see going on with this current OSX release.
__________________
Mac Pro 8x 3.33GHz i7, 16GB, various SSD's and systems; MacBook Pro 4x 3.6GHz i7, 16GB, various SSD's and systems; 2x True Precision 8; Apogee AD-16; 2x MOTU 828mk3, Evolution UC-33e; Faderport; WiRanger, iPad. Remember hardware mixers? Me neither.

Last edited by serr; 04-16-2018 at 09:59 AM.
serr is online now   Reply With Quote
Old 04-16-2018, 11:46 AM   #6
serr
Human being with feelings
 
Join Date: Sep 2010
Posts: 6,890
Default They fixed it!

The errant default selection to enable Filevault in the new install account setup script has been removed in the new 10.13.4 installer. (Note, the 'base install' package has been revised and installs OSX 10.13.4 as the base system now.)
__________________
Mac Pro 8x 3.33GHz i7, 16GB, various SSD's and systems; MacBook Pro 4x 3.6GHz i7, 16GB, various SSD's and systems; 2x True Precision 8; Apogee AD-16; 2x MOTU 828mk3, Evolution UC-33e; Faderport; WiRanger, iPad. Remember hardware mixers? Me neither.
serr is online now   Reply With Quote
Old 04-16-2018, 02:14 PM   #7
cyrano
Human being with feelings
 
cyrano's Avatar
 
Join Date: Jun 2011
Location: Belgium
Posts: 2,673
Default

FWIW, Serr, I've been using FileVault for years, also on disks that are used for recording. The performance loss isn't even noticeable.

But, yes, it shouldn't be enabled by default. And there's a worse bug in there. In some circumstances, it resets your FV password. If you don't have the secondary unlock key, your data is toast...

That reminds me I should backup. It's been a while
__________________
Next thing on the todo list: introduce your paranoia to your imagination.
cyrano is online now   Reply With Quote
Old 04-17-2018, 04:05 AM   #8
Skijumptoes
Human being with feelings
 
Join Date: Mar 2018
Posts: 13
Default

Quote:
Originally Posted by serr View Post
I stopped after the first bits about it being possible to commit physical theft over the internet and magic instruction sets that execute in zero time. Sorry, I don't think you're trying to troll me and there's certainly some miscommunication or typo at the root of that but still...

I'll simplify it: Don't invite trouble!
Well, i'm willing to learn, and you're not, so that's up to you if you consider any alternative viewpoint to be trolling, that's a pathetic stance to take when someone is trying to help other users.

And you are directly inviting trouble by not encrypting your drive, both in the sense that your data could be easily more compromised but moreso that you're operating against the recommendations of the OS designer. i.e. it will be the users who have no encrypted previously at most risk of having an issue.

If you don't understand how AES or AES-Ni works then really you shouldn't be telling people such false claims that their performance will be SEVERE-ly affected with encryption, as it's nonsense. The hardware and OS is designed to specifically run in that manner. There's no magic, it's simply a case of the CPU directly being able to decrypt on the fly which means it's not having to go via your OS and affect applications.

Quote:
Originally Posted by serr View Post
Do understand that security measures designed to protect against physical theft are sometimes a priority. Use them when appropriate. Don't use them when performance and/or data integrity is the priority.
There is no priority choice to be made, you've made it out to be this evil encryption that's no use to anyone other than an FBI agent and it slows your machine done AND you recommend people disable it?! It's nonsense, and you know it. If i encrypted your drive you would not even notice i had done so.

Further than that you dismiss any facts as trolling, you're basically trolling yourself mate.

Quote:
Originally Posted by serr View Post
Care to explain to the last guy who lost the recording of his last project and further had to come for help with a machine that would no longer boot how he's still better off with this enabled? Yes, he screwed up by 1. not catching it on day 1, and 2. really screwed up by clicking that OSX update button before backing it up. That IS the root screwup! So don't invite trouble.
I can't understand what you're saying here, but if it was already enabled then the issue cannot be with disk encryption, the issue may happen if you enable disk encryption and the drive locks - in which case no data is lost, you simply unlock the drive via the key. It's really quite straight forward, encryption does not make changes to your actual data, it's simply doing it's job of not allowing an unvalidated OS to read it.

Secondly, any sensible user will be running backups on their system, Apple has both bases covered with file vault and time machine - so there's no excuse for anyone using a mac to not have backups, or their data encrypted. If they're not backing up then there can be no complaints if they lose data that they cherish, and likewise if they do not encrypt their data there can be no complaints if they're even subjected to identity/data theft where their laptop to go missing.


Quote:
Originally Posted by serr View Post
Want the 'conspiracy theory' version?
No, cause it's balls and shows that basically at the core of your thoughts is a conspiracy theory that's at the basis of you recommending that people should turn off privacy protection based on false rumours and clearly NO REAL WORLD experience yourself.

Your really need to grow up. I'll leave my laptop on a train to go for a ride, and you leave yours, and we'll see who's most likely for identity theft.

Are you really trying to tell the world that Apple would want to deliberately break and/or slow down their own users OS's so that companies such as western digital/samsung/toshiba etc. can sell more SSD drives? Really? They are that charitable to hard drive manufacturers?!! Or is the conspiracy deeper, that actually Apple are building all these drives and rebranding them as Toshiba/WD etc? lol honestly, it's laughable.


Quote:
Originally Posted by serr View Post
Anyway, the trouble stories I've told are all real episodes.
Have you personally lost data because of this 'faux pas'? It's pointless passing off stuff "you've read" as fact, particularly given your loaded agenda that this is some kind of conspiracy against people within spinning drives lol.

Your very post which created this thread is proof of that mis-information and how it spreads, and how these 'stories' you read are all just secondhand information that serves no direct help to users, particularly when loaded with a conspiracy-based 'recommend' to disable something that has been designed to offer them protection in the case of a real disaster scenario.

Maybe if i hadn't argued the fact then someone else would've pointed to this thread as evidence that CPU's are severely affected if you enable encryption, and your machine will crash and burn, and apple are doing it all to stop people using spinning drives and that we MUST be safe than sorry and DISABLE ALL THEY RECOMMEND!!!! (joke!). Seriously, Be part of the solution, not the problem.


Quote:
Originally Posted by serr View Post
I'm suggesting 'better safe that sorry' approaches to prevent disaster and erring on the side of caution. Operator is a thing for sure but it isn't reasonable to get dinged for it like I see going on with this current OSX release.
Yet you're quite happy to scare people into disabling such a useful feature. The better safe than sorry approach IS to enable encryption, it doesn't hit CPU, it offers privacy protection AND it's recommended by the OS creators, so you're towing the safest line possible there.

A 'DISASTER' is losing your data via theft or loss, another 'DISASTER' could be working against the OS recommendations in a way that may ostracise you, meaning that you're become the small percentage in the millions who may experience issues.

How an earth is working AGAINST guidelines considered safe?! i.e. How can a recommended box even be automatically ticked without your knowledge if you've already ticked it years ago?!

Last edited by Skijumptoes; 04-17-2018 at 05:01 AM.
Skijumptoes is offline   Reply With Quote
Old 04-17-2018, 09:23 AM   #9
Futur8me
Human being with feelings
 
Join Date: Dec 2015
Posts: 243
Default

Thankyou very much Skijumptoes for giving us actual facts.., and for dealing to the paranoid delusional conspiracy crap of serr.

.

.

.
__________________
5K Imac - 4.2Ghz i7 Skylake, 8GB Ram, AMD R9 M395X, 256 SSD, Apogee Duet USB, macOS 10.13.4.
Futur8me is offline   Reply With Quote
Old 04-17-2018, 10:31 AM   #10
serr
Human being with feelings
 
Join Date: Sep 2010
Posts: 6,890
Default

Quote:
Originally Posted by cyrano View Post
FWIW, Serr, I've been using FileVault for years, also on disks that are used for recording. The performance loss isn't even noticeable.

But, yes, it shouldn't be enabled by default. And there's a worse bug in there. In some circumstances, it resets your FV password. If you don't have the secondary unlock key, your data is toast...

That reminds me I should backup. It's been a while
Fair enough.
Now the folks directly accusing me of making up the examples I mentioned and that led me to posting a friendly warning...
I don't know. I suspect I sounded kind of like that a few years ago. Fully hyped up on the Apple koolaid and all. Apple can do no wrong!

So was this a red herring on the machines I saw? There was a clear night/day on the few machines with spinning HDD's when disabled again.

Does running a SSD make it a moot point?
The proper thing for me to do would be to run some disk tests. The Filevaulted OSX install getting bricked from the .4 revision sure seemed like a direct result. I've seen 3 of those. So I approached this from a "Don't invite trouble" angle and said turn it off if you don't need protection against physical theft of your hard drive.

Seems like the safe approach.

I don't get the logic in other's speculation that somehow disk encryption could protect you against anything online. This would be a dangerous conclusion to draw because it very much does not. You still need network monitoring and file verification tools for that.

Fair point that I didn't exactly verify everything with a lot of speed tests.

Computers...
Turn everything and the kitchen sink on unless someone can verify that there WILL be a problem? Or only turn on what you're using and keep it simple. I'm honestly trying for the latter.

I've seen a number of posts complaining about poor performance in OSX 10.13 that made no sense in that there was no obvious wrong settings and the machine was far from underpowered. And of course no one wants risk of their OS bricked when they have things to do. So I threw this out there.


Having problems and this wasn't it? Fair enough then.

If you have a machine with physical security requirements, by all means use disk encryption! Is it still fast enough to also run audio? Well, sweet then!
Note that you'll have to enable this manually again because Apple removed the default selection with the .4 revision.
__________________
Mac Pro 8x 3.33GHz i7, 16GB, various SSD's and systems; MacBook Pro 4x 3.6GHz i7, 16GB, various SSD's and systems; 2x True Precision 8; Apogee AD-16; 2x MOTU 828mk3, Evolution UC-33e; Faderport; WiRanger, iPad. Remember hardware mixers? Me neither.
serr is online now   Reply With Quote
Old 04-17-2018, 11:56 AM   #11
snooks
Human being with feelings
 
Join Date: Sep 2015
Posts: 1,485
Default

The thing is that audio users are demanding a lot smaller buffer sizes than years ago, along with higher and higher tracks counts coupled with DFD streaming of enormous sample libraries. I'd be amazed if there wasn't a significant decrease in peak performance in some circumstances.

I see from Intel's testing that things aren't clear cut - even as clear cut as their conclusion from limited testing here...

https://software.intel.com/en-us/art...rol-case-study

Re the single core thing performance drop, I instantly thought of Kontakt or *shudder* Play there. With the other cores and cache already being taken up with other, non-encryption duties - unlike their testing.
snooks is offline   Reply With Quote
Old 04-17-2018, 01:14 PM   #12
cyrano
Human being with feelings
 
cyrano's Avatar
 
Join Date: Jun 2011
Location: Belgium
Posts: 2,673
Default

Snooks certainly has a point.

And I should have added that I only use it on a data disk or partition, not on a startup disk. I've tested it on a startup disk, tho and the performance hit was minor. There can be a worse performance hit in some cases. Like, don't try it on a software RAID setup. And I imagine background backup utilities, like Retrospect could wreak havoc too.

Meanwhile, another FV related bug surfaced. Some Macs, also older ones, don't wake from sleep running 10.3.4. Waking results in a black screen, no way out but to hard reboot the machine. I know of complete data loss in one case. Could be a failing SSD, of course.

What puzzles me since Lion, is that all these bugs only seem to happen to some users. We've hardly seen a "general" bug, affecting all users. Or even all users of certain models.

That seems to suggest it's not hardware related.

Meanwhile, the cause for the FV password reset seems to be the use of a central authentication server, so that bug is limited to the corporate world.

EDIT: Intel ran these tests on a 128GB memory RedHat machine
__________________
Next thing on the todo list: introduce your paranoia to your imagination.

Last edited by cyrano; 04-17-2018 at 01:19 PM.
cyrano is online now   Reply With Quote
Old Yesterday, 03:05 AM   #13
Skijumptoes
Human being with feelings
 
Join Date: Mar 2018
Posts: 13
Default

Quote:
Originally Posted by serr View Post
I don't get the logic in other's speculation that somehow disk encryption could protect you against anything online. This would be a dangerous conclusion to draw because it very much does not. You still need network monitoring and file verification tools for that.
I would love for you to point out where anyone has claimed such a thing as you're coming across as dramatically confused here and clearly not understanding what's being said?

I don't get the logic of why Apple are embroiled in a conspiracy to sell more SSD drives for Samsung, perhaps you could explain that also?

Quote:
Originally Posted by serr View Post
I've seen a number of posts complaining about poor performance in OSX 10.13 that made no sense in that there was no obvious wrong settings and the machine was far from underpowered.
So by that logic you'd recommend that we disable firewalls if our internet is slow? There's hundreds of reasons before the disk encryption being a culprit, but perhaps none of them have a conspiracy that you can hang on?

Quote:
Originally Posted by serr View Post
And of course no one wants risk of their OS bricked when they have things to do. So I threw this out there.
You also 'threw out' that it's better to have no encryption claiming it's for FBI Agents.
You also 'threw out' that performance is SEVERELY effected.
You also 'threw out' that this is an Apple conspiracy.
You also 'threw out' that Apple are crashing and burning hard.

The truth is, in turns of first hand experience and knowledge, you are somewhat ignorant on the subject matter but masquerading as an expert on it, and subsequently would rather let laughable conspiracies take precedence in your mind. I mean, 'magic' cpu instruction sets, you really think that?!

Quote:
Originally Posted by serr View Post
If you have a machine with physical security requirements, by all means use disk encryption! Is it still fast enough to also run audio? Well, sweet then!
Why the question mark, i thought you had tried it, as you was saying how night and day the performance difference it is(!?).
Don't tell me after all this you've never even used a machine running from an encrypted drive?

And i'll say it once more, as you're clearly not understanding, ALL our machines are at risk of physical loss or theft, and some may also be at further risk, i.e. being used in a shared environment or sent externally for repairs etc..

I don't understand the criteria you've formed to conclude who wouldn't be at risk? Is it still bank CEO's and FBI Agents? Or can we include students commuting each day with laptops? Howabout studio owners who's studios are external to their home properties? Howabout a DJ who's transporting their mac for live work? Howabout the average joe, who has all their bank details, emails and account information and also enjoy making music as a hobby? Most importantly, what about yourself?

I've never had to use a disaster recovery backup personally, so, does that mean that statistically i should stop backing up?! That IS a performance killer, yet i've had a laptop stolen which is generally considered a lesser chance of occurrence.

So technically physical encryption has been my greatest saviour up until this point. Would i rather have found that out the hard way based on your critieria? No, cause i don't take chances with clients data, nor mine. It's called better safe than sorry, some talk it, some exercise it.

Last edited by Skijumptoes; Yesterday at 03:53 AM.
Skijumptoes is offline   Reply With Quote
Old Yesterday, 03:34 AM   #14
Skijumptoes
Human being with feelings
 
Join Date: Mar 2018
Posts: 13
Default

Quote:
Originally Posted by cyrano View Post
What puzzles me since Lion, is that all these bugs only seem to happen to some users. We've hardly seen a "general" bug, affecting all users. Or even all users of certain models.
Depends how knowledgeable people are i think, i.e. most of us here could probably use a Mac and know if it's running ok or not, and also know when to give it a fresh install or keep with the OS upgrade method.

I used to have a set cycle of Clean Install/Upgrade/Clean Install/Upgrade for each major OSX revision, and going through Yosemite etc. was hell for me, particularly with work - it was causing me some serious problems. I hated yosemite and couldn't understand how anyone could say it was good.

So i literarily spent an entire weekend sorting out all my data files, splitting into different partitions etc. and bought a new SSD, put everything back 'including' yosemite, and it ran perfectly. Since then if i notice any kind of dip in performance or issues, i immediately get on it and sort them out.

And you know, what i've noticed more and more is that it's amazing, for example, how an out of date extension in safari, can affect your system. Or when you're debugging code and have installed additional extensions and/or drivers and they go out of date with an OS revision.

But the most critical aspect to reading problems online, i think, is that everyone are web enabled by default now, and as such with forums, twitter, Facebook etc. the issues are so much more immediate than what they were previously.

It's like if you check a Facebook timeline, it's also amazing how many people are suffering with depression too. I mean, that's massive! ..but are they? God knows! lol

Since El Cap i've just been happy to upgrade and it's running well still, but as a windows convert many many years ago i think i'm just so much more into the apple mindset (i.e. hitting terminal like i would dos etc) and can deal with most issues without even referring to the internet - which seems to take longer now there's so much chuff to read through!

I've also experienced a load of Hackintosh users in the past couple of years asking for help, the minute you walk in and a black PC with neon lights hanging off it, and a 'MacOS' sticker on the front, my first reaction is 'ohhh'.

Also, there's many older Mac Pro (08/09) users who are using a firmware hack to keep their machines relevant, i still love mine - it's running High Sierra, as i wanted the latest Logic updates, and it's all good. However, i know there's many elements to be wary off!

Not sure what point i'm trying to make here, but i've been really hot and cold with Apple since Leopard. Currently though, it's earning me money and i'm really happy - my biggest concern is what my next hardware will be. I'm not fussed what OS i run, as long as it does the business, and i can throw any laptop in a bag and know it will respond when i'm sat infant with a roomful of people the other end!
Skijumptoes is offline   Reply With Quote
Old Yesterday, 12:28 PM   #15
cyrano
Human being with feelings
 
cyrano's Avatar
 
Join Date: Jun 2011
Location: Belgium
Posts: 2,673
Default

Quote:
Originally Posted by Skijumptoes View Post
Depends how knowledgeable people are i think, i.e. most of us here could probably use a Mac and know if it's running ok or not, and also know when to give it a fresh install or keep with the OS upgrade method.
I don't think so. First off, OSX should work even for the uninitiated. And secondly, there's hardly any docs at all from Apple. We seem to have to work it all out ourselves, with the help of sources like MacAdmins.

Besides, my numbers come from fleets in the corporate/edu world. Most users aren't really knowledgeable when it comes to their computer.

Quote:
I used to have a set cycle of Clean Install/Upgrade/Clean Install/Upgrade for each major OSX revision, and going through Yosemite etc. was hell for me, particularly with work - it was causing me some serious problems. I hated yosemite and couldn't understand how anyone could say it was good.

So i literarily spent an entire weekend sorting out all my data files, splitting into different partitions etc. and bought a new SSD, put everything back 'including' yosemite, and it ran perfectly. Since then if i notice any kind of dip in performance or issues, i immediately get on it and sort them out.
I always do a clean install when doing a major upgrade. But that's my personal machine. It's old and it runs Mavericks. I skip a few versions these days. I held out on Snow for as long as I could. It wasn't until I needed an up-to-date browser that I upgraded to Mavericks. And I had to rip out some icloud parts to get everything to my liking.

I've got El Capital on a partition, but that doesn't play nice with my RME. Dropouts every 5 to 15 seconds. And as I've got no reason to upgrade yet, I haven't taken the time to debug it.

Quote:
And you know, what i've noticed more and more is that it's amazing, for example, how an out of date extension in safari, can affect your system. Or when you're debugging code and have installed additional extensions and/or drivers and they go out of date with an OS revision.
I've given up on Safari. I use Chrome and Vivaldi for daily work. Safari is kept clean. No extensions, no bookmarks even. It takes forever to load and it isn't as fast as the two others.

In fact, I've given up on most Apple applications. I gave up Logic when it was at 9.0 because of the time it took Apple to fix the many bugs. And I've given up on stuff like iMovie, because Apple killed it. Things like Pages, which I don't use much, are way too slow, compared with other, more slender software out there. The only Apple apps remaining, are iTunes and iPhoto.

Quote:
But the most critical aspect to reading problems online, i think, is that everyone are web enabled by default now, and as such with forums, twitter, Facebook etc. the issues are so much more immediate than what they were previously.

It's like if you check a Facebook timeline, it's also amazing how many people are suffering with depression too. I mean, that's massive! ..but are they? God knows! lol
As I said, I've other data sources when it comes to weighing problems. I do have a FB account these days, under a phony name, because I needed a dev code. But I hardly use it. I have NO FB friends, as everybody I know doesn't want FB. And I belong to two FB groups. One is for Ambisonics. Hardly any activity. The other one is about fungi and is very active.

Quote:
Since El Cap i've just been happy to upgrade and it's running well still, but as a windows convert many many years ago i think i'm just so much more into the apple mindset (i.e. hitting terminal like i would dos etc) and can deal with most issues without even referring to the internet - which seems to take longer now there's so much chuff to read through!
I"ve been a Mac user since 1986 or so. But I've managed hundreds of Win machines back in W2K era. Glad I don't have to do that today

Quote:
I've also experienced a load of Hackintosh users in the past couple of years asking for help, the minute you walk in and a black PC with neon lights hanging off it, and a 'MacOS' sticker on the front, my first reaction is 'ohhh'.

Also, there's many older Mac Pro (08/09) users who are using a firmware hack to keep their machines relevant, i still love mine - it's running High Sierra, as i wanted the latest Logic updates, and it's all good. However, i know there's many elements to be wary off!
The TonyMac scene has a lot of VERY knowledgeable people. And they are not fanbois. I also still support many Mac Pro users for photography and audio.

In fact, I've built a PPC machine recently, for an artist who was so fed up with some plugin that comes with a built-in shop today that he went back to OS9 to get rid of all the cloud stuff. And, lo and behold, that ancient stuff is faster too.

Quote:
Not sure what point i'm trying to make here, but i've been really hot and cold with Apple since Leopard. Currently though, it's earning me money and i'm really happy - my biggest concern is what my next hardware will be. I'm not fussed what OS i run, as long as it does the business, and i can throw any laptop in a bag and know it will respond when i'm sat infant with a roomful of people the other end!
My thoughts exactly. Don't want a TouchBar lappy. And I'd like FireWire, for the RME.

And, no, definitely NO USB-C. That's turning into the biggest money pit I've ever seen. AV Pro's with one of these new, light, slender MB Pro's also carry a big bag of USB-C adapters these days. Labelled with 'this one for video with a XYZ projector' and stuff like that. I've even seen one with a (paper) note book only to sort out problems with all the different hardware he encounters when doing shows in different venues.

What's definitely worrying me, is repairability. Apple obsoletes machines after 5 years, these days. That's simply not long enough to warrant the high price. HP's latest are beginning to look very interesting, with a 4 TB SSD, 32 GB ram and a 4 GHz processor, under 2.000$. That leaves budget for a new interface...

And since REAPER works with Debian/Wine, there's not much left keeping me on OSX.

Oh, yes, that's another BIG error Apple committed. Renaming OSX to MacOS. Even their own devs don't want to use it. It makes finding anything on the net a real pita. And in absence of docs from Apple, we need to search more and more.
__________________
Next thing on the todo list: introduce your paranoia to your imagination.
cyrano is online now   Reply With Quote
Old Yesterday, 12:44 PM   #16
snooks
Human being with feelings
 
Join Date: Sep 2015
Posts: 1,485
Default

Apple dropping 32 bit support and going with ARM processors are biggies too. The ARM thing in particular is a major upheaval which might turn out very badly.

What do you guys think of the upcoming Macpocalypses?
snooks is offline   Reply With Quote
Old Today, 04:17 AM   #17
Futur8me
Human being with feelings
 
Join Date: Dec 2015
Posts: 243
Default

Quote:
Originally Posted by snooks View Post
Apple dropping 32 bit support and going with ARM processors are biggies too. The ARM thing in particular is a major upheaval which might turn out very badly.

What do you guys think of the upcoming Macpocalypses?

There are already hundreds if not thousands of music apps running on ARM for several years now so I fail to see your prediction of "very badly".

Change is inevitable so it either works for your needs or it does not.

.

.

.
__________________
5K Imac - 4.2Ghz i7 Skylake, 8GB Ram, AMD R9 M395X, 256 SSD, Apogee Duet USB, macOS 10.13.4.
Futur8me is offline   Reply With Quote
Old Today, 05:16 AM   #18
snooks
Human being with feelings
 
Join Date: Sep 2015
Posts: 1,485
Default

Quote:
Originally Posted by Futur8me View Post
There are already hundreds if not thousands of music apps running on ARM for several years now so I fail to see your prediction of "very badly".
None of these devices have ever been stressed in the same way that desktops have been for audio. Processor architectures are not interchangeably performant either - even with the same instruction set, as can be see with the x86 wars between Intel and AMD over the years.

I predict 5 years of blaming Native Instrument et al for not "optimising their code for the new Mac architecture" or similar. Maybe the processors will be better/faster out of the gate though! Anything's possible, including disaster (for audio, an insignificant blip in terms of profit for Apple).
snooks is offline   Reply With Quote
Old Today, 05:26 AM   #19
Futur8me
Human being with feelings
 
Join Date: Dec 2015
Posts: 243
Default

Quote:
Originally Posted by snooks View Post
None of these devices have ever been stressed in the same way that desktops have been for audio. Processor architectures are not interchangeably performant either - even with the same instruction set, as can be see with the x86 wars between Intel and AMD over the years.

I predict 5 years of blaming Native Instrument et al for not "optimising their code for the new Mac architecture" or similar. Maybe the processors will be better/faster out of the gate though! Anything's possible, including disaster (for audio, an insignificant blip in terms of profit for Apple).

Why do you focus on the negatives?, focus on the positives.., if the change does not fit your needs then find and use another platform that does.
.

.
.
__________________
5K Imac - 4.2Ghz i7 Skylake, 8GB Ram, AMD R9 M395X, 256 SSD, Apogee Duet USB, macOS 10.13.4.
Futur8me is offline   Reply With Quote
Old Today, 06:01 AM   #20
snooks
Human being with feelings
 
Join Date: Sep 2015
Posts: 1,485
Default

Quote:
Originally Posted by Futur8me View Post
Why do you focus on the negatives?, focus on the positives.., if the change does not fit your needs then find and use another platform that does.
I'm worried for Mac users, I can't help it and can't ignore the active volcano they are resting their little yoga mats and feng shui books on.
snooks is offline   Reply With Quote
Old Today, 07:03 AM   #21
Futur8me
Human being with feelings
 
Join Date: Dec 2015
Posts: 243
Default

Quote:
Originally Posted by snooks View Post
I'm worried for Mac users, I can't help it and can't ignore the active volcano they are resting their little yoga mats and feng shui books on.

A perception of reality is not reality so why are you so worried about something that has not happened yet..?, the future might just bring us good positive change and all will work out.., shock horror.

and probably many people at Microsoft have little yoga mats n feng shui books also haha.

.

.
__________________
5K Imac - 4.2Ghz i7 Skylake, 8GB Ram, AMD R9 M395X, 256 SSD, Apogee Duet USB, macOS 10.13.4.
Futur8me is offline   Reply With Quote
Old Today, 07:52 AM   #22
cyrano
Human being with feelings
 
cyrano's Avatar
 
Join Date: Jun 2011
Location: Belgium
Posts: 2,673
Default

Quote:
Originally Posted by snooks View Post
None of these devices have ever been stressed in the same way that desktops have been for audio. Processor architectures are not interchangeably performant either - even with the same instruction set, as can be see with the x86 wars between Intel and AMD over the years.
I don't agree. There are literally millions of devices out there running on ARM. And some of those are used in DSP applications.

It all depends on the software. And Apple has pulled off such a transition twice before, without too much trouble for the end-user.

Quote:
I predict 5 years of blaming Native Instrument et al for not "optimising their code for the new Mac architecture" or similar. Maybe the processors will be better/faster out of the gate though! Anything's possible, including disaster (for audio, an insignificant blip in terms of profit for Apple).
That sure is possible. It's already happening with USB in 10.13.4. So you don't even need an ARM processor to find trouble.

I personally don't see any reason to favour Intel. They've been bad enough, with bugs and unreliable patches. Besides, Intel has seen a tremendous braindrain, lately.

The ARM platform isn't loaded with a gorilla in the room. Intel will do anything to keep their almost monopoly. ARM is just a license. Any manufacturer can go shopping for silicon anywhere. Of course, Apple makes their own chips. But still, they'll have several chip fabs to choose from. That means mostly good things might come out of it.

IF software devs follow.

And maybe the current hiccups in Apple's software development are there because they're busy with something else? Don't forget Tiger was already running on Intel, as a test case, long before Snow surfaced. There are rumours of OSX running on ARM in the lab...
__________________
Next thing on the todo list: introduce your paranoia to your imagination.
cyrano is online now   Reply With Quote
Old Today, 07:53 AM   #23
cyrano
Human being with feelings
 
cyrano's Avatar
 
Join Date: Jun 2011
Location: Belgium
Posts: 2,673
Default

Quote:
Originally Posted by Futur8me View Post
if the change does not fit your needs then find and use another platform that does.
That sounds quite simple when you read it...

Ever tried it?
__________________
Next thing on the todo list: introduce your paranoia to your imagination.
cyrano is online now   Reply With Quote
Old Today, 08:00 AM   #24
Futur8me
Human being with feelings
 
Join Date: Dec 2015
Posts: 243
Default

Quote:
Originally Posted by cyrano View Post
That sounds quite simple when you read it...

Ever tried it?

what do you think smarty pants.. lol.

.

.

.
__________________
5K Imac - 4.2Ghz i7 Skylake, 8GB Ram, AMD R9 M395X, 256 SSD, Apogee Duet USB, macOS 10.13.4.
Futur8me is offline   Reply With Quote
Old Today, 08:29 AM   #25
cyrano
Human being with feelings
 
cyrano's Avatar
 
Join Date: Jun 2011
Location: Belgium
Posts: 2,673
Default

So you run Windows?
__________________
Next thing on the todo list: introduce your paranoia to your imagination.
cyrano is online now   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -7. The time now is 08:33 AM.


Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2018, vBulletin Solutions Inc.