hoakley June 22, 2021 Macs, Technology

Rethinking recovery and re-installing macOS

Mac boot disks have changed beyond all recognition over the last few years. Although Intel Macs still have a degree of flexibility, Apple Silicon Macs adopt a model in which, come what may, they have to start the boot process from their internal SSD. The system itself has gone from an integral and largely mutable part of the boot disk to a sealed snapshot. While we could freely clone our boot disks to and fro, even using that as a method of defragmentation, cloning the system is now frowned upon and fraught with problems. This article looks at the way ahead with your Mac’s recovery system, and how useful re-installing macOS is as a generic solution to problems.

macOS may be Unix-like in many respects, but its system is now very different from what you’d expect to see elsewhere. From Big Sur, and almost certainly in Monterey, nearly all of what we refer to as ‘the system’ is not only a separate volume, but locked and sealed away in a snapshot which is mounted and used to boot from. So long as the seal remains intact on that snapshot, nothing can change it, not even the system itself. That seal is a guarantee that every last bit in the system is exactly as it was when it was installed, and matches perfectly with Apple’s original seal too.

Re-installing macOS as a panacea

The traditional reasoning behind re-installing macOS is that something may have become corrupted within the system, so re-installing it could fix that, and restore normal function. For the great bulk of macOS, that no longer applies, but there are still significant parts of what we include in macOS which aren’t sealed on the System volume. Most significantly, these include:

Much of Safari and its support files. These are unfortunately divided between the System and Data volumes, apparently in a bid to make it easier to update without a full system installer.
The MRT app, which is updated separately. In October 2020, Apple pushed version 1.68, which had a bug in Sierra and El Capitan.
XProtect’s data (Yara and other) files, which are usually updated every couple of weeks.
Three Apple kernel extensions.
Rosetta 2 (M1 Macs only), which isn’t installed by default and can be updated outside system updates.
All mutable system configuration and settings files, which of course have to be writable.

Oddly, Apple’s Platform Security Guide states: “the user’s data volume is never mounted during a software update, to help prevent anything being read from or written to that volume during updates.” It’s hard to see how the components listed above, particularly Safari, can be updated without mounting the Data volume, though.

Perhaps the most frequent cause for wanting to re-install parts of the system which remain unsealed is therefore a problem with Safari which can’t be resolved by another means. As Apple no longer supplies separate Safari updates for the current release of macOS, this remains of potential value.

Other reasons for re-installing macOS are more dubious. Kernel extensions, with the three exceptions noted above, are either Apple’s and inseparable from the sealed system, or third-party and installed on the Data volume. If the problem is in a system kernel extension, you might have to try installing an earlier version of macOS, but re-installing the current release is a waste of time. If it’s a third-party kernel extension at fault, that needs to be removed from the Data disk, not the System. If the problem lies with configuration or settings, then only a clean install – after erasing both System and Data volumes – stands a chance of success, and even then migrating from a recent backup may just bring the problem back.

Big Sur’s sealed system volume should have made re-installing macOS much less frequent, and rarely worth trying as a solution now.

Recovery disks

Creating an external bootable disk, with or without backups on it, is more complex, because of the differences between types of Mac.

For Intel Macs without a T2 chip, the arguments for and against are relatively unchanged, except that you shouldn’t rely on being able to clone the system any more, and cloning from an external disk to the internal one may prove increasingly unreliable. But there’s no functional difference between bootable internal and external disks: both can have full-featured recovery systems, although you’ll still want to run Diagnostics from the internal disk.

Add a T2 chip and there’s one major problem: in order to be able to boot from an external disk, you have to change that Mac’s startup security settings to explicitly allow that. If you haven’t enabled booting from an external disk, then before you could use any external recovery disk, you’d have to boot into recoveryOS on its internal storage and use Startup Security Utility to change that. As recoveryOS is stored within a volume within the startup container, thus shares disk space with the System and Data volumes, any more serious problem could force you to boot that Mac in Internet Recovery, making an external recovery disk of limited value. Unless you’re happy to reduce the security on all your Macs with T2 chips, an external recovery disk is unlikely to be worth the effort.

For an M1 Mac, the situation is different again. Although you can boot those Macs from external disks without reducing their security settings beforehand, an M1 Mac can have only one full-featured recovery system, and that’s kept in a separate container on the internal SSD, and can’t be copied or moved. The only way of accessing all the tools provided in recoveryOS is therefore to boot it in Recovery mode (1 True Recovery) from its internal SSD.

Unlike Intel Macs, recoveryOS on an M1 Mac isn’t stored in the same container as the System and Data volumes, but in a completely separate container, which doesn’t share disk space with macOS volumes. This makes M1 Recovery far more robust, and the least unlikely event which might prevent you from accessing Recovery is functional failure of the internal SSD. If that’s a soft failure, the only solution then is to restore that Mac in DFU mode – which is an exceptionally rare requirement.

Given that an external disk attached to an M1 Mac can’t provide Recovery, and lacks key tools such as Startup Security Utility, which can only be run from the primary copy of recoveryOS on the internal SSD, it’s hard to see any value in making an external backup bootable, or in trying to create an external recovery disk. One common reason in the past for preferring a custom recovery disk was to include file system repair tools, such as Disk Warrior and Drive Genius. Currently, no third-party disk utilities can work independently on APFS disks, and those which do so at present only use the same tools available to the user in Recovery mode.

Best practice for an M1 Mac is to ensure that it’s fully backed up, Data and external volumes only, to separable external storage. Should a problem arise which require Recovery, then it should be started up in primary Recovery mode. If necessary, it can then have its macOS container erased, a fresh copy installed, and migration performed from the backup. Cloning to or installing macOS on a backup disk serves no useful purpose, and just wastes 15 GB of space.

Summary

Re-installing the system in Big Sur should only rarely be of any value when trying to fix problems. The most likely situation in which this could help is when Safari has serious problems which can’t be fixed by any other means.

Intel Macs without a T2 chip can still have external/removable recovery disks which should function as before, although cloning the system is likely to become increasingly difficult.

Intel Macs with a T2 chip can only use external recovery disks if their security protection is downgraded at all times to allow them to boot from external disks.

M1 Macs don’t benefit from external recovery disks. Use their primary recoveryOS on their internal SSD instead. Neither does making their backup disks bootable serve any useful purpose.

37Comments

Add yours

1

Nick on June 22, 2021 at 7:59 am

I know it was pooh-poohed before, but this article just reinforces my view that there is a PR nightmare ahead for Apple when the SSDs in systems which are only just out of warranty start failing. This may not happen in vast quantity if the faith everyone has in their long-term reliability is born out (really, who knows?), but some SSDs WILL fail, and those systems will become doorstops as a result. People are surely not going to accept that happening to their premium-priced Apple computers without kicking up a fuss.

I think it is very short-sighted of Apple not to have built-in a way of addressing this issue – there will be nowhere for them to go. I fear a class action in a few year’s time with Apple having to replace systems where this failure mode occurs and suffer a big public relations impact.

I hate being the prophet of doom (again), but unless Apple have come up with some way of making SSDs 100% reliable for the lifetime people expect from their Macs, this unpleasant outcome must surely be an inevitability? I will be truly delighted for them if this does not come to pass and SSDs do last as long as they need to, but everything I have learned about them to date suggests this will probably not be the case.

LikeLiked by 1 person
- 2
  
  performa475 on June 22, 2021 at 8:18 am
  
  They will only become doorstops if Apple let the cost and time taken for their repair centres to replace the board excessive. I notice Apple have been pushing their extended warranty option – I hope that’s not a bad omen!
  
  LikeLiked by 1 person
  - 3
    
    hoakley on June 22, 2021 at 10:36 am
    
    Thank you.
    Quite the opposite: a manufacturer offering longer warranty options has done the arithmetic, and worked out that their products last long enough to be able to afford that. Interestingly, it’s the opposite of what’s happened with hard disks, where 5-year warranties were once common among the better models, but few now offer any longer than 3 years.
    Howard.
    
    LikeLike
- 4
  
  hoakley on June 22, 2021 at 10:31 am
  
  Thank you.
  I’m sorry, I don’t follow you. Some processors fail, yet Apple and other major manufacturers have been soldering them in for years. Asserting that some SSDs will also fail really doesn’t say whether that’s a problem. Apple has been fitting SSDs to MacBook Pro models since 2008, which is well over the notional 10-year expected working life of modern SSDs. A great many of those are soldered onto the logic board, yet that doesn’t appear to have proved a problem, has it? Apple has extended warranties for several reasons, but never, as far as I’m aware, for high rates of SSD failure.
  Nothing in computers, electronics or life in general is 100% reliable. Why should an SSD have to be so? If the CPU in your Mac fails, then you get the logic board replaced. That’s exactly what happens when a soldered-in SSD or a T2 chip fails. I simply don’t see what is problematic about this.
  Howard.
  
  LikeLike
- 5
  
  Emory L. on June 22, 2021 at 10:59 pm
  
  I’m still waiting for my first ever SSD failure. Even the old 2.5″ SATA drives are going strong. I’ve got a few 128-400GB devices that had to be purchased in like 2012 and 2013. A couple are in a JBOD I hammer hard, others are caches in storage systems, my boot volumes on my workstations are all SSDs these days too.
  
  I have a really extensive coverage of off-site backups via Arq to S3 and B2 (I can’t recall offhand the sizes but it’s about $80/mo 😂 that’s the unit of measurement I use for such things apparently!) and each macOS system has a Time Machine volume it uses too. I keep waiting for the cascade of failures to arrive, I’m prepared and ready to be smug about it.
  
  LikeLiked by 1 person
  - 6
    
    hoakley on June 23, 2021 at 7:05 am
    
    Thank you. Although I’m not sure that any of my SSDs are quite that old, my experience is similar. I did once have one I thought had failed, in a MacBook Air, so I replaced it and put the old SSD in an external case. It still works fine there.
    Howard.
    
    LikeLike
    - 7
      
      Sebby on June 23, 2021 at 5:30 pm
      
      FWIW, my 2012 Mac Mini Server’s SSD failed some 6 years after I bought it direct from Apple–but that was a server, and more importantly it was running a suboptimal RAID setup (I’ll never use AppleRAID on SSD ever again). And, given Apple have only recently updated macOS to be less intensive on M1 Macs under memory pressure, I’d suggest it’s not hypothetical, albeit that, yes, things are clearly improving with modern SSDs. Speaking of which, I just received my Sabrent 4 TB SSD and I’m now using it for my backup+clone, and it’s really nice–fast enough, perhaps, that I could “overlook” the efficiency penalty of regularly cloning the system, maybe …
      
      But it’s not just the hardware, it’s also the time you spend in recovering your system, and the possibility that, given the increasing difficulty of obtaining and using versioned installers and updates of the operating system, that you’ll actually be able to restore and use your backups at all, or in a timely manner. Sure, it’s probably less important now than it was, again, but it’s a factor. I also keep app installers (not updates), and you can play with the system clock to avoid certain signature problems, but the real issue is T2-and-subsequent activation requirements upon installation, like iOS. Ultimately, the best we can hope for is that Apple will have no particular reason to deprive us of the means to disable maximal boot security on Macs, as on iOS. I am optimistic. I still need to establish whether I can preserve security policy on T2 Macs even through an NVRAM reset, so that I can maintain an installation of an operating system on an external SSD even if the internal disk dies indefinitely–I’ll establish this shortly.
      
      I actually liked Internet recovery. Slow and picky about Ethernet hardware, sure, but really helpful if your Mac runs an exclusively non-macOS environment, as my 2012 Mini now does (Linux) and you just need access to a few tools (nvram and bless) to arrange the boot sequence. Of course, as long as you can boot externally, it’s completely optional, and however convenient, it’s very slow (especially for complete reinstalls), and it still can’t help if the internal SSD dies on a T2 Mac since you still seem to need a system account to change policy (I don’t know, yet, whether an exception is made when the actual hardware fails, and there’s no way to find that out until it happens). I suppose I shouldn’t complain: I have other Macs running modern operating systems, so I can create fresh media and can do the DFU dance if I need to service future M-series Macs, internal disk notwithstanding. I don’t know whether it works, and haven’t tried to, track or keep earlier IPSW images to reinstall, so I don’t know if it’s possible to reduce security from the outset. Trying the betas isn’t much better without the likes of Mr Macintosh tracking the IPSW download locations, and if you happen to prefer a case-sensitive data volume, as I do, prepare to cache a lot of download assets because you’ll need them to perform the reinstallation from Recovery (other comments notwithstanding concerning the use of dmg images, which are very interesting if they work). On the bright side, I’ve tested using a passive USB A-to-C cable; it works and is very speedy, so the requirements for an orthodox DFU restore are broader than Apple lets on. You just need to be able to run Apple Configurator from a bare-metal installation (not a VM, sadly) on the most recent OS, and keep a cache of current IPSW files. I do not turn my thoughts to a future where I can no longer run the most recent OS on my service Mac …
      
      It’s obviously a matter of opinion how much you think a sealed system is worth having vs the flexibility to touch the system, but while I can understand the value of filesystem deltas for providing absolute integrity and smaller updates, I’ve yet to see the updates get much smaller or faster and I trust myself to be careful with my installations. All the benefits of a sealed system could have been had using a package manager like on other systems, or by simply demanding that certain filesystem locations be reserved for use by the system which would be deleted and replaced on upgrade. Integrity is wonderful, but IMO it ought to be optional, and if disabled I think you should actually be able to benefit by having (even temporary) write access.
      
      I think that’s everything …
      
      LikeLiked by 1 person
    - 8
      
      Sebby on June 23, 2021 at 7:38 pm
      
      Trying the betas isn’t much better without the likes of Mr Macintosh tracking the IPSW download locations, and if you happen to prefer a case-sensitive data volume, as I do, prepare to cache a lot of download assets because you’ll need them to perform the reinstallation from Recovery (other comments notwithstanding concerning the use of dmg images, which are very interesting if they work).
      
      This claim seems totally implausible, so I did some tests and …
      
      It’s true. Sort of.
      
      If there’s no OS installed, then post-activation, you’re special-cased to go straight into recovery, without passing the boot picker (and the Startup Disk app can’t boot installers). If you subsequently ask to boot installer media from the boot picker, you’ll be sent into the installer app. It means you can always use external media to install, without having to first install a system from the Internet, but it also means you need to restart at least once after erasing your Mac, and again after setting up the container to be case-sensitive. It’s probably not big enough to be an issue for most. There’s no way to avoid installing a currently signed system before changing the boot policy, of course, so however you do it, install a valid system, change the policy, erase the Mac, repartition your container to your taste, then restart from external media a final time to install your preferred version. Avoid Internet (until activation time).
      
      It might help somebody …
      
      LikeLiked by 1 person
    - 9
      
      Sebby on June 23, 2021 at 9:24 pm
      
      Further (and, hopefully, final) thoughts:
      
      Apple’s Security guide isn’t clear when signature verification actually happens, and under what circumstances–it just refers vaguely to software download and installation time, whatever that is. What, then, shall be the default policy for an erased Mac, with no volume and therefore no policy? Will it match the last installation, or be secure by default, or be permissive by default, or only skip the online requirement when there’s a new-greater-than-last-installed check returning a verdict of false (which would explain the lack of a requirement as of now to check online from a USB installer)? My entirely unsubstantiated gut feeling is simply that an erased container is always allowed to use any version, on the theory that it can’t harm other containers on internal or external disks so long as they aren’t user-approved from the boot picker. What about an IPSW restoration? As of right now, not a single IPSW signature has actually been revoked. It’s entirely possible that changing security policy today is completely ineffective, and as with current iOS, it’s simply the case that all macOS IPSW downloads/restores simply all pass silently when the service Mac restores them. But perhaps, again, erasure implies safety, and the only time the check is performed is when the installation occurs from Recovery to an existing system, or from an external drive.
      
      If anyone knows the answers, I’d love to hear them. I suspect we’ll be learning some lessons once Apple begins to revoke bad signatures in future, however. I do hope we’re ready for that, and that Apple lets us downgrade security at install time when this happens, even if doing so requires first destroying containers.
      
      LikeLiked by 1 person
    - 10
      
      hoakley on June 23, 2021 at 9:42 pm
      
      Thank you.
      I suspect the simple answer is likely to be to have a vanilla base macOS installation running at Full Security on your internal SSD, then if you need anything more custom, to install that alongside or on an external SSD.
      I believe that an IPSW simply restores the default, which is a case-insensitive macOS Data volume with the System at Full Security. I’m not sure that Apple intends revoking signatures on IPSW images for some time yet, although I can see older installers vanishing from the list in softwareupdate as a deterrent to users. The prize will be for someone to be able to extract the macOS installer from within an IPSW.
      Howard.
      
      LikeLike
11

Sebby on June 22, 2021 at 11:02 am

I wouldn’t mind, so much, if all this didn’t come at increased risk and reduced freedom. They had a good balance with Catalina with a distinct system volume but maintaining external bootability at user discretion–couldn’t they have just stopped there? Integrity could have been added but without enforcement as an entirely optional on-by-default software feature; it could still even benefit the user if he/she is allowed to modify and re-seal on external disks. But no, we have to go all iOS, and throw away genuine utility …

It got me thinking, too, that much of the objection to Apple Silicon isn’t that; it’s an objection to these new macOS boot restrictions. It can all be turned off, of course, but the network effects hit you just the same because right now there’s no alternative to macOS. Apple’s new MO is API-level compatibility, not hardware compatibility; it’s just that the latter is an unfortunate but inevitable consequence of a processor architecture that’s (pending further reverse-engineering) exclusive to Apple. Nobody (who remembers the PowerPC-Intel transition) thought moving to Intel was anything but a net gain: it was a net gain, because now you could run Windows, and all the people lamenting it were essentially reduced to saying that it was such a shame that a Mac was now a PC. Apple Silicon just highlights the fact that Apple are now in the driver’s seat and are taking macOS as a platform to a much more locked-down future. I don’t think it will be anything like the restrictions on iOS apps, because that would be totally self-defeating, but if Apple’s recent court testimony is anything to go by, Apple is perfectly happy to denigrate macOS in order to justify iOS restrictions, and it follows from that that there’s probably unfinished business on the Mac, of which these boot restrictions are a clear part. No doubt, Apple is not of the opinion that the Mac as a platform is not meaningfully hurt by them, or else they wouldn’t do it, but Apple’s priorities are not necessarily those of Mac users.

LikeLiked by 1 person
- 12
  
  hoakley on June 22, 2021 at 4:54 pm
  
  Thank you.
  I don’t understand how you think this is increasing risk. Big Sur’s sealed system is a huge reduction in risk. Every single sealed copy is identical – there’s no room for installer errors, corruption, or malware. You have an absolutely guarantee that, if your Mac boots from it, it’s exactly as was intended and installed.
  Even on an M1, external bootability is maintained. I have one disk which is divided in many containers, with versions of macOS from 11.2.1 to 11.4 safely installed on them, and can switch easily between them just as ever using the Startup Disk pane. I also have an external SSD with ‘a beta’ on it, and that works fine too.
  As for “freedom”, I’m not sure what you mean. If you want to build your own experimental XNU kernels and run them, you can do so on an M1 too – that’s an option available to every user.
  What you can’t do, quite rightly, is tamper with the system and then re-seal it. If you think about it, that’s protection for you – if you want another sealed system, just install it afresh.
  The idea that a user could re-seal an altered system is a contradiction. The seal is checked against Apple’s master hash, and if macOS didn’t do that, much of the value of the seal would be trashed. Anything or anyone could then seal a system – including malware. And putting your trust in a ‘seal’ created by malware wouldn’t be in the least bit sensible, would it?
  Howard.
  
  LikeLike
  - 13
    
    DavidB on June 22, 2021 at 9:27 pm
    
    Could the different bootable versions of macOS you have in separate containers instead be in separate volumes within one container?
    
    LikeLiked by 1 person
    - 14
      
      hoakley on June 22, 2021 at 9:28 pm
      
      Maybe. I’ll let you try that out!
      Howard
      
      LikeLike
    - 15
      
      hoakley on June 22, 2021 at 10:04 pm
      
      I should perhaps add that I have at least four different bootable systems on the one disk, several of which are the same version of Big Sur. I’d be fascinated to see how anyone got on repeating that in a single container. I don’t think that you could actually install more than one copy of the same version in the same container, but I’ll be happy to be proved wrong on that.
      Howard.
      
      LikeLike
    - 16
      
      CodeRush on June 23, 2021 at 5:40 am
      
      Yes, multiple macOSes on Apple Silicon can be installed into multiple volume groups inside a single APFS container, and they will all have shared free space. If you do not want them to share that free space, multiple containers are the way.
      
      LikeLiked by 1 person
    - 17
      
      hoakley on June 23, 2021 at 6:55 am
      
      Thank you. Can you have more than one copy of a single version of macOS, e.g. 11.4, installed in the same container, though? I’m not sure how you could do that with the Installer app.
      Howard.
      
      LikeLike
18

EcleX on June 22, 2021 at 11:07 am

Thanks for the useful article; twice for the summary section.

I have found that with macOS 11.4 (20F71) Big Sur, trying to check-repair the booting or other disk with Disk Utility’s First Aid generates errors indicating that cannot be unmounted.

Yet, doing it from Recovery Mode (Command R keys while booting) works great with all disks, including the booting one. I think that such Revovery Mode lives inside macOS installation locally, but I think that it can be also accessed with Internet Recovery mode (Option Command R keys while booting) if the Mac does not have macOS installed (for instance, when its disk is used for Time Machine only). Is that correct?

LikeLiked by 1 person
- 19
  
  hoakley on June 22, 2021 at 4:58 pm
  
  Thank you.
  Yes, sometimes Disk Utility still seems to have problems unmounting disks. I try that two or three times if necessary, and haven’t had it fail on me if I retry. Internet Recovery mode is painfully slow, and one of the best things about M1 Recovery is that it has done away with that.
  Yes, your Mac should be able to access Internet Recovery mode if you need it. If you don’t have a system installed on the internal disk, the biggest problem isn’t with Recovery, but Diagnostics – Internet Diagnostics is even worse.
  Howard.
  
  LikeLike
  - 20
    
    EcleX on June 22, 2021 at 9:05 pm
    
    Thanks. I think that it is possible to run Diagnostics (Command D at booting) when booting from an external disk. Is that correct?
    
    LikeLiked by 1 person
    - 21
      
      hoakley on June 22, 2021 at 9:10 pm
      
      Yes but you don’t want to run Diagnostics with an external disk attached: see Apple’s instructions.
      Howard
      
      LikeLike
    - 22
      
      EcleX on June 23, 2021 at 7:26 am
      
      Thanks. How to read such Apple’s instructions? On the other hand, I guess that such instructions could be relevant if issues are found, but not if no problems are found. Is that correct?
      
      LikeLiked by 1 person
    - 23
      
      hoakley on June 23, 2021 at 7:49 am
      
      I have detailed Apple’s instructions in this article. Early in the list, you’re supposed to disconnect all peripherals such as external disks, which means running them from the internal disk.
      Howard.
      
      LikeLike
24

Bryan Christianson on June 22, 2021 at 1:06 pm

My finances being what they are, I still perform backups/clones to spinning sand and rust. With Catalina I am able to boot from one of these external volumes if necessary and performance is acceptable, although not as good as booting from from an external SSD.

With Big Sur, it’s just not viable to boot from a clone on a USB-A connected external disk. The time to reach the login prompt can be up to 5 minutes and then XProtect jumps in and slows everything down while it does its thing with Xcode (and others). By the time the machine has stabilised to a usable state, I’ve forgotten why I booted from that disk in the first place.

If I could afford to buy more SSD, and had enough high-speed ports to make it usable at full speed, then I would go back to regular cloning but for now data only backups seem to be the most practical way of handling Big Sur and later.

LikeLiked by 1 person
- 25
  
  hoakley on June 22, 2021 at 4:59 pm
  
  Ouch! That’s dreadful.
  Howard.
  
  LikeLike
26

Ben on June 22, 2021 at 2:46 pm

What are the three kernel extensions?

LikeLiked by 1 person
- 27
  
  hoakley on June 22, 2021 at 5:01 pm
  
  AppleKextExcludeList, which can be updated outside system updates, and sets which kexts are blocked.
  AppleMobileDevice, and RemoteVirtualInterface, which I know less about, but I suspect can also be changed or updated outside system updates.
  Howard.
  
  LikeLike
28

Duncan on June 22, 2021 at 3:34 pm

Howard, thank you for clarifying this ongoing complex evolution of what longtime users have previously taken for granted. Like others, I worry about having to throw out an older Mac on account of an SSD failure. I’m of the school where I’d just as soon tear a machine apart and replace individual components for as long as it make economic sense. I also prefer to own a machine that is able to function without a dependency on an Internet connection.

iPhones and iOS broke all that up, and while I won’t jump to the facile lament that ‘Macs are just becoming glorified iOS devices’, their future direction is clear. At some point the hardware will be locked down enough that repair will be impossible, and software will have no reverse gear.

So I’m on the cusp of buying an M1 Mac (I wish the next generation was already announced, but I’ll wait), at which point I’ll have to adjust my expectations of what I can do with it in the future. The original 1984 Mac was unofficially described as ‘an appliance’, and I think we’re finally getting to that point with the near-future crop of Macs. They might be *very good* appliances for what they do, but I personally will be paring back what I expect to get out of it, always keeping in the back of my mind what my escape route will be if the hardware fails.

LikeLiked by 1 person
- 29
  
  hoakley on June 22, 2021 at 5:07 pm
  
  Thank you.
  Do you worry about “having to throw out an older Mac” on account of CPU failure? I suspect not, because very few of us ever experience that. And when that does happen, if you want to keep using that Mac, all you need do is replace its logic board. Soldering SSDs on the logic board is no different to soldering processors in.
  Not only that, but logic boards with failed SSDs are actually easier to repair than those with failed CPUs, and something which is routinely done. Sure, not by the user, but few Mac make any internal upgrades or repairs within the reach of the average user.
  There’s no indication that M1 Macs are going to have any shorter lives than any recent model of Mac. Indeed, one of the major determinants of that is total chip count, and by drastically reducing that Apple may well be setting itself up for Macs which last even longer.
  Howard.
  
  LikeLike
  - 30
    
    Duncan on June 22, 2021 at 5:58 pm
    
    I don’t know the stats on current SSD failure rates (hopefully they keep getting lower as the years pass) but they are a known wearing part with increased usage, vs. a CPU. I understand your point about knowing what to worry about in the real world. I’m a bit of an outlier because I hold onto old Macs and repurpose them for specific applications, so for me hardware repairability is more important than for most users.
    
    But coupled with all that is the growing inability to control the software as well. I have a library of Mac installers going back to 10.5, any of which I can install on my own with zero dependency on Internet connectivity. (Software updates are a trickier matter, of course.) But the last version that I feel I have control over is Mojave; after that I have to depend on Apple and their servers to get the software.
    
    Again, I’m an outlier in this regard so I wouldn’t expect Apple to change their process for people like myself. I just don’t like the direction we’re headed but I’m in the tiny minority of Apple’s customers.
    
    LikeLiked by 1 person
    - 31
      
      hoakley on June 22, 2021 at 10:01 pm
      
      Thank you.
      Like most electronic components and much else, SSDs have a U-shaped failure rate, with a brief initial peak which is now very small. Unless there’s a very high number of erasures, the far end of the U, when failure starts to become more probable, is probably around 10 years, although some claim longer than that with better quality SSDs. By that time, most logic boards have already suffered another major failure and the Mac has been discarded. Low use Macs may still go on much longer, of course.
      I too keep a library of installers. My latest is 11.4. What’s the problem there, apart from the fact that they’re larger because they’re full installer apps? I also keep IPSW images for complete restores of either of my M1 Macs. There isn’t an equivalent for Intel models, because you can’t downgrade their firmware, which you can on an M1. Furthermore, the greatest limitation on old installers is the expiry (by date) of Apple’s signatures – most of my old collection of installers is now unusable because their signatures have expired. Whether or not the installer requires an Internet connection, if its signatures have expired it’s dead.
      Howard.
      
      LikeLike
    - 32
      
      Duncan on June 22, 2021 at 11:42 pm
      
      Thank you, Howard. I personally have some older Macs running that date back to 2006 (a Mac Mini that’s an NTP server for my security camera network which doesn’t connect to the Internet.) Again, I’m an outlier here but I prefer to keep old things running. (I also restore antique cars, going as far back as a 1928 Bentley my father bought decades ago.)
      
      Regarding installers I just recently downloaded them all again from Apple (no small task, and much credit goes to Mr. Macintosh’s site for links.) I assume the latest versions have updated signatures, but I haven’t had time to check. I know all these older versions have security risks but I’m willing to accept that for non-critical machines with no personal data on them.
      
      LikeLiked by 1 person
    - 33
      
      hoakley on June 23, 2021 at 7:01 am
      
      Thank you.
      There’s one big difference, though: you can always get a good engineering firm to make you a part for an old car, if you can’t get one any other way. Getting boards/modules or even components for old computers can simply be impossible. Asking for a friend with a IIfx and Mac Portable upstairs in a cupboard 🙂
      Howard.
      
      LikeLike
34

CodeRush on June 23, 2021 at 5:52 am

There’s no need to have a separate bootable media to install any supported version of macOS on AS Macs, just a DMG file with an Install macOS {OSName}.app should be enough. Mount that using Disk Utility (it can come from an external volume that is not bootable) and run the installer app from Terminal.

System recoveryOS is able to install every supported macOS version for a given HW model (even if Apple server refuses to personalize it, recoveryOS is able to automatically create a Reduced security local policy for such an outdated version. Reduced security is required because of the use of global OS manifests that do not require personalization).

LikeLiked by 1 person
- 35
  
  hoakley on June 23, 2021 at 6:56 am
  
  Thank you. I presume that’s using the softwareupdate command in Terminal, as I can’t see any way to select version in the GUI. Does that also apply to versions of macOS like 11.0.1 which softwareupdate no longer lists as being available?
  Howard.
  
  LikeLike
  - 36
    
    CodeRush on June 23, 2021 at 3:27 pm
    
    One can manually download the installer DMG for any version including 11.0.1, put it onto external non-bootable media, boot recoveryOS, mount said DMG and run the installer from there. Doing such a thing from macOS may fail due to personalization requirements and inability of macOS to create Reduced security local policy for an old installer, but it is a supported mode of operation for recoveryOS.
    
    LikeLiked by 1 person
    - 37
      
      hoakley on June 23, 2021 at 3:46 pm
      
      Thank you so much – I can see I need to spend more time in Recovery exploring this.
      Howard
      
      LikeLike