hoakley November 11, 2022 Macs, Technology

Ventura’s updates have got faster for some

This week’s security update to Ventura 13.0.1 is an important indicator as to where macOS updates are now heading. Although by much earlier standards it may still appear large, a minimum size of 1 GB, for many it was considerably faster.

macOS updates changed with the introduction of the signed and sealed system volume (SSV) in Big Sur. Prior to that, they were basically packages consisting of all the changed files in that update, and scripts to perform related functions. They also contained, as they still do, a complete set of firmware updaters, as macOS updates are now the only normal way of updating the firmware in your Mac.

With Big Sur’s SSV, what comes in the installer has more important things to do than simply replace changed files in the system. Once that has been done, the system has to be signed, a snapshot made of it, and that snapshot is then mounted as the new System volume. There are also complex dependencies, in the pre-linked extensions and dynamic libraries (dyld) and their caches. Apple’s new installers thus come complete with their own ‘brain’ to update and assemble all these into the SSV.

Important goals for the SSV, apart from improving security, were increasing the reliability of macOS installers and updaters, to make failed or incorrect installs almost impossible, and to ensure perfect copies of the system, so that they’d always pass the integrity checks in Secure Boot. The cost of these in Big Sur were large and slow updates, which required a full 30 minutes to prepare, and lengthy installation.

In Monterey and now Ventura, Apple is optimising both the size of updates and the time taken to install them. For size, the figures for the smallest updates speak for themselves:

macOS 11 2.2/3.1 GB (Intel/Apple silicon)
macOS 12 1.0/1.9 GB
macOS 13 1.0/1.46 GB.

It’s likely that, as far as full updates go, Ventura has reached minimum size, allowing for the overhead of firmware, etc.

Another important factor is how much of each update can be cached locally by a Content Caching server. Big Sur’s updates for Apple silicon Macs always had to download around 900 MB direct from Apple, which couldn’t be cached locally, but now in this week’s Ventura update all 1.46 GB could be provided from a Content Caching server. For those updating multiple Macs, that makes an important difference.

Ventura has also brought considerable improvements in the time taken to update, but only, as far as I’m aware, on Apple silicon Macs. Although I haven’t timed this accurately, the 13.0.1 update delivered entirely from my Content Caching server took just under ten minutes, from the start of download to the reappearance of the Desktop and Finder. On a Ventura VM with only four vCPUs running on a Mac Studio Max, from the completion of downloading to the login screen took less that 7.5 minutes, including a ’30 minutes’ preparation period that took about 4 minutes.

Once downloading had finished to my iMac Pro, I had time for a leisurely dinner while it completed its update, I guess taking at least 45 minutes.

Ventura 13.0.1 was a conventional update, and not one of Apple’s new Rapid Security Responses (RSR). Rumour has it that they should become available following the 13.1 update, and will then provide security patches of a similar size to current security data updates, typically tens of MB or smaller. As they are installed as Cryptexes in the Preboot volume, they don’t require the SSV to be rebuilt. Although 13.0.1 didn’t deliver its fixes as an RSR, it did change several of the components already supplied in Cryptexes: look in Preboot/[UUID]/cryptex1/current, for example, and you’ll find several disk images that were updated by the 13.0.1 update.

Overall, though, RSRs are unlikely to save us much downloading or time updating, as those Cryptexes are intended to be temporary until the next macOS update incorporates the patches into the main SSV. RSRs are therefore more about timeliness than economy.

Meanwhile, those still running Monterey or Big Sur will have to wait a little longer before they get the same vulnerabilities patched. What was that saying again: pioneers take the patches, settlers get to wait?

25Comments

Add yours

1

Dakotamoons on November 11, 2022 at 11:47 am

Confirmed on an M1 MBA as well as on an M1 Mac Studio.
The update was fast and uneventful, from Ventura 13.0 to Ventura 13.0.1.

LikeLiked by 1 person
- 2
  
  hoakley on November 11, 2022 at 3:42 pm
  
  Thank you.
  Howard.
  
  LikeLike
3

Kurt J. Meyer on November 11, 2022 at 12:08 pm

The macOS 13.0.1 update took about 30 minutes on my 2019 MacBook Pro (QuadCore i5 Intel). That was certainly less than before. But one thing bothered me: Other than the initial help text (explaining that the installation would take several reboots and a few minutes with a black screen), there was no further indication of what was happening, and no estimates of how long it would take. In the last phase, only a black screen (with a moving cursor) was displayed, and this phase lasted so long that I was already wondering whether I would better get my MBP out of this state when the installation finally finished successfully.

LikeLiked by 1 person
- 4
  
  Kurt J. Meyer on November 11, 2022 at 12:12 pm
  
  Small correction: The cursor on the last black screen was not moving — it was movable.
  
  LikeLiked by 1 person
- 5
  
  hoakley on November 11, 2022 at 3:43 pm
  
  Thank you. Yes, it was a messy and uncertain install on a T2 Mac.
  Howard.
  
  LikeLike
6

Thomas Wegner on November 11, 2022 at 12:25 pm

Faster for some … slower for others 😦 The 13.0.1 update, in strict compliance with Murphy’s law, was published literally 5min after I had finished a ‘clean’ Ventura install, booted from USB-Stick, fully erasing the internal disk and wiping every single bit and byte of the former Catalina installation off it, on my 2020 iMac (Intel / iMac20, 1 / with T2). It now _repeatedly_ fails to install with the GUI message “Failed to prepare the software update. Please try again”. Yesterday the download bar indicated a 1.00GB download, today an 11,79GB download. Same result: failure. In Console every update attempt creates a “bridge_restore.log”. Searching these rather long and cryptic files for the keyword ‘error’ yields “tbosUpdateProxy: bridgeOSUpdateUnderlyingError: Error: 25” and “Attempt to fetch SE personalisation info returned an error: Error Domain=BridgeOSSoftwareUpdateError Code=25”, followed by a couple of “ErrorUserInfo” and “AMAuthInstallErrorCode” entries. In total more than 320 times the keyword ‘error’ pops up. I went through all the motions, i.e. SMC reset, PRAM/NVRAM reset, installation attempt in safe mode, disk repair from the recovery console. To no avail. SilentKnight shows up-to-date firmware and XProtect and all else in green, just the 13.0.1. update being pending. LittleSnitch is off, so if some authentication to the net is needed for the update to run, that should not be an obstacle either. Normally ‘Google is your friend’, but so far it has not yielded any meaningful results. Starting all over again with a full OS re-installation I want to avoid, as I have spent nearly two days re-installing and then customising all my applications to my liking. Seems like I need to live with the vulnerabilities that 13.0.1. tries to patch for a while, hoping that the 13.1 update finally solves my issue, also hoping that the RSR works more reliably than the 13.0.1 update …

LikeLiked by 1 person
- 7
  
  Draykan on November 11, 2022 at 2:52 pm
  
  Have you tried to “repair” your system by booting from Recovery and perform a new OS installation, *without* erasing the disk first?
  It should update/reinstall the OS without removing any user-level content.
  
  LikeLiked by 1 person
- 8
  
  hoakley on November 11, 2022 at 3:58 pm
  
  “LittleSnitch is off”
  Hmm. Is that version fully up to date? Have you considered uninstalling Little Snitch before trying to update?
  Otherwise, I recommend that you contact Apple Support: this may be an issue with the updater, and they need to work through to see if it is.
  Howard.
  
  LikeLike
9

macavenaghi on November 11, 2022 at 12:34 pm

I know it does not count because I am using OpenCore Legacy Patcher, but the update downloaded only 493MB from 13.0 to 13.0.1 on my MacBookPro11,2.

LikeLiked by 1 person
- 10
  
  hoakley on November 11, 2022 at 3:59 pm
  
  Thank you.
  I wonder whether that omitted the firmware updates, perhaps?
  Howard.
  
  LikeLiked by 1 person
  - 11
    
    macavenaghi on November 11, 2022 at 4:42 pm
    
    No firmware updates!
    
    LikeLiked by 2 people
    - 12
      
      hoakley on November 11, 2022 at 6:03 pm
      
      No, but I was wondering whether those were even delivered in the update, which might account for its size.
      Howard.
      
      LikeLiked by 1 person
13

hhanche on November 11, 2022 at 1:13 pm

Both my macs updated more quickly, subjectively speaking, than I can remember seeing before (except for the download phase). But a friend of mine ended up with an unbootable mac after attempting the upgrade. It just gets stuck in one of the reboots. I tried guiding him through the reinstall from Recovery mode, and all seems to go well until he reboots at the end of the install, and it gets stuck in the boot process once more.

Tomorrow I will have physical access to the machine, so we can try more things, possibly even resorting to DFU mode and Apple Configurator. Fortunately, he has a Time machine backup from just before this happened.

The IT support people at work have never before seen a mac they could not fix in recovery mode, so they didn’t have a lot of useful advice.

LikeLiked by 1 person
- 14
  
  hoakley on November 11, 2022 at 4:01 pm
  
  Thank you. I’m sorry to hear about your friend’s Mac. It may worth using Apple Configurator 2 just to refresh its firmware, rather than performing a full IPSW restore. On the one occasion when I had similar problems, that was all that was necessary. The Help file is wonderfully detailed.
  Howard.
  
  LikeLiked by 1 person
  - 15
    
    hhanche on November 12, 2022 at 12:42 pm
    
    Thanks for the tip. Unfortunately, the revive option (refresh the firmware) did not help, so we ended up doing the full restore. As even the revive option seems to require the full IPSW file, it was a big time saver to download that file separately, then to drag it into the Apple Configurator window once the client is in DFU mode.
    
    One needs a tonne of patience when restoring from the Time Machine disk: In the initial phase of finding stuff to copy, the counter stopped increasing at about 3.75 million items, then was stuck there for upwards of an hour with no visible progress, before it finally started copying files. It is still copying files as I write – but all seems to go well, if rather slowly. (This is from a Samsung T7 SSD, so that is not the limiting factor.)
    
    LikeLiked by 1 person
    - 16
      
      hoakley on November 12, 2022 at 7:29 pm
      
      I’m sorry to hear that your weren’t able to refresh the firmware to fix it.
      I suspect Migration Manager was just catching its breath before it reached the four million mark!
      Howard.
      
      LikeLike
17

Charlie on November 11, 2022 at 2:33 pm

493 MB on my MBP 2018 too. Took maybe 20 minutes including a couple of reboots…

LikeLiked by 2 people
- 18
  
  hoakley on November 11, 2022 at 4:03 pm
  
  Thank you.
  Was that the actual download, or what it promised you at the start?
  Software Update does have a habit of promising much less than it actually ends up downloading.
  Howard.
  
  LikeLike
  - 19
    
    charlie on November 12, 2022 at 4:43 am
    
    I have “Download new updates when available” set, but “Install macOS updates” unset. So I’m assuming it was already downloaded and it was the value reported at that point. When I hit install it automatically went to the Apple screen with the progress bar. I wasn’t watching network activity so cannot be completely sure there wasn’t more. Wouldn’t it be nice if Apple would add this to System Information > Software > Installations? The 13.0.1 update is listed there…
    
    I have a Firewalla router that maintains 48 hours of flow history…I’m unfortunately past that now for this particular update. I also have Little Snitch and I do have logs for this time period…I can see 500 MB download coming from swcdn.apple.com via softwareupdated, AND 500 MB coming from updates.cdn-apple.com via nsurlsessiond. So not sure if both of those are related or not. What is unfortunate is Little Snitch does not report the time of these events, only that they were two days ago (submitted a question to help about that).
    
    LikeLiked by 1 person
    - 20
      
      hoakley on November 12, 2022 at 10:29 am
      
      I’m sorry, I don’t know what to suggest.
      Howard.
      
      LikeLike
21

Michael Tsai - Blog - macOS 13.0.1 on November 11, 2022 at 9:56 pm

[…] Howard Oakley: […]

LikeLike
22

Thomas Wegner on November 25, 2022 at 7:00 pm

Ref. #6 (“Faster for some … slower for others”): Safe Mode, with everything disconnected from the iMac but keyboard and mouse, both cabled for the occasion, finally did the trick (without having uninstalled Little Snitch first, thanks for your advice nevertheless!). The download, according to the progress bar, was 1GB. The iMac rebooted many, many times, with the progress bar creeping along painfully slow for many a while and only occasionally showing a ‘time remaining’ indication. Overall a very unpleasant experience, worse than any update on Catalina. Let’s hope that the 13.1 update will be a better experience. And that the ‘new method’ will significantly streamline the process.

LikeLiked by 1 person
- 23
  
  hoakley on November 25, 2022 at 8:30 pm
  
  I’m sorry that you had so much trouble. I can assure you that was highly atypical for the 13.0.1 update. And I’ve now installed it on four Macs, a couple of external bootable disks, and several VMs. I don’t understand why you had such problems, though.
  Howard.
  
  LikeLike
  - 24
    
    Thomas Wegner on November 25, 2022 at 10:20 pm
    
    Thanks!!! Any RCA is speculation by now. However, an educated guess from my side, now that I come to think about it: The “slow speed” issue may have been caused by my disk layout? I have added an additional volume in the APFS containter on my iMac’s internal SSD, a volume with a quota of 256GB of the total 1TB, dedicated to my virtual machines (Parallels). If the update process requires extensive volume re-sizing, e.g. to squeeze in a new sealed image somewhere first, in order to copy it over to another volume during the process later, that is not made speedier by my slightly more complicated (yet still legal) partitioning / slicing / voluming, I presume. Add the creation of APFS snapshots to the mix (see diskutil output below) and we may have an explanation? Ref. my initial ‘update failed in preflight’ issue, I seem to remember that the console indicated timeouts in some of the hundreds of error messages, maybe some ‘watchdog’ at some point was saying ‘this takes too long, let’s kill it’. But as I said … speculation.
    Thanks for your kind words and advice! And your brilliant software and work and blog, of course 🙂
    
    dev/disk0 (internal, physical):
    #: TYPE NAME SIZE IDENTIFIER
    0: GUID_partition_scheme *1.0 TB disk0
    1: EFI EFI 314.6 MB disk0s1
    2: Apple_APFS Container disk1 1.0 TB disk0s2
    
    /dev/disk1 (synthesized):
    #: TYPE NAME SIZE IDENTIFIER
    0: APFS Container Scheme – +1.0 TB disk1
    Physical Store disk0s2
    1: APFS Volume OS X – Data 144.8 GB disk1s1
    2: APFS Volume OS X 8.8 GB disk1s2
    3: APFS Snapshot com.apple.os.update-… 8.8 GB disk1s2s1
    4: APFS Volume Preboot 1.8 GB disk1s3
    5: APFS Volume Recovery 1.1 GB disk1s4
    6: APFS Volume VM 20.5 KB disk1s6
    7: APFS Volume VMACH 146.5 GB disk1s7
    
    LikeLiked by 1 person
    - 25
      
      hoakley on November 25, 2022 at 10:41 pm
      
      Thank you.
      As the Boot Volume Group shares the same container, and the same free disk space, I’d be surprised if your additional volume had anything to do with it.
      The snapshot listed in that output is the Signed and Sealed System Volume (SSV), and forms the mounted system volume. That’s exactly the same as it has been since the first release of Big Sur. All snapshots are stored in their container, not within a volume, in any case, but they aren’t normally SSVs or mounted.
      I’ll keep my fingers crossed for your 3.1 update.
      Howard.
      
      LikeLike