hoakley August 20, 2023 Macs, Technology

Last Week on My Mac: Welcome back, Location Services

It was a bad time of year for a serious bug to appear in the current release version of macOS. At the time that much of the northern hemisphere is on vacation and keeping well away from the office, Apple’s engineers are hard at work on the next major releases of all its operating systems. With a demanding schedule of fresh beta-releases to deliver for testing, there can be little time left for fixing problems in the outgoing version of macOS, which is just being transferred to security-only maintenance. For many users, though, this is a critical period that determines whether Macs that are unsupported by the imminent new version of macOS will be left running a lion or a lemon.

This was just the wrong time for the bug introduced in macOS Ventura 13.5 that effectively paralysed access to Location Services until it was fixed in last week’s update to 13.5.1. Although not a crashing bug, memory leak or kernel panic, its effect was disastrous. For over three weeks, every Mac that was kept up to date with Ventura lost all user control over access given by macOS to location and related data.

Those who installed some software like Little Snitch were unable to authorise its access to Location Services, while other apps, notably those already installed, were automatically given access without the user having any say in the matter. For a corporation that places privacy and its protection at the heart of its products, this was surely catastrophic: in the latest release of its current computer operating system, the user had absolutely no control over which apps were given access to their location data.

The heart of this problem wasn’t the failure to check Privacy & Security settings both visually and functionally, although that must have been the case for macOS 13.5 to have been released in that state. No, the root cause was an intentional design choice that makes all privacy protection vulnerable to a single point of failure. Had a similar bug prevented other privacy settings from being accessed by the user, the effect would have been even more catastrophic, because macOS doesn’t provide users with any other means of accessing those controls either.

Across much of macOS, from Disk Utility to Software Update, for each GUI app or suite of settings, there are command line equivalents. If Disk Utility has become bloodyminded about running First Aid on an external disk, you can always resort to diskutil or fsck_apfs in Terminal. Instead of opening the Software Update section in General settings, you can turn to the softwareupdate command tool instead. Yet the only tool that works with those privacy settings controlled by TCC, tccutil, is deliberately stunted so that all it can do is reset them, and there isn’t any tool to work with Location Services.

Apple’s fear is that providing alternative access to these privacy controls would encourage their abuse, which is all very well as long as their controls in System Settings are totally reliable. As we have seen with macOS 13.5 and Location Services, one otherwise minor bug then brings total failure of privacy protection.

In many ways this is a more critical situation than in macOS security generally, where layers of protection are intended to address situations in which one fails or is escaped intentionally. There’s only one safe way to protect against single points of failure, and that’s to be meticulous in ensuring that they remain free from bugs and errors. That clearly wasn’t enforced with user controls over Location Services, to the point where a visually obvious fault wasn’t detected until after it had been released to tens of millions of users.

In recent years I have become increasingly critical of those who abstain from installing macOS updates for a couple of weeks to see what bugs they contain. I am now reconsidering that position. If Apple can’t get such important features right in release software, maybe it’s wiser to let others find its shortcomings before deciding whether to install an update.

Apple was informed of this critical bug within a day or two of the release of macOS 13.5, although why it should ever have needed users to point this out escapes me. But its first official acknowledgement of the bug was in its release note for 13.5.1 over three weeks later, a period over which many more users will have updated and lost all control over Location Services. To know of such a bug and fail to warn users who may not have updated yet doesn’t respect those customers.

Yet when Apple had released a flawed RSR to macOS 13.4.1 on 10 July, it withdrew within hours, fixed the problem, and released a replacement just two days later. As there was a straightforward workaround that could be used to mitigate the error in the original RSR, the need for such urgent action was less compelling than with the bug in 13.5, for which there was no workaround at all.

All this happened without a word of apology: the most we got is the bland statement in its release note, “macOS Ventura 13.5.1 fixes an issue in System Settings that prevents location permissions from appearing”. Is that really the best you can do, Apple?

15Comments

Add yours

1

Alan B on August 20, 2023 at 7:57 am

Well said! I hope Apple learn from this incident but I’m not holding my breath.

LikeLiked by 1 person
2

Johnson on August 20, 2023 at 8:13 am

shocked, but not terribly surprised

LikeLiked by 1 person
3

Enzo Vincenzo on August 20, 2023 at 8:26 am

“ Is that really the best you can do, Apple?” you wrote…
Unfortunately the worst never ends…
Maybe with Catalina, in beta version, I reported to Apple (with Feedback Assistant) that they had forgotten to protect the image of the Login screen and the lock screen.
The Desktop image, therefore, appeared clear and anyone who touched the keyboard of a Mac or opened a laptop because you could see (and still can see) the preferences of the owner of that Mac.
So, Apple replied that the thing it wasn’t a bug, but that was intentional (exactly: “it’s by design”.)
My examples on the *user profiling* this could cause were useless. Especially with naive users who need to be protected…
This will – in my opinion – is almost evil; what reason is there to deny Mac users the right to be able to choose the image of the lockscreen, as allowed by all Operating Systems and by Apple’s mobile devices themselves?…
Or at least to be able to darken the background, as was the case until to High Sierra, although less sufficient than the lockscreen we had with Lion.
A true example: with Catalina, a young woman I know had put her pregnancy ultrasound photo as her desktop background. So, the aforementioned episode risked a cunning dismissal because, “officially”, no one knew yet that the woman was pregnant…
Or think of a guy or girl with gay tendencies who want to keep their tendencies hidden and who don’t realize that if their parents or maid or others touch the Mac will see, for example, a photo of them kissing a partner or wearing different make-up, etc.
Ecc. Anyone who isn’t smart (and Apple needs to protect) doesn’t think that even if their MacBook is idle anyone can lift the screen or touch a key and can see the desktop background.
In short, the automatic blocking of the lockscreen image must not only prevent any profiling (including that I like flowers or mountains or other, etc.), but must prevent bullying and various injustices from taking place.
I keep wondering why Apple IMPOSES this absurd choice that finds no justification!
At the very least it could insert a setting that leaves users the freedom to choose whether or not to hide the lockscreen image.
And instead Apple engineers have fun with iPad and iPhone to provide the possibility of having even dozens of lock-screen, as different as they are useless… In defiance of the privacy much praised by Apple

LikeLiked by 1 person
- 4
  
  hoakley on August 20, 2023 at 12:45 pm
  
  Thank you.
  I must admit I’ve never considered the Desktop/Wallpaper as being private, and I’ve always advised (required, when I was a manager) users never to put anything on the Desktop/Wallpaper that couldn’t be shown in public.
  In a workplace, it’s foolish – others at work will see what’s on your Desktop. Even in the home, if there are others around they will too. Neither does it come within the scope of macOS privacy controls. So while I have sympathy, I think putting something private on the Desktop/Wallpaper isn’t acting wisely.
  Howard.
  
  LikeLike
5

EcleX on August 20, 2023 at 9:00 am

These issues are not new. Apple broke File Sharing in a security update of macOS Catalina released in May years ago (if it was on or off, it remained stuck like that, and you could not turn if off or on, respectively). It was reported to Apple, yet it was never fixed, and some Macs cannot be upgraded beyond such macOS version.

Currently is happening with macOS Ventura, not detecting Panasonic televisions. No problem in previous macOS versions. The issue arises on Intel Macs (no problem on Apple silicon ones), for instance when using “Apple USB-C Digital AV Multiport Adapter” to connect iMac Thunderbolt port to the HDMI port of the television
https://www.apple.com/shop/product/MUF82AM/A/usb-c-digital-av-multiport-adapter

Probably just one Ventura updage remains (besides security ones) and the problem persists after many reports to Apple for months, including bug reports via Feedback Assistance and Discussions, like this one:

macOS 13 Ventura BREAKS Panasonic TV connection via HDMI
https://discussions.apple.com/thread/254775822

Is Apple listening? This is not acceptable and I hope that Apple fixes it (or both issues). And thanks in advance to Apple if they do it. Better late than never…

LikeLiked by 1 person
- 6
  
  hoakley on August 20, 2023 at 12:51 pm
  
  Thank you.
  While I have sympathy, this is a completely different situation from a regular bug such as that affecting your TV connection.
  1. This bug affected every single Mac that was updated to 13.5. That must have been tens of millions of Macs, regardless of what peripherals they might have.
  2. Apple claims that privacy is one of the most important features of Macs and its devices. It even has a white paper concerned solely with its protection of Location Services.
  3. There was absolutely no workaround at all, other than turning Location Services off altogether, which has serious effects on many other apps that rely on location data.
  4. The user had no idea which apps were releasing their location data, nor to whom. In some cases, this could have had very serious consequences to the user’s safety.
  Howard.
  
  LikeLike
7

Larry R on August 21, 2023 at 12:12 am

Apple’s lack of respect for its customers has been obvious for a long time. iOS 8.0 bricked my iPad and it took Apple a leisurely four (!) releases before it was fixed. I think you are correct in rethinking the pervasive belief that it is best to apply any Apple update immediately upon release. I never do that. It is my opinion that, at least for the careful user, the risk of serious software bugs is greater than the risk of malware.

As I understand it, the recent RSR fiasco prevented users from logging into Facebook, among other problems. We can’t have that, can we? That problem got rapid attention and was reported in the press, hence the quick fix. A serious bug in a security feature? No one outside the tech community is going to scream about that, therefore Apple’s refusal to notify its users and its lackluster response to the problem.

I believe the presence of command line alternatives for a GUI app does not ameliorate the seriousness of a bug. I can execute commands in Terminal following specific instructions, but most Mac users that I know wouldn’t begin to know where to start to do that. And where would they find those instructions, assuming they do not read Mac-related blogs on a daily basis?

Apple is busy becoming a sports broadcaster, a fitness coach, a bank, and more. That’s what Wall Street cares about, and sadly, it appears that’s all Apple cares about as well.

LikeLiked by 1 person
- 8
  
  hoakley on August 21, 2023 at 10:55 am
  
  Thank you.
  But this isn’t a security feature – it’s a privacy feature, something that Apple does make a great and very public fuss about.
  In fairness to the engineers concerned, Apple’s security teams are far more responsive and forthcoming than this.
  Howard.
  
  LikeLike
9

bf on August 22, 2023 at 1:33 pm

“In recent years I have become increasingly critical of those who abstain from installing macOS updates for a couple of weeks to see what bugs they contain. I am now reconsidering that position. If Apple can’t get such important features right in release software, maybe it’s wiser to let others find its shortcomings before deciding whether to install an update.”

My trust in the quality of updates has decreased over the years by Apple’s numerous mistakes, stumbles, omissions, and regressions; and the fact that rolling back to a previous version of macOS can be impossible; all cause me to postpone updates.

I stay one major release macOS behind (currently on Monterey and planning my Ventura update), and wait at least one week after the release of a point update of my current OS version before installing it; all exactly in order to “let others find its shortcomings before deciding whether to install an update.”

LikeLiked by 1 person
- 10
  
  hoakley on August 22, 2023 at 7:43 pm
  
  I don’t have the option to run Monterey as my main macOS version, even if I wanted to. Writing about last year’s macOS is neither interesting nor does it attract many readers. Neither would you get apps which were compatible with, or used features in, Sonoma. As it is, I spend all the summer between the current and next beta-releases, which is bad enough.
  Howard.
  
  LikeLike
  - 11
    
    Neil on August 23, 2023 at 2:53 am
    
    Howard, what are your thoughts about the stability of Sonoma? Like “bf” above, I also wait quite a long time before I update to the latest versions (including iOS, and Windows too!). I am also still running Monterey. Based on the beta reviews I have been following, Sonoma appears to be pretty stable with a good feature set, and may be worth upgrading to directly, skipping Ventura.
    
    LikeLiked by 1 person
    - 12
      
      hoakley on August 23, 2023 at 6:09 am
      
      It’s far too early to make any call on how stable or mature Sonoma will be when it’s released. What most beta-testers do with a beta bears little resemblance to how it will be used after release: for instance, some features like Time Machine get very little testing during the beta phase, and most Macs are more vanilla with respect to third-party hardware and software.
      Ventura has, for me, been thoroughly stable throughout. I don’t recall any serious issue, and one major advantage is that it fixed the memory leak in Finder’s Find, which remains in Monterey. Ventura has also brought its share of bugs, and there’s one significant issue remaining with encrypted sparse bundles, for instance. It looks likely that will never be fixed in Ventura, but it hasn’t been fixed yet in Sonoma either.
      Howard.
      
      LikeLike
13

ttu on August 25, 2023 at 10:42 pm

A question, from one of those (“regular”, non-beta, non-developer aka consumer) folks who wait a while before installing updates (by “a while” I mean more than a day and less than a week, as so far as I can remember, really serious stability and security issues usually surface in that time): What would be a reason for an immediate installation, other than repairing something not functioning (serious, non facetious question)?

PS As a non-expert I have found your efforts extremely helpful and enlightening. Thanks.

LikeLiked by 1 person
- 14
  
  hoakley on August 26, 2023 at 6:25 am
  
  Thank you.
  Short delays before installing an update are perfectly reasonable, and the period you cite makes good sense. You are, however, relying on others updating immediately, otherwise you wouldn’t hear of any problems that update might bring. So if everyone were to do that, there’d be no point.
  So one good reason for immediate installation is for the community!
  There are potential benefits when the update brings a patch for a vulnerability that is already being exploited, although Apple now tries to do that more quickly in RSRs when it can. If it’s already being exploited, every day of delay is another day at risk.
  Howard.
  
  LikeLike
15

Michele Galvagno on October 25, 2023 at 8:55 pm

Well… one would not expect them to publicly apologise… that would be admitting they made a mistake, and AAPL stock would fall immediately as a consequence.
We live in confusing times, where no one is willing to accept even a minimum of responsibility over their actions.
I was educated in the opposite way, but it has bitten me every time, since never I was rewarded for acknowledging guilt/fault or for being honest…

LikeLiked by 2 people