Each of the main security services in macOS such as XProtect relies on data commonly stored in separate files on the Data volume so they can be updated directly outside full macOS system updates. Those are released silently by Apple, unannounced, and you aren’t even sent a notification when they’ve been updated.

Currently, those most frequently updated are XProtect and XProtect Remediator, the former being updated most weeks. However, Sequoia changed the way that XProtect’s data is updated, and it’s now intended to occur over a connection to iCloud rather than through Software Update, while XProtect Remediator continues to rely on the latter rather than iCloud.

This article details each of the main security data files found in macOS 26 Tahoe, together with others involved in related system functions. Several other bundles that formerly had roles in security have now been emptied, left frozen in time, or removed completely. As Apple doesn’t document any of them beyond mentioning their existence and simplified role, the information given is the best that I can find currently.

Main Security Data

XProtectPayloads, alias XProtect.app and XProtect Remediator
This contains a suite of specialised malware detection and remediation tools, in the app bundle XProtect.app in the Data volume at /Library/Apple/System/Library/CoreServices. This was introduced in macOS 12.3, then version 62 was pushed to Catalina and later on 17 June 2022. Executables include a replacement for MRT, and many scanners for specific malware types. My free XProCheck inspects its reports for malware detection and remediation. This is normally updated every month or so using Software Update or a substitute.

XProtectPlistConfigData
These are whitelists and blacklists used by XProtect. Since Sequoia, two different locations are used: the primary is at /var/protected/xprotect/XProtect.bundle in the Data volume; the secondary is also in the Data volume at the traditional location of /Library/Apple/System/Library/CoreServices/XProtect.bundle, and can used as a fallback when there’s no bundle at the primary location. While previous versions of macOS still obtain updates through Software Update, Tahoe is also intended to update the primary bundle via a CloudKit connection to iCloud. This is routinely updated every week, at the same time as updates for previous versions of macOS. You can force an update using the command sudo xprotect update in Terminal, if a more recent version is available.

Bastion
These provide rules and exceptions for XProtect Behaviour Service (XBS). First introduced in Ventura, this service monitors for and logs processes that access sensitive locations such as folders containing browser data. This doesn’t block behaviours, only records them in its database at /var/protected/xprotect/XPdb, and reports them to Apple as security intelligence. Bastion rules are defined in bastion.sb and BastionMeta.plist inside /Library/Apple/System/Library/CoreServices/XProtect.app Those are updated irregularly.

AppleKextExcludeList
Latest version: 21.0.0, 9 September 2025 (26.0 release).
This is a huge list of kernel extensions that are to be treated as exceptions to Tahoe’s security rules, and is stored in the Data volume in /Library/Apple/System/Library/Extensions/AppleKextExcludeList.kext, at Contents/Resources/ExceptionLists.plist.

Others

IncompatibleAppsList
Latest version: 260.200 (26.0 release).
This is a bundle in the Data volume at /Library/Apple/Library/Bundles/IncompatibleAppsList.bundle which contains IncompatibleAppsList.plist, listing many known incompatible versions of third-party products, including Flash Player.

Vestigial Data

MRTConfigData
Last version: 1.93, 14 July 2022.
This was Apple’s Malware Removal Tool stored in the Data volume at Library/Apple/System/Library/CoreServices/MRT.app, so that it could remove any malware which macOS detected. This has now been replaced by the XProtectRemediatorMRTv3 executable module in XProtect Remediator, and may disappear in future versions of macOS. It usually isn’t installed as part of macOS, but is installed later as a security data update.

Gatekeeper Configuration Data (GK Opaque)
Latest version: 181, but can instead be 94.
This is an SQLite database in the Data volume in /private/var/db/gkopaque.bundle/Contents/Resources/gkopaque.db and may have been used to provide whitelists for Gatekeeper’s security system, which checks the code signatures of apps. Macs that have never had Catalina or earlier installed normally have the very old version 94, indicating this database isn’t currently used.

Gatekeeper E Configuration Data (GKE), alias Gatekeeper Compatibility Data
Latest version: 1.0 dated 2 October 2019.
This was an SQLite database in the Data volume in /private/var/db/gke.bundle/Contents/Resources/gk.db with an additional file gke.auth, which may have provided whitelists for Gatekeeper’s security system. gke.auth is believed to contain data for checking signed disk images, and seems to have remained largely unchanged since Sierra. gk.db was new in Catalina and hasn’t changed since. Although this is still downloaded and installed, it’s nowhere to be found in Tahoe, and appears to be a historical remnant.

Last updated: 18 September 2025.

Next month we will commemorate the centenary of the death of one of the most influential Nordic artists of the late nineteenth and early twentieth centuries, Christian Krohg (1852–1925). Although he never achieved great international fame, he was a key figure in the artistic development and life of Edvard Munch, was the first professor and director of the Oslo State Academy of Art, a widely-read author and critic, and a social and political campaigner.

Krohg’s background was anything but poor: his grandfather had been a government minister, and his father was a lawyer and statesman. However, his mother died when he was only eight years old, and the oldest of his four sisters, Marie, assumed responsibility for running the household and bringing him up. His family expected him to study law, but his aspiration was to become a painter. The compromise was that he studied law for four years at university, and attended a drawing school.

In 1873, with the death of his father and the completion of his law studies in Oslo, he went to study painting in Karlsruhe, Germany, where he was taught by the great Norwegian landscape artist Hans Gude among others. In 1875, he transferred to the Royal Academy in Berlin, where he was inspired to become a ‘naturalist’ by Max Klinger and Georg Brandes.

Among the earliest of Krohg’s surviving paintings is his Portrait of Lucy Parr Egeberg, 1876, a demonstration of his skills in line and form.

In 1879, on the encouragement of the artist Frits Thaulow, Krohg travelled to Skagen at the northern tip of Jylland (Jutland) in Denmark, where he joined the group of Nordic painters there who were working largely in Impressionist style. Krohg started his first major project to document the lives of the Gaihede family of Skagen over the next decade.

His early painting of Ane Gaihede as a Woman Cutting Bread (1879) was the start of his social realism. Krohg documents her in almost ethnographic detachment. She is aligned in profile, against an almost bare wall, perfectly framed at three-quarter length.

Another major work from this period began his career-long series of paintings of working seamen, in Port Side! (1879). Krohg started this when he was still in Berlin, and completed it when at Skagen that first summer. It was one of two of his paintings exhibited at the Salon in Paris in 1882, and although it didn’t attract much critical attention, its reviews were positive.

Krohg crops this closer, leaving just a few millimetres beyond the tips of his fingers. He adds the dynamics by ensuring that no lines are anywhere near horizontal or vertical, and you can almost feel the heel of the ship’s deck under your feet. The seaman’s oilskins have been patched repeatedly, and have deeply ingrained grime.

In Niels Gaihede Netting (c 1880), another of his Skagen series, he shows the Gaihedes together, with Niels at work on his fishing net, and Ane in the background, staring sternly. Their surroundings are less spartan, but still frugal: the furniture is basic wood, and has seen better days, probably long ago. A clock and some sheets of prints taken from a magazine are the only objects on the blank white wall behind. Niels wears large wooden working clogs, and his trousers have been patched many times.

After his time in Skagen, Krohg started teaching at an art school for women, which in common with others across Europe was trying to address the growing demand from budding women artists, and the conservative attitudes persisting in major academies at the time. Perhaps influenced by this experience, he opened another theme which he was to explore repeatedly, that of illness in the family, with his Sick Girl (1881). The sickness in question is tuberculosis, then prevalent throughout Norway and much of the rest of Europe, King Death as it was nicknamed at the time.

The girl’s face indicates that her end is drawing near. On her lap is a single pale pink rose, its leaves dropped like tears down the blanket covering her legs. He again crops the image closely. This was a direct inspiration for a motif taken up early in the paintings of Edvard Munch, who eventually made around twenty variants of the same theme.

In 1881, Krohg met the Skagen artist Peder Severin Krøyer, and went to live in Paris for a year. He was particularly influenced by the Impressionists, Edouard Manet, and Gustave Courbet, together with the social realism of Jules Breton, Jules Bastien-Lepage, and Léon Lhermitte.

Among the Impressionists, he seems to have been most attracted to the work of Gustave Caillebotte. Krohg’s Portrait of the Swedish Painter Karl Nordström (1882) (above) appears to have been motivated by Caillebotte’s Man on a Balcony, Boulevard Haussmann (1880), below, which in turn was developed from Caillebotte’s earlier painting of his brother as a Young Man at His Window (1875). Curiously, Krohg didn’t paint this in Paris, but towards the end of his time in France, in the artists’ colony of Grez-sur-Loing, in the Spring of 1882.

Perhaps just before Krohg went to Grez, he may have visited Normandy, to paint this interesting little view of a Village Street in Normandy (1882). Its curved recession of umbrellas with disembodied legs is striking.

Krohg then went to stay in Skagen over much of the next couple of years. His sailing painting Hard Alee (1882) was exhibited in the Salon in Paris that year, and was one of the silver wedding gifts from the Norwegian people to King Oscar II and Queen Sophia of Nassau, who were also the king and queen of Sweden, as the countries were in union at the time.

This time his seaman is sailing a small yacht singlehanded. The tiller, his arms, and a line he is holding, trace a bold and dynamic zigzag down the centre of the canvas. Again Krohg is careful to ensure that there is only one horizontal (or vertical) line, that of the horizon.

Krohg’s paintings from this period at Skagen form an absorbing account of life in the artists’ colony there, and several are displayed in the excellent Skagen Museum there. Charles Lundh in Conversation with Christian Krohg (1883) shows this Norwegian painter who lived from 1856-1908, and Krohg’s legs. Lundh stayed in Skagen that summer, living in a house with Krohg, then painted in Persia for five years. Krohg visited Paris again in the Spring of 1883, then returned to Skagen for the summer.

This Self-portrait (1883) of him clutching his huge smoking pipe with a well-used palette in the other hand, shows him at the age of about 31.

It contrasts with The Day After, Self-portrait (1883) which reflects the intensity of the social events held in Skagen, a true confluence of spirits.

References

Skagens Museum, Denmark
Øystein Sjåstad (2017) Christian Krohg’s Naturalism, U Washington Press. ISBN 978 0 295 74206 9.

macOS 26 Tahoe has many smaller enhancements to make life easier. Among them is a novel way of customising folder icons, as explained here.

Traditional custom folder icons

One of the most ancient features in macOS is adding a different icon to a file or folder, by pasting it into the top left of the Get Info dialog for that item. I have detailed how to do that, and how it works, in this article. While that still works, it has some significant limitations and is fiddly.

Another disappointing behaviour in previous macOS is the effect of adding coloured Finder tags to folders, which don’t change the colour of the folder as displayed.

Tahoe custom folders

macOS 26 changes the behaviour of folder icons in three ways:

• Default folder colour is now set in Appearance settings. In most cases, that will be left to use the Theme colour.
• Applying a coloured Finder tag to a folder now changes the colour of that folder, as well as displaying a coloured dot.
• Folders can be customised additionally using the Customise Folder… command in the Finder’s File or contextual menu.

The last of those merits further attention, and an explanation of how it works.

Customising folders

Rather than adding an arbitrary icon to a folder, Tahoe’s custom folders consist of a traditional folder icon with a symbol or emoji superimposed. These are selected from a wide range of vector graphic symbols drawn from Apple’s huge SF Symbols collection, or the standard range of Unicode emoji.

Symbols appear embossed with little difference in tone, so aren’t easy to distinguish unless the folder icon is quite large. This isn’t suitable for use in the Finder’s Column or List views.

The familiar range of emoji is usually clearer and readily distinguishable in most sizes.

Adding a coloured Finder tag to a customised folder makes it even more distinctive, and increases colour contrast with the emoji.

Not only does this look good, but it solves the problems associated with old-style custom folder icons. Copy that folder anywhere within your Mac, and its new look goes with it. Move it into iCloud Drive, and it goes there too. Although Macs and devices running older versions don’t show the custom folder in its full glory, those running OS 26 do. Yes, open Files on your iPhone and you’ll see the custom icon there too.

The only shortcoming that I can find is that, while you can search for specific Finder tags in Spotlight, you can’t search for the symbol or emoji displayed on the folder icon. There is a search attribute Custom Icon, but these folders aren’t considered to have that attribute.

How it works

Tahoe’s custom folders rely on a combination of two extended attributes (xattrs) attached to the folder:

• com.apple.FinderInfo, 32 bytes that is also used in other Finder settings;
• com.apple.icon.folder, new to Tahoe and containing details of the symbol or emoji to be displayed.

Both have to be attached to the folder for it to be displayed correctly.

com.apple.icon.folder is of particular interest, as it has an S flag, and is itself usually displayed as com.apple.icon.folder#S. The S tells macOS that xattr should be preserved during syncing with services such as iCloud Drive. A full list of xattr flags is given in the Appendix. This xattr contains a Unicode string such as
{"emoji":"🔍"}
for an emoji, or
{"sym":"person.crop.circle")
for one of the vector graphics in SF Symbols. The first is self-explanatory, while the second uses the name of that symbol in the SF Symbols library. This currently only supports a subset of the whole library, and my attempts to get it to use others from SF Symbols have so far failed.

Conclusion

macOS has succeeded because of its attention to detail. Tahoe’s new custom folders are an excellent example. Enjoy them!

Appendix: Xattr flags

Flags can be upper or lower case letters C, N, P, S or B, and invariably follow the # separator, which is presumably otherwise forbidden from use in a xattr’s name. Upper case sets or enables that property, while lower case clears or disables that property. There are currently five properties:

• C: XATTR_FLAG_CONTENT_DEPENDENT, which ties the flag and the file contents, so the xattr is rewritten when the file data changes. This is normally used for checksums and hashes, text encoding, and position information. The xattr is preserved for copy and share, but not in a safe save.
• P: XATTR_FLAG_NO_EXPORT, which doesn’t export or share the xattr, but normally preserves it during copying.
• N: XATTR_FLAG_NEVER_PRESERVE, which ensures the xattr is never copied, even when copying the file.
• S: XATTR_FLAG_SYNCABLE, which ensures the xattr is preserved during syncing with services such as iCloud Drive. Default behaviour is for xattrs to be stripped during syncing, to minimise the amount of data to be transferred, but this will override that.
• B: XATTR_FLAG_ONLY_BACKUP, which keeps the xattr only in backups, including Time Machine (added recently).

These operate within another general restriction of xattrs: their name cannot exceed a maximum of 127 UTF-8 characters.

If you have a Mac Studio M3 Ultra and want to upgrade it to run macOS 26.0 Tahoe, then I’m afraid you’re going to have wait for Apple to build a new release that will install on your Mac.

I’m very grateful to Ken who has tried unsuccessfully to upgrade from 15.7 to 26.0. There are plenty of others reporting exactly the same: the upgrade goes well until towards the end, then aborts and the Mac is restarted back into 15.7. The problem seems to originate from an error in its neural engine driver.

Having just taken a look through a comparison between kernel extensions shipped with macOS 15.6 and 26.0, there are several Apple silicon hardware kexts that seem to have gone missing in 26.0, although whether that’s the cause only Apple’s engineers should know.

Apple is advising all those affected to put their Tahoe upgrade on pause until it releases a new build that does fully support the M3 Ultra. Until then, 15.7 is the limit for Apple’s most powerful and expensive Macs yet.

Landscape painting was another of the genres that had developed little before the Dutch Golden Age, when it became one of the most popular. It also proved an interesting challenge for its exponents, who had to fill their canvases with a land that was almost completely flat. The favoured solution was to look to the heavens, resulting in the first cloudscapes.

Simon de Vlieger’s Beach View from 1643 uses boats, many figures, and careful composition to swell the land over the bottom of its panel. It shows well, though, how important is the sky, marvellously rendered here, with a small group of white birds shown against the grey of the clouds. De Vlieger was born in Rotterdam, and painted in Delft and Amsterdam, where he was best known for his landscapes.

Jan van Goyen’s View of Dordrecht with the Grote Kirk Across the Maas from 1644 is another example of a low horizon cramming a lot of detail into the foot of the painting, leaving the major part devoted to sky.

The action and excitement, even fear, in Aelbert Cuyp’s Thunderstorm over Dordrecht from about 1645 is in its bolt of lightning, with the cattle lying passive in the fields below.

At about the same time, Jacob van Ruisdael painted his first panoramic landscape, this View of Naarden and the Church of Muiderberg from 1647. Still working on a very wide support orientated conventionally in ‘landscape’ mode, his immense sky is no passive backdrop to the land, but the scene of intriguing cloud formations.

Salomon van Ruysdael filled his panels and canvases with the sky, as in his View of Alkmaar from the Sea from about 1650, where he has turned his panel from the usual ‘landscape’ mode. Clouds had now become subjects in their own right, and differences in their form and texture some of the most important features.

At their best, Cuyp’s coastal landscapes, such as The Maas at Dordrecht from about 1650, are full of rich light, earning him the nickname of the Dutch Claude Lorrain. This shows a passage boat packed with passengers, together with its drummer, below a finely detailed sky.

Cuyp also populated the strip at the foot of his landscapes with farm animals. In his Cows in a River from about 1650, the landscape has been minimised to concentrate on the cattle, although most of his panel is still taken by its striking sky.

Unless backed by elevated dunes, there was no way that an artist could expand thin strips of beach and sea. The dominant towers of cumulus clouds in Adriaen van de Velde’s View of a Beach from 1663-65 have become his subjects.

Jacob van Ruisdael also turned his canvases for these portraits of towering clouds, as in his View of Haarlem with Bleaching Fields from about 1665. The distant town of Haarlem with its monumentally large church of Saint Bavo – works of man – are dwarfed by these high cumulus clouds, the works of God. This motif proved so popular that van Ruisdael painted many variants of the same view, making it now one of the most widespread landscapes across the galleries of Europe.

Other artists like Philip de Koninck marvelled at cloud formations, here in his River Landscape from just after the end of the Golden Age, in 1676.

Among the many new features Apple lists for macOS 26 Tahoe is a new disk image format, Apple Sparse Image Format or ASIF. In that list it appears as a feature for virtualisation, and is explained as: “Create virtualized disk images with a virtualized file format that can be formatted to any kind of file system.”

Yet in the help pages for Disk Utility, the claim goes further: “A modern sparse read/write image. The space it uses on your disk is proportional to the data it contains, making it efficient and general-purpose.” In Apple’s developer documentation for virtualisation, there’s more detail still:
“Apple Sparse Image Format (ASIF) files transfer more efficiently between hosts or disks because their intrinsic structure doesn’t depend on the host file system’s capabilities. The size the ASIF file takes on the file system is proportional to the actual data stored in the disk image.”

This article considers whether this new ASIF disk image format, as implemented in macOS 26.0, is more suitable for general purposes than the other two leading contenders. Should you use ASIF instead of sparse bundle or read-write (UDRW) disk images?

Testing

To assess the performance of these disk images, read and write speeds were measured in macOS 26.0 Tahoe running on a Mac mini M4 Pro with a 2 TB internal SSD. Each disk image was created using Disk Utility, with a single APFS volume in a disk of maximum size 100 GB stored on the internal SSD, with FileVault enabled. Each format was tested using plain APFS, and separately using APFS Encrypted with 256-bit AES.

When each disk image was created and mounted, a single folder was created in it, and the image unmounted. The disk image was mounted again, and a standard write test performed into the folder using Stibium. That writes in random order a total of 160 files ranging in size from 2 MB to 2 GB, totalling 53 GB. Once the write speed had been measured the image was unmounted again and Stibium closed. For the read test the image was mounted again and all 160 files in the test folder were read in random order using Stibium to measure their speed.

Results

Read and write performance for each of the tests are shown in the table, where results are ranked by read speed.

All three disk image formats achieve similar read and write speeds with unencrypted images. There were substantial differences in performance, though, when encryption was used. With encryption, the sparse bundle was faster than both RAW (Read-Write, UDRW) and ASIF. The new format read at exactly half the speed of a sparse bundle, and at 57% of write speed. ASIF with APFS Encrypted was the slowest of the seven tests in both read and write.

Differences in the size on disk of images were small. Empty disks were smallest for sparse bundles and ASIF, and following deletion of all test files, ASIF returned to the smallest size, indicating that it’s the most space-efficient.

Why use ASIF?

If ASIF doesn’t perform any better than existing formats, and any gains in space on disk are small, when and why should you use the new format? To appreciate its strengths, you need to consider how the other two formats work in terms of the file system they’re hosted on, and the file system they run internally.

A sparse bundle stores its contents on many band files inside its bundle. When its internal file system is able to compact free space, used space can be compacted into a minimum number of bundles, and those containing just free space can be deleted. Thus the total size of its bundle will vary according to the space required to store its contents. Coupled with efficient read and write support this results in good space efficiency and performance.

When a Raw Read-Write disk image has an internal file system that is capable of Trimming free space, as APFS and HFS+ can, that process will compact free space within the image. When the image is stored on a host file system that supports sparse file format, as APFS does, the space in the image that is free can be skipped, resulting in a space-efficient sparse file. However, a host file system like HFS+ that doesn’t offer a sparse file format is unable to take advantage of that.

ASIF is claimed to be able to accomplish similar economy of storage space without relying on the host file system’s special file formats, making it more suitable when the conditions required by sparse bundles and Raw Read-Write disk images aren’t available.

Although this new feature has been announced for virtualisation, it’s most probably only going to be useful for those running VMs stored on file systems other than APFS. Prior to the introduction of ASIF, VMs hosted on APFS have used Raw Read-Write style storage which has benefited from sparse file format, whether they’re macOS or Linux. Where ASIF may be of greatest benefit is for VMs run from network shares or cloud services, whose host file system won’t be APFS.

Recommendations

• ASIF should be the disk image format of choice when neither sparse bundles nor Raw Read-Write images can achieve similar economy in host storage space.
• In other circumstances, where sparse bundles or Raw Read-Write images can provide space-efficient storage and full performance, they are still to be preferred.
• At present, ASIF isn’t generally a better replacement for sparse bundles or Raw Read-Write images, particularly when their internal and host file systems are APFS.
• ASIF is likely to be of greatest benefit to those running macOS or Linux virtual machines from network shares or cloud services, where the VM can’t be hosted on APFS.

Apple has just released its weekly update to XProtect for all supported versions of macOS, bringing it to version 5315. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version adds three new detection signatures to its Yara file, two for a new entry named Zuru as MACOS.ZURU.LOAD and MACOS.ZURU.BEACON, and the third as another Soma/Amos component named MACOS.SOMA.SEENA.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight and SystHist for El Capitan to Tahoe available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5315

Sequoia and Tahoe systems only

This update has finally been released for Sequoia and Tahoe via iCloud. If you want to check it manually, use the Terminal command
sudo xprotect check
then enter your admin password. If that returns version 5315 but your Mac still reports an older version is installed, you should be able to force the update using
sudo xprotect update

Update: as of 1100 GMT 17 September 2025, Apple still hasn’t released this via iCloud for Sequoia and Tahoe systems.

Further update: Sequoia and Tahoe systems are now receiving the 5315 update silently, without any change in the version reported by the xprotect tool. So don’t be surprised if your Mac gets updated without the xprotect tool knowing anything about it.

Further further update: over 24 hours after release of this update for older macOS, it has now been made available via iCloud, and the xprotect commands now work, for those Macs that still haven’t updated themselves.

In the distant past, fresco painting was ideal for brightening up the walls or ceiling of a substantial building, but there was also demand for smaller, more portable works of art. Some would have been painted onto animal skins, and were ultimately developed into miniatures in beautiful manuscripts, using the precursors of watercolours. One alternative medium developed most successfully was wax, in encaustic painting.

Characteristically this uses binder that in most ambient temperatures is solid, but becomes liquid paint at higher temperatures, usually no higher than the boiling point of water. This enables the painter to heat mixtures of pigment and binder kept at around 50˚-90˚C (120˚-200˚F), apply them while still hot, and for them to bind the pigment to its ground once the paint cools.

People started to keep bees by around 7000 BCE, and one of their most important products has been the wax from which they build their hives. Beeswax has a typical melting point of about 63˚C (145˚F), a temperature readily achieved by heating water but well above daytime maximum air temperatures experienced where people live, which very seldom reach 50˚C (120˚F). Beeswax was therefore most probably the first binder used for encaustic painting.

Encaustic paint is thus unusual as it doesn’t rely on a chemical process to form the dry paint layer, but a physical change of state, which is fully reversible. Common supports include panels of wood, which originally didn’t have any ground applied. More recently grounds of gesso have been used successfully, but encaustic paints have also been applied to a wide range of supports including dried and fired clay tablets, pots, and sculpture.

One significant limitation with the process of painting using encaustic media is that heated paint tends to be thin and runny. Most artists therefore apply their paint with the support laid flat, and leave their work horizontal until the paint has solidified. Instead of painting stood up in front of an easel, they tend to work lying down.

Although encaustic paintings are susceptible to physical damage and decay, some from before the Christian era have survived, and it’s thought that the medium was used for several hundred or even thousands of years before the birth of Christ. The best-known early encaustic paintings are those made by colonists from Greece and Rome when living in Egypt between about 80-250 CE, particularly those found in the Fayum (or Faiyum) Basin. These were first discovered in about 1615, with most being removed during the nineteenth century and spread across collections in Europe and America. These funerary portraits are among the most haunting images in European art, and demonstrate how skilled encaustic painting can rival other media. It can achieve a remarkable lucency, although this depends on the processing of the beeswax and its ageing.

This Funerary Portrait of a Woman ‘Isidora’ is rendered in fine, close-packed strokes of encaustic wax to model the form, and the eyelashes have been formed by scraping away wax to reveal the underlying black ground. Originally painted on a rectangular cedar board, small squares of gold leaf were applied around her neck, and the board cut down to size to fit the facial area of the woman’s mummy for interment.

Modelling of the skin in this Funerary Portrait of the Boy Eutyches is well in advance of its time, and appears more characteristic of portraits from the Renaissance over a thousand years later.

A tradition of encaustic painting also grew up in early Christian communities, where it was used to create icons for places of worship and the homes of the wealthiest.

This encaustic painting of the Virgin Mary and Child with Saints Theodor of Amasea and George, and Angels was made in about 580 CE for Saint Catherine’s Monastery in Sinai, not far from where the Fayum portraits had been interred.

A few artists continued to paint in encaustic even after the Renaissance, although this has remained a minority pursuit. Giovanni Francesco Romanelli’s painting of Boys Fishing from about 1640 curiously uses cardboard as its support, suggesting it may have been more of an experiment.

The nineteenth century saw a resurgence in the use of more traditional media such as egg tempera. In addition to painting with that, some like Arnold Böcklin returned to try encaustics, here in one of his major works, the first version of Villa by the Sea from 1864.

More followed suit in the twentieth century, including James Ensor, Diego Rivera and Jasper Johns, and today encaustic methods have a small but enthusiastic following.

A couple of weeks ago I estimated how much power and energy were used when performing Visual Look Up (VLU) on an Apple silicon Mac, and was surprised to discover how little that was, concluding that “it’s not actually that demanding on the capability of the hardware”. This article returns to those measurements and looks in more detail at what the CPU cores and GPU were doing.

That previous article gives full details of what I did. In brief, this was performed on a Mac mini M4 Pro running macOS Sequoia 15.6.1, using an image of cattle in a field, opened in Preview. powermetrics collected samples in periods of 100 ms throughout, and a full log extract was obtained to relate time to logged events.

Power use by CPU cores, GPU and neural engine (ANE) are shown in this chart from that article. This tallies against log records for the main work in VLU being performed in samples 10-24, representing a time interval of approximately 1.0-2.4 seconds after the start. There were also briefer periods of activity around 3.2 seconds on the GPU, 4.2 seconds on the CPU, and 6.6-7.1 seconds on the CPU. The latter correlated with online access to Apple’s SMOOT service to populate and display the VLU window.

To gain further detail, powermetrics measurements of CPU core cluster frequencies, active residencies of each core, and GPU frequency and active residency, were analysed for the first 80 collection periods.

Frequency and active residency

Cluster frequencies in MHz are shown in the chart above for the one E and two P clusters, and the GPU. These show:

• The E cores (black) ran at a baseline of 1200-1300 MHz for much of the time, reaching their maximum frequency of 2592 MHz during the main VLU period at 1.0-2.4 seconds.
• The first P cluster (blue), P0, was active in short bursts over the first 1.5 seconds, and again between 6.3-7.0 seconds. For the remainder of the period the cluster was shut down.
• The second P cluster (red), P1, was most active during the three periods of high power use, although it didn’t quite reach its maximum frequency of 4512 MHz. When there was little core activity, it was left to idle at 1260 MHz but wasn’t shut down.
• The GPU (yellow) ran at 338 MHz or was shut down for almost all the time, with one brief peak at 927 MHz.

This chart shows the total active residencies for each of the three CPU clusters, obtained by adding their % measurements. Thus the maximum for the E cluster is 400%, and 500% for each of the two P clusters, and 1,400% in all. These are broadly equivalent to the CPU % shown in Activity Monitor, and take no account of frequency. These show:

• The E cores (pale blue) had the highest active residency throughout, ranging from as little as 30% when almost idle around 5 seconds, to just over 300% during the main VLU phase at 1.4 seconds.
• The first P cluster (purple) remained almost inactive throughout.
• The second P cluster (red) was only active during the periods of highest work, particularly between 1.0-2.4 seconds and again at 6.4-7.1 seconds. For much of the rest of the test it had close to zero active residency.

Taken together, these show that a substantial proportion of the processing undertaken in VLU was performed by the E cores, with shorter peaks of activity in some of the cores in the second P cluster. For much of the time, though, all ten P cores were either idle or shut down.

Load

Combining frequency and active residency into a single value is difficult for the two types of CPU core. To provide a rough metric, I have calculated ‘cluster load’ as
total cluster active residency x (cluster frequency / maximum core frequency)
where the maximum frequency of these E cores is taken as 2592 MHz, and the P cores as 4512 MHz. For example, in the sample period at 2.2 seconds, the P1 cluster frequency was 4449 MHz, and the total active residency for the five cores was 122%. Thus the P1 cluster load was 122 x (4449/4512) = 120.3%. Maximum load for that cluster would have been 500%.

The chart above shows load values for:

• The E cluster (black) riseing to 150-260% during the peak of VLU activity, from a baseline of 20-30%.
• The P0 cluster (blue) which never reached 10% after the initial sample at 0 seconds.
• The P1 cluster (red) spiking at 90-150% during the three most active phases, otherwise remaining below 10%.

Caution is required when comparing E with P cores on this measurement, as not only is E core maximum frequency only 57% that of P cores, but it’s generally assumed that their maximum processing capacity is roughly half that of P cores. Even with that reservation, it’s clear that a substantial proportion of the processing performed in this VLU was on the E cores, with just one cluster of P cores active in short spikes.

Finally, it’s possible to examine the correlation between total P cluster load and total CPU power.

This chart shows calculated total P load and reported total CPU power use. The linear regression shown is
CPU power = 4.1 + (42.2 x total load)
giving a power use of 4,200 mW for a load of 100%, equating to a single P core running at maximum frequency.

Conclusions

• Cluster frequencies and active residencies measured in CPU cores followed the same phases as seen in CPU power, with most of the processing load of VLU in the the early stage, between 1.0-2.4 seconds, a shorter peak at 6.6-7.1 seconds correlating with online lookup, and a small peak at about 4.2 seconds.
• A substantial proportion of the processing performed for VLU was run on E rather than P cores, with P cores only being used for brief periods.
• Visual Look Up used remarkably little of the capability of an M4 Pro chip.

Apple has just released macOS 26.0 Tahoe (build 25A354), together with security updates to Sequoia taking it to 15.7, and for Sonoma to 14.8. As expected, there are no further security updates provided for Ventura, which is now unsupported.

The upgrade to Tahoe is once again provided as an ‘update’ rather than a full Installer app. If you want to run the Installer app to upgrade, download it from the App Store rather than using Software Update. If you’re updating Sequoia or Sonoma and your Mac is capable of running Tahoe, be very careful to select the right update in Software Update.

The Tahoe upgrade weighs in at 7.7 GB for Apple silicon Macs upgrading from a recent version of Sequoia. For Intel Macs it should be 6.1 GB.

On Apple silicon Macs, iBoot is updated to version 13822.1.2. Intel Macs have their firmware updated to version 2092.0.0.0.0 (iBridge 23.16.10350.0.0,0). Safari is version 26.0 (21622.1.22.11.14). The Darwin kernel version is 25.0.0.

Security release notes are also available:

• Tahoe 26.0 lists 75 vulnerabilities fixed, none of which is reported as already being exploited.
• Sequoia 15.7 lists 34 vulnerabilities fixed.
• Sonoma 14.8 lists 38 vulnerabilities fixed.

Useful links

Prepare to upgrade macOS – what you should have done already
What should you do when an update goes wrong?
When you should use Safe Mode, and what it does
What to do when there’s something fundamentally wrong with an Apple silicon Mac
Eclectic Light software updates for Tahoe

Last updated at 1928 GMT 15 September 2025. My apologies for some previous incorrect versions, which were the result of an unintended update.

macOS 26 Tahoe’s big thing is its redesigned interface, with additional variations to appearance modes and its new Liquid Glass effects. Whether you’re installing the upgrade because of those, or in spite of them, allow me to take you on a quick tour of how you can set its interface up, and which controls do what.

There are three sets of controls:

• Appearance mode, Light or Dark, in Appearance settings;
• Display variations to Reduce transparency or Increase contrast, in Accessibility settings;
• Icon & widget style, in Appearance settings.

That comes to a total of more than 20 combinations before factoring in icon tinting colour, so there’s no shortage of choice.

Light mode

There are three overall variations of light mode, depending on those Accessibility settings.

The starting point and default is in light mode without Accessibility, and icon & widget style set to Default. Note the effects of transparency on the menu bar, widgets, the Liquid Glass effect in the left side of the Dock, and the upper row of icons in the Finder window. If you like those, you don’t have to change any settings.

This is light mode with Reduce transparency enabled in Accessibility settings. This disables all Liquid Glass effects and restores the traditional menu bar and Dock. The effect on Desktop widgets is perhaps less beneficial.

In light mode with Increase contrast (automatically coupled with Reduce transparency) enabled, the predominant effect is the outlining of controls within each window, rather than any change in contrast. Colours used by the system, such as the traffic light controls at the top left of each window, and those in themes, are darker, but those elsewhere, as in icons, aren’t changed. The effect here is to make controls clearer rather than actually changing contrast.

Dark mode

Without changing Accessibility and leaving Icon & widget style set to Default, dark mode shows transparency and Liquid Glass effects as you expect. These are again most visible in the menu bar, Dock, and the upper row of icons in the Finder window.

With Reduce transparency enabled in Accessibility settings those transparency and Liquid Glass effects are removed.

Enabling Increase contrast outlines controls clearly, but any changes in system colours are more variable than in light mode.

Icon & widget style

This is new to Tahoe and only affects the rendering of icons and widgets.

Using light mode without any Accessibility changes, the Default setting for Icon & widget style is the baseline, showing icons in their ‘normal’ state.

Dark icon settings in light mode contrasts more but their readability may suffer.

When Icon & widget style is set to Clear, most are decolourised, making them significantly harder to read, and impossible to distinguish in the sidebar of System Settings.

The final option is for Icon & widget style to be Tinted, where they’re rendered in monochrome using a colour of your choice, selected from the popup menu below. On iPhones and other devices that are available in several case colours, some have decided to set tinting to match the case, something you might like to try with an Apple silicon iMac, for example.

However, be careful in both Clear and Tinted styles, as it’s easy to end up making many icons unreadable and almost indistinguishable, here by setting the last of those to Graphite colour. This is one of the obvious drawbacks in Tahoe’s flexibility, in that many combinations of appearance mode, Accessibility settings and icon and widget style degrade its human interface rather than enhancing it. At least you now know what not to try, and how to return it to its defaults.

Summary of controls

• Appearance mode, light or dark, in Appearance settings;
• Display variations to Reduce transparency or Increase contrast, in Accessibility settings;
• Icon & widget styles, in Appearance settings, with Icon, widget & folder colour when appropriate.

Have fun!

Virgil has led Dante into a gorge taking them from the heretics further into the depths of Hell. As they descend, Virgil advises they should take their time so they can become accustomed to the stench emanating from these depths. This allows him to explain to Dante the layout of the parts they are about to enter.

Within the next pit are three sub-divisions, catering for the sins of malice in their different forms. The first ring is for those of violent will, and is divided again into three, for homicides and bandits, for suicides, and blasphemers. Dante’s verbal descriptions of these sub-divisions can readily become confusing, and have been turned into diagrammatic maps by several artists.

One of the most famous is Botticelli’s Map of Hell from 1480-90, in which these lower zones are shown as a funnel at the bottom, leading to the Devil himself.

Jan van der Straet’s diagram from 1587 is similar in form, and packs these zones into the narrow section at the foot.

Dante opens Canto 12 as the pair are scrambling down boulders as if in the Alps, dislodged during the earthquake resulting from Christ’s harrowing of Hell, to meet the Minotaur from Crete.

Like so many of Dante’s beasts, the Minotaur is drawn from classical mythology. This monstrous cross between a bull and human was kept in the labyrinth on Crete, where it was periodically fed with young Greek men and virgin women. For George Frederic Watts, in his painting of The Minotaur from 1885, it represented the worst of Victorian society and its moral values, in the industry of child prostitution flourishing in London at the time.

Dante and Virgil hurry past the Minotaur when they can, and continue their descent through more fallen boulders and scree, to enter the seventh circle, for sins of violence. They are then hailed by one of a group of centaurs armed with bows and arrows. Virgil responds that they will discuss their mission with Chiron, rather than the hot-headed Nessus. Chiron was a centaur in mythology, but one known for his wisdom, and for teaching the young Achilles. Nessus was another centaur, who tried to abduct Heracles’ wife Deianeira and was killed for that, but laid a plot that led to Heracles’ death.

Chiron directs Nessus to aid Virgil and Dante in their passage.

They pass along the rocks beside the damned souls, who are immersed in boiling blood to a depth appropriate to their sins. Dante recognises some as they go: Alexander the Great, Dionysius the Elder and tyrant of Syracuse, one of the d’Este family who was suffocated by his own son. Further on are Attila the Hun, Pyrrhus, Sextus son of Pompey, and a couple of infamous contemporary highwaymen.

Virgil then leads Dante into a strange wood, whose thorn trees form the nests of Harpies. These composite creatures have the heads of humans and the bodies and talons of birds, and live in sub-ring number two. In classical legend, the Harpies inhabited the Strophades, islands where they attacked Aeneas and his companions in Virgil’s Aeneid.

Virgil tells Dante to break a small branch from one of the trees. When he does, the tree screams out in pain, and the wound oozes blood. The tree explains that they were once people, but had taken their own lives. In this case, Dante is talking to the poet Pier della Vigna, who was ruined by envious rivals.

Dante is filled with pity for the spirit, who can only look forward to the Day of Judgement, while they are tortured by the Harpies feeding on their leaves. After learning of another two suicides from Siena and Florence, Dante moves on in profound sorrow.

The artists

William Blake (1757–1827) was a British visionary painter and illustrator whose last and incomplete work was an illustrated edition of the Divine Comedy for the painter John Linnell. Most of his works shown in this series were created for that, although he did draw and paint scenes during his earlier career. I have a major series on his work here.

Sandro Botticelli (1445–1510) was one of the leading painters of the early Southern Renaissance, working in his native city of Florence. In addition to his huge egg tempera masterpieces of Primavera (c 1482) and The Birth of Venus (c 1485), he was a lifelong fan of Dante’s writings. He produced drawings that were engraved for the first printed edition of the Divine Comedy in 1481, but these weren’t successful, most copies only having two or three of the 19 engraved. He later began a manuscript illustrated edition on parchment, but few pages were ever fully illuminated.

Gustave Doré (1832–1883) was the leading French illustrator of the nineteenth century, whose paintings are still relatively unknown. Early in his career, he produced a complete set of seventy illustrations for translations of the Inferno, first published in 1857 and still continuing in use. These were followed in 1867 by more illustrations for Purgatorio and Paradiso. This article looks at his paintings.

John Flaxman (1755–1826) was a British sculptor and draughtsman who occasionally painted as well. When he was in Rome between 1787-91, he produced drawings for book illustrations, including a set of 111 for an edition of The Divine Comedy. In 1810, he was appointed the Professor of Sculpture to the Royal Academy in London, and in 1817 made drawings to illustrate Hesiod, that were engraved by William Blake.

Joseph Anton Koch (1768-1839) was an Austrian landscape painter, who worked mainly in Neoclassical style. During his second stay in Rome, he was commissioned to paint frescos in the Villa Massimi on the walls of the Dante Room there, which remain one of the most florid visual accounts of Dante’s Inferno. He completed those between 1824-29. He also appears to have drawn a set of illustrations for Dante’s Inferno in about 1808.

Jan van der Straet, also commonly known by his Italianised name of Giovanni Stradano (1523-1605), was a painter who started his career in Bruges and Antwerp in Belgium, but moved to Florence in 1550, where he worked for the remainder of his life. Mannerist in style, he worked with printmakers in Antwerp to produce collections of prints, including an extensive set for The Divine Comedy.

References

Wikipedia
Danteworlds

Robin Kirkpatrick (trans) (2012) Dante, The Divine Comedy, Inferno, Purgatorio, Paradiso, Penguin Classics. ISBN 978 0 141 19749 4.
Richard Lansing (ed) (2000) The Dante Encyclopedia, Routledge. ISBN 978 0 415 87611 7.
Guy P Raffa (2009) The Complete Danteworlds, A Reader’s Guide to the Divine Comedy, Chicago UP. ISBN 978 0 2267 0270 4.
Prue Shaw (2014) Reading Dante, From Here to Eternity, Liveright. ISBN 978 1 63149 006 4.

I hope that you enjoyed Saturday’s Mac Riddles, episode 325. Here are my solutions to them.

1: Not quite a dogcow functions in six modules from 1991.

2: Suite in three movements replacing 1 from 2004.

3: Yoga position with syncopated music, but it wasn’t the sequel to 1-2-3.

The common factor

I look forward to your putting alternative cases.

When Apple launched its new iPhone 17 range last week, it also announced a major change in their security. This article tries to explain what that means, and whether Apple intends building it into future Macs.

Handling of memory is an important facet of security, and securing that should eliminate plenty of vulnerabilities from Apple’s operating systems. For example, the single vulnerability fixed in Sequoia 15.6.1, and known to be actively exploited, resulted in memory corruption from processing a malicious image file. Many of those fixed in 15.6 also cite memory problems in their cause, such as corruption, out-of-bounds and use-after-free errors. Apple’s research indicates that some of the vulnerabilities used in the most sophisticated attacks, particularly those against iOS, could have been prevented by making memory handling more secure in the first place.

Over the last few years, Apple has focussed attention on making memory handling safer. Starting in iOS 15, it introduced a new interface known as kalloc_type to be used throughout the kernel and all kernel extensions. This requires Apple’s engineers to adopt its new features, and by iOS 16 it’s estimated that 95% of the kernel-space codebase in iOS had been converted. This has been fed through into macOS from Ventura onwards.

Although kalloc_type has helped, more is needed if memory handling is going to as safe as Apple wants, in what it terms Memory Integrity Enforcement. Unlike most other security measures, the principle of this is relatively simple: to allocate and control memory using secure tags. When a kernel extension, for example, requires some memory, it’s provided with a secure tag. When it wants to access any of that memory, the kext then has to provide the tag with its request. The tag is then checked and access only granted if the tag is successfully validated for the address requested.

This can be used to prevent one of the commonest types of vulnerability, accessing memory beyond that allocated in a buffer overflow. As that memory request is out-of-bounds of the memory allocated, the secure tag provided won’t extend to cover that, and the request is refused. Another common type of vulnerability is when code requests memory that has already been freed, in use-after-free access. MIE prevents that as the secure token is invalidated when that memory is freed, so the request is refused.

While the principle underlying MIE is simple, its implementation is more complex. One obvious problem is that it imposes significant overhead to memory allocation and access. The only way to work around that is to implement it in hardware, hence its current limitation to devices using Apple’s new A19 and A19 Pro chips, the first to offer that support. These come with additional features for Arm’s Enhanced Memory Tagging Extension, an option from the Armv8.7 instruction set architecture, and not yet available in an M-series chip for Macs. If you look for FEAT_MTE4 among the hardware options in sysctl (shown easily in Mints, for example), there’s no mention of it in Apple’s latest M4 chips. Additionally, for apps to support MIE, they have to opt in to enable hardware memory tagging, a feature that’s only available for now in the iPhone 17 range, including the iPhone Air.

Critics have pointed out that MIE only tackles some vulnerabilities, but Apple’s analysis of recent real-world exploits used in malware shows how the combination of defences can now disrupt the chains many rely on. By achieving that early in a chain, Apple argues that those developing attacks will be forced to redevelop the whole of that exploit chain. Neither is MIE completely new, as other operating systems like GrapheneOS, popular on Google’s Pixel devices, have already been using their own implementation of similar protection. Apple claims that those have shortcomings it has addressed in implementing MIE for iPhones.

Apple hasn’t yet made any announcement about whether or when MIE might be coming to its M-series chips using in Apple silicon Macs. I suspect we’re unlikely to see the debut of an M5 complete with Neural Accelerated GPU and hardware support for MIE in Apple’s Halloween Mac event, and more likely with macOS 26.3 early next year. Of course, MIE doesn’t protect against everything, but it should make life significantly harder for those intending to attack us.

Further reading

Apple on kalloc_type
Apple on Memory Integrity Enforcement
Arm on Enhanced Memory Tagging Extension
Apple on Enhanced Security for app developers.

In this second and concluding article showing the seasons in paintings, I resume with one of the treasures of the Louvre in Paris. Towards the end of his life, Nicolas Poussin’s hands developed a severe tremor making painting fine details very difficult. Despite that, his final years saw some of his greatest landscape paintings, and standing head and shoulders above those is his series of the Seasons, believed to have been painted between 1660-64.

Each of these is both a fine painting of an idealised landscape, together with narrative referring to a Biblical story. They not only move through the seasons of the year, but through the times of the day, starting in the early morning of Spring, and ending at night for winter, a device used later by others including William Hogarth.

Spring starts at the beginning of the Bible, with the story of Adam and Eve in the Garden of Eden. Eve is persuading Adam to join her in an apple, the opening step of the Fall.

For Summer, Poussin chose the story of Boaz discovering Ruth gleaning after the wheat had been cut in his fields, as told in the Book of Ruth. In its contrasting Italian coastal setting, this shares common ground with earlier paintings of the Brueghels.

Poussin refers to a story from the Book of Numbers for Autumn, in which Israelite spies visited the Promised Land, and brought back grapes as evidence of what lay ahead.

Winter returns to the Book of Genesis, to show the great flood, with lightning crackling through the sky, and survivors trying to escape the rising waters. This also demonstrates Poussin’s lifelong dread of snakes: one is slithering up the rocks on the left, and there is another in the water, although not visible in this image.

Early in William-Adolphe Bouguereau’s career he was commissioned to paint a series showing The Four Seasons (1854-55) for the music pavilion in the garden of the Monlun banking family in La Rochelle. In keeping with their opulent surrounds, these were painted on gold grounds, a layer of gold leaf into which the artist embossed a geometric pattern to result in this unusual appearance. He painted a series of young women with seasonal attributes. These include the flowers of Spring, with their reference to Flora, sheaves of ripened corn (Ceres), a bacchante with her goblet of wine and thyrsus, and wrapped up for winter with snow on her clothing.

The greatest series of mythological allegories of the seasons is that painted in the final years of Eugène Delacroix’s life. These were commissioned by the Alsacian industrialist Frederick Hartmann, and completed just before the artist’s death in 1863. Although considered to be allegories, in that they don’t directly show each season, they are unconventional in using stories from classical myths that are tied into the seasons.

For Spring, Delacroix chose Eurydice Bitten by a Serpent while Picking Flowers (Eurydice’s Death), in which the bride Eurydice is bitten on the foot (or ankle) by a snake immediately after her wedding, and dies.

For summer, the story is another tragic myth of Diana Surprised by Actaeon, again set in the season shown. Actaeon stumbled across the goddess bathing when he was out hunting; as a result of his unintentional glimpse of her naked body, he’s turned into a stag and killed by his own hunting dogs. He’s already in transition, with antlers growing from his head.

Delacroix’s choice for autumn draws on the common association between that season and wine, with Bacchus and Ariadne. After being abandoned on the island of Naxos by Theseus, who had promised to marry her, Ariadne is discovered by the young Bacchus. Here, the god has just arrived and is helping the gloomy and despondent Ariadne to her feet. They then fall in love and marry.

For the final season of winter, the artist chose Juno Beseeches Aeolus to Destroy Ulysses’ Fleet, with a slight conflation between the stories of Ulysses and Aeneas. In the Aeneid, Juno offers Aeolus a nymph as a wife if he will let loose his winds on the fleet of Aeneas. That he does, and the fleet is driven onto the coast of North Africa by a winter storm.

At the end of the nineteenth century, Alphonse Mucha made several series of prints showing the four seasons. Among these is The Four Seasons, probably from around 1897-1900. These make interesting comparison with Bouguereau’s more conventional paintings above.

A Masque for the Four Seasons, painted in oils between 1905-09, was possibly Walter Crane’s last major work in oils. This draws on Botticelli’s Primavera, in its frieze before a dense woodland background, and copious seasonal wild flowers. Its four Grace-like women are colour-coded from the Spring on the left.

The seasons are also a pervasive feature of much of East Asian art, and I close with a relatively modern example.

Araki Jippo 荒木 十畝 painted Birds and Flowers of Four Seasons 四季花鳥 on silk in 1917, which makes a fascinating comparison with the landscapes of de Momper.

For the last three months, since Apple released the first developer beta of macOS 26 Tahoe, I’ve been fairly busy updating my apps so they’re ready for its release. This quarter of the year is usually quite busy, but the changes brought by Tahoe have required more work than any version of macOS so far. This article provides checklists of every one of my apps and command tools that I believe should be compatible with macOS 26, and in most cases I have tweaked and rebuilt to ensure that.

The first problem posed by Tahoe was its rough handling of app icons that it didn’t like, because they deviated from its standard square with rounded corners. This isn’t something to be ignored, as if you can’t recognise apps in the Dock, how can you use them?

Here are two icons for the same app viewed in Tahoe. The left one uses a traditional AppIcon.icns icon image, while that on the right is the same circular PNG that has been applied using Icon Composer and added as a .icon file for Tahoe. So every supported app has required a new icon to be designed for it, and incorporated into a new build. Here’s part of my beauty parade.

Unfortunately, the moment you rebuild an app with its new icon, its whole interface is also rebuilt to Tahoe’s new standards. Those not only include all those infernal rectangles with rounded corners, but many controls and elements are larger than in Sequoia. While this is implemented intelligently so as not to upset layouts when running in older versions of macOS, Tahoe’s new look can wreak havoc with windows and dialogs.

This demo, Mallyshag, looks the same in Sequoia above, but has become a mess in Tahoe (below) because of those changed control dimensions.

Those three buttons are significantly wider, so now overlap one another and are wider than the text box below. They need a careful overhaul before they’re ready for Tahoe. Conversion can also have unexpected side-effects: for example, I’ve had some selectable text fields changed to be editable as well.

Here are the 31 updated apps that I have equipped with a new icon and adjusted their interface for Tahoe:

• Alifix version 1.4
• Apfelstrudel version 1.6
• Cirrus version 1.16
• Cormorant version 1.6
• DelightEd version 2.4
• Dintch version 1.8
• DropSum version 1.2
• Dystextia version 1.9
• Fintch version 1.4
• LogUI version 1 build 70
• Metamer version 1.6
• Mints version 1.21
• Nalaprop version 1.4
• Podofyllin version 1.4
• Precize version 1.16
• Revisionist version 1.10
• SilentKnight version 2.12
• Skint and SkintM version 1.09
• Sparsity version 1.4
• Spotcord version 1.0
• SpotTest version 1.1
• Spundle version 1.9
• Stibium version 1.2
• SystHist version 1.21
• The Time Machine Mechanic (T2M2) version 2.03
• Ulbow version 1.11
• UTIutility version 1.4
• Versatility version 1.1
• xattred version 1.6
• XProCheck version 1.7

There are also my three macOS virtualisers for Apple silicon Macs, which require more than an overhaul. However, I regularly use these in Tahoe and believe they’re fully compatible, even if their icons will disappoint:

• Viable version 1.0.12 (b12)
• ViableS version 1.0.12 (b12)
• Vimy version 0.7 (fourth beta)

I intend working on those in the coming months, to update them and cast them into fresh interfaces.

I have also tested five of my command tools, and believe they too are fully compatible with Tahoe:

• alisma version 4
• blowhole version 11
• cintch version 3
• cmpxat version 4
• unorml version 5

At least they don’t have custom icons.

So that was the summer of 2025, in more nutshells that I had expected. I hope you still find these useful, and will report any problems you encounter.

Those of us in the northern hemisphere are just sliding into the autumn/fall, as those in the southern are entering Spring. This weekend I celebrate the seasons with the help of an array of some of the finest painters of their time. This article shows sets up to that painted by Pieter Brueghel the Younger. Tomorrow I conclude from the most famous set of all, completed by Nicolas Poussin shortly before his death in 1665, up to the early twentieth century. In each case, I show the seasons in chronological order, starting with Spring, and ending with winter.

The earliest paintings in modern Europe depicting seasons were calendar miniatures in Books of Hours like those of the Limbourg Brothers, such as the famous Très Riches Heures of the Duc de Berry, from about 1411-1416.

One of the early artists who transferred the theme to full-size easel paintings was Giuseppe Arcimboldo, who made several of his marvellous anthropomorphic portraits in sets of four. Less well-known, but more ambitious, is his Four Seasons in One Head from about 1590. He combines different passages to represent the seasons in turn. Spring is in the flowers on the body, summer in the sheaves of ripe corn, autumn in the fruits decorating the hair, and winter in the leafless face and branches.

Although best known for these anthropomorphic paintings, Arcimboldo was by no means their only exponent. At about the same time, Joos de Momper painted anthropomorphic landscapes, in which figures appear from crafted landforms. These come together in an undated series of four allegories of the seasons.

The most conventional platform for depicting the seasons was, inevitably, in landscape paintings. In another series, de Momper painted one of the finest landscape sets between about 1612-15. Each of these is carefully composed with a checklist of different details: trees and their foliage, domestic animals, birds both species and activity, human dress and activity, weather, sky, and so on. This provides much common ground with traditional East Asian paintings of the seasons, as shown in tomorrow’s article.

The Bruegels had also been working for many years on their series showing the seasons. Pieter Bruegel the Elder (c 1525-1569) had been commissioned to produce designs for prints in the mid 1560s, but after his early death the incomplete project was taken over by Hans Bol (1534-1593) and completed as prints in 1570. Pieter Brueghel the Younger (1564–1638) used those as the basis for one of his standard series of paintings, of which two complete sets are known to survive. The images below are of the set in the National Museum of Art of Romania, in Bucharest.

In Spring, gardeners are planting out a formal Italianate flower-garden, a sight that was probably inspired by Pieter Bruegel the Elder’s visit to Italy. It has been suggested that this composition is even more ingenious, in showing March in the foreground, April behind, and May at the furthest end of the garden.

Summer shows the conventional country sight of the wheat harvest, as more fully developed in other paintings by the Brueghels, and one of the most familiar with its golden stooks and bustling activity.

The composition used for Autumn is taken from Bol’s print, although here the number of figures has been reduced to simplify and clarify. The villagers are busy slaughtering and preparing animals, as stooks of corn are laid up in lofts.

Winter draws on several earlier paintings showing skating on ice, and is influenced by those and Bol’s composition used in his 1570 series of prints.

Here are this weekend’s Mac riddles to entertain you through family time, shopping and recreation.

1: Not quite a dogcow functions in six modules from 1991.

2: Suite in three movements replacing 1 from 2004.

3: Yoga position with syncopated music, but it wasn’t the sequel to 1-2-3.

To help you cross-check your solutions, or confuse you further, there’s a common factor between them.

I’ll post my solutions first thing on Monday morning.

Please don’t post your solutions as comments here: it spoils it for others.

The Mac wasn’t the only innovative product shipped by Apple in 1984. At the time, the company was still making its money from selling updated versions of the Apple II, and by then was offering models with 128 KB RAM. For those it provided a demo product developed by Rupert Lissner called AppleWorks. This was one of the first integrated ‘office’ suites, consisting of a word processor, spreadsheet and database, all within the same app.

The original 128K Mac shipped with its own two ‘killer’ apps, MacWrite, developed first by Encore Systems led by Randy Wigginton, and MacPaint, written in-house by the late Bill Atkinson (1951-2025), with its interface designed by Susan Kare. The first integrated ‘office’ suite for Mac was probably Lotus Jazz, released in 1985, and that was followed by Microsoft Works in 1986. Jazz was intended to replicate the success of Lotus 1-2-3 on PCs and proved popular with some, but it was generally considered to be overpriced at $595 and underpowered, and flopped.

Microsoft Works came from an integrated suite being developed for the Mac by Don Williams and Rupert Lissner (original developer of AppleWorks), both former Apple employees. Although first released for the Mac (apparently), it soon followed for DOS PCs, and in 1991 was released for Windows 3.0.

Meanwhile, Apple spun its app development out to its wholly-owned subsidiary Claris in 1987, but no progress was made in developing AppleWorks for the Mac. The following year, Claris bought FileMaker, a database, from Nashoba Systems, which it rebranded to FileMaker II to conform with its other Mac apps, and in 1990 it was succeeded by FileMaker Pro 1.0. However, that year Apple decided to keep Claris as a subsidiary rather than taking it public, and most of its executives resigned. AppleWorks for Apple II was upgraded by Beagle Bros, then licensed to Quality Computers.

Bob Hearn and Scott Holdaway wrote a completely new version of AppleWorks, this time for the Mac, and that was published by Claris as ClarisWorks 1.0 in October 1991. Initial modules included a word processor, drawing, painting, spreadsheet, database, and a communications terminal.

Apple’s financial woes in the 1990s brought further change. The ClarisWorks team left to develop a similar suite for BeOS, FileMaker and Claris HomePage were retained by its subsidiary, now renamed FileMaker, and its other products including ClarisWorks were brought back into Apple. Since then, HomePage was discontinued, and FileMaker changed its name to Claris International to continue developing and selling its FileMaker database products.

AppleWorks 5.0 was released in 1997 and saw Classic Mac OS through from System 7.0.1 to Mac OS 9.

That was followed by AppleWorks 6.0 in January 2000, which dropped the communications terminal in favour of a presentation module. This supported both Classic Mac OS and the new Mac OS X, although it was unable to use many of the latter’s new features. The last update to 6.2.9 was released in January 2004, and in August 2007 Apple declared AppleWorks dead, replaced by the iWork suite of Pages and Keynote in January 2004, followed by Numbers in 2007, three separate apps rather than an integrated suite. Since 2013, that suite has been provided free with each Mac user’s Apple ID.

AppleWorks was rich with document templates from brochures to postcards. It’s seen here running in Mac OS X 10.0 Cheetah in 2001.

Its word processor could export to HTML, and Microsoft Word formats thanks to its support for Claris XTND technology. This is in Mac OS X 10.1 Puma in 2002.

This shows its word processor with its Accents palette at the right and integrated drawing tools at the left. This is in Mac OS X 10.2 Jaguar in 2003.

These are AppleWorks’ word processor document preferences, in Mac OS X 10.4 Tiger in 2006.

This is one of the popular certificate templates used in the drawing module, with its tools at the left. This is in Mac OS X 10.6 Snow Leopard in 2009.

Today it seems extraordinary that AppleWorks, which shipped for Apple II in 1984, had to wait seven years until 1991 before it could run on the Mac.

Few small pieces of cloth have such a broad range of associations, from the blindfold used in teasing games, to that covering the eyes of someone about to be shot. In paintings a blindfold is also the clearest visual statement that its wearer can’t see.

From classical civilisations onwards, it has been widely held that love is blind, and accordingly depictions of Cupid often show him wearing a blindfold.

Piero della Francesca’s fresco showing Cupid Blindfolded (1452-66) illustrates both the ancient saying and the Roman concept of an infant archer with spectacular wings.

This is maintained by Botticelli in the Cupid shown at the top of his Primavera (Spring) (c 1482).

The controversial Félicien Rops transferred this into a contrasting image.

Pornocrates, or Woman with a Pig from 1878 is his best-known work, showing a nearly-naked woman being led by a pig tethered on a lead like a dog. She wears a blindfold, and an exuberant black hat, suggesting she is a courtesan or prostitute. In the air are three winged amorini, and below is a frieze containing allegories of sculpture, music, poetry and painting.

The other classical figure likely to be blindfolded is the personification of Fortune.

Giovanni Bellini’s Allegory of Winged Fortune (1490) may look weird, but features the following symbols:

• the blindfold represents Fortune’s salient characteristic, her blindness in dispensing good fortune and misfortune;
• ill fate is normally associated with a peacock tail, wings, and lion’s paws;
• the two pitchers represent the dispensation of good and bad fortune;
• abundant and long hair at the front of the head, and little at the back, symbolises Kairos, the moment of opportunity, which can be seized by the hair when approaching, but once passed cannot.

In history paintings, a blindfold is almost universally the sign of seriously bad fortune.

Paul Delaroche’s convincing painting of The Execution of Lady Jane Grey (1833) shows the fate of a contender for the crown of England following the early death of King Edward VI at the age of just 15 in 1553. As he had no natural successor, he had drawn up a plan for a cousin, Lady Jane Grey, to become Queen. Her rule started on 10 July 1553, but King Edward’s half sister Mary deposed her on 19 July. She was committed to the Tower of London, convicted of high treason in November 1553, and executed on Tower Green by beheading on 12 February 1554 at the age of just 16 (or 17).

Lady Jane Grey and the Lieutenant of the Tower, Sir John Bridges, take the centre of the canvas. She is blindfolded, the rest of her face almost expressionless. As she can no longer see, the Lieutenant is guiding her towards the executioner’s block, in front of her. Her arms are outstretched, hands with fingers spread in their quest for the block. Under the block, straw has been placed to take up her blood.

At the right, the executioner stands high and coldly detached, his left hand holding the haft of the axe which he will shortly use to kill the young woman. Coils of rope hang from his waist, ready to tie his victim down if necessary. At the left, two of Lady Jane Grey’s attendants or family are resigned in their grief. Lady Jane Grey wears a silver-white gown which dominates the entire painting, forcing everything and everyone else back into sombre mid tones and darker.

Although Delaroche made one major alteration to history, as she was actually executed in the small court-like space within the Tower known as Tower Green, he otherwise appears to have been faithful.

Antonio Gisbert’s huge painting of The Execution by Firing Squad of Torrijos and his Companions on the Beach at Málaga (1888) shows a terrible scene: the summary execution of nearly fifty people on 11 December 1831.

General José María de Torrijos y Uriarte was highly successful in his military career, and during liberal government in 1820-23 was Captain General of Valencia, and Minister for War. When that regime came to an end in 1823, General Torrijos first fled to France, then to England, where he lived in London, being assisted by the Duke of Wellington, then Prime Minister.

From 1827, the liberal Spanish exiles organised themselves for a popular uprising in Spain, and in 1831, Torrijos and his followers travelled to Gibraltar in readiness. They supported several attempts at insurrection in early 1831, each of which was brutally suppressed by the absolutist government under Ferdinand VII. The Governor of Málaga then tricked General Torrijos into believing that he was a supporter of the planned insurrection. On the morning of 2 December, General Torrijos and fifty-nine others landed at Málaga after a surprise attack by the ship Neptune. They intended to encourage a liberal uprising, and had brought a printed manifesto and several proclamations which they intended to promulgate.

They were eventually ambushed after several days of walking, on 4 December, and surrendered, hoping that the situation in Málaga had improved. They underwent no trial, but at 1130 on Sunday 11 December 1831, all 49 who had been captured were shot dead by a firing squad on the beach.

Our sense of sight is celebrated in a peculiar, ancient, and widespread game played by children and adults alike: blind man’s buff (or bluff). This involves putting a blindfold on the ‘victim’, who is then required to ‘tag’ one of the sighted players. It was recorded in ancient Greece, and more recently is known from much of Asia, including Japan, throughout Europe, and the Americas.

The game also rejoices under many fascinating names: in ancient Greece it was known as copper mosquito, in Bangladesh as blind fly, in Germany as blind cow, and in France as Colin-Maillard, after a tenth century warrior.

Jean-Honoré Fragonard’s Blind-Man’s Buff (1750-52) shows a red-faced young woman wearing the blindfold, being teased by her young man, and a child using a simple fishing rod. Her torso is tightly constricted by a tubular corset which gives her what appears to be an anatomically impossible figure, and if she’s not very careful, she will fall down the stone steps in front of her.

Francisco Goya shows a more usual form of Blind Man’s Buff (1788), in which the sighted players hold hands and form a ring around the blindfolded ‘victim’. Although this should provide them with more safety, this group has chosen to play on the bank of a river.

Konstantin Makovsky’s Игра в жмурки (Blind Man’s Buff) (c 1895) shows another variant being played indoors.

With macOS 26 Tahoe due to be released on Monday 15 September, I’m delighted to provide version 1.09 of my simple security checker Skint and its menu bar sibling SkintM.

These new versions should recognise Tahoe correctly, and check its version against an updated database.

Skint and SkintM versions 1.09 are now available from here: skint109
from Downloads above, from their Product Page, and via their auto-update mechanism.

Note that, because of the way it (mis)handles Dock icons, Skint might prove to be one of the few apps you run in Tahoe that doesn’t conform to its standard icon format. I also resisted the temptation to make these version 26.

In recent discussions here about the version system built into macOS, two potential problems were raised: first that a file’s versions don’t go with it wherever the file goes, and second that versions wouldn’t preserve datestamps. This article demonstrates how you can easily work around the first, and how the second isn’t correct.

The tools I use here are admittedly my own, but they’re free, and available from this Product Page. They’re also compatible with all versions of macOS from Big Sur (or earlier), and should work perfectly next week when Tahoe is released.

To pose my apps a challenge, I deliberately picked one of my source code files (for LogUI) that I can’t afford to move out of its current folder. This has a total of 230 versions tracking that file’s changing contents, and the development of that app, from its inception last year. Of course, as this is in Xcode I could have used a Git server for full version control, but versioning can do everything I want without going to that trouble.

These are the last few versions shown in Revisionist, simply by dragging and dropping the original file onto it. For each saved version, this displays its datestamp and size in bytes. To preview any of those, just double-click its entry and it will be opened as a QuickLook preview.

With the file open in Revisionist, I could click on the Archive button to save all its 230 versions to their own folder. However, if you just want to archive or move the file with all those versions, that’s quickest using the drag and drop feature in Versatility. Drop the original file on its window, then find the right location to save its versions in their own folder.

This is the result: the top of that folder of 230 versions, each numbered in sequence. QuickLook any of those and you’ll not only see their contents, but the datestamps on each version are those for that original saved (version) file. This original version was created on 7 July 2024, and last saved the following day.

You can now compress that folder of versions and move it wherever you want. I dropped mine onto my drag-and-drop compression utility Cormorant to turn the folder into a 16 KB Apple Archive, just 1.6 KB larger than the current version of that document. I have thought about building that option into Versatility, but you’ll probably prefer to use your own compressor like Keka.

If you wished, you could discard unwanted versions from that folder, because Revisionist and Versatility will reassemble the versions in order, and don’t notice if some of the numbers are missing. If you really wanted to, you could reorder the numbers, but that would be extremely confusing. The version system doesn’t rely on differences between versions, as it stores each version complete.

Once you’ve got your version archive where you want it, decompress it back to a folder, and drag and drop that onto Versatility. Save the file where you want it, and every one of those 230 versions is back inside it, just as they were in the original.

Here’s the copy I made earlier, seen in Revisionist, with the very first version previewed in QuickLook.

There are some relevant notes:

• Versions do still work in iCloud Drive, but each Mac only sees the versions created and saved on that Mac, not those created by others. I try to avoid mixing versions with iCloud Drive because of that added complication.
• If you select a version in Revisionist and click the Save button, the copy of that version is faithful, but is created as a new file, so has fresh datestamps.
• Versions only work on HFS+ and APFS volumes, although you can pass archived versions across any file system.

In the closing years of the nineteenth century, following the publication of his illustrated edition of Spenser’s The Faerie Queene, Walter Crane was becoming more involved in teaching. He lectured at the Manchester School of Art, and for a short period was principal at the Royal College of Art in London. He also travelled, and in 1900 paid a successful visit to Budapest in Hungary to promote a retrospective exhibition of his work.

His watercolour portrait of the beautiful woman knight Britomart from 1900 was probably a sequel to his Spenser project, as she is one of the major figures in that epic, and an allegory of virtue. She is shown on a very English beach, with the chalk cliffs of the south coast behind her, staring wistfully into the distance, her chin propped on the heel of her right hand. She wears full armour, mixed with more feminine clothing. Her left arm rests on her shield, there’s an enchanted lance beside her, and her helmet on a dune behind her.

In the same year, Death, the Reaper may have drawn inspiration from faerie paintings of the previous century, in particular those of Richard Dadd, in the tiny humans cavorting among the wild flowers. Crane invokes one of the most exaggerated moon illusions I’ve seen, to add more atmosphere.

A Masque for the Four Seasons, painted in oils between 1905-09, is one of Crane’s most overtly Pre-Raphaelite paintings, and possibly his last major work in oils. Drawing on his memories of Botticelli’s Primavera, it uses a similar frieze of figures before a dense woodland background, and copious displays of seasonal wild flowers. The four Grace-like women wear loose classical robes, and are colour-coded. From the left they represent Spring, summer, autumn and winter.

Gaps in the trees provide two cameo glimpses of appropriately seasonal agriculture, with Spring ploughing on the left, and the grain harvest in the centre. At the right is Father Time playing the pipes, his hourglass beside him. This coincided with Evelyn De Morgan’s similar frieze The Cadence of Autumn, shown below, also from 1905.

Crane appears to have travelled more widely in the early twentieth century, as far as Colombo in modern Sri Lanka, where he painted this gouache Under the Palms at the Galle Face, Ceylon on 17 February 1907.

Original artwork for illustration can become more difficult to classify, as shown in this watercolour and ink drawing for The Mirror, one of Crane’s illustrations for Arthur Kelly’s The Rosebud and Other Tales from 1909.

Although Crane’s Race of Hero Spirits Pass from 1909 may have been in preparation for an illustration to accompany Charles Kingsley’s poem The World’s Age (1849), it was painted in tempera on canvas, suggesting it may have been intended as a standalone easel painting. This was accompanied by the quotation:
“Still the race of Hero-spirits
Pass the lamp from hand to hand;
Age from age the Words inherits –
‘Wife, and Child, and Fatherland.'”

The fourth modern Olympic Games had been held in London the previous year (1908), and may have been his inspiration.

The Judgment of Paris, painted in 1909 in watercolour, returns to the Pre-Raphaelite frieze. Although competent, it lacks the flair and innovation of his earlier depictions of myth.

On 27 February 1910, Crane was on his travels again, this time in North Africa, where he painted this watercolour of Porte de France, Tunis.

I also have two interesting undated paintings I suspect may have come from Crane’s later years.

Painted in a combination of transparent watercolour and gouache, A Diver is an unusual and challenging motif.

His more illustrative watercolour of Nyads and Dryads melds its Dryads in with their trees, puts the ‘Nyads’ or Naiads (water nymphs) in the water, and has a river god watching from the reeds in the distance.

Late in 1914, after the start of the First World War, his wife Frances became unwell and went on a ‘rest cure’ in Kent. She then suffered an episode of acute mental illness and killed herself. Walter Crane died on 14 March 1915, at the age of 69. Although his paintings had already lost their popularity, as a children’s illustrator his accomplishments live on.

References

Wikipedia

O’Neill M (2010) Walter Crane. The Arts and Crafts, Painting, and Politics, 1875-1890, Yale UP. ISBN 978 0 300 16768 9.

Apple has announced that macOS 26 Tahoe will be released on Monday 15 September, slightly earlier than had been speculated. Even if you’re not intending to upgrade to that, you might instead be looking at moving from Sonoma to Sequoia, or perhaps dragging your feet and considering Sonoma as it enters its final year of support. This article considers what you should do when preparing to upgrade macOS.

One of the surgeons I worked for in my first internship in hospital taught me an important lesson in life: when considering the outcome of anything that could go wrong, assume that it will go wrong, and prepare for that. When it actually works out better than you planned for, you can enjoy your success.

Emergencies

The worst case is that your Mac dies during the upgrade. Although that’s also the least likely, you need to think through your disaster plan. I ensure that all my most essential files and data are shared or copied up to iCloud so that I could get by for a day or three without that Mac. A recent full backup is also essential: if your Mac needs to go away to be resuscitated, one way or another that’s what you’ll be restoring from.

Upgrades do bring a tiny but significant risk of bricking your Mac in a way that only a full Restore will recover it. Although this can apply to Intel Macs with T2 chips if a T2 firmware update goes wrong, this is more the preserve of Apple silicon Macs. I’ve recently stepped through your options with full details here. Your first DFU Restore is daunting, but once you’ve done one, you’ll realise that they’re not that challenging if you have the right cable and DFU port. When you’ve restored firmware and macOS, you’ll then be restoring from that last backup, emphasising its importance.

In the days before the SSV, when there was only one boot volume and that could so readily be corrupted during upgrades, you also needed to have an emergency toolkit handy to repair an upgrade that went wrong. These days, the whole of the System in the SSV is either perfect, or macOS has to be reinstalled. Minor glitches are almost invariably corrected by restarting after the upgrade has completed, or starting up in Safe mode (remember on Apple silicon Macs that’s performed from Recovery).

Reverting macOS

The other possibility that you should plan for is beating a hasty retreat and reverting to an older version of macOS. Provided that you’re fully aware of the changes to the macOS interface brought in Tahoe, I think this is less likely for those upgrading from Sequoia, but if you’re skipping a version or two you could still find yourself unable to use a vital peripheral or one of your key apps, leaving you with reversion as your only option.

I’m sometimes asked by eternal optimists whether you can revert to your previous macOS simply by using its SSV snapshot. Sadly, snapshots are of no help: the only way back is to wipe and reinstall that macOS.

On Intel Macs, you’ll need to do this when booted from an external bootable installer, which doesn’t have to be on a USB ‘thumb’ drive, but does still require its own HFS+ volume to work. Apple explains this here, and Mr. Macintosh has links to all available installer apps.

Although you can do that with an Apple silicon Mac, if you have a second Mac and the right USB-C cable, it’s usually quicker and simpler to do this by restoring from the appropriate IPSW file in DFU mode, then restoring your files from your latest backup, as explained here. This is particularly valuable, as it also restores the original firmware, which may be the root of your problems. Unfortunately, that doesn’t seem possible with Intel Macs. Once their firmware has been upgraded, the user isn’t able to downgrade it.

Checklist

• Check you’re prepared to use your disaster plan if needed.
• Consider sharing and copying to iCloud to help you use another Mac or device temporarily.
• Make a full backup immediately before starting the upgrade.
• Restart, or start up in Safe mode, if the upgrade leaves your Mac with problems.
• Reverting to an older macOS isn’t trivial, and will require you to restore from your backup.
• Revert an Intel Mac using a bootable external installer.
• Consider reverting an Apple silicon Mac by restoring it in DFU mode, using an older IPSW.

Whatever you choose to do, I wish you success, and hope that your preparations prove completely unnecessary.

Apple has just released its weekly update to XProtect for all supported versions of macOS, bringing it to version 5314. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version brings no changes in its text data files, specifically its Yara rules. Wondering if I might be missing something, I have also compared the general release XProtect files with those for Sequoia and Tahoe (delivered by iCloud), and they are identical too.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight and SystHist for El Capitan to Tahoe available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5314

Sequoia and Tahoe systems only

This update has already been released for Sequoia and Tahoe via iCloud. If you want to check it manually, use the Terminal command
sudo xprotect check
then enter your admin password. If that returns version 5314 but your Mac still reports an older version is installed, you may be able to force the update using
sudo xprotect update

The Dutch Golden Age brought the rapid development of painting genres such as still life, but its most explosive growth was in those depicting everyday life, from interiors showing domestic activities to maritime views. This article introduces some of those new themes.

Painting scenes of ordinary people undertaking the activities of everyday life, commonly if unhelpfully known as genre painting, was one of the most popular through this period.

Gerard ter Borch’s The Spinner from about 1655 is a fine example with its outstanding rendering of the properties of its different surfaces. Seated at her spinning loom in front of her bed, and with her lapdog in place, this ordinary woman is doing what she did as a matter of routine. Ter Borch’s life and career were based in the Dutch Republic, but he also travelled across Europe, and was even honoured with a knighthood when he was working in Madrid.

Jan Vermeer is now best known for his series of paintings of middle-class women in rooms in his house, lit from the windows on the left of the painting. However, he also painted two remarkable works showing the world outside his house in the city of Delft: this townscape of a street and its occupants in The Little Street above, and the View of Delft waterfront below.

The Republic’s thriving cities, where its artists had their workshops, became the focus of a novel type of landscape depicting their buildings and open spaces, instead of trees and fields.

Gerrit Berckheyde’s view of Groote Market in Haarlem from 1673 shows one the largest of the city’s marketplaces at the close of the Golden Age. He was based in this city, which he documented extensively in his cityscapes.

The Republic had a long shoreline, extensive rivers and canals, and the huge enclosed body of water Zuiderzee. Its merchant and military navies were among the largest of the time. Inevitably, water became a substantial part of Dutch painting, and seascapes were another novel development.

Jan van Goyen’s View of Dordrecht with the Grote Kirk Across the Maas (1644) shows a skyline dominated by the still-unfinished 65 metre tower of the Grote Kerk, built between 1285-1470. At the edges of the city are several windmills, which were already associated with the Republic. Van Goyen studied in Haarlem, then set up his studio in The Hague.

Meindert Hobbema’s view of The Haarlem Lock, Amsterdam from 1663-65 is a good example of a working lock with a raising bridge, showing the masts of many ships in the harbour beyond. A pupil of Jacob van Ruisdael, Hobbema was based in Amsterdam throughout his life.

The great masters of Dutch landscape art like Jacob van Ruisdael must have painted many hundreds of windmills, of which one of the best-known is this view of The Windmill at Wijk bij Duurstede from about 1670. This small town, now a city, is on the bank of the River Rhine, an ideal location for delivering grain by barge, and shipping the resulting flour. Van Ruisdael trained and started his career in Haarlem, then moved to Amsterdam.

With its long coastline and sandy beaches, the Republic was probably the birthplace of the beachscape.

Among Adriaen van de Velde’s earliest surviving paintings are several beach scenes, including The Beach at Scheveningen (1658), which are exceptional for someone who was only twenty-one at the time. Despite the dress and wagons, this has a timeless quality, and gives the most wonderful impression of light and space. Scheveningen is part of the coast of The Hague, although this artist worked in Amsterdam.

More traditional landscapes were adapted to cope with the flat land, and their emphasis shifted to the clouds above.

Under the clouds of Philip de Koninck’s Distant View With Cottages Along a Road (1655), a lone man sits by a pond at the lower right. Behind him a rutted road runs past cottages, down towards a bridge over a river and two towns beyond. The land forms a minority of the view, though, as most of it is cloud. De Koninck was another lifelong resident of Amsterdam.

The Golden Age coincided with a cold phase in the climate, the Little Ice Age, with 1650 the start of its coldest period. Dutch landscapes took advantage of the icy scenes each winter.

Aert van der Neer’s beautifully-lit Sports on a Frozen River (c 1660) includes several who are playing colf, an antecedent of golf which was also played during the warmer months, but was most distinctively played on frozen rivers and canals. This artist also lived in Amsterdam.

Perhaps inevitably, the Dutch Republic profited well from those harsh winters, its merchants doing a thriving trade exporting food to countries whose crops had failed because of the cold weather. Dutch artists appear to have done likewise, and their paintings of winter are now found across Europe, and remain popular on Christmas cards.

Why is it that a fast Apple silicon Mac takes so long to tar and Gzip a large folder? Surely, with all those fast Performance cores, even GB should be compressed in the twinkling of an eye? Could it be that macOS is running the tar command on its Efficiency cores instead, eking out the power? This article explores and explains how macOS sets the priority for command tools and similar binaries.

Threads

There are two key factors at work here. The first is threading, division of the work done by a process into single flows of execution run on one CPU core at a time. Every process has its main thread, and many can also create additional threads that can be scheduled to run in parallel. While macOS can and often will move threads around its cores, a single-threaded process can only run on a single CPU core at a time.

QoS

macOS also allocates threads to cores. Although neither you nor the process control that absolutely, processes can influence it by setting a Quality of Service, QoS, for each of their threads. QoS is chosen from the standard list:

• QoS 9 (binary 001001), named background and intended for threads performing maintenance, which don’t need to be run with any higher priority.
• QoS 17 (binary 010001), utility, for tasks the user doesn’t track actively.
• QoS 25 (binary 011001), userInitiated, for tasks that the user needs to complete to be able to use the app.
• QoS 33 (binary 100001), userInteractive, for user-interactive tasks, such as handling events and the app’s interface.

There’s also a ‘default’ value between 17 and 25, an unspecified value, and you might come across others used by macOS.

If all your Mac’s CPU cores are free and idling, macOS will normally allocate threads with a QoS of 17 (utility) and higher to P cores, and those of 9 (background) and lower to E cores. That isn’t guaranteed, and there are circumstances when all threads are allocated to E cores alone, for example when a laptop’s battery is very low and it goes into energy-saving mode.

CPU History

It’s therefore tempting to assume that when a process runs very slowly, it’s being given a low QoS and is pottering along on the E cores. Although that might be correct, it’s a dangerous assumption to make. In this case, to investigate it further, I’ll take a different compressor that offers control over the QoS used for its working threads, such as my free Cormorant or the wonderful Keka.

When compressing an IPSW file of just over 18 GB, using Apple Archive’s LZFSE method in Cormorant takes 7.4 seconds at the maximum QoS of 33, but 114.7 seconds at the minimum QoS of 9. Performing exactly the same compression using aa from the command line takes about 9 seconds, so is clearly being run at high QoS. But using tar to create a tar.gzip takes forever, even longer than Cormorant running at minimum QoS.

Activity Monitor’s CPU History window is a quick and simple way to see what’s going on here, although you must be cautious when trying to interpret values such as CPU %., because those shown don’t take into account the frequency cores are run at.

This is Cormorant compressing at high QoS on all 10 of the P cores.

And this is the same compression performed at low QoS, so confined to the 4 E cores.

Compressing using aa in Terminal also makes full use of all the P cores available.

Running tar in Terminal does use the P cores, but runs in a single thread that’s shuffled between cores and takes more than 10 times as long as it would if it could be run in 10 threads.

Thus, the reason that tar is so slow isn’t because it’s given a low QoS and run on the E cores, but that it’s single-threaded (and not performant either). If you want better performance, look for a substitute that can make good use of multiple threads running in multiple P cores.

Exceptions

There are plenty of binaries that are run at low QoS, hence on the E cores, including most of those that are run in the background or scheduled using LaunchAgents and LaunchDaemons. Their property lists should specify a QoS name for their Priority key, which is often Background or Maintenance, for them to be run at a QoS of 9 or lower on the E cores alone.

There’s also the possibility that a command tool may run its own threads and assign a low QoS to them, although that should always be documented.

Summary

• By default, command tools run in Terminal aren’t assigned low QoS and run on E cores.
• Tools that run in single threads will invariably be slower than multi-threaded equivalents.
• Use Activity Monitor’s CPU History window to see which core types threads are run on.

By the nineteenth century a great deal was known about how oil paint worked, but the process of polymerisation to produce a robust paint layer wasn’t really understood until well into the twentieth century. As a result, practices that caused structural failure of the paint layer weren’t uncommon, among them the use of pigments like asphalt, and removing drying oil binder in peinture à l’essence. This article looks at the latter, a technique used by Edgar Degas and others.

Tubed oil paints, certain colours in particular, can be oily, and Degas and others experimented with reducing the amount of oil in their paints. Squeezing paint out of the tube onto blotting paper or rag and removing excess oil shouldn’t cause problems, but peinture à l’essence took that to the extreme, in blotting out as much as possible, then restoring viscosity and flow by adding turpentine, a diluent that’s only going to weaken paint binding.

One of Degas’ earliest paintings of a girl and a woman, once he had started to paint ‘modern life’, is his Beach Scene from about 1869-70. It’s also probably one of his first experiments with peinture à l’essence, as demonstrated in its thin and uneven paint layer in the left foreground, by the white hat.

Seven years later, in his paintings of the Ballet at the Paris Opéra here from 1877, Degas experimented with another method of reducing the binder in his paint layer, by applying pastel over a monotype. He first created this painting on a non-absorbent surface, and while that was still wet used that to make a print on paper, which he completed by applying soft pastel on top.

Degas’ Danseuse dans sa loge (Dancer in her Dressing Room) (c 1879) is one of his experimental paintings combining pastel with peinture à l’essence applied to canvas. The detail view below shows how thinly he applied his paint to the ground, although it’s impossible to judge from that how well it’s adhering.

Oil paint has been so successful and its paint layers so robust because the pigment is sealed in a protective layer of polymerised oil. Pastels adhere far more tenuously, with precious little to bind them to the ground. Removing the drying oil and adding essentially unbound pigment will inevitably result in a fragile if not ephemeral result.

Degas’ Women Combing Their Hair (c 1875-6) is also painted in oils, probably using peinture à l’essence, on paper. The detail below show how its light brown ground shows through the thin and fragile layer of paint.

His remarkable composite work, made using peinture à l’essence, of a Dancer Fastening Her Shoe (c 1893-98), brings together four different views of the same dancer fastening her left shoe. This may have been inspired by Muybridge and Marey’s composite photos of human motion, and may well have reflected his own experiments in photography.

Among the other painters who seem to have used peinture à l’essence are Paul Gauguin, in his Vue de la Plage de Bellangenay (View Of The Beach At Bellangenay) (1889) above, and Toulouse-Lautrec, in his Danseuse assise aux Bas de roses (Dancer sat at the foot of Roses) (1890) shown below, which follows Degas in combining the technique with pastels.

This detail shows again a thin paint layer with the ground clearly visible between the painter’s gestural marks.

Even Édouard Vuillard gave way to temptation to paint The First Class Compartment in about 1898-1900 using peinture à l’essence, here on a cardboard ground that has been mounted on a panel support.

Fortunately this fad seems to have passed by the early twentieth century.

It’s now almost a year since macOS Sequoia changed security updates, and I’m still being asked how these work. I also suspect a few are wondering whether there will be any changes coming in Tahoe. This article summarises how these work at the moment, and are expected to continue.

Three XProtects

All reasonably recent versions of macOS have three different security features known as XProtect:

• The oldest XProtect scans code just before it’s run. This uses one or two XProtect.bundle items containing Yara rules that determine the known malware it can detect. Currently, those are updated once a week.
• The newer XProtect.app in /Library/Apple/System/Library/CoreServices is only used in Catalina and later. This runs daily scans to look for malware using its scanning modules, and is also known as XProtect Remediator as it removes malware. Currently, this is updated once a month.
• The newest and hidden Behavioural XProtect watches constantly for suspicious behaviour such as apps accessing folders used by Safari and other browsers, according to its Bastion rules. Those rules are contained inside XProtect.app and are updated with it.

So for the time being, you should expect your Mac to update XProtect’s bundle every week or so, and the XProtect app (XProtect Remediator, and Bastion rules) every month.

XProtect Remediator

Roughly once a month, your Mac should download and install a file named something like XProtectPayloads_10_15-155, where the last three digits are its new version number. This is delivered and installed automatically through Software Update, if you have it set to Install Security Responses and system files. You can also download and install it manually using the softwareupdate command, or, easiest of all, using my free SilentKnight.

Legacy XProtect

All fairly recent versions of macOS have a copy of XProtect.bundle in /Library/Apple/System/Library/CoreServices. This is also downloaded and installed using Software Update, softwareupdate or SilentKnight, and the file name is something like XProtectPlistConfigData_10_15-5314. In versions of macOS before Sequoia, this is the only copy of that bundle, and once that has been installed, XProtect is up to date.

iCloud XProtect

Almost a year ago, Apple changed XProtect in Sequoia, and since then Tahoe has followed suit. They not only have legacy XProtect with its XProtect.bundle in /Library/Apple/System/Library/CoreServices, but they have a separate copy of the same bundle in /private/var/protected/xprotect. If you compare those carefully, you’ll see differences, as the legacy copy is signed, but the other isn’t.

When XProtect is updated, Sequoia and Tahoe therefore download and install those two copies separately. The legacy copy is updated exactly the same as in older macOS, through Software Update, softwareupdate or SilentKnight.

The new copy of XProtect.bundle in /private/var/protected/xprotect can’t be updated by softwareupdate or SilentKnight, though. Updating the legacy copy doesn’t alter or update that, which is instead performed over a connection to iCloud. To check and update that copy, you can use the xprotect command in Terminal. The command
xprotect version
returns the version of XProtect installed in the new (iCloud-based) location, which can be different from the legacy copy. You can check whether an iCloud update is available using the Terminal command
sudo xprotect check
and entering your admin password when prompted to do so. If that version number is higher than that currently installed in the new location, then the command
sudo xprotect update
will download and install XProtect from iCloud into its new location.

Can the two XProtects interact?

In Sequoia and Tahoe, both versions of XProtect.bundle will eventually be downloaded and installed automatically. Sometimes, when you’re installing one, the other is also updated. That doesn’t occur because one updater can also update the other copy, but simply because the automatic update process has run. In the early days of Sequoia, the xprotect update command could update the iCloud version from the legacy version, but that stopped working many months ago.

Another behaviour that can appear confusing is when legacy XProtect updates but the iCloud version doesn’t. That often occurs soon after a new version is released, as it almost invariably is made available via Software Update first, so resulting in the legacy version being updated quickly. Sometimes the iCloud update isn’t made available for several hours later, and that may give the impression that updating the legacy version is somehow blocking the iCloud update. That’s easy to check using the xprotect check command: until that reports the new version is available, the xprotect update command won’t work.

How do I know when these updates are available?

I am sometimes asked where I look to check when XProtect and other updates are available, as if Apple publishes this information somewhere. It doesn’t. I use the same tools that you can use, SilentKnight to check for updates via softwareupdate, and the xprotect command tool for those delivered from iCloud. As soon as I find a new update, I install it here, update the databases on Github used by SilentKnight and Skint, analyse the contents of the update, post the announcement here, post that on X/Twitter, then update this blog’s System Updates page.

Do different Macs update differently?

All the code for these updates is contained in the copy of macOS installed in the SSV, the signed snapshot of the System volume that runs your Mac. For any given version of macOS, all Macs, both Intel and Apple silicon, have identical SSVs, although there are differences in their cryptexes and Data volumes. Thus, XProtect updates work exactly the same on all Macs running Sequoia 15.6.1 from my ancient iMac Pro to my latest Mac mini M4 Pro, and I check those with every update as well.

I hope you find these helpful.