Torpedo:

rt 目前苹果出到了 m4. 公司配的 m1 的 mbp 32+512 的。我感觉已经很好用了。想给老婆买一台替换她 intel 的

那应该买什么版本呢？最新的 mbp m4 不考虑了，比较贵，提升有限

那是应该购买 mba m4 的 16g 呢？ air 我看也有拿来开发的。

还是其他什么版本？

或者二手 m1 、m2 的 mbp

zwyyy456:

rt ，型号是 h27p3 ，支架很拉垮但支持壁挂，国补到手 2124 ，目前 b 站上基本都是商单，也没看到真人分享，有大佬试过吗，能讲讲使用体验吗，老实说有点心动。

dracula95:

最近陆续送修了几台 Mac ，今天去华贸取一台 MacBook Pro ，随便三里屯送修一台 MacBook Air ，北京五家 Apple 直营店，感觉三里屯、王府井人最多，华贸人最少，西单比较小，建议送修去华贸，看美女三里屯。 https://imgur.com/a/lKSpmsq

zwyyy456:

rt ，型号是 h27p3 ，支架很拉垮但支持壁挂，国补到手 2124 ，目前 b 站上基本都是商单，也没看到真人分享，有大佬试过吗，能讲讲使用体验吗，老实说有点心动。

分享一些苹果iPhone手机等iOS设备使用的小技巧。

一、关闭锁屏搜索

设置-面容ID与密码-今天视图和搜索，关闭即可。

二、关闭桌面搜索

设置-主屏幕与App资源库-在主屏幕上显示，关闭即可。

三、关闭半屏模式

设置-辅助功能-触控-便捷访问，关闭即可。

四、自动抠图

长按照片中的人像，可以快速自动抠图。

五、撤销操作

如果不小心删除了文字或照片，可以摇晃两下手机，可以撤销操作并找回。

六、拼音声调

键盘长按字母，可以打出拼音声调。

七、扫描文稿

长按备忘录，选择扫描文稿，可以扫描纸张和身份证件等。

sivanElliot:

估计国行 iPhone 大概率是 iPad 那个策略：
只能在境外添加非大陆运营商 esim ；
非国行在境内无法添加大陆 esim

那么港版 iPhone 等单实体卡的在大陆巨亏，双卡变单卡。

Apple has just released an update to XProtect for all supported versions of macOS, bringing it to version 5292. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version removes the macos_toydrop_b rule for MACOS.ADLOAD, and amends the rules for MACOS.ADLOAD.I, MACOS.BUNDLORE.MDPLST and MACOS.ADLOAD.IN.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5292.

Sequoia systems only

This update has now been released for Sequoia via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then enter your admin password. If that returns version 5292 but your Mac still reports an older version is installed, you can force the update using
sudo xprotect update

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Apple has just released the update to macOS Sequoia to bring it to version 15.4, and security updates for 14.7.5 and 13.7.5.

The Sequoia update for Apple silicon Macs is about 6.2 GB in size, and 3.9 GB for Intel models, making it one of the largest intermediate updates for some years. For Apple silicon Macs, the update to 14.7.5 is about 3.7 GB, and to 13.7.5 about 3.3 GB.

Among the changes listed by Apple for 15.4 are:

• Adds Memory movies in Photos using AI.
• Adds a Sketch Style option in Image Playground, in AI.
• Adds Mail Categorisation.
• Apple silicon Macs with an internal SD card reader now support SDUC cards larger than 2TB.
• This should resolve problems with some M4 Macs being unable to launch Virtual Machines.
• Content filter extensions correctly receive non-TCP/UDP network protocol traffic.
• Finder no longer fails to copy some dataless files from SMB file shares.

Enterprise release notes are here.

Software Update settings will be automatically changed to enable future macOS updates to be downloaded and installed automatically: if you don’t want that, you’ll need to change that setting once your Mac boots in 15.4.

Security release notes are available for Sequoia, Sonoma and Ventura updates. There are a total of 131 vulnerabilities fixed in 15.4, which must be a record. None is reported as being suspected of exploitation in the wild, and the security updates for Sonoma and Ventura are almost as numerous.

Firmware updates include iBoot (Apple silicon) to version 11881.101.1, and T2 Macs to 2075.101.2.0.0 (iBridge 22.16.14248.0.0,0). The macOS build number is 24E248.

The new version of Safari in 15.4 is 18.4 (20621.1.15.11.10). APFS is updated to version 2332.101.1.

As so much has changed, I won’t be posting a separate article listing significant changes: it looks like pretty well everything has!

Just for reference, the Sequoia 15.0 major version upgrade from Sonoma was 6.6 GB for Apple silicon, and 4.9 GB for Intel – those aren’t that much larger than this ‘minor version update’.

Those intending to update Apple silicon Virtual Machines currently running 15.3.2 should be prepared for the 15.4 update to fail. I’ve tried with two VMs now, one with a fresh copy of 15.3.2, and both have failed early during installation with a kernel panic. However, 15.4 does install correctly from the latest IPSW image file. Older VMs with 14.7.4 and 13.7.4 do update correctly to 14.7.5 and 13.7.5 respectively.

[Last updated 1715 GMT 1 April 2025.]

pppddd:

购买动机

国补加教育优惠，便宜到 3000 了，手痒想体验一下

现有的设备

• m1pro
• 一台台式机

使用场景

• 局域网共享文件，看片
• 抖音，B 站剪辑短视频（轻度使用）
• 写代码（轻度使用）

little_cup: 很多年前在 iPod Touch 1st 上注册的 Apple ID ，从国区创立不久就转到了国区，一直在自己的几台 Mac 上使用，买过一些 Mac 付费软件。最近被封了。
打了 400 客服电话，让访问 iforgot.apple.com/unlock ，直接提示「此账户已锁定，无法使用」客服说那他也没办法了。并且出于隐私保护也给不出具体封号的理由…

请问有类似经验的朋友应该怎么投诉才能拿回自己的权利呢？去 12315 投诉有用吗？

Apple has just released an update to XProtect for all supported versions of macOS, bringing it to version 5291. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version amends the Yara rule for MACOS.PIRRIT.OBF.DROPPER, but doesn’t add any new rules.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5291.

Sequoia systems only

This update has also been released for Sequoia via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then enter your admin password. If that returns version 5291 but your Mac still reports an older version is installed, you can force the update using
sudo xprotect update

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Macs have developed their own mythology, and this week I unintentionally came across a myth that developed over a year ago. Like so many it was born from a chance observation, this time of a new background process that appeared on 25 October 2023 in macOS Sonoma 14.1, and was reported in 9to5Mac on 3 November 2023.

Discovery

The process in question is liquiddetectiond, and as 9to5Mac’s headline claimed, it meant that “Macs can now inform Apple if any liquids have been detected in the USB-C ports”. That article argued that “it seems more likely that the data collected by this daemon will be used for technicians to determine whether a Mac is eligible for free repair.” “Putting a digital liquid detector on USB-C ports is just another way to ensure that technicians are right about claiming that a Mac has been exposed to liquids.”

That, and a couple of linked reports elsewhere, brought a small flurry of comments about how typical this was of Apple, then all went quiet until 9to5Mac’s article was picked up by Hacker News on 9 January 2024 and generated 340 comments. Predictably, most either castigated Apple’s behaviour or disappeared down rabbit holes about unrelated topics. Among them, though, was one precious insight: “It prevents the device from applying/draining power from any pin in such a state, mainly to reduce corrosion of the contacts and increase longevity.”

By the middle of January last year, the story had gone cold, and everyone must have gone away with their worst fears confirmed. You couldn’t even get a USB-C port damp in your Mac any more, as Apple would use that as an excuse to void your Mac’s warranty.

Documentation

Apple’s first word on the subject seems to have been in a support note published on 23 November 2024, which passed largely unnoticed. This announced liquid detection as a feature new to macOS Sequoia when running on only the following models:

• MacBook Air M3 and later
• MacBook Pro with M3 Pro or Max
• MacBook Pro with M4 base, Pro or Max

none of which had been released at the time of 9to5Mac’s report, although the second were released four days later, on 7 November 2023.

If there’s liquid in one of their USB-C receptacles (ports) when a USB-C cable is connected to it, this new sensor should detect it and alert the user, advising them to shut the Mac down, disconnect all cables and leave it to dry.

This is in addition to, and separate from, what Apple terms Liquid Contact Indicators (LCI), that have long been fitted to laptop Macs and some Apple wired and wireless keyboards “to help determine if these products have been exposed to liquid,” according to this support note.

Was Apple just making excuses, or was this new liquiddetectiond service intended to benefit the user?

Evidence

I stumbled into this innocently last week when I was looking at Accessory Security, a feature confined to laptop Apple silicon models. By chance, the laptop I was using was a MacBook Pro M3 Pro, one of the few in which liquid detection works. There, on several occasions in its log, after connecting a Thunderbolt cable, its liquid detection system checked that the USB-C port was dry, in a series of log entries like:
0.887 liquiddetectiond Starting LDCM Now
0.887 liquiddetectiond LDCM Discovery is enabled.
0.889 liquiddetectiond LDCM - Matched with V4...
0.890 liquiddetectiond LDCM - checkIsReceptacleEmpty: 0
0.890 liquiddetectiond LDCM - Handling LDCM interrupt event for port 2
0.890 IOAccessoryManager IOPortFeatureLDCMUserClient::_copyData(): Copying LDCM data... (target: Port-USB-C@2/LDCM)
0.890 liquiddetectiond LDCM - Feature Status: 0, Completion Status: 0, Measurement Pin: 0 Mitigations Status: 0, Wet: 0, Wet State Duration: 0
0.890 liquiddetectiond LDCM - checkIsReceptacleEmpty: 0
0.890 liquiddetectiond LDCM: liquidDetected: 0, receptacleEmpty: 0, shouldShow: 0
(Times given in seconds elapsed.)

But on my more recent Mac mini M4 Pro running Sequoia, all I saw was that LDCM is not supported on this device.

Attempts to connect over the network are obvious in the log, and on not one of the occasions that liquid detection was performed did that MacBook Pro try to connect to any remote site. Maybe its reports could have been embedded in other analytics data passed to Apple later, but there was absolutely no evidence that the results of liquiddetectiond went beyond the confines of my Mac.

This demonstrates the importance of testing out hypotheses, and of reading the log. Even without the benefit of Apple’s recent support note, it should have been easy to demonstrate this behaviour, yet no one seems to have attempted to.

Explanation

Claims made of the role of liquid detection in USB-C ports also don’t make sense. As with most laptop manufacturers, Apple already builds Liquid Contact Indicators into components of laptop Macs within their case. These are most frequently affected by spillage of drinks on a laptop’s keyboard, resulting in any of a wide range of water-based liquids from coffee to cognac entering the case. That often results in extensive damage to the logic board and other components, that are expensive to replace.

But a damp USB-C port is quite a different matter. It could occur in a laptop that had been out in the cold and was then brought into a warm and more humid environment, the same sort of conditions that steam up your spectacles. Over time, that could lead to corrosion of the contacts in the USB-C ports, and unreliable connections.

Because each release of macOS is identical across all models of Mac, although only a few of the most recent models feature liquid detection sensors in their USB-C ports, the liquiddetectiond service runs in the background of all Macs running Sequoia. It’s to be found inside /System/Library/CoreServices/liquiddetectiond.app, which isn’t even a bundle, just its Mach-O binary and an image of the warning sign displayed. It’s run through its LaunchDaemon com.apple.liquiddetectiond.plist, which you’ll also find in the SSV of every Mac.

As is so often the case, the truth behind the myth is more prosaic, and doesn’t involve Apple secretly capturing data from your Mac, nor conspiring to dodge warranty repairs. In fact, if you look at the warranty terms of pretty well every other laptop manufacturer, they too exclude damage caused by liquid ingress, as demonstrated by their Liquid Contact Indicators. And some are also starting to fit similar liquid detection sensors in their USB-C ports. But don’t let those get in the way of a good myth.

Apple has just released an update to XProtect for all supported versions of macOS, bringing it to version 5290. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version adds a single new Yara rule for MACOS.SLEEPYSTEGOSAURUS.SYM.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5290.

Sequoia systems only

This update has just been released for Sequoia via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then enter your admin password. If that returns version 5290 but your Mac still reports an older version is installed, you can force the update using
sudo xprotect update

Hurrah!

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Updated 1840 GMT 11 March 2025, announcing iCloud release!

Apple has just released an update for macOS Sequoia bringing it to version 15.3.2. There are also Safari updates available for Sonoma and Ventura.

The update for Apple silicon is about 1.45 GB in size, while that for Intel Macs is around 600 MB.

Security release notes are already available, and list a single WebKit vulnerability, that Apple states is a supplementary fix for an attack that was blocked in iOS 17.2, and in iOS had been exploited before it was fixed in iOS 17.2.

Updated with Safari info, 1930 GMT 11 March 2025.

#欢迎关注爱范儿官方微信公众号：爱范儿（微信号：ifanr），更多精彩内容第一时间为您奉上。

爱范儿 | 原文链接 · 查看评论 · 新浪微博

Over the last nine years, few of my articles here have been about XProtect, other than those announcing its updates. Until September 2024 and the release of macOS 15 Sequoia. This is now the tenth article I have written about the problems brought by XProtect updates in Sequoia over those six months, when there have been just 13 updates. The result of the last, on 4 March, was that for two days afterwards, many Macs running Sequoia were still using its data from 26 February rather than that in the new version 5289.

This not only affects XProtect, but the other front-line tool in macOS to detect and remove malicious software, XProtect Remediator (XPR). Earlier this year, I reported that at least 17 of the 24 scanning modules in XPR now use Yara definitions provided by XProtect’s data. All those Macs still running the superseded version of XProtect would also have had XPR scans run using that old version of the Yara rules.

XPR is a recent addition to these tools, introduced just three years ago, but XProtect goes way back before Yosemite in 2014. Although there have been occasional brief glitches in delivery of its updates, they have almost invariably completed quickly and reliably, leaving very few Macs stuck with an outdated version 24 hours after an update.

I have now come to dread XProtect updates because of the problems we encounter, and the latest update to 5289 was a good example. There’s a flurry of comments and emails from those whose Macs had failed to complete the update, previously a rare exception. For XProtect 5287 on 5 February, for example, there were 33, including my responses. For version 2184 exactly a year earlier there’s not one comment about that XProtect update.

Sole documentation provided about XProtect’s updates in Sequoia is the man file for its command tool, xprotect, which refers only to updates provided via iCloud, and doesn’t explain how those delivered via the traditional mechanism in softwareupdate might be involved. Yet we know there is a relation: the latest update has still not been supplied via iCloud, not even four days later, but relied instead on XProtectUpdateService working with an update obtained via softwareupdate. Previously that could be invoked using the xprotect update command, but that no longer works, leaving users with two versions of XProtect data, of which the copy used by XProtect and XPR is the older.

Late last year, when xprotect update appeared to be working as expected, I decided that my app SilentKnight would need to use that command in order to download and install updates. As that requires elevated privileges, I have been looking at how to implement a privileged helper app to perform that. With the latest update, that approach would have failed until the version in iCloud had been brought up to date. Instead we’re now reduced to restarting our Macs and hoping that, some time in the next day or two, they might update.

There’s a further problem emerging with the updates of 4 March. Many users have noticed subsequent XPR scans being terminated before completion. Although in most cases that fault appears to go away in later scans, in some Macs it prematurely terminates every set of XPR scans, leaving several of its scanning modules unused.

For example, this iMac Pro has failed to scan using ten of its 24 modules. This occurs because XPR apparently runs a timer, and when a round of scans is deemed to be taking too long, that timer fires and brings XPR to an abrupt halt. Indications are this is most likely when there are many Time Machine backups accessible; as those are all immutable snapshots and haven’t changed since they were made months ago, this is strange behaviour, and hadn’t occurred prior to the updates of 4 March.

Six months ago, if anyone had told me that macOS security protection in Sequoia was going to become less reliable, I wouldn’t have believed them. The truth is that, for many, it now has. As things stand in 15.3.1, a Mac is now more likely to be using an out of date version of XProtect’s detection rules, and for XPR scans to detect and remove malware. And there’s nothing you can do about that until Apple returns to using an update mechanism that’s both timely and reliable. Is that really too much to expect of this front-line security protection?

Selected previous articles:

What is happening with XProtect updates?
XProtect tormentor
How XProtect has changed in macOS Sequoia
A simple guide to how XProtect installs and updates in Sequoia
XProtect has changed again in macOS Sequoia 15.2
What happened with XProtect?
What has happened to XProtect in Sequoia?

Apple has just released updates to XProtect for all supported versions of macOS, bringing it to version 5289, and to XProtect Remediator for all macOS from Catalina onwards, to version 151. As usual, Apple doesn’t release information about what security issues these updates might add or change.

Yara definitions in this version of XProtect add two new rules for MACOS.TAILGATOR.RST.CT and MACOS.TEPIDTEA.

XProtect Remediator doesn’t change the list of scanner modules.

There is a new Bastion rule 13 for the behavioural version of XProtect (Ventura and later). This watches for execution of PasswordManagerBrowserExtensionHelper in CoreServices, in the App Cryptex, and makes an immediate report with the Signature Name of macOS.PasswordExtension.Exec if that occurs.

You can check whether these updates have been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install these as named updates in SilentKnight, their labels are XProtectPayloads_10_15-151 and XProtectPlistConfigData_10_15-5289.

Sequoia systems only

This update hasn’t yet been released for Sequoia via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then enter your admin password. If that returns version 5289 but your Mac still reports an older version is installed, you can force the update using
sudo xprotect update

This version is currently only available via Software Update, softwareupdate, or in SilentKnight, and not via iCloud. If your Mac is running Sequoia and you download it that way, the xprotect update command might take a while to use that downloaded version to update your Mac properly. As a result, the version of XProtect shown may remain at 5288, but should later change to 5299.

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Updated 1720 GMT 5 March 2025 following a ‘spontaneous’ update at 1631, although sudo xprotect check is still reporting the old version.

Apple has just released an update to XProtect for all supported versions of macOS, bringing it to version 5288. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version adds two new rules for MACOS.TAILGATOR.UPD and MACOS.TAILGATOR.INLASCLDR.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5288.

Sequoia systems only

This update is also available for Sequoia via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then entering your admin password. If that returns version 5288 but your Mac still has an older version installed, you can force the update using
sudo xprotect update

This version is now available via Software Update, softwareupdate, or in SilentKnight as well. If your Mac is running Sequoia and you download it that way, rather than using iCloud, then once it’s installed you’ll need to run the update command for that to take correctly.

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Last week, in a quiet village nestling between golf courses in the Green Belt of Surrey, to the south of London, a huge void opened up in its High Street. Some of the older locals recalled there were old mine workings in the area, making it plausible that sinkhole may be due to the collapse of those abandoned mines or tunnels. What has shocked the residents of Godstone is unfortunately not uncommon, the result of failure to restore the land and what’s under it before developing on top.

Last week, after a long period of deliberate abstinence, I returned to the subject of permissions, privacy and security protections, and how they conspire to prevent us from accessing our own documents and files. In this case, there’s a warren of underground tunnels that can collapse when you’re least expecting it, although most aren’t disused but still active and poised to turn into voids of misunderstanding.

Privacy controls over locations started in macOS Mojave back in 2018, and ~/Desktop, ~/Documents, ~/Downloads, removable volumes and others were added in Catalina the following year. These have become so “transparent”, to use Apple’s well-worn euphemism, that developers have criticised them relentlessly since, and most users are still completely at sea with them, over five years later.

Apple’s Mac User Guide for Sequoia now lists 32 protection categories from Location Services to Lockdown Mode, but explains remarkably little. It passes over in silence the distinction between settings for Files & Folders and those for Full Disk Access. Presumably it leaves each individual app with the task of explaining those to the user, in the context of that app’s potential access.

This is the extent of its current explanations for users:

• Files & Folders “allow apps to access files and folders in different locations on this Mac. The listed apps have requested access.”
• Full Disk Access “allows apps to access all files on your computer, including data from other apps (for example, Mail, Messages, Safari and Home), data from Time Machine backups and certain administrative settings for all users on this Mac. To add an app, click the Add button, select the app in the list, then click Open.”

For once, information given in Apple’s Platform Security Guide is briefer, and it does come a bit closer to making that distinction, even if it avoids using the term Full Disk Access, and muddies the waters by referring instead to “full internal storage access”, which isn’t accurate.

Nowhere does Apple explain how those privacy settings interact with permissions, or any of the unexpected behaviours that we’ve become used to since Mojave. For example, some still report that an app that has been able to open a document without problems is unable to save that document, even though that file and its folder have appropriate permissions set. This has been associated with documents whose default app has been changed from that set for that document type, and undocumented extended attributes such as com.apple.macl, which is even protected by SIP to prevent the user from trying to rectify the behaviour.

For developers, there’s a long series of WWDC presentations reporting the many changes that have been made to extend privacy protection without addressing its user interface, and Apple’s Developer Forums. But if your app wants to discover whether it has been given Full Disk Access by the user, “Except in very limited circumstances, there’s no good way to:

• tell if you have the Full Disk Access privilege
• explicitly ask for the privilege.”

What if alongside its concerted effort to deliver us Apple Intelligence, it were to devote a little time to design and implement a consistent and integrated interface to permissions, privacy constraints and other limitations to what we can open and save on our Macs, and deliver it in the Finder rather than by trial and error? If Apple doesn’t address this soon, these cracks could open up like that sinkhole in Godstone.

If the Mac is to be the computer for the rest of us, it also needs to give access to more advanced controls by scripting its actions. This article traces some of the more significant attempts to bring scripting to the rest of us.

Over the last forty years there have been dozens of programming and scripting languages that have been developed for, or ported to, Mac OS. The great majority have had no pretensions of use by regular users. The first intended to be used by anyone and everyone was HyperTalk, released three years after the original Mac.

HyperTalk (1987)

Apple’s hypertext authoring environment HyperCard contained its own scripting language HyperTalk. For many of those who built brilliant HyperCard stacks, this new scripting language was the first programming language they had used. Sadly, although seriously cool in its day, HyperTalk was both limited and limiting, as most came to discover.

If you’ve written AppleScript, HyperTalk has a distinct familiarity in its informal language, often mistakenly claimed to resemble normal English. This code snippet illustrates that:
on mouseUp
put the value of card field "age" into theAge
end mouseUp

HyperTalk spawned many imitators, and some like SuperCard went on to outlive it, but by 2000 HyperCard and HyperTalk were all but dead.

UserTalk (1988-92)

In 1988, Dave Winer started developing a scripting language that became UserTalk in Frontier, released in 1992. Built around an object database, Winer took his early work to Apple. In 1988-89, Jean-Louis Gassee, then president of Apple Products Division, announced the formation of a HyperTalk Standards Committee to develop a scripting language, and Apple agreed with Winer that they would each develop their own mutually compatible scripting systems.

After Apple’s release of AppleScript, Frontier’s UserTalk declined in popularity. By 1994, Winer was burnt out, and the following year Frontier moved on to become a cross-platform Web content management system.

AppleScript (1988-93)

In some respects a successor to HyperTalk, AppleScript was released in October 1993, with System 7 Pro version 7.1.1. Despite all the odds, and several determined attempts to strangle it, it’s still supported in macOS Sequoia.

The concept behind AppleScript is simple: scripts that compile to a series of instructions for dispatch by macOS to their destination application, which in turn is controlled by those commands to perform a co-ordinated sequence of functions. At their simplest, these can open a document and print it, for instance. At their most complex, they can automate intricate and repetitive tasks that are messy in a GUI.

As a minimum, every application supports a core of commands to play clean with the Finder and macOS. Those, and the suites of additional commands that bring joy to the scripter, are documented in standard formats within each application’s dictionary, which can be browsed by the bundled Script Editor and other tools. Rather than having to locate additional documentation sets specific to each application, all a scripter should need to do is open the dictionary.

Complexity comes because AppleScript is in fact an object-oriented language as sophisticated as Objective-C; don’t be deceived by its apparently relaxed and informal style, with examples such as
tell application "System Events"
set mailIsRunning to application process "Mail" exists
end tell
if mailIsRunning then
-- do one thing
else
-- do another thing
end if

You might use that code to set up a script that interacts with the Mail app. It first asks macOS whether it knows that Mail is running, and depending on the answer it executes the code that you insert where the comments (prefaced by ‘--‘ characters) are placed. Unlike the majority of programming languages, punctuation marks are used sparsely in AppleScript, making it considerably easier to write code that works, rather than tripping over a missing semicolon.

When ready to test your script, it compiles into intermediate code, and the editor automatically checks, formats and colours your source code, reporting any errors that it finds. When run, the intermediate code works through macOS to fire off AppleEvents (AEvents) to trigger the target applications to perform the actions.

For the more serious AppleScript coder bundled support was too limited, and it was the arrival of Mark Alldritt’s Script Debugger in late 1994 that unleashed its full power. Sadly, Script Debugger is retiring this year after over 30 years of innovative development.

Although AppleScript was integrated into Apple’s Xcode as AppleScript Studio, in recent years it has been left to languish, with occasional rumours of its demise.

Prograph (1982-89)

In 1989, the visual programming language Prograph was launched on the Mac. Sometimes described as a dataflow language, and thoroughly object-oriented, it won awards, was ported to Windows in the late 1990s, but was last seen running as Marten.

In this example method, data flows from the top to the bottom. Normally terminals on the top ‘shelf’ of the method diagram represent the inputs to that method. Data then flows from the top shelf through the intermediate processes, until it reaches the bottom. If there are outputs from the method, they are gathered by connections made to terminals on the bottom ‘shelf’ in the method. Order of execution is not prescribed, and can take place whenever data is available; this allows for inherent concurrency, and the potential to exploit multiprocessor systems without the need for language primitives.

Shell scripts (2001)

With the advent of Mac OS X 10.0 Cheetah came Terminal and shell scripts, inherited from NeXTSTEP. Although powerful and popular with those who prefer this Unix-based approach, they have predictably had limited impact on the regular user wanting to script actions on their Mac.

Automator (2002-05)

Even ‘natural’ programming languages like AppleScript have to be learned, a task that many find too verbal and mechanical. Recognising this, Apple introduced Automator in OS X 10.4 in 2005 to produce custom workflows and apps using more intuitive visual tools.

Although often assumed to be a development of AppleScript, apart from its ability to run AppleScript objects, Automator is very different. Instead of relying on AppleEvents and dictionaries, Automator’s modular actions are separate code objects installed in the Automator folder in a Library folder. macOS comes with a huge free library of actions that can accomplish tasks you might pay good money for, so familiarity can save cost.

Automator is highly extensible, as its actions can include both AppleScript code and Terminal shell scripts. Thus if you cannot find a standard action to do what you want, if it can be expressed in a suitable script, you can build that into your workflow. Nevertheless, in 2021 Apple announced that Automator was to be succeeded by Shortcuts.

Swift Playgrounds (2014-16)

From the early days of the Mac, Apple has invested in programming languages designed to make best use of its APIs. In Classic times, that was Object Pascal, and its open-source class library MacApp. In 2014, Apple released a new language intended to be the preferred choice across all its platforms, Swift. From those early days, Swift has had an interactive mode, based on the read-eval-print loop (REPL) popularised by Lisp. This versatility has been developed in Swift Playgrounds, recently renamed in the singular, both within Xcode and as a standalone app targeted at those learning to code for the first time.

As an introduction to Swift in education, this has been impressive, but it hasn’t yet proved a gateway for those who didn’t really want to learn how to use Xcode in the first place.

Shortcuts (2014-21)

Shortcuts started out in the winter of 2014-15 as Workflow by DeskConnect. Apple bought it in 2017, and it became Shortcuts the following year, when it was integrated into Siri in iOS 12. Its arrival in macOS 12 was announced at WWDC in 2021, as Automator’s intended successor.

While Shortcuts on macOS can run AppleScript and shell scripts, the mechanisms involved in Shortcuts’ actions are completely different from AppleScript and Automator. For an app to support all three well requires it to present four different interfaces: one for the user in the GUI, AppleEvents for AppleScript, Automator actions, and now Shortcuts actions.

While Shortcuts has attracted quite a following, particularly in iOS and iPadOS where it’s the first real scripting environment, its impact in macOS has so far been limited. Like all its predecessors, it still hasn’t brought scripting to the rest of us.

Credits

HyperTalk: Dan Winkler
UserTalk: Dave Winer and Doug Baron
AppleScript: William R Cook and many others
Script Debugger: Mark Alldritt and Shane Stanley
Prograph: Tomasz Pietrzykowski, Jim Laskey and others
Automator: Sal Soghoian and other Apple engineers
Swift Playgrounds: Chris Lattner, Doug Gregor, John McCall, Ted Kremenek, Joe Groff and others
Shortcuts: Ari Weinstein, Conrad Kramer and Nick Frey

Selected references

HyperCard Pantechnicon, in the Internet Archive
Dave Winer’s Story of Frontier and AppleScript
Apple’s AppleScript Overview, last revised 31 October 2007
Apple’s Mac Automation Scripting Guide from 7 June 2018
Script Debugger history from Mark Alldritt
Wikipedia on Prograph
Automator and other automation
Apple’s Swift Playground page
Apple’s Shortcuts User Guide for macOS

Apple has just released a security update to macOS Sequoia to bring it to version 15.3.1, and security updates for 14.7.4 and 13.7.4. There don’t appear to be any associated updates to Safari.

Sequoia 15.3.1 update for Apple silicon is about 1.43 GB in size, and about 640 MB for Intel Macs.

Although these updates are listed on Apple’s security release notes page, they have no published entries, so there’s no information as to what they might address.

Apple silicon Macs have a firmware update, taking iBoot to version 11881.81.4, but there are no changes to firmware in Intel Macs.

The macOS build number is 24D70, and Safari remains at version 18.3 (20620.2.4.11.5). Messages has single minor build increment, but there are no other significant changes in bundled apps or in /System/Library.

Last updated at 1953 GMT 10 February 2025.

Yesterday’s brief history of ColorSync was one of the most interesting in this series to research. In most cases, these brief histories cover well-trodden ground, with several previous accounts to provide a framework for my collection of screenshots and personal experience. On this occasion, even Wikipedia was vague and brief. Yet at the time ColorSync’s role was of great importance, as faithful colour reproduction was so essential to the creatives and businesses that relied on Macs.

It’s also a richly multi-disciplinary field, drawing on neurophysiology, physics, colour science and perceptual psychology. Key concepts like the modelling of colour appearance have grown into lengthy and highly technical books, several of which I seem to have collected over the years. They also provide absorbing accounts of the lengthy journey over several centuries to bring basics such as colour order systems.

In 1615, the Flemish physicist Franciscus Aguilonius, also known as François d’Aguilon, (1567-1617) was the first to propose a colour line extending from white (albus) to black (niger), passing through the primaries of yellow (flavus), red (rubeus), and blue (caeruleus). Below that are secondary combinations of orange (aureus) and purple (purpureus), with green (viridis). This was published in his six volume treatise on optics, whose title page and illustrations were designed by Peter Paul Rubens.

In the early twentieth century, Albert Henry Munsell (1858-1918) devised a system closer to those used to specify colour today. This shows the circle of ten hues, here displayed with values of 5 and chromas of 6. The vertical value scale ranging from 0 to 10 is shown in neutral colours, from black to white. A wedge of constant 5PB hue is then shown at a fixed value of 5, the chromas ranging from 0 (grey) to 12 (pure colour).

Contemporary designers are also familiar with the Pantone System of swatches of standardised colours, that have become standards in several sectors such as process colour printing.

The problem tackled by ColorSync is that no device used with computers can represent the full range of colours, each having its own range or gamut. For colour to appear consistent in the image captured by a scanner or camera, on the display used to adjust settings such as white point and balance, and in the final printed page, colours have to be adjusted or mapped to look right on that device. To do that each device has its own colour profile, and a colour management system adjusts colours on each according to the desired quality and goals of the operator.

Most of the principles involved were known before the arrival of Macs. But when Apple, Adobe, Agfa, Microsoft, Kodak, Silicon Graphics, Sun and Taligent (an Apple-IBM partnership) sat down together in 1993 as the International Colour Consortium, they had a lot of work to do before photographers and designers could have confidence that their work would survive the journey into print retaining what appeared to be faithful colour.

ColorSync and colour management is but one example of the broad range of fields that form the basis of what we do on our Macs, from floating point computation to Unicode text. With the marketing drive to sell modern computers as appliances, we have lost sight of what goes into them. Just as with transport history, our view of what happened is largely superficial and limited to the tangible in collections of hardware.

This misleads us into thinking that today’s Artificial Intelligence is somehow capable of replacing human research and discovery when all it can really do is rehash what we have created in the past. If any of today’s much-vaunted large language models could have started to tackle the problems addressed by ColorSync during the 1990s, do you seriously think that they would have come up with the solutions embedded in Mac OS X less than a decade later? For without prior knowledge won by humans, we’d still be wrestling with the number of rs in the word strawberry.

Let’s celebrate human achievement and empower that instead.

Apple has just released an update to XProtect for all supported versions of macOS, bringing it to version 5287. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version adds two new rules for MACOS.FLUFFYFERRET.CT and MACOS.TAILGATOR, together with a complete set of UUIDs for all existing rules.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5287.

Sequoia systems only

This update is now also available for Sequoia via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then entering your admin password. If that returns version 5287 but your Mac still has an older version installed, you can force the update using
sudo xprotect update

This version is now available via Software Update, softwareupdate, or in SilentKnight as well. If your Mac is running Sequoia and you download it that way, rather than using iCloud, then once it’s installed you’ll need to run the update command for that to take correctly.

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Updated 2240 GMT 5 February 2025 with iCloud release.

Apple has overnight released an update to XProtect for all supported versions of macOS, bringing it to version 5286. As usual, Apple doesn’t release information about what security issues this update might add or change.

This version removes the rule for MACOS.1afcb8b, and adds three new rules for MACOS.FROSTYFERRET.UI, MULTI.FROSTYFERRET.CMDCODES and MACOS.FRIENDLYFERRET.SECD. It seems the animal of the week is a ferret.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

A full listing of security data file versions is given by SilentKnight, LockRattler and SystHist for El Capitan to Sequoia available from their product page. If your Mac hasn’t yet installed this update, you can force it using SilentKnight, LockRattler, or at the command line.

If you want to install this as a named update in SilentKnight, its label is XProtectPlistConfigData_10_15-5286.

Sequoia systems only

This update is also available for Sequoia only via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then entering your admin password. If that returns version 5286 but your Mac still has an older version installed, you can force the update using
sudo xprotect update

This version is now available via Software Update, softwareupdate, or in SilentKnight as well. If your Mac is running Sequoia and you download it that way, rather than using iCloud, then once it’s installed you’ll need to run the update command for that to take correctly.

I have updated the reference pages here which are accessed directly from LockRattler 4.2 and later using its Check blog button.

Early today Apple released an update to XProtect for macOS Sequoia only bringing it to version 5286. As usual, Apple doesn’t release information about what security issues this update might add or change. Macs running earlier versions of macOS should still be using version 5285.

This version removes the rule for MACOS.1afcb8b, and adds three new rules for MACOS.FROSTYFERRET.UI, MULTI.FROSTYFERRET.CMDCODES and MACOS.FRIENDLYFERRET.SECD. It seems the animal of the week is a ferret.

You can check whether this update has been installed by opening System Information via About This Mac, and selecting the Installations item under Software.

This update is now available for Sequoia only via iCloud. If you want to check that manually, use the Terminal command
sudo xprotect check
then entering your admin password. If that returns version 5286 but your Mac still has an older version installed, you can force the update using
sudo xprotect update
Currently, this new version isn’t available via Software Update, softwareupdate, or in SilentKnight, and is only available via iCloud connections to Macs running Sequoia.

The macOS 15.3 update introduces Genmoji creation in Messages and other apps on Apple silicon Macs, and improves notification summaries with an updated style and access from the Lock Screen (Apple silicon only). Notification summaries for News & Entertainment have been temporarily disabled while the engineers fix them. Those who don’t wish to use AI should ensure that they turn it off, as 15.3 now enables it by default when it’s supported.

Bugs fixed include improved stability for apps over VPN connections when using the built-in software firewall and content filter extensions, and successful AirPlay connections with the firewall and content filters. Brief release notes are here, and those for Enterprise are here. Security release notes are available here, and list 57 vulnerabilities, one of which is believed to have been actively exploited in iOS.

iBoot firmware on Apple silicon Macs is updated to version 11881.81.2, and T2 firmware to 2069.80.3.0.0 (iBridge: 22.16.13051.0.0,0). The macOS build number is 24D60, with kernel version 24.3.0.

Significant changes in bundled apps include:

• Contacts, build increment
• Freeform to version 3.3
• News to version 10.2.1
• Passwords to version 1.3
• Photos, build increment
• Safari to version 18.3 (20620.2.4.11.5)
• Stocks version 7.1.1
• Tips version 15.3.

Many of the usual public and private frameworks have build increments, particularly those involved in AI. However, this update appears to be more incremental bug-fixes and improvements, rather than anything more extensive or radical. Significant changes seen in /System/Library include:

• In CoreServices, Paired Devices.app to version 6.4.0
• Many AGX kernel extensions to version 324.6
• APFS is updated to version 2317.81.2.

Apple has just released the update to bring macOS Sequoia to version 15.3, together with security updates 14.7.3 and 13.7.3 for those using Sonoma or Ventura, who should also update to Safari 18.3 separately.

In Sequoia, this introduces Genmoji in Messages and other apps (Apple silicon only), and brings improvements in AI on Apple silicon Macs, although notification summaries for News & Entertainment are temporarily unavailable while they’re being sorted out.

Security release notes for Sequoia 15.3 are here, and list some 57 vulnerabilities that have been addressed, of which one is believed to have been actively exploited in iOS. Notes for Sonoma’s 38 fixes are here, and those for Ventura’s 30 are here.

Firmware on Apple silicon Macs (iBoot) is updated to version 11881.81.2, Safari to version 18.3 (20620.2.4.11.5), and the macOS build number is 24D60.

The 15.3 update is around 2.54 GB to download for Apple silicon Macs, and 1.93 GB for Intel models.

There’s also a separate update to XProtect imminent. I’ll post details about that separately.

Updated 1908 GMT on 27 January 2025.