It's a shame Apple has decided that if the launch agent or daemon lives in the System folder that means the user/admin should have zero control over it. I should be able to disable any launchd job on my computer end of story.
What sucks is that you can't disable SIP without _also_ disabling disk encryption ("FileVault"), because Apple changed from full disk encryption to only encrypting user data, and relying on SIP and crypto hashes to protect the system partition. Therefore, you can't "safely" disable SIP, as you'd be able to boot into recovery mode and perform an evil maid attack.
This is really irritating, both that:
- I can't "accept the risk" and force disk encryption anyway. This may be technically possible if you bludgeon the OS enough, but it's definitely not something the built in CLI tooling supports.
- I can't use the old full disk encryption mode. Presumably, this code does or did still exist somewhere, but isn't supported because it's not used in any supported configuration.
So you're left with the option of having no disk encryption on your laptop, or having SIP.
EDIT: I'm thinking of SSV, not SIP per se. But when it comes to disabling the built-in launchd services like Spotlight, you have to disable SSV to do so, and that requires disabling FileVault.
I know the writing has been on the wall for a while but as a former fanboy, I just didn't see it. When SIP was released, it was my first "ah ha" wake-up call that Apple is no longer building software for me. Ten years later, it's still getting worse. This idea that the owner of the computer is not the ultimate authority over what is running on that computer is slowly seeping its way into macOS and with every release it seems to get worse. That and the ecosystem of apps that abandon you if you're running N minus 3 or earlier macOS.
I'm finally starting to de-Applify my home computing and slowly removing my and my family's dependence on the Apple ecosystem. Replacing an old Mac Mini here, replacing an old MacBook there. It's been a long time coming, but I'm out.
I'm not even mentioning Tahoe which is a disaster but doesn't bother me because I don't have a single machine that can run anything past Ventura anyway.
You appear to be confusing System Integrity Protection with the Signed System Volume. FileVault works fine with SIP disabled. But you can't disable SSV without disabling FileVault.
Yes, this is true! I was thinking about "disabling SIP" in the sense of being able to modify the system to e.g. disable the Spotlight launchd service. My mistake.
But still -- you can't "unlock" the system (in this sense) without disabling SSV, which requires disabling FileVault.
I’m not a turn spotlight off guy but it is a bit of a pig in terms of apple’s approaches to system crawling and indexing and how it leaves its metadata detritus all over the disk. I can see the desire to disable it for some.
Challenge with trying to use Raycast more broadly in lieu of Spotlight for systemwide search is Raycast appears to be built on top of the spotlight indexes (mds mdworker)
> Never in the past decade have I thought to myself, "gawrsh, I wonder where this file is on my laptop hard drive."
I do, but 80% of the time I'm able to locate it by opening the directory where I would put it. And 10% it's in the "other" directory. And since I have the shell history, in the remaining case it is still a simple search.
That might be true in theory, but in practice a find oneliner is still the fastest way to find things. It shouldn't be the case, but a fulltext search is faster than using the OS index, because the former is stable and improved for decades by low level developers, while the later is continuously recreated by people who like Javascript in the UI libraries of the OS.
Went down this rabbit hole a few months ago seeing whether it was at all possible to disable the automatic OCR / processing of all image files on macOS.
Wasn't able to figure out how to do so but this blog was absolutely the best resource for digging one layer deeper on all things Spotlight-related, highly recommend.
Honestly I have no idea if they have the best answer, but I thoroughly respect a blog post like this that is so concise/wastes no time. Here is the issue, here is what we want to do, here is what it won’t do, ultimately this is the best solution we have come up with + clear instructions.
The Eclectic Light has been the best Mac technology blog for years, often serving as the only source of knowledge for how some of the more obscure system components work.
A small but big detail that irritates me is one used to be able to search Applications faster through the dedicated Applications overlay, but now this behavior appears to just be a shortcut to Spotlight, which suffers from incredibly poor index planning.
In the past, when Spotlight was too slow to show me my most used applications by the first few letters, I'd bail and use Applications.
Now I'd have to use Finder, but opening that up would be slow enough that I'd almost need a desktop shortcut.
So, in essence, I have to hack around the most common functionality of using an application on an operating system, which is finding the damn thing. And this is supposed to be the most polished operating system on the market?
Apple frequently appears to be asleep at the wheel.
Yeah, I used to have a hot corner set up so that I could fling my mouse towards the upper left and then type the first letter or two of the app name, just like in Gnome.
Now that causes the screen to freeze for half a second (possibly my fault - I have 'reduce animations' switched on, but it seems to freeze the screen for the duration of the animation that would previously have played), and then the colour wheel spins for a couple of seconds, and then it might finally respond to my keyboard input... but even then, it fails to find the app maybe 20% of the time. This is on a ~1yo M4 Macbook Pro w/ 36 GB RAM.
So for the past month I've been training myself to alt+tab round to the finder window and navigate to the apps folder from there.
I've never been much of a Macos fan, but this is shockingly poor - less of a papercut, more a wedge of smouldering bamboo shoved under my fingernails.
Right off the bat, XProtect, MRT, Gatekeeper, amfid, system updates, telemetry, MDM...
This is really irritating, both that:
- I can't "accept the risk" and force disk encryption anyway. This may be technically possible if you bludgeon the OS enough, but it's definitely not something the built in CLI tooling supports.
- I can't use the old full disk encryption mode. Presumably, this code does or did still exist somewhere, but isn't supported because it's not used in any supported configuration.
So you're left with the option of having no disk encryption on your laptop, or having SIP.
EDIT: I'm thinking of SSV, not SIP per se. But when it comes to disabling the built-in launchd services like Spotlight, you have to disable SSV to do so, and that requires disabling FileVault.
I'm finally starting to de-Applify my home computing and slowly removing my and my family's dependence on the Apple ecosystem. Replacing an old Mac Mini here, replacing an old MacBook there. It's been a long time coming, but I'm out.
I'm not even mentioning Tahoe which is a disaster but doesn't bother me because I don't have a single machine that can run anything past Ventura anyway.
But still -- you can't "unlock" the system (in this sense) without disabling SSV, which requires disabling FileVault.
I'm often annoyed how slow/unreliable Spotlight is, especially in Mail, but what's the alternative here?
I do, but 80% of the time I'm able to locate it by opening the directory where I would put it. And 10% it's in the "other" directory. And since I have the shell history, in the remaining case it is still a simple search.
Wasn't able to figure out how to do so but this blog was absolutely the best resource for digging one layer deeper on all things Spotlight-related, highly recommend.
System Settings > General > Language & Region > Live Text
"Select text in images to copy or take action."
People like him are an inspiration to me.
In the past, when Spotlight was too slow to show me my most used applications by the first few letters, I'd bail and use Applications.
Now I'd have to use Finder, but opening that up would be slow enough that I'd almost need a desktop shortcut.
So, in essence, I have to hack around the most common functionality of using an application on an operating system, which is finding the damn thing. And this is supposed to be the most polished operating system on the market?
Apple frequently appears to be asleep at the wheel.
Now that causes the screen to freeze for half a second (possibly my fault - I have 'reduce animations' switched on, but it seems to freeze the screen for the duration of the animation that would previously have played), and then the colour wheel spins for a couple of seconds, and then it might finally respond to my keyboard input... but even then, it fails to find the app maybe 20% of the time. This is on a ~1yo M4 Macbook Pro w/ 36 GB RAM.
So for the past month I've been training myself to alt+tab round to the finder window and navigate to the apps folder from there.
I've never been much of a Macos fan, but this is shockingly poor - less of a papercut, more a wedge of smouldering bamboo shoved under my fingernails.