Quite the confused article. I did some digging of my own and here is what I found:
In order to use this you need to install iCloud and enable 'Find my Mac' (this allows you to locate and wipe your Mac should it be stolen). The guest account is then repurposed and will only reboot to the recorvery partition (which is also new in Lion) and only allow guests to open up Safari and connect to WLAN networks. As soon as they quit Safari the computer shuts down.
If you have secured your Mac with a password, logging into the guest account is the only thing thieves can do. iCloud cleverly uses this to goad thieves into going online and broadcasting their position as well as allowing for remote wipes – it even displays instructions for how to connect to WLAN networks when it boots up – while still not allowing them to access any of your files.
This is not supposed to compete with Chrome OS. It doesn't have a password manager and you can't download anything. It also won't remember anything after a reboot.
By the way, you can now also sart up Safari when booting into the recovery partition normally. That's also new and it's just useful but nothing else.
Apples's answer to Chrome OS is the iPad with iOS, not OS X running only Safari. If you don’t understand that then you have understood nothing about Apple.
Precisely! Why would I care about a browser only mode for every day use? I have not rebooted my Air in weeks.
So there is two applications, right?
1) Surf station, if your borrow your Mac to a friend or stranger once in a while.
2) Anti theft.
Sure, running the browser only might increase browsing performance a bit. But I guess it won't make a big difference. Avoiding Flash and a add blocker is way more effective.
Has anyone seen any other recent advances in anti theft? Will the new Mac Air have a lock? The current one doesn't and I find that very annoying. There used to be a USB stick that would trigger an alarm when pulled without password deactivation. But I can't find it anymore and last time I check it was discontinued on Amazon.
Any solutions? Otherwise, lets build one and pitch it over Kickstarter!
Nice find. Your answer makes much more sense given apples focus on apps. I can't see them trying to compete with chrome, especially after announcing icloud.
Are Mac HDs that hard to get at? I thought most computer thieves (at least with PCs..) immediately put up a sell ad on places like craigslist or somewhere while they copied the HD and possibly wiped it.
I think what you say makes perfect sense, but do you have any information which actually says that "iCloud cleverly uses this to goad thieves into going online"?
This is indeed a really great reason to have this feature, but I'm just wondering if this was Apple's intended use of this feature.
When you activate ‘Find my Mac’ a dialog pops up and tells you that anyone logging into the Guest account will now only be able to start Safari. With ‘Find my Mac’ disabled the guest account works like it always has. I think Apple’s intent is pretty obvious ;-)
I also can’t really see the appeal of this as a feature. Logging into a normal guest account doesn’t require you to reboot into the recovery partition, for one, and a normal guest account also allows you to use all the apps installed on the Mac additionally to Safari which works just fine. There might be one or two attractive use cases beyond goading thieves into going online but those are to my mind very much edge cases.
Please correct me if I'm wrong (I don't actually know how the 'Find my Mac' feature works, so I'm guessing), but when the computer is first booted by a thief, it won't be online, which means that it won't be aware that it needs to disable access to all accounts except to the neutered guest account right?
In fact, the only way that the computer will be made aware that the mac has been stolen is if the thief connects to the internet (Apple has done nothing so far to enhance the likelihood of the user connecting to the internet).
Once the Mac is connected and is aware that it is stolen it's behaviour will change to block all access to user accounts. If anything, this change in behaviour might alert a thief that something is up (I'm giving a lot of credit to theives here) and that he should rid himself of the Mac.
Access to user accounts is not disabled. If the thief has the password he will still be able to log in and if the Mac is set up to automatically log in the thief will be able to access user accounts even without a password. (It is however, possible to remotely lock the Mac even if it is set up to log in automatically. You can also send messages to the Mac, wipe it or locate it.)
If the thief doesn’t know the password the only thing he can do (short of, say, replacing the HDD) is log into the guest account, i.e. restart to Safari on the recovery partition.
I am by no means an expert on this but maybe this is somehow related to the new full disk encryption? Does it make sense to not allow thieves to boot from the encrypted partition?
Like always with computers this is not watertight – at least as far as getting your Mac back is concerned. (Full disk encryption – which is optional – probably protects your data reasonably well.) There are ways to circumvent “Find my Mac”. The good thing is that thieves are usually not very bright.
If you have a password on your user accounts, the thief will only be able to access this browser-only guest account. The other accounts are already locked.
If you haven't put passwords on your user accounts, you're out of luck.
I get the appeal of the stripped-down interface (I'm typing this on a cr-48, which I love). But if I have my Mac, with it's reliable suspend/resume and otherwise reasonable battery life, why would I restart it to do something I could do by starting a browser?
The trade-off of the Chromebook, or similar, is that you pay less and can carry somewhat thinner/lighter hardware because it's somewhat special purpose. If I've already paid for a MacBook, and I'm already carrying it, what reason would I have not to just use the main OS?
It's for people who want to lend their Mac to a friend, but don't want them having access to all their already-signed in accounts, to applications like Mail, and all your files. I suppose places with public-usage Macs could also use this to keep clientele restricted to just using the web.
Also, seeing as this boots from the Recovery partition, it means that, should your Lion install go belly-up, you've still got internet access, which I think is brilliant.
The recovery and kiosk cases make sense to me, but seem pretty special-purpose.
The proposal here that doesn't make sense to me is the idea that I'm going to hand my computer to a friend (who I presumably trust with my Mac) and not trust them to sign out of my gmail when they want to check their gmail. Also, the use case of "Can I borrow your computer?" is almost always quick, and, in my experience, rebooting a Mac is not quick enough. I'd much rather give them my laptop with an incognito window open than resign myself to rebooting my laptop after they're done (even if application state saving works perfectly, rebooting is still a 30 second affair).
If they can make it quick, then it seems like a great idea, but forcing a reboot to get into this mode seems to relegate it to special cases.
If you want to lend your Mac to a friend, you setup a new account for them and then use the parental tools and simplified finder to restrict if needed beyond the new account. It is actually pretty easy.
In order to use this you need to install iCloud and enable 'Find my Mac' (this allows you to locate and wipe your Mac should it be stolen). The guest account is then repurposed and will only reboot to the recorvery partition (which is also new in Lion) and only allow guests to open up Safari and connect to WLAN networks. As soon as they quit Safari the computer shuts down.
If you have secured your Mac with a password, logging into the guest account is the only thing thieves can do. iCloud cleverly uses this to goad thieves into going online and broadcasting their position as well as allowing for remote wipes – it even displays instructions for how to connect to WLAN networks when it boots up – while still not allowing them to access any of your files.
This is not supposed to compete with Chrome OS. It doesn't have a password manager and you can't download anything. It also won't remember anything after a reboot.
By the way, you can now also sart up Safari when booting into the recovery partition normally. That's also new and it's just useful but nothing else.
Apples's answer to Chrome OS is the iPad with iOS, not OS X running only Safari. If you don’t understand that then you have understood nothing about Apple.