While not directly related to OP's issue, after using Apple Watch Ultra and seeing how buggy and crappy everything about it is for a several months with literally zero fixes (not just me, but several friends who has Ultra too), I'm convinced that QA at Apple is run by primate apes.
There is no sensible explanation that a flagship device can be full of bugs and inferior quality to its 3-year older non-flagship counterparts.
I recently had my Apple Watch (Series 9, few months old) touch screen refuse to respond to touch input, and instead issue seemingly random pokes and drags until it eventually worked its way toward calling 911. After assuring the operator that it was just my nearly-new Apple Watch freaking out, I was able to dig up an Apple Support article that outlined how to hard reset it with the physical buttons, which still worked.
Apple's quality control has been getting worse every year. This is something we say every year; that's because its true every year. They started the highest coming out of the 2000s, plenty big laurels to rest on. But their (and Microsoft's) software has gotten so bad nowadays that linux desktops are starting to look stable (and don't interpret that as an endorsement of the improvements in stability of the linux desktop experience, not even close, year of the linux desktop might happen but only because everything is so shit that you might as well at least use the shit that isn't taking screenshots of your desktop or resurfacing photos you deleted five years ago).
Yikes. That seems so wrong.I havent had this happen. For me the final straw was Windows Defender sending files to be analyzed, without letting you audit which files have been sent over.
That's not a bug though. It's an intentional "feature". Microsoft just expects you to fully trust them. Because that's 100% required for their new business model where all your data and processing lives in their cloud.
It’s about photos in the Photos app that were not properly deleted, not photo files. The Photos app has an internal analog to the trashcan. When you delete a photo, the photo is removed from the normal photos index and moved to a Recently Deleted list. After 30 days, the actual photo file will be deleted if you don’t change your mind. There is an automated process that looks for photos tagged for deletion and deletes them on schedule.
There has been an unknown bug for a few years where, sometimes, the process that is supposed to tag the photo for deletion removes it from the list but doesn’t add the right tag for deletion and the schedule process never noticed them and never told the OS to delete the files. They just sat there in the photos library folder, sometimes for years.
The files were never actually deleted, just removed from the photos list. Later another process was deployed that saw unreferenced photos and added them into the photos index. That freaked some people out, particularly if they really had wanted to get rid of those photos.
This all happened as a higher level than the OS. The OS file deletion process was never invoked for these photos.
Important details are that this impacted local on-device photos only, and a device reset would make the photos inaccessible for future use because a reset creates new storage encryption keys.
I know someone who works at Apple QA. A lot of it is done by wholly unqualified contractors who blindly check off test cases as passed. Sad to say it, but most of these contractors aren't very bright and have zero experience or training, let alone interest in doing a good job; strange why apple continues to work with the sourcing firm.
I’ve worked with (as in, directly on their team) some of Apple’s QA when I was an intern. They were quite bright and dedicated people. It’s just that their job truly sucks and the rest of the company doesn’t value them. When I was there their daily task was to run the same runbook of basic actions from 8 AM to the afternoon. It used to be to the end of the day, actually, until someone wrote up a Python script for them to save several hours on some of the checks. I had a chat with the actual engineers writing the code they were testing, vaguely pointing towards “hey I heard about CI and automated tests, wouldn’t this make things a lot better?” and he just point-blank rejected it. QA was there to test the code he wrote. There was zero self-reflection on how he could improve or that this process sucked. My impression is that a lot of Apple has a similar mindset which they are slowly working to change.
Far and away the best "QA" people I ever worked with were people who couldn't write a line of code. Because they didn't have a programmer mindset, they also didn't approach using the software like a programmer, which is exactly the sort of person you want doing QA for you.
> I'm convinced that QA at Apple is run by primate apes.
Big-tech sees no value in QA thee days when they already have monopolies over huge markets, so these jobs get cut. And even when they don't get cut, since such jobs are dead-end for your career there anyway ... you get what happens.
So a lot of QA is actually outsourced to third party body shops where employees don't care beyond shoveling some tests out the door to get home quick and get paid.
The regular apple watch has some bugs that have been around for years, too.
One of my favorite features is on the mickey/minnie watch face, they verbally tell you the time if you tap them..... except when they don't. Sometimes they just stop working until you power cycle the watch lol.
Also phone calls to/from the watch seem to go through fits of random failure. Like at least once a week it'll inexplicably fail to get notifications or fail to answer phone calls. And then once a month I'll have to power cycle both the watch and the phone because they fall into a trap where any call in/out fails.
I first noticed these bugs on my s4 and iphone xs. I'm currently using an s8 and iphone 13. Still got those bugs lol.
Oh I thought of one more. Any iOS device with a home button and an alphanumeric password won't show you the keyboard when it first starts up. You have to hit the power button and then wake it with the home button to see the keyboard lol.
hahaha That's so classic Apple. It used to happen very often with daylight savings time.
The funny part is I use the sleep app and the alarms. When I'm really worried about missing an alarm I set my android phone too, or the alarm clock by my bed lol. That rarely is needed.
> Any iOS device with a home button and an alphanumeric password won't show you the keyboard when it first starts up. You have to hit the power button and then wake it with the home button to see the keyboard lol.
Thanks for explaining iPhone SE2/SE3 behavior.
iOS Magnifier (for blind people!) will randomly stop speaking "image descriptions", continuing onscreen, invisible to the blind user.
I have experienced multiple iCloud-related bugs across all devices, not just Apple Watch.
First I had Keychain taking a full core on _all_ my devices and had to go through a rabbit hole to fix it [0], then I had “fileproviderd “ do the same (again, across all devices) and had to delete iCloud DB to fix it.
I wonder how less tech-savvy users are supposed to notice the issue (and maybe fix them).
My favorite nowadays is my iPhone completely enabling Auto-join for a Wi-Fi network (that I created at second story) and joining it instead of my living room Wi-Fi, whereas I constantly keep disabling auto-join for that network.
Of course, this is just one of the thousands of bugs.
But that implies they'll fix the bugs that get reported! I have a Google Pixel 6a, and for probably close to a year now I've had this weird issue where vibration randomly stops working, but only when I'm not connected to wifi. Rebooting the phone fixes it temporarily. I've submitted feedback in the settings to report it multiple times and it's still not fixed. I've had another bug where people get a sporadic echo when I'm on the phone with them, but it doesn't happen when I'm on speaker or using a different app to call (like Discord).
I'm thinking of changing brands when I upgrade. Guess I shouldn't look too closely at getting an iPhone either...
My watch decided to stop correctly syncing DND mode. It would turn on with the phone but not turn off. This would happen 3-4 times a week—enough to be far more aggravating than it really should be.
Then Apple made some annoying decisions with watchOS 10, and I stopped using it altogether.
I have seen absolutely nothing of the sort. My experience is that other than a larger screen and an extra button, the Ultra is just like the normal Apple watch which preceded it: reliable to an almost boring degree.
To the point where I want to include some sort of caveat or flaw in my reply, lest I be accused of the dreaded fanboyism. Problem with that is that I don't have one. I can't think of a single bug or glitch in the 18 months I've had it.
I guess I have one kvetch: there was a major OS version bump during which they disabled swiping between faces. They added it back as an option, which I promptly turned on, and that was that.
There was significant backlash about the removal of swiping faces. I'm also glad they brought it back. I used that feature professionally to swipe to an ugly watch face that showed seconds.
> I'm convinced that QA at Apple is run by primate apes.
If you yourself is not a primate ape I would be surprised and call every news agency available to tell them a new species is using written language and the internet.
I tried to report issues with a broken VP9 decoder causing system instability in MediaToolBox on my Mac Mini but I need to pay 100$ to even get a chance for an Apple tech to see this issue in their developer forums (not that they engage much with their developer community at all).
Apple is shipping broken software left and right ever since the ARM transition and it's become noticeable.
You are as likely to have an Apple engineer create a bug report for you on Apple's forums as you are here.
http://feedbackassistant.apple.com is where you file such requests. Just keep in mind that the wall they have between public and internal systems means you may not get updates unless you periodically ask for them.
I consider myself above average intellectual level with more than enough capacity to spot and fix those bugs or at least report findings to people who should, which probably puts me hopefully on a better level than a primate ape.
But based on your comment, unfortunatelly I can't say the same for you.
You are a primate ape. Literally. I'm not sure what is so hard about this, the parent poster referred to a set (primate ape) that includes both humans and many other apes. If they are not part of that set then it would surprise me.
I was unsure of choosing "is"/"are" (is this not the third person singular present tense correct usage?), but besides that I felt like it was a coherent enough expression.
The "yourself" might feel awkward but is required to ensure that I am talking about the specific poster instead of something like "if you are not a X" in which case it would read like a general you.
If you understood what I was expressing and have a better and more succinct way to express it let me know.
GPS/distance going terribly wrong when swimmimg, action button sometimes just not doing anything, screen going blank (thinking I'm not wearing it) after workouts randomly, not to mention the original Alpine loop started to break completely in 6-7 months.
I had NONE of these problems with older watches despite doing the exact same things.
I have the exact same experience as you. I usually take comments like this with a grain of salt, especially if it’s a very general and non-specific complaint.
This is a phenomenon about Apple and some other companies I’ve never fully understood: charitably, there just are people with 1% setups that hit a whole class of bugs in Apple devices that I haven’t seen in 15 years or so
Good for you. Go for open water swimming every day (which Ultra should be perfectly capable of) and see if GPS works reliably. See my reply to parent comment for more bugs.
> why don't I just "go with the flow", adopt iCloud Keychain and passkeys?
I don't like the "on principle" response since a lot of people will end up thinking, "oh, so it doesn't really matter." Even the author's elaboration could lead to responses like: "they are control freaks," or "they are paranoid."
In my case, the answer is simple: I have access to systems that contain confidential information about other people. Protecting their data is my responsibility. While I have little doubt that Apple (and other vendors that provide similar services) do their best to guarantee the security of these products, their centralized nature and potential value of the data it leads to make them very juicy targets.
I suspect that Apple (and Google) are going to be better at maintaining my privacy (at least from anyone who isn't Apple (or Google, respectively)) than I am.
For the record, there's plenty of data I wouldn't want to give either company (especially Google) but the answer there is also fairly straightforward: I don't put my passwords into my iCloud Keychain. Or, for that matter, into Google's password manager.
I don't trust any company, let alone a foreign controlled one to have authorised access to my accounts as me. I would be held accountable if they were exposed and they sufficiently covered their tracks (and they are incentivised to try).
Why should I brazenly permit this?
(for the record, as a private individual I am using iCloud keychain, and for work I use 1password with its online storage: however I just make video games, I don’t have the power to destroy lives, nor do I have a responsibility to avoid it; I am merely pointing out that perfect being the enemy of good is not always good enough for everyone.)
I don't think you're disagreeing with me? If you don't want Apple to have access to your passwords, don't give your passwords to Apple.
The biggest problem with Keychain here isn't that it is able to share with iCloud, it's that it claims to have the ability not to (but it seems to not work) and will "upgrade" to sharing without prompting. This is a bad thing. But now we know it's happening, we can choose to avoid the product.
On the other hand, Apple do write the OS and all its updates so they can steal all your passwords whenever they feel like it. And one might be inclined to assert that they just did.
Someone said "Apple re-activated a password sharing system and that's bad because I intentionally turned it off"- I agree.
To-wit someone responded: "Well, actually I think Apple are going to do a better job of handling passwords" - which, I do not agree with given the context of reactivating the feature silently.
It does not have to be a matter of trust. People make mistakes. The wrong mistake can lead to a vulnerability. Technology advances. What was considered secure 20 years ago is not considered secure today. Companies change hands and have changes in leadership. Then there is the question of: what does trusting a company mean? Their actions are the result of a multitude of minds, not a singular one.
For maximum data isolation of hardware devices from Apple:
- avoid storing anything on iCloud
- disable iCloud via MDM / Apple Configurator policy profile
- router block Apple network (17.0.0.0/8) connections
- router block Apple CDNs via dnsmasq wildcard domains
- router allow Apple servers for notifications and app/OS updates
- login via App Store only, not Settings/iCloud
The list above is not about distrusting the vendor or OS, it's about leveraging the vendor's officially published statements of behavior (e.g. HTTPS network traffic identified by PKI certificates tied to vendor's legal identity), used in contracts with enterprise customers that have competent lawyers, for the benefit of smaller customers.
MDM policy can be configured to narrow the vendor's documented claims of software+hardware behavior. Narrowed claims are cheaper to verify empirically. If evidence can be found that MDM policy is not being enforced, then the pool of affected parties grows from powerless individuals to a class action (Apple has paid millions in the past) and/or large enterprises who use MDM to protect confidential enterprise data.
> How do you ensure that the OS does not by itself connect to a random open WLAN
In the case of Wi-Fi, MDM and Apple Configurator can configure device policy to connect only to approved SSIDs + a null list of approved SSIDs. To validate enforcement of this WiFi policy, the device can be placed in a small faraday box (commercial < $1000, DIY < $100) that blocks external RF, with an SDR that records all internal RF traffic for analysis. For a device with a null list of approved SSIDs, there should be zero Wi-Fi traffic from the baseband radio.
Another option for MDM policy enforcement validation is to use a virtual iOS/macOS instance, where a hypervisor can perform live behavioral analysis of OS execution paths. Any unexpected behavior can be further investigated by reverse engineering of non-encrypted OS firmware binaries. Corellium offers a hosted service for virtualized iOS analysis, https://www.corellium.com. They won their legal conflict with Apple.
Finally, a third option is to modify the hardware device to disable unwanted radios, using only a wired network connection via USB. Past news articles have covered expensive modifications of commercial Apple hardware, for use by governments and companies in facilities where wireless networks were not allowed.
That's great you posted this information.
As someone who helps various other people with their computers, and a lot of them Macs, it's hard to stay on top of all nuances of trying to keep secure and private. Apple keeps doing things that are more Microsoft like, all the time.
It is becoming extremely difficult to keep your own data, on your own machine.
If Apple allows VMs on iPad Pro in iOS 18, it might take some wind out of Oryon sails, but with Nvidia, Mediatek and maybe AMD joining the Arm train in the coming year, real competition lies ahead.
A repairable Arm laptop from Framework would be great.
You can do this if you effectively disable Secure Boot. The highest boot security setting, which ships as the default, requires an install-time certificate check.
I don’t expect bug free software.
But I do expect Apple to do minimal tests of the toggled off cases.
It’s one of the biggest companies. Why can they test minimum trivial QA workflows? Why there’s always this bug where some toggle is broken resulting unintended data to be sent or downloaded?
I know I’m supposed to attribute things like this to incompetence, not malice, but how many times can a similar mistake repeat before it is not a mistake?
Seems similar to how Windows settings “accidentally” revert to the less private ones.
With Apple, many times it's just bad QA. Just like you can assume they QA iMessage much more than standard SMS since this is what "they use" :)
With Microsoft, every update I get this wizard that tries to trick me to put OneDrive, trial Office and other things. and... one in a few update a new dark pattern is being added. So it's not a bug... it's a feature from their perspective.
What can make you more aware of apple's practices is to enable Little Snitch.
It's not perfect, but it monitors what process on your system wants to make what network connection.
What appalled me was that even when adding a LOCAL email account, accountsd tries to phone home to apple. Apple is phoning home in ways it never should.
Though for that specific feature, Apple operates a lookup service that Mail uses to attempt to automatically configure your SMTP and IMAP/POP settings. It would be nice if it asked permission first.
Funny, I just checked and my iCloud keychain is not enabled. I've had it off for years (always?), and definitely upgraded to Sonoma when it prompted me, and it didn't re-enable it for me.
My System Settings > Passwords says "Turn on iCloud Keychain" with two buttons "Not Now" and "Enable". (No idea what why there's a button "Not Now"?)
But I don't use Keychain at all, I use a third-party password manager. At some points I'm sure Keychain has asked me if I wanted to save various passwords in Keychain and I've always said no. And it hasn't bugged me about it in a long time.
I wonder why OP's systems are turning it on when mine didn't?
Perhaps I'm mistaken, but I'm pretty sure "we take your privacy seriously" has always been marketing and nothing more. they could say that because they aren't Google who really doesn't care about privacy. So in comparison, it was "correct." Regardless, they are a company and companies can change their ideals at any point, so one should never take marketing strategies seriously (not that you did, just a general warning).
It is both marketing and they have taken steps to protect privacy. In some cases they have made apps less functional or less simply because of privacy concerns. Of course that is not their only concern and they do have an obligation to make money, but it’s not a binary choice and saying that it is nothing more than marketing is reductionist cynicism.
"I've always managed my data myself, taking personal responsibility for protecting it and backing it up. I don't want or need Apple to insert itself into this process as a remote nanny."
But do this to sync to iCloud at all, you'd have to log into an Apple account in the first place on the machine. Surely that is counter to the requirement?
There are other reasons to be logged into iCloud. For example, "find my device" relies on this. Just because you want to be able to find a stolen device doesn't mean you also want your data exfiltrated.
The author also ships software on the Mac App Store that includes an option to sync settings via iCloud. Presumably they test it on their main user account to catch all the weird iCloud bugs that only occur if you use it frequently.
Yeah, that's the same setup I use. An Apple account for our dev membership and being able to download stuff (ie Xcode), but no iCloud usage at all. Neither need nor want iCloud anything.
What are the best alternatives besides cloud keychains. Coming from sharing same password for multiple accounts, cloud keychain has been step up for me security wise. I'm honestly curious what are the better alternatives.
> Secure Tool for Recalling Important Passwords (STRIP). STRIP uses heavy-duty, 128-bit triple-Data Encryption Standard to store information, and that means any information -- credit-card numbers, Web site accounts and voice-mail access codes. STRIP (Zetetic Enterprises, free) is also a great tool for IT managers who administer distributed environments. It can random-generate complex passwords and allows account information to be beamed between Palms, so the IT staff can stay up-to-date.
We know a software 'off' is not a definitive off. So it is, imho, and has been for a long time, extremely safe to assume that Apple takes all data from all devices as often and as much as it can even when things are 'turned off'. Apple does it very obviously with settings on podcast sync or music artwork, blatantly having those off settings turn on after any update. LittleSnitch and the like also point to nannying tickles. I am equally blood boiled, like LapCatSoftware, and would applaud a huge fine from either the USA gov or the EU or both. Apple MUST address this. The privacy mask is slipping in full view of more public.
Because this particular untrustworthiness manifested after the user adopted the platform. I don't really understand corporate bootlicking either, but I can at least take a minute to think about it before posting nonsense.
> Because this particular untrustworthiness manifested after the user adopted the platform.
This company has shown multiple times in the past that they can and will change their closed source software's behavior to the detriment of user privacy (remember Apple's on-device image scanning?). Why are you or OP surprised when these things continue to happen on the closed source walled garden?
It's kind of funny- I find myself to be on the critical side when it comes to Apple, especially on HN, but when it comes to iCloud Keychain I use it pretty unquestioning. Probably because I don't trust 1Password or other password managers to be any better, and it's a feature that's baked into the OS so adoption is frictionless.
When it comes to trust it doesn't really matter what you use.
In theory 1Password has the superior product, as they use MFA for accessing your vault, and your account password only allows access to the encrypted vault (unlike Bitwarden where your account password unlocks everything).
But that is all theory, and you don't really know what really goes on behind the scenes, and it could all just be "theater". It probably isn't, but that's where the trust part comes in.
Personally i doubt that Apple has any nefarious intent, and i believe their intention is to make stuff better and more secure, and that they protect/respect privacy. Again, this is a matter of trust, and i trust Apple.
I don't base my assumptions on blind trust, but actually review their documentation on their services, like iCloud Data Security [^1]. They're pretty open about how they encrypt stuff, and also mention stuff like when using standard iCloud encryption, your backup of messages includes a key that can be used to decrypt the messages in the backup.
I enabled Advanced Data Protection as soon as it became available, and stopped worrying about it. For stuff that i want to keep secret at all costs i use GPG or Cryptomator.
As for Keychain i use a mix of Keychain and 1Password. Keychain for everything "simple" that i don't care about, i.e. websites that requires a login. It plays well with Hide my Email, and offers the path of least resistance. My 1Password usage is mostly stuff that doesn't fit easily into Keychain.
Sure, but if you fully believe that the platform is untrustworthy, that seems like the ultimate dealbreaker for someone who is concerned about their data privacy. It's the juxtaposition of "I don't trust this platform at all" and "I put my data that must remain private on it" that I don't understand.
Trusthworthy has two meanings here. I trust that Apple does have no intention to look into my private data. I think they'd rather have no way of getting into it while providing the services as that minimizes their liability. In that sense they are trustworthy. But you might not trust them to be secure enough to store that data. Or maybe it has nothing to do with Apple, maybe you don't want your keychain in the "cloud" ever. I trust Apple does not intend to be nefarious, I don't trust (the security of) any "cloud" to store sensitive data. Those are not conflicting positions to be in.
Seriously, you have to be so detached from reality to think iCloud Keychain sync is an issue at all, you just have to believe Apple put a backdoor their own TPM chip so they could decrypt your Keychain with a software update without human interaction.
If you’re this distrustful of Apple, your logic should say to not use local Keychain at all. You either trust Apple’s hardware backed E2EE or you don’t trust anything from Apple at all, there’s no picking and choosing when it comes to this sort of thing.
I bet privacy researchers at Apple are facepalming reading these threads thinking people can run their own crypto better than they can.
> thinking people can run their own crypto better than they can
Running or developing ?
You can probably run something like Password Store [1] fairly secure, though you still have to trust the operating system not to leak your secrets, and it turns out that today, regardless of your choice, all major operating systems more or less synchronize your data to the cloud.
I know Linux doesn't do it (Ubuntu tried some Amazon partnership once), but Linux is a poor match for many workplaces where Windows or MacOS are kings. Yes, you can run VSCode (or Vim/Emacs or whatever) on Linux, but running Photoshop, Fusion365 or various other business tools is not as "easy" as on Windows/MacOS, and in the end a company only has so many IT support staffers.
There is no sensible explanation that a flagship device can be full of bugs and inferior quality to its 3-year older non-flagship counterparts.