Language Selection

English French German Italian Portuguese Spanish

Apple of 2019 is the Linux of 2000

Filed under
GNU
Linux
Mac

Last week the laptop I use for macOS development said that there is an XCode update available. I tried to install it but it said that there is not enough free space available to run the installer. So I deleted a bunch of files and tried again. Still the same complaint. Then I deleted some unused VM images. Those would free a few dozen gigabytes, so it should make things work. I even emptied the trash can to make sure nothing lingered around. But even this did not help, I still got the same complaint.

At this point it was time to get serious and launch the terminal. And, true enough, according to df the disk had only 8 gigabytes of free space even though I had just deleted over 40 gigabytes of files from it (using rm, not the GUI, so things really should have been gone). A lot of googling and poking later I discovered that all the deleted files had gone to "reserved space" on the file system. There was no way to access those files or delete them. According to documentation the operating system would delete those files "on demand as more space is needed". This was not very comforting because the system most definitely was not doing that and you'd think that Apple's own software would get this right.

After a ton more googling I managed to find a chat buried somewhere deep in Reddit which listed the magical indentation that purges reserved space. It consisted of running tmutil from the command line and giving it a bunch of command line arguments that did not seem to make sense or have any correlation to the thing that I wanted to do. But it did work and eventually I got XCode updated.

After my blood pressure dropped to healthier levels I got the strangest feeling of déjà vu. This felt exactly like using Linux in the early 2000s. Things break at random for reasons you can't understand and the only way to fix it is to find terminal commands from discussion forums, type them in and hope for the best. Then it hit me.

Read more

A Humorous Take on macOS: Like Linux of Old

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Security: Proprietary Software Holes and More

  • It's the end of the 20-teens, and your Windows PC can still be pwned by nothing more than a simple bad font

    With the year winding to a close and the holiday parties set to kick off, admins will want to check out the December Patch Tuesday load from Microsoft, Adobe, Intel, and SAP and get them installed before downing the first of many egg nogs. [...] Also of note is CVE-2019-1471, a critical hypervisor escape bug that would allow an attacker running on a guest VM to execute code on the host box. The bulk of this month's critical fixes were for a series of five remote code execution flaws in Git for Visual Studio. In each of the flaws, said to be caused by improper handling of command-line input, an attacker would launch the exploit by convincing the target to clone a malicious repo. The remaining critical patch is for CVE-2019-1468, a play on the tried-and-true font-parsing vulnerability. In the wild, an attacker would embed the poisoned font file in a webpage and attack any system that visits.

  • Exploring Legacy Unix Security Issues

    The operating system SGI IRIX 6.5.22 was declared end of life in 2003, so it has limited use as a production system. I decided I could relive the good old days by looking for new vulnerabilities on an old system in my spare time. It was also an excuse to write some C code, and refresh my memory. One of my favorite vulnerabilities is the Insecure Temporary File (CWE-377). This involves manipulating files created in /tmp in an insecure manner. A file is created in /tmp by a piece of software that doesn’t check if the file exists before creating it. Allowing a malicious local user to symlink that file to a critical system file and overwriting it with the contents of what is written to the file in /tmp. So I started looking under the /usr/sbin directory for binaries to target. I did a quick examination of binaries and scripts in using the find command to give myself a starting point.

  • Private Internet Access updates Linux desktop client to prevent against [CVE-2019-14899]

    The Breakpointing Bad team at the University of New Mexico recently reported a VPN vulnerability that affects Linux, MacOS, iOS, Android, and more. The vulnerability allows malicious actors to not only see your VPN IP address, but also identify sites you are visiting and inject data into connections. The team consists of William J. Tolley, Beau Kujath, and Jedidiah R. Crandall and the public was notified on December 4th, 2019. Designated [CVE-2019-14899], the vulnerability shook the VPN industry due to the breadth of affected systems. [CVE-2019-14899] affects many different types of VPN protocols including OpenVPN, WireGuard, and IKEv2/IPSec. Private Internet Access has released an update to its Linux client that mitigates [CVE-2019-14899] from being used to infer any information about our users’ VPN connections. To our knowledge, Private Internet Access is the first commercial VPN to release a new client that prevents this ongoing security vulnerability.

  • Chrome now warns you when your password has been stolen

    Google is rolling out Chrome version 79 today, and it includes a number of password protection improvements. The biggest addition is that Chrome will now warn you when your password has been stolen as part of a data breach. Google has been warning about reused passwords in a separate browser extension or in its password checkup tool, but the company is now baking this directly into Chrome to provide warnings as you log in to sites on the web.

today's howtos

Android Leftovers

8 of the worst open source innovations of the decade

Over the years, Linux and open source have been a master class on slow burn success. From out of nothing, Linux has become the champion of the cloud, IoT, and containers. And although it hasn't reached the "world domination" status it swore in the early 2000s, Linux desktop is still very much alive and building momentum. But that doesn't mean it's been all success; in fact, there have been a few stumbles along the way. Let's take a look at some of the worst open source failures of the decade. Read more