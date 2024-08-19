Share Email



In the latest macOS 15.0 Sequoia beta, Apple has backed off somewhat from the previous release’s radical increase in the frequency with which you would be prompted to approve permission requests from apps that need screen recording access (see “macOS 15 Sequoia’s Excessive Permissions Prompts Will Hurt Security,” 12 August 2024). At 9to5Mac, Chance Miller reports that the latest beta of macOS 15.0 (but not of macOS 15.1, which I’m running) has relaxed the policy. However, the repetitive permissions prompts, which seemingly stem from misguided thinking about how people evaluate digital risks, remain unnecessary.

In the previous macOS 15.0 beta, Sequoia would prompt users to continue allowing screen recording permissions every week for each app, as well as prompting after every restart or logout. Remember that many different kinds of apps request screen recording permissions for entirely legitimate reasons other than directly recording onscreen pixels to an image or movie file. Such apps include Adobe Photoshop, Adobe Premiere, Bartender, Default Folder X, Display Link, Google Chrome, Ice, Keyboard Maestro, Slack, Splashtop, TextSniper, and Zoom.

As of the latest macOS 15.0 beta, Sequoia triggers these additional permission prompts monthly, rather than weekly, and has dropped the additional prompts after restarting or logging out. Miller says the prompt text is now more specific:

[App name] is requesting to bypass the system private window picker and directly access your screen and audio. This will allow [App name] to record your screen and system audio, including personal or sensitive information that may be visible or audible.

Reducing the frequency of these repeated permissions prompts is a step in the right direction, but the overall change is still a mistake. A monthly schedule is less annoying than weekly prompts, but it’s more irritating than what we’re currently accustomed to, with no indication from Apple of why the purported additional security is necessary. There are instances of malware surreptitiously recording the screens of infected Macs, but most predate macOS asking the user to grant screen recording permissions, like FruitFly (2003–2017) and Mokes (2016). In 2021, XCSSET used a zero-day security exploit to bypass the permissions prompt entirely by injecting itself into legitimate apps with such permissions. Repeated prompts wouldn’t have helped in such a situation.

Also, while specificity in interface language has its place, even I don’t know what “requesting to bypass the system window picker” means, so I can’t imagine that a user less involved in the technical details of macOS would have any clue. Allowing obscure technical language to creep into a user interface is problematic on its own; putting it in a dialog meant to inform ordinary users about a potential security concern exacerbates the feelings of ignorance many people already have. Nobody who would have approved usage the first time would find themselves denying it on a subsequent occasion because of this new language. It’s far more likely that people will tune out the dialog gobbledygook and reduce their overall system vigilance.

Many hope the Persistent Content Capture entitlement, which developer Craig Hockenberry pointed out last week, could provide an exemption for approved apps. However, Apple describes it as “a Boolean value that indicates whether a Virtual Network Computing (VNC) app needs persistent access to screen capture” and has said nothing about whether it would be available to apps requesting screen recording permissions for other reasons.

Barring that, I’m sticking with my recommendation from the previous article: present the user with a “Continue to Allow” prompt several days after initially granting an app screen recording permissions. That would cause the user to think about the permissions while the app installation was still fresh and allow them to rescind permissions or remove the app if it was only for short-term use. In the hypothetical scenario where a malicious recording app is being installed by someone with admin access to the Mac, such as a domestic abuser, a randomly scheduled second prompt would be harder to conceal.

The negative reaction from developers, beta testers, and the media has already caused Apple to pull back somewhat on this feature. However, we shouldn’t see it as a compromise worth accepting in its current state because we don’t know why Apple made the poor choice in the first place. I continue to encourage you to tell Apple what you think. If you’re using the public beta of Sequoia, use Feedback Assistant to file another bug against these dialogs. Those who aren’t testing the beta can try using Apple’s Feedback page, perhaps for the Mac you plan to upgrade.