MacInTouch Amazon link...
Channels
Apple, Troubleshooting, Questions

Ric Ford

MacInTouch
More from Howard Oakley on the expired Apple installer mess:
Eclectic Light Co. said:
Time management
... In case you hadn’t noticed it, almost all of Apple’s existing installers and updaters now lie in tatters, their signing certificates expired, because Apple did too little too late. It failed to plan for the progression of time.

... Like many other users, I now have tens of gigabytes of Apple installers and updaters whose certificates have expired. Replacing them isn’t going to be an easy task, as Apple thinks it’s good to hide them away, rather than providing ready access. Even if I can find El Capitan in the App Store, Software Update won’t let me download it, as neither of my current Macs can run it. Others report that they’re unable to obtain a re-signed copy of the El Capitan installer even on Macs which can run it.

As usual, Apple isn’t saying anything, not to users or developers. Its most meaningful communication about this inexcusable failure of support were the 404 errors from download pages. There’s no explanation, no apology, no timescale, no support. Yet again, it seems to hope that if it pretends nothing has happened, we’ll all forget about it. Just like Apple clearly did until someone’s Calendar notified them that crucial certificates expired in a few days time.

That’s corporate planning for you: just pretend the inexcusable never happened. Maybe that’s the MBA approach to time management.

#applequality
 


So today I downloaded the new Mojave installer from the App Store.

I have not been able to upgrade my months-old 2018 Mac Mini at any point, even downloading the installers; there is always an error that the installer can't be verified (application updates, such as iTunes and Safari, install fine). The only way I have been able to install updates (including security updates) is to start up using internet recovery; this process has always worked.

Thinking that with a brand-new installer things might have changed, I ran the installer. After the progress bar was about 1/10 of the way complete, it threw me a dialogue that the installer could not be verified.

Whatever.
 


So today I downloaded the new Mojave installer from the App Store.
I have not been able to upgrade my months-old 2018 Mac Mini at any point, even downloading the installers; there is always an error that the installer can't be verified (application updates, such as iTunes and Safari, install fine). The only way I have been able to install updates (including security updates) is to start up using internet recovery; this process has always worked.

Thinking that with a brand-new installer things might have changed, I ran the installer. After the progress bar was about 1/10 of the way complete, it threw me a dialogue that the installer could not be verified.
Paul, just for a sanity check, have you run TechTool Pro and checked for bad blocks?
 


A few more notes about Apple installers:
The Mac App Store (at least in macOS Sierra) retains information about installers it sees, even after quitting the app, which can be very confusing. Here's an example:
  1. Mount a volume containing a previously purchased installer, e.g. for macOS Server.
  2. View "Purchased" items. macOS Server has an "Install" button. You can't re-download it.
  3. Quit Mac App Store and unmount the volume containing the installer.
  4. Open Mac App Store again and choose "Purchased" again. Same thing. It thinks the installer is available, even though it's not. Click "install" and nothing happens.
  5. Reboot but do not mount the volume containing the installer.
  6. Open Mac App Store > Purchased. Now you can download macOS Server.
However, Mac App Store won't let you download software that is not compatible with the Mac you're using, even if you need it for a different Mac. For example, you can't download OS X Mavericks on a 2015 MacBook Pro, even if you previously purchased it and it shows a Download button in Mac App Store > Purchased. "OS X Mavericks cannot be installed on this computer."

Presumably, you could run an older OS X inside a virtual machine on the newer computer and download the older installer within the virtual machine, but I haven't tried this. (It's possible the same virtual machine trick might work to download a newer macOS, e.g. Catalina, on an older Mac that won't run it, but again, I haven't tried that.)
I encountered the same issues yesterday while trying to download the new installers. I had to move the old installers to another drive and unmount it, quit App Store, and reboot before I could download Sierra and High Sierra from the App Store. I also was able to download Mountain Lion. After each successful download, I started up the app to make certain there were no certificate/date issues. There were none.

But an odd thing happened during all of this. I was no longer able to mount an external FireWire 800 drive with a SuperDuper clone of my boot drive. I ran several tools to try and mount or repair it. None could. TechTool Pro suggested the Partition Map was damaged and could not be repaired. I wonder if it's possible that one of these installers caused that problem? So I erased/formatted the drive and made a new clone of my boot drive. I then ran Smart Utility, Disk Repair, TechTool, DiskWarrior, etc. looking for issues with the drive. None. Checks out fine.

Fun day!

Notes: Mac Pro 5,1 with Metal-capable GPU and boot drives for Snow Leopard, Mountain Lion, Sierra, and High Sierra.
 


Paul, just for a sanity check, have you run TechTool Pro and checked for bad blocks?
Yes, I have, thanks for asking. I jumped through the hoops to get Mojave to start up from an external drive, and then ran the whole diagnostic toolbox of the latest TechTool Pro. Came out Clean as a Weasel®. Machine (and operator) more-or-less sane.
 


Regarding the following quote Ric referenced previously:
Eclectic Light Co. said:
Time management
... In case you hadn’t noticed it, almost all of Apple’s existing installers and updaters now lie in tatters, their signing certificates expired, because Apple did too little too late. It failed to plan for the progression of time.
... Like many other users, I now have tens of gigabytes of Apple installers and updaters whose certificates have expired. Replacing them isn’t going to be an easy task, as Apple thinks it’s good to hide them away, rather than providing ready access. Even if I can find El Capitan in the App Store, Software Update won’t let me download it, as neither of my current Macs can run it. Others report that they’re unable to obtain a re-signed copy of the El Capitan installer even on Macs which can run it.
I have been beating my head against the wall for a good portion of the weekend working on trying to build new USB flash drive installers for each of the new installers from Mavericks to Catalina. Like others have reported, there is a problem with the macOS Sierra file Apple made available for download. They definitely did not test this.

After all this aggravation, and numerous emails with Ric, I decided on a different tack. I pulled out my old Install macOS Sierra 10.12.6 installer file and built a USB installer using that. As reported, and as expected, it failed to install. However, after a reboot and before selecting to install Sierra, I went to the Utilities menu and launched Terminal and entered the following code*:

date 1010101018

After exiting Terminal I selected to install Sierra, and it worked fine. Changing the date has been thrown out as a possible solution, and one mentioned by the software DiskMaker X as a possible solution in the past, and one I find will be probably the easiest to implement going forward instead of worrying about downloading a new catalog of software.

All of this mess with Apple of late very much reminds me of the ending to the movie WarGames. The only winning move is not to play. Anyone for a nice game of chess?

* mmddHHMMyy
(mmonth, dday, HHour, MMinute, yyear)
 



... I have been beating my head against the wall for a good portion of the weekend working on trying to build new USB flash drive installers for each of the new installers from Mavericks to Catalina. Like others have reported, there is a problem with the macOS Sierra file Apple made available for download. They definitely did not test this.
After all this aggravation, and numerous emails with Ric, I decided on a different tack....
The problem is creating an installer drive using the createinstallmedia command, not actually using the installer to install Sierra.

So my workaround was to use the "new" Sierra installer to create a bootable Sierra flash drive (complete with Finder, etc.) and then to simply drop the new Sierra installer into that drive's Applications folder. The drive actually has a Recovery partition, so with the presence of the actual new Sierra installer, it works as an emergency booter and an installer.

Certainly not as convenient as createinstallmedia, but as a kludge, it solves a problem. I can just wipe the drive and start over when/if Apple fixes this goofy Sierra installer.

TKS Ose's suggestion of changing the Mac's date using that command word works quite well, but if you decide to go down that path, be sure to check that you've disabled your Internet before making the change, or your Mac will probably just use a time server to "fix" the date and render all your plans awry. (It did that on my Mac.)
 


Certainly not as convenient as createinstallmedia, but as a kludge, it solves a problem. I can just wipe the drive and start over when/if Apple fixes this goofy Sierra installer.
Agreed that there can be multiple solutions to this problem Apple created. I looked at it from a standpoint of not wishing to download tens of gigabytes of installer files over again. Maybe in the future, but not now. For now, this is one possible path which I have chosen to use. My normal workflow for such is to create installer media at the time needed, and then erase it when done in preparation when needed next. I have tried to maintain a working archive of OS and application installers, along with pertinent updaters, for macOS, Windows and various flavours of Linux in order than I need not rely on others to maintain what I may need and be subject to their whims.
 


I spent an afternoon redownloading all the final Combo Updates and Security Updates for Snow Leopard through Mojave from Apple's Support Downloads website. I'm waiting a bit on the macOS Installers until Apple sorts everything out, and hoping that installers for Lion–Mavericks show up (apparently they might be available to developers?).

Anyway, a couple things I noticed. Most of the packages were respun and signed with the new certificates in July and August (Suspicious Package tells you when the packages were signed). Despite this, they failed to begin posting them on the Support Downloads site until less than a week before the Oct. 24 expiration (I know, as I was downloading and checking packages every couple weeks watching for any sign of updated packages). There was no reason why the new packages shouldn't have been rolled out back in August or September.

After respinning all those packages in July and August, they apparently completely forgot about all the raft of security packages they issued on Sept. 26 (as part of their regular release schedule), such as macOS 10.14.6 Update with Supplemental Update 2, Security Update 2019-005 High Sierra, Security Update 2019-005 Sierra, etc, and signed them with the old certificates and promptly ignored them. macOS 10.14.6 Update with Supplemental Update 2 only got reissued hours before it expired when someone told Apple. And although they were signed at the same time as the 10.14.6 Update on Oct. 24, updated Security Update 2019-005 High Sierra and Security Update 2019-005 Sierra packages were not posted to Support Downloads until sometime on Oct. 26.

There's a real breakdown in process management at Apple.
 


Evidently the new option is only intended to allow download of installers for currently-supported versions of macOS.
I can confirm that the command can be used to pull down a full installer for macOS 10.13.6, but attempts to download older major versions result in a "not found" error, even when executed on a Mac that can boot the requested older version of macOS/OS X.
While I didn't download them to completion I was able to initiate a download of the Mavericks full size installer as a past purchase from the App Store on my Mini running High Sierra. your milage may vary.
 


While I didn't download them to completion I was able to initiate a download of the Mavericks full size installer as a past purchase from the App Store on my Mini running High Sierra. your milage may vary.
I was able to download all the installers via a Mac running Sierra. I have 10.11 through 10.15 installers in folders labeled "installername" - 2029 (to remind me when they expire again).

I found this to be cumbersome (thanks for the links, but Apple's methods are impractical), as I sometimes need to wipe an old Mac or have to install for a VM. I don't do the Hackintosh, but I can see the practical use for booting a volume to a specific OS to run a specific application (like forensics, recovery, application-discontinued, custom driver device access...) But, unlike Windows (I use Rufus to make bootable USB flash drives), Apple's getting way too strict with their policies.
 


I did a search for the 10.14.6 Combo Update at the Apple Software updates page and downloaded it. It worked. However, the download page shows a September 26, 2019 post date. Wouldn't you think they would show something about the new file having the new post-10/24 certificate; maybe an "updated" note? Good job burying your heads in the sand, Apple.
 


Ric Ford

MacInTouch
Here's more about the problem:
BBC News said:
iPhone 5 users risk losing internet access
Apple iPhone 5 users have been warned to update their software before the weekend or face losing access to the internet.

The technology giant said users who did not download iOS 10.3.4 by 3 November would be locked out of features that rely on the correct time and date.

This includes the App Store, email, web browsing and storage service iCloud.

While it is not the latest version of the operating system, it is the most up-to-date available for the model.

Users of older iPhones have also been advised to update their software in order to maintain accurate GPS location services.
 


There's an October 28, 2019 iOS 12.4.3 (Build 16G130) update for devices that are newer than the iPhone 5 and won't update to iOS 13. Have suggested user of iPhone 5s and iPhone 6 defer installing until there are reports if this update causes issues.

There's essentially no information about the update online. I did find a pointer that directed to Apple Developer, but that's not public.

Insights? Experiences?
 


There's an October 28, 2019 iOS 12.4.3 (Build 16G130) update for devices that are newer than the iPhone 5...
Insights? Experiences?
George, while this update does contain security updates, there is no need to immediately rush out to install, unless you can do without the device, should a problem occur. Never hurts to play the waiting game for a day or two just to be sure.
 


There's an October 28, 2019 iOS 12.4.3 (Build 16G130) update for devices that are newer than the iPhone 5 and won't update to iOS 13.
This is very interesting. The previous security update, iOS 12.4.2, could have been seen as an anomaly, released so close to the initial iOS 13 release and addressing a very serious RCE bug. But could this second security release for an n-1 iOS version signal a pattern and a shift in Apple's release policy for iOS? Although Apple is still requiring capable devices to update to the latest major iOS release for security fixes, an extra year's worth of security updates for still-viable iOS devices that can only run n-1 iOS version would be welcome news to many users.
 


... Most of the packages were respun and signed with the new certificates in July and August (Suspicious Package tells you when the packages were signed). Despite this, they failed to begin posting them on the Support Downloads site until less than a week before the Oct. 24 expiration...
There's a real breakdown in process management at Apple.
Regarding the pursuit of recertified versions of Mac installers and updaters:
Marcel Bresink, developer of TinkerTool and other Mac utilities, has an ongoing list by date of re-released Apple software on his blog page at

By the way, TinkerTool System has a drag-and-drop feature to create Mac install volumes. Very likely it is a GUI for the built-in createinstallmedia program, but it could ease the process and negate carefully typing source and target paths – potentially helpful to those who are wrangling with the replacement macOS Sierra installer.
 


Ric Ford

MacInTouch
I just started up a vanilla macOS Mojave system I haven't used for quite a few weeks. I thought it might be good to update it. Being used to macOS Sierra, this was a bit confusing, but I got to a place where it seemed ready to download the Supplemental Update while it was also trying to get me to install Catalina, which I absolutely did not want to do.

I started the update, with a little trepidation (about Catalina being snuck in), and it wanted to reboot. The subsequent process took too long to sit and wait for it, but it eventually finished and brought Mojave back up on screen.

It took time and effort to find a list of Apple's updates, finally located in System Information > Software > Installations, where I found... two installations of "macOS Mojave 10.14.6 Supplemental Update 2", one after the other with no differences listed, installed a few minutes apart.

I feel a little like some Alice in Apple "Wonderland" nowadays.
 


I did a search for the 10.14.6 Combo Update at the Apple Software updates page and downloaded it. It worked. However, the download page shows a September 26, 2019 post date. Wouldn't you think they would show something about the new file having the new post-10/24 certificate; maybe an "updated" note? Good job burying your heads in the sand, Apple.
Barry, I'm with you 100% on the provision of an identifier of some kind to aid users, but I'm not surprised that Apple is taking the opportunity to play one of their favorite games, Hide-n-Seek! I believe I have found a clue: by hovering over an item's download link, you can look for the presence of /2019/cert/ in the source file path preceding the item’s index code and name. In Safari, activate View > Show Status Bar, then check the bottom of the browser window for a path like this;

updates.cdn-apple.com/2019/cert/061-41408-20191024-e12bb1d6-b267-4836-9a00-2d3d3341646f/macOSUpd10.14.6Supplemental.dmg​

To verify that the presence of /2019/cert/ in the URL is actually an indicator of a "re-certified" download, I pulled down the latest El Capitan Security Update (Jul 18, 2016), the last Mavericks Combo Update (Sep 17, 2014), and Snow Leopard Combo Update v1.1 (jul 25, 2011) then checked them with Suspicious Package. They all checked out with 2029 expirations!

Randomly checking links while scrolling down and loading ever older content, I found that Mac OS X 10.5.8 Update and Mac OS X 10.5.8 Combo Update, both dated Aug. 12, 2009, are the cut-off, age-wise. None of the Mac OS X 10.4 Tiger offerings, whether for PowerPC or Intel, are delivered from the /2019/cert/ directory. A couple other cutoff points include: Java for Mac OS X 10.5 Update 10 (Jun 23, 2011) and Server Admin Tools 10.6.8 (May 31, 2011).

A few odds and ends that seem to be excluded, even though they are of similar vintage: Apple FIPS Cryptographic Module v1.0 (Apr 20, 2011), Mac OS X v10.6.4 Update iMac (Mid 2010) (Jul 27, 2010), Mac OS X v10.6.4 Update Mac mini (Mid 2010) (Jun 15, 2010), OS X Recovery Disk Assistant v1.0 (Aug 8, 2011), Front Row 2.1.7 (Mar 11, 2009), Gutenprint Printer Drivers for Mac OS X v10.6 (Aug 27, 2009)

This is how things look at 6pm PDT on Oct. 28, 2019 and is likely still in flux.
 


I had no intention of upgrading from Mojave to Catalina yet, and have been dutifully telling the nag notification to ask me tomorrow. Well, today, I decided to be different and selected "try in an hour" since I intended to be gone and the iMac asleep.

An hour later, during sleep, my slam dunk II iMac is now updating itself - to Mojave 12.14.6. Whew, I think I dodged a bullet, as I thought it was updating me to Catalina.

Curiously, Safari stayed at 12.1.2, and I've unchecked all auto system installs and cancelled the attempt to "install Safari tonight." Is Safari 13 safe now?
 


I wonder when the current certificates will expire again.
TidBITS said:
Previously Downloaded OS X Installers No Longer Work
The new installers are signed with a certificate that expires on 7 February 2023, so it will be quite a few years before Mac users are affected again.
So did the El Capitan installer certificate somehow prematurely expire Oct. 2019? Or maybe that date related to some other installers?

Anyway, it would be nice to have better knowledge when the certificates will expire. Just recently I was bitten by this despite trying to plan the install process:

I had about a 2-year-old El Capitan installer that worked OK last August when I tested it in advance. Then I installed a Samsung 860 EVO 1TB to my old Mac Mini Late 2009 to give it a few more years. But just then, Oct. 16, the El Capitan installer certificate decided to expire with a somewhat misleading error message, "this installer may have been tampered with." (I prepared a new flash drive two more times with the same result for the old download.)

I could have set the system clock back to make the installer work, but that seemed like a hack... Luckily, I still had the old spinning hard drive with the old El Capitan install. So I put the old hard drive into a NewerTech Voyager Q drive dock and booted it via FireWire 800. Then I could download a brand new El Capitan installer from the App Store's Purchased tab. The download took about 3 hours, so the install process took a lot more time than I had planned....

But what if I didn't have an old El Capitan install to boot from? If the old hard drive was broken, and I had no boot media for the Mac Mini 2009? Internet Recovery install works only when booted from a recovery partition with that Mac Mini 2009. The household has some newer Macs, but as they do not support El Capitan, they can not download it.
 


I'm re-downloading installers:

Boot an old MacBook Pro to Mac OS X 10.6 and easily downloaded OS X 10.7 thru OS X 10.11 installers

Boot the same Mac to an OS X 10.10 partition and try to download macOS 10.12 + macOS 10.13 installers:
  1. Go to Apple's special page for re-downloading installers
  2. Click on the macOS Sierra link
  3. Click on the "If you still need macOS Sierra, use this link: Download macOS Sierra. A file named InstallOS.dmg will download to your Mac."
  4. WTF? "InstallOS.dmg" - double click, install, what?
  5. Go to Apple's special page for re-downloading installers
  6. Click on the macOS High Sierra link
  7. Click on the "If you still need macOS High Sierra, use this App Store link: Get macOS High Sierra."
  8. The App Store app opens - to the normal home page. It does not go to a High Sierra download. I cannot find or get to a High Sierra download.
  9. Boot up my test Mac mini in 10.15 Catalina and use the Terminal to download the High Sierra installer - works first time
  10. WTF is going on, Apple?
That old Mac's support ends at macOS 10.13, so use my current Mac (MacBook Pro 2016 running macOS 10.14) to re-download macOS 10.14:
  1. Open the App Store app - works
  2. Login to my account - works
  3. Search for macOS 10.14 "Mojave" - can't find it (as expected)
  4. Search for macOS 10.15 "Catalina - find it (as expected)
  5. All this time, no errors with the App Store
  6. Go to Apple's special page for re-downloading installers
  7. Click on the macOS Mojave link
  8. Click on the "If you still need macOS Mojave, use this App Store link: Get macOS Mojave."
  9. Get an error message, "Cannot Connect to App Store" - Retry | OK (the App Store window is open behind this message and has worked all this time up until now)
  10. Click "Retry" - same error
  11. Click "Retry" - same error
  12. Click "Retry" - same error
  13. Click "OK" - dialogue box disappears
  14. Click on the App Store window and the App Store works normally
  15. Go back to the web page and click Get macOS Mojave
  16. Get an error message "Cannot Connect to App Store" - Retry | OK
  17. Click "Retry" - same error
  18. Click "Retry" - same error
  19. Click "Retry" - same error
  20. Click "OK" - dialogue box disappears
  21. Click on the App Store window and the App Store works normally
  22. Search for macOS 10.14 "Mojave" - can't find it (as expected)
  23. Search for macOS 10.15 "Catalina - find it (as expected)
  24. Boot up my test Mac mini in 10.15 Catalina and use the Terminal to download the Mojave installer - works first time
Now I think Apple might currently be having problems with their update CDN servers (as I can't download the new combo updates via Firefox, but Safari works - go figure), but, all in all, this is a very, very sh*tty user experience. :-(
 


Ric Ford

MacInTouch
Apple's software/security update messes continue at full steam today.

At least macOS Catalina 10.15.1 looks straightforward.

But even the Apple Security Updates page is currently out of date (as is the sick joke that Apple's Downloads page has become).

I'm trying to dig up the other security/software update information at the moment, but other Apple web pages are also out of date.

watchOS 6.1 has been released, available via iOS 13.2.

Mojave and High Sierra both have security updates, which I can't find on Apple's website. Sierra apparently doesn't get the security update.

But there's an XProtect update (including for Sierra).

This all feels like Apple operations have gotten out of control*, and I wonder how severe the mysteriously undisclosed security problems across its platforms are, and what they are, exactly, or what else is going on inside Apple. It's altogether very discomforting, as well as wasting huge amounts of our time chasing around trying to find things that should be plain and obvious, but very much aren't.

* I have two vivid memories of this type of situation in my career, when problems with large computer systems spiraled out of control for a while and the people responsible for managing these systems started flailing about, losing focus and direction. Not pretty sights. I don't know if the same thing is happening within Apple at the moment, but it sure wouldn't surprise me, especially if there's a severe security problem in play.

#applequality #applesecurity
 


Now I think Apple might currently be having problems with their update CDN servers (as I can't download the new combo updates via Firefox, but Safari works - go figure), but, all in all, this is a very, very sh*tty user experience. :-(
It's truly annoying that Apple refuses to provide a simple download site where a user can navigate easily to a desired file through sensible, hierarchical product folders, like the old ftp.apple.com site. There is no compelling user-focused reason why a person should be prevented from downloading any Apple installer using any computer they like, even a Windows PC. This is just another example of Apple losing the plot and being hostile to its users.
 


That old Mac's support ends at macOS 10.13, so use my current Mac (MacBook Pro 2016 running macOS 10.14) to re-download macOS 10.14:
  1. Open the App Store app - works
  2. Login to my account - works
  3. Search for macOS 10.14 "Mojave" - can't find it (as expected)
  4. Search for macOS 10.15 "Catalina - find it (as expected)
  5. All this time, no errors with the App Store
  6. Go to Apple's special page for re-downloading installers
  7. Click on the macOS Mojave link
  8. Click on the "If you still need macOS Mojave, use this App Store link: Get macOS Mojave."
  9. Get an error message, "Cannot Connect to App Store" - Retry | OK (the App Store window is open behind this message and has worked all this time up until now)
Just downloaded the Mojave 10.14.6 installer through the App Store link. Didn't have any problem connecting or downloading the installer. However, is there any way to know if this installer has the updated certificate? The creation date is Sept. 19, 2019, but I'm not sure that's relevant. I've already trashed an older Mojave installer, as well as the High Sierra installer, and I'm guessing my Sierra USB installation flash drive will no longer work.
 


I don't usually report to MacInTouch about the following, but having had yet another long and irritating update tonight, I thought I'd share a few words.

Updated tonight Catalina to 10.5.1. Hooray. It is most definitely faster, in terms of Finder matters (folder opening, until this update, took ages, as did scrolling). But for probably the 10th time in the last three years, the software update process was atrocious. Downloading the 4.4GB seemed ok... a stop, a restart, then a halt for 2 hours... so, yet again, I shut down and restarted, was later told to restart, again... then another hour or so, then here we are, 10.5.1.

This process, more or less, is very familiar... basically just get through it as best you can.

Steve Jobs was always extremely outspoken about great software, the iApps, efficient updates, faster this, faster that... but I think software quality control is pretty grim these days.

Someone stated here how all this rapid annual new system updating is ruining the software quality, especially with so many OS versions. Totally agree. 18 months/2 years... why not?

#applequality
 


TidBITS said:
Previously Downloaded OS X Installers No Longer Work
The new installers are signed with a certificate that expires on 7 February 2023, so it will be quite a few years before Mac users are affected again.
So did the El Capitan installer certificate somehow prematurely expire Oct. 2019? Or maybe that date related to some other installers?
The 2023 date is related to the Apple Worldwide Developer Relations Intermediate Certificate used to sign the "Install OS X El Capitan.app" installer app that is downloaded from the Mac App Store. All apps downloaded from there must be signed with that certificate. That is distinct from the Software Update certificate that signs the installer packages inside the InstallESD.dmg inside the Install macOS app. In the TidBITS article, they did not inspect the Software Update certificates for the packages and notice that they expired in Oct. 2019.
 


Just downloaded the Mojave 10.14.6 installer through the App Store link. Didn't have any problem connecting or downloading the installer. However, is there any way to know if this installer has the updated certificate? The creation date is Sept. 19, 2019, but I'm not sure that's relevant.
My newly downloaded installer also has a creation date of Sept. 19, 2019, so I'm relatively certain this is the new one with the new certificate. I believe it has been stated elsewhere on MacInTouch that you can inspect the package and check the certificate. The easiest way to check is to simply run it - if it runs, it's new. If it fails with an error then it's old.
I've already trashed an older Mojave installer, as well as the High Sierra installer, and I'm guessing my Sierra USB installation flash drive will no longer work.
Yes, your Sierra USB installation flash drive will no longer work. You'll need to create a new one using a new version of the installer, but as others have reported here, there appear to be problems with the new Sierra installer (also noted by the fact that Apple want you to download a disk image file for the new Sierra installer and not a proper, old-style installer).
 


My newly downloaded installer also has a creation date of Sept. 19, 2019, so I'm relatively certain this is the new one with the new certificate. I believe it has been stated elsewhere on MacInTouch that you can inspect the package and check the certificate. The easiest way to check is to simply run it - if it runs, it's new. If it fails with an error then it's old.
I've tried to get the updated Mojave twice. Both downloads had the Sept. 19 date but failed with the error when I tried to run them.
 


I just updated with "Security Update 2019-001 10.14.6" on a Mac Mini 8,1 (2018 Mini with T2 chip). According to LockRattler, the EFI firmware was just updated to 1037.40.124.0.0 with no other changes indicated.

While logging in to the updated system, I found the USB keyboard and mouse extremely erratic. Substituting a wireless keyboard allowed typing. I used Screen Sharing to connect from my MacBook Pro, and the trackpad works flawlessly, along with the usual MacBook Pro keyboard performance.

Externally, it looks as if there is a problem servicing HID inputs on USB.

I'm looking for corroboration from others and advice on how to proceed.
 


Ric Ford

MacInTouch
I just updated with "Security Update 2019-001 10.14.6" on a Mac Mini 8,1 (2018 Mini with T2 chip). According to LockRattler, the EFI firmware was just updated to 1037.40.124.0.0 with no other changes indicated.
Wow, I had to do some research to get any idea of what the ... Apple is doing here.

This "Security Update 2019-001" is apparently new and exclusive to macOS 10.14 Mojave.

Here are two different "Security Update 2019-001" packages that Apple distributed all the way back in January that appear to be completely unrelated to this new one.
As someone who had been documenting (or trying to document) Apple updates for other people for decades, I really do not appreciate such confusing Apple naming for critical security patches.
 


Nor do I get any significant advantage, other than security updates, from going beyond Sierra.
I certainly understand this perspective, but I would also add that a Mac Pro 5,1 with an NVMe SSD boot/system drive, as previously discussed here and elsewhere, is a wonderful animal indeed. This requires updated firmware and at least High Sierra, which might make those updates worth it. The current (and presumably last) firmware, version 144.0.0.0.0, appears to be rock solid once you get it installed.
 


My newly downloaded installer also has a creation date of Sept. 19, 2019, so I'm relatively certain this is the new one with the new certificate. I believe it has been stated elsewhere on MacInTouch that you can inspect the package and check the certificate. The easiest way to check is to simply run it - if it runs, it's new. If it fails with an error then it's old.
In September 2019 my Mojave 10.14.6 installer app was version 14.6.04. The downloaded installer app on October 26, 2019 is version 14.6.06. Both versions had/have created date of September 19, 2019. (I have yet to try installing as I'm still using macOS 10.13.6.)
 


I certainly understand this perspective, but I would also add that a Mac Pro 5,1 with an NVMe SSD boot/system drive, as previously discussed here and elsewhere, is a wonderful animal indeed. This requires updated firmware and at least High Sierra, which might make those updates worth it. The current (and presumably last) firmware, version 144.0.0.0.0, appears to be rock solid once you get it installed.
I'm curious why your reported firmware is different than mine. – Mac Pro 5,1 with all High Sierra updates have been applied.

I wonder if there is a difference between the different cores (mine is quad-core) getting—or not getting—firmware updates.
 


I'm curious why your reported firmware is different than mine. – Mac Pro 5,1 with all High Sierra updates have been applied. I wonder if there is a difference between the different cores (mine is quad-core) getting—or not getting—firmware updates.
I seem to be in pretty much the same shape that you are in. I've got a Mac Pro 5,1 quad-core that's been updated with one of the Apple-approved graphics cards (AMD Radeon HD 7950 3 GB) that I've now updated to Mojave, and it's still got boot ROM version 138.0.0.0.0 according to About This Mac.

After a few days of kernel panics, which seemed to be related to some wake from sleep issues that I seem to have cured by only allowing the display to sleep (which isn't a problem, since I use this machine to serve music over my network to my AppleTVs), the system has been stable for a couple of weeks.

There doesn't seem to be a way to force an update to the Boot ROM, and I thought an update was supposed to occur during the system upgrade, so I'm not sure what's going on.
 


I've reached the end of my patience with Apple. My wife's iPad, running iOS 9.3.5 (as far as Apple will take it) has App Store issues that are nuts. I'm told there are two updates to apps she has installed. I try to install them, and I'm asked for her iCloud password; okay, here you go. Nope, that's not accepted. Did I mistype? I try again; nope, no good.

I switch to Settings and tap on her iCloud account. It asks me for her password, which I provide. That's accepted (and it's the same password I provided in the App Store). So I switch back to the App Store, tap on one of the updates, and I'm asked for her password. I provide it, and, this time, it accepts it. So I then click on the other update and I'm asked again for her password, which I provide. Nope, that's not accepted. I am not mistyping.

My Android devices work as expected. I never have password issues.

Goodbye, Apple; you're fired.
 


I'm curious why your reported firmware is different than mine. – Mac Pro 5,1 with all High Sierra updates have been applied. I wonder if there is a difference between the different cores (mine is quad-core) getting—or not getting—firmware updates.
High Sierra 10.13.6 shipped with firmware version MP51.0089.B00, still using the old (and, in my opinion, more rational) numbering system. If you've only ever installed High Sierra, and taken no special action, that's what you'll have.

Mojave changed the numbering scheme and then went through a bunch of revisions, ending at 144.0.0.0.0, which shipped with macOS 10.14.5. Along the way a couple of important changes were introduced, including enabling PCIe 2 (5GT/s speed, twice as fast as PCIe 1) support for every PCIe card capable of it, rather than just a selected few, and adding the ability to boot natively from NVMe drives. There were a bunch of other little updates and security fixes, as well, but these are the two big documented ones.

These firmware updates are worth it for many people, even if you still want to keep High Sierra as your operating system, particularly if you'd like to use an NVMe boot drive. The way you'd do the update is to download a full Mojave 10.14.6 installer, run it once to trigger the firmware update, and then, when the machine reboots after the firmware update is complete, kill the installer rather than letting it run a 2nd time to install Mojave. Since this could be a little scary, some folks do it by pointing the Mojave installer at a scratch drive rather than their High Sierra system drive, so there's no chance of accidentally updating the High Sierra drive by mistake.
 


I switch to Settings and tap on her iCloud account. It asks me for her password, which I provide. That's accepted (and it's the same password I provided in the App Store). So I switch back to the App Store, tap on one of the updates, and I'm asked for her password. I provide it, and, this time, it accepts it. So I then click on the other update and I'm asked again for her password, which I provide. Nope, that's not accepted. I am not mistyping.
This might sound like a stupid question, but it needs to be asked. Are you sure the two apps were purchased with the same App Store account? Because apps can be downloaded to iOS devices using different App Store accounts, and then when you go to download an update, you have to provide the login credentials for the correct account associated with that specific app. That would explain the behavior you're seeing. For example, in what you described above, you click to update the first app, and it happens to have been purchased with the same Apple ID as the iCloud account you're expecting on the device, and so you provide that password and it works. Then you go to update the 2nd app, and it was downloaded with a different account, but you didn't notice, so you provide the password for the first account, and it fails. That would also explain why you're being prompted twice in a row for credentials. Normally, if both apps were on the same account, logging in for the first app update would mean you wouldn't get prompted again when you try to download the 2nd app.
 


Ric Ford

MacInTouch
I still have the iPod HiFi I foolishly purchased, but once was enough, and I didn't buy a HomePod, so I can't test this mess (which is probably a good thing)....
Forbes said:
Apple Releases iOS 13.2.1: Surprise Update In Record Time, But It’s Not For Everyone
On Monday, October 28, Apple released its latest update to the iOS software that runs the iPhone and, under the name of iPadOS, the iPad.

Now, just 48 hours later, it’s updated this to iOS 13.2.1. This must be something of a record, no?

But don’t be worried if your iPhone says that you’re bang up to date with iOS 13.2.

Confused? I don’t blame you. Don’t worry, read on, and we’ll get it all straightened out.
The Verge said:
It might be safe to update your Apple HomePod now
Two days ago, we brought you the news that a new iOS 13.2 update to Apple’s HomePod would finally be able to tell different users’ voices apart. But that same evening, the update disappeared — probably because of numerous reports that it was bricking HomePods. Thankfully, it appears there’s now a new iOS 13.2.1 update, rolling out now, that picks up where 13.2 left off.

As MacRumors notes, iOS 13.2.1 has the exact same changelog, which suggests the only actual change is a fix for the bug. It’d be nice if Apple came out and said that, but perhaps the company’s hoping we’ll forget there was ever an issue at all.
#applequality
 


Amazon disclaimer:
As an Amazon Associate I earn from qualifying purchases.

Latest posts