Hello,
I previously used some audio recording software called Piezo. It required an update after moving to a new Mac (via Time Machine) a couple of months ago. However, I did not complete the process as I was unsure about a required stage in the process regarding the security settings. I'm attaching a screenshot. Is this advisable, or not?
Thanks in advance.
MacBook Pro 16″, macOS 12.2
Hi Stu-art,
Apple silicon Macs prohibit third-party kernel extensions by default, to provide better security. After reviewing the resource provided by MartinR, ACE isn't actually a kernel extension, but it needs similar privileges - thus resulting in similar restrictions.
On Macs with Apple silicon, Apple uses three levels for boot security (per installed OS):
If you choose to downgrade to Reduced Security and enable third-party kernel extensions, then the following will apply:
If you later choose to return back to Full Security (or disable third-party kernel extensions), ACE and other third-party kernel extensions will be prohibited, and software relying on them could possibly break (as mentioned by HWTech). They will automatically reload if/when you downgrade to Reduced Security and allow third-party kernel extensions again.
Hi Stu-art,
Apple silicon Macs prohibit third-party kernel extensions by default, to provide better security. After reviewing the resource provided by MartinR, ACE isn't actually a kernel extension, but it needs similar privileges - thus resulting in similar restrictions.
On Macs with Apple silicon, Apple uses three levels for boot security (per installed OS):
If you choose to downgrade to Reduced Security and enable third-party kernel extensions, then the following will apply:
If you later choose to return back to Full Security (or disable third-party kernel extensions), ACE and other third-party kernel extensions will be prohibited, and software relying on them could possibly break (as mentioned by HWTech). They will automatically reload if/when you downgrade to Reduced Security and allow third-party kernel extensions again.
At present, and as far as I know, all apps that are capable of recording Mac internal audio depend on a kernel extension or component that is subject to security options. Even Soundflower (which can enable almost any recording app to record internal audio) is a kext. App authors are having to work through this issue as macOS evolves.
That said, OS X/macOS has always been a relatively secure operating system and Apple has further tightened macOS security with each new release. In recent releases (Catalina/BigSur/Monterey) there have been significant changes in the security architecture that are evidenced in things like the Security Policy options you got when you tried to install ACE. I would not be bothered by the "Reduced Security ... with User Management of kernel extensions from identified developers." The Reduced Security is "similar to Medium Security behavior on an Intel-based Mac with a T2 chip" to quote from Apple's own documentation. And in the case of Rogue Amoeba, they have been a solid developer with a great track record with Mac apps.
For detailed info about Mac security, see Apple Platform Security. The page I linked speaks directly about Full Security vs. Reduced Security and the TOC takes you to much more detail.
Apple continues to evolve the design of macOS. One of the things that is happening is a change in the way system and kernel extensions are being managed. ACE is subject to this architectural/security change in macOS. I would trust Rogue Amoeba (I also use their products). To double-check, however, how about contacting Rogue Amoeba support and ask them about this.
BTW, I found this page about ACE that addresses your question -> Installing ACE on MacOS 11 (Big Sur) and MacOS 12 (Monterey).
That setting appears to allow any third party apps (that have a valid Apple developer's license) to have the same access as it is not restricted just to the one app you want. This setting basically reverts some of the latest macOS security options to what existed in older versions of macOS (while keeping some of the other new security settings?).
If the developer ever provides an updated version of their driver to work with the latest macOS security modes, then you can later toggle this setting off so you return macOS to the default security settings. However, with using this reduced security mode, you may find that you have inadvertently installed other third party drivers which will break once the more strict default security settings are re-enabled.
Hi Martin,
Thanks for your help and info. Actually, I did email Rogue Amoeba this morning, but then thought I would try this forum as well (perhaps for some impartial advice). It wasn't clear to me whether making this security change affected my MacBook only with regard to the Piezo software, or the entirety of my MacBook.....?
Thanks again.
Thanks everyone for all this info. It's quite a lot to take in when just trying to record some audio in the process of learning a language (and then having to consider the pros and cons of different Apple security options... Somehow, life was easier with a D90 cassette tape!). Remembering to change this back if the developer provides an updated version of the driver etc. etc. is something I'll probably forget to do (I have enough to-do / to-remember lists already).
Any recommendations for software that will work with the current Apple security settings, without having to compromise security?
Thanks again.
Thanks Martin! That's reassuring. I appreciate your help, and everyone else who commented above.
–
Hey, Apple, re: your prompt "This solved my question". Questions are answered, problems are solved, uncertainty and crises are resolved. Questions are not solved! First you redefine "genius", and now this! :-)
Full security / reduced security?
