Discussion

adamamyl/macos26-breaks-custom-dns

Congeec: If you have ScreenTime turned on. Port :8080 is occupied and your ubuntu apt-get in a docker build gets hash mismatch because they obviously modified packets. Let alone I am having another issue of unable to delete a private key in Keychain Access.The whole macOS thing is amateur

delduca: Port 5000 is also ocupied on macOS.

mrbuttons454: Papercuts like this are why I moved away from macOS.I will say, I don't love the use of LLMs to write these bug reports. It's probably fine if reviewed, but at least review for things like "worked on macOS 25", which obviously didn't exist. If that wasn't caught, how sure are you that the rest of the report is accurate. We all want the bugs fixed, but people are going to start throwing out the obviously LLM written reports rather than have to validate each claim, since the author probably didn't.

himata4113: Still wishing for the day apple is split into the hardware and the software company. I want their silicon, but I will never use their (arguably terrible) operating system. If I can't run my own kernel and kernel modules then it's a device that I don't own. Firmware is alright in some cases, but my laptop next to me is running core boot just to prove a point.

t-sauer: But you can run your own kernel on Macs, no? Isn‘t driver support the issue?

neilsharma425: Has anyone found a working workaround yet? I use dnsmasq for .local dev routing and held off updating after seeing this but curious if there is a viable path forward short of waiting for Apple to patch it.

cortesoft: Wouldn’t the workaround just be to have your local dns server enable recursive lookups, and point all your DNS queries to it?

duped: Using LLMs for any kind of writing is unethical, with the narrow exception of translation. If you didn't take the time to compose your words thoughtfully then you aren't owed the time to read them.

eru: Unless you pay me, you aren't owed anything.

ramon156: Bit off-topic. I mostly use Linux and I'm of the opinion that it's miles better than Windows, but I don't fully understand why people say MacOS looks bad?Ignoring the current Tahoe mess, MacOS felt relatively polished. I'm purely talking about UX here, as the OS is evidently buggy. The most popular Gnome themes are a re-impl of MacOS, so I can't be the only one.

whalesalad: macOS is not perfect but I don't think anyone could seriously argue that it is terrible.

lapcat: > https://feedbackassistant.apple.com/feedback/22280434 (that seems to need a login?).All Feedbacks that you file are private to your own Apple Account.

Drupon: FYI the phrase is "lo and behold"Thank you for the heads up.

Razengan: It also seemingly broke removing Safari cookies on a per website basis, something I often used to stop Google's scummy tracking across all their services if you just want to sign into YouTube.

hk1337: I've been using macOS since OS X Tiger and I wasn't aware of this feature.

dec0dedab0de: There is a huge difference between using an llm and just blindly dumping it's output on someone verbatim.I think it's fine to have an llm write a first or second draft of something, then go through and reword most of it to be in your own voice.

r_lee: at this point I really think its better to read broken english than have to read some clanker slop. it immediately makes me want to just ignore whatever text i'm reading, its just a waste of time

nottorp: Firefox + Google Container extension.Why use Apple's browser when they don't actually care about your privacy?

ProllyInfamous: I am not familiar with dnsmasq at all (is this machine-local?), but absolutely love my PiHole hardware — you can even create rules which intercept hard-coded-IP DNS request and&#x2F;or httpsDNS. You can also hard-code&#x2F;intercept .TLD to local service IPs.Programs like LittleSnitch never really seem like "enough" for me, because the computer has to boot before DNS filtering comes online. It also has the design error (IMHO) of pre-resolving IP addresses before clicking Accept&#x2F;Deny(all).A great blockrule for your personal firewalls would be to ban (at top level) icloud.com, apple.com, &c; system updates can then be performed manually using guides like <http:&#x2F;&#x2F;www.mrmacintosh.com>. Of course: this breaks everything (in exactly the way I prefer to compute).

chuckadams: I'm used to papercuts on every OS, but at least with a Linux box I can roll it back. Usually it's as easy as picking the previous boot menu entry (with NixOS, the whole system rolls back that way). I find macOS acceptable enough for my laptop, but I'm doing most of my real work in Linux containers anyway.

nslsm: There’s no “Tahoe mess”. I’ve used it since 26.0 and it’s good. Different indeed, but good. People love complaining.

celsoazevedo: I'm glad that it's working well for you, but from the moment some users with M-series SoCs report laggy animations, something somewhere has to be wrong.

kenny_r: What I'd suggest is using lvh.me, which always resolves to localhost, as do all it's subdomains. If you need a specific IP you can use nip.io.If you want valid certs you can generate them with mkcert and add them to your system trust store.

MoonWalk: A couple iOS versions ago, Apple broke self-signed certificates... crippling mobile development by preventing the use of HTTPS to communicate with a local server.It makes you wonder why they were messing around in these areas at all at this point.

bombcar: This works great (and I use it) internally but when you want things like your docker domains to work when you're on the go, it's annoying.I have setup a VM running DNS on my laptop before ...

hbn: There's very valid reasons to have issues with Tahoe's changes. The dock being liquid glass is fine. But curving the windows to look like iPad apps, and not even adjusting the grab target appropriately for resizing the window is bad. Getting rid of the title bar so it's not clear where you can grab a window is bad. Apple Music hiding the volume slider behind another click is bad.

yearolinuxdsktp: Apple container CLI configures internal domains (`container system dns`) by adding an internal resolver and it worked for me when I specified an actual domain previously handled by external DNS and it showed up as a custom resolver.Here’s a GitHub comment showing someone on MacOS 26 with a `.test` domain, which you claim is broken: https:&#x2F;&#x2F;github.com&#x2F;apple&#x2F;container&#x2F;issues&#x2F;856#issuecomment-3... —- maybe you are configuring it incorrectly.

rebolek: Using LLM is perfect for writing documentation which is something I always had problems with it.

lysace: > Ah, the joys of waking up to find the Mac's done an overnight upgradeWait, it does that (from 15 to 26) without user interaction?

timw4mail: No.

intrasight: Honest question: How would this affect me and the vast majority of macOS users who use the device for media consumption and productivity applications?Next question: what reason would Apple have to make a change that would interfere with developers using their operating system?

mikestew: Your “next question” seems very leading. Can you make your point more clear? What’s your answer to that question?

JimDabell: *.localhost works out of the box doesn’t it? You don’t need dnsmasq at all to have multiple hostnames pointing to 127.0.0.1.

bombcar: You often have internal private IPs you want to resolve to things that aren't localhost

realityfactchex: According to this report, if you're just simply using &#x2F;etc&#x2F;hosts in conjunction with .local or .internal or other overrides, that is not broken: Workaround The only reliable workaround is to add entries manually to &#x2F;etc&#x2F;hosts... However the impact reported is if you do something fancier (and apparently long recommended and in practices), e.g.: Impact This breaks the standard local development DNS workflow...Any developer using dnsmasq + &#x2F;etc&#x2F;resolver&#x2F; for *.test, *.local, *.internal, or other private TLDs...Docker...Kubernetes... So if we stay away from dnsmasq, and stay away from custom local domains via Docker&#x2F;Kubernetes&#x2F;otehr, we may be not hit by this.Which is not quite as bad as the (currently) blanket title "macOS 26 breaks custom DNS settings including .internal".More like, "macOS 26 breaks some uses of custom DNS settings including .internal"

wyufro: That's very elitist and unfair to people who previously struggled to form their words but now have a better chance at doing so.

nickdothutton: Ah great another reason to add to the many reasons not to use this OS. Semi serious question, is Apple looking to dump its existing customer base for a new, perhaps consumer not pro-sumer one?

butILoveLife: Wait... someone is under the impression that Apple was ever good to its customers?I thought we all just dealt with the overpriced hardware, the prisons, the control, that they are a US company that gives away data to the government(PRISM), has weak security(Pegasus), lies about hardware issues(butterfly keyboard and holding your phone wrong), deceptive marketing...All so we can compile iOS apps.If you arent compiling iOS apps... Do you not know about Fedora? Ofc Windows sucks, but we have Fedora.

runarberg: I do wonder, we had pretty good (by some measure of good) machine translations before LLMs. Even better, the artifacts in the old models were easily recognized as machine translation errors, and what was better, the mistranslation artifacts broke spectacularly, sometimes you could even see the source in the translation and your brain could guess the intended meaning through the error.With LLMs this is less clear, you don’t get the old school artifacts, instead you get hallucinations, and very subtle errors that completely alter the meaning while leaving the sentence intact enough that your reader might not know this is a machine translation error.

r_lee: and not just artifacts&#x2F;hallucinations, the worst thing about is the fact that its basically "perfect" English, perfect formatting, which makes it just look like grey slop, since it all sounds the same and its hard to distinguish between the slop articles&#x2F;comments&#x2F;PRs&#x2F;whatever.and it will also "clean up" the text to the point where important nuances and tangents get removed&#x2F;transformed into some perfect literature where it loses its meaning and&#x2F;or significance

philo23: It's not quite the same, but I've moved to using *.localhost for all my local web dev work. All modern browsers will resolve *.localhost to 127.0.0.1 internally. No need to setup any DNS resolvers or edit your hosts file.But that only really helps you when you're dealing with websites in a browser, and when you want the address to resolve back to your local machine. So it wont help you with other programs like python&#x2F;wget&#x2F;etc or any calls you make to getaddrinfo()

whalesalad: we have dev.our-root-domain.com in public DNS pointing to 127.0.0.1

stock_toaster: I've run into resolvers that filter things like that to prevent dns rebinding attacks. And localhost (the hostname) does not work for CORS.Best option is probably to set dev.our-root-domain.com in &#x2F;etc&#x2F;hosts[1]: https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;DNS_rebinding

Hizonner: Seems bad that people feel forced to use GitHub to talk about Apple's bugs.

alin23: macOS 26 has to be the most breaking version so far, its problems and intended breaking changes making my app dev life so hard this year. Just to name a few:- Reference Presets no longer allow setting arbitrary SDR nits, making it impossible to natively unlock 1600nits of brightness on MacBook Pros or 2000nits on Studio Display XDR which breaks my Lunar app [0] (this seems to be intended, no idea what hurt Apple that they had to block this under SIP)- The orange microphone dot indicator and its very colored friends can no longer have their brightness changed for dimming them, which made my YellowDot app useless [1] (I guess this is for privacy, I still think this could have a setting guarded under TouchID like Accessibility Permissions works)- Floating non-titled windows don't accept mouse events (thankfully this got fixed) [2]- Gamma table changes don't work on MacBook Neo and M5 Pro&#x2F;Max which breaks Sub-zero Dimming and dimming external monitors that don't support DDC (thankfully, Apple is looking into it) [3]- The resizing area thing on very rounded windows which drives everyone nuts, I had to add custom resize handlers to some of my windows- The `com.apple.SwiftUI.Drag-` temporary file paths that get generated for any file that gets dragged from a drag&drop handler which makes it impossible to get to the original file when dragging images from Clop [4] or file shelf apps like Yoink, Dropover etc.- NSImage returning different pixel count for .size than what the image actually has, breaking workflows that depended on that to determine the image DPI[0] https:&#x2F;&#x2F;lunar.fyi&#x2F;#xdr[1] https:&#x2F;&#x2F;github.com&#x2F;FuzzyIdeas&#x2F;YellowDot&#x2F;issues&#x2F;18[2] https:&#x2F;&#x2F;developer.apple.com&#x2F;forums&#x2F;&#x2F;thread&#x2F;814798[3] https:&#x2F;&#x2F;developer.apple.com&#x2F;forums&#x2F;thread&#x2F;819331[4] https:&#x2F;&#x2F;lowtechguys.com&#x2F;clop

nowahe: Ah I was wondering why I couldn't get past 600 nits on my M5 why it worked great on my M1. Guess I'll just have to live without it for now

bpicolo: Another funny thing about Mac networking.There's a game I play (Old School Runescape) that does network ticks every .6s. Mac does some sort of aggressive optimization on the network hardware&#x2F;software, so network this infrequent doesn't keep the layers "hot", and you end up getting delayed ticks regularly, meaning you learn what should be happening in the game .2-.5s late. This optimization for (I assume) battery life makes the software not work as intended.Playing anything that streams, like video, or triggering TCP connections (e.g. curl) at a more frequent clip fixes the problem.No way other than hacks that I've found to fix it, and I have no idea how you could report this to the right team at Apple to get it actually fixed.

rectang: > Papercuts like this are why I moved away from macOS.It's been this way for decades. Microsoft was known for preserving backwards compatibility, while Apple was known for being willing to break stuff.The differences aren't that extreme in reality: Microsoft breaks stuff more than it used to, and Apple preserves a lot of APIs for many years and is not breaking everything all the time.

duped: This immediately invalidates a software or technical project for me. The value of documentation isn't the output alone, but the act of documenting it by a person or people that understand it.I have done a lot of technical writing in my career, and documenting things is exactly where you run into the worst design problems before they go live.