Fiddling with installation media for operating systems is annoying and cumbersome – and sometimes it’s even impossible to create said installation media to begin with.
And Apple’s solution to this conundrum is very neat: even with a blank hard disk, the system firmware can connect to Wi-Fi or wired Ethernet, go online, and download the operating system directly from Apple. You can do a bare metal restore with nothing more than an Internet connection.
This is just one of those little things that Apple can do relatively easily due to the integration between its hardware and software. Things like this take forever to get done properly on the PC side of things – although on the Linux side of things I used to download the minimal installation ISO and just download the rest of the operating system at install time through FTP or whatever.
In true Linux fashion, this was a manual process. I would love for all this to be automated, as well as for the installation medium – even the minimal one that only boots the installer and connects to FTP – to be eliminated. Apple has done it, and so can the rest of the PC world.
My biggest annoyance with Windows installs is not the kind of installation media I have to use, but the fact that I have to spend 8 hours installing 500 updates, and rebooting my machine 3 dozen times before it’s finally ready to go. Would be cool if I could just download an ISO from MS with all the updates slipstreamed in whenever it’s time for a clean install.
Is Apple any better about this?
I don’t know about their most recent OS releases, but back in the 10.6 and 10.7 days it was a bit better, yes. You usually only got one large update that took quite a while to download, but once it was done, that was it. And that included application updates too.
when you install from the web you do get usually the latest image, so for example if i was to wipe my mac now it would download 10.10.4 and not 10.10.0 and then have to install the update.
it hasn’t been like that for years. windows 8 and 10 installer downloads the latest updates before installing
Are you sure? I’m getting old and my memory ain’t what it used to be, but I could’ve swore the last time I installed Win 8.1 from a DVD ISO, it had lots of updates to download.
Stop installing XP, and move to a more modern OS.
Windows 10 clean install need 49 updates after install, everything from vcrun to defender is updated. Your logic is flawed.
“Would be cool if I could just download an ISO from MS with all the updates slipstreamed in whenever it’s time for a clean install”
Yesterday I have found out that there is s microsoft media creation tool. It does just this
Edited 2015-08-12 16:26 UTC
Thanks for the link?
Quite a bit better, though not perfect. Your firmware will download the latest version of OS X for your major version (such as 10.10.2) so you’ll be updated that far, as will your apps. It won’t, say, install 10.11 unless you’ve registered it to your Apple ID at which point it will. There are sometimes one or two additional updates that’ve come out since then that you have to install yourself, though that’s a much better situation than what Windows currently has. Updates are the part I hate most about Windows installs.
I hope you’re just making these numbers up to be funny or get upvoted, which you did, because you’re way off the mark.
Just for the sake of it, I went through the whole process with a virtual machine using the following configuration:
Hypervisor: VirtualBox 4.3.30
# of Cores: 2 @ 2.9 GHz
RAM: 4 GB
VDI Disk: 80 GB
Internet: 50 Mbit/s down, 10Mbit/s up
OS: Windows 8.1 Professional
Also keep in mind that both the ISO image used for the installation and the VDI disk were located on a NAS, so this is definitely not a best case scenario, as disk access was much slower that it normally would.
1) Installation (boot from DVD, install basic OS, create user, boot into new install): 0h 20m, 1 reboot;
2) First round of patches (46 + 1, ~900 MB): 0h 19m minutes, 1 reboot;
3) Second round of patches (3, including Update 1, ~900 MB): 0h 17m, 1 reboot;
(Note: from now on you boot straight to the desktop if the OS doesn’t detect a touch-capable display, which should have been the case since day one);
4) Third round of patches: (136 + 4, ~1.2 GB): 1h 52m, 1 reboot;
So, to recap:
– Total time to install and patch Windows 8.1 Professional: 2h 48m;
– Total patches downloaded/installed: 190;
– Total reboots: 4 (including the mandatory one to finalize the OS installation);
In other words: not exactly quick, but nothing like your “8 hours installing 500 updates, and rebooting my machine 3 dozen times”.
Don’t get me wrong: there are plenty of reasons to not like and even despise Windows/Microsoft, but your argument ain’t of them — especially considering that people are not likely to go through the whole patching/rebooting process “before it’s finally ready to go”.
RT.
https://news.ycombinator.com/item?id=10039870
The potentials are unlimited therefore I’d rather not have any connectivity on the BIOS.
I had never heard of this before, this sure sounds quite scary; BIOS automatically replacing files, forcibly installing services on your system and then those services having little to no security — including using plain, old HTTP for connections..
One more thing to keep in mind in the future, as if there weren’t enough already as-is!
I have a particular problem with “simply” connecting to the Internet by firmware means. Let me emphasize:
“even with a blank hard disk, the system firmware can connect to Wi-Fi or wired Ethernet, go online, and download the operating system directly from Apple.”
The question is: How do you connect to a wireless network? Can you trust that connection? I mean, you’re going to download and install an operating system, so you should have a safe, encrypted and authenticated connection, with a means of independently verifying that the stuff you downloaded actually is the OS and definitely came from Apple.
I’m saying this with the article “Welcome to The Internet of Compromised Things” written by Jeff Atwood in mind. He writes: “Router malware is the ultimate man-in-the-middle attack. For all meaningful traffic sent through a compromised router that isn’t HTTPS encrypted, it is 100% game over.” He also quotes: “Compromised router answers DNS req for *.google.com to 3rd party with faked HTTPS cert, you download malware Chrome. Game over.” It’s not hard to imagine that this kind of attack is also possible when downloading OS installation images or dumps.
This is the article I’m refering to:
http://blog.codinghorror.com/welcome-to-the-internet-of-compromised…
“But it’s totally safe! And soooo easy to use!”
Has the firmware been audited in some way? Is it maybe open source so you, the person who is using it, can inspect what it does, and how it does it? Does it also receive updates? Is the firmware itself prone to attacks? What else does the firmware do? Does it contain “nasty stuff” like remote-access to installed systems, control for mic and cam, and other means of surveillance? What’s the current state of firmware malware? How about crapware firmware?
Interesting questions, aren’t they? 😉
Whatever you would download from Apple would have to be signed with a key from Apple and has to be verified by the OS-Installer (even that very tiny OS-Installer from inside the firmware can do that). This would be enough protection so you couldn’t flash your firmware with malicious software or update your OS with malicious software.
Of course if your problem is that you already got malicious firmware on your machine, there is no more hope.
Stuff. It does other stuff. There has never been a guarantee that you didn’t have a “bios” level root kit. UEFI Secure boot mitigates this to a certain extent, but nothing is perfect. And this is not related to “bios” level os installs.
Tom, not sure what you’re talking about with PCs not doing it, but Ubuntu has been doing that very thing for years with automatic upgrades that (usually) just work. Apple is not being innovative, they were playing catch up. Pretty much the same thing with OpenBSD, all you had to do was download the ramdisk kernel and restart to specify the new boot kernel, not 100% automatic as you have to tell it you want to update or install, but pretty close. Again, Apple playing catch up. The only real one that hasn’t quite embraced the “new wave” is Microsoft, and there are legacy reasons they haven’t. One of which they don’t update their OS as often.
Ah should add that Debian can pretty much do the same thing and has so for years once the new release moves to the stable branch. You have to specify NOT to upgrade and move your apt.sources directories appropriately.
Edited 2015-08-12 06:36 UTC
Over the past couple of years, it’s precisely Ubuntu’s automatic upgrades that have driven me away from that distro due to them never going smoothly.
But anyway, I don’t ever remember any Ubuntu machine of mine being able to download Ubuntu updates with no OS installed… Are you sure you understand what the article’s about?
This is not at all what the article is talking about.
UEFI provides some hooks, so it would be no problem to connect to the hardware manufacturers server, load a minimal Linux system that just does partitioning and deployment and then load a factory restore image chunk by chunk and finally adjust partition sizes.
Even some online bootloader stub that allows the alternative choice of sevaral linux distributions can easily be accomplished.
Indeed, the last couple of AsRock motherboards I’ve used have had a full mouse/keyboard GUI with Internet connectivity and the ability to download driver updates with no OS installed on the system. The main benefit of this is so Windows 7 can have USB 3.0 drivers available at install time, so that the keyboard and mouse work. Otherwise there’s no way to install that version of Windows apart from slipstreaming the USB drivers into the ISO yourself.
Of course, I turned off any connectivity features I found in the UEFI BIOS on my current system. I have no way of knowing for sure they are really off since it’s an Intel board with the Management Engine feature, and that alone is disturbing.
http://www.slideshare.net/codeblue_jp/igor-skochinsky-enpub
I loved that when I upgraded the hard drive on my girlfriend’s MacBook Pro, all I had to do was take out the old drive, pop in the new one, connect her Time Machine external drive and turn it on. It booted with no OS installed, and restored everything to the new drive – OS, settings, applications and documents, all by itself. It’s the little things like that that still separate Macs from generic PCs.
Yes….that is useful. In my Mac ecosystem, I have relied on creating bootable clones via Carbon Copy Cloner to external drive as another option. Over the past 15 years, this has never failed me.
<deleted>
Edited 2015-08-12 08:47 UTC
Almost everything with wired ethernet still can.
Apple’s neat thing is a firmware that’s capable of dragging in a new OS from the internet with nothing else running on your LAN – which is way more accessible for a random user than having to set up DHCP, TFTP, boot images and a file share (and hoping they can PXE boot off a USB NIC, if it’s a laptop with no wired networking).
Edited 2015-08-12 08:47 UTC
If the OS vendor is willing to provide the service, this will do the trick.
http://ipxe.org/
1) Apple is a pc company so it should copy itself?
2) PC companies should copy one of Linux best features (there, less link-baity and more accurate because we all know where this feature really comes from)
3) Windows has basically solved this problem in the way that fits their users. (recovery partition for OEM, system center for enterprise, the ability to make recovery disks and image based backups all of which are much faster than internet downloads)
4) Windows offers the ISO (semi-regularly patched) for their OS through http://windows.microsoft.com/nl-nl/windows-10/media-creation-tool-i…
The Apple implementation is a very nice one though and should be one of the options that everyone has, just like a “ToGo/Recovery/Live”-USB-stick should be included with every pc that is sold, which is finally the norm again with Windows 10 when you buy it at retail
1) I’m sure you and everyone else here knows what was meant by PC, especially when it’s used in a direct comparison with a Mac.
2) That’s a feature of Linux? Interesting, I’ve always needed installation media for installing various Linux distros on my various machines. Even just a basic install to get up and running enough to download the rest of the distro still needs some sort of boot media, and often these minimal environments need you to use the command line for fetching the rest of the packages. That’s effectively doing it yourself, which is not at all what this feature is talking about.
3) Recovery partitions are of more use for resetting to factory install because the Windows installation has become such a mess that it’s almost unserviceable. It’s precisely zero use to someone replacing their hard drive. Mac OS also includes the ability to do local recovery backups, in fact it’s built into their standard backup system which backs up your entire system including OS and settings, and the OS is also either supplied on media already, or in the case of downloadable versions, as a disk image ready to copy to media.
4) As above, disk images of the OS are also available for download.
I don’t really see the relevance of your extra information though – the article is talking about another option that is going to save a lot of hassle for a lot of people. Of course it’s not the fastest option but there will be situations where it’s the *only* option, and another PC in the same situation will be out of options altogether.
2) Linux is almost never sold on a pc so it would be hard for a pc manufacturer to build a “get distro” directly into the firmware. Not because that would actually be hard, but because he wouldn’t know which distro to get. Apple only has “the latest OSX distro” to worry about. So yes, this feature comes from Linux but Apple made it easy to use
3) Recovery partitions are extremely useful. Not only to “reset to factory” but also to have an OS (Windows PE) that boots even when the main OS doesn’t anymore.
4) Please point me to the URL where I can download the latest OSX from Apple. The last time I tried doing that I had to jump through hoops to get the BootCamp part. (Which was about 5 years ago)
We are not disagreeing about anything. I just took offence with the tone of the article that gave Apple too much credit. They deserve some, certainly, for combining the benefits of UEFI with the “internet installations” that already existed. As often, Apple doesn’t invent but they improve
2) Eh, so Linux already has this feature but nobody has ever used it? Because I’ve never come across it. I’d like to try it out though, care to show me where I can get such a computer? You’re saying that Linux had it first, yet in the same breath saying that it doesn’t have it because Linux doesn’t ship preinstalled. I don’t really get what you’re trying to say.
3) I’m not saying they’re not useful, I’ve used them plenty of times to recover otherwise unusable computers. But I’ve also had plenty of computers to fix that have had dead hard drives and no other way of getting the OS back up and running, which means either getting the owner to buy recovery media from the original vendor or finding a copy of Windows that hopefully matches their licence.
4) The OS installer is downloaded from the Mac App store, so obviously I can’t give you a URL for that. You need to sign into you app store account and you can download whatever version of the OS is your current version, whether that’s the newest or an older one. Can you give me the URL for downloading Windows 7 media?
Not sure what the issue was with Bootcamp, that’s just a separate download after the main OS is installed.
I’m not disputing the fact that Apple take already existing things and polish them into something that’s accessible and useful to the average Joe – that’s what they do and they’re good at it. This is taking the netboot feature which is so alien to most users that they don’t even know it exists, and is essentially useless to anyone except a corporate administrator or similar, and improving it beyond recognition so it can be used as a recovery strategy by the consumer. That’s a new feature, there’s no possible way the average Joe can do that with their PC without setting up their own server. It’s not genius, it wasn’t unpredictable, but in that form, it’s new.
Lets not argue about semantics when we agree: The feature of doing an OS install from the internet comes from Linux (as far as I know). The feature of putting “internet connection in the firmware” comes from UEFI. The combination of these two into a slick end-user process comes from Apple and will hopefully come to other hardware makers as well.
3) Computers with dead harddrives, no recovery media, no license-sticker, no original DVD/USB, no backup…those are indeed horrible to repair and would benefit from this technique. You would think that not many people would fail to have any of the above…unfortunately it is very common. Of course this problem is now fixed with Windows 10 where an activated machine would just reactivate again automatically and the ISO’s are easily downloadable.
4) So I need a working Mac to get the installation media to repair a Mac. I only have 1 at home so this would be a problem for me personally. To get Windows 7 ISO’s from Microsoft you can just go here: http://www.microsoft.com/en-us/software-recovery
(Good reference link: http://www.howtogeek.com/186775/how-to-download-windows-7-8-and-8.1…)
My issue with BootCamp was that I just wanted to have the Windows parts for the latest BootCamp. I didn’t plan to run OSX on that machine at all but instead of a simple driverdownload it became a “Install OSX, get BootCamp, find out that is too old, Update OSX, get BootCamp again, whine about losing another evening searching for Windows Drivers
The closest thing to this on a PC would be those ASUS motherboards that came out a few years back with Splashtop. Good idea, but bad execution. The onboard Linux installation wasn’t upgradeable and was too locked down to be useful. Needed XBMC builtin and the ability to upgrade/modify it.
Oh great, now I need antivirus for my bios. Isn’t there an article about some worm infecting Mac bios’?
No thanks. I don’t want my bios to have access to my filesystem.
I’m guessing that means you have encrypted file systems with the key required on boot? Otherwise, it does have access.
Having an operating system burned in to the firmware with enough power to download and execute install media without an OS on disk or PXE is just about the last thing you’d want with the NSA and other bad actors running amok with access to DNS root servers. All it takes is one hijack (which they can legally do with a warrant) and instead of an OS from Redmond or Palo Alto you’re booting one from Fort Meade.
You would need much more than DNS access because the downloaded bits would be signed by a source outside of your control.
Of course if somebody could force you to start this remote reinstall AND could fake where you got the bits from AND could fake the signature on the bits you would have lost control over your pc…but no consumer should have to worry about that theoretical problem while solving the real world problem of “my Mac broke and my paper is due tomorrow”.
I’ve been running Apple laptops as my primary rig daily for 20+ years now, often times with Windows on it also. They keep your data – and your clients data – safe and that’s their best feature.
This is what I’m talking about:
In 20+ years…..
Data lost due to hardware failure: 0
Data lost due to software failure: 0
Data lost due to user error: >0 😉
Times needing to reset to default and re-install the OS: 2
Times this new install resulted in lost data: 0
Times I’ve experienced hardware failure in warranty: 1
Times Apple replaced it free of charge: 1
Time needed for Apple to replace: 22 hours to get a new monitor to my doorstep
Times I’ve experienced hardware failure outside of warranty: 1
Times Apple replaced it for <$100: 1
Time needed for Apple to assess the hardware and replace/repair it on site at Apple store: 2.5 hours
In the past ~16 years.. (Myself, wife, two teenage sons and teen daughter)
2 – iMacs (G3 & Core Duo) Still run but in storage.
10-12 iPods of various models.
1 – Mac mini 2013. Main home desktop.
4 – Mac Laptops. 3-MacBook Pros & a MacBook Air. All still running but Core Duo is in storage.
9 – iPhones 5-4s’s, 4-5s’s. 5-4s’s still functioning as backups to 5s’s but 3 have cracked screens.
3 – Apple TV’s
2 – used PowerMac g4 MDD used as home servers. Currently in storage, using mac mini currently.
1 – Airport Express. In storage but going to college with son this fall.
1 – Airport Extreme Base Station – Current home WiFi router.
2 iPads. first gen in storage.
There is probably more but that is enough for now…
In all this I have had the following HW issues:
G3 iMac failed mother board. Replaced by Apple for Free.
1 Core Duo laptop had ~1 cup water spilled on keyboard. Put in storage after would not run… ~6months later booted with all HW functioning!!!!! Amazing! put back in storage after several months use.
1 iPhone 4s put through complete washer cycle. After 2 weeks in rice booted and works great. only non functioning HW was speaker-phone mic.
1 iPhone 5s home button stopped working. Replaced by Apple in store at no cost.
3 – iPhone screens replaced (daughters humph!). 2 paid for by my daughter and one Apple paid for, even when it was out of warranty.
Apple is unmatched in my experience in HW/SW and convienience (Stores). I’ll gladly keep on buying Apple products.
Awesome, yeah, my history is similar with the macs.
With iPhone I have had more issues – a few bad headphone jacks over the years, probably had to return or upgrade 2-3 of them before I wanted to. The early years with iPhone (especially iPhone 3) weren’t the best for me and their hardware. The other plastic one (iPhone 5) gave my wife lots of problems too. Overall the metal iPhones have been tanks for me, especially if you don’t keep headphones plugged in from inside jeans pockets too often.
The one hardware failure I had with their laptops was a cracked case next to the keyboard, but it was partly because I ignored their warnings and held the titanium models with 1 hand all the time. After about 4 years of that the case would crack by the power button or the escape key. I think I had 2 models that did that.
I have one titanium that fell of the desk, cracked the screen off, and kept working with the screen dangling or propped up. I used that broken thing for years in my studio, just couldn’t move it.
I’ve also had a lame Apple laptop battery that they replaced free of charge at the Apple store in about 5 minutes.
Overall – their hardware is so far beyond most companies. The carved metal slab with chicklet keys and giant trackpad is about the perfect laptop, and has been for many years now.
Edited 2015-08-12 14:43 UTC
I tried upgrading my brand new PC from 8.1 to 10 – which it maintains is capable/eligible. No go – just caught up in the update circle of death – it can’t complete the update and therefore it also can’t upgrade to Win 10. I get the Something Happened error: Fantastic! Installed OpenSuse and it updated while installing perfectly. Enough said. I will recommend my daughter get a Mac this term for Uni – it will save me (and Her) a lot of grief.
The most likely reason for that is manufacturer’s own bloatware, they tend to screw with a lot of Windows’s own internals and therefore the comparison to Linux or Mac isn’t quite apples to oranges; Macs are all manufactured by Apple, and your OpenSUSE-install wasn’t manufacturer-supplied and therefore not infected with their crap.
I hear Microsoft has been trying to push for clean OS-installations, but there’s just so much resistance from the manufacturers that it’s not really working out too well.
Macs run OSX. Period. So it’s pretty easy for Apple to offer such a service.
PC’s, in theory, can run many different operating systems. In the proposed scenario, however, that OS will be determined by who built the PC.
I’m surprised that a site which has in the past warned against the dangers of secure boot would be in favor of Yet Another Way to lock down the OS choice for consumers on PC’s.
There are multiple ways of accomplishing what OSX does– live CD’s, PXE boot (requires environment), a customized Preinstallation environment (windows), or just a customized netboot image for pick-your-os-of-choice.
The technology is available, and UEFI makes it a cinch to implement, but it opens up a path of OS lock-in by the vendors, and I’m not sure the convenience of not having to find the USB key for your OS outweighs the crushing blow against choice.
When my current motherboard dies, I’m going to have to do a lot of research to ensure I can purchase and flash a Coreboot-compatible AMD one without risking a bricking.
One of the reasons? I can’t trust UEFI because it’s at least as complex as an OS kernel, has a history of bugs, and tends to include NIC drivers. (Inspired partly by Apple products [url=https://mjg59.dreamwidth.org/11235.html]crashing Linux by firing up the WiFi in UEFI and leaving it merrily DMAing stuff into RAM)
This is directly counter to what I want my firmware to be capable of (as little as possible).
UEFI itself is just a spec / API (and rather decent one), and there can be open implementation of UEFI. I.e. it’s not that UEFI is bad, what’s bad that it’s usually implemented with a closed firmware.
There are open variants of UEFI, but they are incomplete (like Tiano Core). What bugs me is the fact that no one made a full fledged open UEFI implementation.
Some even try combining Coreboot with Tiano Core to get closer to functioning UEFI firmware: http://www.coreboot.org/TianoCore
I didn’t really research all that, but I’d be also interested in finding a motherboard that allows using open firmware. And I agree, this Apple approach is atrocious. Firmware should be simple and transparent. Otherwise it’s a major major security mess.
Edited 2015-08-12 21:43 UTC
Hey, did you hear the one about the Lenovo BIOS overwriting a system file with one from Lenovo? Regardless of how much you wiped the hard drive?
http://thenextweb.com/insider/2015/08/12/lenovo-used-a-hidden-windo…
Yeah, that kind of stuff is creepy. And with all that WiFi talk, why would you trust such firmware not to snoop on your data with submitting it to unknown third party?
Last I checked, every motherboard manufacturer I checked was extending Intel’s reference UEFI implementation, which, as I mentioned, has more code than your typical Linux kernel and a history of bugs.
Edited 2015-08-14 02:55 UTC
Sounds like net boot. We have had that for decades. You can boot on the network card, and it will boot something on the LAN. The thing is that it is limited to the LAN because anything else would be insecure and insane. Though a typical thing to have in Linux environment is a server on the LAN that always has the latest daily ISO that can be used to install a full patched Linux.
I have even seen net boot that had windows ISO and could install those. Though of course those weren’t daily updated versions.
Edited 2015-08-12 22:54 UTC
It would be great if coreboot could have something like this, downloads a list of the latest distros and prompts you to install one of them and then downloads the ISO and starts the installation.
You would think Microsoft could pull off the same trick with the hardware they make, yet they can’t seem to install the right OS on my Lumia 1520.
Security issues aside, this kind of installation and disaster recovery are one of the reasons people buy Apple. And honestly, I don’t know why other manufacturers have so much trouble providing the same for the devices they make.