UPDATED for Sequoia 15.3.2 and Sonoma 14.5, see last posts
This is not a new trick, but I just realized that this modification is reboot-resistant, easily removable and does not require to alter the read-only system partition:
Works on macos 12, too. For example, if you don’t want to use icloud at all, you can disable most of its services, except apple bird. Also heavily reduces write access to the internal SSD, and therefore increases lifetime (apple ssds are usually produced by the usual suspects, samsung, toshiba etc, and have the same lifespan).
You can also disable all the surveillance, tracking, online logging, submit-diag stuff by Apple. If you don’t use photos or apple music, you can disable those scanning services, too. Don’t want your keychain in the cloud available for any unknown body? Disable it.
If something does not work as intended, you just have to delete two files in the user space of the drive and reboot. You need to disable SIP (read script comment).
Of course you really need to know which services are what for and do research.
How much of a performance boost are you getting, or what other benefits are noticing with this? (or is it mostly just the peace of mind about apple not running funny business that you don’t know about?)
On the new M1 macbook I still have yet to break 60% cpu in renoise with like a million vsts and everything is still smooth as glass.
I think you will only notice a small difference in performance while extremely heavy load, like a huge final cut project or so. I never ever use 100% at all, so I think it doesnt matter. But the swapped/fixed memory usage is reduced, and the ssd writings. Yes, mostly for disabling internet talking with apple. Ah, and idle load should be lower, so less battery drain.
If you want to disable icloud, Apple Bird only needs to be activated to get rid of a warning requester, which appears all the time if you file requester your drive. Kind of annoying that Apple never tested how the system works if Bird is disabled. Because it’s completely useless then. Also seems to prove the low quality assurance in Apple macos and poor testing practice at Apple…
Same goes for com.apple.icloud.findmydeviced, only needs to stay activated, because otherwise the disk utility refuses to apply changes to your drives, due a crytic error “cannot access findmymac”. Even if you did not enable this.
Instead constantly adding more and more bloatware and surveillance services to macos just like Microsoft, they really should rethink their strategy and macos better again. I think not even Windows runs like 400 background services.
Also it is not at all respecting neither privacy nor constitution laws. Not a single average mac user knows that his movements are tracked and uploaded to icloud by default, most people do not realize that the whole keychain will be uploaded, too, with all your passwords. This is not only a very comfortable open gate for secret services like nsa, but also imagine if icloud was hacked. You probably would never know that your data was hacked and used. Do you know those Apple admins in person? Do you really want to trust unknown persons? This all makes no sense at all. This is really, really bad. EU and national laws do nothing against it, as always the biggest portemonnaie will make the laws instead. But go on with your lemming existence…
This is my advice, if you want to take your privacy seriously: Do not use cloud services by Apple, Microsoft or Google in any case. Those are completely insecure intentionally by design. You can instead install a little script on a cheap php hosting server and sync your contacts and dates with that (e.g. baikal). Syncing files into the cloud makes no sense at all, only for teams, but this is usually not the case with icloud. Sync it in your local area network instead automatically, if you come home. On an iphone or mobile device, always create a fake account as system account with fake data. This might lead into payment problems for apps. Well then jailbreak this shit. Remember what Snowden told us? This still is there, even stronger and even less respecting democracy.
Here is my updated “Disable-bloatware” script for Sonoma. Note that I mostly deactivated icloud and and also siri. You can always reenable everything again (after reboot). So it is completely reversable.
I also did these steps before also disabling the icloud and siri system services:
Actually login in into icloud in the macos settings (some software won’t work if you didn’t at least login in once).
Very quickly disable all the file and keychain(!) syncing under “icloud”, which all is enabled by default! Disable all the specific types of syncing.
Then enable icloud drive again, but disable all detail options. Some games required icloud drive. If you do not plan to play recent macos games, you might leave this off.
Disable siri in the settings.
Login into recovery boot, go to terminal there from the menu. Disable SIP by entering “csrutil disable”. Reboot into macos.
Now put this script into your user directory, chmod +x it, so it is exectuable. Run it in the console. Don’t mind the error messages, these popup, if the service already is not running.
#!/bin/zsh
#Credit: Original idea and script disable.sh by pwnsdx https://gist.github.com/pwnsdx/d87b034c4c0210b988040ad2f85a68d3
#Disabling unwanted services on macOS 14.5 Sonoma
#Disabling SIP is required ("csrutil disable" from Terminal in Recovery)
#Modifications are written in /private/var/db/com.apple.xpc.launchd/ disabled.plist, disabled.501.plist
# To revert, delete
# sudo rm /private/var/db/com.apple.xpc.launchd/disabled.plist
# sudo rm /private/var/db/com.apple.xpc.launchd/disabled.501.plist
# and reboot
# restart a agent/daemon:
# launchctl bootstrap system YZX
# launchctl kickstart -kp gui/501/YZX
# more references:
# bootup optimization https://github.com/Wyvern/macos/blob/master/macOS
# what is chronod https://discussions.apple.com/thread/255185176?sortBy=best
# disable sonoma bloatware https://gist.github.com/b0gdanw/812997a189f72f3953e0a1bb237f783d
# user
TODISABLE=()
TODISABLE+=('com.apple.accessibility.MotionTrackingAgent' \
'com.apple.ReportCrash' \
'com.apple.SafariBookmarksSyncAgent' \
'com.apple.Safari.SafeBrowsing.Service' \
'com.apple.amsaccountsd' \
'com.apple.amsengagementd' \
'com.apple.transparencyd' \
# prevent filerequester warning 'com.apple.bird' \
'com.apple.EscrowSecurityAlert' \
#iphone/ipad sync 'com.apple.AMPArtworkAgent' \
#iphone/ipad sync 'com.apple.AMPDeviceDiscoveryAgent' \
#iphone/ipad sync 'com.apple.AMPLibraryAgent' \
'com.apple.ap.adprivacyd' \
'com.apple.ap.adservicesd' \
'com.apple.ap.promotedcontentd' \
'com.apple.assistant_service' \
'com.apple.assistantd' \
'com.apple.BiomeAgent' \
'com.apple.biomesyncd' \
'com.apple.CallHistoryPluginHelper' \
# calendar local database 'com.apple.calaccessd' \
# calendar sync 'com.apple.dataaccess.dataaccessd' \
'com.apple.cloudd' \
'com.apple.cloudpaird' \
'com.apple.cloudphotod' \
'com.apple.CloudPhotosConfiguration' \
'com.apple.CloudSettingsSyncAgent' \
'com.apple.CommCenter-osx' \
'com.apple.CoreLocationAgent' \
'com.apple.donotdisturbd' \
'com.apple.ensemble' \
'com.apple.familycircled' \
'com.apple.familycontrols.useragent' \
'com.apple.familynotificationd' \
'com.apple.financed' \
'com.apple.followupd' \
#'com.apple.gamed' \
'com.apple.geod' \
'com.apple.geodMachServiceBridge' \
'com.apple.Siri.agent' \
'com.apple.homed' \
'com.apple.icloud.fmfd' \
# required for notes and some recent games 'com.apple.iCloudNotificationAgent' \
# required for notes and some recent games 'com.apple.iCloudUserNotifications' \
# required for notes and some recent games 'com.apple.icloud.searchpartyuseragent' \
# imessage / facetime
'com.apple.imagent' \
'com.apple.imautomatichistorydeletionagent' \
'com.apple.imtransferagent' \
'com.apple.avconferenced' \
'com.apple.intelligenceplatformd' \
'com.apple.itunescloudd' \
'com.apple.knowledge-agent' \
'com.apple.ManagedClient.cloudconfigurationd' \
'com.apple.ManagedClientAgent.enrollagent' \
'com.apple.Maps.mapspushd' \
'com.apple.Maps.pushdaemon' \
'com.apple.networkserviceproxy' \
'com.apple.networkserviceproxy-osx' \
'com.apple.mediaanalysisd' \
'com.apple.mediastream.mstreamd' \
'com.apple.newsd' \
'com.apple.nsurlsessiond' \
'com.apple.parsec-fbf' \
'com.apple.parsecd' \
'com.apple.passd' \
'com.apple.photoanalysisd' \
'com.apple.photolibraryd' \
'com.apple.progressd' \
'com.apple.protectedcloudstorage.protectedcloudkeysyncing' \
'com.apple.quicklook' \
'com.apple.quicklook.ui.helper' \
'com.apple.quicklook.ThumbnailsAgent' \
'com.apple.rapportd-user' \
'com.apple.remindd' \
'com.apple.routined' \
'com.apple.SafariCloudHistoryPushAgent' \
'com.apple.screensharing.agent' \
'com.apple.screensharing.menuextra' \
'com.apple.screensharing.MessagesAgent' \
'com.apple.ScreenTimeAgent' \
'com.apple.security.cloudkeychainproxy3' \
'com.apple.sharingd' \
'com.apple.sidecar-hid-relay' \
'com.apple.sidecar-relay' \
'com.apple.Siri.agent' \
'com.apple.siri.context.service' \
'com.apple.macos.studentd' \
'com.apple.siriknowledged' \
'com.apple.suggestd' \
'com.apple.tipsd' \
'com.apple.telephonyutilities.callservicesd' \
'com.apple.TMHelperAgent' \
'com.apple.TMHelperAgent.SetupOffer' \
'com.apple.triald' \
'com.apple.universalaccessd' \
#screentime
'com.apple.UsageTrackingAgent' \
'com.apple.videosubscriptionsd' \
'com.apple.WiFiVelocityAgent' \
'com.apple.SocialPushAgent' \
'com.apple.weatherd' \
# added for sonoma
# widget stuff, I don't use widgets
#'com.apple.chronod' \ # test notes
'com.apple.WeatherService' \
'com.apple.siriactionsd' \
'com.apple.SiriTTSTrainingAgent' \
'com.apple.icloud.searchpartyuseragent' \
'com.apple.betaenrollmentd' \
'com.apple.cmio.ContinuityCaptureAgent' \
# not required for mail
#'com.apple.email.maild' \ # test notes
#'com.apple.icloudmailagent' \
# for enabling two factor accounts like google mail? 'com.apple.MailServiceAgent' \
# for smarthome
'com.apple.homeenergyd' \
'com.apple.SafariHistoryServiceAgent' \
'com.apple.Safari.PasswordBreachAgent' \
'com.apple.SafariTechnologyPreview.SyncService' \
'com.apple.translationd' \
'com.apple.UserPictureSyncAgent' \
'com.apple.peopled' \
'com.apple.CloudPhotosConfiguration' \
'com.apple.textunderstandingd' \
'com.apple.avatarsd' \
# business chat
'com.apple.businessservicesd' \
'com.apple.promotedcontentd' \
# siri
'com.apple.sirittsd'
# spotlight core service TEST for reducing spotlight write access, required by mail 'com.apple.corespotlightd'
)
echo "Your user id:"
id -u
for agent in "${TODISABLE[@]}"
do
echo "disabling ${agent}"
launchctl bootout gui/501/${agent}
launchctl disable gui/501/${agent}
done
# system
TODISABLE=()
TODISABLE+=('com.apple.bootpd' \
# icloud
'com.apple.analyticsd' \
'com.apple.osanalytics.osanalyticshelper' \
'com.apple.locationd' \
'com.apple.SubmitDiagInfo' \
'com.apple.symptomsd-diag' \
'com.apple.symptomsd' \
'com.apple.memoryanalyticsd' \
'com.apple.rtcreportingd' \
'com.apple.systemstats.daily' \
'com.apple.systemstats.analysis' \
'com.apple.systemstats.microstackshot_periodic' \
'com.apple.backupd' \
'com.apple.backupd-helper' \
# to test 'com.apple.biomed' \
# to test 'com.apple.biometrickitd' \
'com.apple.cloudd' \
'com.apple.cloudpaird' \
'com.apple.cloudphotod' \
'com.apple.CloudPhotosConfiguration' \
'com.apple.CoreLocationAgent' \
'com.apple.coreduetd' \
'com.apple.dhcp6d' \
'com.apple.familycontrols' \
'com.apple.findmymacmessenger' \
'com.apple.followupd' \
'com.apple.FollowUpUI' \
'com.apple.ftp-proxy' \
'com.apple.ftpd' \
# gaming 'com.apple.GameController.gamecontrollerd' \
'com.apple.geod' \
# prevent diskutility warning 'com.apple.icloud.findmydeviced' \
'com.apple.icloud.fmfd' \
'com.apple.icloud.searchpartyd' \
'com.apple.itunescloudd' \
'com.apple.ManagedClient.cloudconfigurationd' \
'com.apple.netbiosd' \
'com.apple.nsurlsessiond' \
'com.apple.protectedcloudstorage.protectedcloudkeysyncing' \
'com.apple.rapportd' \
'com.apple.screensharing' \
'com.apple.security.cloudkeychainproxy3' \
'com.apple.siri.morphunassetsupdaterd' \
'com.apple.siriinferenced' \
'com.apple.triald.system' \
'com.apple.wifianalyticsd' \
# added for sonoma
'com.apple.nearbyd' \
# collecting user data
'com.apple.dprivacyd' \
# apple pay
'com.apple.seld'
# TEST completely disable logd, since it writes tons of data
# 'com.apple.logd'
)
for daemon in "${TODISABLE[@]}"
do
echo "disabling ${daemon}"
sudo launchctl bootout system/${daemon}
sudo launchctl disable system/${daemon}
done
There seems to be a problem with above blacklist. Might be too many disabled. If you go to the system settings, while the above is enabled, and click into areas which cannot work anymore (e.g. icloud details), the settings will hang. Now it seems that even after force-quitting settings, it will produce some kind of memory leak over time.
The symptons then are over time:
loosing bluetooth connections (this very early)
actual reboot
after reboot, you can’t open a lot of apps, and touch id doesnt work
If this happens, simply revert the blacklist and restart again. Then everything is back to normal. I then activated the blacklist again. I am still investigating, if a newly added entry is responsible for this. My list above, for Monterey/Ventura worked fine for over a year. So either the new system settings are really badly coded, or I added an essential daemon. By “essential” I mean a daemon which Apple is not expecting not to be available, disregarding its functionality.
TL;DR: Also the new sonoma blacklist works fine here, as long as I do not click any areas in the system settings which require internet, icloud, siri etc.
The dprivacy (com.apple.dprivacyd) daemon runs the system re-
sponsible for implementation of differential privacy. Once a user
opts-in to differentially private data collection in the MacOS Secu-
rity & Privacy Settings (Figure 8), the dprivacy daemon is enabled
and the database that will be supporting relevant data storage and
management is created in /var/db/DifferentialPrivacy. Furthermore,
there’s a message visible on Console: “dprivacyd: accepting work
now".
Per Apple’s original announcement [1 , 21 , 23], the use of DP is
focused on four applications: new words, emojis, deeplinks, and
lookup hints in Notes, with iCloud data added as an additional
application in early 2017 [ 2], and further types of data collection
such as health data introduced in mid-2017 [24 ]. We observed how
to reliably trigger DP-related activity when entering new words
and emojis2; thus, our conclusions will be based on experiments
with those applications
So on initial launch, dprivacyd was disabled by default. I can tell you that this daemon in current macos is enabled, even if you didn’t opt-in to collect your personal data.
i have been having the most irritating glitch related to mpv, (just playing music) and had been looking into stripping macOS of the intentional idiotware that they are obviously using against their average facebook users to force machine upgrades.
They seem to be forcing a rapid upgrade model, My guess is they are either wanting to be the very first computing in the land of optronics, they believe the haters that without steve they are dead. Or they are on that same “know’s the future” schedule that amazon was/is still using. which is so incredibly fucked up to begin with. And should probably get the ol
“hammer on the sidewalk” method. -Placing enough mini-sledge hammers with the words “BREAK GLASS”, written on handles, will inevitably cause all windows to no longer exist.
Those upgrades with all those tons of idiotic daemons do be frying my poor otherwise perfectly capable 2020 Intel MacBook Pro. I wonder if Linux is a better OS for non-latest Macs…