Macos 12/13 system daemon minimization

Off-Topic
1

This is not a new trick, but I just realized that this modification is reboot-resistant, easily removable and does not require to alter the read-only system partition:

Works on macos 12, too. For example, if you don’t want to use icloud at all, you can disable most of its services, except apple bird. Also heavily reduces write access to the internal SSD, and therefore increases lifetime (apple ssds are usually produced by the usual suspects, samsung, toshiba etc, and have the same lifespan).

You can also disable all the surveillance, tracking, online logging, submit-diag stuff by Apple. If you don’t use photos or apple music, you can disable those scanning services, too. Don’t want your keychain in the cloud available for any unknown body? Disable it.
If something does not work as intended, you just have to delete two files in the user space of the drive and reboot. You need to disable SIP (read script comment).

Of course you really need to know which services are what for and do research.

This is my current disabler script:

Disable-Venture-Bloatware.sh 
#!/bin/zsh
#Credit: Original idea and script disable.sh by pwnsdx https://gist.github.com/pwnsdx/d87b034c4c0210b988040ad2f85a68d3

#Disabling unwanted services on macOS 13 Ventura
#Disabling SIP is required  ("csrutil disable" from Terminal in Recovery)
#Modifications are written in /private/var/db/com.apple.xpc.launchd/ disabled.plist, disabled.501.plist
# To revert, delete /private/var/db/com.apple.xpc.launchd/ disabled.plist and disabled.501.plist and reboot


# user
TODISABLE=()

TODISABLE+=('com.apple.accessibility.MotionTrackingAgent' \
'com.apple.ReportCrash' \
'com.apple.SafariBookmarksSyncAgent' \
'com.apple.Safari.SafeBrowsing.Service' \
'com.apple.amsaccountsd' \
'com.apple.amsengagementd' \
'com.apple.transparencyd' \
# prevent filerequester warning 'com.apple.bird' \
'com.apple.EscrowSecurityAlert' \
#iphone/ipad sync 'com.apple.AMPArtworkAgent' \
#iphone/ipad sync 'com.apple.AMPDeviceDiscoveryAgent' \
#iphone/ipad sync 'com.apple.AMPLibraryAgent' \
'com.apple.ap.adprivacyd' \
'com.apple.ap.adservicesd' \
'com.apple.ap.promotedcontentd' \
'com.apple.assistant_service' \
'com.apple.assistantd' \
'com.apple.avconferenced' \
'com.apple.BiomeAgent' \
'com.apple.biomesyncd' \
'com.apple.CallHistoryPluginHelper' \
'com.apple.cloudd' \
'com.apple.cloudpaird' \
'com.apple.cloudphotod' \
'com.apple.CloudPhotosConfiguration' \
'com.apple.CloudSettingsSyncAgent' \
'com.apple.CommCenter-osx' \
'com.apple.CoreLocationAgent' \
'com.apple.dataaccess.dataaccessd' \
'com.apple.donotdisturbd' \
'com.apple.ensemble' \
'com.apple.familycircled' \
'com.apple.familycontrols.useragent' \
'com.apple.familynotificationd' \
'com.apple.financed' \
'com.apple.followupd' \
'com.apple.gamed' \
'com.apple.geod' \
'com.apple.homed' \
'com.apple.icloud.fmfd' \
'com.apple.iCloudNotificationAgent' \
'com.apple.iCloudUserNotifications' \
'com.apple.icloud.searchpartyuseragent' \
'com.apple.imagent' \
'com.apple.imautomatichistorydeletionagent' \
'com.apple.imtransferagent' \
'com.apple.intelligenceplatformd' \
'com.apple.itunescloudd' \
'com.apple.knowledge-agent' \
'com.apple.ManagedClient.cloudconfigurationd' \
'com.apple.ManagedClientAgent.enrollagent' \
'com.apple.Maps.mapspushd' \
'com.apple.Maps.pushdaemon' \
'com.apple.mediaanalysisd' \
'com.apple.mediastream.mstreamd' \
'com.apple.newsd' \
'com.apple.nsurlsessiond' \
'com.apple.parsec-fbf' \
'com.apple.parsecd' \
'com.apple.passd' \
'com.apple.photoanalysisd' \
'com.apple.photolibraryd' \
'com.apple.progressd' \
'com.apple.protectedcloudstorage.protectedcloudkeysyncing' \
'com.apple.quicklook' \
'com.apple.quicklook.ui.helper' \
'com.apple.quicklook.ThumbnailsAgent' \
'com.apple.rapportd-user' \
'com.apple.remindd' \
'com.apple.routined' \
'com.apple.SafariCloudHistoryPushAgent' \
'com.apple.screensharing.agent' \
'com.apple.screensharing.menuextra' \
'com.apple.screensharing.MessagesAgent' \
'com.apple.ScreenTimeAgent' \
'com.apple.security.cloudkeychainproxy3' \
'com.apple.sharingd' \
'com.apple.sidecar-hid-relay' \
'com.apple.sidecar-relay' \
'com.apple.siri.context.service' \
'com.apple.macos.studentd' \
'com.apple.siriknowledged' \
'com.apple.suggestd' \
'com.apple.tipsd' \
'com.apple.telephonyutilities.callservicesd' \
'com.apple.TMHelperAgent' \
'com.apple.TMHelperAgent.SetupOffer' \
'com.apple.triald' \
'com.apple.universalaccessd' \
'com.apple.UsageTrackingAgent' \
'com.apple.videosubscriptionsd' \
'com.apple.WiFiVelocityAgent' \
'com.apple.weatherd')

for agent in "${TODISABLE[@]}"
do
	launchctl bootout gui/501/${agent}
	launchctl disable gui/501/${agent}
done

# system
TODISABLE=()

TODISABLE+=('com.apple.bootpd' \
'com.apple.analyticsd' \
'com.apple.osanalytics.osanalyticshelper' \
'com.apple.locationd' \
'com.apple.SubmitDiagInfo' \
'com.apple.symptomsd-diag' \
'com.apple.symptomsd' \
'com.apple.memoryanalyticsd' \
'com.apple.rtcreportingd' \
'com.apple.systemstats.daily' \
'com.apple.systemstats.analysis' \
'com.apple.systemstats.microstackshot_periodic' \
'com.apple.backupd' \
'com.apple.backupd-helper' \
'com.apple.cloudd' \
'com.apple.cloudpaird' \
'com.apple.cloudphotod' \
'com.apple.CloudPhotosConfiguration' \
'com.apple.CoreLocationAgent' \
'com.apple.coreduetd' \
'com.apple.dhcp6d' \
'com.apple.familycontrols' \
'com.apple.findmymacmessenger' \
'com.apple.followupd' \
'com.apple.FollowUpUI' \
'com.apple.ftp-proxy' \
'com.apple.ftpd' \
'com.apple.GameController.gamecontrollerd' \
'com.apple.geod' \
# prevent diskutility warning 'com.apple.icloud.findmydeviced' \
'com.apple.icloud.fmfd' \
'com.apple.icloud.searchpartyd' \
'com.apple.itunescloudd' \
'com.apple.ManagedClient.cloudconfigurationd' \
'com.apple.netbiosd' \
'com.apple.nsurlsessiond' \
'com.apple.protectedcloudstorage.protectedcloudkeysyncing' \
'com.apple.rapportd' \
'com.apple.screensharing' \
'com.apple.security.cloudkeychainproxy3' \
'com.apple.siri.morphunassetsupdaterd' \
'com.apple.siriinferenced' \
'com.apple.triald.system' \
'com.apple.wifianalyticsd')

for daemon in "${TODISABLE[@]}"
do
	sudo launchctl bootout system/${daemon}
	sudo launchctl disable system/${daemon}
done

launchctl also seems to be able to disable services and XPCs from apps. Didn’t dive into that, but it seems to be a very powerful command now.

2

How much of a performance boost are you getting, or what other benefits are noticing with this? (or is it mostly just the peace of mind about apple not running funny business that you don’t know about?)

On the new M1 macbook I still have yet to break 60% cpu in renoise with like a million vsts and everything is still smooth as glass.

3

I think you will only notice a small difference in performance while extremely heavy load, like a huge final cut project or so. I never ever use 100% at all, so I think it doesnt matter. But the swapped/fixed memory usage is reduced, and the ssd writings. Yes, mostly for disabling internet talking with apple. Ah, and idle load should be lower, so less battery drain.

1 Like
4

As a sidenote:

If you want to disable icloud, Apple Bird only needs to be activated to get rid of a warning requester, which appears all the time if you file requester your drive. Kind of annoying that Apple never tested how the system works if Bird is disabled. Because it’s completely useless then. Also seems to prove the low quality assurance in Apple macos and poor testing practice at Apple…

Same goes for com.apple.icloud.findmydeviced, only needs to stay activated, because otherwise the disk utility refuses to apply changes to your drives, due a crytic error “cannot access findmymac”. Even if you did not enable this.

Instead constantly adding more and more bloatware and surveillance services to macos just like Microsoft, they really should rethink their strategy and macos better again. I think not even Windows runs like 400 background services.

Also it is not at all respecting neither privacy nor constitution laws. Not a single average mac user knows that his movements are tracked and uploaded to icloud by default, most people do not realize that the whole keychain will be uploaded, too, with all your passwords. This is not only a very comfortable open gate for secret services like nsa, but also imagine if icloud was hacked. You probably would never know that your data was hacked and used. Do you know those Apple admins in person? Do you really want to trust unknown persons? This all makes no sense at all. This is really, really bad. EU and national laws do nothing against it, as always the biggest portemonnaie will make the laws instead. But go on with your lemming existence…

This is my advice, if you want to take your privacy seriously: Do not use cloud services by Apple, Microsoft or Google in any case. Those are completely insecure intentionally by design. You can instead install a little script on a cheap php hosting server and sync your contacts and dates with that (e.g. baikal). Syncing files into the cloud makes no sense at all, only for teams, but this is usually not the case with icloud. Sync it in your local area network instead automatically, if you come home. On an iphone or mobile device, always create a fake account as system account with fake data. This might lead into payment problems for apps. Well then jailbreak this shit. Remember what Snowden told us? This still is there, even stronger and even less respecting democracy.

1 Like