I have multiple snapshots of my system—literally a point in time saved with a name and a date. I can go back to a few different points in time to test things that could break the system and revert to any time in the past that I created or that the system itself created when installing an update.
#BackToTheFuture This is the KILLER FEATURE! #FreeBSD
@mcfate Imagine you want to test a potentially malicious program on your Mac. Start by creating a snapshot with the following command:
doas bectl create MacOS-Californication16.6-202401102
This operation takes mere milliseconds to complete. Next, reboot your system into the newly created boot environment. Once you’re booted into the new environment, install and run that dubious program.
@mcfate Meanwhile all the work on your /Users/macfate stays the same, your don't lose changes.
Yeah, but that happens anyway.
The system I DO the work on is rarely the system I TEST the work on, if it's that sort of thing.
I wouldn't test a "potentially malicious program" on "my Mac". I have PREVIOUS Macs I can test stuff like that on.
@mcfate I never do either, I was giving you a non realistic scenario, but for servers and stuff like virtual machines this is it.
Well, everything I do is on MY network, I'm the developer AND the client.
@mcfate Same and other clients as well.
@mcfate I run my WiFi on a read-only virtual machine that has no knowledge of the host's network, with the WiFi card passed through. Its a pretty solid defense against intruders in public wifi spaces. No need of a separate portable AP.
All I can say is that to the extent that we have similar problems to solve, we've taken different approaches to them.
The way I see it, any gain in simplicity would be offset by an operating system that's different AND similar enough to the Linices I already run, unproblematically, to be a source of potential confusion.
I have to ALLOW devices onto the WiFi here.
See, I would do stuff like that in a virtualized system on a "burn box".
If it does horrific things, start over.
"How clean do you want it?"
"Down to the NAP."
— Point of No Return
@mcfate So I make snapshots of my VM's in Bhyve and my jails and also send them to an encrypted drive in a secure location. automatically every day.
@mcfate At the end of the day, if you decide that it’s not worth keeping, simply reboot your Mac back into your original boot environment, effectively reverting your system to its previous state without any traces of the program.