Last I looked... extensive telemetry and a sealed boot volume that makes it impractical to turn off even if theoretically possible. There are other problems of course.

You can disable SIP and even disable immutable kernel text, load arbitrary drivers, enable/disable any feature, remove any system daemon, use any restricted entitlements. The entire security model of macOS can be toggled off (csrutil from recoveryOS).

Aware of that. Way too big of a request just to make reasonable configuration changes, like shutting down daemons, etc.

No, it’s not that big a request. You literally have the capability. The average user does not need it.

What is hard about this?

Stopping/disabling a service should be a command, like it is on Windows or Linux. Not configured on a read-only volume bundled with other security guarantees.

It's pretty simple to keep these two things separate, like everywhere else in the present and history of the industry.

Just because Windows/Linux do things one way doesn't mean the rest of the industry has to follow it. ;P

Just out of curiosity, are these philosophical objections or do you have a practical use for disabling code signing and messing with your boot volume?

I have practical use for disabling telemetry and other misfeatures. (Maybe you meant to reply to your sibling comment?)

No, I meant to reply to you. I was curious about your practical use case for disabling code signing (which I think is what you refer to by telemetry) and messing with the boot volume.

Not what I am referring to. The goal is to disable misfeatures, not reduce security. Only Apple bundles the two.

He's a religious linux believer that will make you call him GNU/Linux believer - no point in argueing, there is not interest in the argument.

From what I checked, disabling SIP/AMFI/whatever it is now means I can't run iOS applications on macOS. The fact that there are restrictions on what I can run when doing that makes macOS more restrictive.

Also, what if I want to run eBPF on my laptop on bare metal, to escape the hypercall overhead from VMs or whatever? Ultimately, a VM is not the same as a native experience. I might want to take advantage of acceleration for peripherals that aren't available unless I'm bare metal.

That point is often brought up, but it kind of invalid. Because you can't run iOS on your Linux or Windows installation, too. So saying because of that usecase you are switching the OS, is kind of a spite reaction, not based on reason.

As in: "I can't run iOS on my macOS installation, so I am going to use a different OS where I can't run iOS either".

Well, it's less of a feature argument, and more of a "I philosophically don't support using an OS that prevents me from using parts of it, because I oppose losing control over the software my system runs."

Well it’s just one less plus in the macOS column.

I switched from pixel to iPhone in large part because pixel removed the rear fingerprint reader, headphone jack, and a UI shortcut I used multiple times a day. It’s not like the iPhone had those things but now neither did the pixel.

How does Asahi fare these days? For home use I am fine with my Fedora machine but as a former (Tiger-SL era) Mac user who's never used macOS, I am somewhat curious about this.

Remember Asahi works properly only on M1 and M2. More work is required to make it run well on later chips (its not just a faster ARM chip - it's new graphics card each time, motherboard chipset, every laptop peripheral changes from time to time, BIOS/UEFI, etc, and they all need reverse-engineered drivers for it work).

Would it be possible to run a whole linux OS on macos, even if through virtualization?

... or UTM. I have run windows and Linux on my M1 MB Pro with plenty of success.

Windows - because I needed it for a single application.

Linux - has been extremely useful as a compliment to small arm SBCs that I run. eg: Compiling a kernel is much faster there than on (say) a Raspberry Pi. Also, USB device sharing makes working with vfat/ext4 filesystems on small memory cards a breeze.