A few years ago, they moved the OS to a “sealed system volume” — basically, the entire OS is stored on an immutable disk image, signed and verified with a Merkle-tree sort of structure. This has a few advantages: malware cannot modify the OS, you can’t brick your system by accidentally deleting OS files, updates are far more robust (they don’t have to change files on your root filesystem), and the OS can be stored unencrypted meaning you can boot the system without requiring the user’s password first. (And of course, there’s an opt-out if you really want to modify OS files.)
The big downside is that installing an update means you have to rebuild and re-sign the entire OS image, which takes forever. When they first introduced this model, I was surprised at this: I expected they could generate the
new OS image in the background, while you’re still using the computer, then just swap over to the new image with a single reboot, instead of requiring a ton of downtime. I think they might finally be doing this with macOS 14/iOS 16 — I’ve been running the betas for both and noticed restarting to install updates has become far, far faster — like maybe a minute or two.
The big downside is that installing an update means you have to rebuild and re-sign the entire OS image, which takes forever. When they first introduced this model, I was surprised at this: I expected they could generate the new OS image in the background, while you’re still using the computer, then just swap over to the new image with a single reboot, instead of requiring a ton of downtime. I think they might finally be doing this with macOS 14/iOS 16 — I’ve been running the betas for both and noticed restarting to install updates has become far, far faster — like maybe a minute or two.