The whole macOS thing is amateur
I set that up in like 2014? Even back then it was known already that the quick /etc/resolver way was the deprecated way to do things. So I guess they finally killed that feature off?
The proper (more awkward) way is to use scutil directly (which then stores the settings in some binary plist somewhere, I assume).
Maybe try this and see if it still works afterwards?
macOS has made some arguably poor design choices, but it makes it hard to take someone seriously when they state the whole OS is terrible.
I will say, I don't love the use of LLMs to write these bug reports. It's probably fine if reviewed, but at least review for things like "worked on macOS 25", which obviously didn't exist. If that wasn't caught, how sure are you that the rest of the report is accurate? We all want the bugs fixed, but people are going to start throwing out the obviously LLM written reports rather than have to validate each claim, since the author probably didn't.
I think it's fine to have an llm write a first or second draft of something, then go through and reword most of it to be in your own voice.
With LLMs this is less clear, you don’t get the old school artifacts, instead you get hallucinations, and very subtle errors that completely alter the meaning while leaving the sentence intact enough that your reader might not know this is a machine translation error.
Quite frankly, while having an LLM draft and rewriting it would be okay, I do not believe it is reasonable to expect that to ever happen. It will be either like high school paper plagarism (Just change around some of the sentences and rephrase it bro), or it will simply not even get that much. It is unreasonable with what we know about human psychology to expect that "Human-Rewrites of LLM drafts", at the level that the human contributes something, are maintainable and scalable; Most people psychologically can't put in that effort.
Apply this argument to code, to art, to law, to medicine.
It fails spectacularly.
Blaming the tool for the failure of the person is how you get outrageous arguments that photography cant be art, that use of photoshop makes it not art...
Do you blame the hammer or the nail gun when the house falls down, or is it the fault of the person who built it?
If you dont know what you're doing, it isnt the tools fault.
If you want valid certs you can generate them with mkcert and add them to your system trust store.
New-UnboundInterface.sh - linux/rhel-like specific
# create a bridge interface for Unbound
# because Docker...
IFTYPE=bridge
IFNAME=unbound0
IPADDR=10.53.0.1
IPADDR6=fd53:fd53:fd53::1
nmcli connection add type $IFTYPE ifname $IFNAME
nmcli connection modify $IFTYPE-$IFNAME ip4 $IPADDR/32
nmcli connection modify $IFTYPE-$IFNAME ipv4.dns $IPADDR
nmcli connection modify $IFTYPE-$IFNAME ip6 $IPADDR6/64
nmcli connection modify $IFTYPE-$IFNAME ipv6.dns $IPADDR6
nmcli connection up $IFTYPE-$IFNAME
firewall-cmd --new-zone=unbound --permanent
firewall-cmd --zone=unbound --permanent --change-interface=$IFNAME
firewall-cmd --zone=unbound --permanent --add-service=dns
firewall-cmd --reload
# should be placed in /etc/unbound/conf.d
# bind to a specified IP address, allow access
server:
interface: 10.53.0.1
interface: fd53:fd53:fd53::1
access-control: 10.53.0.1/32 allow
access-control: fd53:fd53:fd53::1/128 allow
# allow queries from the Docker "bridge"
server:
access-control: 172.18.0.1/16 allowWhy use Apple's browser when they don't actually care about your privacy?
Thank you for the heads up.
All Feedbacks that you file are private to your own Apple Account.
Ignoring the current Tahoe mess, MacOS felt relatively polished. I'm purely talking about UX here, as the OS is evidently buggy. The most popular Gnome themes are a re-impl of MacOS, so I can't be the only one.
It straight up broke some interfaces too
Then again I never understood the trend to remember fondly windows 98 and those kind of interfaces, maybe it's generational.
They also do strange choices regarding shipped software. For example they ship ancient bash 3, apparently because they hate GPLv3 or something like that. I like GPLv3 and this choice makes macos user-hostile.
Programs like LittleSnitch never really seem like "enough" for me, because the computer has to boot before DNS filtering comes online. It also has the design error (IMHO) of pre-resolving IP addresses before clicking Accept/Deny(all).
A great blockrule for your personal firewalls would be to ban (at top level) icloud.com, apple.com, &c; system updates can then be performed manually using guides like <http://www.mrmacintosh.com>. Of course: this breaks everything (in exactly the way I prefer to compute).
I have setup a VM running DNS on my laptop before ...
It makes you wonder why they were messing around in these areas at all at this point.
Here’s a GitHub comment showing someone on MacOS 26 with a `.test` domain, which you claim is broken: https://github.com/apple/container/issues/856#issuecomment-3... —- maybe you are configuring it incorrectly.
But that only really helps you when you're dealing with websites in a browser, and when you want the address to resolve back to your local machine. So it wont help you with other programs like python/wget/etc or any calls you make to getaddrinfo()
Next question: what reason would Apple have to make a change that would interfere with developers using their operating system?
Wait, it does that (from 15 to 26) without user interaction?
Workaround
The only reliable workaround is to add entries manually to /etc/hosts...
Impact
This breaks the standard local development DNS workflow...Any developer using dnsmasq + /etc/resolver/ for *.test, *.local, *.internal, or other private TLDs...Docker...Kubernetes...
Which is not quite as bad as the (currently) blanket title "macOS 26 breaks custom DNS settings including .internal".
More like, "macOS 26 breaks some uses of custom DNS settings including .internal"
adamamyl•2h ago
bgentry•1h ago