Guide To Make Your Mac Suck Less (2017)

Strengthen your system. Improve your experience.

Some days, I just get angry at tiny flaws with a default macOS configuration. Slow keyboard repeat rate. Ineffective transparency. Annoying UI sounds. Hidden filename extensions. Security flaws in Safari. All of these things just piss me off.

So, I’ve written a shell script that automatically fixes these settings for myself and for you. If you’ve never used a script before, and you’ve always used the UI to modify your settings, don’t be afraid.

A shell script (like my_script.sh) is a really powerful way to control all of our settings. It gives us very fine control over each setting. While there are other tools that can do this too (like Ansible or Chef), I don’t want to use these because they require installing additional dependencies, and because these tools are really more useful for managing a fleet a machines (hundreds or thousands of machines), and not just your 1–5 personal machines. A shell script also gives us the ability to be interactive and to write VERY simple, readable code. That means you (yes you) can read it too!

To run a shell script, we’re going to use an application called Terminal. You can find it with Spotlight by simply typing Terminal, or you can find it in at /Applications/Utilities/Terminal.app

This script will tell you everything that it does, so nothing is ever hidden from you. It will give you both a description of what is going on and the actual command that is being run on your system. If you don’t know what something is, you can always google it before running the script to learn more about it.

This script will handle a few things for you:

  1. It sets up excellent default settings.
  2. It installs default applications.
  3. It looks for updates for applications and system patches.

I encourage you to modify settings to your needs before running your version of the script.

Let’s dissect this script so you understand what it’s going to do, and how to make it work for your needs. The full, most up to date version of the script lives here:

https://github.com/echohack/macbot/

The first part of the script (around the first 50 lines), sets up utility functions and some cool colors for your command line. It also sets up the rest of the script so we don’t accidentally overwrite settings while the script is running. There isn’t anything super interesting here.

Now we’ll use scutil and com.apple.smb.server to set your computer name. This helps us get around some silly limitations Apple puts into place when doing the first time setup of your Mac, or if you just want to change it after you’ve already reinstalled macOS.

Excellent Default Settings

Disable sudden motion sensor. (Not useful for SSDs)

Here’s a setting you might want to change in the script if you have an older Mac. Mac has a sudden motion sensor for turning off hard disks (so they don’t get damaged). But what if you don’t have a hard disk? Well Apple isn’t smart enough to turn the damn thing off if you’re running an SSD. If you’ve bought a Mac in the past 5 years, you should be good with disabling this feature.

Disable press-and-hold for keys in favor of key repeat

By default, if you hold a key (say “e”), macOS will show you alternative “e” keys you can choose from, such as Ē, ē, Ĕ, ĕ, Ė, ė, Ę, and so on. Instead, we want to press-and-hold to get key repeat (like “eeeeeeeeeeee”).

Set a fast keyboard repeat rate, after a good initial delay

You can set your keyboard to repeat a key really fast, and that’s what we’ll do. KeyRepeat is the speed of how fast keys can repeat when held down (the lower the better. You probably want to set this to a very low number like 1 or 2). InitialKeyRepeat is the amount of time before repeating keys can begin (you probably want this somewhere in the middle, between 15 and 45. Too fast and you’ll just accidentally repeat keys all the time, too slow and you’ll sit there waiting for key repeat to begin).

Disable auto-correct

Auto-correct when you have a keyboard is more annoying than helpful. If you like autocorrect and want to keep it, you’ll want to remove this setting in the script.

Speed up mission control animations

Apple decided to make Mission Control animations slow for some awful reason. We want those as fast as possible. Lower numbers are better here.

Remove the auto-hiding dock delay

Apple decided to make hiding the dock take an extra half second. That’s pretty annoying, let’s make it auto-hide instantly.

Use the dark theme

This is opinionated, but the dark theme is MUCH easier on your eyes. If you work or play at the computer all day, you need to protect your eyes, and this is a good way to start. Besides, the dark theme looks cooler anyway.

Save screenshots

Screenshots (cmd + 2/3/4) automatically get saved in the jpg format and to the desktop, but we can do better. PNG is a much stronger, higher quality image format, so we’ll use that. Also, we’ll create a screenshots folder (in /Users/yourUser/screenshots) to save all the screenshots in, instead of cluttering your desktop.

Disable menu transparency and increase contrast

Fancy menu transparency is a sexy UI feature, but it’s confusing and hurtful to your eyes. In addition, we’ll increase the contrast of some menu items to make them easier to read, and to protect your eyes.

Disable mouse enlargement with jiggle

Until I updated to Mavericks (which introduced this “feature” for the first time), I had no idea that people lost their mouse cursor and couldn’t find it. In the ~25 years I’ve used computers I’ve never heard anyone say anything about losing their mouse cursor on the screen. If you use a mouse at all, you’re going to accidentally trigger this feature from time to time, and it’s weird and off-putting. So we’ll just disable this…

Disable annoying UI error sounds

*BOMP*. Yes you’ve heard it, and you hate it. It’s the “error” sound. But this sound plays in many non-error situations, like when you reach the end of a line or tab to the last field in an application. So we’re going to eliminate this thing where-ever we can. For some reason, I still haven’t found all the places this sound occurs, but the three places in the script is a good start. (If I find more fixes, I’ll add them to the script in the future, of course).

Show hidden stuff

Why do operating system vendors want to hide stuff from you? I never understood the rationale behind hiding all this stuff. Well, we’re going to unhide _all_ the hidden things and set some smart finder navigation defaults. That includes:

  • Show all filename extensions.
  • Disable the warning when changing a file extension.
  • Use list view in all Finder windows by default.
  • Show the ~/Library folder.
  • Show the /Volumes folder.
  • Show hidden files (whose name starts with dot) in finder.
  • Show full file path in finder windows.

Don’t write DS_Store files to network shares

This one is simple: don’t leave little .DS_Store files on every device that connects with you. They’re annoying and unnecessary (unless you want to index items for Spotlight).

Don’t ask to use external drives as a Time Machine backup

When you plug in a USB stick or someone else’s drive, Time Machine is greedy and REALLY wants to give you some more backups! That’s annoying, so let’s turn it off.

Disable natural scrolling

If you like the “natural” scrolling, then remove this setting from the script. Personally I’ve got a mouse, and scroll-down means scroll-down to me. I’m not flying a fighter jet here, I’m scrolling. But if reverse-scrolling is your thing, then go for it.

Increase Safari Security

This next part includes lots of tweaks to Safari (the built-in macOS browser that you can’t uninstall…) to make it more secure. Oddly enough, Safari features are included throughout parts of the operating system, so creators of viruses and other nasty things can use Safari vulnerabilities even if you don’t use Safari. (You shouldn’t use Safari. Use Firefox or Chrome instead.) So let’s lock down Safari nice and tight. To do that, we will:

  • Disable Safari from auto-filling sensitive data.
  • Disable Safari from automatically opening files.
  • Always block cookies and local storage in Safari.
  • Enable Safari warnings when visiting fradulent websites.
  • Disable javascript in Safari.
  • Block popups in Safari.
  • Disable plugins and extensions in Safari.
  • Safari should treat SHA-1 certificates as insecure.
  • Disable pre-loading websites with high search rankings.
  • Disable Safari search engine suggestions.
  • Enable Do-Not-Track HTTP header in Safari.
  • Disable pdf viewing in Safari.
  • Display full website addresses in Safari.

Whew!

Improve Apple Mail Security

There are a couple of small improvements we can set for Apple Mail to increase security. So we’re going to:

  • Disable loading remote content in emails in Apple Mail.
  • Send junk mail to the junk mail box in Apple Mail.

Improve Privacy (Spotlight problems)

You might not know it, but Spotlight reports a lot of data to Apple about your searches, even on your local computer. So we’re going to disable all that. First, we disable spotlight universal search. Then we’re going to call out to a different script to help handle disabling some more complex mechanisms for suggestions, bing web search, and some other leaky data. It’s not enough just to turn off Spotlight Universal Search. We want to make sure ALL of these privacy-violating settings are disabled. If you value the ability to do web searches through Spotlight, you may want to remove this part of the script. (Personally, I do all my searches through my browser, where I can make more informed choices about my search providers and how my data gets used).

Disable Captive Portal Hijacking Attack

Apple added a feature a few releases back to modify the behavior about how your computer joins networks that have captive portals, like coffee shop WiFi or hotel WiFi. Unfortunately, this opens your computer to an attack (because anyone can set up a network to look like a captive portal). If you use these kinds of networks, you want to be EXTRA careful, so disabling this functionality will really keep you that much more secure.

Set screen to lock as soon as the screensaver starts

If you walk away from your computer, and forget to lock it, we’ll want the screensaver to try to rescue us. By default, the functionality of the screensaver doesn’t lock your screen in macOS, so let’s turn that on.

Don’t default to saving documents to iCloud

Some applications will try to automatically save your documents to iCloud, instead of giving you a “Save-as” prompt to save to your local drive. I don’t use iCloud (and wouldn’t want to really upload my private information to iCloud ever), so we’ll disable that.

Disable crash reporter

Ostensibly, when an application crashes, you can report “anonymously” to Apple the details of the crash so they can investigate it. In reality, nobody cares about your crash report, and the crash report leaks details about you. So let’s just turn it off and never use it.

Enable Stealth Mode

Now we want to make it difficult for hackers to even find us. Stealth mode makes it so your computer doesn’t respond to some basic methods of detecting your computer on a network from outside of that network. There are more complex methods (and we’ll need to keep these enabled so real applications can continue to work…), but this will help get rid of certain classes of detection.

Set all network interfaces to use Google DNS

By default, your computer will use whatever DNS provider your ISP has available for you. This DNS provider is junk — it’s probably injecting some ads or doing some other bad behavior when you search for a URL that doesn’t exist. So we’re just going to use Google’s DNS instead and call it a day. It’s faster and more secure.

Disable wake on network access

Unless you’re a highly technical user, you probably won’t have a good reason to wake up your computer remotely. This will help prevent hackers or viruses from accomplishing their goals.

Disable Bonjour multicast advertisements

File this one under “this is a thing you’ll never use and it just gives hackers another way to access your system”. So we’ll turn it off. If this setting is on, Bonjour can leak information such as usernames or devices to a potential attacker.

Better System Updates

I know you don’t like system updates, that they’re annoying, or you think they’re silly. But the security of your system and the internet is a moving target, and every day computer experts are finding new security problems. If you aren’t staying up to date on patches, your system, your privacy, and your security are at risk. In order to stay up to date on patches, here’s some stronger settings:

  • Enable Mac App Store automatic updates.
  • Check for Mac App Store updates daily. (instead of weekly)
  • Download Mac App Store updates in the background.
  • Install Mac App Store system data files & security updates.
  • Turn on Mac App Store auto-update.

These settings should help you get the system patches you need in a timely fashion to keep you safer.

Install Applications

This whole section of the script (around line 250 and below) can be removed if you just want good system defaults. Less advanced users may want to bail out here: Just delete everything in the script below # Install Applications . If you’re comfortable writing a little shell script, then read on.

This part of the script should be heavily modified. The applications that I use are not going to be the same ones that you use. In any case, you can use my script as an example of where to start. I do recommend keeping a few things around to make your life easier.

Install Homebrew

Homebrew is a fantastic package manager for macOS. If you install it, I’d recommend modifying your ~/.bash_profile to add these two lines:

export HOMEBREW_NO_ANALYTICS=1
export HOMEBREW_NO_INSECURE_REDIRECT=1

That’s because Homebrew uses Google Analytics to track your behavior (an unforgivable thing in a package manager, but that’s for another time), and allows regular http redirects during some formulas. We’ll want to avoid both of those, and fortunately, we can.

Install updated curl + OpenSSL

After we’ve installed Homebrew, we’ll want to use a more modern curl and OpenSSL. The default macOS curl and OpenSSL binaries are woefully out of date and full of problems, so this is a no brainer.

Install mas

Mas is a wonderful application that allows you to download and install applications from the Mac App Store. You can see an example in my script on how to install applications using mas, or you can head over to their github page for more information.

mas login prompt

These’s a bit of script-fu here to detect if you’re signed in already to your account for the Mac App Store. If not, the script will prompt you to sign on.

Finishing Up

Once everything is set and installed, we do one final check for system updates, and restart the Dock and Finder.

Once the script is complete, I recommend you reboot your computer. Many of these settings require you to restart to get them to take effect.

Once you reboot, you’re all done! Your Mac should be shinier and better with some finely tuned settings.