Keeping macOS logs private from who?
I continue to not trust macOS. I was working on a little development project at the weekend which involved downloading some code samples. One of those samples included a handful of image files that mediaanalysisd choked on, and since ~/Downloads
isn’t in my Spotlight exclusion list my Mac has been strangling itself for the last 4 days.
I’ve been poking at this issue with no luck since I first noticed it, and spent a bit of time yesterday trying to figure out how to see the stuff marked as “<private>” in the system log. It seems like it used to be possible to install a mobile configuration profile, which is a bullshit solution but it doesn’t work in macOS 15 anyway.
The only official mention of this mechanism I’ve found is in Apple’s own manpage for os_log
:
The unified logging system considers dynamic strings and complex dynamic objects to be private, and does not collect them automatically.
It goes on:
In situations where it is necessary to capture a dynamic string, and it would not compromise user privacy, you may explicitly declare the string public by using the public keyword in the log format string.
It doesn’t say if there’s a way to override the “does not collect them automatically” thing, so I assume the only option would be to change the log emitter - mediaanalysisd - which I can’t do.
And to nobody’s surprise this just makes me more angry. This is my computer - who are you keeping the log contents private from?!
The Eclectic Light Company has some interesting articles about Spotlight, mediaanalysisd, and macOS system logging, but the last paragraph of this article says it best:
The unified log is not Apple’s
<private>
playground. It’s a shared space, with users diagnosing problems, developers hunting bugs, support staff fixing glitches, and system administrators managing their networks. For us all to get benefit from our logs, Apple needs to provide a supported means of temporarily disabling this censorship in the unified log. If it won’t, then it’s time for Apple to admit openly that it doesn’t really want anyone else using the unified log.