Monday, January 12, 2026
Google (CNBC, MacRumors, AppleInsider, Hacker News):
Apple and Google have entered into a multi-year collaboration under which the next generation of Apple Foundation Models will be based on Google’s Gemini models and cloud technology. These models will help power future Apple Intelligence features, including a more personalized Siri coming this year.
After careful evaluation, Apple determined that Google’s Al technology provides the most capable foundation for Apple Foundation Models and is excited about the innovative new experiences it will unlock for Apple users. Apple Intelligence will continue to run on Apple devices and Private Cloud Compute, while maintaining Apple’s industry-leading privacy standards.
Jeff Johnson:
How much did Apple have to pay to get Google to say, “Apple’s industry-leading privacy standards”?
Dan Moren:
Gurman has also previously reported that those delayed Apple Intelligence features are likely to make their debut in iOS 26.4 this spring.
It’s unclear exactly where in the timeframe we are. Given that 26.3 is already in beta, and 26.4 is expected in a few months, it’s possible that work has long since started on this, even if it’s only being officially announced now. Even with the leg-up provided by Google’s models, it seems unlikely the company could simply roll in that tech for a feature due out in short order.
M.G. Siegler:
Sort of weird that they would announce such a big deal this way rather than official releases/interviews/etc, then again, the talk has been – at least on Apple’s side – to downplay the partnership. We get it, it’s sort of embarrassing to have to outsource your work in such a key aspect of technology, let alone one you believed you were at the forefront of not that long ago, at least with regard to Siri.
Kyle Hughes:
The Google deal is now necessary because of past mistakes but it is far from ideal—Apple needed this all in-house for years. It will be very difficult to compete with Google on integrated, optimized software products, and they will be paying Google for the opportunity to compete with them at all. Knowledge work is going to look fundamentally different once Google does Claude Code for Google Workspaces.
Previously:
Apple Intelligence Foundation Models Framework Google Gemini/Bard iOS iOS 26 Private Cloud Compute Siri
Norbert Heger (Mastodon, Hacker News):
Since upgrading to macOS Tahoe, I’ve noticed that quite often my attempts to resize a window are failing.
This never happened to me before in almost 40 years of using computers. So why all of a sudden?
It turns out that my initial click in the window corner instinctively happens in an area where the window doesn’t respond to it. The window expects this click to happen in an area of 19 × 19 pixels, located near the window corner.
[…]
But due to the huge corner radius in Tahoe, most of it – about 75% – now lies outside the window[…]
Jason Snell:
That’s right, folks, the solution to resizing the corner of a window in Tahoe is to click outside the edge of the window. I can’t even.
Jason Anthony Guy:
The accompanying gif of him grabbing a plate captures the experience perfectly.
Rui Carmo:
The annotated images (green “expected” area, blue dot, and the “accepted target area” sitting in empty space) make the point better than any amount of hand-waving, and we need more of this to make it obvious that Apple needs to reverse course on the whole thing.
Gui Rambo:
Yes! All the time. The opposite also occurs: trying to click something behind a window and accidentally resizing the front most window instead.
Tony Arnold:
I’ve noticed that resizing windows on macOS Tahoe seems to fail 2-3 times each time I perform the action. How did Apple break so many interactions in a single release?
Garrett Murray (Mastodon):
I have struggled with this every single day since Tahoe was released. I fail on nearly every first attempt at resizing a window.
[…]
Imagine taking one of the most core, we-take-this-for-granted features of a windowing system and throwing it away. And why? Oh, because iPhones have rounded corners and therefore so should all windows on every Apple platform.
Joachim Kurz:
Things like this make me want to switch to Linux and build my own Desktop environment and window manager.
Like, gather all the macOS devs who still understand how desktop UX is supposed to work, take an Apple HIG from the 90s or and let’s build ourselves a new home.
And when we are done with that (shouldn’t take longer than a couple decades, right?), we fork the open source component from Android and do the same for mobile UX.
Mario Guzmán:
ugh this is one of the things that drives me most insane in #macOSTahoe. Basic desktop-isms are just so broken. I fear that more and more folks who don’t understand the history of the desktop are running the show at Apple. I hope I am wrong but then what explains this mess?
John Gruber (Mastodon):
One can argue with the logic behind these changes, 15 years ago. I’ll repeat that I think it was a grave error to make scrollbars invisible by default. I would argue that while the visible grippy-strip isn’t necessary, it’s nice to have. (As noted above, its presence showed you whether a window could be resized.) But there was, clearly, logic behind the decisions Apple made in 2011. They were carefully considered. The new logic was that you no longer look for a grippy-strip to click on to resize a window. You simply click inside the edge of a window. And of course Apple added a small affordance to the hit target for those edges, such that if you clicked just outside the window, that would count as “close enough” to assume you intended to click on the edge. Most users surely never noticed that. A lot of nice little touches in UI design go unnoticed because they’re nice little touches.
Until MacOS 26, most of the hit target for initiate the resizing of a window was inside the window. Because, of course, right? Even though MacOS (well, Mac OS X) stopped rendering a visible resize grippy-strip 15 years ago, the user could simply imagine that there was still a grippy area inside the lower right corner of every resizable window. It would make no sense whatsoever for the click target to resize a window to be outside the window. Why would anyone expect that? It would work against what our own eyes, and years of experience, are telling us. You pick up a thing to move it or stretch it by grabbing the thing. Not by grabbing next to the thing.
diskzero:
I worked on Finder/TimeMachine/Spotlight/iOS at Apple from 2000-2007. I worked closely with Bas Ording, Stephen Lemay, Marcel van Os, Imran Chaudry, Don Lindsey and Greg Christie. I have no experience with any of the designers who arrived in the post-Steve era. During my time, Jony Ive didn’t figure prominently in the UI design, although echoes of his industrial design appeared in various ways in the graphic design of the widgets. Kevin Tiene and Scott Forstall had more influence for better or worse, extreme skeumorphism for example.
[…]
Here is my snapshot of Stephen from the time. He presented the UI ideas for the intial tabbed window interface in Safari. He had multiple design ideas and Steve dismissed them quickly and harshly. Me recollection was that Steve said something like No, next, worse, next, even worse, next, no. Why don’t you come back next week with something better. Stephen didn’t push back, say much, just went ok and that was that. I think Greg was the team manager at the time and pushed Steve for more input and maybe got some. This was my general observation of how Stephen was over 20 years ago.
I am skeptical and doubtful about Stephen’s ability to make a change unless he is facilitated greatly by someone else or has somehow changed drastically. The fact that he has been on the team while the general opinion of Apple UX quality has degraded to the current point of the Tahoe disaster is telling. Several team members paid dearly in emotional abuse under Steve and decided to leave rather than deal with the environment post Steve’s death. Stephen is a SJ-era original and should have been able to push hard against what many of us perceive as very poor decisons. He either agreed with those decisions, or did not, and choose to go with the flow and enjoy the benefits of working at Apple.
Previously:
Design Liquid Glass Mac macOS Tahoe 26
Adam Engst:
Here are the unique features that keep me using multiple apps for my screenshots.
[…]
Most of the time, I dismiss floating shot windows immediately, but they can be useful for referring to a screenshot—such as the contents of a menu that I can’t keep open—while writing. Floating shots are also handy for making simple edits and annotations without opening the file in Preview. The feature I value most, though, is one that ScreenFloat developer Matthias Gansrigler added last year—the option to export an image with an added border.
[…]
CleanShot X is a thoroughly capable screenshot utility with editing and annotation features, but it also offers a feature I haven’t seen elsewhere: the ability to combine screenshots.
[…]
I still occasionally press Command-Shift-5 and use the built-in macOS screenshot utility to create a screenshot of a window with an open menu. In these screenshots, I don’t want shadows around the window, but I do want them around the menu, which otherwise looks weird. This requires a multi-step process that involves capturing two separate screenshots and compositing them in Preview[…]
Previously:
CleanShot X Mac Mac App macOS Tahoe 26 ScreenFloat Screenshots
Jon Brodkin:
Italy fined Cloudflare 14.2 million euros for refusing to block access to pirate sites on its 1.1.1.1 DNS service, the country’s communications regulatory agency, AGCOM, announced yesterday. Cloudflare said it will fight the penalty and threatened to remove all of its servers from Italian cities.
AGCOM issued the fine under Italy’s controversial Piracy Shield law, saying that Cloudflare was required to disable DNS resolution of domain names and routing of traffic to IP addresses reported by copyright holders. The law provides for fines up to 2 percent of a company’s annual turnover, and the agency said it applied a fine equal to 1 percent.
The fine relates to a blocking order issued to Cloudflare in February 2025. Cloudflare argued that installing a filter applying to the roughly 200 billion daily requests to its DNS system would significantly increase latency and negatively affect DNS resolution for sites that aren’t subject to the dispute over piracy.
Matthew Prince (Hacker News):
Yesterday a quasi-judicial body in Italy fined
@Cloudflare
$17 million for failing to go along with their scheme to censor the Internet. The scheme, which even the EU has called concerning, required us within a mere 30 minutes of notification to fully censor from the Internet any sites a shadowy cabal of European media elites deemed against their interests. No judicial oversight. No due process. No appeal. No transparency. It required us to not just remove customers, but also censor our 1.1.1.1 DNS resolver meaning it risked blacking out any site on the Internet. And it required us not just to censor the content in Italy but globally. In other words, Italy insists a shadowy, European media cabal should be able to dictate what is and is not allowed online.
[…]
In addition, we are considering the following actions: 1) discontinuing the millions of dollars in pro bono cyber security services we are providing the upcoming Milano-Cortina Olympics; 2) discontinuing Cloudflare’s Free cyber security services for any Italy-based users; 3) removing all servers from Italian cities; and 4) terminating all plans to build an Italian Cloudflare office or make any investments in the country.
Ernesto Van der Sar (Slashdot):
Launched in 2024, Italy’s elaborate ‘Piracy Shield’ blocking scheme was billed as the future of anti-piracy efforts.
To effectively tackle live sports piracy, its broad blocking powers aim to block piracy-related domain names and IP addresses within 30 minutes.
While many pirate sources have indeed been blocked, the Piracy Shield is not without controversy. There have been multiple reports of overblocking, where the anti-piracy system blocked access to legitimate sites and services.
Previously:
Business Cloudflare Copyright Domain Name System (DNS) Italy Legal Piracy Web
Friday, January 9, 2026
Hartley Charlton (Slashdot):
Usage data published by StatCounter (via Cult of Mac) for January 2026 indicates that only around 15 to 16% of active iPhones worldwide are running any version of iOS 26 . The breakdown shows iOS 26.1 accounting for approximately 10.6% of devices, iOS 26.2 for about 4.6%, and the original iOS 26.0 release at roughly 1.1%. In contrast, more than 60% of iPhones tracked by StatCounter remain on iOS 18, with iOS 18.7 and iOS 18.6 alone representing a majority of active devices.
Historical comparisons highlight how atypical this adoption curve appears. StatCounter data from January 2025 shows that roughly 63% of iPhones were running some version of iOS 18 about four months after its release. In January 2024, iOS 17 had reached approximately 54% adoption over a similar timeframe, while iOS 16 surpassed 60% adoption by January 2023.
[…]
In the first week of January last year, 89.3% of MacRumors visitors used a version of iOS 18. This year, during the same time period, only 25.7% of MacRumors readers are running a version of iOS 26 . In the absence of official numbers from Apple, the true adoption rate remains unknown, but the data suggests a level of hesitation toward iOS 26 that has not been seen in recent years.
I want to believe this is because people are choosing to avoid Liquid Glass, but the difference in curves is so stark that I assume it must be due to a measurement problem or a change in how strongly iOS’s Software Update is pushing new versions.
Dave Polaschek:
This, even given that Apple has made the 18.7.3 installer [and its security fixes] unavailable for anyone not an Apple Developer and in the beta program.
Previously:
Update (2026-01-12): Jeff Johnson (Mastodon):
The MacRumors stats appeared to provide some independent support for the StatCounter data. I made the mistake of starting to believe the story based on this, without checking the facts myself. In my defense, I’m not a news media outlet, so that’s not my job, and moreover I didn’t publish an article about iOS 26 adoption, until now.
The only site that got it right, eventually, is Pixel Envy by Nick Heer, who pointed out that the Safari browser User-Agent was partially frozen on iOS 26, as discussed in a September WebKit blog post[…]
[…]
Although Apple forces all web browsers on iOS to use WebKit, the User-Agent OS version is frozen only with Safari, not with other browsers, so third-party browsers still accurately report the iOS version.
[…]
By the way, I’m a bit puzzled by Apple’s partial freezing of the Safari User-Agent on iOS, because Safari is always inseparable from the OS, so it’s possible to derive the iOS version from the Safari version, which continues to be incremented in the User-Agent.
Brent Simmons:
I was curious about iOS 26 adoption for NetNewsWire. I looked at the 30-day-active-users numbers, separated by iOS version.
Current adoption is 84% for iOS 26.
René Fouquet:
I’m slowly getting to the point where I realize that it’s close to impossible to have an app that works reliably both on iOS 18 and 26. Something is always broken. You fix one thing, it breaks something else. Apple’s solution is obviously to support 26 only, but I’m not doing them this favor.
iOS iOS 26 Liquid Glass
Ryan Ashcraft:
Up until iOS 26, tab bars were fixed on the bottom of the screen and spanned the full horizontal space. Now, tab bars are capsule-shaped and inset from the screen edges.
[…]
Search tabs are separated visually from the rest of the tab bar and have a circular shape. When switching to the search tab, there’s a morph animation from the circle to the search field, which is now on the bottom of the screen. The new placement is convenient for reachability, a major selling point of the new design system.
[…]
Since the search tab looks like a button, developers and designers are treating it like one. Specifically, they’re using it (or emulating it) for their app’s primary action: the single most important action in an app, like composing a message or adding a new entry.
[…]
Apps have solved this in two ways for over a decade: embedding buttons in the tab bar (like Instagram’s 2011 camera button) or floating them above it (formalized by Google in Material Design 2014). Apple has never officially supported either. The Apple Human Interface Guidelines says tabs are for navigation, not actions. Yet these patterns are near-universal in successful iOS apps.
Previously:
Design iOS iOS 26 Liquid Glass Music.app Search
Dr. Drang:
That the default route’s Go button is gray while the alternates are green is a stupidity addressed by Sage Olson and Joe Rosensteel, so I won’t bother.
What I will address is that whichever route you choose, you have to tap its Go button. Even though the full description of each route looks like a button, the only part that’s tappable is the part that looks like a button inside another button.
Is this just as stupid as having a dull color as the default and a bright color as the alternate? Yes. And Apple has known that descriptions should be click/tap targets since the very beginning of the Mac. Here, courtesy of Infinite Mac, is MacWrite 1.0 running on a simulation of an original Macintosh.
Previously:
Apple Maps CarPlay Design iOS iOS 26 Liquid Glass
Keith Stuart (tweet, Hacker News, Reddit, Wikipedia):
The co-founder of Sega, who remained a director of the company until 1996, was instrumental in the birth and rise of the video game business in Japan, and in the 1980s and 90s oversaw the establishment of Sega of America and the huge success of the Mega Drive console.
[…]
For the next 15 years, Sega innovated in the arcade sector, switching from importing games to designing its own, and moving on from jukeboxes and pinball tables to electromechanical arcade games such as the submarine shooting sim Periscope and, in 1972, Killer Shark, a shark hunting game which would briefly feature in Jaws. Sega also began to set up its own arcades allowing the company close control over every facet of its business.
[…]
While Nintendo was all about family entertainment, the titles doing well on the Master System were teen-focused brawlers, such as Golden Axe and Shinobi. When it came to release the new Sega Mega Drive console in Japan in 1988, Rosen insisted on changing its name to Genesis for the US launch, emphasising a new beginning and a more mature outlook.
[…]
Spurred on by Rosen’s vision, Katz marketed the Genesis as a games console for teenagers, not children, using TV ads which combined video game visuals with flashing images and rock music and the immortal phrase: Genesis does what Nintendon’t.
Previously:
Business Game History Japan Rest in Peace Sega
Thursday, January 8, 2026
Juli Clover:
The $200 Soundcore Sleep A30 Special earbuds feature a triple noise reduction system that blends Active Noise Cancellation, passive isolation, and adaptive snore masking to cut down on sleep interruptions. Anker is partnering with Calm to make Calm Sleep Stories available through the Soundcore app.
I’m a big fan of the previous A20 model (Amazon). They’re comfortable (even for side sleepers), they effectively mask noise so I can sleep, they can be easily controlled with taps (no need to go into the app), and the battery lasts a long time because the sounds can be stored on-device rather than streamed via Bluetooth. The A30 (Amazon) adds support for “AI Brainwaves,” which I remain skeptical of, but it should be a good improvement due to the ANC alone.
Previously:
Update (2026-01-09): My thanks to the commenters for pointing out that the A30 was already shipping months before CES. What’s new is the A30 Special:
Soundcore is refreshing its Sleep A30 earbuds with a new “Special” edition that addresses two of the original model’s key weaknesses: battery life and price.
The Sleep A30 Special maintains the active noise cancelation that set the original apart from the A20, but extends battery life significantly while dropping to $199.99—$30 less than the original’s launch price. According to Soundcore representatives at CES 2026, this updated model will eventually phase out the first-generation Sleep A30.
Anker Bluetooth Calm Earbuds iOS iOS 26 iOS App Sleep
Stevie Bonifield (via Hacker News):
In a surprisingly user-friendly move, Bose has announced it will be open-sourcing the API documentation for its SoundTouch smart speakers, which were slated to lose official support on February 18th, as reported by Ars Technica. Bose has also moved that date back to May 6th, 2026.
When cloud support ends, an update to the SoundTouch app will add local controls to retain as much functionality as possible without cloud services.
[…]
Usually when products lose support for cloud services, they end up bricked, and occasionally users step in themselves to fix things. For instance, when Pebble originally shut down in 2016, users kept their watches functional by creating the Rebble Alliance, a community-run replacement for the watches’ cloud services, firmware, and app store.
Previously:
Audio Bose Hardware Open Source Sunset
Wednesday, January 7, 2026
Juli Clover:
Language learning app Duolingo has apparently been using the iPhone’s Live Activity feature to display ads on the Lock Screen and the Dynamic Island, which violates Apple’s design guidelines.
According to multiple reports on Reddit, the Duolingo app has been displaying an ad for a “Super offer,” which is Duolingo’s paid subscription option.
Just like with notifications, another guideline that Apple doesn’t enforce. You have to fill out a privacy manifest to justify reading your own preferences file or displaying a timestamp to a user, but there are no such restrictions on Live Activities or notifications, nor even an API to tag them with a type so that users could choose to filter out ads and promotions.
Previously:
Update (2026-01-08): Nick Heer:
I saw this, too.
[…]
But the HIG is not the App Store Guidelines, and there is nothing in there expressly prohibiting this behaviour, as far as I can see.
Advertising App Review App Store Duolingo iOS iOS 26 iOS App Live Activities Push Notifications
Tim Hardwick (Slashdot, Hacker News):
Logitech users on macOS found themselves locked out of their mouse customizations yesterday after the company let a security certificate expire, breaking both its Logi Options+ and G HUB configuration apps.
Logitech devices like its MX Master series mice and MX Keys keyboards stopped working properly as a result of the oversight, with users unable to access their custom scrolling setup, button mappings, and gestures. It wasn't long before the Logitech subreddit was awash with frustrated reports as people discovered their configured peripherals had suddenly reverted to default settings.
Jeff Johnson:
This article is technically inaccurate, sigh.
All Developer ID code signing certificates expire eventually, and macOS does NOT prevent software with an expired certificate from running, otherwise all of your older apps would be dead now.
Logitech was doing some ADDITIONAL validation of their own design, and that's where the problem occurred.
Logitech:
Because the certificate also affected the in‑app updater, you will need to manually download and install the updated version of the app. Please do not uninstall the app and follow the steps below.
[…]
The certificate that expired is used to secure inter-process communications and the expiration resulted in the software not being able to start successfully.
Previously:
Update (2026-01-08): Jeff Johnson (Mastodon):
The news reporting on this incident included misinformation about how macOS Developer ID code signing works.
[…]
These stories place the blame on macOS for refusing to run apps with expired Developer ID code signing certificates, but this is false! Apple documents the behavior on its certificates support page:
If your certificate expires, users can still download, install, and run versions of your Mac applications that were signed with this certificate. However, you’ll need a new certificate to sign updates and new applications.
[…]
In other words, there’s nothing to worry about until the year 2035 at the earliest, though admittedly it’s a bit troubling that these apps have a ticking time bomb, so to speak. On the other hand, Developer ID provisioning profiles are optional, used only for a few features such as iCloud support, so many or even most Developer ID signed Mac apps have no provisioning profile, and thus no expiration.
Connor Jones:
A Logitech spokesperson replying to angry Redditors said the company was sorry for the issue and resulting disruption.
They wrote: “We dropped the ball here. This is an inexcusable mistake. We’re extremely sorry for the inconvenience caused.”
Bug Code Signing Interprocess Communication (IPC) Logitech Mac Mac App macOS Tahoe 26 Mouse Security The Media
Claudio Wunder (Hacker News):
Any Engineer at @1Password here? Your Chrome Extension seems to recently started breaking HTML from certain pages. For example, the Node.js website code snippets break when 1Password Extension is enabled.
Evan You:
1Password browser extension is injecting Prism.js globally on every page, which then applies its syntax highlighting logic on all <code> blocks matching [lang=*] regardless of whether it’s meant to be compatible, thus breaking original highlighting.
As I’ve said, I dislike this whole architecture where you need a browser extension that can read and write to the page in order to enter your password. I would hope that as little code as possible is injected and that it’s all been vetted by 1Password, not just pulled down as a dependency.
1Password:
We’re aware of an issue in recent versions of the 1Password browser extension that can interfere with syntax highlighting on some pages.
The team is actively working on a fix. We don’t have a timeline to share yet, but keeping the extension up to date will ensure you receive it once it’s available.
Robert Menke:
Sorry this bug slipped through our release process. I just raised this issue again in our internal Slack. We are working on getting a fix out.
[…]
The fix has already been merged into our main branch. We’ll be putting out a release with just this fix. I’m hoping to have it submitted to the browser extension stores today [December 30].
It’s unclear to me whether this is fixed. The latest Mac version still seems to be 8.11.22 from December 9. When I go to the page for the browser extension and click “what’s new” it takes me here, which is a release from December 30 that talks about passkeys and then says only:
We’ve made general improvements and fixed various bugs for a better 1Password experience.
I don’t see anything on the announcements page or Twitter.
Christina Warren:
I’m glad @1Password is taking this seriously now. But this issue was reported on their community forum and to their engineers weeks ago in beta and was not prioritized as a fix until it went viral here. Every company is guilty of this kind of triage, but this is a process failure as much as it is a testing one.
sheng:
really hoping to read a postmortem on this one
Previously:
Update (2026-01-08): Paulo Andrade:
One more reason for dumb extensions. Secrets extension doesn’t do anything to the page before it’s summoned. And even after that, it doesn’t change the DOM in any way (asides from filling input fields).
VS:
Apple does make autofill API available… it’s entirely 1P’s choice to not use it.
Paulo Andrade:
I’d say the API is the preferred way. It works fine, and also works on other native apps.
1Password Bug JavaScript Mac Mac App macOS Tahoe 26 Passwords Safari Extensions
Tuesday, January 6, 2026
John Gruber (MacRumors):
The first is an entire BlackBerry-style phone: Clicks Communicator. It runs Android but ships with a custom launcher that emphasizes messaging and notifications; it has a hardware mute switch and a side button with a color-coded alert light they call the Signal LED.
[…]
The second is the Clicks Power Keyboard. It’s a MagSafe-compatible battery back with a keyboard that slides out, underneath your phone. (Reminiscent of the Palm Pre?) It’s a Bluetooth keyboard, and you can pair it with up to three devices. Examples they cite include pairing with an iPad, Apple TV, and, intriguingly, a Vision Pro. (I’d rather type with my thumbs on a device like this than peck at the virtual keyboard in VisionOS, I think.) This strikes me as a much better idea for a hardware phone keyboard accessory than a case.
The Power Keyboard looks great. An easily detached battery pack with a keyboard is way more appealing than a case that makes your phone huge. Unfortunately, my phone is just not a good fit for most of the work I do (code and e-mails/HTML that pull together links and content from multiple places). The software and small screen can’t be overcome by a keyboard, though I guess it does make the useable screen a bit larger. But if I did more pure writing I would definitely try one of these.
Maybe I will, anyway. There are a bunch of longer blog posts that I think I could make more progress on during deadtime when I only have access to my phone. Part of what’s stopping me is that I find typing on the screen unpleasant. But the other part is that there’s no MarsEdit for iOS, so I’d need to move certain drafts to another app ahead of time and then bring them back.
Previously:
Update (2026-01-07): Roberto Mateu:
I returned my new iPhone 17 Clicks keyboard case and preordered the Power keyboard on the same day. The new keyboard basically addresses all my issues about the case: portability, flexibility being the main ones. However, another big one I haven’t seen mentioned, is my hope that the new keyboard allows for a better weight distribution by making the bottom heavier.
Android Bluetooth Clicks iOS iOS 26 iPhone Keyboard MagSafe MarsEdit Power This Blog
Apple (Hacker News):
In iOS 26.2 and later, browser engines other than WebKit can be used in two types of apps for users in Japan: Dedicated browser apps that provide a full web browser experience, and apps from browser engine stewards that provide in-app browsing experiences using an embedded browser engine.
[…]
To help keep users safe online, Apple will only authorize developers to implement alternative browser engines after meeting specific criteria and who commit to a number of ongoing privacy and security requirements, including timely security updates to address emerging threats and vulnerabilities.
Previously:
Antitrust BrowserEngineKit iOS iOS 26 Japan Legal
Paul Thurrott (Slashdot):
“My goal is to eliminate every line of C and C++ from Microsoft by 2030,” Microsoft Distinguished Engineer Galen Hunt writes in a post on LinkedIn. “Our strategy is to combine AI and Algorithms to rewrite Microsoft’s largest codebases. Our North Star is ‘1 engineer, 1 month, 1 million lines of code.’ To accomplish this previously unimaginable task, we’ve built a powerful code processing infrastructure. Our algorithmic infrastructure creates a scalable graph over source code at scale. Our AI processing infrastructure then enables us to apply AI agents, guided by algorithms, to make code modifications at scale. The core of this infrastructure is already operating at scale on problems such as code understanding.”
Mayank Parmar (Hacker News):
Microsoft told Windows Latest that the company does not plan to rewrite Windows 11 using AI in Rust, which is a programming language that is more secure than C and C++.
[…]
I also screenshotted the LinkedIn post before it was edited out by the top-level Microsoft engineer[…]
[…]
Honestly, most people would not have taken this seriously if it did not come from a top-level Microsoft engineer. When someone with that kind of title and long history at the company talks about eliminating C and C++ and using AI to rewrite large codebases, it sounds less like a random idea and more like something Microsoft is at least exploring.
Miguel de Icaza:
It bothers me that the clarification was not “sorry I misled you”, but “you folks are dumb by parsing my words the way I wrote them”
Meanwhile, here’s the actual www.office.com site matter-of-factly rebranding Office as Copilot (via Hacker News):
The Microsoft 365 Copilot app (formerly Office) lets you create, share, and collaborate all in one place with your favorite apps now including Copilot.
Previously:
Update (2026-01-08): Jesper:
Ignoring hype and corporate arrogance, having been conversant in .NET for a significant portion of my life, my thoughts go to Midori. Midori was a legendary ground-up implementation of an operating system, object capability model and asynchronous programming in pure managed, memory-safe code that went as far as to power production code. It directly birthed the concepts behind async and await, which has now spread to pretty much every language in the decade since its introduction, as well as brought the concept of contiguous memory-safe slices, christened Span<T> to C# and .NET, where it now infiltrates all levels of the stack and brings down memory allocations and by extension garbage collection.
I don’t know what Mr Hunt is up to, but it does have the ring of a similar project.
[…]
My hope is that this project, alongside the current effort to only allow new codebases in Rust in the Windows kernel, helps push on the state of the art by trying to do what research projects do best - which is to start with an oft-absurd idea and then take it, over time, with purpose and still with connection to what the real world wants to accomplish, to a logical conclusion.
Artificial Intelligence Copilot AI Microsoft Microsoft Office Programming Rust Programming Language Software Rewrite
Monday, January 5, 2026
Brent Simmons:
We’re dropping the Slack group as the NetNewsWire forum and switching to Discourse — here’s the new forum.
Slack’s been pretty great for us, but it does have some limitations: conversations are automatically deleted and they’re not findable on the web in the first place.
It’s a shame that the Slack archives were deleted, but I think this will increase the longevity and accessibility of the information going forward.
Previously:
Datacide Discourse iOS iOS App Mac Mac App NetNewsWire Slack Web
Michael Kennedy (via Hacker News):
For example, how fast or slow is it to add an item to a list in Python? What about opening a file? Is that less than a millisecond? Is there something that makes that slower than you might have guessed? If you have a performance sensitive algorithm, which data structure should you use? How much memory does a floating point number use? What about a single character or the empty string? How fast is FastAPI compared to Django?
I wanted to take a moment and write down performance numbers specifically focused on Python developers. Below you will find an extensive table of such values.
Previously:
Memory Management Optimization Programming Python
Jonas Bonér (based on work by Peter Norvig and Jeff Dean from 2012):
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns 3 us
Send 1K bytes over 1 Gbps network 10,000 ns 10 us
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD
Read 1 MB sequentially from memory 250,000 ns 250 us
Round trip within same datacenter 500,000 ns 500 us
Read 1 MB sequentially from SSD* 1,000,000 ns 1,000 us 1 ms ~1GB/sec SSD, 4X memory
Disk seek 10,000,000 ns 10,000 us 10 ms 20x datacenter roundtrip
Read 1 MB sequentially from disk 20,000,000 ns 20,000 us 20 ms 80x memory, 20X SSD
Send packet CA->Netherlands->CA 150,000,000 ns 150,000 us 150 ms
Colin Scott has a page that helps visualize how these types of numbers have changed over time (Hacker News).
Jon Snader:
Mohammad Zeya Ahmad has an informative post [archive] that answers that question. He has a list of how much time various common operations take. That’s interesting but what make his list stand out is that he draws conclusions from his results.
For example, SSDs are about 30 times faster than HDDs so if you have a high performance disk-based task, it makes sense to use SSDs. Of course, there are reasons to prefer HDDs but if performance is your controlling metric, SSDs are probably your best choice.
For each group of comparable metrics, Ahmad offers an actionable suggestion. Those groups range from CPU versus Cache and Memory speeds to network transfer times.
Previously:
Math Memory Management Optimization Processors Programming Solid-State Drive (SSD) Storage
Ryan Jones:
Can anyone explain why there’s no “Clear Documents & Data” button?
Reinstalling the app just to clear it is dumb.
I can see why Apple doesn’t want to make it easier for users to accidentally delete data that they meant to keep. But I would like to at least see a standard system button for clearing an app’s caches. It’s backwards that to clear the cache you have to Delete App, which also removes its data, then reinstall it and somehow restore. You might think that Offload App would delete the app as well as the purgeable data, leaving only that which can’t be recreated automatically, but as far as I’m aware it leaves the caches in place.
Previously:
Update (2026-01-06): Craig Grannell:
I have a 130MB health app that’s so far ballooned to 1.5GB due to downloading everything each day. It keeps growing. Natch, there is no way to delete old data. (Nor can you get at the data to get the audio files – which is 99% of it – out of the thing.)
iOS iOS 26 Storage
Thursday, January 1, 2026
Simon Willison (tweet, Hacker News):
This is the third in my annual series reviewing everything that happened in the LLM space over the past 12 months. For previous years see Stuff we figured out about AI in 2023 and Things we learned about LLMs in 2024.
[…]
Every notable AI lab released at least one reasoning model in 2025. Some labs released hybrids that could be run in reasoning or non-reasoning modes. Many API models now include dials for increasing or decreasing the amount of reasoning applied to a given prompt.
[…]
It turned out that the real unlock of reasoning was in driving tools. Reasoning models with access to tools can plan out multi-step tasks, execute on them and continue to reason about the results such that they can update their plans to better achieve the desired goal.
[…]
Reasoning models are also exceptional at producing and debugging code. The reasoning trick means they can start with an error and step through many different layers of the codebase to find the root cause. I’ve found even the gnarliest of bugs can be diagnosed by a good reasoner with the ability to read and execute code against even large and complex codebases.
Previously:
Artificial Intelligence ChatGPT Claude Developer Tool Google Gemini/Bard LLaMA Programming
naruse (Hacker News):
Ruby Box is a new (experimental) feature to provide separation about definitions. Ruby Box is enabled when an environment variable RUBY_BOX=1 is specified. The class is Ruby::Box.
Definitions loaded in a box are isolated in the box. Ruby Box can isolate/separate monkey patches, changes of global/class variables, class/module definitions, and loaded native/ruby libraries from other boxes.
[…]
ZJIT is a new just-in-time (JIT) compiler, which is developed as the next generation of YJIT. You need Rust 1.85.0 or newer to build Ruby with ZJIT support, and ZJIT is enabled when --zjit is specified.
We’re building a new compiler for Ruby because we want to both raise the performance ceiling (bigger compilation unit size and SSA IR) and encourage more outside contribution (by becoming a more traditional method compiler). See our blog post for more details.
[…]
Ractor, Ruby’s parallel execution mechanism, has received several improvements. A new class, Ractor::Port, was introduced to address issues related to message sending and receiving (see our blog post).
Compiler Just-In-Time Compilation (JIT) Language Design Programming Ruby
Wednesday, December 31, 2025
Marcus Mendes (PDF):
In the paper UICoder: Finetuning Large Language Models to Generate User Interface Code through Automated Feedback, the researchers explain that while LLMs have gotten better at multiple writing tasks, including creative writing and coding, they still struggle to “reliably generate syntactically-correct, well-designed code for UIs.” They also have a good idea why:
Even in curated or manually authored finetuning datasets, examples of UI code are extremely rare, in some cases making up less than one percent of the overall examples in code datasets.
To tackle this, they started with StarChat-Beta, an open-source LLM specialized in coding. They gave it a list of UI descriptions, and instructed it to generate a massive synthetic dataset of SwiftUI programs from those descriptions.
The paper was published last year, but I didn’t see people talking about it until August. In the interim, Apple started using third-party AI providers in Xcode.
Der Teilweise:
18-25% of the output does not even compile. (The model they started with: 97% of the results FAILED to compile. Even the BEST model fails to produce compilable code in 12% of the cases.)
This lines up with GitHub’s report that typed languages are more reliable for generative AI.
Matt Gallagher:
To be blunt: after testing them out, I have not used LLMs for programming for the rest of the year. Attempting to use an LLM in that way was simply too frustrating. I don’t enjoy cleaning up flawed approaches and changing every single line. I do regularly ask ChatGPT how to use specific APIs, but I’m really just using it as a better documentation search or asking for sample code that is missing from Apple’s documentation. I’m not directly using any of the code ChatGPT writes in any of my apps.
In the meantime, I have watched plenty of presentations about letting Claude Code, and other tools, completely build an “app” but the successful presentations have usually focussed on JavaScript web apps or Python wrappers around small command-line tools. The two times this year that I’ve watched developers try the same with Swift apps have led to non-working solutions and excuses claiming it does sometimes work if left to run for another 20 minutes.
Previously:
Update (2026-01-05): Tas:
My brother is working on an IPTV app in SwiftUI and has a similar experience. Claude Code improved the quality of outputs significantly especially if you download the docs and do spec-driven development. But the chance of one-shotting tasks is still lower than with Typescript for example.
Greg Brockman:
rust is a perfect language for agents, given that if it compiles it’s ~correct
Jonathan Blow:
I understand the motivation, he wants the borrow checker to help make up for the lack of consistent reasoning in LLMs. But the fact he thinks this is a potential solution is nutballs and makes me think he does not understand the problem really.
Update (2026-01-08): Matt Gallagher:
My blog article last week has had some of the most negative feedback of anything I’ve ever published. So many people emailing me to call me out for insulting AI. I’m not sure you need to defend AI, I hear it’s doing fine.
But also, I gave all the major models 7/10 or better and said they’re much better than last year. That’s not a hit piece, calm down.
Artificial Intelligence iOS iOS 17 Programming Swift Programming Language SwiftUI Top Posts Xcode
GitHub (tweet):
This surge in activity coincides with a structural milestone: for the first time, TypeScript overtook both Python and JavaScript in August 2025 to become the most used language on GitHub, reflecting how developers are reshaping their toolkits. This marks the most significant language shift in more than a decade.
[…]
Generative AI is now standard in development. More than 1.1 million public repositories now use an LLM SDK with 693,867 of these projects created in just the past 12 months alone (+178% YoY, Aug ’25 vs. Aug ’24). Developers also merged a record 518.7M pull requests (+29% YoY). Moreover, AI adoption starts quickly: 80% of new developers on GitHub use Copilot in their first week.
[…]
TypeScript is now the most used language on GitHub. […] Its rise illustrates how developers are shifting toward typed languages that make agent-assisted coding more reliable in production. It doesn’t hurt that nearly every major frontend framework now scaffolds with TypeScript by default. Even still, Python remains dominant for AI and data science workloads, while the JavaScript/TypeScript ecosystem still accounts for more overall activity than Python alone.
Java is #4 and C# is #5.
Previously:
Artificial Intelligence Copilot AI GitHub JavaScript Programming Python TypeScript
Tuesday, December 30, 2025
Juli Clover:
Apple should be able to collect a reasonable commission on purchases made using external links included in iOS apps, the U.S. Court of Appeals ruled today (via Reuters). The U.S. Court of Appeals partially reversed sanctions imposed on Apple after Apple was found to have willfully violated an injunction in the ongoing Epic Games vs. Apple legal battle.
[…]
Apple is not going to be able to start charging a commission immediately, though. The case has been sent back to the district court so that a reasonable fee can be determined.
[…]
Apple can restrict developers from making external links more prominent than in-app purchase options. Specifically, Apple can restrict a developer from putting buttons, links, or other calls to action in more prominent fonts, larger sizes, larger quantities, and more prominent places than buttons for in-app purchases. Apple has to allow developers to place buttons in “at least” the same fonts, sizes, and places as Apple’s own.
Kyle Orland (Hacker News, Slashdot):
The ruling, signed by a panel of three appellate court judges, affirmed that Apple’s initial attempts to charge a 27 percent fee to iOS developers using outside payment options “had a prohibitive effect, in violation of the injunction.” Similarly, Apple’s restrictions on how those outside links had to be designed were overly broad; the appeals court suggests that Apple can only ensure that internal and external payment options are presented in a similar fashion.
The appeals court also agreed that Apple acted in “bad faith” by refusing to comply with the injunction, rejecting viable, compliant alternatives in internal discussions. And the appeals court was also not convinced by Apple’s process-focused arguments, saying the district court properly evaluated materials Apple argued were protected by attorney-client privilege.
While the district court barred Apple from charging any fees for payments made outside of its App Store, the appeals court now suggests that Apple should still be able to charge a “reasonable fee” based on its “actual costs to ensure user security and privacy.” It will be up to Apple and the district court to determine what that kind of “reasonable fee” should look like going forward.
Jay Peters (MacRumors):
“If you want to have an app go through review with custom linkouts, maybe there’s several hundred dollars of fees associated with that every time you submit an app, which is perfectly reasonable because there are real people at Apple doing those things and Apple pays them, and we should be contributing to that,” Sweeney says. But he says that the ruling, “completely shuts down, I think, for all time, Apple’s theory that they should be able to charge arbitrary junk fees for access.”
With these two areas that Apple would be allowed to charge for, Sweeney says that “I can’t imagine any justification for a percentage of developer revenue being assessed here.”
[…]
The ruling wasn’t the only big news for Epic and Fortnite on mobile today: the game also returned to Google Play in the US after similarly being booted by Google when Epic added the in-app payments system to Fortnite. Epic and Google announced last month that they have agreed to settle their lawsuit, and while the two sides are still seeking court approval for their settlement, it resolves their disputes worldwide.
Jeff Johnson:
The court ruling is confusing.
It says Apple can charge “necessary” costs for use of its IP but seems to interpret IP extremely narrowly to apply only to external links?
I’m not even sure what that IP is supposed to be.
Previously:
App Store Business Epic Games External iOS Payments Fortnite iOS iOS 26 Lawsuit Legal
Screen Sizes is a Web app that shows the display resolution for each iPhone model, and it also has details about the sizes of the home indicator, notch, widgets, etc.
Via Nick Heer:
Something I need to do at my day job on a semi-regular basis is compositing a screenshot on a photo of someone holding or using an iPhone or an iPad. One of my pet peeves is when there is little attempt at realism — like when a screenshot is pasted over a notch, or the screen corners have an obviously incorrect radius. This is not out of protection for the integrity of Apple’s hardware design, per se; it just looks careless. I constantly refer to Screen Sizes to avoid these mistakes.
Previously:
Developer Tool Display iOS iOS 26 iOS Widgets iPhone Programming Retina Web
Monday, December 29, 2025
Howard Oakley (Hacker News):
If someone had told me 12 months ago what was going to happen this past year, I wouldn’t have believed them. Skipping swiftly past all the political, economic and social turmoil, I come to the interface changes brought in macOS Tahoe with Liquid Glass. After three months of strong feedback during beta-testing, I was disappointed when Tahoe was released on 15 September to see how little had been addressed. When 26.1 followed on 3 November it had only regressed, and 26.2 has done nothing. Here I summarise my opinions on where Tahoe’s overhaul has gone wrong.
[…]
In real life, whiteouts are dangerous because they’re so disorienting. There’s no horizon, no features in the landscape, and no clues to navigation. We see and work best in visual environments that are rich in colour and tonal contrasts. Tahoe has continued a trend for Light Mode to be bleached-out white, and Dark Mode to be a moonless night. Seeing where controls, views and contents start and end is difficult, and leaves them suspended in the whiteout.
[…]
I’m sure that, in the right place and time, transparency effects of Liquid Glass can be visually pleasing. Not only is this the wrong time and place, but those with visual impairment can no longer remove or even reduce these effects, as the Reduce Transparency control in Accessibility settings no longer reduces transparency in any useful way. That was one of the regressions in 26.1 that hasn’t been addressed in 26.2.
jjice:
I don’t mind how Liquid Glass looks at all. It’s just insane how buggy the system has become. Even Messages will bug out, like deleting my first word if I type too fast after opening a conversation or auto scrolling and not letting me scroll down until I exit and re-enter.
Unacceptable for the premium you pay for Apple software. Unacceptable for any software one is paying for. I hope they get their shit together and start fixing before they continue adding new stuff. 26.2 doesn’t inspire me that they’re on that trajectory.
Previously:
Update (2025-12-30): Craig Grannell:
Sad to see that last pic of an older macOS and see how far things have fallen. (And Howard didn’t even mention the absurd “hovering” buttons.)
Nick Heer:
Oakley reviews several lingering problems with Liquid Glass in MacOS, but the above remains the most — and I use this word intentionally — glaring issue I have with it. It is a problem that becomes entirely clear as you scroll to the bottom of Oakley’s post and find a screenshot from — I think — Mac OS X Mavericks with evident precision and contrast.
Aaron Trickey:
What pushed me over the edge in deciding to chase at least some of it was installing the first beta of macOS Tahoe. It was clear that non-updated apps would immediately stand out, from the radius of the window corners to the look of standard controls, and I wanted to make sure my apps looked well-maintained. I decided on a major (dot-zero) release number to give me a bit more license to update the UI than normal, and dug in.
[…]
This, unfortunately, turned into a surprising time sink. There was a lot of
churn, with each macOS beta changing at least something about how glass
effects looked or behaved. Different control types applied glass effects
inconsistently (and still do, in the released versions). When presented over a
white background, glass layers become hard to spot without additional
tweaking. This resulted in many hours of experimenting and iterating, far more
than the size of these controls would imply. I’m pleased with the final
result, but expect to keep revising it over time.
One thing Apple pushed for, which I did not adopt, was to extend blurred
document content up under the toolbar. I tried, over many hours, repeating
with each new beta, but it never worked out.
Update (2026-01-08): John Gruber (Mastodon):
It’s just remarkable how much better-looking MacOS was 10 years ago, compared to MacOS 26 Tahoe at its best. And it’s equally remarkable just how bad MacOS 26 Tahoe looks in many typical, non-contrived situations, where entire menus or the title of a window are rendered completely illegible.
Gus Mueller:
For me, the first and worst sin of macOS Tahoe is that window backgrounds are 100% white in Light Aqua. Dark Aqua is 8.9% white, which is OK. Black still shows up against it.
Sequoia was and 90.6% and 14.7%, so you could draw white on a window background and see it.
Ken Gruberman:
As the Norwegians say, Liquid Glass is “not so bad” on iPhones and iPads, but on the Apple Watch and the Mac, it’s an abomination.
Steve Troughton-Smith:
I understand sentiment of this article, but must note that the specifics of much of what’s mentioned here are the choice of third-party devs. You can’t just flip a switch and turn on Liquid Glass, especially in a traditional Mac app. Tying into what I said earlier this year: traditional Mac apps are not native to this design language — you need to redesign the apps too. That’s why adopting Liquid Glass is such an ordeal, and why many (including Apple) haven’t shipped
I don’t think it works well in the apps have have been redesigned, either.
Mario Guzmán:
This could be a case study on how design at Apple has gotten worse. Take iTunes/Music for Mac:
- From Catalina on, full-height sidebars started eating into valuable toolbar real estate.
- In Tahoe, not only to stupid big corner radii eats more into you usable area, they now allow the inspector sidebars to cut even more into toolbar space.
- The volume & scrub controls are now an extra click away.
Accessibility Apple Software Quality Design Liquid Glass Mac macOS Tahoe 26 Music.app
Benny Kjær Nielsen:
I’ve previously described the transition to the new pricing model as a huge gamble because I would no longer be selling license keys for $50. This was the majority of the revenue generated. So far, this gamble has paid off since I’ve had an increase in revenue when comparing 2025 to 2024. It does not correspond to what one (where I live) would expect from a full time job, but it does mean that I’m going to continue full time development in 2026. I believe that is good news for MailMate users and I’m really thankful for all of the, new and old, MailMate development patrons/subscribers.
Some users might have noticed that I haven’t uploaded any test releases of MailMate for quite a while (more than 2 months). This is not because I’ve not been working on MailMate. It’s because I’ve been working on some broad changes to very old core parts of MailMate, in particular, related to parsing/editing of emails and memory management.
Previously:
Business E-mail Client Mac Mac App macOS Tahoe 26 MailMate
Friday, December 26, 2025
matthewfromteneriffe (Reddit):
Since updating to WatchOS 26 I no longer receive any alerts (i.e. pace, heart rate zone and splits) - only beeps, no voice alerts. I do not use headphones/iphone while running.
Xiruzero:
What I realized is that the alerts don’t work if the watch is offline, but will work if the watch is connected with the Internet. My watch is Wi-Fi only and I don’t take my phone on my runs, so it’s always offline during workouts.
The issue happens even if the watch disconnects mid workout. It’ll start playing alerts and stop as soon as the watch loses connection.
matthewfromteneriffe:
After a number of calls with a support person (and engineering via that support person), they confirmed verbally that to get voice feedback when not connected to an iPhone/internet, you need to download the voice files to the watch (I think I did this prior to updating to OS26 but had not done this in OS26 as I was not aware this was needed) AND your watch needs to be connected to headphones to play the voice alerts (although the voice alerts play from the watch when the phone is connected). The support person confirmed that this change is by design - naturally I voiced my irrigation and lack of clear communication by Apple that they had made this decision for me.
I did not test this as I do not use headphones when exercising so I am having my watch downgraded to the previous OS.
[…]
If I hadn’t become so ‘addicted’ to tap to pay (and other tap functions) on the watch, I’d be switching to a Garmin.
trail-runner:
In case this helps others experiencing this issue, I’ve spent numerous hours with Apple support on this and finally received an official response from their engineering team:
Workout Voice Feedback was removed on Watch OS 26 for GPS models of Apple Watch. This feature is still available on cellular models of Apple Watch as it now requires a network connection for the feature to operate. This feature applies to normal voice feedback during workouts. It is now expected that if the iPhone and GPS models of the Apple Watch are not within range of each other during the workout, that the voice feedback function will not work.
alexskunz:
I’m experiencing the same thing, and I am completely dismayed by this change. Getting Voice Feedback without having to haul the phone around was the whole reason to get an Apple Watch as my fitness tracker (listening to music via AirPods was just an added benefit).
I have tried everything that is mentioned in this whole lengthy thread (downloading the speech files via Accessibility setting, adjusting the notifications to “all” instead of “Urgent”, Siri settings, etc.) without any improvement.
The Watch with OS26 doesn’t speak when it isn’t connected to an iPhone. The interesting thing is that the iPhone does NOT need to have a network connection — I had mine in my pocket, in airplane mode, and the Watch still gave me Voice Feedback. This is in line with the observations from MajorLeagueSoccer that their Watch with “cellular” doesn’t actually have a cellular connection, but does provide Voice Feedback as well.
This seems to contradict what the engineering team said. I don’t understand whether there’s an artificial restriction or a bug.
Previously:
Update (2025-12-30): Bob O’Shaughnessy:
I’ve been infuriated by this since the release of WatchOS 26. Running without phone has been my main workout For a few years now.
Hopefully this gets the issue some traction with people at Apple who can fix it. The calls to support and the huge Apple Support Community thread haven’t helped.
Bug Speech Synthesis watchOS watchOS 26 Workout
Juli Clover (Hacker News, Slashdot):
The Texas App Store Accountability Act (SB2420) requires Apple and other app marketplaces to confirm user age when a person creates an Apple Account. Apple Accounts for users under 18 would need to join a Family Sharing group, with new controls available for parents and restrictions for minors.
In a preliminary injunction that delays the implementation of the act, Judge Robert Pitman said that it violates the First Amendment and is “more likely than not unconstitutional.”
Sarah Perez:
The Texas attorney general’s office noted in a court filing that it plans to appeal the decision, a report from Reuters noted.
Apple:
In light of this ruling, Apple will pause previously announced implementation plans and monitor the ongoing legal process.
[…]
These tools can also be used to help developers with their obligations under laws coming into effect in Utah and Louisiana in 2026. The Declared Age Range API remains available worldwide for users on iOS 26, iPadOS 26, and macOS 26, or later.
Previously:
App Store Children iOS iOS 26 Legal Texas
Monica J. White (via Mac Power Users):
SSDs rely on stored electrical charge in NAND flash cells to represent data. When an SSD is powered and in regular use, it can correct many small errors with ECC, remap weak blocks, and generally keep data reliable. Leave your SSD in a drawer, though, and it can’t do any of that.
Industry sources talk about this at length. Western Digital notes that data retention diminishes as PE cycles increase. Most SSDs run checks in the background to verify which blocks are experiencing higher bit error rates, but when the SSD is powered off, that process can’t take place.
YouTuber HTWingNut runs a (very small-scale) yearly experiment that shows what can happen to SSDs when they’re used as cold storage. The latest results after two years showed that out of four cheap TLC SSDs tested, drives that were previously heavily used (way past their recommended TBW rating) showed signs of corruption after being unpowered for two years.
[…]
If you need to park data on an SSD, check on it periodically. Power it up, run a full read/verify pass, and compare checksums for your irreplaceable files.
This is easy to do if the files are stored in EagleFiler. I periodically check all my archives, though they’re stored on spinning hard drives due to the still much higher costs and lower capacities of SSDs.
Previously:
Data Integrity EagleFiler Mac macOS Tahoe 26 Solid-State Drive (SSD) Storage
Hartley Charlton:
Apple and Amazon are facing a new UK opt-out class action seeking more than £900 million ($1.2 billion) over claims that the companies struck an unlawful deal that pushed independent Apple and Beats sellers off Amazon and kept prices higher for consumers.
The claim centers on an agreement from October 2018, from which point it is alleged that Amazon restricted third-party sellers from offering Apple products on Amazon’s marketplace, while Apple gave Amazon better wholesale terms for Apple products sold directly by Amazon as a retailer.
Previously:
Amazon Antitrust Apple Beats Business Lawsuit Legal Shopping United Kingdom Web
Wednesday, December 24, 2025
Howard Oakley:
One of the primary aims of most malware is to trick you into giving it your password. Armed with that, there’s little to stop it gathering up your secrets and sending them off to your attacker’s servers. One of your key defences against that is to know when a password request is genuine, and when it’s bogus. By far the best way to authenticate now is using Touch ID, but many Macs don’t support it, either because they can’t, or because their keyboard doesn’t, and there are still occasions when a genuine request may not offer it. This article looks at the anatomy of a range of genuine password requests. Note that these dialogs aren’t generated by the app, but come from the macOS security system, hence their consistency.
It’s kind of scary that there isn’t really anything about the standard Mac password dialogs that malware couldn’t duplicate. I don’t know why Apple hasn’t figured out a way to modify the rest of the screen in a way that only they could do. But, in practice, the fake dialogs seem to be very sloppily designed, so it’s good to review Oakley’s catalog.
I use a USB keyboard that doesn’t support Touch ID 99% of the time. Even when using my MacBook Pro’s internal keyboard, I tend not to use Touch ID because it rarely works. (It doesn’t work well on my iPad Air, either, though it was very reliable back before iPhones switched to Face ID.)
Update (2025-12-26): Kyle Howells:
I’ve though for the last decade that Apple should have a second light next to the camera light* which lights up during a real macOS auth request.
As it is Apple’s flood of permission requests is security theatre which makes users less secure by training them to expect frequent random prompts for their macOS password and to just accept it without thinking and enter their password.
(*a different color, maybe the other side of the camera, or above the keyboard instead).
Adam Demasi:
I kinda don’t trust Apple to not make it even more confusing. Personally I think there’s a lot that can be learned from UAC’s seeming simplicity, while it has a bunch of anti-forgery features built in. (Don’t need to replicate all the unfixed security flaws surrounding it though lol)
OS X actually used to show more info in the admin elevation prompt, like the process name and the intended outcome (run command as root, start privileged helper, custom 3rd-party tasks), not sure why this was removed around the Lion era.
One thing for sure though, making system auth prompts look just like all other alerts is a mistake. Apple keeps doing this for some reason (see also fake Apple ID prompts, before they redesigned this UI around the Face ID double-click)
Mac macOS 15 Sequoia macOS Tahoe 26 Malware Passwords Security Touch ID
Apple:
When a user searches on the App Store, your ad can appear at the top of their search results. And starting in 2026, we’ll be introducing more ads to increase opportunity in search results.
[…]
Your ad will run in either the existing position — at the top of search results — or further down in search results. If you have a search results campaign running, your ad will be automatically eligible for all available positions, but you can’t select or bid for a particular one.
James Thomson:
Me: I really hate the advert when you search on the App Store, I wish Apple would change that.
Apple: Wish granted!
John Gruber (Mastodon):
I have a bad feeling about this.
Marco Arment:
App Store search is ineffective and primitive, and doesn’t reliably show high-quality, relevant results for queries.
How can it be improved?
More advanced search algorithms, like the last two decades? Nope!
AI-assisted relevance and ranking, like this decade? Nope!
When all you have is an insatiable desire for more “services revenue”, you can only see one solution…
Greg Pierce:
Why should Apple just take 30% of the lifetime value of your customers in perpetuity when they can charge you 90% of that just to acquire them!
Jeff Johnson:
Do additional ad positions in App Store search mean that if someone searches for your app by name, Apple can bury your app even lower than its current (hopefully) #2 position in the results?
Previously:
Advertising App Store App Store Search Ads iOS iOS 26
Halimah DeLaine Prado (Reddit):
We filed a suit today against the scraping company SerpApi for circumventing security measures protecting others’ copyrighted content that appears in Google search results. We did this to ask a court to stop SerpApi’s bots and their malicious scraping, which violates the choices of websites and rightsholders about who should have access to their content. This lawsuit follows legal action that other websites have taken against SerpApi and similar scraping companies, and is part of our long track record of affirmative litigation to fight scammers and bad actors on the web.
Google follows industry-standard crawling protocols, and honors websites’ directives over crawling of their content. Stealthy scrapers like SerpApi override those directives and give sites no choice at all. SerpApi uses shady back doors — like cloaking themselves, bombarding websites with massive networks of bots and giving their crawlers fake and constantly changing names — circumventing our security measures to take websites’ content wholesale.
Barry Schwartz:
Google claims SerpApi uses hundreds of millions of fake search requests to mimic human behavior. This allows them to bypass CAPTCHAs and other automated defenses that Google uses to prevent bots from overwhelming its systems.
SerpApi sells a “Google Search API” to third parties. Google argues this is deceptive because Google does not offer a public search API for this type of data. SerpApi is essentially selling a back door to Google’s proprietary search engine.
Google argues that its security systems (like SearchGuard) are “technological measures” that control access to copyrighted work. By bypassing them, SerpApi is allegedly violating Section 1201 of the DMCA. Google claims SerpApi is violating Google’s Terms of Service, which strictly prohibit automated scraping and the use of proxies to hide one’s identity. Google alleges that SerpApi is profiting from Google’s massive investment in organizing the world’s information without contributing to the ecosystem or respecting the rules.
“Google estimates that SerpApi sends hundreds of millions of artificial search requests each day to Google. Over the last two years, that volume has increased by as much as 25,000%,” Google said.
Danny Goodwin:
What SerpApi has said previously. SerpApi argued that “public search data should be accessible,” framing its work as protected by the First Amendment and warning that lawsuits like Reddit’s threaten the “free and open web.”
Nick Heer:
Recent actions taken by U.S. courts, for example, have found Google illegally maintained its search monopoly. In issuing proposed remedies earlier this year, the judge noted the rapidly shifting world of search thanks to the growth of generative artificial intelligence products. “OpenAI” is mentioned (PDF) thirty times as an example of a potential disruptor. However, the judge does not mention OpenAI’s live search data is at least partially powered by SerpApi.
Previously:
Artificial Intelligence Copyright Digital Millennium Copyright Act (DMCA) Google Lawsuit Legal OpenAI SerpApi Web Web Crawlers
Clare Duffy (Reddit):
TikTok has signed the deal backed by President Donald Trump to spin off its US assets to create a new entity with a group of mostly American investors, CEO Shou Chew told employees in a memo Thursday.
Although the transaction is not yet complete, the move brings TikTok one step closer to securing its long-term future in the United States. It comes after a law passed last year required that the US version of the app be spun off from its parent company, ByteDance, or be banned in the United States.
[…]
Under the agreement, the US TikTok app will be controlled by a new joint venture, 50% of which will be owned by a consortium of investors comprised of tech company Oracle, private equity firm Silver Lake and Emirati-backed investment firm MGX. Just over 30% of the joint venture will be held by “affiliates of certain existing investors in ByteDance” and 19.9% will be retained by ByteDance, according to Chew’s memo.
John Gruber (Mastodon):
The craziest aspect of this whole saga is that TikTok has been operating illegally since Trump took office.
Nick Heer:
Oracle is among the companies illegally supporting TikTok for the past year, along with Apple and Google. Instead of facing stiff legal penalties, Oracle will get to own a 15% piece of TikTok.
Karl Bode (Hacker News):
The deal purportedly involves “retraining the content recommendation algorithm on U.S. user data to ensure the content feed is free from outside manipulation,” but given you can’t trust any of the companies involved, the Trump administration, or what’s left of U.S. regulators, that means absolutely nothing. Oracle will be “overseeing data protection,” but that means nothing as well given Oracle is run by an authoritarian-enabling billionaire with a long history of his own privacy abuses.
Also, this seems to ignore that three years ago, during the Biden administration, it was already announced that Oracle was overseeing TikTok’s algorithms and data protection. It’s kinda weird that everyone seems to have forgotten that. This is all, more or less, what was already agreed to years ago.
Nick Heer:
There is a kind of implied for now which should be tacked onto the end of its impact on Canadians. This U.S.-specific version lays the groundwork for a political wedge issue in Canada and elsewhere: should people use the version of the app run by a company headquartered in Beijing and mostly owned by a mix of American, Chinese, and Emirati investors, or should they use the app run by a company based in the U.S and mostly owned by a mix of American, Chinese, and Emirati investors? Or, to frame it in more politically expedient terms, should people be allowed to use the “Chinese” app or should they be pushed into the “American” app? Under that framing, I would not be surprised to see the U.S. version become the dominant client for TikTok worldwide.
Previously:
Acquisition Business China Legal Oracle TikTok Web
Tuesday, December 23, 2025
Juli Clover (Hacker News, Reddit):
The Digital Markets Act requires Apple to provide third-party accessories with the same capabilities and access to device features that Apple’s own products get. In iOS 26.3, EU wearable device makers can now test proximity pairing and improved notifications.
Here are the new capabilities that Apple is adding:
- Proximity pairing - Devices like earbuds will be able to pair with an iOS device in an AirPods-like way by bringing the accessory close to an iPhone or iPad to initiate a simple, one-tap pairing process. Pairing third-party devices will no longer require multiple steps.
- Notifications - Third-party accessories like smart watches will be able to receive notifications from the iPhone. Users will be able to view and react to incoming notifications, which is functionality normally limited to the Apple Watch.
I’m looking forward to Apple’s blog post about how easier Bluetooth pairing will put users at risk. The notification forwarding was previously announced, but I didn’t realize it also included support for reactions.
Steve Dent:
However, there’s no indication that it will allow seamless switching between devices as you can do with Apple’s [AirPods], for instance.
Previously:
Update (2025-12-26): Steven Aquino:
I could be wrong, but it sounds like Apple’s using its AccessorySetupKit API for this.
[…]
In the end, this week’s news should make disabled people living in the European Union really happy because product pairing is about to become a way more accessible experience.
These benefits aren’t exclusive to Apple. Google’s “Fast Pair” does it on Android too.
AirPods Antitrust Bluetooth Digital Markets Act (DMA) European Union iOS iOS 26
Joe Rossignol (Slashdot):
Due to regulatory action, Apple has agreed to allow alternative app stores, third-party payment systems for in-app purchases, and in-app links to external offers on iOS in Brazil, according to legal news website MLex and Brazilian blog Tecnoblog.
Previously:
Update (2025-12-26): Hartley Charlton (Slashdot):
CADE specified that Apple may still display warnings or informational messages to users, but those messages must be neutral, objective, and limited in scope, and must not introduce extra steps or barriers that make alternative options harder to use.
According to Brazilian technology site Tecnoblog, which said it obtained the details directly from CADE, purchases made through the App Store will remain subject to a 10% or 25% commission under standard terms. Developers who use Apple's payment system would also pay a 5% transaction fee.
If an app directs users to pay outside the app using only static text, with no clickable link or button, Apple will not charge a fee. If the app includes a clickable button or link that sends users to an external website for payment, Apple will charge a 15% fee. Third-party app stores will be subject to a 5% Core Technology Commission.
Marcus Mendes:
In 2022, Latin American e-commerce giant MercadoLibre filed a complaint with Brazil’s competition watchdog, the Conselho Administrativo de Defesa Econômica (CADE), challenging Apple’s iOS App Store rules, including restrictions on app distribution and the mandatory use of Apple’s in-app payment system.
Since then, the legal back-and-forth closely followed the script seen in other countries where Apple has faced similar antitrust scrutiny. Both Apple and MercadoLibre scored legal wins, which were immediately challenged by the opposing side.
[…]
In a statement provided to 9to5Mac, Apple said:
In order to comply with regulatory demands from CADE, Apple is making changes that will impact iOS apps in Brazil. While these changes will open new privacy and security risks to users, we have worked to maintain protections against some threats, including keeping in place important safeguards for younger users. These safeguards will not eliminate every risk, but they will help ensure that iOS remains the best, most secure mobile platform available in Brazil and we will continue to advocate on behalf of users and developers.
Antitrust App Marketplaces Brazil Business External iOS Payments iOS iOS 26 Legal
Juli Clover:
Apple and Google are teaming up to make it easier for users to switch between iPhone and Android smartphones, according to 9to5Google. There is a new Android Canary build available today that simplifies data transfer between two smartphones, and Apple is going to implement the functionality in an upcoming iOS 26 beta.
[…]
The collaboration will apparently add “more functionality” and support for transferring data types that are not available to transfer with the current tools.
This is good, but I don’t love that it seems to be a private arrangement between Apple and Google. We should all be able to get a dump of our own data.
Juli Clover:
The simplified smartphone switching Apple and Google are adopting is an example of how the Digital Markets Act (DMA) benefits users and developers, the European Commission said today. Apple and Google are making it easier for users to switch between iPhone and Android smartphones, adding an option to transfer data from another smartphone during the device setup process.
Apple and Google are implementing this functionality because the DMA requires services to offer effective data portability to avoid data lock-in to an operating system.
[…]
The DMA is also the reason why Apple and Google designed a simplified eSIM transfer solution earlier this year.
Previously:
Android Antitrust Digital Markets Act (DMA) European Union iOS iOS 26
Thijs Xhaflaire:
Jamf Threat Labs observed a signed and notarized stealer that did not follow the typical execution chains we have seen in the past. The sample in question looked highly similar to past variants of the increasingly active MacSync Stealer malware but was revamped in its design.
Unlike earlier MacSync Stealer variants that primarily rely on drag-to-terminal or ClickFix-style techniques, this sample adopts a more deceptive, hands-off approach. Delivered as a code-signed and notarized Swift application within a disk image named zk-call-messenger-installer-3.9.2-lts.dmg , distributed via https://zkcall.net/download, it removes the need for any direct terminal interaction. Instead, the dropper retrieves an encoded script from a remote server and executes it via a Swift-built helper executable.
Bill Toulas (Reddit):
The stealer emerged in April 2025 as Mac.C by a threat actor named ‘Mentalpositive’. It gained traction by July, joining the less crowded but still profitable space of macOS stealers alongside AMOS and Odyssey.
A previous analysis of Mac.C by MacPaw Moonlock indicates that it can steal iCloud keychain credentials, passwords stored on web browsers, system metadata, cryptocurrency wallet data, and files from the filesystem.
Jeff Johnson (Mastodon):
I hate to say I told you so but…who am I kidding, I love to say I told you so. In 2019 I wrote a prescient blog post, The true and false security benefits of Mac app notarization, in which I foretold such an attack, suggesting that notarization is security theater.
[…]
Many of the Mac malware “protections” that Apple has added over the years are merely punishments for Mac users and honest Mac developers, making their computing life more miserable while leaving gaping holes for malware to sneak through. (See my own Apple Security Credits, as a Mac developer, not a professional security researcher, and those are just issues that Apple fixed, not all of the issues I discovered.) Earlier this month 9to5Mac also reported, Apple security bounties slashed as Mac malware grows, a tacit admission by Apple of this hopeless situation.
Céline Didone:
it was always about creating fear around the well established practice of installing apps from outside the App Store.
Previously:
Update (2025-12-30): Jeff Johnson (Mastodon, Rosyna Keller):
My assumption all along was that notarization is intended to stop malware authors from distributing their own maliciously crafted apps, and in this respect I still think notarization is security theater. However, perhaps my assumption was wrong. What if the purpose of notarization is more narrowly focused, to prevent supply chain attacks like XcodeGhost? The requirement of uploading the built app to Apple for a malware scan is not very good at stopping a determined attacker with full control over app creation, submission, and distribution who is intentionally trying to sneak malware past Apple. On the other hand, the notarization requirement can stop an unwitting developer who is unintentionally distributing known malware in their app only as a carrier, a dupe, already a victim themselves.
The timeline of notarization seems a bit off, three years between 2015 and 2018 for Apple to engineer a mitigation for the massive, damaging XcodeGhost supply chain attack. I don’t see a sense of urgency there; it would be practically lackadaisical. Nonetheless, the motivation and implementation would make sense in light of XcodeGhost.
Is this blog post a mea culpa by me? Maybe! I now acknowledge there may be some security benefit to notarization. Whether the benefit outweighs the many downsides is another question, though. In any case, it would have been nice if Apple had made some kind of public, official statement like, “Hey, we’re introducing notarization because of XcodeGhost,” and then the whole thing would have made sense to everyone from the beginning. Instead, Apple chose its habitual path of greatest resistance, security by obscurity.
Previously:
Mac macOS Tahoe 26 Malware Notarization
Monday, December 22, 2025
Joe Rossignol (Hacker News, ArsTechnica):
Italy’s Competition Authority (AGCM) has imposed a €98.6 million ($116 million) fine on Apple over its App Tracking Transparency feature.
[…]
In a press release and executive summary today, the AGCM said the App Tracking Transparency rules are “disproportionate,” and “harmful” to app developers and advertisers. Ultimately, it found that Apple abused its dominant position in the EU market.
Previously:
Antitrust App Tracking Transparency iOS iOS 26 Italy Legal
John Daniel (via John Siracusa, Reddit):
As of 26.1, when you encode a security-scoped bookmark to “file:///”, what you decode will be a bookmark to “file:///.nofollow/”. So the decode method now succeeds, but the value is wrong. I actually preferred the behaviour of the original bug.
Kevin Elliott:
The “.nofollow” syntax is a new part of the core system that allows components to construct paths that the lower level system guarantees will not be resolved or followed. This makes it simpler to protect against TOC/TOU attacks by allowing one component of the system to resolve a particular path, then pass that path to another component while guaranteeing that the second component won’t inadvertently cause a second resolve.
Unfortunately, the bug here is that parts of Foundation aren’t handling this correctly when the path references root.
I expect this will be resolved in the next system update [26.2]; however, it’s not clear to me whether that will mean that resolution will return “/” again or that the new “file:///.nofollow/” construct will start working.
However, even if we revert to “/”, you should be aware that “.nofollow” and “.resolve” paths are not inherently invalid and you should expect to see more of them in the future.
I don’t remember seeing this in the documentation or at WWDC.
Kevin Elliott:
The standard way of preventing this attack is by passing one of the “no follow” flags to open, but in a complex system that can be extremely difficult to guarantee and validate.
The new “.nofollow” construct effectively “attaches” the no follow flag to the path itself, forcing that flag on all open calls regardless of the actual flag passed in.
Kevin Elliott:
I’m not sure what the current state of things is, but the expectation is that most/all syscalls that interact with paths will “preserve” these “.<flag>” prefixes. I’ll also note that the behavior of realpath will change based on “.nofollow”.
[…]
In the context of framework code, I think the best option is to treat any “.nofollow” path you receive as “inherently” canonical and simply use it directly.
Kevin Elliott:
My general advice here is to treat any URL you receive from the system as a “magic” object. In practice, I generally convert it to a bookmark, then resolve the bookmark again, and use that new URL*, discarding the original (“magic”) URL.
*This ensures that the rest of my app is ALWAYS working with “a URL that came from a bookmark”, instead of a “split” flow.
Previously:
File System Mac macOS Tahoe 26 Programming Security Security Scoped Bookmarks Symbolic Links URL
Jeff Johnson (Mastodon):
This morning I reluctantly updated my iPhone SE (3rd generation) from iOS 18.7.2 to iOS 26.2. I had been hoping for Santa Cook to bring me iOS 18.7.3 for Christmas. Apparently, though, we’ve all been naughty. Or maybe Cook himself is not nice. I was aware that it was (previously) possible to install iOS 18.7.3 by enabling beta software updates, but nowadays that requires enabling iCloud, which I refuse to do on my iPhone. According to MacRumors and my followers on social media, Apple has within the past 24 hours stopped providing 18.7.3 on the beta track. Moreover, Apple is providing restore image to developers for only a few iPhone models: XR, XS, and XS Max. Thus, it appears that iOS 18 is effectively discontinued on most devices, and iOS 18.7.2 suffers from actively exploited security vulnerabilities.
More on that here. I also somewhat involuntarily just updated to iOS 26.2, because I got a new Apple Watch and it refuses to pair with an iPhone running iOS 18.
What struck me on iPhone was something I hadn’t noticed as much on Mac and iPad: the animations.
[…]
There are quite a few visual glitches remaining, three months after the public release of the new operating system. If iOS 26.0 was half-baked, iOS 26.2 is at most two-thirds-baked.
Needless to say, I enabled Reduce Transparency in Display & Text Size Accessibility Settings as soon as I updated to iOS 26. I had already enabled Show Borders and On/Off Labels in iOS 18 or earlier.
[…]
By the way, don’t get me started on the Liquid Crass replacement of close buttons with checkboxes. (On iOS 18, the checkbox in the video was a Done button.) This change is insane! And I’ve already had a customer confused by the checkbox, thinking that they had to “approve” something in the window.
I’d seen the betas, too, and already knew I didn’t like Liquid Glass. What struck me in everyday use is how many glitches remain and that the accessibility settings don’t work very well. There are glass borders that start out with square corners and then become rounded. As with previous recent versions, various things just don’t look good with Reduce Transparency enabled—ugly colors, edges that are harder to see in a sea of white—like I’m being penalized for using it. I ended up turning it off because sometimes the keyboard doesn’t show the labels of the keys. I find the Liquid Glass animations annoying, too, but many of them remain even after enabling Reduce Motion. Prefer Cross-Fade Transitions helps but looks odd, in my opinion, and causes temporarily glitches with curved outlines being left behind. I guess it’s easier to not consider the “bloody ROI” if you don’t commit the resources to actually finishing the job.
Previously:
Update (2025-12-23): Craig Grannell:
“like I’m being penalized for using it”
That’s how I’ve long felt about Apple’s approach to the visual design of a lot of accessibility features. It feels petulant. “Well, if you don’t want our gorgeous design, you can make do with THIS.” And there are so many vestibular triggers left in these systems, it may actually be dangerous for some people to update. Yet Apple is effectively forcing them too anyway.
Update (2025-12-26): Arnaud:
I personally love the animations but hard agree on the half baked stuff.
The Mail app is the worst, especially in the headers where the unsubscribe prompt and “could not load over vpn” message live. It’s something you’d expect from android circa 2010.
Accessibility Apple Watch SE Bug Design iOS iOS 26 Liquid Glass watchOS watchOS 26
Chiara Castro (Hacker News, Reddit):
Proton has confirmed the company has begun moving out of Switzerland due to “legal uncertainty” over the newly proposed surveillance law.
[…]
The firm behind one of the best VPN and encrypted email services has been very critical of the Swiss government’s proposed amendment of its surveillance law since the beginning, already sharing plans to quit Switzerland back in May.
[…]
Proton launched its ChatGPT competitor, Lumo, in July 2025, to give its users an alternative to Big Tech solutions that truly protect their privacy.
In a blog post about the launch, Proton’s Head of Anti-Abuse and Account Security, Eamonn Maguire, explains that the company has decided to invest outside Switzerland for fear of the looming legal changes.
Previously:
Artificial Intelligence Business Germany Legal Lumo Privacy Proton Proton Drive Proton Pass Proton VPN ProtonMail Switzerland
Friday, December 19, 2025
Juli Clover:
Mac users with the Studio Display have been complaining about intermittent flickering since the update launched in September. There are also complaints from users who have other kinds of displays, so it might be a bug that is affecting more than one type of external monitor.
We have experienced this issue with a MacBook Pro running macOS Tahoe connected to a Studio Display, and the macOS Tahoe 26.1 and macOS Tahoe 26.2 updates haven't improved the situation at all. In fact, the flickering seems to be getting worse in recent days.
Dan Moren:
I’m glad this is finally gaining some attention because I have been seeing this since the earliest betas of Tahoe back in June (I complained about it again more recently). And that’s been on multiple Macs, including my Mac mini attached to a Studio Display, my old M1 MacBook Air, and my current M4 MacBook Air.
Oliver Haslam:
It’s thought that this dithering causes a flickering effect which, in some cases, can even cause headaches. Thankfully, a third-party utility called Stillcolor can override the display controller’s behavior.
Disabling dithering via Stillcolor is reported to have fixed the issue for some. Unfortunately, others say it hasn’t worked for them, so your mileage may vary.
Previously:
Update (2025-12-22): eric:
wow I thought I was losing my mind of my m4 Mac mini was going south. I don’t see it in my work MBP without Tahoe.. didn’t think it was the OS but I guess it is! It’s not bad and infrequent but unnerving either way.
Update (2026-01-09): Max Seelemann:
Today my Studio Display started to flicker.
Bug Display Mac macOS Tahoe 26 Studio Display
John Gruber:
There are many sites — and the trend seems to be accelerating — that do not use passwords (or passkeys) for signing in. Instead, they only support signing in via expiring “magic links” sent by email (or, sometimes, via text messages). To sign in with such a site, you enter your email address, hit a button, and the site emails you a fresh link that you need to follow to sign in. I despise this design pattern, because it’s inherently slower than signing in using an email/password combination that was saved to my passwords app and autofilled by my web browser.
[…]
To make matters worse, when you create a new account using a “magic link”, nothing gets saved to Apple Passwords. I don’t have many email addresses in active use, but I do have several. Sometimes I don’t remember which one I used for my account on a certain site.
[…]
One workaround I’ve used for a few sites with which I keep running into this situation (Status, I’m looking in your direction) is to manually create an entry in Apple Passwords for the site with the email address I used to subscribe, and a made-up single-character password. Apple Passwords won’t let you save an entry without something in the password field, and a single-character password is a visual clue to my future self why I did this.
I have also run into this friction where the Passwords app insists I not leave the field blank but there’s nothing that really makes sense to put there.
I’d always assumed that sites used magic links because people don’t remember their passwords, and it’s easier to click a link than to go through the password reset process each time. But Gruber notes that magic links are also an effective way to combat account sharing.
Previously:
Update (2025-12-22): Ezekiel Elin:
You actually can create password entries without passwords because there’s a bug in the app where the (command)+S keyboard shortcut works even when the UI button to save is disabled
Apple Password Manager Mac macOS Tahoe 26
Peter Maurer:
The volume indicator, on the other hand, is most important to me when there’s currently no sound playing, e.g., because I want to confirm my system is muted (or at least not in “yell loud enough to wake everyone in the house” mode) before I start playing a video. And I’d rather do that without having to squint at a tiny slider on a fuzzy-glassy background in an inconvenient spot way outside of my center of attention. A tiny slider on a fuzzy-glassy background in an inconvenient spot way outside of my center of attention, I might add, that doesn’t always update properly when I hit the mute/unmute key.
[…]
Enter Hudlum, the nostalgic retro HUD-style system volume indicator for dinosaurs[…] As silly as it may seem, this helped me make peace with macOS 26.
Previously:
Audio Bug Hudlum Mac Mac App macOS Tahoe 26
Rob Halliday:
It appeared that Backblaze was now just not backing up Dropbox AT ALL, and was discarding (without warning) existing backups of Dropbox folders.
I contacted Backlbaze tech support. Janet their ‘AI Agent’ who is “well-trained to answer your questions” (!!), responded an hour or so later saying that Backblaze now basically do not back up Dropbox as of a recent update to the Mac Backup software.
[…]
Working back through the Backblaze release notes, this change happened in 9.2.2.878. The release notes page does not include release dates for software versions, so there is no way of telling when this change happened.
[…]
If I hadn’t discovered this by accident today, I might not have found out until too late. I suspect this is why I haven’t managed to find more outcry about it on the web today - I suspect this applies to a lot of people, who know this has been working fine and haven’t yet noticed that it’s now broken. Yes, it’s in the release notes, but a change like this should, I feel, be displayed VERY PROMINENTLY as part of an update, or an update causing a change this dramatic should not be forced on users automatically.
I’ve had concerns about Backblaze for a long time, but this is a new low.
Previously:
Update (2025-12-22): It seems like Backblaze now also excludes iCloud Drive and OneDrive but not Dropbox via Maestral. This seems to not be due to Dropbox using the File Provider Extension framework, and it’s not overridable at the user level, so I guess there’s some sort of built-in exclusion. CrashPlan also no longer backs up Dropbox. Arq can still back up all this stuff.
Backblaze Backup Datacide Dropbox File Provider Extensions iCloud Drive Mac Mac App macOS Tahoe 26 Microsoft OneDrive
Thursday, December 18, 2025
Apple:
Apple today announced changes impacting iOS apps in Japan to comply with the Mobile Software Competition Act (MSCA). These updates create new options for developers to distribute apps on alternative app marketplaces and to process app payments for digital goods and services outside of Apple In-App Purchase.
[…]
The MSCA’s requirements for alternative app marketplaces and app payments open new avenues for malware, fraud and scams, and privacy and security risks.
They just couldn’t help themselves.
For their iOS apps distributed on the App Store in Japan, developers will be able to include an alternative payment processing method in their app and/or link users to a website to complete a transaction.
These alternative payment options will always be presented alongside Apple In-App Purchase, so that users in Japan are clear on when they are transacting through Apple.
Juli Clover:
Apple has established a new fee structure in Japan, and fees are based on distribution and payment method. Apple says that fees will be the same or lower for 100% of developers in Japan.
Participants in the Small Business Program, Video Partner Program, and Mini Apps Partner Program will pay the reduced rate below. Subscriptions in apps maintained after the first year are also subjected to the lower fee. The Small Business Program includes developers that earn less than 1 million USD annually. Developers that earn more than that have to pay Apple's full commission rates.
- App Store w/ In-App Purchase - Varies from 15% to 26%. 21% base fee, 5% payment processing fee. Base fee is 10% for program participants, and 5% fee remains the same.
- App Store w/ Alt Purchase - Varies from 10% to 21%. 21% base fee, no payment processing fee. 10% for program participants.
- App Store w/ Web Link - Varies from 10% to 15%. 15% Store Services Fee, 10% for program participants.
- Alternative Marketplace - 5% Core Technology Commission.
Juli Clover:
iPhone and iPad users in Japan can download the alternative app marketplace from the AltStore website, and then use the AltStore to download apps without having to go through Apple’s App Store. Prospective AltStore users need to be physically located in Japan, and have a Japanese App Store account. Devices also need to be running iOS/iPadOS 26.2 or later.
Previously:
Update (2025-12-19): Malte Kirchner (via ednl):
On paper, many things look the same between Japan and the EU. But tone matters. The law passed in Japan in June 2024 relies more on dialogue than confrontation, is heard from Apple Park. The Japanese are concerned with data protection, security, and child protection for users. In Europe, they argue in Cupertino, the interests of a few large competitors are primarily being satisfied. This leads to a worse user experience and compromises in security, Apple is convinced.
What makes Apple conciliatory in Japan is likely the numerous exceptions and the bargaining chips that the company has there. Concerns about cybersecurity or child protection can override certain rules. For example, there are alternative app stores in Japan, but no complete sideloading. The requirements for interoperability also turn the European principle on its head: in Japan, this is available on request, while in Europe they want it "by design" – i.e., when new functions are launched. The European model is based on the fear that requests could be indefinitely postponed. Therefore, they want interoperability immediately. The Americans, on the other hand, see this as an obstacle to innovation and an expropriation of intellectual property, but also as a major security risk.
[…]
At least on the day of introduction, the Japanese conditions seem enviable from a European perspective. No threat of legal action, constructive discussions, and the regulator gets its functions, while new features are to be brought to Japan without delay – European customers undoubtedly wish for this too. However, it remains to be seen whether the situation in Japan will truly remain so harmonious and whether the law will prove to be a tame paper tiger if the regulated parties are too satisfied with it.
Update (2025-12-22): John Gruber (Mastodon):
Developers are allowed to offer lower prices in alternative payment methods. That strikes me as a decent, but not ideal balance. I think it’s fair for Apple to mandate that its own IAP be offered alongside any form of alternative payment within an app. But, as I’ve long advocated, links to the web — leaving the app for the system’s default browser — should be permitted without having to offer IAP too. But overall, where Japan landed is reasonable.
[…]
An Apple spokesperson confirmed that, in contrast with the DMA, the guidelines that accompany the MSCA provide more clarity on things like privacy, security, safety, and youth protection. (E.g. apps distributed outside the App Store in Japan still require age ratings. There’s no such requirement in the EU.)
[…]
It’s hard to find anything aside from small nits to complain about in the MSCA. It arguably gives Japanese users a better, more robust iOS experience than what Apple offers to the rest of the world.
AltStore Antitrust App Marketplaces External iOS Payments In-App Purchase iOS iOS 26 Japan
Fatbobman:
SwiftData provides a batch deletion API that is more modern and type-safe than its Core Data counterpart.
[…]
Note: Unlike the standard single-object deletion modelContext.delete(_ model: T), batch deletion is only applied to the database after save() is executed.
Coming from Core Data, this is really strange. With Core Data, NSBatchUpdateRequest and the other batch operations are completely separate from saving the context. This makes sense because they operate directly on the database rather than on the in-memory objects that are owned by the context.
I’m trying to wrap my head around what SwiftData is even doing that batch deletions happen on save. Is it queuing up a bunch of SQL to be executed along with the save? Why would anyone want this?
Going by what the documentation literally says, with it taking place after the save, it sounds like it even reorders operations. If I do a batch delete, then insert some objects, then save, will it delete the new objects (if they match the predicate) even though I intended the insert to happen after clearing out the old objects? Or does executing the batch delete eagerly fetch the IDs of the objects to be deleted and then it deletes them by ID later (when the predicate might no longer match)?
Either way, it seems confusing in the event that there are multiple batch deletes in sequence. The first one might affect which objects match the predicate of the second one.
Although Swift 6 and iOS 26 have brought many improvements, as of now, SwiftData natively supports only batch deletion. It does not yet provide native APIs for Batch Update or Batch Insert.
Previously:
Core Data iOS iOS 26 Mac macOS Tahoe 26 Programming SwiftData
Howard Oakley:
When first introduced in Mac OS X, no provision was made for xattrs to have type-specific preservation, and that was added later using flags suffixed to the xattr’s name. For example, the com.apple.lastuseddate xattr found commonly on edited files is shown with a full name of com.apple.lastuseddate#PS to assign the two flags P and S to it, and the most recent xattr com.apple.fileprovider.pinned, used to mark files in iCloud Drive that have been pinned, has the two flags P and X assigned to it for a the full name of com.apple.fileprovider.pinned#PX.
[…]
It’s further complicated by a set of system tables for some standard xattr types that don’t have flags suffixed, but are treated as if they do.
[…]
When using standard commands such as cp, macOS will automatically apply these rules when deciding whether to preserve xattrs. However, using a command for a different intent, such as cp for backing up, won’t normally invoke the behaviour you might want.
Code using standard macOS file operations should follow the behaviour expected for its intent, and shouldn’t require any special handling of xattrs. Lower-level operations are likely to differ, though, and may require implementation of equivalent behaviours.
The xattr_intent_with_flags() function will tell you, given an intent and a set of flags, whether you should preserve the xattr.
Previously:
Extended Attributes iCloud Drive Mac macOS Tahoe 26 Metadata Programming
Wednesday, December 17, 2025
Jeff Johnson (Mastodon):
“Every instance of UserDefaults shares the contents of the argument and registration domains.” In other words, the result of calling registerDefaults on the object returned by [NSUserDefaults initWithSuiteName:] is the same as calling registerDefaults on the object returned by [NSUserDefaults standardUserDefaults]! Yet the documentation for registerDefaults does not mention this fact.
How did this become a Link Unshortener bug? In the NSApplicationDelegate method applicationWillFinishLaunching, I call [NSUserDefaults initWithSuiteName:] and registerDefaults to register the default values of Link Unshortener settings. Then I check whether the app container settings need to be migrated. If migration is necessary, then I call [NSUserDefaults setObject: forKey:] on the group defaults, using [NSUserDefaults objectForKey:] from the app defaults. If the default key has never been set in the app defaults, then [NSUserDefaults objectForKey:] should return nil. Or so I thought! But at that point registerDefaults has already been called on the group defaults object, and the app defaults object shares the registration domain with the group defaults object, so [NSUserDefaults objectForKey:] returns a non-nil value, which gets saved in the group defaults.
Previously:
Bug Cocoa iOS iOS 26 Link Unshortener Mac macOS Tahoe 26 NSUserDefaults Programming
Adam Engst:
However, getting that playlist working this year proved intensely frustrating. Even though it contains over 300 songs, only a handful played when we asked Siri to shuffle the playlist on the HomePod. It made no sense—I could cause any song in the playlist to play on the HomePod from my iPhone, and the Music app had no problem continuing from one song to another as long as shuffle wasn’t turned on.
[…]
But wait! Isn’t there some other checkbox that might be related? I opened the Info window for one of the tracks that wouldn’t play and clicked through all the tabs. There it was in the Options tab: “Skip when shuffling.” I selected all the songs in the playlist, pressed Command-I to open an Info window that would apply to everything selected, and turned off “Skip when shuffling.” Voilà! My playlist started working correctly again.
[…]
But this raises a question. If you prefer to listen to holiday music only at the end of the year, how do you prevent it from playing at other times? I can imagine a range of approaches, including exclusionary playlists and separate music libraries, but they would require me to change how I interact with Apple Music for the rest of the year. Other techniques suffer from allowing holiday songs to be mixed in with other music.
I’ve been seeing some strange behavior recently when I tell the Music app to shuffle a particular artist. I would expect this to produce a random-seeming mix of all the songs I have by that artist. But often it actually plays one of the following:
- A random mix of songs, but only from the artist’s most recent 2–3 albums, when there are far more in my library.
- A random mix of songs, but each time it plays a song it will play all the versions of that same song (e.g. compilations, live recordings) before moving on to the next song.
Update (2025-12-18): Wayne Dixon:
I’ve been seeing an issue with shuffling myself. I’ll listen to a bunch of shuffled songs, switch to some other audio for a while and when I listen again, it will replay songs I’ve already heard.
Now, I don’t know if it’s strictly something that’s related to moving from my iPhone, to a HomePod, and then back again. It will continue what I was listening to on the HomePod, but after switching to other audio and then back again, it seems to jump back in the playlist.
iOS iOS 18 iOS 26 Music Music.app
Juli Clover:
iOS 26.3 adds a new “Notification Forwarding” setting that allows incoming notifications on an iPhone to be forwarded to a third-party device.
The setting is located in the Notification section of the Settings app under a new “Notification Forwarding” option. Apple says that notifications can only be forwarded to a single device at a time, so if Notification Forwarding is enabled with a third-party wearable, the Apple Watch won’t able to receive and display notifications.
Users can choose to have a device receive notifications only from selected apps rather than all apps, and notifications will include the name of the app and all content contained in the notification. This is a feature that is only available to those living in Europe.
It’s amazing how much iOS functionality now differs by region.
Previously:
Update (2025-12-18): Alex Barrientos:
This isn’t generous feature-giving—it’s regulatory compliance dressed up as user choice.
Nate:
It’s amazing too how spiteful Apple is. By nerfing Apple Watch they ensure this feature will never actually be useful. Even if it was limited to a single device at a time AND Apple Watch, then someone would build a “notification router” app that fanned out to all the other devices you care about.
Antitrust Digital Markets Act (DMA) European Union iOS iOS 26 Push Notifications watchOS watchOS 26
danah boyd (2024):
Since the “social media is bad for teens” myth will not die, I keep having intense conversations with colleagues, journalists, and friends over what the research says and what it doesn’t. (Alice Marwick et. al put together a great little primer in light of the legislative moves.)
[…]
Can social media be risky for youth? Of course. So can school. So can friendship. So can the kitchen. So can navigating parents. Can social media be designed better? Absolutely. So can school. So can the kitchen. (So can parents?) Do we always know the best design interventions? No. Might those design interventions backfire? Yes.
Does that mean that we should give up trying to improve social media or other digital environments? Absolutely not. But we must also recognize that trying to cement design into law might backfire. And that, more generally, technologies’ risks cannot be managed by design alone.
[…]
Do some people experience harms through social media? Absolutely. But it’s important to acknowledge that most of these harms involve people using social media to harm others. It’s reasonable that they should be held accountable. It’s not reasonable to presume that you can design a system that allows people to interact in a manner where harms will never happen. As every school principal knows, you can’t solve bullying through the design of the physical building.
Nick Heer:
This is pretty clearly a response to arguments pushed by people like Dr. Jonathan Haidt.
[…]
Then again, why not both? Kids can be educated on how to use new technologies responsibly and platforms can be pressured to reduce abuses and hostile behaviour.
[…]
I find it plausible it is difficult to disentangle the influence of social media from other uses of a smartphone and from the broader world. I am not entirely convinced social media platforms have little responsibility for how youth experience their online environment, but I am even less convinced Haidt’s restrictive approach makes sense.
Mike Masnick:
Jonathan Haidt’s incredibly well-timed decision to surf on the wave of a moral panic about kids and social media has made him a false hero for many parents and educators. In my review, I noted that his book, “The Anxious Generation,” is written in a way that makes adults struggling with the world today feel good, because it gives them something to blame for lots of really difficult things happening with kids today.
The fact that it’s wrong and the data don’t support the actual claims is of no matter. It feels like it could be right, and that’s much easier than doing the real and extremely difficult work of actually preparing kids for the modern world.
[…]
Earlier this year, we had Dr. Candice Odgers on our podcast. Unlike Haidt, she is an actual expert in this field and has been doing research on the issue for years. The podcast was mostly to talk about what the research actually shows, rather than just “playing off Haidt’s” misleading book. However, Odgers has become the go-to responder to Haidt’s misleading moral panic. She’s great at it (though there are a ton of other experts in the field who also point out that Haidt’s claims are not supported by evidence).
Still, Odgers keeps getting called on by publications to respond to Haidt’s claims. She’s done so in Nature, where she highlighted what the research actually shows, and in The Atlantic, where she explained how Haidt’s supported proposals might actually cause real harm to kids.
Australian Broadcasting Corporation (Hacker News):
Children and teenagers under the age of 16 could soon be banned from using social media after Labor announced it would back the higher cut-off limit.
The government had previously committed to introducing the legislation that would get kids off social media by the end of the year, but earlier suggested it would not announce a specific cut-off age until after a trial of verification technology.
Prime Minister Anthony Albanese also confirmed on Thursday that the proposed legislation would not include grandfathering arrangements — meaning young people already on social media would not be exempt — nor would it allow for exemptions due to parental consent.
Rod McGuirk:
A social media ban for children under 16 passed the Australian Parliament on Friday in a world-first law.
The law will make platforms including TikTok, Facebook, Snapchat, Reddit, X and Instagram liable for fines of up to 50 million Australian dollars ($33 million) for systemic failures to prevent children younger than 16 from holding accounts.
Laura Dobberstein:
As to how exactly age verification would be executed, Rowland said that was part of the purpose of the nation’s $6.5 million age assurance trial.
[…]
Meta posted a blog last week in which it made a case for parental approval for under-16s rather than a ban. That approval, it suggested, could be executed in the app store.
[…]
Social media’s harm to children has been extensively documented. For example, US Surgeon General Dr Vivek Murthy cited adolescents who spend more than three hours per day on social media as having double the risk of developing depression and anxiety. Murthy has advocated for health warning labels on social networks.
The US has been working on its own age verification software, but the results of its efforts remain unreliable.
University of York (Hacker News):
Psychologists at the University of York, who tested the impact that smartphones have on children’s behaviour for a new two-part documentary series for Channel 4, found that a ban in school impacted positively on sleep and mood.
Hunt Allcott et al. (Hacker News):
We estimate the effect of social media deactivation on users’ emotional state in two large randomized experiments before the 2020 U.S. election. People who deactivated Facebook for the six weeks before the election reported a 0.060 standard deviation improvement in an index of happiness, depression, and anxiety, relative to controls who deactivated for just the first of those six weeks. People who deactivated Instagram for those six weeks reported a 0.041 standard deviation improvement relative to controls.
Paris Buttfield-Addison (November 2025):
Australia’s world-first ban on social media for children under 16 takes effect in just over a month on December 10, 2025, yet nobody knows exactly how it will work.
The Online Safety Amendment (Social Media Minimum Age) Act 2024 passed parliament in a rushed process in November last year, imposing potential fines of up to $50 million on platforms that fail to keep out underage users. While 77% of Australians support the ban, only 25% believe it will actually work, and with weeks until launch, the mounting controversies, technical failures, and expert warnings suggest it’s becoming exactly the shitshow sceptics predicted.
[…]
The age verification requirement creates a piece of backdoor surveillance infrastructure that affects every Australian, not just children. Elon Musk labeled it “a backdoor way to control access to the Internet by all Australians,” a rare instance where his fevered ranting and hyperbole aligns with expert consensus.
[…]
The paradox is built into the law itself: s 63DB prohibits platforms from directly collecting government-issued IDs or requiring Digital ID systems, yet platforms must verify ages. This forces reliance on unproven technologies like facial biometric scanning, behavioural tracking, and AI age estimation, all of which require invasive data collection.
Apple (MacRumors):
Beginning December 10, 2025, a new Australian law will require certain social media platforms operating in Australia to prevent people under 16 from having a social media account. Impacted developers are responsible for making sure they follow the requirements of the new law, including deactivating any existing accounts for users under 16 and monitoring new signups.
Apple provides several tools to help meet the requirements of this law[…]
Mike Masnick (Hacker News):
Australia’s social media ban for kids is now in effect. As we’ve discussed, this is a monumentally stupid plan that will do real harm to kids. It’s based on a moral panic and a wide variety of faulty assumptions, including that social media websites are inherently bad for kids, something that none of the evidence supports.
Molly Buckley (Hacker News):
Age verification laws are proliferating fast across the United States and around the world, creating a dangerous and confusing tangle of rules about what we’re all allowed to see and do online. Though these mandates claim to protect children, in practice they create harmful censorship and surveillance regimes that put everyone—adults and young people alike—at risk.
Lisa Kashinsky (Hacker News):
Rahm Emanuel, who is mulling a presidential run, is pushing for the United States to follow Australia’s lead in banning children under 16 from most social media.
Simon Sharwood:
Forum site Reddit has filed a case that seeks to exempt itself from Australia’s ban on children under 16 holding social media accounts.
Mike Masnick:
But late last week, some additional news broke that makes the whole thing even more grotesque: turns out the campaign pushing hardest for the ban was run by an ad agency that makes gambling ads. The same gambling ads that were facing their own potential ban—until the Australian government decided that, hey, with all the kids kicked off social media, gambling ads can stay.
Kristof Van Landschoot (Casey Liss):
Has anybody figured out if it is possible to update the age rating on App Store Connect without submitting an update to the app?
Previously:
Advertising App Store Australia Children iOS iOS 26 Lawsuit Legal Mac Mac App Store macOS Tahoe 26 Privacy Reddit Science
Tuesday, December 16, 2025
Anthony Enzor-Demeo (Hacker News):
Today, I step into the role of CEO of Mozilla Corporation. It is a privilege to lead an organization with a long history of standing up for people and building technology that puts them first.
[…]
- First: Every product we build must give people agency in how it works. Privacy, data use, and AI must be clear and understandable. Controls must be simple. AI should always be a choice — something people can easily turn off. People should know why a feature works the way it does and what value they get from it.
- Second: our business model must align with trust. We will grow through transparent monetization that people recognize and value.
- Third: Firefox will grow from a browser into a broader ecosystem of trusted software. Firefox will remain our anchor. It will evolve into a modern AI browser and support a portfolio of new and trusted software additions.
David Pierce:
Mozilla is not going to train its own giant LLM anytime soon. But there’s still an AI Mode coming to Firefox next year, which Enzor-DeMeo says will offer users their choice of model and product, all in a browser they can understand and from a company they can trust. “We’re not incentivized to push one model or the other,” he says. “So we’re going to try to go to market with multiple models.” Some will be open-source models available to anyone. Others will be private, “Mozilla-hosted cloud options,” he says. And, yes, some will be from the big companies in the space — Enzor-DeMeo didn’t name Gemini, Claude, or ChatGPT, but it’s not hard to guess.
Enzor-DeMeo has been at Mozilla for almost exactly a year. Until now, he’s been leading the team building Mozilla’s Firefox browser, which, in so many ways, is the thing that makes Mozilla go.
[…]
At some point, though, Enzor-DeMeo will have to tend to Mozilla’s own business. “I do think we need revenue diversification away from Google,” he says, “but I don’t necessarily believe we need revenue diversification away from the browser.” It seems he thinks a combination of subscription revenue, advertising, and maybe a few search and AI placement deals can get that done. He’s also bullish that things like built-in VPN and a privacy service called Monitor can get more people to pay for their browser. He says he could begin to block ad blockers in Firefox and estimates that’d bring in another $150 million, but he doesn’t want to do that. It feels off-mission.
Thomas Claburn:
The renewed focus on Firefox within Mozilla Corporation, Surman said, has internal and external explanations. “Internally, I think we haven’t had the leadership for the last few years to really drive us technically on what’s possible with the tech stack we have,” he said.
”The external reason is really that the market for browsers and the space for innovation over browsers is really in motion again. And people have written browsers off as a commodity. Other people are innovating, and it creates a really good context for us to do the same again and to reinvest there.”
ploum:
Mozilla has a new CEO who:
- Has been at Mozilla for less than a year
- Has no prior open source experience (but well in “fintech” and “real estate”)
- Has a MBA (aka “brainworm diploma”)
- Is all-in on AI
That’s exactly the kind of bingo profile the whole community has been waiting for.
Previously:
Update (2025-12-18): Bruno (Hacker News):
In an interview with “The Verge”, the new Mozilla CEO, Enzor-DeMeo, IMHO hints that axing adblockers is something that, at the very least, was on the table in some form and at some point.
[…]
It may be just me, but I read this as “I don’t want to 😜 😜 but I’ll kill AdBlockers in Firefox for buckerinos 😂”. This disappoints and saddens me a lot, and I hope I’m wrong.
[…]
Killing one of its advantages over the Chromium engine, being able to have a fucking adblocker that's actually useful, and that nowadays is a fucking security feature due to malvertising, will be another nail in the coffin, IMHO.
Joey Sneddon (Hacker News):
Being able to opt-out is agency (I guess), but if diverting revenue through AI is part of this “double bottom line”, how easy will “easily” actually be?
A single button presented on first run, or will it mean diving through menus, opening about:config, or configuring an enterprise policy?
[…]
The logic on why this benefits end users is somewhat circular: to fight Big AI, Firefox will host a Big AI buffet where we pick our preferred flavour of algorithmic mediation from a limited menu, which in turn gooses Big AI to further silo us from each other. Agency!
[…]
As someone who chose Firefox because it wasn’t doing the same things other companies were, was committed to open standards and championing an open web where the little guys’ needs weren’t overlooked for the Goliaths’, I’m kind of left wondering who’s fighting for us?
Previously:
Artificial Intelligence Firefox Mac Mozilla Privacy Web Web Browser
Cameron Faulkner (Amazon):
The 27-inch 60Hz 5K IPS screen delivers 217 pixels per inch (PPI) — just one pixel per inch shy of the pricier options. Who knew that there was a color-accurate, pixel-dense display out there that won’t send creators or the 5K-curious among us into extreme debt?
The H27P3 may be worth considering if you just need a good screen. Just know that this is not a premium device. Its design looks like my budget-friendly gaming monitor, it has a limited port selection (and speed) that pales in comparison to pricier models, and its clumsy onscreen menus make accessing its marquee features more difficult than it should be.
[…]
The H27P3 has one HDMI 2.0 port, one DisplayPort 1.4 input, and one USB-C input for power (up to 65W PD passthrough) and video. All video inputs support 5K at 60Hz via display stream compression (DSC) except HDMI, which is limited to 4K / 60Hz due to bandwidth limitations. The monitor also has two USB-A 3.0 ports and a headphone jack for audio over HDMI and USB-C. KTC advertises that this model has a KVM switch — enabling the feature requires you to dive once again into the cursed OSD — but it’s not really a KVM switch in the sense that it lets you control multiple connected computers with a single mouse and keyboard. It’s just a USB hub, adding a couple USB-A ports to plug in extra accessories, like a mouse dongle and an SSD.
This part seems fine to me. Even the Studio Display isn’t a good hub. I don’t think it makes sense to combine that functionality with a display.
Paul Haddad:
The weird thing is that they say its lowest ever price was $355, which is crazy low and I’m 99% sure its never been under $500 (or I probably would’ve bought it to test out).
Previously:
Display Mac Retina
Honza Dvorsky:
Today, we’re pleased to announce the initial release of Swift Configuration: a new library that provides a unified approach to reading configuration in your Swift applications.
Configuration management has long been a challenge across different sources and environments. Previously, configuration in Swift had to be manually stitched together from environment variables, command-line arguments, JSON files, and external systems. Swift Configuration creates a common interface for configuration, enabling you to:
-
Read configuration the same way across your codebase using a single configuration reader API that’s usable from both applications and libraries.
-
Quickly get started with a few lines of code using built-in providers for environment variables, command-line arguments, JSON and YAML files, and in-memory values.
-
Build and share custom configuration providers using a public ConfigProvider protocol that anyone can implement and share.
Helge Heß:
It actually makes me a little sad, because Foundation has a configuration management system already: UserDefaults. Is it really necessary to reinvent the wheel again and again?
My point is that instead of enhancing/embracing the existing system (and defaults are really flexible, e.g. an environment domain is something that is conceptually supported), something completely new and separate is created. Yes, just like logging and metrics FWIW, desktop/mobile and server are not really as different as some people tend to think either. 🙈
Honza Dvorsky:
Swift Configuration brings a unified, type-safe approach to this problem for Swift applications and libraries. What makes this compelling isn’t just that it reads configuration files: plenty of libraries do that. It’s the clean abstraction that it introduces between how your code accesses configuration and where that configuration comes from. This separation unlocks something powerful: libraries can now accept configuration without dictating the source, making them genuinely composable across different deployment environments.
With the release of Swift Configuration 1.0, the library is production-ready to serve as a common API for reading configuration across the Swift ecosystem. Since the initial release announcement in October 2025 over 40 pull requests have been merged, and its API stability provides a foundation to unlock community integrations.
Update (2025-12-16): Lukas Valenta:
At first, I asked myself why. Then I created a small Vapor application and I understood - the current ways to set environment are not great. Or more precisely, had not been. Looking forward to implementing it!
Update (2025-12-18): Honza Dvorsky:
The original motivation came from making Swift servers easier to operate, as switching between env vars, CLI flags, JSON/YAML files, or even remote feature flagging services shouldn’t require a large refactor. […] Turns out, putting an abstraction layer between sources of config and the config reading API is pretty powerful as it lets libraries configure themselves from an opaque config container. Not just servers benefit from that.
iOS iOS 26 Mac macOS Tahoe 26 NSUserDefaults Open Source Programming Swift Programming Language Vapor
Juli Clover:
Google today announced a new cross-platform feature that allows for file sharing between iPhone and Android users. With AirDrop on the iPhone and QuickShare on Pixel 10 devices, there is a new file transfer function available.
The file sharing option works on Apple devices that include iPhone, iPad, and Mac, along with the Pixel 10, Pixel 10 Pro, Pixel 10 Pro XL, and Pixel 10 Fold.
Dan Moren:
It’s currently only available on the Pixel 10 family, though Google says it is “expanding it to more Android devices.” It also requires you to set your AirDrop visibility to “Everyone for 10 minutes”, as it presumably has no visibility into your contacts.
Interestingly, there’s no indication that Apple did anything to make this possible. The provisions of the Digital Markets Act in the European Union do currently stipulate that Apple will have to allow for competing standards to AirDrop (which might very well include the Android Quick Share feature that Google is leveraging here) as well as bring interoperability to the feature.
Matt Birchler:
Inexplicably, it is not working in either direction on my personal devices, but I have seen people do it successfully, so I’ll chock this up to first day weirdness.
Aisha Malik:
“This implementation using ‘Everyone for 10 minutes’ mode is just the first step in seamless cross-platform sharing, and we welcome the opportunity to work with Apple to enable ‘Contacts Only’ mode in the future,” Google explained in a blog post.
[…]
The feature does not use a workaround, and the connection is direct and peer-to-peer, Google says. This means that data isn’t routed through a server and that shared content is never logged.
[…]
It’s worth noting that Google’s blog post doesn’t detail anything about how it worked with Apple to launch the new functionality.
Juli Clover:
Typically, Apple and Google work together on cross-platform features, but it turns out that Apple had no involvement this time. Google created the Quick Share to AirDrop interoperability on its own, and apparently sprung it on Apple with a public announcement. From a statement Google provided to Android Authority:
We accomplished this through our own implementation. Our implementation was thoroughly vetted by our own privacy and security teams, and we also engaged a third party security firm to pentest the solution.
David ImeI:
What this means for the feature long term we’ll have to see. Will this be another Beeper situation?
Will Sattelberg (Slashdot):
While it initially seemed like this was a rogue move made by Google to coerce Apple into another boundary-breaking decision, it might actually be part of the repercussions that also led to USB-C on iPhone and the adoption of RCS.
[…]
As reported by Ars Technica, the answer to this week’s mysterious Quick Share upgrade lies in the EU’s interoperability requirements designed for the DMA. The ruling out of the European Commission pushed Apple to begin supporting interoperable wireless standards beginning with this year’s set of OS upgrades, replacing the previous proprietary standard the company used to power its various Continuity features. That forced Apple to add support for the Wi-Fi Alliance’s Wi-Fi Aware standard of multi-directional file sharing, at the cost of completely phasing out its previous walled-in protocol.
Previously:
AirDrop Android Digital Markets Act (DMA) European Union iOS iOS 26 Mac macOS Tahoe 26 Wi-Fi
Monday, December 15, 2025
Fatbobman:
Core Data/SwiftData does not create separate tables for each subclass. Instead, it merges data from the parent entity and all its child entities into a single table (usually named after the parent entity).
[…]
- The Wide Table Problem: If there are many types of child entities with distinct attributes, this table will end up with a massive number of columns (a “Wide Table”). Even in the Swift 6 / iOS 26 environment, while hardware has improved, loading wide rows containing a vast number of
NULL values still consumes extra memory bandwidth.
- Index Efficiency: Since all subclasses share a single table, the indexes can become bloated, potentially slowing down insertions and updates.
- Data Migration: Modifying the model of any single subclass (e.g., adding a property) requires touching this massive core table that holds all the data.
I think the most important performance tip is that using inheritance can really slow down fetches. If you try to fetch a particular entity using an indexed property, Core Data may have to do a lot of extra row scanning.
Sometimes, it will use the property index but then have to scan to find the matches that are of the right entity. This can be addressed by making a compound index that contains both the property and Z_ENT. With Core Data, you can do this by specifying the entity key path. I haven’t see any indication that it’s possible with Swift Data.
Other times, it will use the Z_ENT index in preference to the property index, which can be a really bad a idea if there are many objects with matching entities but few with matching properties. Because the Z_ENT in the WHERE clause is generated by Core Data, you can’t use noindex: to prevent it from using that index. It can be faster to fetch on the base entity, e.g. intentionally fetch objects that are of the wrong type but at least using the right index, and then filter for the desired entity later. With my data, it’s fine to do this in RAM because there aren’t many matches. But you can also check the entity (against a string) in the fetch request’s predicate. If your desired entity has subentities, you’ll need to check against all their names. Again, I don’t know how to do this with Swift Data.
Previously:
Core Data Database iOS iOS 26 Mac macOS Tahoe 26 Optimization Programming SQLite SwiftData
