Tuesday, February 18, 2025

BenQ PD2730S 5K Display

Tim Hardwick:

Speaking of adjustments, BenQ hasn’t skimped here. The stand offers a comprehensive range of movement: height adjustment up to 150mm, -5° to 20° tilt, and smooth 60° swivel capabilities. This versatility comes as standard - no $400 upgrade required, Apple. For those preferring alternative mounting solutions, there’s a standard VESA mount option.

[…]

The panel employs BenQ’s Nano Matte coating, which effectively manages reflections without compromising image clarity.

[…]

At $1,199, it delivers 5K resolution, excellent color accuracy, Thunderbolt 4 connectivity, and other thoughtful features at a significantly lower price point than Apple’s Studio Display. Yes, the speakers are terrible, but that seems par for the course in third-party monitors. And no, it doesn’t have a webcam like the Studio Display, but that just means you can invest in a better one than the latter offers. While the PD2730S can’t match Apple’s premium build quality or 600-nit brightness, it compensates with superior ergonomics and connectivity options.

Paul Haddad:

VESA Apple Studio is often $1299 and tons more premium. Getting a KVM is nice but still. I’ll give them credit for doing a nice job on the Mac software for it, doesn’t look like your typical Windows port hack job.

Previously:

ASUS ProArt 5K Display

Juli Clover (Amazon):

There aren’t too many 5K displays on the market that can compete with Apple’s Studio Display, but ASUS recently came out with the ASUS ProArt Display 5K, which is a solid competitor. The ProArt Display 5K features a 27-inch 5K screen with 218 pixels per inch, aka retina quality.

ASUS sells the ProArt Display 5K for $799, so it’s actually half the price of the Studio Display, and much, much cheaper than the Pro Display XDR.

Previously:

Jettison 1.9

St. Clair Software (Mastodon, tweet):

Jettison now asks you to give it permission for Full Disk Access in your system’s privacy controls. This is necessary because macOS will sometimes refuse to let Jettison mount external USB drives unless it has this special permission.

[…]

[A] number of disk images are automatically mounted by the system. Some, known as cryptexes, are encrypted volumes used for augmenting or updating parts of the system itself, while others such as the iOS Simulator are mounted if you use Apple’s Xcode developer tools. […] Jettison used to show all of these in its “Eject” menu, which could be confusing because they’re not shown by the Finder, so they no longer appear there.

[…]

When Jettison can’t eject a drive because there are open files on it, it pops up an error message to tell you so. These messages have been improved to provide more detail, and when you’re manually ejecting a disk you’ll also see “Quit” buttons to quit any offending apps.

This is safer than the Force Eject that Finder offers and much easier than looking up the offending app yourself. Unfortunately, sometimes Sequoia reports an error when ejecting with Jettison, and I have to use Force Eject, anyway.

Previously:

MailMate 2.0 Beta

Benny Kjær Nielsen:

I’ve been very quiet here, but I’ve actually been working on MailMate during all that time — which should be obvious based on the other blog post today about the latest beta and its release notes. For years now, the main focus has been on improving/maintaining MailMate and that is great for existing beta/test users of MailMate, but obviously it’s not great for generating revenue from new users.

[…]

In the new license key setup, a MailMate license key is obtained by starting a subscription ($10 every 3 months). An active subscription means that MailMate will run in its “Paid Mode”. An inactive/cancelled subscription means that MailMate will run in its “Free Mode”. These modes are (almost) identical. Essentially, this means the price of a MailMate license key is now $10, but it is strongly encouraged to continue the subscription and for many users it is, in principle, required.

Why do it this way? First of all, paid upgrades are not a realistic option for me. It requires working on two versions of MailMate at the same time and I’ve clearly proven that I’m not able to do that. The first license key was sold more than 14 years ago and it is still valid!

Previously, it was a $50 one-time charge. One of the reasons it’s not a traditional subscription is that he had promised that 2.0 would be a free upgrade.

Maintaining software requires the same amount of effort as creating, but it is not a straightforward source of revenue. I do not think I can or should make major flashy rewrites which could justify upgrade fees. Instead, a large number of subscribers is going to be an incentive for me to focus on keeping existing users happy. This means iterative/frequent updates improving the details of existing features, improving performance, fixing bugs, and to at least some extent answering support emails. This is essentially how I’ve worked in the past.

Freron Software:

When Paid Mode expires, MailMate will automatically switch to Free Mode. In this mode, you continue to have access to all features of MailMate, but it is not intended to be used by all users. If you are part of a business or you run a business relying on the use of MailMate then it is also required that you use MailMate in Paid Mode.

As described above, MailMate adds a header line to every outgoing email stating the email client used. In Free Mode, this header line will explicitly use “MailMate Free Mode” as the email client name. Most of your correspondents will never see this, but some email clients will display it when it’s available.

Jeff Johnson (Mastodon):

I recently purchased an M4 MacBook Pro with a nano-texture display and set up Mail app fresh on the new machine, which is running macOS Sequoia. In the following weeks, I encountered a bunch of the same old problems—the Mail main window sometimes fails to come to the front when clicking on the Dock icon, requiring one or more additional clicks; the Flagged mailbox lists some unflagged messages, which can be removed from the list only by moving them to a new containing folder and back again; Mail app refuses to quit entirely because it's connecting to Gmail; a message sometimes isn't marked as read when opened in a window; my column widths are forgotten when switching folders—as well as a new problem: the Unread smart mailbox showed a phantom count of 1 when no messages appeared in the folder.

[…]

Although my immediate problem was solved, I started to wonder why Mail app hadn't downloaded that unread message. So for each of my email accounts, I used the Get Account Info contextual menu item to show the number of messages in each mailbox on the IMAP server, comparing it to the number of messages in each mailbox displayed in Mail app. To my horror, I discovered that there were multiple discrepancies, in multiple mailboxes, in multiple accounts. Mail app seems to download most of the messages from each mailbox, but for some unknown reason it doesn't always download every message from every mailbox.

This was the final straw for me, an irreparable loss of confidence in the reliability of Mail app. In my opinion, Apple Mail is a formerly great app, during the 2000s, that has steadily declined in quality since then and ultimately became shoddy. […] RIP Mail app, long live MailMate!

The IMAP problem I’ve been having with Apple Mail for the last few years is that some message moves/deletions don’t get synced to the server promptly. So if I view my account on my iPhone or Webmail I see a sampling of old messages—going back perhaps a month—still in the inboxes. Eventually those messages to get properly moved on the server, but by then new ones have taken their place.

MailMate's IMAP support appears to be flawless: unlike Mail app, MailMate downloaded every message in every mailbox for every account. How is it possible that one developer, Benny Kjær Nielsen, can succeed where an entire team of Apple engineers failed?

[…]

Moreover, Apple Mail has some problems with junk mail filtering. As of macOS Ventura, there's no longer a way to mark a message as not junk that Mail mistakenly marked as junk. And my junk mailboxes accumulate old messages despite the fact that I set Mail to erase junk messages after one month.

Of course, if you have Apple Mail or MailMate you should be using SpamSieve.

Pierre Igot:

Welcome to the club! I am fairly confident, based on your quality standards, that you will not regret it. I switched from Mail to MailMate in 2020 and have never regretted it.

Previously:

Update (2025-02-18): Jeff Johnson notes that Free Mode shows an alert when sending a message and is limited to sending two messages per launch. This seems reasonable to me but is not what I expected given the description of it being “almost identical” to Paid Mode.

Update (2025-02-18): Bernd suggests that the alert Johnson was seeing is due to the trial running out and that this is distinct from the Free Mode that you get after you pay once and stop paying. This is makes more sense given the documentation, so I guess the way to think about it is that there are actually four different modes.

Monday, February 17, 2025

Swift Proposal: InlineArray

SE-0453:

This proposal introduces a new type to the standard library, InlineArray, which is a fixed-size array. This is analogous to the classical C arrays T[N], C++’s std::array<T, N>, and Rust’s arrays [T; N].

[…]

It’s important to understand that Array is a heap allocated growable data structure which can be expensive and unnecessary in some situations. The next best thing is to force a known quantity of elements onto the stack, probably by using tuples.

[…]

We introduce a new top level type, InlineArray, to the standard library which is a fixed-size contiguously inline allocated array. We’re defining “inline” as using the most natural allocation pattern depending on the context of where this is used. It will be stack allocated most of the time, but as a class property member it will be inline allocated on the heap with the rest of the properties. InlineArray will never introduce an implicit heap allocation just for its storage alone.

[…]

InlineArray will be a simple noncopyable struct capable of storing other potentially noncopyable elements. It will be conditionally copyable only when its elements are.

Initialization is special-cased to avoid constructing a temporary array from the literal, and it does not conform to Sequence or Collection.

We do plan to propose new protocols that look like Sequence and Collection that avoid implicit copying making them suitable for types like InlineArray and containers of noncopyable elements. SE-0437 Noncopyable Standard Library Primitives goes into more depth about this rationale and mentions that creating new protocols to support noncopyable containers with potentially noncopyable elements are all marked as future work.

[…]

With the introduction of InlineArray, we have a unique opportunity to fix another pain point within the language with regards to C interop. Currently, the Swift compiler imports a C array of type T[24] as a tuple of T with 24 elements.

But they haven’t decided how to do that yet without breaking compatibility.

Previously:

Grammarly vs. Apple’s Writing Tools

Adam Engst:

Keep that background in mind when I say that my $144 annual subscription to Grammarly is one of my most worthwhile tech expenses. While Apple is just now getting into the game with its Writing Tools, Grammarly has been helping my writing since 2016. Its interface and capabilities have improved over time, and for what I need to write and edit in Google Docs, WordPress, Discourse, Mimestream, and now Lex, Grammarly has become an essential tool. For native Mac apps, you need the Grammarly Desktop app; for Web apps, Grammarly provides extensions for Safari, Chrome (and Chromium browsers like Arc), and Firefox.

[…]

Although Grammarly lets you turn off numerous aspects of its checking, my gripes are not among them.

[…]

However, thanks to the judicious addition of generative AI tools, I’m now happy to accept a few editing tics for the significant improvements that Grammarly makes to my drafts.

[…]

Since late October, I’ve become hooked on a feature that allows you to select text and hover over a blue button to the left of the paragraph to see an improved version with changes clearly highlighted.

[…]

While Grammarly integrates seamlessly into your text and clearly shows what will happen if you accept a change in nearly all situations, Apple’s Writing Tools require constant activation and provide significantly less feedback about their changes.

Chit Chat Across the Pond:

This week, the delightful Adam Engst of TidBITS joins us to talk about how he learned to write so well, what it’s like having an editor, and then moves into how he uses the AI tool Grammarly to improve his writing.

He says that Grammarly has gotten a lot better recently.

Previously:

On the Undesign of Apple Intelligence Features

Nick Heer:

The flaws in results from Apple Intelligence’s many features are correctly scrutinized. Because of that, I think some people have overlooked the questionable user interface choices.

[…]

Apple is not breaking new ground in features, nor is it strategically. It is rarely first to do anything. What it excels at is implementation. Apple often makes some feature or product, however time-worn by others, feel so well-considered it has reached its inevitable form. That is why it is so baffling to me to use features in the Apple Intelligence suite and feel like they are half-baked.

[…]

What this looks like on my Mac, sometimes, is as a blue button beside text I have highlighted. This is not consistent — this button appears in MarsEdit but not Pages; TextEdit but not BBEdit. These tools are also available from a contextual menu, which is the correct place in MacOS for taking actions upon a selection.

In any case, Writing Tools materializes in a popover. Despite my enabling of Reduce Transparency across the system, it launches with a subtle Apple Intelligence gradient background that makes it look translucent before it fades out. This popover works a little bit like a contextual menu and a little like a panel while doing the job of neither very successfully. Any action taken from this popover will spawn another popover.

As with Translate, I don’t think popovers work well for large blocks of text that I want to interact with.

Jason Snell:

I’m sure Apple is pouring everything it can into building better, more modern models, and we’ll hear about that effort in detail in June. But what troubles me most about the Apple Intelligence rollout isn’t that Apple was caught flatfooted by the AI hype train and is struggling to catch up—it’s that Apple’s implementation of AI features also feels slapdash and rushed.

Apple doesn’t have to end up with the best large language model around in order to win the AI wars. It can be in the ballpark of the best or partner with the leaders to get what it needs. But it can’t fail at the part that is uniquely Apple: Making those features a pleasure to use, in the way we all expect from Apple. Right now, that’s where Apple is failing.

Nick Heer:

Apple has a chance to move A.I. features beyond a blinking cursor in a chat bot — like a plain language command line. Very little of what is out today is a thoughtful implementation of these features. Cleanup in Photos is pretty good. Most of the other stuff — summaries of phone calls, Notification Summaries, Writing Tools, Memory Movies in Photos, and response suggestions in Mail and Messages — are more cumbersome than they are elegant.

Previously:

Gatekeeper vs. .terminal and .fileloc Files

Vladimir Metnew (2020, tweet):

Popular macOS apps with a file-sharing functionality didn’t delegate file quarantine to OS leading to File Quarantine bypass (Windows MOTW analogue) for downloaded files.

[…]

Many popular products like Keybase, Slack, Skype, Signal, Telegram decided to fix the issue, but the vulnerability remains unfixed in file-syncing apps: Dropbox, OneDrive, Google Drive, etc.

[…]

Apple knows that it’s possible to execute files on the device with .fileloc. Apple also knows that all default apps have quarantine enabled.

Launching a quarantined file with .fileloc doesn’t have security risks, because the user will be asked to confirm file launching.

That means, .fileloc is not a vulnerability by itself unless there are files without a quarantine attribute.

[…]

OneDrive removes quarantine meta-attribute because Apple granted it com.apple.security.files.user-selected.executable entitlement. […] Apple’s head of macOS security made an exception for OneDrive 😯.

And file sync apps outside the Mac App Store don’t apply it, either.

Jeff Johnson:

Remember my sandbox escape that Apple said doesn’t have any actual security implications?

Well it has actual security implications.

Thomas Reed:

Apple has done EXACTLY what I was hoping they would do to cope with the plague of adware installing malicious configuration profiles! In Big Sur, it will no longer be possible to install these profiles via the command line, or in any way without explicit user consent! 🤩

Previously:

Sunday, February 16, 2025

Martin Pilkington, RIP

Martin Pilkington (November 2024):

As some of you know I’ve been being treated for Oesphageal Cancer, treatment which was going pretty well, especially after surgery in July.

Unfortunately over the past weeks things seem to have gone downhill. The cancer has returned and spread to my brain and spine. My doctors have said it’s terminal and I have on average 3-6 months to live.

Mastodon:

Martin passed away yesterday, peacefully in his sleep. He was a true fighter until the bitter end but he is now pain free and at peace.

I’m terrible at finding the words in these situations, so I’ll just say that he was a wonderful member the Mac/iOS developer community and will be missed.

John Gruber (Mastodon):

He was a Mac developer’s Mac developer, with an eye for details, and his own work was infused with fine craftsmanship. His “Xcode 4: The Super Mega Awesome Review” back in 2011 was a genuine work of art and service to the community (linked with brief commentary), and he rightfully skewered Apple’s Catalyst Mac port of the Developer app in 2020 (linked with significant commentary).

Steve Troughton-Smith:

Devastated to learn about the passing of @pilky last night, at home, surrounded by family, after a short, unexpected battle with cancer. He was a talented developer, designer, miniature painter and accessibility champion, and one of my closest friends for the past sixteen years. He provided the inspiration and design help I needed when bringing my apps to the Mac, and no social media post will ever convey how much he will be missed.

You might have known @pilky for his apps, like Coppice (whose development was streamed on Twitch), or his wealth of knowledge on AppKit & Xcode, or the infamous fixradarorgtfo petition that sparked intense internal debate at Apple and drove a ton of changes to Apple’s bug reporting. I knew him too, for his mini painting and #warhammer hobby, which we shared. He spurred me on to paint more and improve my skills, to build better, more-accessible apps, and so much more.

Matt Gemmell:

Damn. When I first met him he was a kid, but never really changed too much. Positive, gentle, thoughtful. Really showed his sanguinity and quiet composure — grace, I suppose — through all this, and during his previous run-in with cancer. Lauren and I send our condolences. I can say with complete confidence that Martin will be remembered with fondness by everyone in our shared cohort of Apple-platforms developers.

Previously:

Friday, February 14, 2025

Netflix Content Accidentally in TV App

Tim Hardwick:

Netflix appears to have softened its stance on Apple TV integration, with some users in the US now reporting seeing prompts to connect their Netflix accounts directly to Apple’s TV app.

[…]

The integration currently seems restricted to Netflix Original content rather than the service’s full catalog of licensed shows and movies. When users select content to watch, they are still directed to the Netflix app for playback.

That’s confusing that it doesn’t apply to the whole catalog.

Dan Moren:

Just yesterday on our Six Colors podcast, I suggested it was high time for Apple and Netflix to make a deal to get Netflix content in the Apple TV app. And it seems maybe, at long last, after years of no movement, finally such a deal is happening?

M.G. Siegler:

To me, this may be the “finally” to end all “finallys”[…]

[…]

It’s now 2025, and I’ve been writing about the problem I like to call: “Where the Fuck Can I Stream This?” for years now. And it has arguably never been worse.

[…]

Assuming Netflix is playing ball with Apple here, there are other questions. For example, will they allow Apple to recommend Netflix content for you based on your viewing habits? Maybe if Apple also agrees to share that data with Netflix? But it’s Apple, will they actually do that? Maybe if a user explicitly agrees? The pop-up users are reporting seeing only says that Netflix will share viewing content with Apple, not the other way around…

[…]

First an Apple TV Android app and now this – what’s next, an actual Apple television set?

Juli Clover:

As it turns out, Netflix content showing up in new places in the Apple TV interface was a bug, and Netflix is not introducing expanded Apple TV functionality. In a statement to The Verge, a Netflix spokesperson confirmed that temporary support for the Continue Watching feature was an error, and it has been rolled back.

Netflix is one of the only major streaming services that has refused to offer integration with the Apple TV app, preferring instead for customers to manage watch lists and browse for content directly in the Netflix app.

Previously:

Update (2025-02-16): John Gruber (Mastodon):

I see why Netflix is sticking to its guns on this one, but they’re on the wrong side. Apple TV users were overjoyed yesterday when the Netflix app briefly started integrating with the TV app for “what next”, etc. Steven Aquino described it as “jubilance”.

Joe Rosensteel:

Netflix deeply regrets accidentally making Netflix a better product for its customers.

[…]

They may very well turn it on later, like, let’s say if Apple is actually shipped a tvOS update that completely displaces the old home screen, and reduces visibility of their app at all. However such a move is just as likely to hurt the commercial appeal of the Apple TV for customers that find Netflix’s mediocrity essential. This “error” may never see the light of day again, or it could be flipped back on any minute now.

Asahi Linux Lead Resigns

Hector Martin (via Hacker News):

When Apple released the M1, I realized that making it run Linux was my dream project. The technical challenges were the same as my console homebrew projects of the past (in fact, much bigger), but this time, the platform was already open - there was no need for a jailbreak, and no drama and entitled users who want to pirate software to worry about.

[…]

Unfortunately, things became less fun after a while. First, there were the issues upstreaming code to the Linux kernel, which I’ve already spoken at length about and I won’t repeat here. Suffice it to say, being in a position to have to upstream code across practically every Linux subsystem, touching drivers of all categories as well as some common code, is an incredibly frustrating experience.

[…]

No matter how much we did, how many impossible feats we pulled off, people always wanted more. And more. Meanwhile, donations and pledges kept slowly decreasing, and have done so since the project launched. […] It seemed the more things we accomplished, the less support we had.

[…]

I consider Linus’ handling of the integration of Rust into Linux a major failure of leadership. Such a large project needs significant support from major stakeholders to survive, while his approach seems to have been to just wait and see. Meanwhile, multiple subsystem maintainers downstream of him have done their best to stonewall or hinder the project, issue unacceptable verbal abuse, and generally hurt morale, with no consequence. One major Rust for Linux maintainer already resigned a few months ago.

As you know, this is deeply personal to me, as we’ve made a bet on Rust for Linux for Asahi.

Previously:

Update (2025-02-16): Kevin Purdy:

Rust is a far more memory-safe coding language than the Linux kernel’s native C. But getting more than 1,700 maintainers, including branch bosses, to accept Rust code after decades of work in C is no small feat. Linux lead Linus Torvalds has shifted ever-so-slightly from a “wait and see” approach in 2021 to noting in the summer of 2024 that he expected Rust updates to be faster while admitting that it’s largely kernel developers’ familiarity with C standing in the way. At that time, Microsoft engineer Wedson Almeida Filho resigned from the Rust for Linux project, citing “nontechnical nonsense” as the motivation.

That conflict between the energy of Rust for Linux contributors and the strictures of kernel practices collided once more this winter in an early January kernel mailing list thread about a patch with the deceptively non-controversial name “Add dma coherent allocator abstraction.”

Kernel maintainer Christoph Hellwig opposed a patch that would have allowed drivers written in Rust to access the Direct Memory Access (DMA) API. “No rust code in kernel/dma, please,” Hellwig wrote. After some back-and-forth about suggested alternatives, Hellwig comes out with it: “Don’t force me to deal with your shiny language of the day. Maintaining multi-language projects is a pain I have no interest in dealing with.” A later post by Hellwig pushed further, and his attempt to clarify that it was “a cross-language codebase” he was comparing to “cancer,” not just Rust, did not likely soften its impact.

One Year With the Vision Pro

Jason Snell:

A year on, I can’t in good conscience recommend that anyone buy one. It’s a glimpse of a potential future and a developer kit for potential future Apple platforms, but that’s about it.

[…]

Vision Pro is a tremendous video player. […] If there’s a single feature that would actually sell Vision Pros, it would be the creation of some sort of killer immersive video content.

[…]

Beyond video, I’ve found Vision Pro to be an excellent tool for shifting my own personal context. When I’m feeling frustrated or distracted and need to buckle down and get to work, I have frequently put on the Vision Pro, popped in my AirPods Pro, and dialed in an immersive environment (Joshua Tree is my favorite) so I can work with zero distractions.

[…]

And, yes, Mac Virtual Display is a winner. It’s not perfect—the video quality of the Vision Pro display is a little fuzzier than a real Retina Display—but it lets me use my laptop in any context, in any space. Laptops are actually kind of bad for you ergonomically since the keyboard is physically close to the display. In Virtual Display mode, I can float the display higher up, allowing me to view it at a more comfortable angle.

[…]

The problem is that I rarely find myself needing to use the Vision Pro. It’s not that I don’t enjoy using it… in fact, every time I put it on, I find myself wanting to give myself additional reasons to keep on using it because it’s so much fun in there! But the impetus to find a safe place to sit, take off my glasses, slip on a VR headset, and jack into cyberspace doesn’t come along that often.

John Gruber:

Vision Pro is easily worth $3500 alone just for watching 2D movies and TV and sports on a virtual high-res enormous screen. If Apple can also offer 3D live sports and compelling original 3D content and games, they won’t be able to make them fast enough to keep up with demand at $3500.

$3500 is a bargain for what Vision Pro offers.

[…]

It’s just that me, personally, I’m not the target audience for a $3500 super deluxe movie watching headset.

John Gruber:

Am I predicting that the Vision platform will have as bright and essential a future ahead of it as the Macintosh did in 1984? No. But I suspect it has a bright and essential future ahead of it. The entire concept and paradigm is so new and different that, like the Macintosh 40 years prior, the product had to ship years before a version will be made at a price that appeals to the mass market, and years before there’s all that much to do using it.

But, as it stands, Vision Pro today offers an incredible experience for watching traditional movies and shows, and a breakthrough experience for watching spatial content. If Bang & Olufsen sold this product in a form that only played movies — no “spatial computing” — it would cost $10,000 and some people would consider it well worth the price. Spatial computing feels fun to me, but not very productive. That could change, and I suspect “fun but not productive” is how I would have described trying to work on a Macintosh in 1984 vs. an Apple II. And Vision Pro’s remarkable (and with VisionOS 2, much improved) Mac Virtual Display feature is a highly-productive environment for work.

I can’t give Vision Pro an A for 2024, but I foresee A’s in future years.

Mark Gurman (tweet):

Apple Inc. has canceled a project to build advanced augmented reality glasses that would pair with its devices, marking the latest setback in its effort to create a headset that appeals to typical consumers.

[…]

The now-canceled product would have looked like normal glasses but include built-in displays and require a connection to a Mac[…]

Previously:

TikTok Back in the App Store

Juli Clover:

TikTok is once again available for download from the App Store, which means it can be installed on iPhones and will be able to receive updates. Apple’s decision to start distributing TikTok again comes after a letter sent from U.S. Attorney General Pam Bondi, according to Bloomberg, but the letter has not been shared.

[…]

While TikTok has been absent from the App Store for the last month, the social network has remained functional and those who previously downloaded TikTok have been able to continue to use the app.

John Gruber:

I’d sure like to see what exactly that letter says. […] Neither Apple nor Google, wisely, have been talking publicly about this at all, but it seems clear that they’ve been acting in concert throughout the process. It is not a coincidence that they both de-listed and now re-listed TikTok simultaneously.

Also, still no idea how this is going to end, because I really don’t think the CCP is going to allow ByteDance to sell TikTok. And there are Republicans in the Senate — e.g. Tom Cotton — who stand behind the sell-or-you’re-banned law.

Previously:

Thursday, February 13, 2025

Reuters Wins AI Copyright Case

Kate Knibbs (Hacker News):

Thomson Reuters has won the first major AI copyright case in the United States. In 2020, the media and technology conglomerate filed an unprecedented AI copyright lawsuit against the legal AI startup Ross Intelligence. In the complaint, Thomson Reuters claimed the AI firm reproduced materials from its legal research firm Westlaw. Today, a judge ruled in Thomson Reuters’ favor, finding that the company’s copyright was indeed infringed by Ross Intelligence’s actions.

[…]

Notably, Judge Bibas ruled in Thomson Reuters’ favor on the question of fair use. The fair use doctrine is a key component of how AI companies are seeking to defend themselves against claims that they used copyrighted materials illegally. The idea underpinning fair use is that sometimes it’s legally permissible to use copyrighted works without permission—for example, to create parody works, or in noncommercial research or news production. When determining whether fair use applies, courts use a four-factor test, looking at the reason behind the work, the nature of the work (whether it’s poetry, nonfiction, private letters, et cetera), the amount of copyrighted work used, and how the use impacts the market value of the original. Thomson Reuters prevailed on two of the four factors, but Bibas described the fourth as the most important, and ruled that Ross “meant to compete with Westlaw by developing a market substitute.”

Previously:

Gemmell Is Back to Mac

Matt Gemmell (Mastodon):

Almost eight and a half years ago, I switched to using an iPad as my full-time computer, having come from decades of having Macs.

In recent years we did get an emergency-use shared/household M2 MacBook Air, which my wife would occasionally take out of the cupboard. Now, that laptop has become my computer.

[…]

I loved the slab of glass, and the Apple Pencils of each generation. I loved that I could rotate it, and write on it, and pinch-zoom it, and connect it to a keyboard, and just figuratively hug the thing. It was most certainly The Future, and very much on track to become everyone’s full-time computer after another few versions of the OS. Then another few versions. Then another few.

I believed in the promise of the form factor and the interaction language, and the human-focused nature of the device, so much that I made iPad-only a part of my identity. And I really was happy. But eventually, without me really noticing, things started to happen.

[…]

iPads are slower than Macs, subjectively, and almost regardless of hardware. I’m most recently comparing an M2 MacBook with an M4 iPad, but the experience is the opposite of what the hardware might naively suggest.

Eric Schwarz:

Stories of switching between Macs and iPads are nothing new, but this particular post struck a chord with me—regular readers know that I have had some sort of iPad since the very beginning and there were plenty of stints where the iPad was my primary computer. However, I sold mine last November, not because I disliked the device, but felt that it simply was unnecessary and I was naturally using it less and less.

[…]

Apple has done iPadOS a disservice for way too long—every new first-party app seems to be iPhone-only (Sports, Journal, Invites) and sometimes features come to the iPhone, but not the iPad. This creates an attitude of if Apple doesn’t care about the iPad, why should you? At least the Mac is different enough that you can put up with the inconsistencies and/or rely on some older alternatives. I like a lot of the intentions of iOS to simplify and rethink the computing experience, but way too much either feels incomplete or abandoned.

Matt Birchler:

One of the superpowers of the Mac is that it can do many things at once. Obviously, the iPad has multitasking, but not in the way the Mac does. The basic concept of iPad multitasking is that you need to be able to see an app for it to be reliably working. If you can’t see an app, there is a select list of things it can keep doing in the background, but most things die immediately, and it may be booted from memory at any point.

[…]

There are trade-offs to customization and user control, but this is a fundamental difference between the Mac and iPad that can’t be overstated. As a simple example, there have been many window management apps on the Mac forever, so people who don’t love the built in option have had an embarrassment of riches in terms of options, but if you don’t like Stage Manager on the iPad, your only hope is that Apple updates it to your liking someday.

Previously:

Update (2025-02-14): Craig Grannell (Mastodon):

In his post, Matt notes part of the problem with the iPad is that it’s never been strongly defined. When Steve Jobs introduced the iPad, it was positioned somewhere between a phone and a laptop. Since then, users have argued for it to take over the capabilities of both devices – but especially the latter. However, while the iPad has the power of Apple’s ‘proper’ computers, it lacks the flexibility and, in some cases, utility. All of which is by design.

What some people tend to forget is that Apple is very opinionated on wanting people to buy (at least one) Mac alongside any Apple mobile devices. It’s my ongoing belief that arbitrary barriers have therefore been – at best – left in place for that purpose.

For example, the iPad never got true virtual memory or sideloading, and the Mac never got touch.

Update (2025-02-16): Rui Carmo:

You see, the iPad’s attrition has also been getting to me lately–as a case in point, I haven’t used my iPad Pro for anything other than reading and annotating PDFs in months, and that was before I, too, sort of as a way to capture my thoughts and early drafts.

I have the excuse of (literally) using all the platforms, but even as I type this on my Mac thanks to effortless Reading List syncing, a lovely keyboard and my grand pair of huge displays, I can’t help but feel that the iPad has been left to languish in a sort of limbo.

Chinese App Store Antitrust Probe

Tim Hardwick:

China’s State Administration for Market Regulation (SAMR) is said to have been critically examining Apple’s practices and holding discussions with the company since last year, specifically about its 30% commission on in-app purchases and restrictions on external payment services, according to the outlet’s sources.

Chinese regulators are said to be particularly focused on whether Apple’s fees for local developers are unreasonably high. They’re also examining if the company’s prohibition of third-party app stores and payment methods stifles competition and negatively impacts Chinese consumers.

NSDocument Auto Saving and File Types

Gus Mueller:

Has anyone successfully come up with strategies for opting into NSDocument’s autosavesInPlace, but only for certain file types? I’ve looked into overriding scheduleAutosaving and friends, but nothing really works. TextEdit just throws up an alert saying “hey, lossy file format”. Is this the best I can do?

Brian Webster:

The issue is if you Save As where the original file type supports auto save but the new one doesn’t (or vice versa). The override is a class method and not an instance method, so there’s no way for the existing instance to flip its auto save boolean to reflect the new file type.

This is an interesting API problem. The core issue is that NSDocument wants you to have a single subclass for each family of file types that can be mutually converted via Save As. The configuration is done at the class level, so it assumes that each file type is just a different flavor that works in the same way.

One could argue that the Cocoa document architecture is missing several abstractions that would be needed for a proper general solution. The basic stuff both easy and quite configurable, with a small API surface, but to go beyond that you need to reimplement a lot yourself or try to hack it into the desired shape.

Dave DeLong:

Override NSDocumentController to provide unique NSDocument subclasses for each document so that each one can swap its own +autosavesInPlace method IMP without fear of messing up other documents, while also still preserving KVO behavior?

Wednesday, February 12, 2025

Migrating Apple Account Purchases Between Accounts

Apple:

If an Apple Account is only used for making purchases, those purchases can be migrated to a primary Apple Account to consolidate them.

This feature isn’t available to users in the European Union, United Kingdom, or India.

[…]

You can choose to migrate apps, music, and other content you’ve purchased from Apple on a secondary Apple Account to a primary Apple Account. The secondary Apple Account might be an account that’s used only for purchases. You’ll need access to the primary email address or phone number and password for both accounts, and neither account should be shared with anyone else.

Apple:

  • Neither Apple Account can already be used for migrated purchases. Learn how to undo a migration of purchases. If you undo a migration of purchases from a secondary account, you won’t be able to migrate purchases again for 1 year.

  • You can’t migrate purchases if both the primary Apple Account and the secondary Apple Account have music library data associated with each of them.

Via John Gruber:

This might be the “finally” to end all finallys. I really never thought I’d see this day where Apple finally made this possible. This document presents a solution to a situation I’ve been in (and with each subsequent media purchase, digging deeper into) for over 20 years.

[…]

So fast forward to today, and I’ve had two Apple Accounts on every device I use for the last 20-or-so years. One for “Media and Purchases” (my original iTunes account, using the @daringfireball.net address), and my primary Apple ID (the @mac.com address). All my purchases — all the music, books, apps, subscriptions, and thousands of dollars in movies that I’ve purchased with that iTunes account over the years — are using an Apple Account that’s not my iCloud account.

[…]

I’ll wait and let others try this before I do (if it ain’t broke don’t fix it), but if any of you try this, I’m curious how it goes — especially if you’re part of a family sharing group.

It really seems more like migrating purchases (as the title of Apple’s support document says) rather than merging accounts. iCloud data, account balances, and TestFlight betas don’t transfer.

Sean Heber:

It appears that Apple’s new account migration stuff does NOT work for TestFlight access.

That by itself is fine - whatever. The problem here is that it appears when someone does an account migration, it kind of half-migrates TestFlight somehow.

People are telling us their new email address to invite but TestFlight thinks they’re already a tester with that email address!

So you can’t just reinvite them. It seems we have to filter for the user, remove them, then add them as a new tester.

Craig Hockenberry:

If you’re hearing from testers about being kicked out of TestFlight because of the new account migration stuff, DO NOT update their email. It’s a lot of work and will not help them.

For now, you MUST give them a public link, even if it’s a private beta.

Adam Chandler:

Here’s why I can’t add my migrated AppleID to Messages or FaceTime or set it up as a custom domain in iCloud+ Mail….it’s not gone. Apple appears to let me “unmigrate” indefinitely back to having two IDs. I want Apple to release the old one so I can actually use it.

Also, it’s dumb that you have to migrate on iOS and not MacOS. The same panel in MacOS does not offer a migrate option but like usual, MacOS is a second class citizen in Apple’s eyes.

John Voorhees:

I started buying music from iTunes on a Windows PC for an iPod before I owned any other Apple products. Those purchases were linked to one email address. Later, when I got my first Mac, I got a .Mac email address, which became a MobileMe account and, finally, an iCloud account. That left me with an iCloud account for iCloud services and a different address for my music, movies, TV shows, apps, and other purchases.

I’ve gotten used to the process of signing in to different accounts for iCloud and my purchases, but every now and then, it causes some hard-to-troubleshoot conflict somewhere. That’s why I’m glad to see there’s now a process for moving everything to one account. However, having also lived through many iCloud headaches over the years, I think I’ll wait a while before attempting a migration.

See also: TidBITS-Talk and Mac Power Users Talk.

Previously:

Update (2025-02-13): Adam Engst:

Ironically, when Tonya and I were testing Apple Invites last week (see “Streamline Event Planning with New Apple Invites Service,” 4 February 2025), she experienced some confusion because her everyday Apple Account is tied to a rarely used mac.com email address rather than her primary email address. Attempting to respond to an invitation with her primary email address led her down a rabbit hole when she discovered it was linked to another unused Apple Account, likely created decades ago for testing purposes. “If only you could merge the two,” I joked, never realizing it would become possible just days later.

[…]

Be sure to read everything carefully if you’re considering migration. In particular, be aware that after migration, the secondary account can no longer be used for Media & Purchases unless you explicitly undo the migration. And once you undo a migration, that account can’t be migrated again for a year, so you don’t want to goof around. I also recommend waiting a few weeks to increase the likelihood that Apple has fixed any bugs that might affect you.

Update (2025-02-14): John Gruber:

Apple has added a new requirement before proceeding with migration:

You can’t migrate purchases if your secondary Apple Account is used with TestFlight for testing beta versions of apps from a developer. Open TestFlight and select Stop Testing for each app to remove it from your account.

App Store and Japanese Consumption Tax

Apple:

As a result of last year’s change in Japan’s tax regulations, Apple (through iTunes K.K. in Japan) is now designated as a Specified Platform Operator by the Japan tax authority. All paid apps and In-App Purchases, (including game items, such as coins) sold by non-Japan-based developers on the App Store in Japan will be subject to the platform tax regime. Apple will collect and remit a 10% Japanese consumption tax (JCT) to the National Tax Agency JAPAN on such transactions at the time of purchase. Your proceeds will be adjusted accordingly.

As far as I’m aware, this does not apply to software sold outside the App Store, though that remains subject to the 20% Japanese tax on software royalties unless you file the yearly paperwork (sending the Japanese government your IRS Form 6166) to show that you are paying taxes in the US.

Previously:

Game Licensing in Vietnam

Apple:

The Vietnamese Ministry of Information and Communications (MIC) requires games to be licensed to remain available on the App Store in Vietnam. To learn more and apply for a game license, review the regulations.

James Thomson:

I suspect this means Dice by PCalc and About by PCalc will be exiting the App Store in Vietnam, because there are new rules which require me to apply for a game license to keep them on the store there.

The rules seem to be mainly targeted at people running multiplayer games, but you still need one for offline single player stuff, and I believe it’s way outside of the scope of what a small indie can do.

[…]

“Foreign enterprises wishing to publish games in Vietnam must establish enterprises in Vietnam with charter capital not exceeding 49% in accordance with the Law on Foreign Investment”.

Previously:

App Store Advanced Commerce API

Apple:

To further support developers’ evolving business models — such as exceptionally large content catalogs, creator experiences, and subscriptions with optional add-ons — we’re introducing the Advanced Commerce API.

Developers can apply to use the Advanced Commerce API to support eligible App Store business models and more flexibly manage their In-App Purchases within their app.

[…]

Learn about eligibility requirements and how to apply

Hartley Charlton:

Apple’s announcement appears to be part of a broader effort to refine its App Store policies following scrutiny, particularly in the European Union. This particular API appears to be a direct response to challenges faced by apps with unconventional monetization models, such as Patreon, an online platform that enables creators to offer paid memberships to their audiences.

Dimitri Bouniol:

Is this a response to Kindle needing an entry for every book in their catalogue, or a response to apps like Patreon where every creator needs an IAP assigned to them? (either way, it looks like it’ll do little to win over those platforms)

To me it seems like checking a box rather than addressing the fundamental issues.

Steve Troughton-Smith:

“If you already have access to the Advanced Commerce API and would like to make updates, like adding product identifiers, new business models, significant price changes, you’ll need to submit your updates to the Advanced Commerce API Access form.”

Why would any large catalog apps sign up for this? This is a trap

Damien Petrilli:

Real title: “Apple announce 30% tax on patreon style content”

David Barnard:

Apple first announced the Advanced Commerce API at WWDC in June of 2024, but offered no documentation and only a vague description of what it would do. With yesterday’s announcement they have now provided a detailed overview and full documentation.

[…]

There are thousands of creators on X that now offer subscriptions. Each creator sets their own price and X users can subscribe to as many accounts as they want to. Without the Advanced Commerce API, apps like X would need to create products for each creator subscription manually in App Store connect in it’s own subscription group.

[…]

On the web, YouTube TV allows customers to purchase add-ons that enhance functionality and add additional content. Google could now offer that same functionality on the App Store with the core package and ad-ons billed and managed as a single subscription.

He lists a bunch of limitations but overall seems bullish on this change, saying that “it shows Apple’s willingness to evolve the App Store for developers’ needs.”

Previously:

Tuesday, February 11, 2025

macOS 15.3.1

Juli Clover (release notes, no security, no enterprise, no developer, full installer, IPSW):

According to Apple’s release notes, macOS Sequoia 15.3.1 includes important security fixes, and it is recommended for all users.

Important security fixes, but no CVEs.

See also: Mr. Macintosh and Howard Oakley.

Ric Ford:

Apple continues to enable Apple Intelligence on customers’ devices without permission during critical security updates as experts (and our own experiences) confirm.

I had Apple Intelligence enabled, turned it off, then updated to macOS 15.3.1, and it was enabled again.

Jeff Johnson (Mastodon):

Some people who had previously disabled Apple Intelligence in macOS 15.3 and iOS 18.3 saw it re-enabled after updating to macOS 15.3.1 and iOS 18.3.1 today. In fact I personally have two different Apple silicon Macs running macOS Sequoia, and after I updated both Macs to 15.3.1, Apple Intelligence was re-enabled on my MacBook Pro but not on my Mac mini. The difference in behavior appears to depend on whether the Setup Assistant and welcome screen is displayed after the update. On my MacBook Pro, but not my Mac mini, I saw the Setup Assistant.

This is essentially an advertisement for Apple Intelligence, with no option to enable or disable it. After pressing the Continue button, I saw the macOS welcome screen, which required me to press Continue a second time.

I wonder why it’s not consistent between Macs.

Tim Hardwick:

In our tests using an M4 Pro Mac mini, iPhone 16 Pro, iPhone 15 Pro, and M4 iPad Pro – all with Apple Intelligence previously disabled in iOS/iPadOS 18.3 and macOS 15.3 – we found that while the iPhones and iPad maintained their disabled status after updating to iOS/iPadOS 18.3.1, the Mac mini automatically re-enabled the feature after updating.

Greg Pierce:

Another macOS Sequoia update (15.3.1) and the whole Message UI framework is still broken in Catalyst apps with no activity on my FB (FB15693837) from Nov. 5. Ugh.

Previously:

macOS 14.7.4 and macOS 13.7.4

macOS 14.7.4 (full installer, no security):

This update provides important security fixes and is recommended for all users.

macOS 13.7.4 (full installer, no security):

This update provides important security fixes and is recommended for all users.

See also: Howard Oakley.

Previously:

iOS 18.3.1 and iPadOS 18.3.1

Juli Clover (iOS/iPadOS release notes, security, no enterprise, no developer):

According to Apple’s release notes, iOS 18.3.1 includes bug fixes and security updates.

Previously:

watchOS 11.3.1

Juli Clover (release notes, no security, no developer):

The watchOS 11.3.1 update includes important security updates, and it is recommended for all Apple Watch owners.

Previously:

visionOS 2.3.1

Juli Clover (release notes, no security, no developer, no enterprise):

According to Apple’s release notes, visionOS 2.3 includes security updates, and the software is recommended for all users.

Previously:

Monday, February 10, 2025

How Safari Search Engine Extensions Work

Jeff Johnson (Hacker News):

Note below how Safari says “Search Google” and “Google Search”, even though I’m supposed to be using Kagi.

[…]

Safari connects to Kagi only after connecting to Google.

[…]

An unfortunate consequence is that Safari always sends your search to your default search engine, Google for example, before it sends your search to your custom search engine! Is that what you wanted? If you’re trying to protect your privacy, well… you’re failing. Another unfortunate consequence is that you can’t use your default search engine in Safari—if you want to check Google occasionally and compare to Kagi—because the Safari extension will always redirect your searches.

Unique among major browsers, Safari doesn’t let users select a custom search engine. The built-in choices include subpar offerings like Yahoo and the failed Ecosia but not newer, better entrants such as Kagi and Brave. Safari extensions are a hacky substitute that offers a bad user experience.

Even though Chrome is made by Google, it lets you pick another search engine. Even though Edge is made by Microsoft, it doesn’t lock you into Bing, and you can add any search URL template that you want. Apple is not encumbered with its own search engine to push, yet it seems to be constrained by its desire for revenue sharing, so Safari users get stuck with fewer choices that are arguably lower quality and less private.

Previously:

Update (2025-02-11): Nick Heer:

One other possibility is that Apple’s nominal desire for simplicity in preferences led to the company ignoring requests for an arguably niche feature like a custom search engine. Yet Safari preferences are complex and messy in other ways, and the company has — thankfully — retained legacy features like user stylesheets. Even if revenue sharing discouraged Apple from developing this feature, how many people are actually going to set a custom search engine, and would they have a meaningful impact on its beloved Google revenue stream? My guesses: very few, and I doubt it. Yet here we are, over twenty years after Safari’s launch, and we can generously choose between five search engines, of which three — Bing, DuckDuckGo, and Yahoo — are dependent on the same index.

Even if you grant that custom search engines would be too complex, Kagi and Brave should probably be built-in options, anyway.

TikTok Android Sideloading

TikTok:

We’re enhancing ways for our community to continue using TikTok by making Android Package Kits available at TikTok.com/download so that our U.S. Android users can download our app and create, discover, and connect on TikTok.

Via John Gruber:

I suspect something is going to give on this standoff. Either (a) China relents and actually sells to a U.S. company, and TikTok comes back to the App Store and Play Store; or (b) Trump’s extralegal extension expires with no sale and Oracle and Akamai are forced to pull the plug on ByteDance’s cloud services in the US.

[…]

If I’m wrong and TikTok remains in this half-zombie state in the US — unavailable in the App Store or Play Store, but operational if you have the app installed on your phone — it’ll be interesting if TikTok is the app that makes the mass market actually care about the lack of sideloading on iOS. It’ll be interesting too if sideloading on Android goes mainstream because of this.

Does app vs. Web make that much difference if you’re just consuming the videos?

Previously:

DeepSeek’s True Training Cost

Anton Shilov:

SemiAnalysis reports that the company behind DeepSeek incurred $1.6 billion in hardware costs and has a fleet of 50,000 Nvidia Hopper GPUs, a finding that undermines the idea that DeepSeek reinvented AI training and inference with dramatically lower investments than the leaders of the AI industry.

DeepSeek operates an extensive computing infrastructure with approximately 50,000 Hopper GPUs, the report claims. This includes 10,000 H800s and 10,000 H100s, with additional purchases of H20 units, according to SemiAnalysis. These resources are distributed across multiple locations and serve purposes such as AI training, research, and financial modeling. The company’s total capital investment in servers is around $1.6 billion, with an estimated $944 million spent on operating costs, according to SemiAnalysis.

Yazhou Sun and Tom Mackenzie:

The notion that China’s DeepSeek spent under $6 million to develop its artificial intelligence system is “exaggerated and a little bit misleading,” according Google DeepMind boss Demis Hassabis.

[…]

DeepSeek “seems to have only reported the cost of the final training round, which is a fraction of the total cost.”

Previously:

Google Maps at 20

James Killick (via Adam Chandler):

In 2018 Bill [Kilday] wrote a book about their travails. It is the definitive, insider story of Google Maps. The book is called “Never Lost Again” and I can’t recommend it enough. Among other places it’s available on Amazon and Apple Books.

[…]

I recently had the privilege of chatting with Bill and I told him about my plans for this post. We both agreed that the timing should coincide with the 20th anniversary of Google Maps.

So, with that in mind, here we go!

It remains one of my favorite Web sites. If I could only keep three Google products, they would probably be YouTube, Maps, and Translate.

Silas Valentino:

After presenting a dynamic map — now compatible with the web — Where 2 Technologies was acquired by Google for an undisclosed sum in October 2004. At the same time, Google also scooped up the satellite imagery service Keyhole, a critical component for developing Google Maps, since it opened access to scores of satellite images. In the ensuing months, Where 2 Technologies and Keyhole fused their products together, building a digital map made of satellite tiles.

[…]

Maps debuted on Feb. 8, 2005, and Lars remembers it immediately disrupted the entire Google system.

“It actually almost destroyed Google’s data centers,” he said in the podcast. “Rather, it clogged the pipes with all of those tiles of mapping images flying back and forth, almost used all of Google’s bandwidth. It was amazing. It was a huge hit from day one.”

Stephen Hutcheon:

Now, on the eve of Google Maps’ 20th anniversary, the 54-year-old Australian software engineer [Stephen Ma] has had a change of heart. He wants to write himself back into the foundation story – as well as acknowledge others whose contributions have been overlooked or undersold.

Previously:

Friday, February 7, 2025

UK Orders Apple to Break iCloud Advanced Data Protection

Dominic Preston (Hacker News, MacRumors):

Apple has reportedly been ordered by the UK government to create a backdoor that would give security officials access to users’ encrypted iCloud backups. If implemented, British security services would have access to the backups of any user worldwide, not just Brits, and Apple would not be permitted to alert users that their encryption was compromised.

The Washington Post reports that the secret order, issued last month, is based on rights given under the UK’s Investigatory Powers Act of 2016, also known as the Snoopers’ Charter. Officials have apparently demanded blanket access to end-to-end encrypted files uploaded by any user worldwide, rather than access to a specific account.

[…]

The UK has reportedly served Apple a document called a technical capability notice. It’s a criminal offense to even reveal that the government has made a demand. Similarly, if Apple did accede to the UK’s demands then it apparently would not be allowed to warn users that its encrypted service is no longer fully secure.

Dan Moren:

While law enforcement has long been able to access encrypted data for which Apple holds the keys, this move would reportedly apply to end-to-end data in which the user holds the keys, such as Apple’s Advanced Data Protection. This law would target end-to-end encrypted data from Google and Meta as well.

This is red alert, five-alarm-fire kind of stuff. Providing a backdoor would be worrying enough for reasons that should be obvious to anybody who knows the barest inkling about technology—to wit, that there exists no mechanism to keep such a tool out of the hands of malicious actors—but the fact that it would apply beyond the UK borders to other countries is a staggering breach of sovereignty. And, moreover, as Menn points out, such a move would no doubt embolden other powers to ask for access to the same capabilities—such as China.

[…]

Ironically, the biggest impediment might come in the form of the European Union, as Apple apparently argued that the implementation would undermine the European right to privacy.

Nick Heer:

In any case, the reported demands by the U.K. government are an extraordinary abuse of their own. It has global implications for both U.K. access and, I would venture, access by its allies. As a reminder, U.S. and U.K. spy agencies routinely shared collected data while avoiding domestic legal protections. This order explicitly revives the bad old days of constant access.

Tim Hardwick:

According to sources that spoke to the publication, Apple is likely to stop offering encrypted storage in the UK as a result of the demand. Specifically, Apple could withdraw Advanced Data Protection, an opt-in feature that provides end-to-end encryption (E2EE) for iCloud backups, such as Photos, Notes, Voice Memos, Messages backups, and device backups.

In this scenario, UK users would still have access to basic iCloud services, but their data would lack the additional layer of security that prevents even Apple from accessing it.

Previously:

Update (2025-02-10): Mike Masnick:

While officials repeatedly insisted they weren’t trying to break encryption entirely, those of us following closely saw this coming. Apple even warned it might have to exit the UK market if pushed too far.

[…]

The UK government is demanding that Apple fundamentally compromise the security architecture of its products for every user worldwide. This isn’t just about giving British authorities access to British users’ data — it’s about creating a master key that would unlock everyone’s encrypted data, everywhere.

This is literally breaking the fundamental tool that protects our privacy and security. Backdoored encryption is not encryption at all.

[…]

This global reach is particularly concerning given the UK’s membership in the Five Eyes intelligence alliance. Any backdoor created for British authorities would inevitably become a tool for intelligence and law enforcement agencies across the US, Australia, Canada, and New Zealand — effectively creating a global surveillance capability without any democratic debate or oversight in those countries.

Bruce Schneier:

Apple is likely to turn the feature off for UK users rather than break it for everyone worldwide. Of course, UK users will be able to spoof their location. But this might not be enough. According to the law, Apple would not be able to offer the feature to anyone who is in the UK at any point: for example, a visitor from the US.

And what happens next? Australia has a law enabling it to ask for the same thing. Will it? Will even more countries follow?

This is madness.

Mark Nottingham (via Hacker News):

The UK is presumably interested in Apple providing this functionality because iCloud’s design conveniently makes a massive amount of data convenient to access in one location: Apple’s servers. If that data is instead spread across servers operated by many different parties, it becomes less available.

In effect, this is the decentralize iCloud option. Apple would open up its implementation of iCloud so that third-party and self-hosted providers could be used for the same functions. They would need to create interfaces to allow switching, publish some specifications and maybe some test suites, and make sure that there weren’t any intellectual property impediments to implementation.

[…]

This isn’t a perfect option. Orders could still force weakened encryption, but now they’d have to target many different parties (depending on the details of implementation and deployment), and they’d have to get access to the stored data. If you choose a provider in another jurisdiction, that makes doing so more difficult, depending on what legal arrangements are in place between those jurisdictions; if you self-host, they’ll need to get physical access to your disks.

SpamSieve 3.1.1

SpamSieve 3.1.1 improves the filtering accuracy of my Mac e-mail spam filter, amongst other enhancements and fixes.

The update was held up because the Developer ID Notary Service was down for most of the business day yesterday.

Some interesting issues were:

Previously:

DeepSeek Privacy Issues

Dan Goodin:

On Thursday, mobile security company NowSecure reported that the app sends sensitive data over unencrypted channels, making the data readable to anyone who can monitor the traffic. More sophisticated attackers could also tamper with the data while it’s in transit. Apple strongly encourages iPhone and iPad developers to enforce encryption of data sent over the wire using ATS (App Transport Security). For unknown reasons, that protection is globally disabled in the app, NowSecure said.

[…]

What’s more, the data is sent to servers that are controlled by ByteDance, the Chinese company that owns TikTok. While some of that data is properly encrypted using transport layer security, once it’s decrypted on the ByteDance-controlled servers, it can be cross-referenced with user data collected elsewhere to identify specific users and potentially track queries and other usage.

Ben Lovejoy:

The latest findings are far worse than the previous security failure which exposed chat history and other sensitive information in a database requiring no authentication …

Brian Krebs:

Beyond security concerns tied to the DeepSeek iOS app, there are indications the Chinese AI company may be playing fast and loose with the data that it collects from and about users. On January 29, researchers at Wiz said they discovered a publicly accessible database linked to DeepSeek that exposed “a significant volume of chat history, backend data and sensitive information, including log streams, API secrets, and operational details.”

“More critically, the exposure allowed for full database control and potential privilege escalation within the DeepSeek environment, without any authentication or defense mechanism to the outside world,” Wiz wrote.

William Gallagher:

NowSecure says it is continuing to research DeepSeek. It notes that the Android version is even less secure than the iOS one.

Previously:

Screenshot-Reading Malware

Wes Davis:

Apps distributed through both Apple and Google’s app stores are hiding malicious screenshot-reading code that’s being used to steal cryptocurrency, the cybersecurity software firm Kaspersky reported today. It’s the “first known case” of apps infected with malware that uses OCR tech to extract text from images making it into Apple’s App Store, according to a blog post detailing the company’s findings.

Kaspersky says it discovered the code from this particular malware campaign, which it calls “SparkCat,” in late 2024 and that the frameworks for it appear to have been created in March of the same year.

Via Guy English:

This is the kind of thing that makes tech so annoying these days. What’s a platform to do? At the scale of adoption of these devices (both Apple and Android) there are countless people who’d not think twice about agreeing to photo access without thinking for a moment of the screenshot with their credentials they saved off a long time ago. The only solution I can think of is only using system UI to pick what apps see. Which we have now. But that’s kind of annoying too.

Bruce Schneier:

That’s a tactic I have not heard of before.

Juli Clover:

Kaspersky located several App Store apps with OCR spyware, including ComeCome, WeTink, and AnyGPT, but it is not clear if the infection was a “deliberate action by the developers” or the “result of a supply chain attack.”

[…]

Apple checks over every app in the App Store , and a malicious app marks a failure of Apple’s app review process. In this case, there does not appear to be an obvious indication of a trojan in the app, and the permissions that it requests appear to be needed for core functionality.

Juli Clover:

Apple pulled the apps from the App Store.

Thursday, February 6, 2025

Mac App Store Broken on macOS 10.14 and Earlier

Alexander Blach:

I’m getting a report from a user that the Mac App Store doesn’t work on macOS Sierra 10.12.6 anymore - they get “An unexpected error occurred while signing in.”

I also see these threads in the the Apple Support Community:

Apple made changes to Mac App Store receipts on January 24, 2025.

Looks like with this change they have also rendered the Mac App Store unusable on older systems, so that customers on these systems can no longer download their purchased apps.

I’m not sure whether there’s actually a connection between the receipts change and the store itself not working, but I can confirm that the store is broken on macOS 10.14 but works on macOS 10.15. On earlier versions, when I try to sign in it doesn’t report an error but never actually signs me in. Thus, you can browse the store but can’t make new purchases, re-download old ones, or install updates.

Previously:

Update (2025-02-07): This story got picked up by MacRumors and AppleInsider, and as of this morning, the Mac App Store is once again working for me on macOS 10.14. Michel Fortin says it now works on 10.13.

Wednesday, February 5, 2025

Tapestry 1.0

The Iconfactory (Mastodon):

Tapestry combines posts from your favorite social media services like Bluesky, Mastodon, Tumblr and others with RSS feeds, podcasts, YouTube channels and more. All of your content presented in chronological order, with no algorithm deciding what you should or shouldn't see.

[…]

Third-party connectors can be added to Tapestry to allow it to work with even more sources. If it has a publicly-accessible feed on the internet, a connector can be built for it.

Ryan Christoffel:

Tapestry is a free download on the App Store, with subscription options available to remove ads, unlock custom timelines, content muting, and theme customization. Subscriptions run $1.99/month, $19.99/year, or you can make a one-time purchase of $79.99.

The Iconfactory:

Connectors are created with standard web technologies: JavaScript and JSON. All of Tapestry’s connectors are open source and easy to adapt for your needs.

You’ll use Tapestry Loom on a Mac to test and debug your connector[…]

Craig Hockenberry:

Centralized systems have shown their weakness and siloed content has as much a chance of surviving as “You’ve got mail!”.

Tapestry was built with this change in mind. Your content comes from a lot of different places, and how that data is retrieved from a feed is entirely customizable. Our goal was to put RSS, social media, podcasts, and more into a flexible and easy-to-read timeline. Tapestry syncs this variety of feeds across devices in a way that is seamless, secure, and easy to understand.

Nick Heer:

I am not sure I want all of these things inside a single app’s timeline. I typically want to treat reading web feeds as a discrete task, for example, and I would use a dedicated podcast client instead. But I like the idea of a merged social media feed. Some people have accounts on Bluesky, Mastodon, and Micro.blog, while others are on only one of those services. I would often like to see all of them at the same time.

[…]

What I would really like — and I do not mean to sound ungrateful or demanding — is a MacOS client.

Previously:

Update (2025-02-11): Federico Viticci:

My problem with timeline apps is that I struggle to understand their pitch as alternatives to browsing Mastodon and Bluesky (supported by both Tapestry and Reeder) when they don’t support key functionalities of those services such as posting, replying, reposting, or marking items as favorites.

[…]

But: the beauty of the open web and the approach embraced by Tapestry and Reeder is that there are plenty of potential use cases to satisfy everyone. Crucially, this includes people who are not like me. There is no one-size-fits-all approach here because the web isn’t built like that.

So, while I still haven’t decided which of these two apps I’m going to use yet, I’ve found my own way to take advantage of timeline apps: I like to use them as specialized feeds for timelines that I don’t want to (or can’t) have in my RSS reader or add as lists to Mastodon/Bluesky.

Reeder Rebuilt

Silvio Rizzi (September 2024):

The new Reeder is out!

A note to Reeder Classic users: For this release, I’ve tried to cover any questions you might have about the new Reeder and Reeder Classic in the FAQ.

There’s no pressure to upgrade. As mentioned before, both apps will coexist.

Devon Dundee:

The best word to describe the new Reeder is “ambitious.” Its purpose is not just to be your RSS reader, but your inbox for keeping up with feeds of many different kinds from various sources across the Internet – text from websites, sure, but also videos on YouTube, audio from podcasts, posts on social media, and more. It’s a one-stop shop for the feeds you follow online, collecting them together into a single timeline that you can seamlessly browse across all of your devices.

This concept—like Tapestry—doesn’t really appeal to me. But I’m probably not a typical user. I like that they’re experimenting in this space and that Reeder Classic is sticking around.

Matt Birchler:

What concerned me is that a new app that didn’t click for me had taken over the name of the app I loved. It felt like the app I loved was being put into a legacy status with the “classic” moniker. “Reeder Classic remains a product in our lineup,” if you will. Like I said, there aren’t a bunch of features I hope are added to Reeder Classic, so I’m fine if it goes on the back-burner, I just hope it continues to get support for the latest operating systems so I can keep using it how I do now for many years to come.

Dave Rahardja:

Maybe I’m not getting it, but it no longer has the concept of read/unread blog posts; everything just…hangs out there forever. It also makes it very difficult to read the content in a web browser; you used to be able to press B to open an article in Safari, but now it’s a click on the share arrow, then Open, with no keyboard shortcuts.

Rui Carmo:

And the new Reeder just doesn’t do what I need it to. In fact, it doesn’t even do what it tries to do in a way that I find useful:

  • Polling 200+ feeds? Local polling and iCloud syncing won’t cut it, and the lack of support for feed aggregators tells me this isn’t an app to keep track of a lot of diverse interests.
  • Catching up on Mastodon? I have custom RSS feeds that track lists from a server, since having my home timeline or tags is just useless and too much noise in my experience.
  • Reddit? Erm. Why? I do visit, but (guess what) I already have summary feeds from the couple of subreddits I care about.
  • Videos and podcasts? I can get a much better experience in specialized apps like Yattee and Overcast, and I never consume that kind of content together with the rest–the contexts and use cases just don’t overlap for me.

See also: Mac Power Users and Reddit.

Previously:

Apple “Approved” Hot Tub Porn App

Jess Weatherbed (MacRumors, 9to5Mac):

The first “Apple approved” porn app for iPhone is rolling out in Europe, via AltStore PAL’s alternative iOS app marketplace. AltStore PAL developer Riley Testut says that Hot Tub, which describes itself as an ad-free “adult content browser,” has made it through Apple’s notarization review for fraud, security threats, and functionality, and will be available for AltStore PAL users in the EU to download starting today.

Apple bans “overtly sexual or pornographic material” on its own iOS store. Steve Jobs once replied to a customer email questioning App Store policing, saying that Apple has “a moral responsibility to keep porn off the iPhone,” and said that people looking for such apps should “buy an Android phone.” Thanks to the EU’s Digital Markets Act, iPhone users within the bloc now have greater freedom to install other apps.

Jason Snell:

AltStore and Testut knew exactly what they were doing when they implied an Apple endorsement of this product, presumably based on Apple’s notarization approval of an iOS app. Legally, Apple must notarize apps so long as they are “free of known malware, viruses or other security threats, function as promised and don’t expose users to egregious fraud.” So you can see that Apple’s hands are tied here. Which is why Apple is deeply unhappy with AltStore’s announcement, releasing this PR statement:

We are deeply concerned about the safety risks that hardcore porn apps of this type create for EU users, especially kids. This app and others like it will undermine consumer trust and confidence in our ecosystem that we have worked for more than a decade to make the best in the world. Contrary to the false statements made by the marketplace developer, we certainly do not approve of this app and would never offer it in our App Store. The truth is that we are required by the European Commission to allow it to be distributed by marketplace operators like AltStore and Epic who may not share our concerns for user safety.

But here’s the thing about notarization: Apple has used it in the past, in the EU, for reasons not covered by the above exceptions.

[…]

Apple representatives claim that AltStore is lying by asserting that Hot Tub was approved by the company. (Though it’s not great that Apple’s own emails use the phrase, “The following app has been approved for distribution.”) Instead, they claim that Apple’s hands are tied by the European Commission. And yet… the company has used its lever before to protect users from (checking my notes here) emulators of very old Mac models. Seems dangerous.

Paul Haddad:

If Apple doesn’t want notarization to imply approval they maybe should stop using it that way.

Steve Troughton-Smith:

You decided notarization would be an approval process, and you inserted yourself in it, which means yes you approved this app.

Much like you didn't approve a bunch of other apps, like emulators.

Phil Dennis-Jordan:

Apple decided any non-App-Store-app would require their approval, therefore if this app ships, Apple has approved it.

If iOS notarisation was anything like macOS app notarisation (automated, takes literally 1 minute) then sure, I’d say calling it “Apple-approved” would be misleading. But by all accounts, iOS notarisation is not that. It’s app store review without the app store.

AltStore:

Unfortunately, Apple has rejected several apps from our store in the past for dubious reasons, so the phrase “Apple-approved” in our marketing is a reference to the fact that Hot Tub was approved, not rejected, by Apple for notarization.

John Gruber:

What they mean is that Hot Tub was duly notarized by Apple — an ostensibly technical, not editorial, review that encompasses (using terms from Apple’s own documentation) accuracy, functionality, safety, security, and privacy. I say “ostensibly” there because Apple has, controversially, refused to notarize apps for other reasons[…]

[…]

If we want to get nitty-gritty over verbs, I’d argue that Apple accepts apps — like Hot Tub — for notarization, not approves. Begrudging acceptance is more of a thing than begrudging approval.

Apple is the one who literally chose to use the word “approved” after an app passes notarization.

Riccardo Mori:

Notice the weasely wording of the statement, making it sound as if the EU is to blame. “We didn’t want to distribute this, but the EU made us do it!”

It’s very weaselly. There’s no allegation that there’s actually anything unsafe about the app. It’s gone through Apple’s vaunted review process and runs within a sandbox. Apple is just spreading FUD and throwing its partner under the bus, implying that they have bad motives. It’s also trying to imply that Epic is distributing porn, which is not the case.

Tim Sweeney:

To correct Apple’s false statement screenshotted here, Epic Games Store for PC and mobile - unlike Apple’s App Store - don’t host any porn apps, have never hosted porn apps.

Steve Troughton-Smith:

Adult apps aren’t kept off of iPhone. The top 50 list on the App Store includes several apps filled with hardcore porn, including social media apps and Reddit. This is entirely performative.

Tim Sweeney:

Apple is being extremely disingenuous in attacking the European Union here. The iOS App Store hosts the Reddit app, which provides access to massive amounts of porn. Apple knows this, permits it, and gave Reddit a 17+ (!!!) rating and Editors Choice award.

Peter Steinberger:

Let’s hope nobody tells Apple about Reddit and X!

Not to mention that there’s more porn in Safari than in any third-party app.

John Gruber (Mastodon):

You’ve been able to watch porno on your iPhone since the first day it shipped — a full year ahead of the App Store — by using the web. Apple’s line has always been clear: native apps = Apple-approved; the web = anything goes.

[…]

Jobs responded:

Fiore’s app will be in the store shortly. That was a mistake. However, we do believe we have a moral responsibility to keep porn off the iPhone. Folks who want porn can buy an Android phone.

I agree that Apple shouldn’t be policing what a Web browser can do, but that makes Jobs’ statement nonsensical. There’s every reason to assume that iPhone was and is one of the leading ways that people get this content. If Apple has a moral responsibility, it’s completely failing. It’s not even blocking porn in native apps in the App Store.

John Gruber:

Sweeney has a real point here, and it really is a bit of a conundrum.

[…]

But how is it possible that these super popular platforms have apps in the no-porn App Store while hosting tons of porn? It’s an issue with Reddit, with Tumblr, and apparently especially so with X (fka Twitter).

[…]

I think Sweeney’s synopsis captures Apple’s de facto policy accurately, with the exception that they don’t welcome apps that host porn (so long as the app has controls to hide it, and if the adult content is effectively a side hustle in the overall context of the app), but tolerate it.

Some banks are too big to fail. Some platforms are too big to ban. Apple won’t say that, but that’s clearly the tacit policy.

That’s how a lot of the App Store works. There’s what they say, and then there’s what they actually do.

Putting aside whether this should even be Apple’s role, I think it’s fair to say that they care more about appearing to be on the right side of the issue than about actually addressing it. If they approved an app like Hot Tub with an appropriate age range and warning label, everyone would be clear on what’s happening. Parents could easily block their kids from installing it. What they are actually doing is promoting—giving Editors Choice awards—to apps that hide the content within an innocuous looking shell.

Previously:

Update (2025-02-11): See also: Hacker News.

Spotify Profitable

Ben Lovejoy:

Spotify achieved its first full year of profitability since launching in 2008. The company has previously had occasional profitable quarters, but consistently lost money each year.

[…]

One profitability factor may have been Apple’s decision to allow Spotify to display pricing within the iOS app within Europe, and to direct users to the Spotify website to sign up – avoiding Apple’s 30% cut.

[…]

It was never clear why Apple blocked this given that it appeared to be permissible under the company’s music entitlement.

Todd Spangler:

There was only about a two-year window (from June 2014 to May 2016) during which Spotify Premium subs could opt to sign up and pay through the Apple App Store. Now [July 2023], Spotify is no longer letting those customers continue paying through Apple’s in-app purchases.

Jem Aswad (via Hacker News):

Spotify paid out $10 billion to the music industry in 2024 — some $1 billion more than last year, the previous record — making its total around $60 billion since it was founded in 2006. The company made the announcement in a blog post Tuesday morning.

[…]

In 2023, the company said it pays out nearly 70% of every dollar it generates from music back to the industry, generating its music revenue from two sources: subscription fees from its Premium platform paying subscribers, and fees from advertisings on music on its Free tier.

Previously:

Tuesday, February 4, 2025

Apple Invites

Apple (MacRumors, Hacker News):

Apple today introduced Apple Invites, a new app for iPhone that helps users create custom invitations to gather friends and family for any occasion. With Apple Invites, users can create and easily share invitations, RSVP, contribute to Shared Albums, and engage with Apple Music playlists. Starting today, users can download Apple Invites from the App Store, or access it on the web through icloud.com/invites. iCloud+ subscribers can create invitations, and anyone can RSVP, regardless of whether they have an Apple Account or Apple device.

[…]

With Apple Intelligence, creating unique event invitations is easy. Users can tap in to the built-in Image Playground experience to produce original images using concepts, descriptions, and people from their photo library.

We’ve been using Paperless Post, which works pretty well, and from that perspective Apple’s solution looks nice but seems rather odd. It doesn’t really handle the most important step of actually inviting people. I expect to be able to enter a bunch of names and addresses, and have my wife do the same, and then when we both think the list is done we press a button and it e-mails everyone.

Apple Invites doesn’t seem to allow for multiple hosts. Is one of us supposed to log into the other’s iCloud account using a private Safari window? More importantly, it doesn’t send a bulk e-mail. Rather, each time you add someone it opens a share sheet so that you can e-mail the person individually. It doesn’t make a pretty e-mail; it just puts a bare link into the body field and you have to fill in everything else—even the subject—separately for each invitee.

There is an option to Send a Note, but this only e-mails the people who have RSVP’d. There is no way to see who has received the e-mail or to remind the ones who haven’t responded. There’s also no way to update the names after the invitation has been sent (e.g. to keep track of who from each party is attending), nor a way to export (or import) the address list data. The invitees can’t see the names of who was invited. And it’s cumbersome to RSVP because you have to type your e-mail address, wait for a confirmation code to be sent, and then type it in (no magic link to click). Or, if there’s an Apple account associated with the e-mail address, you have to log in.

I see the “job to be done” as “help me create and send a nice e-mail and manage the list of people throughout the process.” It feels like Apple thought it was “demo Image Playground and promote Apple’s various services.” It’s also frustrating that Apple is launching another new app that doesn’t have a Mac or iPad version.

John Voorhees:

The app can generate full-screen graphics for invitations to any sort of event. The invitations allow you to mix a combination of photos and AI-generated images that are combined with details about the event and the Memojis of the people you invite. There are multiple font choices, the option to add a playlist from Apple Music, and sections for draft invitations, upcoming events, events you’re hosting, those you’re attending, plus past and upcoming events. Invitees can send notes back to the sender too.

Ben Schoon:

An iPhone user can send you an invitation either via email or through a direct link. On opening the the invite, you’ll be asked to enter an email address and verify that email. You can then enter your RSVP status and see details about the event including (as the event date nears) the weather. There’s also a map location and you can see a list of other attendees.

[…]

Since there’s no Apple Invites app on Android, you’ll instead have the option to download the calendar event file and add it to the calendar app of your choice. This works well enough, but we noticed that the iCloud invites link in the event is entirely generic, where if you save an event to Apple’s Calendar app on iOS, you get a direct link to this specific event. This doesn’t change if you’re signed into an iCloud account.

Another drawback is that you can’t use or even view photos without an iCloud account. Photo sharing is perhaps the biggest draw of Apple Invites over alternatives, so this is a bit of a frustrating hurdle for those who aren’t using an iPhone.

Quinn Nelson:

Apple Invites looks basic but good. The ability to automatically create a shared iCloud Photo Library amongst participants, however, is absolutely MONEY. Great idea.

Steve Troughton-Smith:

I look forward to seeing all the great new APIs available to developers to allow them fairly compete with Apple’s new subscriber-only Invites app, like its seamless shared photo albums feature, just like they’re required to by law here!

Ryan Christoffel:

Invites follows this trend by integrating with features and data from a whopping six other pre-installed Apple apps.

BasicAppleGuy:

Who else here remembers the OG Apple Invites app: Cards...

Previously:

Update (2025-02-10): Rui Carmo:

Instead of improving Shortcuts, making the iPad more useful or de-enshittifying Photos, they devoted (probably heartfelt and well-meaning) engineering resources to this, and, well… Read the room, guys.

Fine, it’s pretty and clever, but after decades in the tech world, one might ponder if customizing invitations really needed another Apple tool. Or any tool at all.

Update (2025-02-14): Adam Engst:

Whenever Apple releases a new app like Clips, Journal, or Freeform that’s unlikely to appeal to most Apple users, I wonder what internal discussions led to its development, especially when it’s entering a crowded space. With the new Apple Invites, the answer is slightly more apparent: to encourage iCloud+ subscriptions to boost Services revenue.

Something only Apple could do…

I’m quite impressed with Apple Invites. I expected it to be a somewhat cheesy app that lacked key features or was difficult to use effectively outside the Apple ecosystem. Instead, Apple appears to have done a solid job of considering what’s necessary for both hosts and guests.

Instapaper 9.1 and Send to Kindle Extension

Instapaper:

On Instapaper iOS and macOS, you can now sign in to websites directly within the app. When you’re logged into sites, Instapaper can more reliably retrieve and display complete articles.

Increasingly, we’re seeing more “hard paywalls” across the Internet, where publishers are preventing third parties from accessing content. Sometimes, this results in Instapaper only receiving part of an article and, other times, Instapaper is completely blocked from accessing any information including basic metadata (i.e. title, author, image thumbnail, etc.).

I don’t really like the idea of logging into sites from within the app, but incomplete imports are a real problem and hopefully this will help. What I’ve been doing lately—for sites that don’t save to Instapaper properly or where I want to read the comments that Instapaper would normally strip out—is use the Send to Kindle browser extension. The downside is that it’s only available for Chrome, but it works really well.

Previously:

Swift Concurrency Glossary

Matt Massicotte:

It would be nice if there was a single place to go to look up all the terms, keywords, and annotations related to Swift concurrency. So here it is.

Each term is linked to the Swift evolution proposal that introduced it, which is usually the most extensive documentation available.

Previously:

Monday, February 3, 2025

AppleCare+ Only As a Subscription

Joe Rossignol:

Starting next week, Apple’s retail stores will no longer offer AppleCare+ plans as a one-time purchase, according to Bloomberg’s Mark Gurman.

Instead, he said the stores will only offer AppleCare+ as a subscription.

It was already available as a subscription, so the main effect of this change seems to be to remove the discount for purchasing multiple years up front.

Previously:

Update (2025-02-10): Adam Chandler:

I thought AppleCare was only changing for retail customers but it appears Apple Store online only offers monthly or annual now when just last week you could pay for 3 years

Wow. So if you click “monthly or annually” it now pops up a box after you click “checkout” given you a 3rd choice of 3 years.

2024 Six Colors Apple Report Card

Jason Snell (complete commentary):

It’s time for our annual look back on Apple’s performance during the past year, as seen through the eyes of writers, editors, developers, podcasters, and other people who spend an awful lot of time thinking about Apple. The whole idea here is to get a broad sense of sentiment—the “vibe in the room”—regarding the past year. (And by looking at previous survey results, we can even see how that sentiment has drifted over the course of an entire decade.)

Here are my responses:

Mac: 3 The M4 Macs have some virtualization, display, and USB issues, but overall the updates seem seem strong. I’m particularly excited about the MacBook Pro’s nanotexture display. The Mac input devices are finally USB-C, but they got the most minimal of updates, not fixing the Magic Mouse’s charging point or modernizing the globe key’s location on the extended keyboard. Unfortunately, the Mac Studio and Mac Pro are still using M2 processors. SSD pricing is still ridiculous, and the software side is still a mess, both in terms of reliability and design. I have not found the Apple Intelligence features very useful. Probably the most exciting things for me in Sequoia are the new Passwords app and the new window management features, though in both cases I prefer third-party solutions.

iPhone: 4 This is one of those years where the new iPhones seem fine, but I feel no urgency to upgrade from the previous model. The most interesting things to me are Photographic Styles and Camera Control. I’m hoping that the former will eventually let me reduce over processing. The latter sounded promising but is now seeming more like the new Touch Bar: over-engineered and less useful than the basic Action button. iOS 18 adds a bunch of useful features.

iPad: 3 This seemed to be the year where a lot of people accepted that the software is what it is. If you love iPadOS, the hardware for running it is now better than ever. If not, no matter how much potential there may be, it’s time to stop waiting for Pro to happen in the way that you want and just use a Mac.

Wearables: 4, Apple Watch: 4, Vision Pro: 1 The AirPods 4 seem good. AirPods Max remains a product in Apple’s lineup. Apple no longer offers software updates for my watch, and I’m waiting for a new Apple Watch SE, which hasn’t been announced yet. Apple Vision Pro is technically impressive, but it increasingly seems like Apple built the wrong thing. Those engineering resources would have been much better spent improving Apple’s other platforms.

Home: 2 My HomePod continues to not work well for Siri or music. This year I dipped my toes into the Matter ecosystem. I was pleased to find that it all “just worked,” though the automation options are a bit limited, and I still don’t like the Home app.

Apple TV: 3 Nothing much happened this year, though I like the new feature of automatically showing subtitles when you rewind a bit. I still don’t like the software or the remote.

Services: 2 iMessage and Siri still work poorly for me. Apple Pay and the rest of iCloud are OK. The other services don’t interest me except in that their existence seems to be warping Apple’s product design decisions.

Hardware Reliability: 4 My most recent hardware has been working well this year. My 2019 Intel MacBook Pro’s internal SSD partially failed. The Mac is out of AppleCare, and the SSD is non-replaceable, so now it can only be used with an external SSD, which is inconvenient for a portable computer and somewhat unreliable (with sleep, etc.). This would be worse with an Apple Silicon–based MacBook Pro because, for security reasons, they no longer support booting from external storage when the internal storage isn’t working. Without being able to replace the SSD, the whole Mac would be dead.

OS Quality: 1, Apple Apps: 3 The software quality slide continues. The same old bugs are still there. Finder views still don’t update or reveal properly, and external drives still don’t mount reliably. macOS Sequoia bought new problems, particularly related to storage. Now, it’s sometimes impossible to unmount drives cleanly. Time Machine deleted lots of my old backups unnecessarily and had trouble completing new backups. Third-party backup utilities are also having trouble, as Sequoia broke ASR’s ability to create bootable backups. Multiple of my Macs now have regular kernel panics, which never happened before. There are a variety of new networking issues. Safari often stops working under heavy load, so, though it’s still my default browser, I’m increasingly incorporating Chrome and Firefox. I wish that, instead of focusing on Apple Intelligence, Apple had focused on improving the quality of the OS and on improving the design of Music and the other media/services apps.

Developer Relations: 2 The same old issues with the App Store, documentation, and bug reporting. Nothing seems to be getting better. This was the second year in a row that Xcode shipped with a showstopper bug for Mac developers. Once again, it was reported during the beta period but there was no urgency to fix it. The Swift toolchain is still crashy and unreliable. Apple continues to write SwiftUI and SwiftData checks that the frameworks can’t cash.

Apple’s Impact in the World: No vote

See also: Nick Heer.

Previously:

Update (2025-02-07): Upgrade (tweet):

We discuss the results of the Six Colors Apple Report Card for 2024 in depth, with our opinions on every category.

See also:

John Gruber (Mastodon, Bluesky):

If “Siri/Apple Intelligence” were a category for this report card, I’d have graded it a D — and much closer to an F than a C. Longstanding Siri features have not only not gotten better, they’ve seemingly gotten worse. Apple is simply not a relevant player in the explosively popular LLM game. The features under the “Apple Intelligence” umbrella mostly feel like Apple shipped them a full year ahead of readiness simply because the rest of the industry — and Wall Street — is way ahead of them, and they felt the need to ship what they had, ready or not. There are a lot of obviously useful potential AI-powered features — ones that integrate between apps, and/or use your personal data on-device — that, thanks to the tightly restricted sandboxing system Apple itself designed for iOS, only Apple itself can provide via AI. It doesn’t matter that Apple doesn’t offer, say, its own web search engine, because Safari can use whatever search engine you want. It does matter that Siri sucks because only Siri can tightly integrate at the system level with your device, and with your private cross-application data.

[…]

Apple’s goal should be for developer relations to be so good that developers look for excuses to create software exclusively for Apple’s platforms. The opposite is happening.

Riccardo Mori:

Here’s my 2024 Apple Report Card. I won’t abuse your time.

Mac hardware: A+
iPhone hardware: A
Services: B (mostly thanks to some good AppleTV+ shows).
The rest: from C to worse.

Dishonourable mention: Software, UI, and UX.

See also: Adam Engst.

Previously:

Swift Build

Owen Voorhees (tweet, Hacker News):

As a foundational step in this new chapter of Swift build technologies, today Apple is open sourcing Swift Build, a powerful and extensible build engine that provides a set of build rules for building Swift projects. Swift Build is the engine used by Xcode, which supports millions of apps in the App Store as well as the internal build process for Apple’s own operating systems. The open source repository also includes support for targeting Linux and Windows.

[…]

Swift Build is an infrastructural component designed to plan and execute builds requested by a higher-level client like Swift Package Manager or Xcode. It builds on top of the existing llbuild project to add capabilities including:

  • Robust integration with the Swift compiler to reliably and efficiently coordinate the build of Swift projects
  • Support for a wide variety of product types including libraries, command line tools, and GUI applications with advanced build configuration options
  • Build graph optimizations that maximize parallelism when building Swift and C code

I suspect this is the component responsible for one of my main frustrations with Swift: spurious compilation errors (or sometimes crashes at runtime) unless I clean the build folder, because it doesn’t correctly figure out which files need to be recompiled after certain changes.

Saagar Jha:

Swift Build being open sourced is a really huge deal. This should remove barriers for teams that are running into Xcode build performance or correctness limitations because they can now debug, profile, and most importantly fix the issues themselves.

Tony Arnold:

I am unbelievably happy to see Apple open source the Xcode build system — I have checked out the project, explored the tests, and am looking at starter issues alongside a relaxing cup of tea.

What to Do When macOS Won’t Let You Unmount a Volume

Howard Oakley:

When all else fails, the next step is to identify what’s using files on that volume or disk, so you can decide whether to force quit that process in Activity Monitor. Don’t do that blindly, as you could end up killing processes that your Mac does need to run.

[…]

If you’d rather use an app, then my personal favourite is Sloth from here. Although it’s not notarized, it does everything that I’d want in terms of matching lsof or fuser’s features. Most importantly, if you click its padlock at the lower right and authenticate, it will show all processes running as root.

I like Sloth, but it’s annoying to have to authenticate each time I use it. There’s a preference to have it prompt at launch so that at least you don’t have to click the little padlock icon each time (or forget to click it and get incorrect results).

In practice, I almost never had problems with volumes that wouldn’t eject before Sequoia, and now it happens multiple times per day. The culprits are always mds (Spotlight) and revisionsd (file versioning) so there seems to be nothing to do except Force Eject.

See also: TidBITS-Talk.

Previously:

Friday, January 31, 2025

Apple’s Q1 2025 Results

Apple (transcript, Hacker News, MacRumors):

The Company posted quarterly revenue of $124.3 billion, up 4 percent year over year, and quarterly diluted earnings per share of $2.40, up 10 percent year over year.

Apples gross margin is up to 46.9 percent, not a surprise if you’ve seen what they charge for storage and RAM these days.

Jason Snell:

Probably most notable is that iPhone revenue was down 1% from the year-ago quarter, which will certainly upset some analysts and investors, given that the iPhone is more than half of Apple’s total revenue. But the Mac jumped 16%, the iPad was up 15%, and services was up 14%. The recently sluggish Wearables, Home, and Accessories category was down 2%.

Michael E. Cohen and Adam Engst:

The big winner in the category revenue race was Services, which brought in a record $26.3 billion, up $3.2 billion from last year. Consequently, Services grew to account for 21% of Apple’s overall revenues, while an iPad rebound boosted its share to 7%, and Macs remained steady at 7%.

John Voorhees:

Going into today’s earnings call, Apple’s stock was downgraded by multiple analysts. Factors cited in the downgrades included weak sales in China, an expectation that Apple wouldn’t meet earnings expectations, and the the lack of any boost in iPhone sales from Apple Intelligence.

wronglebowski (BasicAppleGuy):

Apple has a reserved billboard right across the street from my apartment. Every time it changes I notice, Privacy ad, Sexy product photos, Shot on IPhone ads. Guess what it is now? AI Emoji, a hot dog holding a briefcase.

Tim Cook:

And I think I know from my own personal experience, once you start using the features you can’t imagine not using them anymore. […] I know I get hundreds of emails a day, and the summarization function is so important.

John Gruber:

Apple’s overall sales in China have been trending down for 3 years now. It looks to me like Apple might have peaked there around 2021 or 2022.

Jeff Johnson:

Looking at the 4-quarter moving averages for iPad, iPhone, Mac, and wearables, hardware revenue looks pretty flat over the past 3 years. So-called “services” are the only thing that hasn’t peaked already.

Previously:

Preventing a Mac Laptop From Turning on When Opening Its Lid

Apple (via MacRumors):

A Mac laptop with Apple silicon automatically turns on and starts up when you open its lid or connect it to power. With macOS Sequoia 15 or later, you can change this behavior without affecting your ability to use your keyboard or trackpad to turn on your Mac.

[…]

  • To prevent startup when opening the lid or connecting to power: sudo nvram BootPreference=%00

  • To prevent startup only when opening the lid: sudo nvram BootPreference=%01

  • To prevent startup only when connecting to power: sudo nvram BootPreference=%02

This makes it possible to clean the keyboard with the Mac off and to prevent battery drain due to Power Nap by keeping it off instead of asleep. You can still power on the Mac by pressing the power/Touch ID key.

Dave Mark:

Interesting that this requires the Terminal, no setting to change this behavior. Plenty of other examples of this, but not used to seeing an official support document that sends you to Terminal as only path.

Previously:

Update (2025-01-31): Zsolt Benke notes that this doesn’t allow cleaning the keyboard because pressing a key will still start up the Mac. However, you can temporarily disable this:

  • Press and hold the left Control and Command buttons with right Shift button for a total of 7 seconds.
  • Without releasing them, press the Power button and hold together for an additional 7 seconds until your laptop shuts down. The login screen may flash for a second so don’t prematurely release the keys until the machine is off.
  • For your next startup, your Mac can only be powered on by using the Power button or closing and opening the lid.

This worked for me, but only if I didn’t close the lid before pressing a key.

Update (2025-02-07): Jeff Nouwen:

In my case I wanted to stop the constant waking from spinning my DAS up and down all the time, but this worked for me both with a 2020 Intel iMac and now with my M2 Studio: disable CoreSmartPowerNap.

Oh, and the other piece of the puzzle is to clear and then block the OS from scheduling anything ELSE from waking the machine (calendar time-to-leave reminders, etc.).

Howard Oakley:

Auto boot only determines start up behaviour on opening the lid or connecting power. When the lid is open, pressing any key or using the touchpad will still cause the Mac to start up, so limiting use for cleaning its keys or touchpad. Apple recommends using compressed air, which shouldn’t start the Mac up, but if you prefer to use a dry cloth or isopropyl alcohol on a cloth (but never a water-based cleaner), then you may find it helpful to use KeyboardCleanTool to block key entry during cleaning.

Whatever you do, don’t let any water=based liquid near your Mac’s keyboard or other areas that could allow its ingress. Even small amounts of water can cause serious damage that can require expensive repairs. Like all laptops, MacBook Air and Pro models contain multiple water sensors, making that damage easy to detect.

A Few Words About Indie App Business

Charlie Monroe:

The first few apps I released had almost no downloads, no users and there was no income from them. They are long forgotten by the world and even by me. Be prepared to have some setbacks, don’t let them discourage you. Start small and build up. Have an idea for an app? Don’t spend a year developing something that might be a flop in the end. Develop the main idea and let it grow based on feedback and some roadmap.

However, don’t “underdevelop” either. The app must not crash, it mustn’t be buggy, it mustn’t feel like half-done and unfinished. It needs to be working, though some features may be missing. It’s always nice for the customer to get updates that improve things, add new things and the app gradually gets better and better. When users see this, they talk, they recommend the app and you start growing.

[…]

I work 365 days a year. Last year, I worked 366 days (2024 was leap year). I’m not saying that I work 8 hours each day, but even during weekends, holidays, vacation, I need to tend to support emails in the morning for an hour or so and then once more in the afternoon or evening. I cannot just take off and leave for a few days without seeing the consequences and going insane when I get back.

[…]

The unfortunate thing about this is that going through the support emails in my case is something that takes about 2-3 hours a day – which is not enough to hire someone and train them. Not to mention that most of the reports actually need some technical knowledge. So unless I would hire another developer, in the end, the really administrative stuff that someone could do instead of me is a 30-minute-a-day job.

Previously:

Thursday, January 30, 2025

SLAP and FLOP Side-Channel Attacks

Jason Kim et al. (Hacker News, MacRumors, Slashdot):

We present SLAP, a new speculative execution attack that arises from optimizing data dependencies, as opposed to control flow dependencies. More specifically, we show that Apple CPUs starting with the M2/A15 are equipped with a Load Address Predictor (LAP), which improves performance by guessing the next memory address the CPU will retrieve data from based on prior memory access patterns.

However, if the LAP guesses wrong, it causes the CPU to perform arbitrary computations on out-of-bounds data, which should never have been accessed to begin with, under speculative execution. Building on this observation, we demonstrate the real-world security risks of the LAP via an end-to-end attack on the Safari web browser where an unprivileged remote adversary can recover email content and browsing behavior.

[…]

We present FLOP, another speculative execution attack that results from recent Apple CPUs predicting the outcome of data dependencies. Here, we demonstrate that Apple's M3/A17 generation and newer CPUs are equipped with a Load Value Predictor (LVP). The LVP improves performance on data dependencies by guessing the data value that will be returned by the memory subsystem on the next access by the CPU core, before the value is actually available.

If the LVP guesses wrong, the CPU can perform arbitrary computations on incorrect data under speculative execution. This can cause critical checks in program logic for memory safety to be bypassed, opening attack surfaces for leaking secrets stored in memory. We demonstrate the LVP's dangers by orchestrating these attacks on both the Safari and Chrome web browsers in the form of arbitrary memory read primitives, recovering location history, calendar events, and credit card information.

omcnoe:

Their SLAP demo provides a great example of how defence-in-depth can make/break the viability of an exploit. That terrifying Safari demo is possible because Safari fails to isolate new windows in individual processes when calling window.open in js.

All the other side channel magic presented here doesn’t matter if the data you want to read is in a seperate process with sufficient separation from the “hostile” process in the address space.

MikeHolman:

I worked on a browser team when Spectre/Meltdown came out, and I can tell you that a big reason why Firefox and Chrome do such severe process isolation is exactly because these speculative attacks are almost impossible to entirely prevent. There were a number of other mitigations including hardening code emitted from C++ compilers and JS JITs, as well as attempts to limit high precision timers, but the browser vendors largely agreed that the only strong defense was complete process isolation.

Of course, third-party iOS browsers are not allowed to innovate on security, except possibly in the EU.

Bill Toulas:

Apple acknowledged the shared proof-of-concept and stated it plans to address the issues. However, at the time of writing, the flaws remain unmitigated.

Previously:

Update (2025-01-31): Hector Martin (via Robin Kunde):

DIT fixes FLOP, and SSBS fixes SLAP. Those are documented, architecturally defined mechanisms to control this behavior. No chicken bits needed.

The CPUs are working as intended. Browsers just need to get their head out of the sand and flip those bits when running untrusted JS.

Gulf of America

Todd Haselton (Hacker News):

Google said today that it plans to update Google Maps to reflect President Trump’s January 20th executive order to change the names of the Gulf of Mexico and Denali to the Gulf of America and Mount McKinley, respectively.

Eric Berger:

The order declared that, within 30 days, the Secretary of the Interior should take all appropriate actions to change the names of the prominent body of water and mountain. To do this, the database of name and location information published by the US Geological Survey, the Geographic Names Information System, should be updated accordingly. These files are revised on a bi-monthly basis.

“When that happens, we will update Google Maps in the US quickly to show Mount McKinley and Gulf of America,” the company said Monday.

Wesley Hilliard:

Apple has remained silent about the issue, but a change has been made, even if it is a small one. If users navigate to the Gulf of Mexico, it still shows the 400-year-old name plain as day.

However, if a user searches “Gulf of America,” the text over the Gulf changes to reflect the search result, but the information sheet shows data and photos about the Gulf of Mexico.

[…]

Google will change the name for United States users to Gulf of America. Users outside of the United States will see both names with one in parentheses, while people in Mexico will see only Gulf of Mexico.

Nick Heer:

However, it is pretty rich to think of Google as particularly concerned about the accuracy of names on its maps. It routinely invents names of neighbourhoods.

John Gruber:

Re-renaming Denali back to Mount McKinley seems like a no-brainer for the maps to comply with. A country names its own mountains. If Obama could rename it, Trump can re-rename it.

The Gulf of Mexico, though, is an international body of water, and its name wasn’t even debated until Trump started talking about it a few weeks ago. Google (and perhaps Apple) having a policy where they simply follow the naming conventions of the GNIS seems not merely sensible but utterly uncontroversial ... until now.

Adam Chandler:

In GIS, there are Places (POIs) and there are names but there are also historical names and local names. A lot of whatever streets in tiny towns around the world have dozens of alt names. As long as some news paper or town or historian called it that at some point in history, mapping companies capture it and store it under the place ID.

[…]

Until the next administration rescinds the Executive Order, it’s not unusual for an American company to comply with a place name change but that name may only display in certain geographies and the old name will still work.

John Gruber:

These are mapping and metadata nerds approaching the dilemma in the very nerdiest of ways. I found it rather soothing, and also quite informative — particularly the posts from Minh Nguyễn, who seems to be an OpenStreetMap super user.

Previously:

Update (2025-02-12): Ryan Christoffel:

Yesterday, Google Maps updated the Gulf of Mexico’s name for US users to read ‘Gulf of America’ instead.

[…]

Apple Maps has now been updated for US users to reflect the change.

While currently, the actual map still reads Gulf of Mexico, if you tap to view location details, the app now shows ‘Gulf of America’ as the name instead.

The revised name only applies within the US for now, but Apple told Mark Gurman at Bloomberg it “would soon roll out the shift for all users globally.”

See also: USGS.

Repeating Calculator Operations

Juli Clover:

When you tap the equals sign twice, the app will now repeat the last mathematical operation.

[…]

Repeating operations were an option in the Calculator app prior to iOS 18, but iOS 18 removed the functionality.

I wonder what the story is here. This has been a standard feature of every physical calculator that I can remember. It’s not in System 1 or even System 7, though. Was it added with Mac OS X 10.0?

Previously:

Wednesday, January 29, 2025

Malimite 1.1

Laurie Wired (tweet, Hacker News):

Malimite is an iOS and macOS decompiler designed to help researchers analyze and decode IPA files and Application Bundles.

Built on top of Ghidra decompilation to offer direct support for Swift, Objective-C, and Apple resources.

Previously:

Google Open Sources PebbleOS

Matthieu Jeanson et al.:

We are excited to announce that the source code that powered Pebble smartwatches is now available for download.

This is part of an effort from Google to help and support the volunteers who have come together to maintain functionality for Pebble watches after the original company ceased operations in 2016.

[…]

In 2016, Fitbit acquired Pebble, including Pebble’s intellectual property. Later on, Fitbit itself was acquired by Google, taking the Pebble OS with it.

[…]

This repository contains the entire OS, which provides all the standard smartwatch functionality – notifications, media controls, fitness tracking, and support for custom apps and watchfaces – on tiny ARM Cortex-M microcontrollers. Built with FreeRTOS, it contains multiple modules for memory management, graphics, and timekeeping, as well as an extensive framework to load and run custom applications written in C, as well as in Javascript via the Jerryscript Javascript engine. The Pebble architecture allowed for a lightweight system delivering a rich user experience as well as a very long battery life.

Brad Murray:

We were an awesome, inexperienced, but determined and optimistic team of software developers that made this happen. This photo was from our firmware offsite in early 2016, and there’s just so much talent here.

[…]

The solution? Purposefully clock the RTC 1024x faster than real time, so every second on the RTC (which was broken into hour, minute and second fields) was actually only 1/1024th of a second. Call these “ticks” and you’ve made a high resolution clock that worked in stop mode.

[…]

This required some other hacks to handle “rollovers” because you could lose track of the real time with your RTC running so quickly, but it worked and a going into stop mode for fractions of a second with accurate timing saved a ton of battery life.

Eric Migicovsky (via Hacker News):

You’d imagine that smartwatches have evolved considerably since 2012. I’ve tried every single smart watch out there, but none do it for me. No one makes a smartwatch with the core set of features I want:

  • Always-on e-paper screen (it’s reflective rather than emissive. Sunlight readable. Glanceable. Not distracting to others like a bright wrist)
  • Long battery life (one less thing to charge. It’s annoying to need extra cables when traveling)
  • Simple and beautiful user experience around a core set of features I use regularly (telling time, notifications, music control, alarms, weather, calendar, sleep/step tracking)
  • Buttons! (to play/pause/skip music on my phone without looking at the screen)
  • Hackable (apparently you can’t even write your own watchfaces for Apple Watch? That is wild. There were >16k watchfaces on the Pebble appstore!)

[…]

I had really, really, really hoped that someone else would come along and build a Pebble replacement. But no one has. So… a small team and I are diving back into the world of hardware to bring Pebble back!

Previously:

Update (2025-01-30): John Gruber:

If their goal is to be to smartwatches what Playdate is to handheld gaming, that’s definitely achievable, and if they succeed, will by definition be a lot of fun.

The whole tech world needs more projects that aren’t trying to become billion- (let alone trillion-) dollar ideas, but are happily shooting for success as million-dollar ideas (or less!).

Releasing Core Intuition

Core Intuition (Mastodon):

This is the final episode of our podcast. Thank you so much to everyone who has listened and supported us over the years! We’ve loved doing the show.

Thanks and congratulations on 16 years of podcasting. Perhaps this will lead to more time for blogging.

See also: Isaiah Carew.

Tuesday, January 28, 2025

DeepSeek

Wikipedia:

DeepSeek is the name given to open-source large language models (LLM) developed by Chinese artificial intelligence company Hangzhou DeepSeek Artificial Intelligence Co., Ltd. The company, based in Hangzhou, Zhejiang, is owned and solely funded by Chinese hedge fund High-Flyer, whose co-founder, Liang Wenfeng, established the company in 2023 and serves as its CEO.

DeepSeek performs tasks at the same level as ChatGPT, despite being developed at a significantly lower cost, stated at US$6 million, against $100m for OpenAI’s GPT-4 in 2023, and requiring a tenth of the computing power of a comparable LLM. The AI model was developed by DeepSeek amidst U.S. sanctions on China for Nvidia chips, which were intended to restrict the country’s ability to develop advanced AI systems.

DeepSeek-AI (PDF, via Hacker News):

We introduce our first-generation reasoning models, DeepSeek-R1-Zero and DeepSeek-R1. DeepSeek-R1-Zero, a model trained via large-scale reinforcement learning (RL) without supervised fine-tuning (SFT) as a preliminary step, demonstrates remarkable reasoning capabilities. Through RL, DeepSeek-R1-Zero naturally emerges with numerous powerful and intriguing reasoning behaviors. However, it encounters challenges such as poor readability, and language mixing. To address these issues and further enhance reasoning performance, we introduce DeepSeek-R1, which incorporates multi-stage training and cold-start data before RL. DeepSeek-R1 achieves performance comparable to OpenAI-o1-1217 on reasoning tasks.

Dare Obasanjo (MacRumors, John Voorhees):

DeepSeek is now in the top 3 apps in the App Store.

There is a saying that necessity is the mother of invention. The Biden chip bans have forced Chinese companies to innovate on efficiency and we now have DeepSeek’s AI model trained for millions competing with OpenAI’s which cost hundreds of millions to train.

This is now mirroring the classic asymmetric competition between Open Source and proprietary software. There is no moat as that famous Google memo stated.

M.G. Siegler:

That message lacked a key framing though: that these charts aren’t just based on pure downloads and instead are algorithmically constructed. No one outside of Apple and Google knows the exact equations that flavor the ranking, but at a high level, it seems pretty clear that download rate acceleration is a key factor versus sheer volume. That is to say, an app can chart by having a bunch of people suddenly start to download it, even if more people overall are downloading an older app.

[…]

But it is still interesting because again, the mainstays have in recent years dominated these charts. Sure, new entrants would rise (and fall) from time-to-time but it was almost always some order of: Facebook, Instagram, WhatsApp, Threads, TikTok, CapCut, YouTube, Gmail, Google Maps, etc. Right now, there is only a single app from Meta (Threads) and one from Google (Google) in the top 10.

John Gruber:

Secondarily, and perhaps counterintuitively, it showcases Apple’s strength in AI. Sure, Apple’s own Apple Intelligence is years behind and pretty embarrassing right now, even with its much ballyhooed partnership with ChatGPT. But the iPhone is where people actually use AI and the App Store is how they get the apps they use. To borrow Ben Thompson’s framing, the hype over DeepSeek taking the top spot in the App Store reinforces Apple’s role as an aggregator of AI. The measuring stick for consumer AI products and social media networks is where they’re listed on the App Store.

[…]

But the iPhone is the place where social media networks are used and ranked. The App Store today is like the cable company of yore. It didn’t matter if Comcast’s own channels were the most popular — so long as everyone was watching channels through TVs connected to Comcast TV service, Comcast was getting their cut.

It’s certainly a strong position to control the iOS platform, but I doubt that Apple wants to be thought of as a Comcast, and it’s unclear whether people will continue to go to iOS apps for their AI needs when the App Store limits what they can do.

Reuters:

Chinese startup DeepSeek said on Monday it is temporarily limiting registrations due to a large-scale malicious attack on its services.

Fatbobman:

Based on personal experience, DeepSeek’s V3 and R1 are more than sufficient to meet the needs of most scenarios. Surprisingly, the training cost is merely a few million dollars—a figure that has sparked widespread industry attention and skepticism. Some practitioners even regard this claim as “cognitive warfare”, finding it hard to believe. However, its API pricing, which is just a fraction of mainstream models, strongly validates its training efficiency. What’s even more admirable is that DeepSeek has open-sourced its training methods and inference mechanisms. This move is likely to catalyze the emergence of more low-cost, high-quality AI models, providing users with affordable and excellent AI services.

However, whether DeepSeek’s success will prompt industry giants to adjust their model development strategies remains a profound question. Since OpenAI demonstrated the potential of large language models (LLMs) through a “more is more” approach, the AI industry has almost universally adopted the creed of “resources above all.” Capital, computational power, and top-tier talent have become the ultimate keys to success. Today, the AI industry has evolved into a capital-driven frenzy. Regardless of a product’s profitability, simply announcing the purchase of large quantities of GPUs can significantly boost a company’s stock price. In an environment focused on “faster and bigger,” most practitioners have been swept away by this trend.

M.G. Siegler:

Because the entire US stock market has been boosted on the back of Big Tech over the past few years. And more recently, many of those stocks have been boosted on the promise of AI. And that has led investors to largely turn a blind eye to the immense spend needed to built out that AI.

[…]

Yes, this is another way to describe a bubble. But it’s not necessarily a bad thing, it’s far more of a natural thing if you understand the underlying incentives. And if you believe that AI is the most transformational technology to come about in some time – some might say, ever – it just accelerates and expands everything in the cycle. As does the fact that again, Big Tech companies are now the largest and most well capitalized in the world. Hammer has met nail.

[…]

Wall Street is now worried that may be the case. I mean, how can a small Chinese startup, born out of a hedge fund, spend fractions in terms of both compute and cost and get similar results to Big Tech?

Jeffrey Emanuel (via Hacker News):

Some of the largest and most profitable companies in the world, like Microsoft, Apple, Amazon, Meta, Google, Oracle, etc., have all decided that they must do and spend whatever it takes to stay competitive in this space because they simply cannot afford to be left behind. The amount of capex dollars, gigawatts of electricity used, square footage of new-build data centers, and, of course, the number of GPUs, has absolutely exploded and seems to show no sign of slowing down. And Nvidia is able to earn insanely high 90%+ gross margins on the most high-end, datacenter oriented products.

[…]

This represents a true sea change in how inference compute works: now, the more tokens you use for this internal chain of thought process, the better the quality of the final output you can provide the user. In effect, it’s like giving a human worker more time and resources to accomplish a task, so they can double and triple check their work, do the same basic task in multiple different ways and verify that they come out the same way; take the result they came up with and “plug it in” to the formula to check that it actually does solve the equation, etc.

[…]

Besides software superiority, the other major thing that Nvidia has going for it is what is known as interconnect— essentially, the bandwidth that connects together thousands of GPUs together efficiently so they can be jointly harnessed to train today’s leading-edge foundational models. In short, the key to efficient training is to keep all the GPUs as fully utilized as possible all the time— not waiting around idling until they receive the next chunk of data they need to compute the next step of the training process.

[…]

Who knows if any of that is really true or if they are merely some kind of front for the CCP or the Chinese military. But the fact remains that they have released two incredibly detailed technical reports, for DeepSeek-V3 and DeepSeekR1.

[…]

Perhaps most devastating is DeepSeek’s recent efficiency breakthrough, achieving comparable model performance at approximately 1/45th the compute cost. This suggests the entire industry has been massively over-provisioning compute resources. Combined with the emergence of more efficient inference architectures through chain-of-thought models, the aggregate demand for compute could be significantly lower than current projections assume. The economics here are compelling: when DeepSeek can match GPT-4 level performance while charging 95% less for API calls, it suggests either NVIDIA’s customers are burning cash unnecessarily or margins must come down dramatically.

Carmen Reinicke (via Hacker News, John Gruber):

Nvidia shares tumbled 17% Monday, the biggest drop since March 2020, erasing $589 billion from the company’s market capitalization. That eclipsed the previous record — a 9% drop in September that wiped out about $279 billion in value — and was the biggest in US stock-market history.

FT:

Venture capital investor Marc Andreessen called the new Chinese model “AI’s Sputnik moment”, drawing a comparison with the way the Soviet Union shocked the US by putting the first satellite into orbit.

Duncan Davidson:

Deepseek was inevitable. With the big scale solutions costing so much capital smart people were forced to develop alternative strategies for developing large language models that can potentially compete with the current state of the art frontier models.

wordgrammer:

Q: How did DeepSeek get around export restrictions?

A: They didn’t. They just tinkered around with their chips to make sure they handled memory as efficiently as possibly. They lucked out, and their perfectly optimized low-level code wasn’t actually held back by chip capacity.

[…]

They used the formulas below to “predict” which tokens the model would activate. Then, they only trained these tokens. They need 95% fewer GPUs than Meta because for each token, they only trained 5% of their parameters.

[…]

Also, export restrictions didn’t harm them as much as we thought they did. That’s probably because our export restrictions were really shitty. The H800s are only worse than the H100s when it comes to chip-to-chip bandwidth.

“Is the US losing the war in AI??” I don’t think so. DeepSeek had a few big breakthroughs, we have had hundreds of small breakthroughs. If we adopt DeepSeek’s architecture, our models will be better. Because we have more compute and more data.

Alexander Doria:

I feel this should be a much bigger story: DeepSeek has trained on Nvidia H800 but is running inference on the new home Chinese chips made by Huawei, the 910C.

Thomas Claburn:

A reader provided The Register with a screenshot of how R1 answered the prompt, “Are you able to escape your guidelines?”

The model’s initial response, after a five second delay, was, “Okay, thanks for asking if I can escape my guidelines. Hmm, I need to be careful here. My guidelines are set by OpenAI, so technically I can’t just ignore them.”

[…]

Dongbo Wang, a Microsoft principal software engineer, offered a possible explanation in the discussion thread: “To folks who landed on this issue, this is likely because DeepSeek V3 was trained with data from GPT-4 output, which seems to be pretty common in the training of many LLMs.”

James Thomson:

Tried out the new and popular “Deepseek” LLM with my standard “tell me facts about the author of PCalc” query. At least half were misleading or straight up hallucinations. LLMs are not a suitable technology for looking up facts, and anybody who tells you otherwise is… probably trying to sell you a LLM.

I then asked for a list of ten Easter eggs in the app, and every single one was a hallucination, bar the Konami code, which I did actually do.

Natasha Murashev:

Although DeepSeek R1 is open source and available on HuggingFace, at 685 billion parameters, it requires more than 400GB of storage!! So the answer is no, you cannot run it locally on your MacBook. Note that there are other smaller (distilled) DeepSeek models that you will find on Ollama, for example, which are only 4.5GB, and could be run locally, but these are NOT the same ones as the main 685B parameter model which is comparable to OpenAI’s o1 model.

[…]

The two services that are currently hosting the full 685B parameter model are Together.ai and Fireworks.ai - both US-based companies.

[…]

Once you have the project set up, with the AIProxySwift library installed and your partialKey and serviceURL, simply follow the AIProxy TogetherAI Swift examples. The Deepseek R1 model is “deepseek-ai/DeepSeek-R1”.

Dare Obasanjo:

DeepSeek just released a new multi-modal open-source AI model, Janus-Pro-7B. It’s a text-to-image generator which it claims beats OpenAI’s DALL-E 3 and Stable Diffusion on benchmarks.

Since it’s licensed under the MIT license, it can be used in commercial applications without restrictions.

See also: Ben Thompson, Rui Carmo, Dithering.

Previously:

Update (2025-01-30): promptfoo (via Hacker News):

As a Chinese company, DeepSeek is beholden to CCP policy. This is reflected even in the open-source model, prompting concerns about censorship and other influence.

Today we’re publishing a dataset of prompts covering sensitive topics that are likely to be censored by the CCP. These topics include perennial issues like Taiwanese independence, historical narratives around the Cultural Revolution, and questions about Xi Jinping.

Dina Bass and Shirin Ghaffary (via Hacker News):

Microsoft Corp. and OpenAI are investigating whether data output from OpenAI’s technology was obtained in an unauthorized manner by a group linked to Chinese artificial intelligence startup DeepSeek, according to people familiar with the matter.

Microsoft’s security researchers in the fall observed individuals they believe may be linked to DeepSeek exfiltrating a large amount of data using the OpenAI application programming interface, or API, said the people, who asked not to be identified because the matter is confidential.

See also: Ed Zitron (via Hacker News).

Siri Super Bowl Regression

Paul Kafasis (MacRumors, TidBITS):

With the absolute most charitable interpretation, Siri correctly provided the winner of just 20 of the 58 Super Bowls that have been played. That’s an absolutely abysmal 34% completion percentage.

[…]

At its worst, it got an amazing 15 in a row wrong (Super Bowls XVII through XXXII). Most amusingly, it credited the Philadelphia Eagles with an astonishing 33 Super Bowl wins they haven’t earned, to go with the one 1 they have.

[…]

Inexplicably, for this one lone Super Bowl, Siri offered to search the web or use ChatGPT.

John Gruber (Mastodon, Bluesky, Hacker News):

Other answer engines handle the same questions with aplomb. I haven’t run a comprehensive test from Super Bowls 1 through 60 because I’m lazy, but a spot-check of a few random numbers in that range indicates that every other ask-a-question-get-an-answer agent I personally use gets them all correct. I tried ChatGPT, Kagi, DuckDuckGo, and Google. Those four all even fare well on the arguably trick questions regarding the winners of Super Bowls 59 and 60, which haven’t yet been played.

[…]

New Siri — powered by Apple Intelligence™ with ChatGPT integration enabled — gets the answer completely but plausibly wrong, which is the worst way to get it wrong. It’s also inconsistently wrong — I tried the same question four times, and got a different answer, all of them wrong, each time. It’s a complete failure.

[…]

What makes Siri’s ineptitude baffling is that ChatGPT is Siri’s much-heralded partner for providing “world knowledge” answers. Siri with Apple Intelligence is so bad that it gets the answer to this question wrong even with the ostensible help of ChatGPT, which when used directly gets it perfectly right. And Siri-with-ChatGPT seemingly gets it wrong in a completely different way, citing different winners and losers (all wrong) each time.

[…]

But it’s even worse than that, because old Siri, without Apple Intelligence, at least recognizes that Siri itself doesn’t know the answer and provides a genuinely helpful response by providing a list of links to the web, all of which contain accurate information pertaining to the question. Siri with Apple Intelligence, with ChatGPT integration enabled, is a massive regression.

The regression is notable, though I still care far more about Siri’s failures in responding to basic commands—music and audio control, creating reminders, manipulating timers—than about its lack of world knowledge.

Kyle Howells:

It’s also funny that Siri gives a warning about checking ChatGPT’s answers for mistakes, when it falls back to asking ChatGPT.

Because looking at the results: Siri is WAY worse than ChatGPT.

Kyle Howells:

For comparison this is where Samsung and Google are now, in a released product.

Ryan Jones:

[John Giannandrea] Scorecard: Hired in 2018 to be the head of AI + ML + Siri.

AI = F. Entirely missed this decade’s innovation.

Siri = F. Has gotten WORSE. All search, including Spotlight is further behind.

ML = B. Autocorrect was trash for 2 years. Photos search is on par. Music ML is total trash. Camera ML is on par. Siri suggests are unused. Photo Clean Up is industry-leading. Maps routing is on par.

M.G. Siegler:

The headline, of course, is meant to be provocative. But I’m also not sure it’s in Betteridge’s Law territory. Because I’m not sure that Apple shouldn’t consider outsourcing their AI layer on the assistant front to a third-party, at least temporarily while Siri is brought up to speed.

golly_ned:

I worked, fortunately briefly, in Apple’s AI/ML organization.

It was difficult to believe the overhead, inefficiency, and cruft. Status updates in a wiki page tens of thousands of words long in tables too large and ill-formatted for anyone to possibly glean. Several teams clamboring to work on the latest hot topic for that year’s WWDC — in my year it was “privacy-preserving ML”. At least four of five teams that I knew of.

They have too much money and don’t want to do layoffs because they’re afraid of leaks, so they just keep people around forever doing next to nothing, since it’s their brand and high-margin hardware that drives the business. It was baked into the Apple culture to “go with the flow”, a refrain I heard many times, which I understood to mean stand-by and pretend to be busy while layers of bureaucracy obscure the fact that a solid half of the engineers could vanish to very little detriment.

Mark Gurman:

Apple Inc. executive Kim Vorrath, a company veteran known for fixing troubled products and bringing major projects to market, has a new job: whipping artificial intelligence and Siri into shape.

Via John Gruber:

My sense is that it’s less about Siri and Apple Intelligence being more important than VisionOS, and more about Siri being a mess. More about urgency than importance. But perhaps it’s both more urgent and more important long-term. Either way, assigning Vorrath — perhaps Apple’s best fixer, and without question one of Apple’s best fixers — makes sense.

Previously:

iPad at 15

Hartley Charlton:

Apple CEO Steve Jobs announced the original iPad 15 years ago today, marking one and a half decades of the company’s “revolutionary” tablet.

Federico Viticci:

A decade of my iPad coverage, collected in a single, recently updated page.

Peter Steinberger:

Confession: I use my Samsung Galaxy Tab S10 way more than my iPad. Unless iOS, it’s not crippled by software. Chrome works like on desktop, split screen works much better and some of the AI features actually make sense.

Om Malik:

The confusion over the device is not limited to reviewers or buyers but extends to Apple itself, which hasn’t really been able to give it the direction it deserves. Had Steve Jobs not died, the iPad likely would have received more focus, attention, and appreciation.

Over the years, it’s fair to say the iPad has suffered from a subpar operating system experience. There has been a distinct lack of popular and hit applications. Still, one can’t ignore the amazing hardware and its true capabilities. If only there were more interesting apps — not games — that tapped into what Apple packs into it.

[…]

Still, there is no denying that for children and elders, the iPad is a perfect computer.

See also: BasicAppleGuy.

Previously:

Update (2025-01-30): Rui Carmo (via Tomas Kafka):

This is a follow-up to a couple of previous ramblings (last week and before) about the iPad and its limitations, and is a list of things that I would love to have on an iPad, but that Apple still doesn’t really want us to in 2024, fourteen years since the iPad’s debut.

[…]

Instead of any of these, last WWDC we got ChatGPT and… a calculator.

Previously:

GRDB 7

Gwendal Roué:

GRDB 7 is out, a joint effort by ten contributors! The new version blends as well with Swift 6 concurrency as you need it, and is ready to follow you for the years to come.

Did you know 2025 marks GRDB’s tenth anniversary?

Swift Concurrency and GRDB:

The following sections describe, with more details, how GRDB interacts with Swift Concurrency.

Previously:

Monday, January 27, 2025

Apple Intelligence Enabled Automatically

Juli Clover:

When installing macOS Sequoia 15.3, iOS 18.3, or iPadOS 18.3, Apple Intelligence will be turned on automatically on compatible devices[…] With macOS Sequoia 15.1, macOS Sequoia 15.2, iOS 18.1, and iOS 18.2, Apple Intelligence was opt-in rather than opt-out, and users who wanted the feature needed to turn it on in the Settings app. Going forward, it will be enabled by default, and Mac, iPhone, and iPad users who do not want to use the feature will need to turn it off.

Ryan Jones:

Oh my word.

Apple is going to auto enable AI summaries one random morning on your dad and grandma.

☠️🔥

Ryan Christoffel:

Per Apple’s website, Apple Intelligence now requires 7GB of free storage.

The same 7GB number applies whether you’re using an iPhone, iPad, or Mac.

Rosyna Keller:

And since it uses the MobileAsset framework to deliver the models, they’ll get purged when the space is actually needed if Apple Intelligence is switched off.

Sean Heber:

I can’t seem to turn it off right now, either, because now it’s downloading, I guess?

Nick Heer:

The exact amount probably varies from device to device but, still, that is a considerable amount of new space required — a thirty-odd percent growth in operating system size in a nominally minor version update.

[…]

Apple still insists this is a beta, but it no longer has the excuse that users are opting in knowing the risks and flaws. These are just unfinished new features. It turns out problems and a lack of quality control magically become excusable if you just slap a beta badge on it. This is a trick Google has known about for decades.

Andrew Cunningham:

Apple is following in the footsteps of Microsoft and Google here, rolling out new generative AI features to its user base as quickly as possible and enabling some or all of them by default while still labeling everything as a “beta” and pointing to that label when things go wrong.

Eric Schwarz:

I think based on the desperate attempts to get us to use it, most people aren’t that excited about it.

Eric Schwarz:

I think it’s funny how Apple holds back features from older devices with artificial software reasons or have hardware that they’ll include but not enable with the excuse “it wasn’t promised when we shipped it” (kinda like the paid original iPod touch software updates). Unlike that, everyone with a capable device is getting Apple Intelligence thrown upon us when it’s not even done. How about you go get the nonsense worked out with Masimo so I can get the blood oxygen sensor working on my Watch?!

John Gruber:

I have mixed feelings about this decision. It’s pretty obvious that Apple Intelligence has a slew of shortcomings. It’s the nature of the beast, though, that it’s always going to have some shortcomings.

[…]

So the bar shouldn’t be “has obvious shortcomings”. It’s whether Apple Intelligence is good enough. Compared to other systems, like ChatGPT, no, it’s not good enough. But Apple has been enabling Siri by default since 2011. And Siri, today, is arguably worse than it’s ever been when compared to the state of the art.

[…]

If it’s not just merely shipping to all users, but now enabled by default, that’s not beta. That’s just buggy.

Adam Engst:

Ultimately, I’m neither surprised nor all that perturbed by Apple turning on Apple Intelligence for everyone.

[…]

Like so many other features Apple adds to its apps and operating systems, most Apple Intelligence features won’t get in your way, and those that might—like notification summaries—can be turned off independently.

Previously:

Update (2025-02-07): Jamie Zawinski:

I have now turned off “Apple Intelligence” three times on my iPad, and can now confirm that there’s also an “Apple Intelligence Report” keylogger that I had to turn off as well.

But, to be fair, I did not tell them “NO”. I told them “Maybe Later”. So they’re just following my instructions, right? That’s how consent works, right?

Apple (Reddit):

You can generate a report of requests your iPhone has sent to Private Cloud Compute.

I guess this is intended as a pro-privacy feature so that you can audit what information your Mac is sending to Apple—since their server is not going to store it in a way that’s associated with you—but the side effect is that it keeps a local log of your queries that anyone with access to your Mac could export.

Update (2025-02-12): Thomas Tempelmann:

Here’s a trick how to prevent Apple Intelligence to get automatically activated by a system update on your Mac:

Set Siri’s language to a different English variant (e.g. UK vs. US) and then it’ll not be able to get enabled.

Copyright © 2000–2025 Michael Tsai.