To everyone who thinks the Mac App Store makes installing updates quick and easy[…]
Quicken Mac 2015 updates are no longer distributed via the App Store. To install the latest version of Quicken Mac 2015 if you purchased from the App Store, you need to download Quicken Utility, which will install a version of Quicken Mac 2015 that has the ability to install updates without using the App Store.
You may be prompted to enter an administrator user name and password. This is required to replace the application you installed from the App Store with the new version that was downloaded.
And the root cause for this wonderful user experience: no paid upgrades on the Mac App Store…
The point is you can’t add paid upgrades if you’re in the App Store, so Intuit had to leave or go bankrupt.
Quicken 2016 is a separate product in the Mac App Store, presumably so that it could be a paid upgrade. So it makes sense to remove Quicken 2015 from the store to avoid confusion. Then there is no way to ship updates via the store, so we get this 14-step procedure.
Note that I had no idea that critical security updates were available because I relied on the Mac App Store[…]
With Quicken 2015 removed from sale, there’s no way for the store to notify customers. And Intuit can’t e-mail them because only Apple knows who they are. The Mac App Store version of Quicken could periodically check Intuit’s server for news about important issues, but Apple forbids apps from offering updates that are available outside of the store.
Best not to buy a tax app from the store, in case it goes unusable April 14
Update (2015-11-24): Wil Shipley:
You’ve created a marketplace that actively punishes developers for maintaining their software[…] You are losing the innovators. You are losing the developers who are actually loyal to your platform.
Not to say that Apple losing in this scenario means that developers win. It’s a lose lose, unfortunately. Who loses most? Uncertain.
the answer is always the customers. They lose the convenience of the App Store or access to high quality apps
Update (2015-11-25): I want to be clear that I’m not criticizing the way Intuit’s updater works. It looks like it’s about as straightforward as could be. You essentially download an app, launch it, and then follow the normal Sparkle prompts. The large number of steps is because the instructions are very clear, which is a good idea because customers following them may not be familiar with how to download apps outside of the Mac App Store.
The whole point of Realm, or at least one of its very core ideas, is that it is objects all the way down. That was one of the driving principles that encouraged us to start fresh, rather than using an existing relational model. If you look at existing solutions that are currently out there, they tend to be ORMs. More often than not, there’s this conceptual object-oriented model that people are working with, which is really an abstraction of what’s going on underneath. Usually, these are records, tables with foreign keys, and primary keys. As soon as you start to have relationships, the abstraction starts to fall apart because you start needing expensive operations to be able to traverse these relationships.
As soon as you add this
company object to the Realm, it becomes an accessor. Once you start reading properties from it, you’re no longer accessing your ivars, you’re accessing the raw database values, with the benefit of cutting out four or five steps and a bunch of memory copy along the way.
Even though we’re doing this composition by adding one filter after another, we’re not redoing all these queries, we’re essentially building a tree of what the result should look like. Even if you just access the first result out of this query, we’re not going to have to read all the properties for all the other objects, because we really try to keep it lazy.
There are a bunch of optimizations that we can make at the core level such as native links at the file format level.
An important part and design consideration for the core file format was to make sure that the format on disk was readable in memory without having to do any deserialization. You skip that whole step. All you do is calculate the offset of the data to read in your memory-mapped memory, read that value from the offset to its length, then return that raw value from the property access.
Update (2015-11-16): Jonathan Wight:
Using Realm on a new feature here at 3DR and so far very impressed. Minor issues but on the whole better experience than using CD
Katie Hafnernov (via Slashdot, comments):
Dr. Amdahl rose from South Dakota farm country, where he attended a one-room school without electricity, to become the epitome of a generation of computer pioneers who combined intellectual brilliance, managerial skill and entrepreneurial vigor to fuel the early growth of the industry.
As a young computer scientist at International Business Machines Corporation in the early 1960s, he played a crucial role in the development of the System/360 series, the most successful line of mainframe computers in IBM’s history. Its architecture influenced computer design for years to come.
Computer History Museum (via Grady Booch):
In 1970, Amdahl left IBM for the second and final time to pursue his dream of building his own computers, founding Amdahl Corporation. His new company made mainframe computers that ran IBM software, but at lower cost. At its peak, it captured nearly one-fifth of the market.
FUD was first defined with its specific current meaning by Gene Amdahl the same year, 1975, after he left IBM to found his own company, Amdahl Corp.: “FUD is the fear, uncertainty, and doubt that IBM sales people instill in the minds of potential customers who might be considering Amdahl products.”
Gene Amdahl was the John DeLorean of mainframes (but without the cocaine). Invented, tried to out-compete, the IBM 360.
In computer architecture, Amdahl’s law (or Amdahl’s argument) gives the theoretical speedup in latency of the execution of a task at fixed workload that can be expected of a system whose resources are improved.
Amdahl’s law is often used in parallel computing to predict the theoretical speedup when using multiple processors. For example, if a program needs 20 hours using a single processor core, and a particular part of the program which takes one hour to execute cannot be parallelized, while the remaining 19 hours (p = 95%) of execution time can be parallelized, then regardless of how many processors are devoted to a parallelized execution of this program, the minimum execution time cannot be less than that critical one hour.
Update (2015-11-14): btilly:
The technical staff said that the operating system should run on microcode to abstract away the hardware. That way it would be easier for customers to migrate to new hardware as it became available. And they could easily add a new instruction if they needed to.
Gene said that it would be an order of magnitude faster if it ran directly on the hardware, and it wasn’t that hard to support that API going forward.
Both proved right. Gene built computers that were massively faster than IBM’s and perfectly compatible. IBM then added an instruction in micro-code and made all of their software use it. Gene’s installed base all crashed on IBM’s new code, while IBM’s was fine. The US government launched an anti-trust lawsuit, which wound up binding IBM’s hands for many years after.
IBM mainframes today still run on micro-code. And it still makes them massively slower than they need to be, but with better backwards compatibility. The mainframe world depends on a lot of programs from the 1960s and 1970s that runs, unchanged, today. Everyone else is using native instructions and runs faster.
“Because as soon as the IBM sales rep sees the Amdahl coffee cup on your desk, he’ll know I was here and he’ll drop his price by $1 million if you ask him to.”
Amdahl left his company in 1979 to set up Trilogy Systems, an organization aimed at designing an integrated chip for even cheaper mainframes. When the chip development failed within months of the company’s $60-million public offering, Trilogy focused on developing its VLSI technology, which also did not do well. In 1985 Trilogy was merged into microcomputer manufacturer Elxsi (now Tata Elxsi), but poor results there had Amdahl leaving in 1989 for a company he founded in 1987 to produce mid-sized mainframes, Andor International, which had been driven into bankruptcy by production problems and strong competition by 1995.
Said David Patterson, a professor of computer sciences at the University of California, Berkeley, and a computer pioneer in his own right, “The IBM System/360 was one of the greatest computer architectures of all time, being both a tremendous technical success and business success. It invented a computer family, which we would call binary compatibility today. When he left to form his own company, his mainframes were binary compatible with the System/360.”
In addition to Amdahl’s Law, Patterson said, "Less well-known are Amdahl’s rules of thumb for a balanced computer system," which include, "A system needs a bit of IO per second and one byte of main memory for each instruction per second."
Apple has contacted us to say that the f.lux for iOS download (previously available on this page) is in violation of the Developer Program Agreement, so this method of install is no longer available.
We understood that the new Xcode signing was designed to allow such use, but Apple has indicated that this should not continue.
It is proven that screens can negatively influence sleep, and we believe that f.lux makes a significant improvement, as it mirrors very closely the research on blocking blue light before bed. But as we’ve discovered, it is even difficult to conduct basic research in this area, because so many people today use mobile devices (with closed APIs) right before bed.
Technology and devices that know more about our bodies could make a major impact on health and wellness, and these are the reasons why we work on it every day.
For years, f.lux has been the app I most wanted to see on iOS. It really does make my life better and help me to sleep.
F.lux is a popular Mac app that’s been downloaded 15 million times, but with side-loading no longer available, f.lux for iOS is non-existant. F.lux’s developers are urging customers who want f.lux for iOS to send feedback to Apple, as the company would need new documented APIs to introduce the app through official channels.
Come on, Apple, at least allow f.lux’s developers to make available a regular f.lux iOS app. It really helps against eye strain.
iOS Developer Program License Agreement, 3.2(g) (via Jay Tamboli):
Applications developed using the Apple Software may only be distributed if selected by Apple (in its sole discretion) for distribution via the App Store, VPP/B2B Program Site, for beta distribution through Apple’s TestFlight Program, or for limited distribution on Registered Devices (ad hoc distribution) as contemplated in this Agreement
So every open source iOS app violates the rules? If so, the rules are insane.
Previously: Sideloading f.lux on iOS.
Update (2015-11-14): f.lux’s author:
If this were only about reverse-engineering or using LLVM to compile code I wrote, it would be reasonable to fight it. The remarkable thing about their agreement is that it concerns using information that is not provided under the agreement. This is a reasonable term for app store distribution, but it seems unprecedented and heavy-handed for unsigned binaries.
Ultimately, we pulled the app both to show good faith, and also because we were asking hundreds of thousands of people to use Xcode to make accounts and sign our software. When Apple calls up and says they don’t want that to happen, it is not really a thing you can fight. It’s their infrastructure, and they can decide how it is used.
We were feeling pretty good about introducing “building stuff in Xcode” to people who’ve never tried it before.
We have been as polite as we can to Apple in hopes that they will open up the platform to developers like us. The demand for f.lux is certainly incredible.
This isn’t hype — f.lux works. It works as advertised, and it’s great. I’m a night owl, I write a lot at night because it’s peaceful and I can concentrate better. Before using f.lux on my Macs, I always went to bed with red, teary, sore eyes. The strain was perceivable, and I had to take frequent breaks and turn the desk lamp off for a bit. And when I had to stay up until the wee hours of the morning, I never ended up sleeping very well, either. After installing f.lux, everything changed instantly. At first it was strange to look at the altered colour temperature of the Mac’s screen, but I adjusted quickly, and the eye strain disappeared right away. As I’ve often said, f.lux saved my eyes.
Well, I urge Apple to reconsider and look the other way, or to work with f.lux’s developers to find a way to allow them to ship a regular iOS app. It saddens me that something this useful is not allowed on the App Store, while a generous quantity of utter, useless crap is.
Update (2015-11-22): Noah Kulwin:
“The last six months of ‘sideload’ press — which Apple didn’t try to stop — had convinced us that Apple would be receptive to an approach like this, but they seem to disagree,” Michael Herf said. “I asked him about open source used in a similar way, and he did not answer clearly, but he kept repeating the party line that we should make apps that could use Public APIs.”
Castro is now a free app. Every feature is available without charge.
If you like Castro, please consider becoming a patron by contributing $1/month. You will support the work of a small indie app studio in a way that the standard App Store model never can. Yesterday, Supertop needed an endless stream of thousands of new customers to sustain our business. From today, we can be successful with a far smaller number of much happier customers. We can offer better support. We can add new features more often, instead of holding them back for splashy major releases. In other words, we can do the things that indies do best.
Samantha Bielefeld blames Overcast 2 for accelerating this “race to the bottom.” Overcast may have been the impetus, but I see it as more canary than cause. I think it’s likely that—given current App Store realities—this change will be a (relative) financial success for both Overcast and Castro. Patronage may be the least bad option for certain kinds of apps. Individual developers don’t make the rules; they can only respond to them, trying different ideas in the hope of finding something that works. Regardless, it’s a bad sign for the app ecosystem in general. It’s hard to believe that this is where we are given that over 1 billion iOS devices have been sold. But if cheap-paid-up-front and free-plus-in-app-purchase don’t work with this installed base, it will take more than just selling more devices to solve the problem.
See also: Jason Snell.
Update (2015-11-13): Charles Perry (tweet):
The iOS developer community has been locked in a game of the Prisoner’s Dilemma since the App Store was introduced in 2008, and we’ve lost at every turn. For us, the stakes aren’t whether we’ll go free or go to jail, but whether there will be a vibrant market for paid mobile software. Our choice isn’t whether or not to sell out an accomplice, but rather it’s whether we’ll choose short-term gains while at the same time contributing to the perception that mobile software isn’t worth paying for, or if we’ll forego those short-term gains knowing that a competitor could cash in and make our restraint all for naught. In short, it’s about the race to the bottom.
This new model, in fact, is the opposite of patronage. Instead of requiring a patron to provide money up front in exchange for an item of value, this new model gives away all the value in advance and requires nothing from those who receive it.
But what happens when we get even further away from the days when we paid for apps and get accustomed to a world where high-quality, best-in-class applications are free. How long will users continue paying? My guess is not very long.
I hate to say it, but I think we’re in the midst of an App Store bubble. There’s far more developers building apps then there is money in the ecosystem to support them. And the sad truth is that that if Overcast didn’t do it, somebody else was going to. That’s just the way markets evolve when there’s seemingly infinite supply.
Yes, the iPad Pro is a replacement for a notebook or a desktop for many, many people. They will start using it and conclude they no longer need to use anything else, other than their phones.
We’ve now reached an inflection point. The new MacBook is slower, gets worse battery life, and even its cheapest configuration costs $200 more than the top-of-the-line iPad Pro.
The iPad Pro is “pro” in the way MacBook Pros are. Genuine professionals with a professional need — visual artists in particular — are going to line up for them. But it’s also a perfectly reasonable choice for casual iPad users who just want a bigger display, louder (and now stereo) speakers, and faster performance.
For just plain typing, it’s not that bad […] My complaints and frustrations are more from the software, both iOS 9.1 itself and individual apps, both from Apple and third-party developers. Trying to use the iPad Pro as a laptop with the Smart Keyboard exposes the seams of an OS that was clearly designed for touchscreen use first.
I don’t think it’s inherently problematic that iOS has no conceptual support for a mouse pointer, and thus can’t work with any sort of trackpad. But, given this constraint, good support for navigating as much of the UI as possible using the keyboard is more important on the iPad than it is on the Mac. But iOS’s support for navigating using the keyboard is worse.
It brings me no joy to observe this, but the future of mass market portable computing involves neither a mouse pointer nor an x86 processor.
The A9X can’t quite get up to the level of a modern U-series Core i5 based on Broadwell or Skylake (see the 2015 MacBook Air and Surface Pro 4 results), but it’s roughly on the same level as a Core i5 from 2013 or so and it’s well ahead of Core M. And despite the fact that it lacks a fan, the A9X shows little sign of throttling in the Geekbench thermal test, which bodes well for the iPad Pro’s ability to run professional-caliber apps for extended periods of time.
Daniel Eran Dilger:
When Apple first unveiled iPad Pro, it noted that its custom designed A9X chip would be faster than 80 percent of the PCs that shipped this year. Benchmarks indicate that it’s not just faster than low end generic PCs, but also faster — and less expensive — than Microsoft’s Surface Pro 4.
This isn’t quite what we’re used to! With the logic board situated in the center of the iPad, the display cables connect in the very middle of the device, so we can’t even lay the display down while we work.
The feeling of a bigger-than-usual but lighter-than-I-imagined device has stuck with me. Every time I pick up the iPad Pro, I realize that it’s much bigger than the screen I’ve held every day for a year, but also not as heavy as I thought it would be.
After a week of intense usage, various trips in my car, and numerous walks around the house, I’m glad to acknowledge that the iPad Pro is still a portable iPad. I can hold it with two hands when walking around for a few minutes without feeling excessive wrist fatigue, and I can even hold it with one hand (usually my left one) if I want to interact with an app on screen with my right hand. I know that it sounds ridiculous – and I couldn’t believe Apple’s marketing shots either when I first saw them – but holding the iPad Pro with one hand in a corner is possible.
On the Home screen, the iPad Pro keeps the same 5x4 grid (in landscape, excluding the dock) of smaller iPads, only app icons are more spaced out. It’s odd to look at when coming from an iPad Air 2, and I think users should be able to keep more apps on the same page. The Home screen hasn’t been updated to take advantage of the iPad Pro at all, so even folders carry the same four-apps-per-row limitation of the Air 2 (same with the dock).
The Slide Over app picker is the leading example of how scaling some UI elements to the bigger screen isn’t going to cut it. Five months into iOS 9, I believe that the way apps are found and picked in the Slide Over interface is aging badly – you can’t search for a specific app in the tray, and if you realize that you need to re-open an app that you last used a few days ago, you’ll have to scroll all the way back to the top to launch it. This is starting to be problematic on the Air 2, and the issue is exacerbated by the iPad Pro.
The iPad Pro doesn’t use the second-generation Touch ID sensor employed on the iPhone 6s (Apple confirmed this to me) and the device doesn’t have a 3D Touch display.
Two ways to interpret this:
- Apple no longer cares
- New Springboard design coming in 2016
The Apple Pencil feels great in the hand, it’s taller than I expected it to be (it’s really the size of a pencil), and its performance on screen is phenomenal.
You can pair a Pencil with the iPad Pro simply by removing the cap, plugging its Lightning connector into the device, and accepting the pairing request. The cap itself snaps magnetically onto the Pencil, which is a nice detail, and you can also remove the tip and replace it with a new one if it’s worn down too much. Apple includes a replacement tip in the box, and I’m a fan of the small tip that allows for fine strokes and small handwriting.
I noticed that iOS would have the occasional line accidentally drawn by the back of her hand; I’d say that Apple has managed to achieve a solid 90% palm rejection with the Pencil, which is impressive.
Once paired with an iPad Pro, you’ll be able to use the Pencil to interact with apps normally through taps and swipes. In fact, using the Pencil as a pointer and interactive tip when the iPad is held upright by a stand on a desk is quite nice.
The lack of special function keys makes interacting with the iPad Pro when connected to the Smart Keyboard a bit slower – I need to touch the screen to bring up Control Center for music controls, and I can’t double press a Home button shortcut to enter the app switcher.
However, the Smart Keyboard’s biggest advantage is that it doubles as a cover, it’s light, and it connects to the iPad via the Smart Connector. I can’t overstate how nice it is to not have to worry about Bluetooth pairing requests anymore – or having to recharge a Bluetooth keyboard every few months.
Unfortunately, the iPad doesn’t have an adjustable kickstand like the Surface’s. Put another way: You can prop the iPad at any angle, as long as it’s 55 degrees.
There’s an upside to that inflexibility, though: The iPad’s keyboard cover is rigid enough to use on your lap.
Finally, Apple focused exclusively on the act of using the Pencil, and put no thought at all into storing it or resting it. There’s no place to carry it on the iPad, or even in the keyboard cover. It doesn’t attach magnetically during your work session, as on the Surface Pro 4. And it doesn’t even have a pocket clip, flat edge, or anything else to stop this perfect cylinder from rolling away from you.
But the Pencil is just plain fun. It is indeed Apple white, and there are Apple-y things about it — for example, the fact that it is weighted, and won’t roll away on a table top, and always stops rolling with the word “Pencil” facing upward on its metal band.
To move the cursor on your iPad screen, place two fingers anywhere on the keyboard until the keyboard turns gray. Then move your fingers to move the cursor around.
Previously: iPad Pro.
Update (2015-11-14): Manton Reece:
I don’t think I’ve ever been less excited to walk out of a store with a brand new $800 gadget. The iPad Pro has so much potential. I think it’s going to be a success and I’m building apps for it. But without the Pencil and keyboard, a significant part of the appeal is missing. And worse, developers who need a Pencil to start testing their apps — especially those apps like the one I’m working on that already supports third-party stylus pressure — are put at a month-long disadvantage compared to Adobe and the other early partners.
Update (2015-11-30): Gordon Mah Ung:
3DMark also runs a physics test, which measures how a platform would run a theoretical game engine. In short, it’s supposed to measure how fast a device’s CPU would be, not its GPU. The result here actually puts the iPad Pro and the A9X at a pretty big disadvantage against all of the x86 chips—yes, even the lowly Atom.
I woke up to an inbox full of e-mails from customers reporting that my apps wouldn’t launch. This included new customers who had just purchased from the Mac App Store as well as people who had purchased long ago, hadn’t made any changes, and expected that things would just keep working.
On my own Mac, 1Password and Dash wouldn’t launch until I entered the Apple ID password for my App Store account. For some customers, the fix is more complicated: restarting the Mac or deleting and redownloading the app. I was in the middle of using ReadKit, when it suddenly quit, then wouldn’t launch, with the OS reporting that it was damaged. However, redownloading the app didn’t work; I had to restart the Mac to get it running. Then I got the password dialog for Tweetbot. In some cases, there seems to be no way to get the App Store version working, so I’ve pointed customers to the direct sale versions of the apps and issued them temporary serial numbers. Fortunately, my apps don’t require iCloud, Map Kit, or other system services that are withheld from non–App Store apps.
The Mac App Store is supposed to make things easier, but it’s also a single point of failure. Not only is it neglected, but sometimes even the existing functionality stops working. Mac OS X 10.9 introduced a code signing bug that prevented me from submitting updates for several months. In June 2015, there was a month-long iTunes Connect bug that prevented my uploaded build from entering the review queue. And I currently have a bug fix update that Apple has been reviewing for 33 days (with 8 days of waiting before that). When I inquired about the status, Apple told me that everything was normal and that I should just keep waiting. In short, the system is broken on multiple levels, and there is no evidence to suggest that things will get better.
Paul Haddad shows the expired certificate that seems to be the source of the problem.
Dan Counsell shows a flurry of “App is damaged” dialogs.
Every single app I have downloaded from the Mac app store is failing to launch, with a variety of errors. Every one.
Um. Launching Photoshop because MAS Acorn isn’t opening due to MASpocolypse.
The “damaged” screen seems to be a GateKeeper glitch (fixed by reboot). Then, some apps don’t check expiring receipt certs; most do.
Turns out that the App Store is just another DRM scheme with all the nonsense and dysfunction that implies. Who’d’a thunk it.
Whoa, serious Mac App Store problem: It is delivering a binary to users that is still waiting for review; crashing on receipt validation.
Had to pull the app from the store, because otherwise all my customers will upgrade and be left with a non-functioning app.
Catch-22. (Also, no, Apple. It wasn’t. I bought this app on this computer, and just yesterday, it worked fine.)
Seriously, what a bunch of noobs sometimes…
Update (2015-11-12): Craig Hockenberry:
Just verified that you don’t need to reboot to work around the Mac App Store certificate problem. Instead:
$ killall -KILL storeaccountd
When that dialog says “YourApp” is damaged, who’s the customer going to contact? You or Apple?
Worse, there’s no way for us to be proactive about this situation because we have no fricken’ idea who’s affected.
This is because only Apple has the customers’ contact information.
Bare Bones Software:
Restart your computer. (This is a necessary step, because the App Store’s code signing certificate has expired, and restarting will clear the local certificate cache.)
Necessary, but alas not always sufficient.
Mac App Store meltdown: the less a developer heeded Apple’s own advice for validating receipts, the better they look to customers today.
I can’t get MAS Fetch to launch on any OS.
This is some MobileMe-level brand tarnishing.
Apple did not respond to request for comment.
Update (2015-11-13): John Gruber:
Inexcusable for a service that is absolutely essential to users and developers.
Harsh words, but I don’t see how anyone could disagree.
So many of their products feel this way. They’re just stretched too thin. And for what? Apple Watch? They’ve lost focus.
Every aspect of this MAS cert thing is completely infuriating to me.
I spent a lot of years being sarcastic but optimistic about the Mac App Store. I guess my patience, like so many others’, has worn thin.
More than anything else, sandboxing and my assumption that the future was in the Mac App Store, has shaped my priorities the last 5 years.
Paul Haddad shows a 1-star review from a customer whose app stopped launching.
Andrew Wickliffe shows a reply from Apple Support encouraging him to post a review in the Mac App Store in the hopes of the developer contacting him. This is ironic because Apple does not let developers contact customers who post reviews.
A customer e-mailed me to say that AppleCare told him that “actually the app store certificates come from the developer of the app, not Apple. Apple only approves the certificates. […] So their current position is that it’s the responsibility of the app developer to fix it!” I think this is incorrect and that Apple itself signs the apps that the store distributes. My own certificates are for submitting to the Mac App Store and have not expired. Furthermore, if AppleCare’s explanation were correct, the workarounds (entering your password, redownloading the app, restarting the Mac to clear the caches) wouldn’t work for anyone.
Wishing all my favorite MAS developers the best after Apple dropped the cert and then blamed devs. Sad situation. Everyone take a month off.
I woke up in the middle of the night thinking about how egregious Apple’s behavior this week has been toward devs.
Between Apple nuking sideloading for f.lux and the Mac App Store issues, I’m really feeling ecosystem angst today.
This is not just unacceptable: this is a fundamental violation of the trust that both app developers and customers have placed in Apple, namely that bought, installed and compatible apps would keep working (short of any dramatic action taken for consumer protection so that they would not, such as revoking the certificate of a malicious developer).
So, in turn, how am I supposed to trust iCloud or Apple Maps, if I am not sure I can run any app that can access it? As if these services did not already have a reputation…
But even more troubling are the implications for long-term usage and preservation of software and it data.
Before it expired, Apple issued a new certificate, but one using SHA-2 (secure hash algorithm 2). This was supposed to be transparent, but once the old certificate expired, some people began experiencing problems.
First, outdated certificate information was stuck in cache, which required some people to reboot or re-authenticate in order to clear it out.
Second, some apps are apparently using an old version of OpenSSL for receipt validation, and—you guessed it!—it doesn’t support SHA-2, and hence isn’t compatible with the new certificate.
This makes sense, although I suspect there are also other factors involved because it doesn’t explain all the cases that I’ve heard about.
Grabbed a new Mac App Store receipt. They are back to using SHA1 and it now has an expiration date in 2023.
A security certificate Apple installed to protect users from malware had expired on Nov. 11, 21:58:01 GMT—precisely five years after its original creation—and nobody at Apple had thought to renew it.
The company fixed the problem—pushing through a new certificate that expires in 2035—but not before breaking untold numbers of Mac apps and confusing and inconveniencing countless Mac owners.
Matt Stevens says that developers need to be careful to validate App Store receipts using the receipt’s creation date rather than the current time. The creation date field was not initially documented, and Apple’s sample code uses the current time.
What we know, so far, is the receipts embedded in most, if not all, Mac App Store apps became invalid yesterday. This happened without any advance warning from the mothership. How apps reacted to this varied. Our apps are among those affected, and in the worst way. […] In the meantime, we’re giving away our apps at our online store.
As of November 13, 2015, it appears that Apple has fixed this issue. If your copy of Fetch from the Mac App Store does not open, drag it to the trash, empty the trash, and download a fresh copy from the App Store.
Today’s ongoing certificate expiration issue is yet another reminder that Apple needs to commit more talent and resources to the Mac App Store, or get rid of it.
Graeme Devine posts another response from Apple Support blaming the developer.
Update (2015-11-14): Shawn King:
This is a huge embarrassment to Apple (and one they haven’t explained or apologized for) as well as being a giant pain point for developers. After all, when your app stops working, who do you contact? The developer or Apple?
Daniel returns from Amsterdam to find Mac App Store issues abound. Manton buys an iPad Pro but has to wait for the Pencil. The two discuss the Mac App Store’s 6-year failure to evolve substantially, and dig into the emotional highs and lows of enjoying and surviving Apple’s platform constraints.
When a certificate fails—whether through an accidental expiration or due to tampering—it’s a reasonable precaution for software to act as if the sky is falling, because there’s no good reason it should fail unless an attack or compromise is underway.
And yet because Apple’s infrastructure is seemingly so brittle, not only did it happen, it inconvenienced an unknown number of Mac App Store software purchasers, while offloading the frustration and customer-service load to developers.
There are actually several different unfortunate problems here. First, the “damaged” dialog seems to be caused by some sort of cache or memory corruption in the system processes that coordinate to implement GateKeeper and the app store updates; some reports say killing the “storeagentd” process solves this problem without rebooting. (My system doesn’t seem to run this, FWIW.) What not everyone knows is that this dialog appears before the app it allowed to run; that is, it’s not affected by any checking done inside the app itself!
Second, asking for a new AppleID password. This is caused by the app itself checking the store receipt; something strongly recommended by Apple, since otherwise, it’s easy to copy a downloaded app to another computer and having it run there; I remember some early games not doing this and being widely pirated.
When and if you get a new version of the app, all certs will probably be new ones. So there’s no “allowing” a leaf cert to expire — they do so naturally.
Apple “pushed” a new certificate that expires in 2035. This is probably just looking in the wrong place — not knowing which certificate had expired, someone glanced at the root certificate and noticed the “new” 2035 date. Nothing new to see, of course; that cert was created in 2006!
Update (2015-11-18): Benjamin Mayo:
Apple has emailed developers about the recent damaged apps bug affecting a sizeable proportion of the OS X user base with some getting repeated errors on app launch. Whilst a reboot should be enough to invalidate and reload the certificate cache for most people, there are some weird edge cases. Apple says that a permanent fix for the caching issue will be included in a future OS X software update.
Rainer Brockerhoff notes that Apple’s e-mail linked to the wrong documentation page and neglected to mention the important receipt creation date issue.
Conceptually, there are two “security” services the Mac App Store provides: DRM, to protect the developer against unlicensed use of the app or the app being pilfered, modified, and passed off as being the modifier’s creation; and code signing, to protect the user against an attacker tampering the app between the moment the app was signed by someone the user (supposedly) trusts and the moment he runs it.
Code signing, by its nature, relies on digital certificates, and these certificates expire, for what I hear are good security reasons. The archivist does not particularly care about code signing: even if the app was tampered with by an attacker, the archivist has a pristine copy of the data, and the machine is off the network and nothing will ever exit it. Since code signing is put for the user’s benefit he should have as a last resort the ability to disengage it, otherwise this is not done for the user’s benefit and is not just code signing, is it?
Update (2015-11-20): Gus Mueller:
Maspocalypse. The gift that keeps on giving. Now I get to support family members who bought things years ago, that just stopped working.
Other users continue to find apps that aren’t working after rebooting.
Update (2015-11-24): See also Accidental Tech Podcast.
But given that the Mac is doing tremendously well, setting sales records—even if not approaching the sales volume of iOS devices—and given that Apple takes a 30-percent cut of both iOS and Mac app sales, regardless of the disparate support for the two app stores, it might behoove the company to spend a little time bringing the Mac App Store up to snuff.
Still finding new “app is damaged” errors, over a week later.
Put aside the argument about whether a fiasco like this should have ever happened in the first place. Why did it take six days for Apple to publicly respond and explain what happened?
And since Apple only contacted developers and select Mac press, not the people who bought the apps, most users probably never heard anything about it.
Update (2015-11-29): Rob Griffiths:
However, with a few simple changes—and one not-so-simple changes—the Mac App Store really could be the place to shop for Mac software, instead of a place where you only find apps that meet Apple’s narrow definition of what an app should be.
f.lux, the excellent Mac display color adjuster, has not been available for iOS except via jailbreaking. Now, however, there is a way to sideload it (comments):
In Xcode 7, you can install apps directly to your iOS device with a free account from Apple. So we decided to make a beta version of f.lux for people to try.
It’s a few more steps than installing the app store, but there are plenty of harder things even on Pinterest. So, here’s how to get f.lux installed on your iOS device.
Note that although you are downloading an Xcode project, it’s not open source. You’re just using Xcode to codesign the app and install it on your device.
f.lux uses location services to figure out the light levels in your area. The iOS version has two settings, day and night, whereas the Mac version automatically uses a bedtime setting late at night. The iOS version does, however, have the manual Darkroom mode.
It seems crazy to me that apps like this need to use a network connection and push notifications just to ensure that they get periodic minimal background processing time.
Given that f.lux no longer requires jailbreaking, it’s not clear to me what’s keeping it out of the App Store. Presumably, it relies on an API that’s private.
Update (2015-11-11): It’s a bit disconcerting, but with f.lux installed my iPhone’s screen will turn on every once in a while. I think this is because it has to wake up the screen to change the colors. Also, I don’t like the way it makes the camera look.
Riccardo Mori has a photo showing the f.lux effect.
Update (2015-11-12): The updated FAQ suggests that you can avoid waking the screen by allowing notifications and notes that there is a bedtime mode; it just isn’t configurable yet. However, I found that with notifications enabled it still wakes up the display.
Update (2015-11-13): Jason Snell:
Here’s hoping that iOS 10 might offer a feature that makes f.lux unnecessary, but in the meantime the only way to use f.lux on iOS has been to jailbreak your devices and download it from the Cydia store.
Alas: Apple Forbids Sideloading Flux.
Don Norman and Bruce Tognazzini (via Don Norman, comments):
The products, especially those built on iOS, Apple’s operating system for mobile devices, no longer follow the well-known, well-established principles of design that Apple developed several decades ago. These principles, based on experimental science as well as common sense, opened up the power of computing to several generations, establishing Apple’s well-deserved reputation for understandability and ease of use. Alas, Apple has abandoned many of these principles. True, Apple’s design guidelines for developers for both iOS and the Mac OS X still pay token homage to the principles, but, inside Apple, many of the principles are no longer practiced at all. Apple has lost its way, driven by concern for style and appearance at the expense of understandability and usage.
Apple is destroying design. Worse, it is revitalizing the old belief that design is only about making things look pretty. No, not so! Design is a way of thinking, of determining people’s true, underlying needs, and then delivering products and services that help them.
What kind of design philosophy requires millions of its users to have to pretend they are disabled in order to be able to use the product? Apple could have designed its phone so that the majority of people could read and use the phone without having to label themselves as needy, disabled, and requiring assistance. Even worse, the assistive corrections destroy the very beauty Apple is so fond of as well as sometimes making the text no longer fit on the screen.
Unfortunately, visually simple appearance does not result in ease of use, as the vast literature in academic journals on human-computer interaction and human factors demonstrates.
There are lots of good points here, although I don’t think the solutions are necessarily clear. There are tough choices to make when the screen is so small. In my view, the biggest usability problem right now is not Apple’s design but rather the general buggy state of its software. On both iOS and Mac, I am running into new little things that don’t work properly every day. And then there are the larger issues, like the fact that my iPhone’s ringer sometimes sounds muffled until I reboot and that the Do Not Disturb exclusion list doesn’t always work. On the Mac, Safari and Mail routinely stop working.
Previously: Long-Term Exposure to Flat Design.
Update (2015-11-13): Lukas Mathis:
That’s not a great way to make design decisions. Remember how funny we thought the Blackberry Storm was, with its «sometime you just tap it, but sometimes you have to press harder and make it actually click» screen? Well, that’s now your iPhone.
Likewise, people made fun of Windows 8, and how people found it hard to use at first, but one of its genius decisions was to put all of its hidden features behind edge swipes. In order to figure out how to find possible actions in Windows 8, you had to learn exactly one thing: swipe from the sides of the screen to see your options.
Update (2015-11-16): Chris Pirillo:
I wouldn’t be surprised if there was a memo circulating internally which outlines a game plan for every release along the lines of: “Get our hardware out the door, but keep the software working poor.”
Update (2015-11-24): Andy Ihnatko:
I’ve had plenty of reasons to ask myself some of the same questions…particularly in the past month.
More than that, though, I still haven’t warmed to Apple’s 2013 overhaul of the iOS interface. Even after two years with it I experience many of the problems that Don and Tog talk about in their article. The UI is so subtle and stripped down that I often find myself hunting around the screen to figure out what I need to tap to make something happen. I just like Android 6 better.
Adam C. Engst:
The article is a damning indictment, coming as it does from some of the leading voices in the user experience field, and frankly, it has the best chance of any criticism of being heard at Apple. (That said, these points aren’t new — back in 2010, Don Norman and Jakob Nielsen wrote a more general criticism of gestural interfaces in the ACM CHI magazine Interactions.) The situation is similar to that of the emperor’s new clothes — although many in the Apple community have pointed out interface problems in Apple’s recent software (cough iTunes cough), the impression one gets is that Apple’s executives can’t hear any nay-saying because of the continual sound of money rolling in. Alas, usability is no more defined by corporate profits now than it was in the 1990s when Microsoft dominated the computer industry.
These interface issues aren’t just a matter of academic complaint — in writing and editing TidBITS articles and Take Control books for everyday users, we constantly run across tasks in Apple apps that are difficult to document because they’re dependent both on multiple levels of context and visual controls that have no names[…]
See also: The Talk Show.