Machine learning, my briefers say, is now found all over Apple’s products and services. Apple uses deep learning to detect fraud on the Apple store, to extend battery life between charges on all your devices, and to help it identify the most useful feedback from thousands of reports from its beta testers. Machine learning helps Apple choose news stories for you. It determines whether Apple Watch users are exercising or simply perambulating. It recognizes faces and locations in your photos. It figures out whether you would be better off leaving a weak Wi-Fi signal and switching to the cell network. It even knows what good filmmaking is, enabling Apple to quickly compile your snapshots and videos into a mini-movie at a touch of a button.
How big is this brain, the dynamic cache that enables machine learning on the iPhone? Somewhat to my surprise when I asked Apple, it provided the information: about 200 megabytes, depending on how much personal information is stored (it’s always deleting older data). This includes information about app usage, interactions with other people, neural net processing, a speech modeler, and “natural language event modeling.” It also has data used for the neural nets that power object recognition, face recognition, and scene classification.
And, according to Apple, it’s all done so your preferences, predilections, and peregrinations are private.
Acero began his career in speech recognition at Apple in the early ’90s, and then spent many years at Microsoft Research. “I loved doing that and published many papers,” he says. “But when Siri came out I said this is a chance to make these deep neural networks all a reality, not something that a hundred people read about, but used by millions.” In other words, he was just the type of scientist Apple was seeking — prioritizing product over publishing.
“It’s a source of a lot of internal debate,” says Federighi. “We are used to delivering a very well-thought-out, curated experience where we control all the dimensions of how the system is going to interact with the user. When you start training a system based on large data sets of human behavior, [the results that emerge] aren’t necessarily what an Apple designer specified. They are what emerged from the data.”
Today, we’re excited to announce that Instapaper is joining Pinterest. In the three years since betaworks acquired Instapaper from Marco Arment, we’ve completely rewritten our backend, overhauled our mobile and web clients, improved parsing and search, and introduced tons of great features like highlights, text-to-speech, and speed reading to the product.
For you, the Instapaper end user and customer, nothing changes. The Instapaper team will be moving from betaworks in New York City to Pinterest’s headquarters in San Francisco, and we’ll continue to make Instapaper a great place to save and read articles.
Hidden at the bottom of this announcement is a ‘sunsetting’ of Instaparser, a paid API endpoint for developers to take advantage of Instapaper’s intelligent article parsing. The service is shutting down in November. It launched in April, now being shuttered in the same year it was debuted. This is pretty crappy especially given Instaparser was a paid service charging hundreds of dollars per month for an API key.
We will be using the signals from Instapaper to power some news-based discovery within Pinterest, however, those signals will be used in aggregate in a manner similar to which we use them for the Instapaper Daily and Instapaper Weekly offerings.
I’m worried about this. I’m a long-time Instapaper user and customer, and its features — particularly highlights and notes — are essential to my reading and research habits.
We were talking about scrolling performance, and how the iPhone 4 had to draw 4x the pixels to get 2x the resolution, and still do it smoothly. This, at a time when Android scrolling performance was just awful. I asked him how Apple could be so far ahead. He said “John, nobody else gives a shit.”
The other interesting tidbit from that conversation was that I said something to the effect of “You guys have been working on graphics performance ever since 2001” or something like that, alluding to Mac OS X 10.0.
He immediately jumped back at me with “No, we’ve been killing ourselves over graphics since 1989.” Alluding to NeXTstep 1.0.
Apple appears to be making a slight branding change to its retail business, dropping the “Store” moniker when referring to its Apple Store locations. Apple has already made the change online, and all of its store pages now refer to stores by names like “Apple Union Square” or “Apple Valley Fair” or “Apple The Grove,” instead of “Apple Store, Valley Fair” or “Apple Store, The Grove.”
Now that Apple’s stores are well established, it makes sense to drop the “Store”. Think about the brands that are Apple’s peers in retail. No one goes to the Tiffany Store or Gucci Store, they just go to Tiffany or Gucci.
The difference between these brands and Apple is that Apple’s identity has long been independent from the notion of a store. Calling it the “Apple Store” was not only important because the stores were a novelty, but because Apple is a brand that transcends retail.
I suppose this is the biggest problem with Apple dropping the word “store” — it devalues the Apple brand.
Perhaps “Apple at location” would sound better in nearly all circumstances. But, then again, Apple has always been funny about their phrasing — note, for example, their persistence in dropping the definite article when referring to any of their products: it’s always “iPhone”, never “the iPhone”.
With the removal of “Store” from Apple retail locations, I’m wondering what we’ll call the one on campus.
A trio of former Apple Store employees recently delved into some stories of their tenure at various retail locations of the company’s well-recognized brand. Although their names were changed to keep their identities a secret, the group which spoke with Thrillist included: Lucas, a Lead Genius with five years of experience; David, who worked part-time as a Sales Specialist for four-and-a-half years; and Tony, a Family Room Specialist for five years at an Apple Store.
Lucas and David went further into the specifics of the “distinct hierarchy” of the Apple Store, detailing an “odd” dynamic imbalance between entry level employees and those higher up. Most of the full-time positions were “seen as an accomplishment” due to Apple’s extensive training program that flew out applicants to Cupertino or Austin for a few days. This created an “off-putting” atmosphere for new employees trying to get by in the store and still years off from being able to take advantage of the company’s perks.
App Store screenshots are really, really important, if done correctly they can convince more users browsing the store to download your app. Unfortunately so many good apps get overlooked because of bland or poorly designed screenshots. This is not an article telling you how to design screenshots, it's more of an overview of the styles and options that are out there right now.
The app, developed by John Gruber, Brent Simmons, and Dave Wiskus, featured a tasteful interface design. (I used it a lot, especially for recipes.) But it’s hard to compete with Apple’s own Notes app, especially after Apple upgraded it dramatically with iOS 8. The last post to the development blog was in February 2015 when the app was updated to support iPad screen resolutions.
We at Q Branch just released the final version of Vesper. It does one crucial thing: it allows you to export your notes and pictures. See the new Export section in the sidebar.
Sync will be turned off Aug. 30 at 8pm Pacific. We’ll destroy all the data, and neither we nor anyone else will be able to recover it.
The iOS document provider feature — which was introduced after Vesper shipped (it was originally an iOS 6 app) — was just what we needed. It meant we could write the notes and pictures as files in a folder, and then a document provider could upload those files to iCloud Drive, Dropbox, or wherever.
Perfect. It works whether you’re syncing or not — it has nothing to do with syncing.
And it will continue to work even after sync shuts down. It will continue to work as long as you have the app on your device.
Belief inside Q Branch: if we had started with a Mac app rather than an iOS app, Vesper would have been much more successful. That wasn’t clear at the time we started, though (Dec. 2012).
All things must come to an end, and all, but it’s heartbreaking to see it happen to a great app like Vesper, especially since this serves as a de facto acknowledgement that a Mac version is never coming as well.
I still firmly hold the belief that iOS applications are either loss leaders or loss generators, that iOS devices themselves are thick terminals, and that a proper iOS execution strategy must be backed with a useful service either involving real world consequences (i.e. get a ride or get groceries delivered), or a wider cross-platform strategy (i.e. build your document on one platform, revise on another).
Props to Q Branch for putting time into a dying app to make it possible to export user data. Too many apps and services don’t get that part right.
However, I would argue that apps should have an export feature from the first version.
iOS 7’s appearance was so different that even an app like Vesper that was designed with many of the same ideals needed a thorough redesign. So we spent the summer of 2013 not building a sync system, but rather building an iOS 7 version of Vesper.
We suffered an enormous chicken-and-the-egg problem with our decision to keep to a small team and self-fund our efforts through revenue from the app itself. A notes app is only of interest to many people if it’s available both on their desktop and mobile device. The number one reason, by a long shot, that people didn’t buy Vesper is because it wasn’t available for the Mac. I get that. It makes total sense. Hell, I even cheat, personally, and run Vesper on my Mac in the iOS Simulator. The bottom line is we needed revenue from the first version we built to fund development of the next version, and I think we would have made money from the Mac version.
Ultimately, what we should have done once we had versions of the app for both Mac and iOS is switch to a subscription model. Make the apps free downloads on all platforms, and charge somewhere around $15/year for sync accounts. That’s where the industry is going.
With “Vesper” we were thinking things like beautiful, smart, clever, strong. In the end, the name was more apt than we knew, because it also carries heartbreak.
From first comp to 1.0.
But the one on the right is what we shipped before we ever saw iOS 7.
We pay more for the server in some months than we do for Ideal Sans for the year.
It’s kind of bizarre the only healthy developer market in the Apple ecosystem right now is the outside-the-Mac-app-store Mac market.
For years now I’ve been talking to app developer friends and they are nearly universally wondering how long they will be able to survive in a business where consumers expect to pay less than $5 for an app and expect that app to be maintained for years at a time with no further revenue to the developer.
This problem is holding back productivity software on the iPhone and–even more dramatically–on iPad. The iPad Pro hardware is, performance-wise, competitive with a laptop. The difference, however, is that people are simply not willing to pay the same for iPad productivity software as they are willing to pay for Mac productivity software.
I think the most important take home here is that The Marco Effect is greatly overestimated.
At the time I was using Evernote and for me it gets the job done. I was getting tired of seeing good note apps for iOS but not a lot on the Mac. I only got into the app when version 2 came out but I never really used it that much because it doesn’t offer a Mac app.
Several bloggers have expressed curiosity as to why public interest in the App Store has waned so much. I can’t answer for everyone, but at least within myself, I’ve noticed an increasing and persistant reluctance to try new apps. It’s just that I’ve seen same pattern crop up over and over again. Somebody releases an interesting new app, touting fantastic design and improved productivity. The app gains some (but not overwhelming) traction. The app gets a few updates. The app lingers for a few years. And finally, the app untriumphantly rides off into the sunset, taking entire years of not just developer time, but thousands of users’ ingrained habits with it. The case is clear: most apps — and especially indie apps — cannot be reliably expected to continue operating.
That said, hats off to the dream team for building a well done and well engineered application. The diary that Brent wrote about synching is still a great read, after three years.
This is an adventure that every indie should learn from. Sometimes a great design, a great production and a great engineering is not enough. There’s many more factors to take into account[…]
Vesper has had more downloads since Sunday (when it went free, and was announced EOL) than it did in 3+ years as a paid app.
I think it’s a little more subtle than that. They will pay, but not if there are free options. And most of the time there are.
We didn’t omit export from 1.0 because we didn’t think it was important, we omitted it because we found no good solution.
Alrighty, so this is looking better, but still not great:
10 MB). This of course is missing some of the frameworks that I was using above, like Swift support for AV Foundation, but seeing as
libswiftCoreis the primary culprit of the size, I think it’s safe to say that budgeting for
15 MBfor Swift support should be sufficient.
I should also note that the App Store does compress your bundle as well. At the end, it’s really hard to know exactly how big your app bundle is going to be without actually publishing it up to the store.
Which is too bad because then you can’t be sure whether your app fits under the 100 MB limit for cellular downloads.
After pulling out the stopwatch for over 50 transactions at various retailers in recent days, I can confirm that it takes twice as long to pay with a chip card than with a card swipe or mobile payment—on average, 13 seconds versus 6 seconds.
And that doesn’t count the time playing swipe-or-chip roulette. Consider yourself lucky when you encounter a “NO CHIP!” sign or a duct-tape blockade over the slot.
Lately, I’ve been spared. I’ve only seen signs saying not to use the chip reader and had cashiers tell me to ignore the sign saying to insert my card.
“Many [retailers] don’t yet take EMV because the longer lines tend to be a much greater hit than the fraud that they’d have to pay for,” says Joseph Koenig, a technology manager at Index, a company that implements software in point-of-sale terminals.
Apple Pay, Samsung Pay and Android Pay were all twice as fast as current chip cards in my testing. Hold up your phone, press on the fingerprint sensor to confirm it’s you and six to seven seconds later, you’ll hear that pleasing ding that you’re done.
It seems weird, though, that I still have to sign on that awful electronic pad after providing my fingerprint.
CVS Pay is part of the CVS Pharmacy app for iOS that combines access to your debit or credit card, ExtraCare rewards card, and a Health Savings or Flexible Spending account. Like CurrentC and Walmart Pay, CVS Pay uses barcodes to transmit information.
That’s wonderful considering that their terminals are never able to scan the ExtraCare and prescription barcodes from my phone.
Previously: Why I Started Using Apple Pay.
Google’s “Accelerated Mobile Pages,” more commonly known as AMP, are meant to be a reboot of the mobile web. Designed to fix mobile webpages that suck because they’re too slow, they have been available in a specialized carousel at the top of search results since February. When you click on an AMP link, you get a stripped-down, faster version of the article you wanted — often delivered directly from Google’s own caching servers.
Now, Google has announced that it plans to expand the delivery of AMP links beyond that carousel to all mobile search results. So when you search for a story and an article from an AMP publisher shows up in search results, clicking on that blue link will take you to the AMP version of the story instead of the traditional website.
If this sounds familiar, it’s because Facebook just did the same thing with its own mobile-focused Instant Articles format — instead of loading a webpage when you click a link, the Facebook app loads a proprietary Instant Article from participating publishers, complete with lightning bolt icon.
Previously: Google’s Accelerated Mobile Pages.
The most prominent example of CarPlay’s challenges may be that it looks terrible, though through no fault of its own. The display of most in-dash consoles is not of Retina quality, and as a result, the CarPlay apps and UI elements look jagged and poorly rendered. That’s compounded by the fact that, even though you can tap and swipe on the screen, the performance is sluggish and occasionally choppy.
Beyond that, I was surprised to find that CarPlay only works when your iPhone is plugged into your console’s USB port via Lightning cable. This is probably necessary for the “casting” aspect of the experience, as the CarPlay interface that you see on the console is essentially powered by your phone. But for me, it represents a step back from the ability to connect your phone to the car’s system via Bluetooth.
From May 1 to July 31, 1995 users who upgraded to System 7.5 could choose between an Apple watch or a copy of Conflict Catcher 3..
The watch band says “Mac OS,” but the software product itself was called “Macintosh System 7.5.” The “Mac OS” logo existed and was shown on the boot screen, but it didn’t become the name of the product until version 7.6.
Update (2016-08-22): Jason Snell:
I have an Apple watch of my own. It’s a “Think Different” model that runs counterclockwise. Oh, ’90s Apple. Such a strange company.
Update (2016-08-24): Brendan Shanks:
To be highly pedantic, the “Mac OS” logo came with 7.5.1. 7.5 was “Wecome to Macintosh” with progress bar.
Most developers we asked are gods with multiple arms: they manage to sell their apps both on the Mac App Store and outside of it. About a third were brave enough to only sell outside, while the smallest part have chosen the MAS as their only marketplace.
Unexpectedly, for those who sell both on the MAS and outside, revenue parts coming from the two channels are practically identical, which means you don’t actually make more money on the MAS.
About a third of the devs we asked run their own business. Funny enough (not really), more than 20% of them have tried MAS, but left.
While sandboxing does show up on the complaint list, it’s ranked low as a reason to not use the Mac App Store, even though it was why I pulled my app Clipstart from the Mac App Store 4 years ago. And not much has changed since I wrote about Sketch and other apps leaving the Mac App Store last year.
Update (2016-08-20): Marcus Fehn is critical of the survey. These sorts of surveys always have sampling issues, so I wouldn’t take the numbers too seriously. But I do think it’s interesting as a rough snapshot of what the community thinks, particularly the ranking of the different pain points. I would have liked to see additional choices, though, e.g. the unreliability of iTunes Connect and the Mac App Store app.
Criteo (and their partners, like sears.com) have successfully performed an end-run around the traditional newsletter opt-in process.
By managing email lists and functioning as an advertising retargeting network, Criteo enables spammers to enroll innocent users browsing the web to 3rd party newsletters.
Criteo’s claim that they didn’t store my information is besides the point. The problem is that I got signed up for spam because I was merely browsing the web, and now a third party has my name and email address. Criteo gets to claim they don’t store that information, but what does it matter if it ends up in the hands of spammers like Sears?
Update (2016-08-22): Sami Samhuri:
Make sure you disable 3rd party cookies in all your web browsers.
Today we added YouTube to Google’s HTTPS transparency report. We’re proud to announce that in the last two years, we steadily rolled out encryption using HTTPS to 97 percent of YouTube’s traffic.
We found that HTTPS improved quality of experience on most clients: by ensuring content integrity, we virtually eliminated many types of streaming errors.
97 percent is pretty good, but why isn’t YouTube at 100 percent? In short, some devices do not fully support modern HTTPS. Over time, to keep YouTube users as safe as possible, we will gradually phase out insecure connections.
Here’s how to check if your image editor of choice does the right thing when making and saving images. Create a new document, set the color profile to sRGB, fill it with 100% red, and see what Digital Color Meter tells you. If it says the RGB values are 234,51,35 (or thereabouts) then you’re in good shape. If it says 255,0,0 then you’re going to eventually be in a world of hurt, because it’s not correctly handling color profiles.
Users looking to get the most out of Siri may want to check out Hey-Siri.io, a new website that launched in July. Hey-Siri.io features a comprehensive list of many of the different Siri commands that are available, giving iOS and Mac users a quick way to discover all of the different things Siri can do.
But, with our latest updates today (OmniFocus 2.6 for Mac and OmniFocus 2.15 for iOS), your data will be completely encrypted before it leaves your device so that it’s encrypted on the server itself. We’re using your sync password to generate a key that encrypts everything as it leaves your device. All encryption and decryption happens locally, so your data is always encrypted end-to-end and our server never has access to your encryption key.
To make this level of encryption work—and for other features down the road—we needed to make some adjustments to our database format.
The releases of OmniFocus out today will periodically check to see if all of your devices are using the latest version. Once they are, you’ll be prompted to migrate to the new database format.
The migration went very smoothly. In fact, they made it so easy that there’s little indication that encryption is being used. The local files remain unencrypted, and you’re not asked to enter a new password. Here are the release notes and the open-source OmniFileStore.
The guiding principle of today’s updates is that the only things which should ever have access to your OmniFocus tasks are devices you own and control: your phone, your Mac, your tablet.
There are a few other things worth remembering: no one at Omni will have the ability to look at or restore your data.
Presumably you are not protected from nefarious modifications to the server, though, as the password for syncing and logging into their site is the same one that secures the encryption key.
Previously: Proposed Client-side Encryption in OmniFocus.
Update (2016-08-19): Ken Case:
Our next update will let people set a separate encryption password from their sync password.
Triage allows you to scan new episodes and decide whether you’re interested or not.
Newly published episodes arrive in the Inbox tab. From here, you can review the descriptions, queue the best ones and archive the rest. The Queue tab is a single central playlist. Queued episodes are automatically downloaded, and can be re-ordered or archived any time.
You can set your favourite shows to queue automatically and use the inbox to triage the rest.
This is especially important in an era where there are a whole lot of podcasts to wade through. In a few moments I was able to get through a half-dozen new podcast episodes in my Inbox, marking some of them for immediate listening, tacking others on to the bottom of my queue, and bypassing less interesting episodes entirely.
The inbox idea doesn’t really appeal to me, but I’ve often wanted a play queue in Overcast, i.e. a reorderable history of episodes that have been started. Otherwise, it’s hard to get back to an episode that was interrupted, especially since the In Progress playlist was removed. This, combined with something like iTunes’s Up Next, would be ideal for me.
There doesn’t seem to be an easy way to switch podcast apps, preserving episode state, even if I wanted to.
The new Mobile Share Advantage plans are available Aug. 21. Consumers and businesses alike can gain a wireless experience, without overage charges. Instead of overage charges, after customers use all of their high-speed data amounts, all data usage will be reduced to a maximum of 128 kbps for the rest of their bill cycle.
Via Josh Centers:
It’s likely that the new Mobile Share Advantage plans will either save you money or provide more data for roughly the same amount that you’re paying now.
It depends on your plan, though. I currently have 2 GB plan for $30, whereas the new plans are 1 GB for $30 or 3 GB for $40.
Update (2016-08-18): Scott:
AT&T raised the price of the device connect $5, from $15 now $20 across the board. Lower plans (<10GB?) were $25, so lower there.
Here, 3 iPhones on $100 15GB plan:
new 10GB: $95
old 15GB: $100
new 16GB: $105
The first problem we ran into was stability. Core Data is notorious for crashing if one small thing goes wrong. It’s really easy as a developer to introduce race conditions very subtly which can be tricky to debug. In general, we found that approximately 50% of the crashes that we had on our Core Data applications were in some way related to Core Data itself, and these crashes were one-offs here and there. It wasn’t one big bucket that we could fix them all, making it really difficult to diagnose these issues.
The final thing for us was scalability. Facebook has talked quite a lot, a couple of years ago, about that problem, scaling Core Data. They believe that Core Data is very difficult to scale to large applications. Given that our application has hundreds of view controllers and hundreds of models, we’re terrified of this.
To accomplish all these things we wrote RocketData. RocketData is a caching and consistency solution for immutable models. It’s intended to replace Core Data or at least fulfill that role in an application. It’s written 100% in Swift, and we really like it.
He uses “model” to mean the entity objects, i.e.
NSManagedObject, rather than the entity descriptions (which Core Data calls the model).
Briefly, a Managed Apple ID is an Apple ID that is created by the school for pupils. They can also be created for teachers and administrators. A Managed Apple ID allows access to iCloud and iTunes U but not to commercial services like the App Store and iBookstore. A Managed Apple ID is literally disbarred from any commercial transaction with Apple.
So, as a result of this decision to only allow iTunes U interaction between Managed Apple IDs in the same ASM domain, this means that teachers effectively have to be using a school-issued Managed Apple ID to run their iTunes U courses.
This is fine - in a very restricted set of circumstances that don’t apply to any existing school iOS deployment anywhere.
At the moment, I have no satisfactory workaround for this. I cannot conceivably expect teachers to switch to using a Managed Apple ID permanently, abandoning all their past purchases and content. Similarly, the idea of switching between two Apple IDs in the course of doing your job is maddening at best and potentially disastrous if you accidentally trigger an App Store tripwire.
Xcode Tip Of The Day:
[Xcode > Edit > Copy Qualified Symbol Name]
It’s hard to type with one hand but rather useful. For example, you can put the cursor anywhere in a method definition or call, and it will copy the full name to the clipboard, e.g.:
-[NSArray(NSExtendedArray) enumerateObjectsWithOptions:usingBlock:] removeAll(keepCapacity:)
You don’t have to select any of the pieces.
Now, if only Open Quickly supported qualified symbols…
For sure: 10450773. Pile on!
My most recent Radar number is 27865953, so I guess people have been wanting this for a long time.
So when we want something underlined (for example), the
ueentries in our terminal’s termcap record are what we need to send to the terminal to start and end underlining that section of text.
less, it seems, provides this handy way to override those entries using environment variables. We can make
ueand any other termcap string do whatever we want!
\e[essentially tells the terminal to start listening for a command that will change its behavior.
mis actually the command here; all the inputs to the command come before it. The
mcommand tells the terminal to change how it renders subsequent text until further notice.
Apple just sent me an e-mail about its Reporter tool:
Reporter is a Java-based, command-line tool you can use to download your Sales and Trends and Payments and Financial reports. Autoingestion is an older tool that works like Reporter. But newer and expanded functionality will only be available in Reporter, so we recommend using this tool from now on.
Alex, I’ll take Bad Ideas for $1000:
“Requires a cleartext Apple ID password in a file.”
The thing that’s most frustrating about all of this is that we really want a RESTful API for this info. Would be easier to harden, too.
Update (2016-08-18): fedoco:
This script mimics the official iTunes Connect Reporter by Apple which is used to automatically retrieve Sales- and Financial Reports for your App Store sales. It is written in pure Python and doesn’t need a Java runtime installation. Opposed to Apple’s tool, it can fetch iTunes Connect login credentials from the macOS Keychain in order to tighten security a bit. Also, it goes the extra mile and unzips the downloaded reports.
You know what? I’m done. 20 lines of code so far and we don’t even have a class that does anything; the hard part of this problem was supposed to be the quaternion solver, not “make a data structure which can be printed and compared”. I’m all in on piles of undocumented garbage tuples, lists, and dictionaries it is; defining proper data structures well is way too hard in Python.
So here’s where my favorite mandatory Python library comes in.
[…]import attr @attr.s class Point3D(object): x = attr.ib() y = attr.ib() z = attr.ib()
This is also a big pain in Objective-C. Swift structs are better, although you do need to make them
I had to return an order, and after going through the usual steps, I was presented with three options for sending the package back. Two of them, UPS pickup and UPS dropoff, were the options I was familiar with. The new one was Amazon Locker. These are the sort of lockers you’d see at a bus terminal—or, more likely, the sort of lockers you’d see in a bus terminal in a black-and-white movie—but they’re owned by Amazon and set up in places to make it easy for customers to pick up and return orders (and for Amazon to avoid paying UPS).
Truth to tell, the UPS Store is closer to my office than this Amazon Locker, but I always have to talk to a person at the UPS Store (ew) and there’s usually a line. An interaction with a touchscreen and cold sheet metal seems much more Amazon-like.
I was not able to find any lockers in my state.
Apple hasn’t often made appearances at the Black Hat hacker conference, but this year Cupertino is Thinking Different™ about security. Head of Apple security, Ivan Krstic, today said the company would pay huge (up to $200K) bug bounties to invited researchers who find and report vulnerabilities in certain Apple software.
In the past, Apple has cited high bids from governments and black markets as one reason not to get into the bounty business. The reasoning went: If you’re going to be outbid by another buyer, why bother bidding at all? While $200,000 is certainly a sizable reward — one of the highest offered in corporate bug bounty programs — it won’t beat the payouts researchers can earn from law enforcement or the black market. The FBI reportedly paid nearly $1 million for the exploit it used to break into an iPhone used by Syed Farook, one of the individuals involved in the San Bernardino shooting last December.
A bug bounty program is unlikely to tempt any hackers who are only interested in getting a massive payout. For those who only care about cash, Mogull said Apple could probably never pay enough. But for those who care about making an impact, getting a check from Apple could make all the difference. “This is about incentivizing the good work,” Mogull explained.
Both the bounty program and the mere fact that Krstic was speaking at Black Hat are signs of Apple’s thawing relationship with the security industry.
Matthew Green (Hacker News):
Each SEP [Secure Enclave Processor] has reference access to a unique private key (UID)
UID generated by SEP itself immediately after fabrication, using its own free-running oscillator TRNG
Available for cryptographic operations via commands exposed by the Secure ROM
No access to UID key material from SEP or other mutable software after fuses blown
Production devices can be “demoted” to enable some debugging features like JTAG and loading development software on the AP (but not the SEP)
Requires full OS erase and device explicitly authorized by the personalization server
Forces a different UID on the SEP, no access to existing user data after demotion
A few years ago Apple quietly introduced a new service called iCloud Keychain. This service is designed to allow you to back up your passwords and secret keys to the cloud. Now, if backing up your sensitive passwords gives you the willies, you aren’t crazy. Since these probably include things like bank and email passwords, you really want these to be kept extremely secure.
So Apple finds itself in a situation where they can’t trust the user to pick a strong password. They can’t trust their own infrastructure. And they can’t trust themselves. That’s a problem. Fundamentally, computer security requires some degree of trust -- someone has to be reliable somewhere.
Apple’s solution is clever: they decided to make something more trustworthy than themselves. To create a new trust anchor, Apple purchased a bunch of fancy devices called Hardware Security Modules, or HSMs. These are sophisticated, tamper-resistant specialized computers that store and operate with cryptographic keys, while preventing even malicious users from extracting them. The high-end HSMs Apple uses also allow the owner to include custom programming.
Note that on HSMs like the one Apple is using, the code signing keys live on a special set of admin smartcards. To remove these keys as a concern, once Apple is done programming the HSM, they run these cards through a process that they call a “physical one-way hash function”. […] So, with the code signing keys destroyed, updating the HSM to allow nefarious actions should not be possible. Pretty much the only action Apple can take is to wipe the HSM, which would destroy the HSM’s RSA secret keys and thus all of the encrypted records it’s responsible for. […] The downside for Apple, of course, is that there had better not be a bug in any of their programming. Because right now there’s nothing they can do to fix it -- except to wipe all of their HSMs and start over.
Update (2016-08-17): Here’s the video of Krstić’s talk.
AVFoundation, the low-level audio/video framework in iOS and macOS, does not accurately seek within VBR MP3s, making VBR impractical to use for long files such as podcasts. Jumping to a timestamp in an hour-long VBR podcast can result in an error of over a minute, without the listener even knowing because the displayed timecode shows the expected time.
Three simple solutions to accurate VBR stream-seeking have existed for almost twenty years to embed seek-offset tables at the start of VBR MP3s for precise seeking[…] But AVFoundation supports none of them.
Update (2016-08-21): See also: Accidental Tech Podcast.
Microsoft has demonstrated why the FBI’s desire for “Golden Key” backdoors allowing “good guys” to bypass security is such a bad idea: it inadvertently released its own keys to Windows tablets, phones, HoloLens and other devices using UEFI Secure Boot.
Secure Boot works at the firmware level, and is designed only to allow an operating system signed with a key certified by Microsoft to load. It can be disabled on many desktops, but on most other Windows devices, it’s hard-coded in. The golden key policy seems to have been designed for internal debugging purposes, to allow OS signature checks to be disabled, apparently so programmers can test new builds. In practice, it could well open up Microsoft’s tablets and phones to serious attacks.
Microsoft has now responded to the Secure Boot blooper.
The company said: “The jailbreak technique described in the researchers’ report on August 10 does not apply to desktop or enterprise PC systems. It requires physical access and administrator rights to ARM and RT devices and does not compromise encryption protections.”
Unfortunately older versions of the boot loader will happily load a supplementary policy as if it were a full policy, ignoring the fact that it doesn’t include a device ID. The loaded policy replaces the built-in policy, so in the absence of a base policy a supplementary policy as simple as “Enable this feature” will effectively remove all other restrictions.
Unfortunately for Microsoft, such a supplementary policy leaked. Installing it as a base policy on pre-Anniversary Edition boot loaders will then allow you to disable all integrity verification, including in the boot loader. Which means you can ask the boot loader to chain to any other executable, in turn allowing you to boot a compromised copy of any operating system you want (not just Windows).
I can still remember a time when the ability to install any software on your very own computer wasn’t considered to be a “bug” or a “vulnerability”.
Previously: FBI Asks Apple for Secure Golden Key.
Unfortunately, however, I recently discovered that all of our 1Password applications (iOS and Mac) have stopped syncing their data with 1Password’s servers. And to make matters worse, the apps don’t provide any feedback to the user that synchronization has failed! It was only after removing a Families account from one of the devices, and trying to add it back did I finally see a “No response from server” error.
Right now, because so few users are affected by this, 1Password’s response is just: “Sorry, you can’t use our service if you’re going to use a VPN.”
If you’re going to put your software API in front of CloudFlare, as 1Password has done, then you must also engineer a model and user experience that accounts for false positives.
Adding a CAPTCHA like is certainly an option and we may take that route. We need to keep in mind that we’d need to do this on all the client apps as well, so it’s not a trivial change. Hopefully we can get there.
When one German customer emailed Apple’s SVP of software engineering Craig Federighi to suggest that Night Shift had more blue light than Flux, he received a reply explaining that there was good reason for this[…]
Given the display technology we push it as far as we can without introducing major red ghosting artifacts when scrolling / animating. (Unfortunately, the red phosphors in the LCD hold their color longer and when we shift the display too far into the red then scrolling results in irritating ghosting artifacts).
Update (2016-08-16): etendue:
Federighi’s response is nonsensical: LCDs don’t use phosphors in the color filter plane.
Delta canceled about 530 flights on Tuesday in addition to about 1,000 canceled a day earlier after a power outage in Atlanta brought down the company’s computers, grinding the airline’s operation virtually to a halt.
“Because they have to worry so much about safety and security, they are constrained in ways that other businesses aren’t,” he says. “Delta can’t just host its systems on Joe Blow’s cloud server somewhere else in the way that another business might be able to do.”
Kaplan says if Delta and other airlines distribute their computing to many different locations, it will make them more vulnerable to, say, hackers or terrorists. In other words, given a choice between more backup systems and more security, airlines are picking security.
First, AWS, Azure and GCE are not just “Joe Blow’s cloud server”, they are multi-billion dollar companies, and they all can provide hosting environments compliant with a multitude of security programs including SOC 1, 2, 3, PCI DSS, HIPAA, etc.
If a hospital can store patient records on AWS, why can’t Delta store my flight records there? If the government is worried that a public cloud leaves them open to terrorist attacks, then they can sponsor them to run on Gov Cloud for better isolation.
I am confused: they talk about terrorists & critically etc. And they have only 1 site holding their entire system with no backup? A couple of fibers to cut and those baddies cripple your airline?
There’s more information available now. Apparently part of their system switched to backups, but not all of it. A Delta rep says “We are actually fully operational, it’s just that we’re not able to use that newer interface.” Unclear what that means.
I like keeping a comprehensive an accurate addressbook that includes all past email addresses for my contacts, including those which are no longer valid. I do this because I want to be able to see conversations stretching back over the years as originating from that person.
Unfortunately this causes problems when sending mail sometimes. On macOS, at least as of El Capitan, neither the Mail application nor the Contacts application have any mechanism for indicating preference-order of email addresses that I’ve been able to find. Compounding this annoyance, when completing a recipient’s address based on their name, it displays all email addresses for a contact without showing their label, which means even if I label one “preferred” or “USE THIS ONE NOW”, or “zzz don’t use this hasn’t worked since 2005”, I can’t tell when I’m sending a message.
This has long been an issue for me. My workaround has been to put the old e-mail addresses in the note field, so that Mail doesn’t see them as addresses, but his “most recent outgoing address” hack sounds promising.
Xcode 8ß5: “Interface Builder is much less likely to modify documents on open, prior to any user events or manually saving.”
Of the files we tested, < 5% were still modified on open. Please file bugs for specific cases that still occur.
Finally. (And it seems to work with my files.)
Xcode supports the concept of embedding frameworks into your bundle. This is essentially the same thing as the old “Copy Files” build phase where you can copy a dependency into your app bundle under a particular directly, such as “Frameworks”.
However, there is an extremely important distinction between the “Copy Files” build phase and the “Embed Frameworks” option.
If you are providing frameworks to people that you expect to be able to develop with and not just use at runtime, please be sure to distribute the non-embedded framework version! Otherwise, well, all of your consumers will face the above issues.
Last fall, the Organization for Economic Co-operation and Development published its first-ever, and one of the largest-ever, international analyses of student access to computers and how that relates to student learning. (The OECD administers the PISA test, the world-famous international academic ranking.)
For this report, the researchers asked millions of high school students in dozens of countries about their access to computers both in the classroom and at home, and compared their answers to scores on the 2012 PISA. Here’s the money quote:
“Students who use computers very frequently at school do a lot worse in most learning outcomes, even after controlling for social background and student demographics.”
Under Cook’s leadership, Apple has come to seem quite fallible to many people. Its recent products have seemed far less than perfect, at least compared to the collective memory of its astonishing iPod–iPhone–iPad run from 2001 to 2010. There are the public embarrassments, like its 2012 introduction of Maps, or those 2014 videos of reviewers bending, and breaking, an iPhone 6 Plus. Apple Pay hasn’t become the standard for a cashless society, and the Apple Watch “is not the watch we expect from Apple,” according to John Gruber, editor of Daring Fireball, the preeminent Apple-centric website. Then there are the design flaws: Apple Music has been saddled with too many features, as if it were something designed by, God forbid, Microsoft; the lens on the back of the iPhone 6 extrudes; the new Apple TV has an illogical interface and confusing remote control.
Perhaps, say the worriers, Apple is doing too many things at once, cranking out multiple editions of the watch, endless varieties of watchbands, iPhones, and iPads in numerous sizes, proprietary earbuds alongside headphones from Beats. Credible reports that the company is spending billions of dollars in R&D to explore the possibility of designing a car only heighten the fear that Apple is spread too thin. Steve Jobs had been the company’s editor, proud of saying no to features, products, business ideas, and new hires far more often than he said yes. Apple’s seemingly diffuse product line reinforces the argument that Cook is not as rigorous.
Eddy Cue on Apple Maps:
The advantage of us coming to this later in the game is that, yeah, we have to do some of that, but in order to stay updated we’re trying to use the iPhone itself, and the data it’s giving us. Let me give you a good example: a golf course. How do we know when a new golf course opens up? We’re not exactly driving around looking for golf courses. But we know it’s there, because there are all these golf apps that get used at a golf course. If we see that all these golf apps are being used at a particular location, and we don’t show that as a golf course, we probably have a problem. You can discover that pretty quickly.
This is a cute example, but is that really how Apple updates Maps? It doesn’t seem like this technique really scales.
And look, we made some significant changes to all of our development processes because of it. For example, the reason you as a customer are going to be able to test iOS is because of Maps. We were never able to take it out to a large number of users to get that feedback. So, to all of us living in Cupertino, Maps seemed pretty darn good. Right? The problems weren’t obvious to us. Now we do a lot more betas.
I lived on a major thoroughfare < 5mi from Apple Campus when Maps was released - it misplaced my address by ~3mi.
The “It worked for us near campus. How could we know it was crap elsewhere?” narrative is useful for recounting in interviews but it’s false
And Apple Maps still sucks. It doesn’t have the newer streets in Mission Bay that have been there for over a year. I keep reporting…
A world where people do not care about the quality of their experience is not a good world for Apple. A world where people care about those details and want to complain about them is the world where our values shine. That is our obsession.
He’s saying the right things, but I’m not seeing this consistently come through in the products. Apple seems too unfocused, spread too thin, still in denial of how buggy their software has become. The iOS 9.3.4 update still hasn’t fixed the Camera audio bug, and it made my iPhone stop charging, at a very inconvenient time, so that I thought its Lightning port was damaged. Preview, long a reliable app, now regularly has drawing glitches and hangs. One of my apps hasn’t been up-to-date in the Mac App Store since May, and it is currently removed from sale, because of multiple backend store bugs. True or not, the perception is that the reality TV show and the car are distracting the company from working on the aging Mac lineup. Schiller’s triumphant “Can’t innovate anymore, my ass” line has become a punchline. The removal of the iPhone’s headphone jack seems like a parody of an Apple design decision. I want a new MacBook Pro, but at this point I’m more worried about the new keyboard and that Apple might do something more to make it less Pro, like remove Thunderbolt or the SD slot, than I am excited about what new features it might offer.
What I think is interesting is how much Federighi and Cue play up the benefits of data collection elements, I’ve never seen them emphasise it like this before. Usually, it’s very quaint with endless assurances about privacy and anonymity. In this interview, though, they admit that the data they do collate is enough to accurately pinpoint new sports venues.
Towards the end of the interview, Cue and Federighi mentioned the largely similar work relationship seen with both Tim Cook and former CEO Steve Jobs. Although the approach each took in tackling the job has been “completely different,” Cue said there’s one common factor he’s had with both: “I never wanted to disappoint Steve. I never want to disappoint Tim.”
Eddy Cue’s “We want to be there from when you wake up till when you decide to go to sleep” sounds disturbingly like the Microsoft of the 90s.
Update (2016-08-13): McCloud:
Regarding Todd Ditchendorf’s tweets: I once tried to use Apple Maps to go from One Infinite Loop to a UPS store, took me to Marriott.
Update (2016-08-15): Nick Heer:
It doesn’t really matter whether there’s a real decline in Apple’s software quality, or if it’s mostly an exaggeration bolstered by a larger user base and increased media coverage. What is concerning is the sentiment I perceive in Cue’s explanation — that a bug affecting 1% of users is comparable in 2016 to one affecting 1% of users in, say, 2006 or 1996. But, as he says, there’s an enormous chasm in the actual number of users affected, and that’s what’s particularly concerning. If Apple is pushing out, to be generous, one-quarter of the number of these bugs as they were ten years ago, that means that they’re still affecting orders of magnitude more users.
My perception is that it’s not just the larger user base. I personally encounter a lot more Apple bugs than I used to.
On the surface (pun unintended), Apple proffers the iPad Pro as a computer. We don’t begrudge Apple its right to ‘performance bragging’: Witness Apple’s rightfully proud statements about its powerful homegrown Ax line of processors and the impending A10 64-bit processors that easily outperform Seymour Cray’s supercomputers. But simply promoting the iPad to ‘computer’ avoids the real issue: Is the iPad Pro a PC replacement? Can we toss out our laptops and move wholly to our iPads?
The problem with the iPad is both hardware and software related. Anything work related you can do on an iPad can, in most cases be done faster on a Mac. No question.
This is still one of the fundamental problems with having the iPad attached to a keyboard — when you need to interact with the screen, you have to raise your arm out in front of you to interact with apps, it’s cumbersome and gets tiring very quickly.
iPads are great to use while you’re lounging on the couch. However, they are not so great to use for extended periods of time at a desk.
Remember when @tim_cook talked about android tablet apps being blown up phone apps?
The new Apple Store app on iPad is just the iPhone version blown up to fit the screen. Come on…
The most significant addition to the new MacBook Pro is a secondary display above the keyboard that replaces the standard function key row. Instead of physical keys, a strip-like screen will present functions on an as-needed basis that fit the current task or application. The smaller display will use Organic Light-Emitting Diodes, a thinner, lighter and sharper screen technology, KGI Securities analyst Ming-Chi Kuo said earlier this year.
Apple’s goal with the dedicated function display is to simplify keyboard shortcuts traditionally used by experienced users. The panel will theoretically display media playback controls when iTunes is open, while it could display editing commands like cut and paste during word processing tasks, the people said. The display also allows Apple to add new buttons via software updates rather than through more expensive, slower hardware refreshes.
I think a multipurpose, adaptable function strip would be infinitely more useful than a strip of function keys. Here’s what I mean: look at your keyboard from an oblique angle and notice all the places where the original plastic texture remains, and where it has been worn down. If your keyboard is anything like mine, it’s probably mostly shiny, but the strip of function keys at the top likely looks pretty similar to the day you bought it. Those keys have valuable purposes, of course, but they’re nowhere near as oft-used as the rest of the keyboard. Why fix them in plastic?
The possibilities are intriguing, but I use Esc all the time in Terminal, as well as function keys programmed for other tasks, and this change is likely to make using those keys less convenient and comfortable. Instead of removing keys, I would rather Apple add more and restore the arrow keys to full size. For a Pro notebook, I want more storage and more screen space, not a yet thinner computer that compromises everything else.
I’m surprised nobody has mentioned the loss of the ESC key. I use Vim and touch that key all day long. Replacing that with a touch button sounds like a terrible idea for usability. Clearly nobody in charge at Apple is also a vi user.
There is also the unaddressed issue of how terrible OLED displays are for anything persistent (they burn in), consume power when idle and offer no tactile feedback.
John Gordon reminds that older documents don’t open in Microsoft Word 2008 and later. Microsoft recommends using Microsoft Word 2004 or TextEdit. If you still have the ability to run Office 2004, it’s probably a good idea to migrate any remaining .doc and .xls files to .docx and .xlsx soon. Microsoft supports file formats for longer than Apple, but not forever.
Yup there’s the Office Migration Manager but it’s Windows only.
There was a program called MacLinkPlus that did pretty good conversions of all formats from the 80’s and 90’s. Unfortunately its PPC. I’m pretty sure I have a copy on my old G5. (Which hasn’t been booted in years)
Reportedly LibreOffice can do the conversion as well.