Friday, May 29, 2015

Network Request Templating

Soroush Khanlou:

This way, all the logic tied to a particular endpoint is located in one class, and any class using it gets fully baked objects in their completion block.


One of the big benefits to separating request building and response handling into their own objects is that users can inject whatever request builder they want. If their data comes back in MessagePack format, you can bring your own response handler when needed. The NSURLSession could also easily be injected.

Bugshot Relaunches as Pinpoint

Federico Viticci:

Pinpoint builds on the design and feature set of Bugshot and it adds new editing tools and initial iOS 8 integration. The app launches to a grid of recent screenshots from your device; tap one to start annotating it, choosing from four tools at the top. Pinpoint can add arrows, rectangular selections, blur sensitive information, and also add text on top of screenshots. Every tool is easy to use and requires minimal interaction: even when you want to add text, you just need to tap the image, type your note, and tap the screen again to dismiss the keyboard. This simplicity could never be found in Skitch, which makes Pinpoint the fastest way to have a decent set of annotations for iOS screenshots.

Using Siri to Work Around iMessage Crash

Apple (via Dave Marra):

Apple is aware of an iMessage issue caused by a specific series of unicode characters and we will make a fix available in a software update. Until the update is available, you can use these steps to re-open the Messages app.

Thursday, May 28, 2015

TextExpander 5 and Notification Center Privacy

TextExpander 5 looks like a good upgrade to what has belatedly become an essential app for me. I like the new preview pane, and the JavaScript support looks interesting. JavaScript doesn’t particularly interest me on the Mac because TextExpander has long supported AppleScript; the news here is that JavaScript snippets also work on iOS.

The coolest feature is that TextExpander can now suggest snippets based on “phrases you habitually type”:

TextExpander can suggest new snippets based on what you type. After you have typed the same group of characters, letters or words enough times, it will suggest you create a snippet. All the snippet suggestions are collected in a Suggested Snippets group where they remain without abbreviations. You may choose to ignore them, add an abbreviation to complete them, or delete them.

There are obvious privacy concerns here. TextExpander has always observed what you type, but it has not actually saved it to disk. Back in the day, I lauded SpellCatcher’s Ghostwriter key logging feature because it helped me to restore lost text. These days, file corruption and crashes are less common, and privacy is more of an issue, so I doubt that I would use such a feature. TextExpander has a careful design that doesn’t depend on logging your typing to disk, or even storing it in RAM:

TextExpander observes your keystrokes, as well as the contents of the pasteboard, or, what you copy then paste using ⌘V. TextExpander will track how many times you repeat the same group of characters and create a new suggestion after a certain amount of repetition. However, it does not save the tracking of what you type so the tracking is lost with each TextExpander restart. Therefore, frequent restarting of TextExpander won't result in many suggestions. None of what you type is saved by TextExpander except for the snippets listed in the Suggested snippets group “Tracking” does not mean TextExpander keeps a list of the actual characters you type. Instead, it keeps an encoded record (called a “hash”) of that group of characters that cannot be deciphered, similar to the way a password is securely stored so that no one reading it knows what it is. You might type “yourpetsname” but what TextExpander sees and records is “1739405847385.”

That minor tradeoff for more privacy seems like a good one.

There is a slight catch, though. When TextExpander makes a suggestion, it posts it to Notification Center. The system stores a database of notifications, so any repeated phrases that TextExpander notices will end up persisted to disk. This happens even if you’ve chosen not to display the notifications in Notification Center. As far as I know, there is no way for applications to opt out of this persistence.

(Along similar lines, the system has another database that tracks the files you’ve downloaded.)

Until my curiosity was piqued by TextExpander, I had not been aware of this or seen anyone talk about it. Now I’m wondering whether it should be a concern for other apps, too. For example, EagleFiler posts notifications to let you know when an import has completed. If you’re importing into an encrypted library, you might not want a cleartext record of the names of the files that you’ve imported. Should TextExpander use its own private notification system instead of Notification Center? Should EagleFiler not post notifications for encrypted libraries? I’m not sure what the answers are. There are many benefits to using Notification Center, but it isn’t as configurable as I would like.

Update (2015-05-28): Another cool feature is that TextExpander can tell me (via Notification Center) when I already have an abbreviation set up but have forgotten to use it.

Kindle Typography Improvements

John Brownlee:

But today, Amazon is making a big step towards better typography on the Kindle. Not only are they unveiling Bookerly, the first typeface designed for the Kindle for scratch, but they’re finally solving the Kindle’s typesetting problems with an all-new layout engine that introduces better text justification, kerning, drop caps, image positioning, and more.

In appearance, it looks something like if Baskerville, a 225-year-old typeface that has been shown to shape our perception of truth, and Caecilia made a baby. Both of these parent fonts were previously available on the Kindle, but they had issues. On low-res devices, Baskerville’s thin, elegant lines looked crude, where as Caecilia, a slab serif, was just a bizarre choice for Amazon’s previous default font: although it’s highly readable, it’s a type of font best used for headlines, not body text, because slab serifs often look and feel bolded, even when they’re not.

Marco Arment:

It’s great that Amazon’s putting some effort into Kindle typography for the first time in far too long. But this is a small improvement, not a big one.


The new font and hyphenation are also only available on iOS so far. They’re not coming to Kindles until “later this summer”.

Bookerly looks nice to me, and I haven’t had problems with the justification.

Update (2015-05-28): Kirk McElhearn:

The difference is subtle, but if you pull back and look at them, you can see that the page with Bookerly is a bit lighter, which takes away that bulky feel you get when reading with Cecelia. This will be more noticeable on Kindle eink devices, where Cecelia is a bit weightier.

Applications Constantly Asking Permission to Accept Incoming Connections

Since, I think, installing Yosemite, I’ve been plagued by dialogs asking me whether to allow an application to accept incoming connections. It happens when I launch Messages, run unit tests in Xcode the first time after launch, and certain times when I run xcodebuild.

In the Security & Privacy ‣ Firewall pane of System Preferences, I have the firewall on, but all of these executables are set to Allow incoming connections. Their code signatures check out, so the system should remember what I’ve allowed and not keep prompting. This used to work.

In doing some searching, it seems that for some people this is an old problem, and for others it also started with Yosemite. I have yet to find a solution.

Similar problems with repeated prompts about privacy can be fixed with:

tccutil reset Accessibility


tccutil reset AddressBook

But I do not know of an equivalent for the firewall settings.

Wednesday, May 27, 2015

FogBugz 8.13.104

The Project Groups feature looks great.

There are some fixes to the URL Trigger feature. URL Trigger had some longstanding bugs: it wouldn’t always let you change from GET to POST, and even if your trigger was set to use POST it would still send the request via GET. This was problematic because the parameters would end up in your Web server log. And, even worse, if the parameters had too much data for the query string, the trigger would run into an error, and your server would never get the ping. Now, there should be no length limit because URL Trigger actually uses POST—although, confusingly, the way you tell it which parameters to send is by writing a query string. There is still a bug where every time you edit the URL trigger you have to click the “POST” checkbox again.

The new design is fine in most ways, but unfortunately the main body text color has changed from black to gray, which makes it lower contrast and harder to read. It is not so easy to see this in the example screenshots because the only body text is the two occurrences of “Hodor!”. However, in actual use, there are paragraphs of gray text occupying the bulk of the page.

There’s also a minor bug in that FogBugz’s sort indicator triangles are now upside down. That is, if your list is sorted A-Z the triangle will be shown with the point at the bottom.

There’s a new bug where resolving or closing a case will often bring up a modal alert that says:

Are you sure you want to leave this page?

Your case hasn’t been submitted yet, are you sure you want to leave?

It is not fun to see that many times throughout the day. Since this is hosted software, there’s no way to revert to an earlier version until the bug is fixed. The bug seems to only affect Safari, but I don’t like using other browsers. Turning off the Performance Upgrade also helps but has its own downsides.

Mac OS X 10.10.4 Replaces discoveryd With mDNSResponder

Benjamin Mayo:

discoveryd would cause random crashes, duplicate names on the network and many other WiFi-relate bugs. In the latest beta, Apple appears to have applied the same fix as the enthusiasts by axing discoveryd completely.

Looking at Activity Monitor on OS X 10.10.4 seed 4, discoveryd is no longer loaded by the system — instead relying on mDNSResponder. The ‘new’ process is really the one Apple used to use pre-Yosemite and did not have these problems.

John Gruber:

The saga of discoveryd is baffling to me. I would love to hear the backstory on how it shipped. And I still haven’t heard a plausible theory on what Apple was hoping to accomplish with it in the first place. What was the point of it?

Nick Heer:

There are two weeks until WWDC, where Apple will probably introduce OS X 10.11. While that won’t be released to the public until, most likely, autumn, 10.10.4 isn’t publicly available yet either. That means that developers, at least, have been using and complaining about discoveryd for about a year, and it’s still busted for consumers.

Furthermore, I haven’t heard a compelling reason for discoveryd’s existence. It must be “better”, in some way, because I can’t think of another reason why Apple would task their engineers with rewriting the networking stack. I always assumed it was to unify iOS and OS X and to enable Continuity features, but those seem to work just fine under mDNSresponder.

Lloyd Chambers:

I’ve had my own inexplicable and disturbing network failures which require disabling networking, then re-enabling it—even as the same local LAN has no issue at all on a 2nd machine. Maybe it’s discoveryd, maybe not but I’m hoping. And then there is the Pathological Network Performance in Apple OS X issue, but I don’t expect Apple to fix that one.

Hopefully, this will eventually fix the problem where I have to reboot my Apple TV before using it or it won’t have network access.

Previously: discoveryd Is Still Buggy, Why DNS in OS X 10.10 Is Broken.

Tuesday, May 26, 2015

Predictable Date Formatting

Daniel Jalkut:

That “HH” is supposed to reflect the hour as a zero-padded number between 00 and 23. And it does, or at least it has, ever since I started using this formatting string in MarsEdit eight years ago.

Starting very recently, I think with 10.10.3, NSDateFormatter may return a string formatted for the user’s 12-hour clock preference, and with a troubling “am” or “pm” component embedded within.

I don’t think I saw this problem because my date formatters like this were configured to use the “en_US” locale. However, Jalkut points out that even better is to use “en_US_POSIX”.

Update (2015-05-28): Ali Rantakari:

My @fauxpasapp can help find/detect cases like this and suggests `en_US_POSIX`.

10 Days With the Apple Watch

Kirk McElhearn:

There’s one other small feature I had expected to use on the Apple Watch, and that’s the ability to control music playback from either an iPhone, or from the watch itself. I have Bluetooth headphones that I use when walking, and the idea of not needing to take out my iPhone to control music – when I want to skip tracks, or find something else to listen to – seemed like a nice feature.

In theory. In practice, it’s not very usable, and I quickly found myself taking my phone out anyway. The controls are well-designed to skip tracks, to play and pause, and to change the volume (you can use the digital crown for the latter). But the lag is annoying, and the amount of information you see on the display is limited.

On Performance Reviews

Landon Dyer (via John Gordon):

I quit Microsoft over two years ago, and it took a whole year to get some perspective (I wrote a lot of this soon after quitting, and I’m quite happy I never published it; many of the paragraphs simply did a crescendo into incoherent ASCII screams of frustration and anger). I think that many of Microsoft’s technical failures in the last decade can be root caused in a review system that rewarded bad behavior, put the wrong people in positions of power, mis-identified the people that Microsoft should have kicked out, and caused the wrong people to get sick of things and leave. Maybe the new review system does the job; I keep hearing good things.

Many Levels of Rejection

Frank A. Krueger:

Submitting apps to the App Store is filled with many wonderful opportunities to be rejected. Let’s count them!

Monday, May 25, 2015

Camera and Photos on iOS

Daniel Eggert:

On the iPhone, we can only adjust the ISO and the shutter speed. We can hence trade noise (affected by the ISO) against motion blur/sharpness while maintaining the same level of exposure.

That explains why photos at night often look worse than those taken during the day: At night there’s a lot less light. In order to still have an acceptable shutter speed, the auto exposure will bump up the ISO, probably to the maximum of what the camera allows. And even that may not be enough to achieve enough light, so the auto exposure will also lower the shutter speed. This combination results in more noise in the image, and the image being blurred.

Matteo Caldari:

The AVCaptureSessionPresetPhoto selects the best configuration for the capture of a photo, i.e. it enables the maximum ISO and exposure duration ranges; the phase detection autofocus; and a full resolution, JPEG-compressed still image output.

However, if you need more control, the AVCaptureDeviceFormat class describes the parameters applicable to the device, such as still image resolution, video preview resolution, the type of autofocus system, ISO, and exposure duration limits. Every device supports a set of formats, listed in the AVCaptureDevice.formats property, and the proper format can be set as the activeFormat of the AVCaptureDevice (note that you cannot modify a format).


New in iOS 8 is the option to move the lens to a position from 0.0, focusing near objects, to 1.0, focusing far objects (although that doesn’t mean “infinity”).


An interesting feature also introduced in iOS 8 is “bracketed capture,” which means taking several photos in succession with different exposure settings. This can be useful when taking a picture in mixed light, for example, by configuring three different exposures with biases at −1, 0, +1, and then merging them with an HDR algorithm.

Saniul Ahmed:

PHAsset’s representsBurst property is true for assets that are representative of a burst photo sequence (multiple photos taken while the user holds down the shutter). It will also have a burstIdentifier value which can then be used to fetch the rest of the assets in that burst sequence via fetchAssetsWithBurstIdentifier(...).

The user can flag assets within a burst sequence; additionally, the system uses various heuristics to mark potential user picks automatically. This metadata is accessible via PHAsset’s burstSelectionTypes property. This property is a bitmask with three defined constants: .UserPick for assets marked manually by the user, .AutoPick for potential user picks, and .None for unmarked assets.


First, you need to register a change observer (conforming to the PHPhotoLibraryChangeObserver protocol) with the shared PHPhotoLibrary object using the registerChangeObserver(...) method. The change observer’s photoLibraryDidChange(...) method will be called whenever another app or the user makes a change in the photo library that affects any assets or collections that you fetched prior to the change. The method has a single parameter of type PHChange, which you can use to find out if the changes are related to any of the fetched objects that you are interested in.

Sam Davies:

A user can chain incompatible photo edits together — if the adjustment data is not understood by the current extension, the pre-rendered image will be used as input. For example, you can crop an image using the system crop tool before using your custom Photo Editing extension. Once you have saved the edited image, the associated adjustment data will only contain details of the most recent edit. You could store adjustment data from the previous, incompatible edit in your output adjustment data, allowing you to implement a revert function for just your phase of the filter chain. The revert function provided by the Photos app will remove all the edits, returning the photo to its original state.

30 Years of Pac-Man

Chris Kohler (via Dave Dribin):

By creating a cute cast of characters and a design sensibility that appealed to wider audiences than the shoot-em-up Space Invaders, Iwatani broadened the appeal and marketability of games, creating what some call the first “casual game.”


“After that, I became a producer. Namco was a small company, and because the organization expanded, I was promoted to section chief. Someone had to coordinate the younger developers that we’d hired.

“So although I was still capable and wanted to keep developing games, I was told to serve as the supervisor — the manager of the baseball team, instead of a player.”

Corinne Segal (via Dave Dribin):

Today marks 35 years since Pac-Man debuted at a movie theater in the Shibuya area of Tokyo. Since then, the game has become one of the most popular of all time, producing more than eight other versions, a television series and more than 400 products. A few facts to think about the next time you’re playing Pac-Man at your local laundromat or on Google Maps.


Iwatani described his company’s reaction to the game in an interview with VH1 Games in 2007, saying: “I’m not sure if I should mention this or not. Well, um, the truth of the matter is, there were no rewards per se for the success of Pac-Man. I was just an employee. There was no change in my salary, no bonus, no official citation of any kind.”

Sunday, May 24, 2015

Unicode 9.0 Candidate Emoji

Mark Davis (via Dave Addey):

These emoji have been accepted as candidates for Unicode 9.0 for a variety of reasons. They may be needed for compatibility with emoji characters in existing systems. For example, the FACE WITH COWBOY HAT was accepted for compatibility with the emoji used in Yahoo Messenger. Some are chosen based on expected high frequency of use or because they are highly popular requests from online communities. Others fill gaps in the existing set of Unicode emoji, as by completing a gender pair.

On Apple Watch Ergonomics

Craig Hockenberry:

Apple never adds settings without a good reason. The inclusion of a preference for the crown position is a pretty clear indication that someone important knew that this was an ergonomically superior choice. But it’s also one that goes against horologic convention: Apple’s desire for this device to be visually appealing won out over ergonomics. I’ll be the first to admit that the “reverse crown” looks weird. Luckily, Apple has given us a choice between what works best and what looks best. It’s been several weeks since I made the change and have never once considered changing back to the default setting. I encourage you to give it a try, too.

Indeed, it does look funny with the crown in that position. But is that only because it goes against the convention? Where did the convention come from?

Looping Auto-stop for GPS Apps and Devices

Matt Henderson:

Whether it’s my Garmin Forerunner device, or the Strava app on my iPhone, this problem happens so often that it got me wondering about possible solutions. Since the great majority of my routes—whether running, hiking or biking—start and stop at the same location, this particular problem could be solved if GPS device and app makers added a simple “looping auto-stop” setting that automatically stopped the timer whenever I returned to my starting point.

That would be great. I have forgotten to stop the GPS recorder many, many times.

Revisions for Dropbox

Revisions (App Store) (via Brett Terpstra):

The Mac OS X app that displays all your Dropbox edits, shows exactly what changes were made, and provides unlimited undo going back 30 days (or more).

One of the signature features of Revisions is that you can obtain a copy of an entire directory (including any subdirectories) at the state it was in at a user-specified point in time. To do this, first select the folder you are interested in using the folder selector at the top. Then, you will need to wait for Revisions to finish indexing that folder. Finally, move the pointer over the small space between any pair of adjacent edit groups, and click on one of the folder action buttons that appears, to download or restore a folder to that particular point in time.

This is cool, since there’s no automated way to do this using the regular Dropbox interface.

When Revisions first connects to your Dropbox account, it needs to create a list of all file edits. This is accomplished by asking for revision metadata for each and every one of your Dropbox files. The main factor that determines the indexing time is thus the number of files in your Dropbox. If your Dropbox contains many tens of thousands of files (or more) indexing can take several hours even with an excellent internet connection.

My Dropbox has about 2,000 items, and this step only took a minute or two. The Core Data SQLite index is 22.5 MB.

The Responsibility We Have As Software Engineers

Ben Adida (via Ole Begemann and Eryn Wells):

We, software engineers, have superpowers most people don’t remotely understand. The trust society places in us is growing so rapidly that the only thing that looks even remotely similar is the trust placed in doctors. Except, most people have a pretty good idea of the trust they’re placing in their doctor, while they have almost no idea that every time they install an app, enter some personal data, or share a private thought in a private electronic conversation, they’re trusting a set of software engineers who have very little in the form of ethical guidelines.

Update (2015-05-24): Comments on Hacker News.

Saturday, May 23, 2015

Whose Phone Is This?

Daniel Jalkut:

The problem to my mind is not that Siri shares my name and contact information, but that it goes a step further, showing not only my main telephone number, but my physical address, all my telephone numbers, email addresses, as well as my AIM, Twitter, and Facebook accounts. It also happily provides my birthdate, the names of my wife, mom, dad, brother, heck, the names of any person I have assigned a relationship to.


Of course, you don’t have to share all this information with whatever stranger manages to pick up your phone. Simply disable Siri access from the lock screen, and nobody will be able to access your private information using it. Of course, this means no airline employee who finds your phone tucked between the seats will be able to easily return your phone to you, either.

There’s no great solution here because of the classic privacy vs. convenience trade-off. Another option would be to disable Siri on the lock screen and use the Health app’s “Medical ID” card, which is accessible by swiping right at the lock screen and then tapping Emergency.

The Logjam Attack

How Diffie-Hellman Fails in Practice:

We have uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed:

  1. Logjam attack against the TLS protocol. The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability, and attacks a Diffie-Hellman key exchange rather than an RSA key exchange. The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable.
  2. Threats from state-level adversaries. Millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve—the most efficient algorithm for breaking a Diffie-Hellman connection—is dependent only on this prime. After this first step, an attacker can quickly break individual connections.

The site says that my Safari 8.0.6 is vulnerable.

Their Imperfect Forward Secrecy paper (PDF):

Our calculations suggest that it is plausibly within NSA’s resources to have performed number field sieve precomputations for at least a small number of 1024-bit Diffie-Hellman groups. This would allow them to break any key exchanges made with those groups in close to real time. If true, this would answer one of the major cryptographic questions raised by the Edward Snowden leaks: How is NSA defeating the encryption for widely used VPN protocols?

Scott Aaronson:

The further fact is that in NFS, you can arrange things so that almost all the discrete-logging effort depends only on the prime number p, and not at all on the specific numbers g and h for which you’re trying to take the discrete log. After this initial “precomputation” step, you then have a massive database that you can use to speed up the “descent” step: the step of solving of ga=h (mod p), for any (g,h) pair that you want.

It’s a little like the complexity class P/poly, where a single, hard-to-compute “advice string” unlocks exponentially many inputs once you have it. (Or a bit more precisely, one could say that NFS reveals that exponentiation modulo a prime number is sort of a trapdoor one-way function, except that the trapdoor information is subexponential-size, and given the trapdoor, inverting the function is still subexponential-time, but a milder subexponential than before.)

The kicker is that, in practice, a large percentage of all clients and servers that use Diffie-Hellman key exchange use the same few prime numbers p. This means that, if you wanted to decrypt a large fraction of all the traffic encrypted with Diffie-Hellman, you wouldn’t need to do NFS over and over: you could just do it for a few p’s and cache the results. This fact can singlehandedly change the outlook for breaking Diffie-Hellman.

Matthew Green:

This work is the result of an unusual collaboration between a fantastic group of co-authors spread all around the world, including institutions such as the University of Michigan, INRIA Paris-Rocquencourt, INRIA Paris-Nancy, Microsoft Research, Johns Hopkins and the University Of Pennsylvania. It’s rare to see this level of collaboration between groups with so many different areas of expertise, and I hope to see a lot more like it. (Disclosure: I am one of the authors, but others did all the good bits.)


However, there is a second class of servers that are capable of supporting 512-bit Diffie-Hellman when clients request it, using a special mode called the ‘export DHE’ ciphersuite. Disgustingly, these servers amount to about 8% of the Alexa top million sites (and a whopping 29% of SMTP/STARTLS mail servers).


Here it is in a nutshell: if the server supports DHE-EXPORT, the attacker can ‘edit’ the negotiation messages sent from the a client -- even if the client doesn’t support export DHE -- replacing the client’s list of supported ciphers with only export DHE. The server will in turn send back a signed 512-bit export-grade Diffie-Hellman tuple, which the client will blindly accept -- because it doesn’t realize that the server is negotiating the export version of the ciphersuite. From its perspective this message looks just like ‘standard’ Diffie-Hellman with really crappy parameters.

Bruce Schneier:

One of the problems with patching the vulnerability is that it breaks things:

On the plus side, the vulnerability has largely been patched thanks to consultation with tech companies like Google, and updates are available now or coming soon for Chrome, Firefox and other browsers. The bad news is that the fix rendered many sites unreachable, including the main website at the University of Michigan, which is home to many of the researchers that found the security hole.

This is a common problem with version downgrade attacks; patching them makes you incompatible with anyone who hasn't patched. And it's the vulnerability the media is focusing on.

iOS 9 and Mac OS X 10.11 Rumors

Mark Gurman:

According to sources within Apple’s software development departments, Apple engineers have been pushing executives for a Snow Leopard-style stability focus in 2015, following numerous bugs that clouded the launches of both iOS and OS X. Apple directors reportedly opposed a complete pause on new features, but agreed to focus on quality assurance by holding back some features that were initially planned for the latest operating system launches. One source explained, “I wouldn’t say there’s nothing new for consumers, but the feature lists are more stripped down than the initial plans called for.”


Marquee features aside, Apple has been working on significant enhancements to the security fundamentals of both operating systems, ranging from a major new initiative called “Rootless,” re-architected Apple apps with iCloud Drive file encryption, and a new feature called “Trusted Wi-Fi.”

Landon Fuller is worried about Rootless, as one more step towards locking down the system and restricting what apps can do. I would like to see more details on this.

Moving Notes from an IMAP to iCloud Drive back end makes sense. I’m not sure why Gurman says that Reminders and Calendar are also currently using IMAP (rather than CardDAV and CalDAV).

In what will come as a surprise to many people, our sources note that even A5-based Apple devices, including the original iPad mini and discontinued iPhone 4S, will be able to run iOS 9. In order to avoid the sluggishness and bugginess that was most notably seen in iOS 7 for the iPhone 4, Apple has restructured its software engineering process to better support older hardware.

This certainly sounds good.

Swift is planned to reach what is known as “Application Binary Interface (ABI) stability,” and its code libraries will therefore be pre-installed within the new iOS and Mac operating systems. This means that Swift applications updated for iOS 9 and OS X 10.11 will require less space and consume less data when downloaded over a cellular connection.

However, apps would still need to ship the Swift libraries for compatibility with Mavericks and Yosemite.

GitUp 0.7

GitUp (via iOS Dev Weekly):

Work quickly, safely, and without headaches. The Git interface you’ve been missing all your life has finally arrived.

It’s from Pierre-Olivier Latour, of Quartz Composer, Everpix, and Automatic fame. GitUp has a very different interface, focused on the map. For someone like me with a simple repository structure, this does not see like a helpful approach, but I could see it being useful for others. GitUp seems to make manipulating the commit graph easy. Seeing the code that changed in a particular commit, which other Git clients make easy, takes an extra step.

The most interesting feature to me is that it can optionally build an index (SQLite FTS) at .git/co.gitup.mac/cache.db to make searching the repository by diff content very fast. (My main Git client, Tower, doesn’t even have a slow way of doing this.)

GitUp is currently free, but you need to create an account to enable most of the features. It seems to be in a rough state right now: the commit view’s notion of what’s changed in my working directory is out of sync with what other Git clients show [Update (2015-05-26): This is not a bug in GitUp; see the comments.], and trying to commit a file just gave me a “launch path not accessible” error. But I think this is definitely an app to watch.

Optical Adjustment

Luke Jones (via iOS Dev Weekly):

In my early days as a designer, I relied on Photoshop or CSS to tell me whether something was right or wrong. If Photoshop indicated that two shapes were aligned, then they were aligned. If two different shapes were the same size, then that was the case. If two colours had the same hex values, then they looked the same colour.

This approach seemed logical, but it was an incorrect way of working.


Understanding these subtle differences and knowing how to adjust them is what makes a good designer even better — few will notice if it has been considered, but many will notice if it hasn’t.

How Not to Crash #3: NSNotification

Brent Simmons:

I have one simple, hard-and-fast rule: NSNotifications are posted on the main thread only. No exceptions. If some code is running in another thread and it needs to post a notification, it does so on the main thread.


Your notification handlers should be written so that they can deal with getting called twice. And it should be impossible for a given object to register twice for the same notification. Both.

Friday, May 22, 2015

LaunchBar Action Editor and AppleScript List Syntax

LaunchBar 6.4 introduces a new action editor:

  • Easily create new actions from scratch or duplicate existing actions for customization.
  • Configure action properties, runtime behavior, and more. Values are pre-filled where possible.
  • Configure and modify action scripts with various scripting languages.
    • Script templates provided for AppleScript, JavaScript, Python, Ruby, Shell script and Swift.
    • Easily add or remove Suggestions Scripts and Action URL scripts.
    • Configure script properties.
    • Open scripts in default editor for editing.
  • Manage action resources
    • Add, rename or delete resources.
    • Set image as action icon.
  • Manage localization
    • Add or remove localizations.
    • Manage localizable strings.

There is actually quite extensive support and documentation for custom actions now, with more emphasis on sharing actions (and therefore code signing to make that secure). It’s also instructive to look at the built-in actions to see how they work.

I learned, for example, that at some point AppleScript added support for using square brackets for list literals. I do not see this documented anywhere, so I’m not sure how far back scripts with this syntax will work. But it’s nice when you have a mix of lists and records to be able to write:

[{k1:"v1", k2:[1, 2, 3]}, {k1:"v2", k2:[4, 5, 6]}]

instead of using curly brackets for everything:

{{k1:"v1", k2:{1, 2, 3}}, {k1:"v2", k2:{4, 5, 6}}}

Note that you cannot use square brackets and colons for record literals. Except in Swift, where you have to use square brackets for everything.


Arkadiusz Holko’s ReflectableEnum (via Mac Dev Weekly):

A macro and a set of functions introducing reflection for enumerations in Objective-C.


  • get a string value for an enumeration's member (which is a common problem)
  • get all values used in an enumeration (also a prevalent issue)
  • get a minimum value in an enumeration
  • get a maximum value in an enumeration

You replace NS_ENUM with REFLECTABLE_ENUM, which parses the text of the definition and generates a family of helper functions.

See also: JREnum, which seems to be more flexible about the values it supports, but uses typedef enum instead of NS_ENUM.

Update (2015-05-26): Arkadiusz Holko now has a blog post about ReflectableEnum.

Thursday, May 21, 2015

Safari URL-spoofing Bug

Lucian Constantin:

The issue was discovered by security researcher David Leo, who published a proof-of-concept exploit for it. Leo’s demonstration consists of a Web page hosted on his domain that, when opened in Safari, causes the browser to display in the address bar.

The ability to control the URL shown by the browser can, for example, be used to easily convince users that they are on a bank’s website when they are actually on a phishing page designed to steal their financial information.


That’s because the attack code is designed to redirect the browser to the spoofed URL, but before the content is loaded, the code reloads the current page.

Hard Drive Icons Through the Ages

Eli Schiff:

Nevertheless, ever since the original OS X hard drive icons were designed, this category of icons has been a touchstone for icon design practitioners. Whether designing a custom application icon, a commercial disk image or making a custom icon to distinguish one's personal drives, hard drive icons have been a prime area for designers to display their skill in both technical execution and creativity.

This post is hardly exhaustive. I have selected only a fraction of the incredible icons that community members have designed over the years.

First-Class “Statements”

Justin Le (via Andy Matuschak):

One thing I’ve really always appreciated about Haskell is that all “statements” in Haskell (or at least, what would be statements in other languages) are first-class members of the language. That is, (imperative) statements are literally just normal objects (no different from numbers, or lists, or booleans) — they can be saved to variables, passed to functions, transformed using normal functions, copied, etc. Haskell doesn’t have statements — everything is an expression, representing normal data! This really opens up a whole world of possibilities for not only reasoning about your code, but also for new ways to frame ideas in contexts of parallelism, concurrency, exceptions, DSLs, and more.


In many other languages, sequencing actions is a special part of the syntax — a semicolon, usually. In Haskell, sequencing is not special — it’s just a normal function on normal data structures.

You can even make your own “first class” control flow!

Which Features Overcomplicate Swift?

Rob Rix (tweet):

It’s even harder to separate out the opportunity cost—how many of the language’s other complexities and inconsistencies would have been reconciled if they hadn’t had to focus on interoperability with a fundamentally unsafe language and runtime with which they share an address space?

While this overwhelms the language’s design, it’s hardly the only example of complexity.


Crucially, the vast majority of this is incidental complexity, not essential complexity. Swift is a crescendo of special cases stopping just short of the general; the result is complexity in the semantics, complexity in the behaviour (i.e. bugs), and complexity in use (i.e. workarounds).

Update (2015-05-23): Marcel Weiher (Hacker News, Reddit):

Or the whole idea of having every arithmetic operation be a potential crash point, despite the fact that proper numeric towers have been around for many decades and decently optimized (certainly no slower than unoptimized Swift).

And yet, Rob for example writes that the main culprit for Swift’s complexity is Objective-C, which I find somewhat mind-boggling. After all, the requirement for Objective-C interoperability couldn’t exactly have come as a last minute surprise foisted on an existing language. Folks: if we’re designing a replacement language for Apple’s Cocoa frameworks, Objective-C compatibility needs to be designed in from the beginning and not added in as an afterthought. And if you don’t design your language to be at odds with the frameworks you will be supporting, you will discover that you can get a much cleaner design.


The situation is even more bizarre when it comes to performance. For example, here’s a talk titled How Swift is Swift. The opening paragraph declares that “Swift is designed to be fast, very fast”, yet a few paragraphs (or slides) down, we learn that debug builds are often 100 times slower than optimized builds (which themselves don’t really rival C).


I like Swift because constantly challenges my skills as engineer, I have to find workarounds to apply all the concepts I know about functional programming, but... this is the current feeling, I don’t know if in a long run this would persist, I can’t image to fight against the language like I have to do sometimes, would make me still happy in 2-3 years, maybe some day I would get tired.

Wednesday, May 20, 2015

Mistake One

Marco Arment (tweet):

I hate typing on it, I hate the trackpad, it’s slower than I expected, the screen is noticeably blurry from non-native scaling to get reasonable screen space, and I don’t even find it very comfortable to use in my lap because it’s too small.


The 11-inch MacBook Air shows that the MacBook’s compromises have nothing to do with going Retina — the One has roughly the same GPU, less horsepower, less space, less weight, and a smaller battery, yet still drives a Retina screen perfectly well. Apple could have made a Retina MacBook Air instead of (or in addition to) this new MacBook, but chose not to.


This concerns me more than you probably think it should. Not only does it represent compromised standards in areas I believe are important, but it suggests that they don’t have many better ideas to advance the products beyond making them thinner, and they’re willing to sacrifice anything to keep that going.

He hates the new trackpad so much that he just bought a discontinued MacBook Pro with the old one. I think everyone else I’ve read has liked it, though. I remain happy with my new Air.

San Francisco as the Mac System Font

Mark Gurman (via Mike Rundle):

Apple is currently planning to use the new system font developed for the Apple Watch to refresh the looks of iPads, iPhones, and Macs running iOS 9 “Monarch” and OS X 10.11 “Gala,” according to sources with knowledge of the preparations. Current plans call for the Apple-designed San Francisco font to replace Helvetica Neue, which came to iOS 7 in 2013 and OS X Yosemite just last year, beginning with a June debut at WWDC.


Ever since switching to particularly thin weights of Helvetica Neue in iOS 7, Apple has been chastised for using a font that emphasizes clean lines over readability, and San Francisco is intended to solve this. According to the sources familiar with the decision to move to the San Francisco type face on iOS and OS X, Apple higher-ups also believe that the new look will serve to refresh its familiar operating systems, helping iOS and OS X to avoid becoming stale. However, some Apple engineers have told us that they are not fans of the new font, which may look particularly rough on non-Retina screens.

John Gruber:

Note too, that Apple is also using San Francisco for the keycaps on the new MacBook keyboard — Apple seems to moving toward using it for the “user interface” both in software and hardware.

Marco Arment:

If Mark Gurman is right, and he has a pretty good track record, I’m looking forward to seeing this. I don’t dislike Helvetica Neue, but it feels bland and overused, and it wasn’t designed for screen legibility.

The concern I have is that Helvetica Neue is bad on non-Retina displays, and it seems like San Francisco would be even worse there.

Update (2015-05-20): Nick Heer:

When it was released with WatchKit, I tried San Francisco as my OS X system font and found it even harder to read than Helvetica Neue. I suspect this is because the version I used was optimized for the Watch; I have hope that the version used on OS X will be optimized for that system, including for non-Retina displays. I’m very excited to see how this works.

Joe Cieplinski:

Helvetica Neue looks pretty crappy with its custom kerning in OS X, especially on non-Retina screens. (Which a majority of Mac users use and will use for years to come.) I don’t know how San Francisco will look on a non-Retina screen, but it would very likely be no worse.

New iPhone Lightning Dock

At first Apple had no Lightening dock. The next year it finally had two. Unlike with the 30-pin iPhones, I needed two hands to remove the iPhone 5s from the Lightning dock. And the dock itself stopped working after a short time. Since it never was that great, I decided not to replace it. I’ve since found that, if I’m going to use two hands anyway, I might as well keep the iPhone flat on my desk, underneath my MacBook Pro (which is on an iCurve). That gives me back some desk space.

John Gruber:

Truly curious about the timing on this — why not unveil it back when the iPhones 6 came out last year? I like using docks for my phone, and for years I used Apple’s. Ever since I switched to the iPhone 6 last year, though, I’ve used two third-party docks, both of which I like very much.


One thing both the HiRise and Spool Dock have in common with the new dock from Apple: they’re designed to work with iPhones of any width and thickness — past, current, or future.

Eric Slivka:

There are definitely some downsides, however, with the most obvious being stability. With the Lightning connector being the sole means of support for the iPhone, the device does tend to rock side to side if bumped.


For those who aren’t terribly concerned about the potential for accidental damage, the dock works well. It’s easy to mount the iPhone on the dock, and removal is also simple and possible to do one-handed by pressing down on the base with the side of your hand as you lift the iPhone off the dock.

That doesn’t sound as good as the old Dock Connector docks, which trivially worked one-handed.

The dock is officially compatible with all iPhone and iPod touch models with Lightning connectors, but yes, it will work with iPads as well. It might not be a great idea, however, as the much larger iPads are considerably less stable on the dock and the potential for damage to the Lightning connector or port is significantly higher with the possibility of greater torque on that single point of contact.

Update (2015-05-26): Iljitsch van Beijnum:

So the iPhone is only supported through its lightning port. As a result, it wobbles a bit side-to-side when touched. Fortunately, that doesn’t seem to affect the electronic connection between the phone and the dock. The iPhone sits fairly stable in the front/back direction. Still, I’m glad I get to use the dock with an iPhone 6 that’s still under warranty. The great thing about this design, apart from being both future- and past-proof (a rarity in Cupertino!), is that it lets the iPhone dock while it’s in Apple’s silicone case. There’s actually room for slightly bigger cases.

Tuesday, May 19, 2015

NSFileCoordinator Improvement in iOS 8.2

Tom Harrington (tweet):

However last week the tech note was updated, and the above section now reads:

When you create a shared container for use by an app extension and its containing app in iOS 8.0 or later, you are obliged to write to that container in a coordinated manner to avoid data corruption. However, you must not use file coordination APIs directly for this in iOS 8.1.x and earlier. [emphasis mine]

That’s great! In iOS 8.2 or higher, the obvious approach should now be safe.

Previously: iOS IPC via NSFileCoordinator and NSFilePresenter.

Firing Well

Jean-Louis Gassée:

Of course, there is a second type of review, or, more accurately, there isn’t one. If the individual’s performance fails to meet requirements, the message should be succinct and clear: We need to part company. There’s no need to drag the victim through a painful and pointless Performance Improvement Process. (I will briefly address the in-between pass/fail configuration below.)

The termination of a work relationship can be just as clean and respectful as a positive review… and Firing Well starts with a sane and honest hiring process.

Apple Watch User-Experience Appraisal

Raluca Budiu:

That’s why perhaps the most striking feature of the Apple watch is how much it seems to have embraced teeny-tiny targets. To unlock the screen you have to type your pin on a minuscule numerical pad. And the application screen uses a plethora of tiny circles (representing apps) organized in a focus-plus-context visualization — the center of the screen is the focus and has the largest circles, and as you get further out, the icons get smaller. Launching an app is an adventure — not only because the icons (in-focus ones included) are too small even for the tiniest pinkies, but also because deciphering them requires good eyes, or at least diligence and the will to scroll around and bring them in focus.


The deck of cards (a full-page relative of the carousel) is a presentation model that goes back at least 20 years. Cards provide sequential instead of direct access and usually should be reserved for content that has a clearly sequential nature (e.g., books) or for lists with just a few elements. Yet, on the watch, the deck of cards is preferable to the the alternative list interface, which often requires going back and forth between a list view and an item-detail view (a form of pogo sticking), and thus involves multistep navigation. Plus, with the deck of cards, users can easily trigger the contextual menu (to save the story for later reading on the phone, for example) for each item right away, whereas in the list view users must navigate to the detail to invoke the contextual menu corresponding to that item.


The average interaction with an app on the phone is about 70 seconds and about half the duration of a web session on a computer. On the watch, we can expect the average session size to be substantially shorter. Think of the information that people care for and that they can access easily in just a few seconds. That’s what you should offer on the watch.

Thanks, Ted Landau

Ted Landau:

The first time I was paid for writing about the Mac was in 1985 when A+ magazine published a reader’s tip I submitted. It detailed how to use ResEdit to modify the Welcome to Macintosh message. For 300 words, I got paid $50. It was far from a momentous event. At the time, I didn’t expect it to lead anywhere. My day job was still as a professor of psychology. But, as it turned out, the reader’s tip was the spark that ignited a flame.


The result has been three decades of doing things I thoroughly enjoyed and getting paid for doing them. Who could ask for more?

Which brings me to today. I’ve decided to call it quits and hang up my virtual pen. What I expect to be the last article I get paid to write was posted to Macworld last December.

Previously: MacFixIt Is Gone.

Monday, May 18, 2015

Hacking Airplanes

Kim Zetter (via Bill Bumgarner):

Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.


He obtained physical access to the networks through the Seat Electronic Box, or SEB. These are installed two to a row, on each side of the aisle under passenger seats, on certain planes. After removing the cover to the SEB by “wiggling and Squeezing the box,” Roberts told agents he attached a Cat6 ethernet cable, with a modified connector, to the box and to his laptop and then used default IDs and passwords to gain access to the inflight entertainment system. Once on that network, he was able to gain access to other systems on the planes.

Bruce Schneier (via Bill Bumgarner):

The problem the GAO identifies is one computer security experts have talked about for years. Newer planes such as the Boeing 787 Dreamliner and the Airbus A350 and A380 have a single network that is used both by pilots to fly the plane and passengers for their Wi-Fi connections. The risk is that a hacker sitting in the back of the plane, or even one on the ground, could use the Wi-Fi connection to hack into the avionics and then remotely fly the plane. […] Previous planes had separate networks, which is much more secure.


What this all means is that we have to start thinking about the security of the Internet of Things--whether the issue in question is today’s airplanes or tomorrow’s smart clothing. We can’t repeat the mistakes of the early days of the PC and then the Internet, where we initially ignored security and then spent years playing catch-up. We have to build security into everything that is going to be connected to the Internet.

Intermittent But Frequent Pauses May Be From iCloud Syncing

Topher Kessler (via Pierre Igot):

When using your Mac running OS X Yosemite, you may find that at certain times during the day your Mac will begin to pause, showing the spinning color wheel repeatedly and quite frequently. When this happens, it interrupts all ability to type and interact with other applications, leaving you with the only options of waiting or attempting to restart your system to clear the problem.


While there is no mention of it in the system console, the problem at hand does coincide with Apple’s handling of its documents in iCloud. This is apparent through the use of the tool “fseventer” which monitors what files on your hard drive are being accessed. Through this tool you can see the massive repeated creation and deletion of a temporary file called “etilqs_NUMBER” that correlates to the pauses, along with a large level of activity for CloudKit and other iCloud resources. The etilqs file is created by the “nsurlstoraged” background process, which is responsible for managing web storage.