Friday, October 24, 2014

Repurposing the Titanic

Justin Williams:

Building products with a bootstrapped mentality is completely different than a startup mentality. When bootstrapped, every decision you make affects the bottom line, and that is a bottom line you care about from day one. Trying to convert a platform that wasn’t designed with that in mind proved to be too great of a challenge for me as the sole proprietor of Glassboard. Rather than focusing on improving the core Glassboard product, I spent most of my time trying to cut costs where possible to curb our losses.

Alias Files and Bookmark Files

Daniel Jalkut:

The long and short of it is Apple has moved away from “alias files” in recent years, and now favors a format they call “bookmarks.” To users, the files behave the same way, and Apple continues to call them “aliases” e.g. in the Finder when it offers to make an alias to a file. However, the older system service for “resolving an alias file” does not work on bookmarks.

[…]

The problem was compounded at some point, maybe as recently as OS X Yosemite, when Apple started aggressively converting old alias files into bookmarks. So even if you had an old, functional alias to a folder in your script tree, it may have recently stopped working in FastScripts because Apple converted it … helpfully … to a bookmark.

The Race to Archive TwitPic

Pierre Chauvin (via Nick Heer):

Right now, a collective of Internet archivists and programmers is trying to do the impossible: save more than 800 million pictures uploaded to the Twitter photo-sharing service Twitpic before they disappear down the memory hole after the company’s scheduled shutdown on October 25.

Apple Maps Connect

Greg Sterling (comments):

This afternoon, Apple notified us of a new self-service portal to add or edit local business listings: Apple Maps Connect. It’s intended for small business owners or their authorized representatives (though not agencies) to be able to quickly and easily add content directly into Apple Maps.

The service is free and the listings (or corrected listings) appear on Apple Maps on the PC and in mobile. All users sign in with their Apple IDs and passwords.

I thought we’d see something like this about two years ago, but it’s good that it finally exists.

iTunes 12 MiniPlayer

Chris Johnson (via John Siracusa):

At first, I had no idea how you were supposed to invoke the Mini Player in Yosemite. The first thing I tried was green zoom icon, but that just made iTunes take up the full screen. After clicking on various things in the title bar area, I eventually tried and succeeded with the album artwork. I had mistakenly assumed that clicking the album artwork would give me a larger view of the album artwork.

In the Mini Player, I was similarly confused. Clicking the album artwork made the artwork bigger. Clicking the little double arrow icon was no help, it also makes the album artwork bigger. I’m not sure why Apple decided we needed two ways to see the larger album artwork. The × icon did the trick, but I was afraid to try it, thinking it would quit iTunes.

Thursday, October 23, 2014

Peak Google

Ben Thompson:

IBM didn’t capitalize on PCs because their skills lay on the hardware side, not software. Microsoft didn’t capitalize on mobile because they emphasized compatibility, not the user experience. And now Google is dominant when it comes to the algorithm, but lacks the human touch needed for social or viral content. And so, when all of that brand advertising finally begins to move from TV to the Internet – and that migration is a lot closer than it was even a year ago – I suspect that Google is not going to capture nearly as much of it as many observers might expect.

[…]

This is the primary basis of my thesis that Google may very well be in a similar situation to early-eighties IBM or early-oughts Microsoft: a hugely profitable company bestride the tech industry that at the moment seems infallible, but that history will show to have peaked in dominance and relevancy.

I don’t know enough about advertising to really have an opinion on this, but it’s an interesting thesis.

Yosemite and Default URL Handlers

Luc Vandal:

Unfortunately, Apple is now blocking sandboxed apps to change the default handler for a particular URL scheme. This is why Screens is not able to set Screen Sharing as the handler.

[…]

We’re always sad to remove functionalities from our apps but sandboxing gets more restrictive every OS X release.

Playgrounds for Objective-C

Krzysztof Zabłocki introduces KZPlayground.

Yosemite Wi-Fi Enhancements

Glenn Fleishman:

Taken together, this information can help you sort out network difficulties. If you always see 20 MHz in the Channel line, but the PHY (physical protocol mode) is 802.11ac, you have other networks in the vicinity on the same or adjacent channels that are forcing the base station and client to negotiate a slower rate; moving the base station or forcing a different channel could help.

If your noise value is very high (like -30 dBm instead of -90 dBm), there’s interference from other devices, Wi-Fi or otherwise, in the same band, and you again may need to move the base station or pick a different channel.

Wednesday, October 22, 2014

BBEdit 11

BBEdit 11 is a great update with lots of good changes. Some of my favorites:

Yosemite Phone Home

The fix macosx folks have a Git repository showing all the data that Yosemite sends to Apple, with different preferences settings:

When the user selects ‘About this Mac’ from the Apple menu, Yosemite phones home and s_vi, a unique analytics identifier, is included in the request. (s_vi is used by Adobe/Omniture’s analytics software).

Speculation is that it is looking up the marketing name of the Mac model. The cookie was first set when visiting Apple’s Web site.

The logs show that a copy of your Safari searches are still sent to Apple, even when selecting DuckDuckGo as your search provider, and ‘Spotlight Suggestions’ are disabled in System Preferences > Spotlight.

This is because Safari has a separate preference (under Search, not Privacy) to turn off Spotlight Suggestions.

When setting up a new Mail.app account for the address admin@fix-macosx.com, which is hosted locally, searching the logs for “fix-macosx.com” shows that Mail quietly sends the domain entered by the user to Apple, too.

My guess is that Apple has a database of mail server configuration information to help make the setup process smoother for users.

I don’t think Apple is doing any nefarious here, but it is a good exercise to make this sort of list. I hope that Apple is doing so internally and that one day they will be more transparent about it the way they are about iOS security. The current privacy policy is a good start.

An open question is the extent to which Tim Cook’s vision is possible:

A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product. But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy.

Cook frames it as Apple not needing your information because it isn’t monetizing it, but there are definitely cases where having more information would help Apple improve the user experience—at the expense of privacy. It is not always possible to maximize both.

16 GB

John Gruber:

There’s no doubt in my mind it’s good short-term business sense to go with a 16/64/128 lineup instead of 32/64/128. But Apple is not a short-term business. They’re a long-term business, built on a relationship of trust with repeat customers. 16 GB iPads work against the foundation of Apple’s brand, which is that they only make good products.

Apple has long used three-tier pricing structures within individual product categories. They often used to label them “Good”, “Better”, and “Best”. Now, with these 16 GB entry-level devices, it’s more like “Are you sure?”, “Better”, and “Best”. Fine, keep the 16 GB models around for expert business and education buyers who know that they really don’t need more storage space. But don’t put devices on the tables in Apple retail stores that you wouldn’t recommend as a good product and good value to typical customers.

Lebeaupin on Swift

Pierre Lebeaupin:

Nested block comments do not work. They cannot be made to work (for those who care, I filed this as rdar://problem/18138958/, visible on Open Radar; it was closed with status “Behaves correctly”). That is why the inside of an #if 0 / #endif pair in C must still be composed of valid preprocessing tokens.

[…]

Little did I know that not only Swift method calls are not more dynamic than Objective-C method calls, but in fact don’t use objc_msgSend() at all by default! Look, objc_msgSend() (and friends) is the whole point of the Objective-C runtime. Period. Everything else is bookkeeping in support of objc_msgSend(). […] Apple is trying to convince us of the Objective-C-minus-the-C-part lineage of Swift, but the truth is that Swift has very little to do with that, and much more to do, semantically, with C++. This would never have happened had Avie Tevanian still been alive working at Apple.

[…]

I find it very odd that there is no description or documentation of threading in Swift. And yes, I know you can spawn threads using the Objective-C APIs and then try and run Swift code inside that thread; that’s not the point. The point is: as soon as I share any object between two threads running Swift code, what happens?

[…]

I don’t like: the lacks of a narrative, or at least of a progression, in the book. Where is the rationale for some of the less obvious features? Where is the equivalent of Object-Oriented Programming with Objective-C (formerly the first half of “Object-Oriented Programming and the Objective-C Programming Language”)? This matters, we can’t just expect to give developers a bunch of tools and expect them to figure out which tool is for which purpose, or at least not in a consistent way. Providing a rationale for the features is part of a programming language as well.

[…]

Swift seems to go counter to all historical programming language trends: it is statically typed when most of the language work seems to trend towards more loosely typed semantics and even duck typing, it compiles down to machine code and has a design optimized for that purpose when most new languages these days run in virtual machines, it goes for total safety when most new languages have abandoned it. I wonder if Swift won’t end up in the wrong side of history eventually.

[…]

Swift, with its type safety, safe semantics and the possibility to tie variables as part of control flow constructs (if let, etc.), promises to capture programmer intent better than any language that I know of, which ought to ease maintenance and merge operations; this should also help observability, at least in principle (I haven’t investigated Swift’s support for DTrace), and might eventually lead to an old dream of mine: formally defined semantics for the language, which would allow writing proofs (that the compiler could verify) that for instance the code I just wrote could not possibly crash.

CloudKit

John Siracusa:

CloudKit isn’t just the network data storage API that developers have always wanted from Apple; apparently it’s also the API that Apple has always wanted for itself. Both iCloud Drive and Apple’s new iCloud photo library service (upon which the upcoming replacement for iPhoto is being built) were written from scratch on top of CloudKit. Looking at it another way, if CloudKit doesn’t work well, third-party developers won’t be the only ones suffering.

Apple’s ability to make sure its servers are always available and that they answer requests in a timely manner is still an open question. As anyone who’s ever gotten an inscrutable error or interminable spinner from an Apple TV while trying to watch a video from the iTunes Store knows, Apple’s use of a network service does not necessarily ensure its reliability or speed.

The most reassuring thing about CloudKit is its design. It looks a lot more like a well-executed client library for a traditional Web service than a Cocoa API that just happens to have a network component. It’s still far from the cross-platform, multi-language ideal presented by Microsoft’s Azure Mobile Services, but Azure can’t hope to compete with the platform integration of CloudKit on OS X and iOS.

Roustem Karimov:

We don’t have to guess when something goes wrong anymore, and we no longer have to tell our users to perform a set of magic steps hoping that some of them would trigger iCloud to work. CloudKit solved the problems we had with the old iCloud.

It’s a great sign that Apple is eating its own dog food and no longer trying to abstract away the network. I think it’s a mistake to only make CloudKit available to App Store apps.

Code Signing Is Flaky and Unreliable

Tom Harrington:

For whatever it’s worth, I’ve been developing iOS apps since early 2008 and I regard the code signing process as conceptually straightforward. In practice though, it’s flaky and unreliable. More than six years in and I still routinely lose a day to trying to get code signing working again.

[…]

Code signing works or doesn’t work for incomprehensible reasons. Getting signing working again does not result in learning any useful skills that can be applied to future attempts.

The bug’s original title was more colorful.

Passenger Privacy in the NYC Taxicab Dataset

Neustar (via Landon Fuller):

In my previous post, Differential Privacy: The Basics, I provided an introduction to differential privacy by exploring its definition and discussing its relevance in the broader context of public data release. In this post, I shall demonstrate how easily privacy can be breached and then counter this by showing how differential privacy can protect against this attack. I will also present a few other examples of differentially private queries.

There has been a lot of online comment recently about a dataset released by the New York City Taxi and Limousine Commission. It contains details about every taxi ride (yellow cabs) in New York in 2013, including the pickup and drop off times, locations, fare and tip amounts, as well as anonymized (hashed) versions of the taxi’s license and medallion numbers. It was obtained via a FOIL (Freedom of Information Law) request earlier this year and has been making waves in the hacker community ever since.

The release of this data in this unalloyed format raises several privacy concerns. The most well-documented of these deals with the hash function used to “anonymize” the license and medallion numbers. A bit of lateral thinking from one civic hacker and the data was completely de-anonymized. This data can now be used to calculate, for example, any driver’s annual income. More disquieting, though, in my opinion, is the privacy risk to passengers. With only a small amount of auxiliary knowledge, using this dataset an attacker could identify where an individual went, how much they paid, weekly habits, etc. I will demonstrate how easy this is to do in the following section.

cjbprime:

Amazing. If you said to someone “Hey, I wanted to know where you went after the cab picked you up last year, so I called up the cab company and asked them where they dropped you off and they told me”, they would be outraged at (your behavior and) the breach of privacy shown by the cab company. But the city released a dataset that allows exactly this query. What were they thinking?

Something else that could be mentioned in the linked article: if someone you were with got in a cab in 2013, and they told you where they were going, and you remember the approximate time and location, you can tell whether it was their true destination regardless of how many other people were being picked up at the time, because you don’t have to find the exact ride they took, you only have to see whether any rides went to the place they told you.

This search is even extremely resistant to the differential privacy suggested by the post’s authors. I’d be much happier simply stating that location data is not de-identifiable, and no-one should use a cab in a city that logs location data if they aren’t happy with an adversary knowing where they went.

Tuesday, October 21, 2014

Yosemite Developer Documentation

Monday, October 20, 2014

The Gentleman Who Made Scholar

Steven Levy:

Some people have never heard of this service, which treats publications from scholarly and professional journals as a separate corpus and makes it easy to find otherwise elusive information. Others have seen it occasionally when a result pops up on their search activity, and may even know enough to use it for a specific task, like digging into medical journals to gather information on a specific ailment. But for a significant and extremely impactful slice of the population: researchers, scientists, academics, lawyers, and students training in those fields — Scholar is a vital part of online existence, a lifeline to critical information, and an indispensable means of getting their work exposed to those who most need it.

The iPad’s Future

Ben Thompson:

This is certainly a big comedown from the sky-high expectations that followed the iPad’s explosive growth in 2010 and especially in 2011, when many conjectured that the iPad business would ultimately be bigger than the iPhone. The question, though, is if the decline in the iPad’s fortunes is simply the natural order of things, Apple cannibalizing itself before others have the chance, or a missed opportunity.

I think that it’s all three.

[…]

The problem is that must-have apps are exactly what the iPad needs to become indispensable. And sadly, while Apple seemed to shrug off much of that 1997 paranoia at this year’s WWDC, they didn’t make any real changes to the App Store policies around trials and upgrades that would truly make a difference. Truth be told, though, this year’s WWDC was likely already too late. By then iPad sales had already started to decline on an annual basis, giving developers even less incentive to focus on the iPad.

Jean-Louis Gassée:

Indeed, after growing faster than anything in tech history, tablets have stalled. For the past three quarters unit sales have plummeted: iPad sales fell by 2.29% in the first (calendar) quarter of 2014 versus the same quarter in 2013, and they fell by 9% in Q2.

[…]

I once thought the mini was the “real” iPad because I could carry it everywhere in a jacket pocket. But about two weeks ago I bought an iPhone 6 Plus, and I haven’t touched my mini since. (As punishment for my sin, I found 52 apps awaiting an update when I finally turned on the mini this morning…) Now I have an “iPad micro” in my (front) jeans pocket…and it makes phone calls.

Update (2014-10-22): John Gruber:

Everything Apple is promoting about the Air 2 is true, both in terms of what you can objectively measure, and in terms of how it feels to use it. It’s thinner, lighter, faster, and has a better display and better camera. And, yes, Touch ID is great, especially if you’ve been using it for the last year on your iPhone.

I don’t think I’m going to buy one, though.

For the last two years, my day-to-day iPad has been a Mini. I like the Mini form factor so much that I switched to the original non-retina model in late 2012 even after having used the retina iPad 3 for six months or so. In terms of visual acuity, that was painful. In terms of hold-ability, though, it was a huge win. Last year I didn’t hesitate to stick with the Mini form factor once it went retina.

Trusting iCloud

Nate Boateng:

Signing out and back into iCloud deleted the last 3 years of vacation shared photo streams I had…

To be clear, signing out and back into iCloud today broke nearly every piece of it. Photo Stream, Family Sharing, iCloud Drive. All of it.

Via Joe Steel:

The truly disturbing thing about what happened to Nate was that he didn’t trust Apple, and had a backup of everything. I don’t trust Apple, and I have a backup of everything. At what point is distrust a sign of a problem, and not just paranoia? Even Dan Moren, doing some Color Commentary™ on Thurday’s Apple Event seemed a little scared of the “Public Beta” moniker on iCloud Photo Library.

Andreas Zeitler (via John Gordon):

On iOS 8, the previous fix still works, but now this “fix” has to be applied for each app individually. One app stops syncing? Reboot the device!

I reboot my device about three times a day now, just to get iCloud syncing back, just for one specific app. If that doesn’t fix it, well, users report that you can delete the app and install it again, then sometimes iCloud does seem to come back. If not, well, try installing the app again. If that doesn’t fix it, you can always restore the device, which usually fixes the problem.

Sunday, October 19, 2014

1pass

1pass is an open-source Python library for reading 1Password’s .agilekeychain file format (via Jonathan Wight).

Spotlight Suggestions and Privacy

fix macosx (via Landon Fuller):

If you’ve upgraded to Mac OS X Yosemite (10.10) and you’re using the default settings, each time you start typing in Spotlight (to open an application or search for a file on your computer), your local search terms and location are sent to Apple and third parties (including Microsoft).

Mac OS X has always respected user privacy by default, and Mac OS X Yosemite should too. Since it doesn’t, you can use the code to the left to disable the parts of Mac OS X which are invasive to your privacy.

I think previous versions of Mac OS X did have Safari send partial searches to Google by default. However, Spotlight searches have not previously left your Mac.

Update (2014-10-19): To be clear, you don’t need this script to improve your privacy. The Spotlight Suggestions and Bing Web Searches boxes are readily uncheckable in System Preferences. Rather:

There’s no single “local search only” toggle, and you have to cross-reference the documentation provided in System Preferences against the list of “Search Results” to figure out which of the options actually sends your queries to Apple.

I wanted something simple, that I knew worked, and I could just tell family to run themselves, so I put this together. It’s a convenient way to apply the settings, a jumping-off point for a more involved effort to resolve some of the other remaining privacy issues on Yosemite, and a handy way to get the privacy message across.

Since Apple hasn’t provided a single switch, it makes sense to have a single script that can be kept up-to-date.

Update (2014-10-19): There is also another checkbox called “Include Spotlight Suggestions” in Safari’s preferences.

Update (2014-10-20): Ashkan Soltani and Craig Timberg:

Apple officials said Monday that the data collection is intended only to improve the quality of searches conducted through Spotlight, a standard feature on both Mac computers and Apple’s mobile devices, such as the iPhone and iPad. The user identification number rotates after 15 minutes to a new identifier, they said, and the location and search query information is not used to create profiles of users or to deliver targeted advertising.

[…]

Testing by The Washington Post found that the locations revealed in Spotlight searches can be strikingly precise, placing a user within a particular building in Washington, D.C., even though the disclosure box on Spotlight refers to collecting “your approximate location.”

Update (2014-10-21): John Gruber:

The only thing Apple could do differently is make this another one of the you-have-to-explicitly-opt-in stages when you first upgrade to Yosemite or create an account on a new Mac.

Update (2014-10-22): Rich Mogull:

To manage your session, Apple uses a one-time session ID that lasts for 15 minutes. Neither the session ID nor the search query use your IP address or any other device identifier. Session IDs also aren’t coordinated or correlated, so there is no way for Apple to track historical usage by chaining session IDs together. In short, your query exists within a 15-minute bubble that isn’t tied to you directly. This is different, for example, than Siri, which uses a more persistent device identifier since it requires more context over time (due in large part to the overhead of voice recognition).

Apple:

Information on the three most recently used apps on the device is included as additional search context. To protect the privacy of users, only apps that are in an Apple-maintained whitelist of popular apps and have been accessed within the last three hours are included.

Search feedback sent to Apple provides Apple with: i) timings between user actions such as key-presses and result selections; ii) Spotlight Suggestions result selected, if any; and iii) type of local result selected (e.g., “Bookmark” or “Contact”). Just as with search context, the search feedback is not tied to any individual person or device.

Apple retains Spotlight Suggestions logs with queries, context, and feedback for up to 18 months. Reduced logs including only query, country, language, date (to the hour), and device-type are retained up to two years. IP addresses are not retained with query logs.

In some cases, Spotlight Suggestions may forward queries for common words and phrases to a qualified partner in order to receive and display the partner’s search results. These queries are not stored by the qualified partner and partners do not receive search feedback. Partners also do not receive user IP addresses. Communication with the partner is encrypted via HTTPS.

New iWork File Formats

The new versions of the iWork apps change the file formats again, but it’s not as drastic a change as last year. Numbers 3.2.2 created a package folder with some metadata and a ZIP archive containing the .iwa files. Numbers 3.5 seems to use the same structure except that the .numbers file itself is the ZIP archive.

I repeated my CSV file import test from last year, and I don’t see any speed or size changes between the two versions of Numbers.

Aperture Import Plug-in for Lightroom

Adobe:

As promised in a blog post here, we are proud to introduce the Aperture and iPhoto import plugin for Lightroom 5. The plugin allows Aperture and iPhoto customers to migrate their images and key metadata (such as keywords, events, project structure) into Lightroom catalogs in a seamless way.

The problem remains that I don’t really want to use Lightroom. Also, it is significant that image adjustments and stacks don’t import.

It’s About the Encryption Keys

Stefan Reitshamer:

There’s a lot of talk on the interwebs about encryption. Encryption is a necessary but not sufficient condition for maintaining control of your data. Controlling access to the encryption key is just as important.

Lots of articles that reference encryption fail to mention this, and that’s confusing for people who are not crypto experts.

The iPad Zombie

Allen Pike (via John Gruber):

Apple still sells the original iPad mini. Today, they announced that not only would they continue to sell it, but cut the price to $249, making it the cheapest iPad ever. If they follow their usual pattern of leaving the iPad line as-is until next fall, the iPad 2’s internals will live on for 4.5 years.

[…]

We already see this pain on the App Store, especially with games. There is no mechanism to specify on the App Store which CPU is required for your app.

Yosemite’s Speakable Scripts

Christopher Breen:

In Yosemite, Speakable Items are gone. Their functionality has been merged with the Dictation architecture of the OS and morphed into a new feature called Dictation Commands. But unlike Speakable Items, Dictation Commands are not separate from the rest of the speech architecture. Turn on Dictation and you automatically gain access to Dictation Commands. At any time—even during a dictation session—you can speak the title of a command to have it recognized and executed.

[…]

When you launch the Automator application in Yosemite, the workflow template chooser offers a new option: Dictation Command. Using this new workflow template you can create a system Dictation Command that automates any process or task that Automator is capable of performing.

Daniel Jalkut:

It seems the scripts are run not as the streamlined items that they are but are instead sort of wrapped in an automator action and run. It’s nice that you don’t have to go out of your way to translate a script into an Automator Workflow, but unfortunately this means that “Speakable Scripts” do put up the little Automator gear icon in the menu bar, and are probably ultimately slowed down at least a bit by being run as a full-on workflow.

I wonder if saving a script as an application would work any better.

Update (2014-10-19): Daniel Jalkut:

Wait a minute, maybe it is running them as native scripts. There’s just a change on OS X Yosemite with how the system runs scripts, such that they always show an Automator-style progress indicator in the menu bar. I find this pretty irksome as a default behavior because for example short-lived scripts don’t need progress to be indicated at all.

Mutable Collections in Swift

Mike R. Manzano:

How do you create an var that holds an immutable Array? As in a var that you can assign different immutable Arrays to?

BJ Homer:

Because Swift arrays and dictionaries can never be shared, there is no distinction between mutating an existing collection and re-assigning a new collection. The behavior of the code is exactly the same. In either case, the owner’s setter method is called whenever the array is modified.

So to answer the original question, there is no syntax to specify a variable that holds an immutable array because there is nothing that such syntax would add. Swift addresses the issues that made NSArray and NSMutableArray necessary in the first place. If you need a shared array, you can still use the Cocoa types. In every other case, Swift’s solution is safer, simpler, and more concise.

On the whole, I think this is probably a good direction. The downsides would seem to be that the performance model is less clear and that it’s more work to write your own data types as struct-class pairs.

One somewhat common pattern in my Objective-C code is a (often recursive) method that takes a mutable array or dictionary as a parameter and builds it up. You can’t do this with var in Swift because that only lets you modify the collection within the method. However, you can use inout to have Swift “return” the last value to the caller.

This is not the same as passing around an NSMutableArray, though. For example, consider what would happen if there were multiple threads involved. Also, inout only lasts for the duration of the method; the collection cannot (as far as I know) be stashed in another object and then mutated (back in the caller) later.

Update (2014-10-19): Christoffer Lernö responds via Twitter.

Friday, October 17, 2014

AVFoundation in Yosemite

Philip Hodgetts:

There is a lot of new audio functions. A lot, as in heaps.

[…]

We’ve had AVAssets and AVCompositions in AVFoundation up until now, which do not support reference movies. It seems a reasonable inference that an AVFragmentedMovie is what we’d have called a QT Reference movie in the past.

Update (2014-10-18): Mike Ash:

I was excited to try AVAudioEngine now that 10.10 is here. But it’s just sadness and silent failures and mysterious crashes. Sigh.

Yosemite Observations

Trying not to repeat the work of the reviewers, here is a running list of my personal observations after using pre-release versions all summer but only updating my main Mac this morning:

Update (2014-10-18):

Update (2014-10-19):

Update (2014-10-20):

Update (2014-10-21):

Update (2014-10-22):

Update (2014-10-23):

Yosemite Reviews

Update (2014-10-19):

Update (2014-10-24):

Wednesday, October 15, 2014

POODLE

Daniel Fox Franke (via Hacker News):

This post is meant to be a “simple as possible, but no simpler” explanation of POODLE. I’ve tried to make it accessible to as many readers as possible and yet still go into full and accurate technical detail and provide complete citations. However, as the title implies, I have a second goal, which is to explain not merely how POODLE works, but the historical mistakes which allow it to work: mistakes that are still with us even though we’ve known better for over a decade.

[…]

The problem stems from browser vendors’ desire to be able to cope with buggy servers and middleboxes which advertise a protocol version that they can’t actually support. To work around such broken behavior, when an SSL handshake fails most browsers (all but Opera[5]) will fall back to an earlier protocol version and retry. This browser behavior, called the “downgrade dance”, makes it trivially vulnerable to downgrade attacks.

[…]

This is the basis of the Vaudenay padding-oracle attack. An attacker who can get the server to reveal whether a ciphertext decrypts to something with valid padding or not, can then guess the contents of any block of plaintext one character at a time, and get confirmation when the guess is correct.

[…]

Vaudenay also originally believed that the fact that TLS treats all padding errors as fatal, shutting the connection and discarding the session key, meant that the full attack wasn’t possible: that the attacker got to take one guess at one byte and nothing more. POODLE, using ideas already foreshadowed by BEAST, shows that in the browser context, this isn’t necessarily so.

[…]

Within the confines of SSL v3.0, POODLE cannot be fixed. However, the downgrade dance which enables it can be.

[…]

Now, though, I am going to step onto my soapbox and say: disabling SSL v3.0 does not go far enough. It is time to aggressively deprecate as many old versions of TLS as possible.

Matthew Green:

The rough summary of POODLE is this: it allows a clever attacker who can (a) control the Internet connection between your browser and the server, and (b) run some code (e.g., script) in your browser to potentially decrypt authentication cookies for sites such as Google, Yahoo and your bank. This is obviously not a good thing, and unfortunately the attack is more practical than you might think. You should probably disable SSLv3 everywhere you can. Sadly, that’s not so easy for the average end user.

Update (2014-10-15): Poodlebleed:

The below form can be used to test if your server is running with SSL 3.0 enabled. Although disabling SSL 3.0 may cause failed connections to your ssl service for small portion of users running older browsers, this action prevents the large portion of modern browsers from being eavesdropped while attempting to access your services in a secure manner.

Update (2014-10-19): Glenn Fleischman:

Poodle may finally put IE6 to death, because IE6 can’t use modern web security protocols. […] Despite the introduction of TLS in 1999 and the fact that the last version of SSL (SSLv3) was released in 1996, web servers generally have continued to support SSLv3 to this day because it’s the latest version that IE6 supports.

Remembering Macworld Expo

Christopher Breen:

In its early and middle years, Macworld Expo was, in some ways, the world’s greatest Mac user group gathering. As the World Wide Web had yet to become the source of the globe’s information, Mac users depended on books; publications such as Macworld, MacUser, and MacWEEK; and, importantly, face-to-face interaction with other enthusiasts for their Apple fix. While users groups served this latter need on a local level, if you wanted to be surrounded by others of your ilk from across the country (and world), you went to Expo.

Adam C. Engst:

With this announcement coming on the heels of Macworld putting its print edition to rest, it has never been more clear that the massive changes engendered by the Internet have reshaped the world we live in. While at the Çingleton conference last weekend, I was reminiscing about my first Boston Macworld Expo in 1989 and the many pounds of paper I collected. Picking up brochures and handouts from every vendor was an essential task back then, since it was the only way to create a reference database of product information. When Tonya and I moved to Seattle in 1991, we brought four file drawers full of paper with us; when we returned to Ithaca in 2001, we didn’t even bring the empty filing cabinets back.

[…]

The other sea change that hurt Macworld Expo is one that I still don’t fully understand. In the early days of the show, money flowed like water. Big companies paid tens of thousands of dollars for spacious booths and flashy parties, and while products cost significantly more back then, the overall market was far smaller. Now, even with Apple posting record profits every quarter and hundreds of millions of people using Apple devices, few Apple developers approach the size of the firms that filled multiple exhibition halls during the biannual Macworld Expos. The parties dried up even earlier, and while I can’t say that a party or even a booth was a worthwhile marketing expense, clearly people thought so back in the day.

I attended the East Coast ones from (I think) 1993 through 1999. Here are some old ATPM reports from Macworld Expo:

Invisible iOS Home Screen Icons

David Smith:

Since getting my iPhone 6 a few weeks ago I’ve been continuously trying to optimize the configuration of my home screen. The larger screen means that I now have an extra row of icons to fit onto the screen, but the physical size of device means that I can’t actually comfortably reach them.

Since you can’t arbitrarily place icons on your home screen this means the situation is actually worse. I now have to fill in the top row of icons with ‘stuff’ just so that I can easily reach my main icons without stretching.

Begemann’s Backblaze Review

Ole Begemann (Twitter comments):

There is this saying that a backup system that requires manual work is not a reliable backup. That’s Backblaze if you have to deal with external drives.

[…]

The Backblaze client has no restore functionality. All restores (be it a single file or your entire archive) start on the website and require you to send your private passphrase to Backblaze’s servers where the data will be decrypted before you can download it. Needless to say, this is not at all ideal from a security perspective.

[…]

This may sound like an obscure limitation that is largely irrelevant in real life, but it means you won’t be able to move data between drives without risking the loss of your backup state for weeks or potentially months (until the initial backup is complete).

Also, it sounds like moving a file causes its backup history to be lost, which is not the case with CrashPlan or Arq.

Tuesday, October 14, 2014

Patterns to Avoid Massive View Controllers

Soroush Khanlou:

Historically, Apple’s SDKs only contain the bare minimum of components, and those APIs push you towards Massive View Controller. By tracking down the responsibilities of your view controllers, separating the abstractions out, and creating true single-responsibility objects, we can begin to reign those gnarly classes in and make them managable again.

iOS App Postmortem

Nat!:

The project started out on iOS 5, which was quickly succeeded by iOS 6. I would have been extremely surprised at the beginning, if someone had told me, that at the time of iOS 8s release our app still wouldn’t be done yet. But here is a recollection of all my faults: why it took way too long.

[…]

I bought AppCode solely to run “Inspect Code…”. The results returned are quite a bit more helpful than what Xcode Analyzer returns.

[…]

I probably wrote a hundred little apps, that tested out some feature, or started coding a subview with it. When the code was complete I moved it into the main app, deleted the original files and then symlinked the files from the main app in the test app. This way, I could go back to the test app to tweak something, when it didn’t work out in the main app. Needless to say being able to focus on just a small piece of code in a controlled environment is much more convenient.

[…]

This unfortunately means, that I am almost invariably are going to hit a brick wall at some point in time. For example, I spent way, way more time dicking around with UIScrollView than I eventually needed to code my own custom UIScrollView. The opacity of the iOS libraries means, that I always have to guess, how it’s really implemented, guess how it could break in the next iOS version and also guess beforehand, if everything is exposed like I will eventually need it.

[…]

Subclassing CoreData classes or overriding CoreData accessors is a path to misery, where I am unfortunately still traveling on. I am not 100% sure, but I would probably have been better off, either just going sqlite-direct or to use a stripped down MulleEOF for Dienstag.

[…]

It was interesting, because “naive code” only suffered a factor 2 ARC penalty, whereas “clever code” suffered a factor 10 ARC penalty. So ARC seems to be a great programmer equalizer in that respect. I didn’t investigate other “patterns”, but I also continued not using ARC. Less magic, less pain.

Hypothetical Objective-C 3.0

Christoffer Lernö:

Many had expected Swift to be more an Objective-C 3.0 than it turned out to be. But what could we have expected such a hypothetical language to look like?

Christoffer Lernö (comments):

This list is actually just a sample to get the ideas flowing, and to illustrate how some of the hurdles with ObjC 2.0 can be overcome by a successor that breaks syntax with the past, but still retains full backward compatibility.

David Owens:

I think the biggest disservice we can do to the Cocoa developer community is remove the underpinnings of the ObjC runtime. It is the language’s, and I truly believe, the platforms’ greatest strength.

I believe if we hide the complexities of C from our source code and focus on letting the power of the ObjC runtime shine through in our code, we can create a new language that provides of the great flexibility of the ObjC runtime while still accomplishing many of the goals that Swift is attempting to solve - namely safer code by default.

Consider how much progress could have been made with Objective-C had the resources from the Swift project been applied to it instead. Swift is an immensely complicated language that still needs a long time to mature. Objective-C is a much smaller language with a solid core and seemingly a lot of low-hanging fruit (syntax improvements, increased safety).

For example, a better blocks syntax and support for Python-style comprehensions in Objective-C would do a lot for me today, making my code more concise and readable. Swift’s generics feature was likely more difficult to implement, and it arguably makes the code less readable and for dubious benefits.

Additionally, an improved Objective-C could in many cases compile down to binaries that work smoothly with existing code and older OS versions. It could still use the same runtime. With Swift, Apple is instead dropping some of the benefits of the Objective-C runtime and creating migration issues because some Swift elements don’t interoperate with Objective-C, and others bridge but with performance penalties. We’ve only seen the tip of the interoperability iceberg because so far all of Apple’s APIs are native Objective-C.

Apple seems to be betting that the benefits for making a whole new language will be worth the migration costs and the stagnation of the language that most of us are actually using. I’m not convinced because most of my favorite Swift features seem like they could have fit into an Objective-C 3.0.

Mac Vibrancy Tips

Brent Simmons:

For one of my projects I’m working with NSVisualEffectView and behind-window blending.

[…]

There may be other gotchas, of course, but these are what I’ve found so far.

The State of iOS 8 on the iPad

Mikhail Madnani:

I assumed iOS 8 would offer a good experience on the iPad Air, but after playing with it as well as the iPad mini with Retina display, it’s clear that iOS 8 on iPads is clearly far from ready. Although there are loads of bugs and performance issues that currently exist on iOS 8, this post is not for those. Instead, let’s talk about some of the interface issues, design oddities that are seen on iOS 8 and how the iPad’s potential is being wasted by not taking advantage of the larger canvas.