Sunday, May 29, 2016 [Tweets]

Making Paw Extensible With JavaScript Core

Micha Mazaheri:

There was a dilemma on the choice of the scripting language. Sketch exposes an CocoaScript interface that lets users mix JavaScript with a syntax inspired by Objective-C, and gives access to all available OS X APIs. This would have been a serious security concern for Paw being a place where developers may store their production server credentials: letting 3rd party have unrestricted access to the app didn’t feel right.


Since OS X 10.9 / iOS 7, the JavaScript Core framework exposes great Objective-C to JavaScript bindings (it had a C API before). This meant objects from either language would be bridged to the other by just following a simple protocol and following a few rules for memory management. The whole thing would run in a JavaScript Virtual Machine we would fully control. We would create JavaScript APIs to let 3rd parties safely access the data we wanted to expose.

Opening Files and Never Closing Them

Lloyd Chambers:

A few days ago, I wrote about a nasty bug in QuickLookSatellite that can bring the system to its knees, requiring a force kill of QuickLookSatellite or a logout or reboot. That page has now been updated with command line alternatives that make it instant to terminate the offending QuickLookSatellite processes.


Apple Mail has bugs in failing to close open files as well: send an image in an email, then put the file in the trash. Even hours after the email has been sent, the file(s) may remain open, so the Trash cannot be emptied.

I see this with Mail and Preview all the time.

iTunes 12.4 Applies Song Ratings to Albums and Destroys Smart Playlists

Kirk McElhearn:

When iTunes 12.2 was released, the app changed some song ratings to album ratings. This means that if you have smart playlists that look for, say, five-star songs, iTunes will add all the tracks from the album with the five-star rating to those playlists. After iTunes 12.2 was released, this happened occasionally; but with iTunes 12.4, my entire library was changed. Every single song rating in my library got changed to an album rating. (Note that neither iTunes Match, iCloud Music Library, nor Apple Music are active on this Mac, so these services are not responsible for the changes.)

Obviously, this broke my smart playlists.

Previously: iTunes 12.4.

Friday, May 27, 2016 [Tweets]

Google : 2010s :: Microsoft : 1990s

Jason Snell:

So when I look at Google and see a latter-day version of 1990s Microsoft, I don’t mean to portray it as a monster. Truth be told, just as I used Word 5.1 back in the day, I use many Google services today. My email is served by Gmail, and my comings and goings are arranged with Google Calendar. Most of my podcast and website collaboration happens in Google Sheets and Google Docs. (I also thought the Google I/O keynote last week was the best one I’ve seen–disciplined and focused in a way previous I/O keynotes weren’t.)

But some of the stuff Microsoft pulled in the 1990s was awful, and made users angry. And Google seems to still be making decisions that are more about promoting the greatness of Google than showing respect for users.


As someone in Google’s ecosystem as well as Apple’s, I’m happy that they continue to develop apps for iOS. Unfortunately, every time I open one of them, I’m brought back to the mid-’90s and Word 6.

John Gruber (tweet):

Jason specifically calls out iTunes on Windows as being in the same boat. I’d add the late Safari for Windows, too.

Don Melton:

We simply couldn’t compete with Google when they were paying everybody to bundle [Chrome] and blitzing TV.

People don’t realize the Safari for Windows team, the platform engineers, was only three people. That’s it.

And if I could have gotten marketing support dollars, …

… I could have gotten the engineering budget to support the effort to address those issues.

.NET Core is Boiling the Ocean

Aaron Stannard (via Hacker News and Reddit):

.NET Core is about decoupling .NET from Windows. Allowing it to run in non-Windows environments without having to install a giant 400mb set of binaries.

This will allow .NET to run in containers on Linux and lots of other places it can’t today and presents a very exciting opportunity for those of us in the server-side .NET development space to start taking advantage of modern DevOps and deployment tools.


I had originally imagined that .NET Core would be “released” in a stable form this year, 2016.

Now I no longer have any certainty with anything in regard to .NET Core, because the roadmap has been changing rapidly.


I’m left with the impression that .NET Core is trying to do everything at once: static linking, new tooling, support for 3D games, web applications, cross-platform desktop applications, browser-based apps, and anything else that could be aptly labeled under the masthead of “panacea for .NET developers.”

The Mac Admin Library

Tom Bridge:

No matter how you learn, there are good resources in print for the Mac Admin, be they books and manuals, blogs and journals, magazines and other news media. This library, catalogued below, is far from canonical, but it does have the resources that I consider to be the best of breed.

FaceTime, iMessage Hang in the Balance After Apple Loss to Patent Troll

David Kravets:

Patent troll VirnetX, fresh on the heels of a $626 million FaceTime and iMessages patent victory over Apple, now wants a federal judge to permanently turn off those popular features.

VirnetX on Wednesday also asked the judge presiding over the litigation to increase the damages the East Texas jury awarded in February by another $190 million or more. Apple wants a retrial, claiming that VirnetX’s lawyers misrepresented evidence to the jury and that the evidence presented at trial didn’t support infringement.

Update (2016-05-28): See also: Hacker News.

Thursday, May 26, 2016 [Tweets]

Dropbox’s Upcoming Kernel Extension

Damien DeVille (via Hacker News):

Traditionally, Dropbox operated entirely in user space as a program just like any other on your machine. With Dropbox Infinite, we’re going deeper: into the kernel—the core of the operating system. With Project Infinite, Dropbox is evolving from a process that passively watches what happens on your local disk to one that actively plays a role in your filesystem. We have invested the better part of two years making all the pieces fit together seamlessly. This post is a glimpse into our journey.


FUSE is an incredible technology, but as we gained a deeper understanding it became clear that it didn’t fully satisfy the two major constraints for our projects—world-class performance and rock-solid security.


We use the Kernel Authorization (or Kauth for short) kernel subsystem in our kernel extension to manage file authorizations within the BSD portion of the kernel. By listening to actions on the KAUTH_SCOPE_VNODE scope, we can detect and deny actions that happen in the Dropbox folder. In the examples cited above, for example, we are interested in the KAUTH_VNODE_DELETE and KAUTH_VNODE_ADD_FILE actions since they allow us to check whether a file or folder in a user’s shared folder is being deleted or moved. From there, it’s just a matter of checking with the user whether the operation was in fact intended and inform them of the consequences of the operations for other members of the folder.

Previously: Dropbox’s Project Infinite.

Building on Auto Layout

Bridger Maxwell:

It is common to use addConstraint directly, but Auto Layout is actually a great engine to build layout systems on top of. In this post I’ll talk about different abstraction layers on Auto Layout and show its advantages with my library StackLayout.


The simplest way we can build on Auto Layout is a thin syntactic layer for creating constraints that we still manage manually. Until iOS 9, the built-in way to create a constraint was quite verbose.


Higher up the abstraction scale is the Visual Format Language. When I interned at Apple on the Cocoa Frameworks team I helped with the initial implementation of Auto Layout and especially on the parser for the VFL. This lets you specify a few common layouts that can be written as ascii art.

I’ve experimented by reimplementing some of it in Swift using operator overloading. The idea is the same, but has the advantage of compile-time checking.

Wednesday, May 25, 2016 [Tweets]

When to Move to Swift

Soroush Khanlou:

Despite this newfound revelation, I still think the prudent choice is to continue writing apps in Objective-C. Those who are fully on board with Swift commonly reply: every line of Objective-C you write is a legacy. While this is true, Objective-C code will still be viable for at least another five years, and probably won’t stop working for closer to 10 or 15. This is based the fact that every one of Apple’s OSes is written in it, as well as the frameworks themselves. (How long did Carbon code work for? How long before Finder was rewritten in Cocoa?)

However, your Swift 2.2 project is also going to become legacy code, and that transition will happen this September. Your migration will be a bloodbath, and it will have to happen in one fell swoop (including your dependencies!) because of a lack of ABI compatibility. Latent bugs will creep in from the migrator, and you’ll have to keep your swift-3 branch updated with regular, messy merges. In the end, git bisect will stop working, and your compile times will still be awful.

Ben Sandofsky (via John Gruber):

I strongly believe Swift is the future of iOS development. It’s only a matter of when, and the blocker is the breakneck speed it evolves. For smaller apps, Swift is good enough. For big apps, it’s at least a year away.

I’m using “big” as shorthand for a few different categories. It can mean lines of code, number of developers, complexity, or low-tolerance for problems.

There are pros and cons to both paths. Personally, I lean towards using Swift for new projects and new major versions. I am less worried about the breaking sources changes in Swift 3 than I am about the poor Xcode experience (broken auto-indentation and unreliable syntax highlighting, code completion, and symbol lookups). Nearly two years after the initial release, I thought those would have been fixed.

Previously: ABI Stability Deferred Until After Swift 3.0.

Tuesday, May 24, 2016 [Tweets]

MVC-N: Isolating Network Calls From View Controllers

Marcus Zarra:

We have a network controller: it talks to the internet, your local network, or even be a flat file system. It then pushes data into your cache, into your persistence engine. Here comes the exciting part: your entire view layer talks to the cache only. It does not get data from the internet directly. The ViewController’s job is to display or update that data, not to do networking code. This design will serve you forever, and it has so many benefits that you’ll never want to use the anti-pattern ever again.


We can use the concurrent design of the NSOperation to do our network requests. In Swift, because we cannot access the property directly for finished, we have to do hacking (which I do have a radar for, and I am hoping they will fix this). The idea behind this overrided var is that we need to tell the queue that we are done. To do that, the queue is listening for “isFinished”. In Objective-C, isFinished translates into the variable Finished fine; in Swift, it only listens for “isFinished”, it does not listen for the actual property of Finish, you cannot change it.

Recursive Tail Calls and Trampolines in Swift

Umberto Raimondi (via Natasha Murashev):

In this post we’ll see how the lack of predictable tail call elimination in Swift could be overcome using trampolines and a few alternatives to recursion will be described.


A trampoline is not much more than a loop that executes iteratively functions that can either return the next function in the sequence (in form of a thunk or continuation, a data structure that contains the information needed to perform a specific function call) or another kind of value (in this case the content of the accumulator) to signal the end of the iteration.


And even if this implementation [is] slower than the original one for all the code needed to operate the trampoline that was added, this version solves our biggest issue related to stack exhaustion[…]

Swift Tuples Aren’t Equatable

Erica Sadun notes that Swift will let you create an array of tuples:

let a: [(Int, Int)] = [(1, 2), (3, 4)]

But you can’t use the contains() method:

a.contains((3, 4)) // no!

Its definition looks like:

extension SequenceType where Generator.Element : Equatable {
    /// Returns `true` iff `element` is in `self`.
    public func contains(element: Self.Generator.Element) -> Bool

The problem is that it requires the element to conform to the Equatable protocol. Equatable only includes one method:

func ==(lhs: Self, rhs: Self) -> Bool

And the tuple does implement ==. But the compiler can’t use that fact because Swift doesn’t allow tuples to conform to protocols. This is the sort of thing that annoys people about static languages. The workaround is to use a different version of contains():

extension SequenceType {
    /// Returns `true` iff an element in `self` satisfies `predicate`.
    public func contains(@noescape predicate: (Self.Generator.Element) throws -> Bool) rethrows -> Bool

to call == directly via a closure:

a.contains({ $0 == (3, 4) })

Monday, May 23, 2016 [Tweets]

Apple Offers to Replace iPads With MacBooks in Maine Classrooms

Tim Hardwick:

According to a report in the Lewiston-Auburn Sun Journal, schools in Auburn and other districts in Maine are set to benefit from the “Refresh” swap, following surveys of students and teachers across grades 7 through 12, which revealed that 88.5 percent of teachers and 74 percent of students preferred laptops over iPads.

iPads were perceived to have poor educational value in the classroom and were often used to play games in class, while laptops allowed students better opportunities for school work. The preference gap widened even more when it came to older students, who saw laptops as better devices for coding and programming tasks.

Tom Warren:

Google’s low-cost Chromebooks outsold Apple’s range of Macs for the first time in the US recently. While IDC doesn’t typically break out Windows vs. Chromebook sales, IDC analyst Linn Huang confirmed the milestone to The Verge. “Chrome OS overtook Mac OS in the US in terms of shipments for the first time in 1Q16,” says Huang. “Chromebooks are still largely a US K-12 story.”

IDC estimates Apple’s US Mac shipments to be around 1.76 million in the latest quarter, meaning Dell, HP, and Lenovo sold nearly 2 million Chromebooks in Q1 combined. Chromebooks have been extremely popular in US schools, and it’s clear from IDC’s comments the demand is driving US shipments.

Update (2016-05-25): Matt Novak (via Adam Chandler):

But something happened about a year ago when my Macbook Air was running on fumes. I looked at the Macs and gave my brain a half-second to entertain other options. I owned a functioning Mac desktop, which is my primary machine for heavy lifting. But I started to wonder why I wasn’t entertaining other options for my mobile machine.

The biggest consideration was price. When all was said and done, even the cheapest Mac laptop was going to set me back about $1,300 after taxes and AppleCare. And the siren song of a computer under $200 was calling my name. I got the Acer Chromebook with 2GB of RAM and a 16GB drive. It cost a shockingly low $173. And

Monument Valley: iOS 42% of Downloads But 73% of Revenue

ustwogames (tweet, Hacker News):

3rd April 2016 marked the two year anniversary of Monument Valley’s release and with that we now have a lengthy window to analyse how the game’s performed and what we’ve managed to do with it post release. So with that in mind we’re happy to present Monument Valley in Numbers: Year 2.

Daniel Gray:

Numbers are slightly skewed due to the insanely high number of free downloads during iOS free week. Revenue came purely from IAP.

Jared Schnelle:

We’ve wanted to go free for a period on Google Play but unfortunately it’s not possible, when you go free with a paid game you can never go back.


Monument Valley, one of the most polished and loved premium mobile games ever, has made $15m in its lifetime. Meanwhile, there are multiple F2P games with over $1b in revenue.

Now, $15m is fantastic, especially for a small studio. But high-production value F2P games from bigger studios cost around $3-5m to make, not including marketing/UA, so its pretty clear to see why studios aren’t investing in premium titles at all, unless they are ports of existing content.

Previously: iOS App Sales Data.

94% of App Store Revenue Comes From the Top 1%

Randy Nelson (via Ilja A. Iwas):

The most surprising takeaway from our analysis of U.S. App Store publishers is that the top 1 percent of those who monetize their apps accounted for 94 percent of the store’s revenue last quarter. That means approximately $1.34 billion of the estimated $1.43 billion in net revenue generated by the store during Q1 went to 623 publishers, the remaining 6 percent—approximately $85.8 million—was divided among the other 61,677 publishers whose apps are paid or feature in-app purchases.


There were approximately 1.38 billion app downloads on the U.S. store in Q1, and approximately 966 million of those were generated by the top 1,270 publishers out of 127,000 we analyzed. The remaining 99 percent of publishers split the other 414 million downloads between them.

Previously: Over 70% of App Store Purchases Are for Games.

C Compilers Break for Objects Larger Than PTRDIFF_MAX Bytes

Pascal Cuoq (via Jean-Francois Roy):

The malloc call in the program below succeeds (the program would return 0 if the malloc invocation failed), despite Clang having the same half-the-address-space limitation for 64-bit as for 32-bit.


Unfortunately, an optimizing compiler’s code appears to be littered with optimizations that assume object sizes are less than PTRDIFF_MAX. As an example, we all know that X86 Clang and GCC implement pointer comparison as an assembly unsigned comparison (“cmpl” is an agnostic comparison instruction, but here it is followed by “cmoval”, where the “a”, for “above”, indicates conditional move based on an unsigned comparison). This means that it is allowed to compare pointers inside a putative 2.5GiB array on a 32-bit platform, right?

Not all pointer comparisons.

Because of this optimization.

Continuous iOS Code Coverage With Jenkins and Slather

Matej Bukovinski:

Before Xcode 7, we already had code coverage reporting set up with Jenkins. We generated coverage data in the gcov format and used LCOV together with a custom script to integrate the coverage data into Jenkins. It all worked pretty well. However, with the introduction of Xcode 7, Apple dropped support for the legacy gcc coverage file format and introduced a format of its own: profdata. Of course this broke our setup as soon as we migrated our CI servers to Xcode 7. As framework developers, we always have to be early adopters of the latest iOS versions, so we can make sure our code is ready before our clients make the switch. Unfortunately, this means in some cases we need to make a few compromises. In this particular circumstance, it meant dropping code coverage because there were simply no convenient tools around to get the data into Jenkins. Xcode ships with llvm-cov, a command line tool that can convert the coverage data into a more human readable format. However, there is still quite a bit of work needed to get it into a format that Jenkins could handle.


After running llvm-cov Slather parses the output data, processes it a bit and then outputs it into one of the supported formats. In our case an XML file suitable for Cobertura.

To get all that running on Jenkins, we simply added a call to rake coverage_ios right after we run our test suite. We have some extra logic to prevent coverage from running in certain configurations or if the tests fail but that is essentially all that is needed to generate the XML coverage data. After adding the call, we just need to install the Cobertura plugin and configure it so it can find the generated XML.

Saturday, May 21, 2016 [Tweets]

Dynamic Swift

Brent Simmons (see archive for more):

In case it’s not clear: with recent and future articles I’m documenting problems that Mac and iOS developers solve using the dynamic features of the Objective-C runtime.

My point isn’t to argue that Swift itself should have similar features — I think it should, but that’s not the point.

The point is that these problems will need solving in a possible future world without the Objective-C runtime. These kinds of problems should be considered as that world is being designed. The answers don’t have to be the same answers as Objective-C — but they need to be good answers, better than (for instance) writing a script to generate some code.

Manton Reece:

Leaning on the Objective-C runtime feels like a temporary solution because it only exists on the Mac and iOS. Great web frameworks like Ruby on Rails, for example, can’t be built without relying on a more dynamic language. (And to me a great promise for Swift is being able to use it everywhere.)


I think it’s telling that the “dynamic” keyword isn’t even mentioned in the main language guide. Anything related to Objective-C is off in a separate set of documentation, which includes discouraging statements such as “Requiring dynamic dispatch is rarely necessary” and “use of the performSelector APIs is discouraged”.

Gus Mueller:

What I didn’t add was a giant switch statement like we did in the bad old days of classic Mac OS programming. What I didn’t add was glue code in various locations setting up targets and actions at runtime that would have to be massaged and updated whenever I changed something. I’m not checking a list of selectors and casting classes around to make the right calls.

Marcel Weiher:

However, an even bigger worry, at least for me, is that Apple will take Brent’s concern extremely literally, and provide static solutions for exactly the specific problems outlined (and maybe a few others they can think of). There are some early indicators that this will be the case, for example that you can use CoreData from Swift, but you couldn’t actually build it.

And that would be missing the point of dynamic languages almost completely.

Previously: The Case for Message Passing in Swift, “It’s a Coup”, Dynamic Swift.

Update (2016-05-23): See also: Hacker News, particularly the comment by Drew Crawford:

While it is true that ObjC’s dynamism has all kinds of problems we want to avoid, we’re also running into lots of cases where the obvious solution is dynamism, and the other solutions aren’t obvious.

One concrete example I can offer you is NSCoding, which is being reimplemented right now in corelibs-Foundation. That API pretty much needs a way to look up classes at runtime, (there’s really no other sane way to provide the feature). You could argue that we don’t need NSCoding (in fact that was argued), but ultimately, we decided we needed NSCoding more than not. So Swift 3 adds a _typeByName API which does dynamic lookups of classes by string. It landed, it exists, the ship has sailed.

Another concrete example that may be interesting is XCTest. The way XCTest works is your unit tests are written as functions on a class, and we “discover” the tests by enumerating the functions at runtime. But oops, Swift has no way to enumerate functions at runtime, so we can’t find any of your tests. The solution to this problem is actually pretty interesting: the latest proposal is to do sourcecode analysis from the compiler to enumerate your test functions, dump that somewhere, and then generate a second program that uses the dump to call the enumerated functions.

Update (2016-05-24): Paul Kim:

Looking back on my years with Java, I find the biggest problems with the platform was this idea that everything can be done by the compiler. It sounds great on paper but when implemented, it resulted in all sorts of contortions to work around not letting any dynamism in. It resulted in a lot of glue being written that I wouldn’t have to write in a more dynamic platform. It resulted in cascading changes across code to make trivial modifications just to appease the compiler. Maybe in a future post I’ll go into specific language features that I found problematic and show parallel trends/features in Swift but let’s just say that less is more. It’s an aesthetic that I always felt that put Apple above the rest and something which I feel like in some ways is being abandoned.


Ultimately, though, I need something that solves my problems. My problems aren’t performance. They aren’t type-safety (maybe it’s just me, but I rarely have issues with it and when I do, the time it takes to fix it is far less than the time specifying everything to a tee everywhere else). They aren’t being able to write clever VDLs. For me, it’s writing apps that solve my users’ problems and getting them out in a timely fashion.


Now maybe these same problems can be solved in a static way but what I’m not seeing from the static-camp are (decent) solutions. What I’m seeing are either hand-waving or the same crufty code-generation, write tons of repetitive boilerplate type of solutions that I had hoped we had left behind in the 90s.

Daniel Jalkut:

Apple is in all likelihood the single largest owner of valuable, time-tested, customer-pleasing Objective-C code. Thus they face, as a company, the same challenges that Paul Kim and many other developers do: they can’t afford to put everything on the line, divert all their attention from Objective C, just to embrace a language that is not completely mature, and which doesn’t offer the same features as its predecessor.


Swift is a fascinating, beautiful language. How will it evolve to prove superior, in the long-run to Objective-C? By providing a suite of impedance-matched frameworks that fulfill all the needs of current iOS and Mac developers. How will those frameworks come to be in an environment where Apple’s most experienced framework developers, and Apple’s most experienced 3rd-party developers are steeped in a tradition that favors patterns not supported by Swift? I’ll be very eager to see how that plays out.

Brent Simmons:

In other words — if you think that the various people writing about Swift and dynamism are anti-Swift, you’ve got it wrong.

John Gruber:

I can’t prove that dynamic nature of Objective-C and the frameworks has been essential to the success of the Mac and iOS for app development. But a lot of people who’ve spent years — or decades — creating those apps sure think so.

Update (2016-05-25): Marco Scheurer:

Paradox: programmers advocating static typing trust that everything can be known in advance and that programmers cannot be trusted.

Update (2016-05-26): Arik Devens:

I’ve been thinking about it for a while now, and the only conclusion that I’ve come to is that it’s just far too soon to judge. Swift is practically brand new, and with such different strengths and weaknesses than Objective-C. Swift is so dissimilar to Objective-C, that I think if Apple could have gotten away with not supporting interoperability at all, they would have been much happier. They’ve managed to do an impressive thing, getting the two to play semi-nice together, but it’s an awkward fit at best.

Brent Simmons:

I saw a thing on Twitter that said I’m just an old guy complaining about the new ways. Then the tweet was deleted, to the credit of its author. But let me take up the point.

It’s not the new ways that bother me — it’s the old old ways. That is, how I wrote apps before I started using AppKit. […] We remember how these problems were solved by the static languages of the day, and we don’t want to go back.

Chris Eidhof:

As long as AppKit and UIKit will be around, we’ll have Objective-C and its runtime. If Apple releases a Swift-only successor to either one of these frameworks, I’m confident that they will do a good job: they’ll make us write less boilerplate, rather than more.

Although on Apple’s platforms we have the Objective-C runtime, Swift on the server can’t lean on that. So there are already consequences today, not just for hypothetical future frameworks. Also, tellingly, none of the people saying that dynamic features aren’t needed have demonstrated good alternatives in Swift. Instead I see hand-waving.

Andrew Abernathy:

I like that this doesn’t claim Brent’s anti-Swift. But I’m uncomfortable with “I trust Apple” — no-one is perfect.

People far more qualified than I am are leading this discussion. But I remember Apple heavily pushing Java over Obj-C for a while.

Wolf Rentzsch:

Best thing about Swift is forcing us to elucidate our points (again)

Worst thing is that we’re going to lose (again (until next round))

Nicholas Riley:

The programming language equivalent of Greenspun’s tenth rule?

Brent Simmons (tweet):

When I talk about dynamic programming on iOS and Mac, I mean this:

  1. An app can learn about its structure at runtime.

  2. An app can do things based on what it knows about its structure.

  3. An app can make changes to its structure.

Update (2016-05-27): Samuel Ford (via Daniel Jalkut):

My experience working with type strict frameworks is that they are fussy. It’s like if the only way you could chop things when cooking is with an array of specialty chopping tools that have to be assembled from pieces every time you needed them. And you have one for garlic, another for potatoes, and so on.

Every time you start to cook, you’ll feel the weight of taking those tools out, assembling the pieces, then taking them back apart, washing them, and putting them away. What you’ll find over time is that the recipes themselves will adapt to require fewer chopping tools and will become more plain and more similar over time.

So will the framework change the app. You’ll begin to avoid the things the framework makes tedious.

Wil Shipley (tweet, Hacker News):

While I think it’s great for the community to discuss what needs to be added to Swift as it grows, I’ve also seen a lot of violations of what I’ll call “Shipley’s 2nd Law” (because my ego knows no bounds). The first law, is, of course, “Less code is better code, no code is best code.”

Shipley’s 2nd Law states, “Groups that have brought you good things in the past will tend to continue to bring you good things, and groups that have brought you shit will continue to pile shit on top.”

I think this is generally true, but one should also consider that although the LLVM/Clang/ARC team has a great track record, they are not the same people who have a history of delivering good frameworks for apps. Rather, as Shipley and Marcel Weiher note, they’re the ones who have been tightening the screws on Objective-C, making some of its dynamic features harder to use. No one doubts that this team will produce a great language for writing a compiler—the question is how it will handle apps. Apple is attempting something very ambitious: a single language that can span the spectrum. They are in uncharted territory, which is why people don’t know exactly what to expect.

Roopesh Chander:

Since the dynamic modifier exists only for interoperability with Objective-C, this isn’t sufficient evidence to say that Swift classes will gain dynamism similar to Objective-C classes.


But lookup tables are exactly how message passing works. The problem isn’t that they exist, it’s any solution where, as Guy reminds us, you have to manage and see boilerplate.

So what if Swift let you code classes that looked like Swift but behaved dynamically? What if Swift let the virtualness of methods bleed out into runtime, and it could gradually be bolted down as the application ran, depending on the actual types, actual objects, actual methods, actual messages passed, call site by call site? What if that metadata was allowed to remain, could be used later and maybe even be extended?

Wolf Rentzsch:

Crazy thing is you can have both static analysis and runtime dynamism at the small cost of code size and a perhaps a Mach-O tweak.

I’m talking about runtime phase-change from static-to-dynamic as needed.

#UseTheDynamismLuke (via Jonathan Wight):

Commemorate the Objective-C vs Swift Dynamism Wars by buying the official t-shirt.

Update (2016-05-29): Joe Groff shows how to dispatch a method on an Any.

Samuel Ford:

Now, the ASP.NET team could have taken the Rails approach and implemented it more or less identically. The facilities exist within the language using reflection to do exactly the same thing. After all, ASP.NET MVC was inspired by Rails. They did not, though; they approached it with a static language mindset and in the spirit of the larger .NET framework.

I’m not suggesting that’s wrong. They should implement their framework in the style and accent that’s natural for them. What I want to point out is how differently a static view of the world can be.

Matthew Johnson shows a minimalist responder chain implemented in pure Swift:

There is not a switch statement or dispatch table anywhere in this code.


Instead of using a selector directly, messages are reified as instances of types conforming to the Message protocol.

There is the equivalent of a protocol for each selector, and he implements the messaging in a library, whereas Cocoa uses the language’s own messaging facilities.

The benefits of that additional work are:

  • Static conformance checking for Handler types.
  • The opportunity to attach any data we wish to the event.
  • No need to dynamically check the types of arguments handler.

Friday, May 20, 2016 [Tweets]

Swift Assertions

Andy Bargh:

If we dive into a bit more of the detail behind assertions in Swift, we find that the Swift language actually supports five, different types of assertion. These are:

Each of these assertions behave slightly differently and in the majority of cases the optimisation level that the code is compiled with has a direct effect on whether they are evaluated or not.

Testing IBOutlets and IBActions With Curried Functions in Swift

Ben Chatelain:

Currying helps to simplify these outlet and action test functions so that the view controller doesn’t have to be passed in every function call. Just like the sumA function holds onto the value of the first parameter, these test functions hold onto a reference to the view controller being tested. There’s also the benefit of being able to give the returned function a very readable name.


So, what is that hasButtonOutlet magic? It’s a partially-applied function saved in a local variable.


Shortly after @allonsykraken posted Hipster Swift, I learned that the super-clean syntactic sugar version of curried functions is going away in Swift 3 and it made me sad.

Code Coverage From the Command Line With Clang

Alastair Houghton:

Having searched the Internet several times to find out how to get coverage information out of clang, I ended up feeling rather confused. I’m sure I’m not the only one. The reason for the confusion is fairly simple; clang supports two different coverage tools, one of which uses a tool with a name that used to be used by the other one!


In both cases, you need to pass the coverage options to the clang or clang++ driver when you are linking as well as when you are compiling. This will cause clang to link with any libraries required by the profiling system. You do not need to explicitly link with a profiling library when using clang.

Separate, Support, Serve

Benjamin Pollack:

I want to do two things in this blog post: convince you that Embrace, Extend, Extinguish is a grossly invalid understanding of Microsoft’s strategy; and convince you that an alternative strategy of Separate, Support, Serve provides a much better lens to view the modern Microsoft.


First, Microsoft has to enable me to even use Microsoft technology in the first place. If Microsoft keeps tying all Microsoft technology to Windows, then they lose. If I have to use Windows to use SQL Server, then I’ll go with PostgreSQL. If I have to use Windows to have a sane .NET server environment, then I’ll pick Java. To fix that, Microsoft needs to let me make those decisions separately.

That’s indeed the first phase of their strategy: separating Windows from the rest of their technologies. SQL Server is available on Linux not to encourage lock-in, but because they need you to be able to chose SQL Server even though you’ve got a Docker-based deployment infrastructure running on RedHat. .NET is getting great runtimes and development environments (Visual Studio Code) for Unix so that I can more reasonably look at Azure’s .NET offerings without also forcing my entire dev team to work on Windows. This strategy dramatically increases the chance of me paying Microsoft money, even though it won’t increase the chance I’ll use Windows.

Thursday, May 19, 2016 [Tweets]

Google Assistant

John Gruber:

Google is clearly the best at this voice-driven assistant stuff. Pichai claimed that in their own competitive analysis, Google Assistant is “an order of magnitude” ahead of competing assistants (read: Siri and Alexa). That sounds about right. This might be like Steve Jobs’s 2007 claim that the iPhone was “5 years” ahead of anyone else.

Manton Reece:

Only Google has the expertise in web services and the massive amount of data to keep going beyond basic questions. I expect both Siri and Alexa will hit brick walls that Google will get past, especially in conversational queries that let the user drill down below the most popular, superficial facts.

Caitlin McGarry:

It’s a problem that could be solved with a Siri API for app developers, but according to a recent Reuters report, Apple’s Siri shortcomings can be attributed to the company’s stance on privacy.

The company has a trio of so-called “privacy czars” who vet every decision, even inspecting lines of code that might violate laws or company standards. When Apple bought Siri five years ago, it was decided that data on what you ask Siri would be stored separately from personal data, so Siri lacks a lot of the knowledge about you that it would need to be a truly useful assistant.

Ben Thompson:

The net result is that Google has no choice but to put its founding proposition to the ultimate test: is it enough to be the best? Can the best artificial intelligence overcome the friction that will be involved in using Google assistant on an iPhone? Can the best artificial intelligence actually shift human networks? Can the best artificial intelligence win the home in the face of a big head start?


Google’s competitors, by virtue of owning the customer, need only be good enough, and they will get better. Google has a far higher bar to clear — it is asking users and in some cases their networks to not only change their behavior but willingly introduce more friction into their lives — and its technology will have to be special indeed to replicate the company’s original success as a business.

Update (2016-05-22): Marco Arment (Slashdot):

Today, Amazon, Facebook, and Google are placing large bets on advanced AI, ubiquitous assistants, and voice interfaces, hoping that these will become the next thing that our devices are for.

If they’re right — and that’s a big “if” — I’m worried for Apple.

James Atkinson:

Every year i/o announces new tech. Every year people state Apple is doomed. Google can’t create things people actually want.

Update (2016-05-23): Dave Winer:

Apple could be replaced, for me, by a phone that was somewhat elegant, hardware-wise, and had software that was as easy and reliable as it should be, nine years after the iPhone was first introduced. You expect a certain amount of bugginess at the outset, but over time the glitches should be out and the product should become part of the background, the focus being on what you use the product for. The iPhone resists that. Every time they come out with a new version of iTunes or iOS, it all breaks, and I have to find a new set of workarounds.

Daniel Eran Dilger:

Rather than focusing on the incremental innovation needed to win back the attention of enterprise users and premium consumers, Google’s vision for Android this year has again leapt in new directions which appear even less attainable. Android’s scattered, imitative strategies du jour are resulting in a platform that looks a lot like Apple’s—albeit the very unsuccessful Apple of the mid 90s.

New Touch ID Rules

Glenn Fleishman:

A previously undocumented requirement asks for a passcode in a very particular set of circumstances: When the iPhone or iPad hasn’t been unlocked with its passcode in the previous six days, and Touch ID hasn’t been used to unlock it within the last eight hours. It’s a rolling timeout, so each time Touch ID unlocks a device, a new eight-hour timer starts to tick down until the passcode is required. If you wondered why you were being seemingly randomly prompted for your passcode (or more complicated password), this is likely the reason.

This has been bothering me for months. I thought it was a bug.

How Typography Can Save Your Life

Lena Groeger:

In the case of the weather service’s all-caps type, it’s the font version of the boy who cried wolf. Using ALL CAPS for everything — from severe hurricanes to a slight chance of showers — means that EVERYTHING LOOKS THE SAME AND EVERYTHING LOOKS IMPORTANT. Once people realize that most of the time it’s not, they may become desensitized to warnings. When nothing stands out, people are likely to miss real emergencies.

Now that the weather service can use ALL CAPS sparingly — as a tool to highlight real danger — the public is more likely to pay attention.

Previously: Highway Gothic to Clearview—and Back.

Tuesday, May 17, 2016 [Tweets]

ABI Stability Deferred Until After Swift 3.0

Erica Sadun quotes Chris Lattner:

That said, it is also clear at this point that some of the loftier goals that we started out with aren’t going to fit into the release [Swift 3.0] – including some of the most important generics features needed in order to lock down the ABI of the standard library. As such, the generics and ABI stability goals will roll into a future release of Swift, where I expect them to be the highest priority features to get done.

Jeremy Pereira:

Compare the Swift-Evolution goals for Swift 3 to how they were before Chris changed them. They used to be Stable ABI; Resilience; Portability; type system clean up and documentation; complete generics; focus and refine the language; API design guidelines. Only two of those goals will be met – the last two.

Judged by its original goals, the Swift 3 release is a failure. Clearly we lost focus on what we were trying to achieve and we need to understand why. Unfortunately, Chris’s relocation of the goalposts is likely to obscure the fact of the failure and probably the same mistakes will be repeated for Swift 4.

I’m not worried because (a) I see a lot of the stuff that went into Swift 3 as more important than the stable ABI, and (b) I really want them to take the time to get Resilience right. ABI stability doesn’t affect app developers that much. The main issue is that it means you have to build from source, so you can’t include (Swift) libraries that were compiled by someone else, but I don’t see that as a common problem.

Update (2016-05-18): Greg Parker:

If we tried to rush Swift ABI stability out the door for Swift 3 we would certainly end up with deliberate or accidental flaws like the above. Being able to take the time to get it right is a rare luxury.

Erica Sadun:

The move to Swift 3.0 isn’t just going to be disruptive. It’s going to be traumatic. With its expansive renamification and redesigned core types and APIs, Swift 3 is going to be a tidal wave of retraining and refactoring. And with a list of objectives that didn’t quite make the cut, and a laundry list of of items that should have, Swift 3 just doesn’t have enough time or scope to be perfected.

So why not just push it back? Let us devs use Swift 2.2, which is terrific, for a few more years and get Swift 3 right the first time?


These arbitrary “update every year” advances that Apple has bought into are more than a little ridiculous when it comes to firmware and OS updates; for languages it pushes beyond the practical.

This is why I thought it was good to get the major source-breaking changes into Swift 3 at the expense of ABI stability. However, it remains to be seen whether that goal can be reached on schedule.

Update (2016-05-23): Joe Groff:

A late ABI is only late until it’s finished; a bad ABI is bad forever.

Ben Snider:

So while ABI compatibility might seem like a big deal to have been pushed off, it very likely doesn’t affect the day to day of most Swift developers.

The most compelling arguments thus far have been around the fact that some developers would like to distribute libraries in binary form so as to protect intellectual property, license agreements, etc. Not having ABI compatibility is actually a legitimate concern for developers wishing to distribute binary libraries, but I don’t really feel like that’s a very large number of developers.


Which leads to the second major concern: that Swift compile times are a) slow, b) unlikely to get much faster and c) will only get slower as projects increase in size and complexity. Having some libraries built as binary libraries that are simply linked with additional Swift sources would likely result in much faster build and test cycles.

Twitter to Stop Counting Photos and Links in 140-Character Limit

Sarah Frier (via Dan Moren):

The change could happen in the next two weeks, said the person who asked not to be named because the decision isn’t yet public. Links currently take up 23 characters, even after Twitter automatically shortens them. The company declined to comment.

It’s a step in a larger plan to give users more flexibility on the site. Chief Executive Officer Jack Dorsey said in January that the company was looking for new ways to display text on Twitter, and would experiment based on how people use the service. For example, some people tweet screenshots of longer text in articles, or send many tweets one after the other to tell a story.


Nick Heer:

Strangely absent from this scoop: any mention of also discounting @-replies and user handles. Sometimes, discussions can become deeply nested with many participants, and the character count can impede the discussion, particularly if it involves people with longer handles.

Previously: Twitter Removes 140-Character Limit From Direct Messages, Twitter Won’t Raise 140-Character Limit.

Update (2016-05-26): Twitter:

In the coming months we’ll make changes to simplify Tweets including what counts toward your 140 characters, so for instance, @names in replies and media attachments (like photos, GIFs, videos, and polls) will no longer “use up” valuable characters.

Michael Rockwell:

I’ve seen a lot of outrage in my timeline since this announcement — all of it directed toward the changes to mentions. Users don’t want cluttered timelines and I completely understand that complaint. But I think you’ll be surprised at how few tweets that start with a username are initiated without the reply button — I don’t think Twitter would have made this change if that wasn’t the case.


That “ceiling of 50 names” only matters specifically for replies. In order for usernames not to count toward your 140-characters, you’d have to reply to a thread that included 50 other users. It’s not as if spammers could just add 50 arbitrary names to a tweet and send it out without restriction.

iTunes 12.4

Kirk McElhearn:

When I reviewed iTunes 12 back in late 2014, I said, “Overall, I find the navigation confusing—it requires too many clicks to get around.” I find the changes Apple has wrought to the interface of iTunes 12.4 to be both positive and intuitive, and I think all users will find these new ways of navigation to be more efficient, once they get used to them.

Navigating iTunes is now—or, again—centered on the sidebar and a single menu in the navigation bar. (You can show or hide the sidebar in the View menu.) Instead of a lot of confusing media kind buttons in the navigation bar, there is now a popup menu that Apple calls the Media Picker. Click it to choose a media library, edit the Media Picker menu, or mount another iTunes library with Home Sharing.


Apple has thankfully merged the two different types of contextual menus, in most locations. Instead of one menu displaying when you click the ... button, and another when you right-click an item, the menus are the same, and work in the same way.

Kirk McElhearn:

But there are a lot of little changes I’ve spotted in the latest version of iTunes. Here are some of them[…]

Doug Adams:

Apple released iTunes 12.4 today. It features a significant UI change as well as updates under the hood. And AppleScript additions!

Benjamin Mayo:

The sidebar is a resurrection from the days of iTunes 11. I like the sidebar better than the transient popover (OS X has enough screen real estate to allow such affordances) but it hasn’t been thought through. It’s shoddy and incomplete. There are distinct sidebar sources for Albums and Compilations and yet selecting Albums still shows Compilations in the detail view when you scroll down. Some media types do not hide the sidebar but have no sidebar items to choose between (Podcasts). Many media views have no sidebar at all, leading to jarring transitions between tabs, including all of Apple Music.

See also: MacRumors.

Update (2016-05-20): Kirk McElhearn:

As timmorrislw points out in the comments, there’s a new iCloud Status of No Longer Available. This shows tracks that you added to your Apple Music library that record labels are no longer allowing to be streamed. It’s interesting to create a smart playlist with this condition, to find how many tracks have been removed. Previously, I had, as the comments said, a smart playlist excluding all the other statuses. Out of 16,000 tracks in my Apple Music library, 843 are no longer available.

Update (2016-05-21): Doug Adams:

The podcast value for media kind will confuse older scripts that look for the podcast property of track. The podcast property for track (“is this track a podcast episode?”) was removed in iTunes 12.4. Similarly, the iTunes U property of track has also been removed and is now a value for media kind.

Monday, May 16, 2016 [Tweets]

Larry and Steve’s Plans to Save Apple

Larry Ellison (via Ole Begemann):

“My idea was simple, buy Apple, and immediately make Steve CEO. Apple wasn’t worth much back then, about $5 billion dollars. We both had really good credit and I had already arranged to borrow all of the money. All Steve had to do was say yes.

“Steve proposed a somewhat more circuitous approach. First, persuade Apple to buy NeXT computer, then Steve would join Apple’s board and over time the board would recognize that Steve was the right guy to lead the company.

Restoring Google Chrome Tabs

The best way is to go to the settings and change “On startup” to “Continue where you left off.” However, if you haven’t done this before you relaunch Chrome and want your tabs back, you can press Command-Shift-T. This corresponds to the “Reopen Closed Tab” command in the File menu, which sounds like it will just bring back the last tab that you closed, but it will actually restore all the tabs in the window. It is not as good as Safari’s “Reopen All Windows From Last Session,” which will restore all your windows.

Spotting Fake Amazon Reviews

Lauren Dragan:

Have you ever seen some random product for sale that’s from some brand you’ve never heard of, and the company has no website—yet its widget has somehow garnered 15,000 five-star reviews since … last week? We sure have. This situation is likely the result of a compensated-review program. Such compensated reviews—orchestrated by businesses that cater to companies that want more public positive feedback—violate Amazon’s terms of use but are difficult to police.


You have a few ways to suss out what may be a fake review. The easiest way is to use Fakespot. This site allows you to paste the link to any Amazon product and receive a score regarding the likelihood of fake reviews.

Previously: Amazon Sues Fake Review Site.

Texting Siri

Rene Ritchie:

No matter how enabling and useful Siri is, though, there will be times when it’s simply not possible or socially acceptable to talk out loud to our phones or tablets. In those situations, being able to type “Cupertino weather” or even “Text Georgia I’ll be late” would be incredibly useful.

Via Joe Cieplinski:

What makes the Echo or Siri useful is not the voice activation. It’s the (somewhat) intelligent response.


A Spotlight text field should be able to do whatever Siri does. Don’t get caught up in the trend of talking to our devices; concentrate on expanding how Siri, Alexa, etc. interpret our prompts, spoken or otherwise.

Announcing SyntaxNet

Slav Petrov (Hacker News):

At Google, we spend a lot of time thinking about how computer systems can read and understand human language in order to process it in intelligent ways. Today, we are excited to share the fruits of our research with the broader community by releasing SyntaxNet, an open-source neural network framework implemented in TensorFlow that provides a foundation for Natural Language Understanding (NLU) systems. Our release includes all the code needed to train new SyntaxNet models on your own data, as well as Parsey McParseface, an English parser that we have trained for you and that you can use to analyze English text.

Friday, May 13, 2016 [Tweets]


Rajan Patel:

iPhone users—this one’s for you. Meet Gboard, a new app for your iPhone that lets you search and send information, GIFs, emojis and more, right from your keyboard.


With Gboard, you can search and send all kinds of things—restaurant info, flight times, news articles—right from your keyboard. Anything you’d search on Google, you can search with Gboard. Results appear as cards with the key information front and center, such as the phone number, ratings and hours. With one tap, you can send it to your friend and you keep the conversation going.

John Gruber:

This privacy policy could change in the future, of course. Deals can be altered, and Google’s history of deliberately circumventing iOS privacy features is well-documented. But right now, it looks like Gboard is actually private. In fact, so far as I can tell, not only are you not required to sign into a Google account to use it — there is no way to sign in to a Google account even if you wanted to. Queries sent through Gboard don’t show up in my Google search history, even when I’m signed into my Google account in other Google iOS apps. Only what you type in Gboard’s search input field gets sent to Google, and even that is always sent anonymously.

With iOS multitasking and clipboard actions being relatively awkward, this could be really convenient. I was pleasantly surprised by how well swipe-typing worked—much better than with other iOS keyboards I had tried. However, there are two major flaws: it doesn’t support 3D Touch cursor movement, and it doesn’t support the system typing suggestions. These are probably due to OS limitations.

Update (2016-05-13): Edward Marczak:

GBoard apparently supports cursor moment via sliding right and left on the spacebar. Great for us non-3D Touch people.

This is interesting because it seems faster and more reliable than 3D Touch, but it does not support moving vertically.

Update (2016-05-14): Gboard has a nice feature where the Delete key deletes the entire previous word if the cursor is at the end. I also noticed that TextExpander expansions in OmniFocus don’t work when using Gboard.

Honza Dvorsky:

Google knows very well who you are, since shared containers of all apps from one company share data.

David Pogue:

Plenty of little companies make those free software keyboards, of course. But how weird is it that two behemoths—Microsoft and Google—both turn out to have been working on iOS keyboards in parallel?


If you tap it, you insert only a link to a Google search for that information—not the information itself […] You’re forcing your recipients to open their browsers and, of course, do a Google search, rather than just showing the information you’re seeing in the results.


Before you rush off to download Gboard, here’s a sobering bit of news: You lose the ability to dictate text.

Update (2016-05-16): John Gruber:

They could use shared containers to share login data, but they don’t in Gboard, at least now.

Packing Bytes in Swift

Russ Bishop:

I want to do this purely in Swift and mostly analogous to what you’d do in C because it’s relatively quick, doesn’t introduce any dependencies, and the decoder is really simple and could be implemented on any platform.


We can calculate the appropriate location in the buffer by performing arithmetic on the UnsafeMutablePointer itself. The key is that unsafe pointers in Swift know the size of the type they are working with and all adjustments are made in terms of the size of that type, not in bytes! (A Void pointer does work in terms of bytes since it knows nothing about the size of the type).


Why pass in a deallocator function? Technically you might be able to get away with NSData(bytesNoCopy:length:freeWhenDone:) but that would just be an accident of implementation. If the Swift runtime did (or does) use a different allocator than the default system malloc/free then You’re Gonna Have a Bad Time.

He doesn’t show them, but Swift numbers actually do have built-in methods for endian conversion.

The Natural History of Palatino

Jennifer Kennard (via Nick Heer):

The Book Club of California has announced the release of a definitive account of Herman Zapf’s enduring typeface Palatino, written and designed by Canadian poet, historian, linguist, typographer, and book designer, Robert Bringhurst. Published nearly a year after Zapf’s death at age 96, Palatino, The Natural History of a Typeface, explores the evolution of his most ambitious design project; from his original sketches in 1948, to the first trial cutting of Palatino roman at the Stempel Foundry in 1949, and to the last authentic digitally drawn members of the family which Zapf himself carefully supervised just ten years ago. The story of Zapf and his notorious typeface which he originally named Medici, also bridges one of the most transitional periods in all of the history of typography and printing; spanning the age of metal type, photo lettering and then digital.

Previously: Hermann Zapf, RIP.

Apple Shortening App Review Times

Alex Webb (Hacker News, MacRumors):

Apple Inc. has cut the approval time for new submissions to its App Store from more than a week to less than two days, part of a broader push to increase revenue from services including mobile applications.

The accelerated pace allows app developers to fix bugs faster, try out new features more regularly and better react to market changes, while building developer loyalty to Apple’s iOS mobile operating system. The mean approval time has fallen from 8.8 days a year ago to 1.95 days in the past two weeks, according to, which analyzes user-submitted data. In December, the average was more than five days.

John Gruber:

Wonder how Apple is achieving this. More reviewers? Lower standards?

Federico Viticci:

The Mac App Store, which is smaller in volume than the iOS App Store, is currently seeing app review times of 24 hours.

In addition to AppReviewTimes’ crowdsourced data, anecdotal experience from my own conversations with developers indicate that, particularly over the past two weeks, approval times of 2-3 days have become quite common for iPhone and iPad apps.

I have been hearing good reports from developers, too. Hopefully, it continues.

A lot of people have been questioning the explanation that the impetus was to increase Apple’s revenue from services. I wouldn’t read too much into that or worry about which bucket costs and revenues will be counted in. First, Apple has been trying to create a services narrative because of the decline in hardware sales. So it would be strange not to mention a services angle. Second, if you presume that Apple always knows how to maximize its long-term profit, a change like this will never make sense because either they were leaving money on the table before or they’re doing so now. The proper way to think about this is that Apple is always trying to do what’s best (for Apple) but that its idea of how to do this can change. Developers have long believed that improving the experience for them would ultimately benefit Apple. Better software would make the platform stronger, Apple would sell more devices, and it would collect App Store fees on increased sales. Perhaps Apple is starting to believe this as well.

Thursday, May 12, 2016 [Tweets]

Proposed Client-side Encryption in OmniFocus

Wim Lewis (via Ken Case):

Our main goal is to secure your data against a passive attacker: someone who can read the files on the server, intercept them on the network, look at old backup tapes, etc., but who cannot modify your files on the server. This describes a lot of real-world compromises. The passive attacker should be able to learn very little about your use of OmniFocus. They will, by definition, be able to tell when you’re making changes and syncing them, and they can tell if you’ve added an especially large attachment, for example, because of the increase in traffic. But they should not be able to read the contents of any of your tasks.


An OmniFocus sync database is a directory full of files which are read and written asynchronously by multiple clients that don’t have other ways to communicate.

An encrypted database has one extra file, the “encryption metadata” or key management file. Your passphrase decrypts this file, which contains one or more file-encryption subkeys, each with an identifying key index.



Long List of Ways Mac OS X Starts Code Running

John Gordon:

Without an uninstaller we end up doing a hunting expedition when weird things happen. Code that starts automatically is particularly hard to track down. I wrote this post as a reference for me, drawing from a few Super User and other posts[…]

Keir Thomas:

Moving beyond Gordon’s analysis, two free apps can help begin to sort out the mess and discover what apps are attempting to run in the background of your Mac:

  • KnockKnock: Malware installs itself persistently, to ensure it is automatically executed each time a computer is restarted. KnockKnock uncovers persistently installed software in order to generically reveal such malware.
  • Etrecheck: EtreCheck is a free tool that explains what is going on inside your Macintosh. It consolidates information from over 50 different diagnostics tasks and displays it all on one concise report.