Thursday, September 25, 2014
It’s hard for me to get past the absurdity of Apple’s position here. It’s simply baffling why one of the largest open-source projects they sponsor--WebKit--violates platform protocols by using private API’s, and apps directly bundling such code can’t be deployed on the platform’s major distribution channel, the Mac App Store. Wouldn’t it be better for Apple to open up these private API’s, make them public, and allow third-party developers to use them if necessary? WebKit’s use of these API’s dates back to the earliest days of the project; I found commit messages from 2002 that report their inclusion. Tk would certainly benefit if use of those API’s could be made legal. If a platform vendor’s private API is used in a vendor-sponsored open-source project, how truly private is the API? If Apple is going to be consistent here, shouldn’t WebKit remove these private API calls, and find another way to render browser windows in a smooth, crisp fashion?
In a way, it does make sense. Other core OS projects that Apple has open-sourced also use private API—that probably should stay private. But I agree that it would be nice to be able to ship a customized version of WebKit. And if a Web browser needs private API to get good performance, that’s probably also a code smell.
The v1.0 release of Swift has come and gone, and v1.1 is right around the corner. My thoughts so far can be summed up as this: the hype of Swift is over for me - I want my ObjC 3.0 language. I’ll keep trucking along in Swift for the projects I can, but at the end of the day, I’m, on the whole, fairly disappointed in the language.
I’ve tried many different projects with Swift from algorithms to data structures to solutions for working with structured data like JSON; pretty much everything short of a full-blown app. Around every corner I’ve been met with frustration due to design limitations, bugs, performance issues, poor debugger support, and what ultimately comes down to design choices. It’s this last group that has me the most disheartened.
I don’t just dislike the concept of generics, I hate the extremism that generics forces onto your code. Once you move to generics in your code, you, by definition, give up an extreme amount of flexibility in your code base. In exchange, you are supposed to get back improvements in type safety, code reduction, and performance. What no one talks about though, is the cost to write that code, to debug that code, and to understand that code, especially as generic systems get more and more “feature rich”.
It’s a shame that the introduction of Swift means that we will probably not see much more modernization of Objective-C. I think there is a lot more that could be done there. Plus, the benefits would be available much sooner.
Wednesday, September 24, 2014
A number of iPhone users are reporting that the update breaks cellular connectivity and Touch ID.
If you’ve already installed the update and are experiencing these issues, your only recourse until Apple releases a corrective update is to restore your device back to iOS 8.0. iMore has instructions on how to do that.
Apple has pulled the 8.0.1 update. An un-updated iPhone 6 Plus is now reporting that iOS 8.0 is up to date.
In the last open-sourced objc runtime release, objc4-551, support for vtable dispatch was removed, and the clang options for supporting it have been mostly disabled.
Quinn “The Eskimo!”:
My understanding is that the optimisations that were done as part of the ARC effort eliminated the performance advantages derived from vtables.
You mean something like that retain/release/autorelease were three of
the most important vtable selectors, and they’re mostly now not called
via method dispatch since objc_retain()/objc_release()/etc
short-circuit to the NSObject implementations for almost all objects?
I would guess that’s what Quinn meant, and this raises some questions:
- Does non-ARC code now see performance regressions, since the frequently used reference counting selectors are no longer optimized in this way?
- Why aren’t other common selectors worth the seemingly small cost of the vtable?
- If regular cached dispatch is fast enough that it isn’t worth using vtables, why is Apple discouraging message passing on performance grounds?
How many apps on your iPhone or iPad have a built-in browser?
Would it surprise you to know that every one of those apps could eavesdrop on your typing? Even when it’s in a secure login screen with a password field?
There is always a tradeoff between usability and security. Doing the OAuth token exchange with an in-app browser makes it easier for a user to login, but they’ll have no idea if their personal information was captured. That is why Twitterrific did its token exchange in Safari, even though it’s a more complex user interaction and a more difficult technical implementation. As a user, I know that there’s no way for my login to be compromised when the transaction involves Safari.
Unfortunately, Apple’s current App Review policy does not agree with this recommendation or with Twittterrific’s previous implementation. This is why our update for iOS 8 was delayed—it was the first time since the launch of the App Store that we haven’t had a new version on release day.
It’s hard to know how serious a problem this is. Is there really a difference compared with the 5s? How much of it is due to user error: applying unreasonable forces to the phone and not using common sense in how and wear to store it? I never would have been comfortable putting an iPhone in my back pocket, but millions of people have done this for years, so they expect it to keep working. How much of the problem is Apple not designing and testing the phone to stand up to the ways they know people will try to use it? Would a slightly thicker design have prevented these problems? I have seen some reports saying that similar-sized Android phones are less susceptible, but no one seems to have measured yet.
You aren’t holding it wrong this time, but there’s a good chance your pocket might be doing terrible things to your iPhone 6 or iPhone 6 Plus. Owners of these new gadgets are reporting serious warping issues after the phones have done little more than sit inside a pair of pants.
According to reports, the iPhone 6 is slightly bending beyond repair while in pockets. Some users say that the bending occurred after normal sitting, while other people have had more active lifestyles. Unfortunately, it does not appear that Apple will replace these more fragile-than-expected units at no cost. Some users are reporting that replacement costs are in the hundreds of dollars range.
As highlighted in a few reports shared in the MacRumors forums, a small but growing number of iPhone 6 Plus owners have reportedly bent their phones after carrying the devices in their pockets just days after launch. In one instance, a new iPhone 6 Plus was bent during a day of dancing, dining, and driving to a wedding.
It’s worth noting that many phones, including the older iPhone 5 and 5S, have been known to bend occasionally—Cult of Mac has a nice roundup with plenty of examples. The question at this point is whether these reports of bending and warping iPhone 6 and iPhone 6 Plus units are isolated incidents or if, like the iPhone 4’s antenna problems, the issue is endemic to the new design.
The common cause seems to be sitting for hours on end with the phone in your pocket.
Today’s controversy is about the (permanent) bending of some iPhone 6 Pluses. Given that the iPhone 5 and 5S could both bend, it shouldn’t be surprising that the longer and thinner iPhone 6 and 6 Plus would bend, too. Apart from the geometric factors, the property that’s most important in determining the load at which the phone starts to take on a permanent bend is the yield strength of the aluminum frame. The yield strength is the highest stress for which a material will spring back to its original shape when the stress is removed. It is the boundary between elastic and plastic behavior, and is almost always one of the strengths that govern the design of metal structures.
As of today, if you do a Google image search on “iphone bend,” the results will be dominated by photos of the 5 and 5S. I assume that’ll change over the next few days.
Plastic bending strength varies with the square of the thickness, all other things being equal. 7% thicker ⇒ 14% stronger. Still…
… I doubt that’s the reason for more bent phones. More likely that the loads are higher because the phone rides higher, spanning…
… the hip joint as it sits in your front pocket.
Maybe this is why Samsung makes their big-ass phones out of plastic.
I cannot believe that this “bent iPhone 6 Plus” thing is becoming a thing.
Update (2014-09-25): Daisuke Wakabayashi (via Serenity Caldwell):
Since going on sale Friday, Apple said only nine customers have contacted the company about a bent iPhone 6 Plus—the larger and more expensive of its two new iPhones.
After more investigation, I discovered that pretty much the only app for Mac OS X platform that supports multi-part S3 uploads is the unfortunately named, “Cyberduck”.
Turns out, you have to first restore them to S3 using the Amazon AWS Console, and then they’ll be downloadable using something like Transmit. From within the console, after having selected one or more files, you’ll find a “Restore” function in the “Actions” drop-down menu. When you choose to Restore a file (or files) you’re asked how long you want them to remain available in S3, before they are reverted back into Glacier.
That seemed quite nice, but then I discovered a huge problem. What if I wanted to restore an entire folder of files?
So that’s where I am. Happy to have all my data hosted cheaply in Glacier. Unhappy to have spent so much money getting it there. Happy to decommission my old hard drives at home. And hoping when the day comes that I need to do a mass-restore of my data, that a decent Glacier client will have appeared on the Mac platform, or that one of the existing apps like Transmit will have evolved to support that.
In this follow-up post to my iPhone 4s and iPhone 5 comparisons, I present an 8 iPhone comparison from all iPhone versions taken with Camera+ including, the original iPhone, iPhone 3G, iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPhone 5S, and the new iPhone 6 in a variety of situations to test the camera’s capabilities.
The table below summarizes how your data is secured when using various iCloud features
When you access iCloud services using Apple’s built-in apps (for example, Mail, Contacts, and Calendar apps on iOS or OS X), authentication is handled using a secure token. Using secure tokens eliminates the need to store your iCloud password on devices and computers. Even if you choose to use a third-party application to access your iCloud data, your username and password are sent over an encrypted SSL connection.
Monday, September 22, 2014
Apple (PDF) (via John Gruber):
You can add line items to the purchase total to explain additional charges. A line item consists of a label and an associated cost, such as “Gift Wrap $5.00” or “Tax $4.53”. You can also add an item with a negative value, such as “Friday Discount -$2.00”. Use line items for charges that are added to the merchandise being purchased; don’t use them to display an itemized list of products.
Note that the Apple Pay sheet always displays text in all capital letters.
Apple will discontinue the streaming music service Beats Music it acquired in May, according to five sources, including several prominent employees at Apple and Beats. Many engineers from Beats Music have already been moved off the product and onto other projects at Apple, including iTunes. It’s not clear when exactly Jimmy Iovine and Dr Dre’s music service will be shut down or what Apple will do with streaming, but every source with knowledge of the situation that we talked to agreed Apple plans to sunset the Beats Music brand.
Considering Apple’s penchant for simple, unified brands, and how it despises fragmentation, shutting down Beats Music makes a lot of sense. Running a second music service in parallel with iTunes that forces people to learn a whole new interface might have confused customers. Beats Music’s CEO Ian Rogers was also put in charge of iTunes Radio, meaning he’s already splitting his time rather than just focusing on Beats Music.
I’m not expecting them to rebrand the headphones as Apple, though.
Update (2014-09-22): Peter Kafka (via Kirk McElhearn):
I can elaborate a bit more, based on conversations with people familiar with Apple’s thinking: Apple won’t shutter the streaming service. It may, however, modify it over time, and one of those changes could involved changing the Beats Music brand.
I don’t doubt that over time, there could be some breakthroughs with sapphire and new coating processes that could make it possible to use on a smartphone. However, from the research I did, it does not appear that it could happen anytime soon. Plus, sapphire’s less flexible and more brittle nature suggests, as least to me, that using it in large-screen smartphones would still be difficult — even if it was possible to coat it in a way to keep the screen from splintering. I now at least understand why Apple didn’t use it in the new iPhones — and the more I study this, it seems that it could be problematic for Apple to use sapphire outside of its smartwatch line anytime in the near future.
Update (2014-09-24): Dr. Drang:
The Mohs hardness number is a measure of scratch resistance, and it’s perfectly true that higher is better when it comes to avoiding scratches. It’s certainly a type of strength that needs to be considered, but not to the exclusion of others. If you drop your phone on a concrete sidewalk, scratch resistance isn’t going to save your screen. You need impact resistance, which involves the ability to absorb energy. For a thin sheet, that usually means the ability to flex significantly without breaking—not a property that’s intrinsically allied with scratch resistance.
Tim Bajarin at Time was promoting sapphire in August, but to his credit, he got himself educated after the iPhone 6 introduction and wrote a good explanation of why Apple stayed with Gorilla Glass. I’m not thrilled with his “sheet of ice” analogy, but the rest of the article is worth reading.
Sunday, September 21, 2014
I think all developers go through the initial hatred of the tester, feeling unloved, and depressed because the labor of our love is so awfully buggy, broken and badly designed! Oh. But you eventually come to see that knowledge is power.
We had a great QA team at CE Software. One of the things is that almost everything pushes you to ship as early as you can. The developers want it shipped so they can start work on the next version or the next project. Marketing wants it shipped so they can start selling it and it can turn into real cash. Support wants it shipped so they no longer have to tell people yes, that’s a real bug, yes we’ll be fixing it in the next version, that will be soon. And even the customers want it shipped because they want the bugs they’re dealing with smashed and they want the new features we’ve talked about in their hands. You need a QA team with the desire and the authority to say “this isn’t ready to go”. The authority usually comes after a disastrous release, it did for us.
Saturday, September 20, 2014
Whoosh (via Gus Mueller):
Whoosh helps you send out lots of emails using the Amazon Simple Email Service. Whoosh will import mailing list in CSV or Tab-Delimited format from a file, or direct from a remote URL.
I’m currently using DreamHost for my announcement mailing lists. I use Amazon SES for all other auto-generated e-mails—e.g. order confirmations and serial number lookups—but I’ve long thought of using SES for announcements as well. It works really well and is orders of magnitude cheaper than MailChimp and similar services.
Update (2014-09-20): Scott Morrison recommends Sendy, a self-hosted PHP/MySQL tool that uses Amazon SES and also helps you manage the subscription list.
Ed Bott (via John Gruber):
The actual price you will pay for an iPhone 6 in the U.S. varies depending on which carrier you choose. Those advertised numbers accurately reflect the up-front amount that a buyer will pay at the start of a two-year contract. But those apparently low subsidized prices include hidden costs that jack the price up over time. And it is nearly impossible for the average shopper to figure them out without extensive and exhausting research.
If you choose the 2-year contract option for AT&T, Verizon, or Sprint, you get a different set of plans. In the case of Verizon and AT&T, buying a phone outright or paying the full price in 20-24 monthly installments qualifies you for per-line discounts that range from $10 to $25 per month.
If you buy the device at the “low” two-year contract price, those discounts disappear. They are effectively finance charges for the device, which need to be added to the down payment of $200, $300, or $400.
I really like the new exposure slider in the iOS 8 Camera app. Unfortunately, the HDR control is still broken. I set it to On, and within seconds it’s changed itself back to Auto.
Friday, September 19, 2014
The end result is that a functioning printer is headed for the garbage heap (or perhaps to a Windows user) because Dymo is unable or unwilling to fix a software incompatibility. And it cost me $100 to replace a printer that ought to still be usable.
My LabelWriter 330 used to Just Work. Now it sort of “works” with 10.9.5. It can indeed still print, but lately it’s been unreliable. Often, the job queue will pause itself right after I print. Manually resuming it causes half the label to be printed, thus ruining the label. Usually it will thereafter work for a bunch of labels in a row.
The point of school is to teach us how to think, after all.
But that always sounds to me like people arguing that you could learn the rules of English grammar without learning any of the actual words. The facts — and, especially, the stories — of the world are its words. That’s our vocabulary. That’s what we think with and about.
To “de-emphasize memorization” sounds like a thing everybody can agree on — except that I suspect it really means “we’ve made it so you don’t have to know what actually happened, which makes it easier for you to do well on the test, which makes us look good.”
The Camera Roll has disappeared, and in its place is the Recently Added smart album, which collects images you’ve recently taken or added to your device. It joins app-specific and content-specific albums on the Albums page, along with the new Favorites album (more below). Sadly, Apple continues to decline to make a Screenshots smart album (to my own personal disappointment).
Not a HUGE fan of what they did in getting rid of Camera Roll and Photostream! To save free space in iOS 7, I would take pictures and then delete them from my Camera Roll once they synced into Photostream. With the changes in iOS 8, I can no longer tell what’s been synced and what is still on my phone...
This is really confusing. I used to be able to view the Camera Roll from the Camera app, so it was easy to go access recent shots and then go back to taking photos. Now, the Camera app just lets you open the Photos app, showing the recent photos full-sized. If you want to see thumbnails of the recent photos, you have to tap All Photos. But then you are in the Photos app for real, and there’s no button to get back to the camera.
It’s always been necessary to prune the locally stored photos now and then; otherwise they will consume all the space on your phone. Now, there is seemingly no way to see, from the phone, which photos I should be pruning. And there’s still no way to delete a large number of photos without individually tapping them. The Image Capture app on the Mac is needed now more than ever.
Update (2014-09-19): Allyson Kazmucha:
The bottom line is this — the Camera Roll has been nixed in favor of using the Photos tab. Recently Added on the other hand is simply a collection of all your recently taken photos across all your devices. So just think of Recently Added as replacing your personal Photo Stream.
I find it bizarre that there is no way to tell (a) which photos are only stored on the device, (b) which photos were taken with this device, or (c) which photos are on Apple’s server.
Update (2014-09-20): Lukas Mathis:
While this is incredibly annoying to people who know what they’re doing and want to have the ability to manage photos manually, a lot of iPhone owners — perhaps most of them — do not manually manage the photos on their phones, and would not do so if they had the option.
With the current combination of too-low storage capacities and a cloud solution that isn’t there yet, I think having manual controls is the least bad option.
Update (2014-09-22): Ole Begemann:
When you enable iCloud Photo Library on iOS 8, it is no longer possible to delete images from an iPhone using Image Capture on the Mac.
So I can see why people in the music business might think it’s important to make and sell interactive, multimedia music formats (what decade is this?) to compete, but I don’t think they stand a chance. Every trend in music is going in the opposite direction.
In 2007, Steve Jobs wrote an essay called “Thoughts on Music” to attempt to pressure the big record labels into agreeing to DRM-free music sales. […] I’m sure it’s a coincidence, but I’m having a hard time finding “Thoughts on Music” on Apple’s site anymore. Here’s the Internet Archive’s copy — the only live copy I found is in the Korean Hot News archive.
See also: Thoughts on Music.
On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode. Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.
But has everything changed with iOS 8? This document on iOS 8 security measures suggests that’s the case, showing that Apple has extended deep encryption protections to more of its own apps. “Key system apps, such as Messages, Mail, Calendar, Contacts, and Photos use Data Protection by default, and third-party apps installed on iOS 7 or later receive this protection automatically,” it reads.
It’s important to take a minute, however, to note that this does not mean that the police can’t get to your data. What Apple has done here is create for themselves plausible deniability in what they will do for law enforcement. If we take this statement at face value, what has likely happened in iOS 8 is that photos, messages, and other sensitive data, which was previously only encrypted with hardware-based keys, is now being encrypted with keys derived from a PIN or passcode. No doubt this does improve security for everyone, by marrying encryption to the PIN (something they ought to have been doing all along). While it’s technically possible to brute force a PIN code, that doesn’t mean it’s technically feasible, and thus lets Apple off the hook in terms of legal obligation. Add a complex passcode into the mix, and it gets even uglier, having to choose any of a number of dictionary style attacks to get into your encrypted data. By redesigning the file system in this fashion (if this is the case), Apple has afforded themselves the ability to say, “the phone’s data is encrypted with a PIN or passphrase, and so we’re not legally required to hack it for you guys, so go pound sand”. I am quite impressed, Mr. Cook! That took courage… but it does not mean that your data is beyond law enforcement’s reach.
For example, if they have access to your Mac:
While your photos and messages might indeed now be encrypted with a key derived from your PIN, the pairing records stored on your desktop have a “backup copy” of your keybag keys (the escrow bag), which can be used to unlock the encryption on your phone – without a PIN. Again, this was added so that iTunes could talk to your phone while it is still locked.
Fortunately, there are some precautions you can take to ensure your privacy. One small trick is to shut down your iPhone whenever you go through airport security or customs. Why? Because Apple has included a kill switch that prevents your pairing records from being able to unlock your iPhone if it’s been shut down. The pairing record vulnerability only works if you’ve used your phone since it was last rebooted. Secondly, make sure you’re using strong encryption on your desktop / laptops, and make sure your computers are all shut down when not in use… especially when going through airport security. There are a number of forensics tools capable of dumping the memory (and therefore, encryption keys) of your encrypted disk if you’ve left your computer asleep or in hibernate mode. Shut it down.
Thursday, September 18, 2014
The documentation only shows one type of
XCTestExpectation, but there are actually several different methods for creating them:
@interface XCTestCase (AsynchronousTesting)
- (XCTestExpectation *)expectationWithDescription:(NSString *)description;
- (XCTestExpectation *)keyValueObservingExpectationForObject:(id)objectToObserve
- (XCTestExpectation *)keyValueObservingExpectationForObject:(id)objectToObserve
- (XCTestExpectation *)expectationForNotification:(NSString *)notificationName
These are documented in XCTextCase+AsynchronousTesting.h.
Amazon has announced a new Kindle, the Kindle Voyage (odd name…) that is due to ship in November. (Amazon.com, Amazon UK) A bit smaller than the Kindle Paperwhite, this device boasts a higher screen resolution (300 ppi compared to 212 pip for the Paperwhite), and an adaptive light, so the screen light will vary according to your ambient lighting. There are also page-turn buttons in the device’s frame, on either side of the page, which provide haptic feedback.
I’m glad they added the page-turning buttons back.
Update (2014-09-19): Marco Arment:
You know what else is a pressure-based sensor with haptic feedback? A button.
Backlit tablets just can’t compete with E-Ink-equipped Kindles when it comes to reading in the bright sun. One of these days, maybe Apple will figure out how to make a glareless iPad with a really bright backlight for outdoor reading, but until that day I’m Kindle all the way.
At night, the inverse applies. My Paperwhite, turned down all the way, is much darker than my iPad’s backlight at the lowest setting. Which means it’s much less likely to disturb my wife while she’s sleeping and I’m reading.
Whether dark or light or in between, I prefer reading on these devices. They never push notifications at me, I’m never tempted to switch over to Twitter or email, and the static black-and-white calm of words on a page evokes the best things about reading a paper book or newspaper.
As I said, I was really excited about this. So far, it has not quite worked out the way I expected.
The Safari extension prompts me for my master password every single time, even though I have set the master password timeout to 30 days.
The app itself sometimes lets me in via Touch ID but usually asks for my master password. I understand that the app needs to be running in order to keep the master password in RAM, but something doesn’t seem right here. It happens even in situations where it seems impossible for the app to have been quit by the OS.
There is an option in the Advanced preferences to store the master password in the iOS keychain. This seems like it would address the problem, but it also seems potentially dangerous. It shouldn’t be necessary unless there is a memory shortage.
In Riposte (which I’m trying since Netbot crashes on iOS 8), there is indeed a button to access 1Password and search for “app.net”. However, there didn’t seem to be a way to get it to enter the username and password; I had to copy and paste them.
Surprisingly, 1Password lets me use third-party keyboards to type usernames and passwords, though not the master password.
Update (2014-09-23): I heard back from AgileBits support. The main issue seems to be that (a) a new instance of the 1Password extension is launched each time it’s used, so it cannot remember anything between invocations, and (b) the extension cannot communicate with the running 1Password app to get the master password. Therefore, the extension will prompt for the master password every time unless you enable the option in the 1Password app to store the master password in the iOS keychain.
- Fleksy (App Store)
What I like about this keyboard is that it lets you swipe left to delete an entire word, swipe right to type a space, and swipe up or down to choose among word predictions. You can add or remove words from its dictionary. You can also adjust the size of the keyboard and even omit the spacebar. Languages and personalization require “Allow Full Access.”
- SwiftKey (App Store)
Word predictions and the Flow feature for swiping requires “Allow Full Access.” I did not enable that, so it didn’t seem to offer much. They want you to use their cloud service and send them data to get more accurate results.
- Swype (App Store)
It’s amazing how accurate this is when you swipe your finger around without lifting it. There are also some interesting gestures for punctuation and capitalization, and you can control its dictionary. This keyboard does not even ask for “Allow Full Access.”
- TextExpander touch (App Store)
It’s great to be able to expand abbreviations. Unfortunately, as I said, this means that you have to forego the other keyboards that are better at typing. You do have to enable “Allow Full Access.”
I think the Allow Full Access setting is confusing. It seems to be asking whether I want the keyboard to be able to persist data. That sounds useful and harmless. What I really want is to prevent the keyboard (via the app) from sending my data over the network. There doesn’t seem to be a way to do that except by not allowing full access.
See also: Federico Viticci, Scott Hanselman, Allyson Kazmucha.
Update (2014-09-19): Tim Burks:
It would be nice to be able to offer extended features without scaring consumers and looking shady.
My interpretation of the documentation is that a keyboard extension can enable network access if it is for the purpose of improving the application. What improvements warrant this, is up to the app developer.
But the only gate keeper is the app approval process. While that has kept iOS comfortably safe for me, the additional benefit of a new keyboard does not warrant this added risk.
Update (2014-09-21): By default, Swype backspaces over a whole word; to delete just one character, you can type a space and then backspace twice. I have not found a good way of typing words with apostrophes in them, since the apostrophe is not on the main keyboard.
Many Mac developers dropped everything to re-sign apps like Apple asked for 10.9.5, only to learn it doesn’t matter. Terrible communication.
A bit over a month ago, Apple announced big changes to the way Mac OS X versions 10.9.5 and 10.10 will recognize the code signatures of 3rd party applications, hinting very strongly that consequences would be dire for any developer neglecting to re-sign their apps:
To make matters yet more confusing, a developer who has signed off on the chore of complying with Apple’s requests would not necessarily be able to verify the job was done right, because for example on pre-release builds of 10.9.5 and 10.10, many apps with “old and busted” version 1 signatures unexpectedly passed the system’s Gatekeeper check, contrary to the firm indication from Apple that they shouldn’t.
It’s still not entirely clear to me what happened here. I had an app that failed the Gatekeeper check with pre-release versions of the OS only to pass it with later betas and the release version. Was this because of a bug in the pre-release versions? Or is Apple simply delaying part of the clamp-down?
See also: Major Changes to Gatekeeper in Mac OS X 10.9.5.
Update (2014-09-19): Andrew Cunningham:
This is contrary to a message Apple sent to developers in early August, which indicated that all apps would need to be re-signed to work properly with 10.9.5.
Update (2014-09-24): Jeff Johnson:
What nobody was expecting, and as far as I can tell, what nobody but me has noticed yet, is that the Gatekeeper change, or a significant subset thereof, was included with the 2014-004 Security Update for Mac OS X 10.8.5. There is no mention of this at all by Apple, anywhere, certainly not in the release notes.
It’s shameful that Apple failed to inform anyone, either developers or users, either before or after the fact, that this significant overhaul of Gatekeeper shipped in the security update to 10.8.5. And since it was a security update, we have to wonder, what was the security vulnerability? Why wasn’t it listed in the security content for 10.8.5 or 10.9.5? According to the hype, Apple is supposedly entering into a new era of openness. According to the reality, however, I see the same old lack of communication.
Our business model is very straightforward: We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple.
That Tim Cook and Steve Jobs are very different people has been a common refrain for three years, and it came up again this week in his interview with Charlie Rose. But one trait they share is the ability to write in simple, straightforward words. I say clear writing is a sign of clear thinking.
Below you’ll find information about powerful features that help you make your devices and data secure, along with tips for avoiding phishing scams and keeping your account safe.
Government information requests are a consequence of doing business in the digital age. We believe in being as transparent as the law allows about what information is requested from us. In addition, Apple has never worked with any government agency from any country to create a “back door” in any of our products or services. We have also never allowed any government access to our servers. And we never will.
In the Charlie Rose interview, Cook said they would have to carry him out in a box before he let that happen. Of course, it is entirely possible that it could happen without his knowledge or consent. The systems are designed such that Apple could tap into your messages if it wanted to. There is unfortunately no way to prove that this doesn’t happen.
I also note that Apple has updated its iOS Security whitepaper.
Update (2014-09-18): Jeff John Roberts (via David Heinemeier Hansson):
Now, Apple’s warrant canary has disappeared. A review of the company’s last two Transparency Reports, covering the second half of 2013 and the first six months of 2014, shows that the “canary” language is no longer there.
Update (2014-09-19): Cyrus Farivar:
While Apple won’t confirm it, the company has removed its warrant canary from its latest transparency report, issued this week. While this could mean that the company has received a new secret government order to provide user data, there is still another more likely possibility: it’s not publishing warrant canaries at all.
Up until that point, iOS apps had very limited reach in terms of access to other apps’ documents, so we struggled to find an answer to our time-honored litmus test of “what would we use this for?” Was an app that simply allowed you to transfer files in and out of itself particularly useful?
By utilizing App Extensions, Transmit could effectively provide standard file transfer protocols for any iOS 8 app. Overnight, this idea that made very little sense suddenly made all the sense in the world.
As of today, you can easily save to Instapaper from any application on your iPhone or iPad that supports the iOS system share sheet. No more copying links & opening Instapaper, emailing yourself articles, or installing bookmarklets. Just tap the system share icon, choose Instapaper, and voila! Saved.
Adam Ernst and Ari Grant gave a presentation at @Scale 2014 about why Facebook switched away from Core Data and MVC to immutable models and their own layout engine that separates the layout from the process of creating the view hierarchy from recycled immutable views.
Wednesday, September 17, 2014
I’ve been using the iPhone 6 and iPhone 6 Plus for the last week, since Apple’s big event on Sept. 9. You can read my full review on Macworld—it’s my final byline there. You can also listen to episode 1 of my new podcast, Upgrade, in which I discuss the new iPhones and my review with my co-host, Myke Hurley.
I suspect that Apple’s intent here is for Reachability to always go away once you’ve tapped on something. But I could make an argument that the alternate approach — let interactions keep happening until your finger is off the glass for a second — is the better one. Sometimes I do need to make two taps at the top of the screen, and with Apple’s approach I have to reactivate Reachability to make the second tap. And of course, tapping on the black void is always there to dismiss Reachability immediately if I really can’t wait a second.
If an app isn’t written specifically to take advantage of the iPhone 6 or iPhone 6 Plus, the phone will scale the entire user interface up to fill the screen. (There’s no letterbox, because the iPhone 5 and 6 series all use the same 16:9 aspect ratio.)
Apple has added a feature to the iPhone 6 and iPhone 6 Plus called Display Zoom, which lets you choose between using that extra screen space for more stuff, or for bigger stuff. If you turn on Display Zoom on the iPhone 6, the device will scale up the resolution of an iPhone 5 screen. If you turn it on on the iPhone 6 Plus, it’ll scale up the resolution of the iPhone 6.
One week in and I’m still unsure about the size of the iPhone 6 relative to that of my iPhone 5S, but I’m very sure about the size of the 5.5-inch iPhone 6 Plus: it’s too big for my taste.
Again, they’re more like two different device classes than two variations of the same device. My understanding, talking to people at the event last week, is that Apple’s industrial design team mocked up prototypes of every single size between 4.0 and 6.0 inches, in tenths-of-an-inch increments, and from those 20 sizes selected the two that best hit the sweet spots for “regular iPhone” and “ginormous iPhone”. We might never see new iPhone sizes again — or at least not bigger ones.
No doubt about it, one-handed usability suffers greatly on the iPhone 6 compared to the iPhone 5 series — and the 4.0-inch iPhone 5 displays are themselves less one-hand-able than the classic 3.5-inch iPhone displays. But there are advantages to the larger display of the iPhone 6. I find myself typing much faster and more accurately.
Reachability might make it possible to do everything you want while holding the 6 Plus one-handed, but it’s nothing at all like using a 3.5- or 4.0-inch iPhone in one hand.
Pocketability is going to vary based on your pants and pockets. (I’ve been wearing Levi’s jeans every day I’ve been using both phones.) With the regular iPhone 6, I haven’t had any problems. The fact that it’s so much thinner than the iPhone 5/5S, and now has curved sides, makes it easy to slide into a pocket. The overall volume of the device just doesn’t feel that much bigger in hand or pocket.
Text and fine lines appear sharper on the 6 Plus than on the regular 6 (or any other iPhone with a 326 PPI display, like the 5’s). 401 pixels per inch is high enough that things still look great even if they’re not pixel-perfect. I was deeply skeptical of this on-the-fly downsampling when I heard about it, but having used it for a week, I’m sold.
(When you take a screenshot on the iPhone 6 Plus, you get a 2208 × 1242 image — you get a screenshot of what the app thinks it is displaying, not a screenshot of the actual pixels on screen. If you really do care about pixel-level precision, I’m not sure how you can tell what is being rendered on screen other than to examine the actual iPhone display using an optical loupe.)
The iPhone 6 has a noticeably stronger vibrator to me, and with the iPhone 6 Plus, it’s so powerful it’s actually a bit noisy — the sound made by the 6 Plus vibrator is so strong, I wonder if there are going to be complaints that it’s not “silent” at all.
As you can see, the iPhone 6 is 11% to 17% faster than the iPhone 5S. The iPhone Plus is 23% to 24% faster than the iPhone 5S. The iPhone 6 Plus is 6% to 11% faster than the iPhone 6.
Update (2014-09-18): John Gruber:
But I don’t understand why the entry level storage tier remained at a meager 16 GB. That seems downright punitive given how big panoramic photos and slo-mo HD videos are, and it sticks out like a sore thumb when you look at the three storage tiers together: 32/64/128 looks natural; 16/64/128 looks like a mistake. The original iPhone, seven years and eight product generations ago, had an 8 GB storage tier. The entry-level iPhones 6 are 85 times faster than that original iPhone, but have only twice the storage capacity. That’s just wrong. This is the single-most disappointing aspect of the new phones.
Austin Mann tests the iPhone 6 camera in Iceland.
Update (2014-09-21): Nick Heer:
I wrote approximately 15,000 words to review iOS 8. Yet, I inexplicably forgot a couple of things that I wanted to talk about. I have had notes about these things since June, and I intended to include them. I’m just a bit of an idiot.
I looked through Apple’s site on the iPhone 6 and interestingly the bump isn’t hidden most of the time, but it is always hidden in profile. When you look at the iPhone in profile the honest way to show the phone is with the bump, but take a look (from Apple’s site)[…]
Via John Gruber:
I think this is a mistake on Apple’s part. If the iPhone 6 is going to have a camera bulge (and it does), they should wear it with pride.
It is for this reason that I will be writing a review of iOS 8 in two parts. The first part, which is what you’re reading now, is a review of the first-party aspects of iOS. It is truly a review of iOS 8, not apps built for iOS 8. The second part, which will be released in weeks-to-months, is a review of what is possible when third-party developers get ahold of the thousands of new APIs available to them.
This is what I have gleaned from using iOS 8 every day since June 2 on my primary (and only) iPhone 5S and my Retina iPad Mini.
That’s not to say that there aren’t problems with it. I’ve pointed out a number already, and I’m sure we’ll hear more reports as users update. It’s not without its flaws and its bugs. But I think iOS 8 is the biggest iOS release for users and the most exciting opportunity for developers since iOS 2.0. It’s really that big of a deal.
Apple still holds the keys to many aspects of the iPhone and iPad user experience, but compared to past versions of the software iOS 8 represents an opening of floodgates. Don’t like Apple’s software keyboard? Replace it. Want sports scores and updates on your eBay auctions in your Notification Center? Here’s a widget, throw ‘em in there. Want to use a social network or a cloud storage service that Apple hasn’t explicitly blessed and baked into the OS? Cool. Here are some APIs for that.
Still no public transit directions in Maps.
Not all of the features advertised at WWDC were actually done in time for release.
The iPhone 4S was Apple’s last to use the original 3.5-inch iPhone screen size, which is now the smallest of four different phone screens that Apple supports. iOS 8's new stuff is all about fitting more information on those larger screens, whether we’re talking about predictive typing, new Mail sorting options, Notification Center widgets, or Spotlight suggestions. The 4S’ screen has always been small, but iOS 8 can make it feel cramped.
The iPhone 4S made the jump to iOS 7 relatively gracefully, though, and it’s fine with rendering all of the fancy transparency and translucency effects. We were expecting speed to stay roughly the same in the jump from iOS 7 to iOS 8, more or less as it did when we moved from iOS 5 to iOS 6 on the 3GS. Testing some application launch times under both operating systems reset those expectations. […] Again, we’re not looking at an iPhone 4-level situation here, but iOS 8 can add as much as 50 percent more time to the same task compared to iOS 7.
Generally [on an iPad 2], iOS 8 is noticeably slower and choppier than iOS 7, in everything from opening apps to typing. Back when we switched from iOS 6, we complained about how we could get 10 characters into typing something before the keyboard realized what was happening. This problem has returned with a force in iOS 8, especially on first opening an app. Screen rotation is stuttery, and any time some part of the OS needs to slide into place (text centering, apps minimizing), it can't do it smoothly.
iOS 8 feels like Apple took every wish list item on the web and checked them off one-by-one. Interactive notifications? Done. Widgets? Done. Inter-app communication, custom keyboards, document picker? Done. Done. Done. […] In this case, believe the hype. iOS 8 is in every way the biggest functional release for iPhone and iPad since the App Store.
Update (2014-09-18): Graham Spencer:
Just like we have in the past few years, we like to find those little gems that come with every brand new version of iOS. So in this post, you'll find dozens and dozens of tips, tricks, and details of iOS 8 that we've collected throughout the summer since the first beta release of iOS 8.
Given that the iPad 3 I have for testing falls into both the Apple A5(X) camp and the iPad camp, I won’t be updating it to iOS 8. While the new features like SMS Relay will be nice, the missing features and issues like keyboard lag outweigh the benefits of updating.
Despite my concerns, iOS 8 makes me feel excited for the future more than anything else. Apple’s steps to open up more options for customization by developers and users on iOS marks a significant departure from their previous releases. It’s not Android but it isn’t meant to be. It brings new features and capabilities that are implemented in a very Apple-like manner, for better or for worse. I don’t think it’s going to do much to sway Android fans toward iOS, but it gives a lot of reason for current iOS users to stay with Apple.
If you use iCloud with any third party apps, such as Microsoft Outlook, Mozilla Thunderbird, or BusyCal, you can generate app-specific passwords that allow you to sign in securely, even if the app you’re using doesn’t support two-step verification. Using an app-specific password also ensures that your primary Apple ID password isn’t collected or stored by any third party apps you might use. Starting on October 1, 2014, app-specific passwords will be required to sign in to iCloud using any third party apps.
They’ve also added two-factor authentication for the iCloud.com Web apps and iCloud backup.
Tuesday, September 16, 2014
Andrew Goodale (via Gus Mueller):
When I started working on an iPhone app to play music from the phone’s library based on GPS location, I needed a way to index the song metadata and other textual content. SQLite is built into iOS, and I wanted to use its full-text module support (FTS3/4). Apple provides no full-text search index functionality for iOS, and other options, such as Lucene, are focused on Java-based environments.
Since I was working with SQLite, I knew the best approach was to work with the excellent FMDB library, which provides an Objective-C wrapper to the SQLite C API. My effort extends that library with additional Objective-C interfaces and protocols to simplify working with the FTS3 module.
For years I’ve used on-hold “waiting” contexts named after coworkers and family members to denote tasks that I’ve assigned to other people and am waiting on them to finish. But a few weeks ago I had a realization that there are two other types of relationships between tasks and people that I haven’t been tracking. And with a few quick modifications to how I title my tasks, it’s possible to track them in OmniFocus.
With version 3.3 of PCalc, James Thomson has gone Espinosa one better: he’s not only built a customizable PCalc, he’s given all of us the power of Steve Jobs.
To edit a button, press and hold on it until the display shifts and handles appear at the corners of the button. You can use the handles to resize the button, and you can drag it around to any place you like.
To change what the button does, tap the Edit button along the bottom, and a screen will appear that’ll let you change the name and the behavior of the button. You can have it work like any of the regular commands, run a user function, perform a unit conversion, or insert a constant. You can have the button appear in the normal view, the 2nd view, or both.
This is going to be great. None of layouts were ever quite what I wanted. Now I can tweak them.
There is no doubt in my mind that this is the best way to take your App Store screenshots and this is the main reason that we’re discontinuing Status Magic. It’s very sad, but I’m not going to fight against something that provides better results and is integrated into the operating systems.
I loved this app, it wasn’t useful every day but it really made a difference to App Store screenshots and every time I saw a 9:41 on an App Store screenshot I wondered if we had helped create it. Farewell, Status Magic!
If you upgrade to iCloud Drive, you will only be able to sync with devices running iOS 8 or OS X Yosemite. As OS X Yosemite is still pre-release (and not yet available) upgrading to iCloud Drive will prevent you from syncing with Clear for Mac until both OS X Yosemite is released and you upgrade to OS X Yosemite.
Developers cannot work around the choice made when upgrading to iOS 8, so please make sure you pay close attention to the iCloud Drive screen shown after you update to iOS 8.
If you need to sync with devices that are not (currently) iCloud Drive-compatible, ensure you choose “Not Now”. this will keep iCloud’s “Documents and Data” sync feature enabled on your iOS 8 device so that you can sync with OS X Mavericks (and iOS 7 devices).
Update (2014-09-17): Caitlin McGarry:
You can go back and upgrade at any time, but unless you want a file-syncing nightmare on your hands, you’ll wait for Yosemite’s official release. You don't even have to take our word for it: Developers like Realmac Software and Bloom, which makes Day One have taken to their blogs to warn users about potential syncing problems and the lack of iCloud Drive support for pre-Yosemite versions of OS X.
Adam C. Engst:
Beyond the basic inability to access iCloud-stored documents on the Mac, this limitation also prevents you from working on iCloud-stored documents on both an iOS device and a Mac. So, if you’re a fan of switching back and forth between Pages on your iPad and on your iMac, you really want to postpone upgrading to iCloud Drive until Yosemite ships.
Update (2014-09-19): Apple:
iWork customers who use a Mac with OS X Mavericks or earlier will experience issues keeping their documents up to date if they upgrade to iCloud Drive via iOS 8 or iCloud.com.
If you update to iCloud Drive, you lose access from the iWork apps on Mavericks.
Mac users are better off waiting for OS X Yosemite to drop before upgrading to iCloud Drive, but iOS 8-toting Windows users are cleared for takeoff. Apple recently released an upgraded version of iCloud for Windows loaded with iCloud Drive.
Update (2014-09-20): Kirk McElhearn:
This belongs in the Department of WTF. How can Apple have allowed iCloud Drive to go live, hijacking the documents of so many people? Michael Cohen offers a matrix in this article, showing which types of devices can share files with other devices. It’s pretty sad that this has happened; Apple needs to release an iCloud Drive update for Mavericks now, so people don’t lose access to essential documents.
Monday, September 15, 2014
The Mojang team will join Microsoft Studios, which includes the studios behind global blockbuster franchises “Halo,” “Forza,” “Fable” and more. Microsoft’s investments in cloud and mobile technologies will enable “Minecraft” players to benefit from richer and faster worlds, more powerful development tools, and more opportunities to connect across the “Minecraft” community.
Under the terms of the agreement, Microsoft will acquire Mojang for $2.5 billion.
Minecraft has grown from a simple game to a project of monumental significance. Though we’re massively proud of what Minecraft has become, it was never Notch’s intention for it to get this big.
As you might already know, Notch is the creator of Minecraft and the majority shareholder at Mojang. He’s decided that he doesn’t want the responsibility of owning a company of such global significance. Over the past few years he’s made attempts to work on smaller projects, but the pressure of owning Minecraft became too much for him to handle. The only option was to sell Mojang. He’ll continue to do cool stuff though. Don’t worry about that.
There are only a handful of potential buyers with the resources to grow Minecraft on a scale that it deserves. We’ve worked closely with Microsoft since 2012, and have been impressed by their continued dedication to our game and its development. We’re confident that Minecraft will continue to grow in an awesome way.
Markus “Notch” Persson:
I don’t see myself as a real game developer. I make games because it’s fun, and because I love games and I love to program, but I don’t make games with the intention of them becoming huge hits, and I don’t try to change the world. Minecraft certainly became a huge hit, and people are telling me it’s changed games. I never meant for it to do either. It’s certainly flattering, and to gradually get thrust into some kind of public spotlight is interesting.
I have no idea what to make of this.
Update (2014-09-19): Josh Centers:
Minecraft is the most mind-blowing game I have ever played. It’s part sandbox game, part world-builder, part exploration game, part farming simulator, and part role-playing game. It has a “conclusion” of sorts (that you must discover on your own), but it never truly ends. You can play alone or with others, and you can even run your own Minecraft server and invite just your friends to play on it. It’s all too easy to spend thousands of hours in Minecraft, and millions of people already have.
Natasha The Robot:
Have you noticed how nicely the mobile Safari navigation bar condenses on scroll, and how the tab bar disappears?
In iOS8, Apple has made this type of interaction (and more!) very easily available to us all – well, almost… While Apple demoed the condensing navigation bar at WWDC, they have since changed it to hiding the navigation instead, and the tab bar is not included (I’m guessing they’ll add separate tab bar hiding properties later on…).