Archive for September 2011

Wednesday, September 28, 2011

Drift Rejected From the App Store

Devin Chalmers (via Manton Reece):

Eventually it became clear that, from the reviewers' perspective, there was a problem with that, at all: it wasn't the (already redacted) signup links that we were being rejected for, but any GitHub link. At all.

This is the situation that I outlined in February, with a third-party client for a service. It’s OK to make a Twitter client because Twitter is free, but GitHub has both free and paid plans, so you can’t make a GitHub app unless you support in-app purchase. And that’s only possible for an app developed by GitHub itself, not for a third-party developer using its API.

It’s a shame that Apple won’t allow these apps to exist except in crippled form. And it’s also a shame that they won’t come out and say that that’s their policy. The reviewers and appeals board tossed Chalmers around for two months, despite the fact that, as I linked to here, Steve Jobs himself said that the in-app purchase requirement was for content, not software as a service (SaaS).

Kindle Touch and Kindle Fire

Very impressive announcements from Amazon today. I’m actually most interested in the new $79 Kindle. It’s the perfect size and weight for reading, and a good compromise of features. I have a Wi-Fi Kindle 3 and have never wanted 3G and only rarely used the keyboard. I actually prefer the hardware page-changing buttons to touch. They feel natural and don’t lead to fingerprints on the screen.

Update (2011-09-29): Lukas Mathis explains more about why page-turning buttons are good.

Update (2011-10-04): Stephen M. Hackett reviews the $79 Kindle.

Monday, September 26, 2011

Logging Out of Facebook Is Not Enough

Nik Cubrilovic:

But logging out of Facebook only de-authorizes your browser from the Web application, a number of cookies (including your account number) are still sent along to all requests to facebook.com. Even if you are logged out, Facebook still knows and can track every page you visit. The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions.

[…]

There are serious implications if you are using Facebook from a public terminal. If you login on a public terminal and then hit ‘logout’, you are still leaving behind fingerprints of having been logged in. As far as I can tell, these fingerprints remain (in the form of cookies) until somebody explicitly deletes all the Facebook cookies for that browser. Associating an account ID with a real name is easy—as the same ID is used to identify your profile.

There’s a response from a Facebook engineer in the comments. I mainly use Safari, but I have OmniWeb configured as as “secure” browser that doesn’t store any cookies between launches.

Update (2011-09-27): Nik Cubrilovic:

Facebook has changed as much as they can change with the logout issue. They want to retain the ability to track browsers after logout for safety and spam purposes, and they want to be able to log page requests for performance reasons etc. I would still recommend that users clear cookies or use a separate browser, though.

OverDrive Adds Kindle

Glenn Fleishman:

The Kindle announcement is essentially a format extension, not a new deal between libraries and Amazon that would add hundreds of thousands of books to OverDrive’s collection. In most cases, libraries can now offer their existing OverDrive ebook collections in Kindle format as well as PDF and EPUB.

This is pretty cool. When it was announced a few days ago, only Adobe files were showing up for my local library. Now it’s showing the Kindle versions, too. However, the “Add to Wish List” feature didn’t work for me in either Safari or Firefox.

Disabling Third-Party Cookies Doesn’t (Meaningfully) Improve Privacy

Kevin Montrose:

The other is Apple’s Safari browser, which denies setting third-party cookies unless a user has “interacted” with the framed content. The definition of “interacted” is a bit fuzzy, but clicking seems to do it. No other browser does this, or anything like it. There are some laughably simple hacks around this, like floating an iframe under the user’s cursor (and, for some reason, submitting a form with a POST method). Even if those hacks didn’t exist, the idea is still pointless.

TextMate 2 Announcement

Michael Sheets:

There will be a public alpha release this year, before Christmas, for registered users.

TextMate is my preferred editor for reStructuredText.

Sunday, September 25, 2011

iCal Search Problem

I’ve recently discovered that iCal’s search is not showing me all of the matches. If I go to the right months I can see the events there, but they don’t appear in the search results list. This is a big problem! So far, I’ve noticed:

  1. The events do appear in the search results on my iPhone.
  2. Deleting the file ~/Library/Calendars/Calendar Cache didn’t help.
  3. The events do not appear in Spotlight search results from the Finder.
  4. According to a BBEdit search, there do not seem to be .ics files for these events in the folder ~/Library/Calendars/«UUID».calendar/Events/ or in an iCal export.

I suppose the solution is to get iCal to regenerate the .ics files in the Events folder, but I’m not sure how best to do this. Apple has instructions for resetting Sync Services, but I worry that this would cause it to overwrite the Sync Services database with the incomplete .ics files, whereas I want to do the reverse.

Update (2011-10-13): Alas, Mac OS X 10.7.2 did not fix the search problem.

Sharper

Jesper on upcoming C# features:

First, there’s an API model for writing dynamic read-eval-print loops where lines of code can be interpreted in a script-like fashion and kept intact as you go; running code, importing namespaces, referencing new assemblies, redefining methods or properties and so on. This would otherwise have to be reinvented for every such implementation and is a nice nod.

Secondly, there’s an object model for the language, something showcased by being able to translate between C# and VB (for which equivalent work is being done) and writing smart, custom refactorings, which was previously only in the hands of people who were already basically writing their own C# compiler, like ReSharper or CodeRush.

Awesome.

Thursday, September 22, 2011

Common Miscapitalizations of Tech Names

A short list from Shawn Blanc. See also Apple’s Publications Style Guide.

One App’s Poison

Peter Ammon:

“You’re an idiot,” says House by way of hello. I think it over, but it doesn’t help. I say ”The main thread is not calling exit, it’s not returning, it’s not crashing, so where is it going?”

House says, “You don’t know that. That’s just what it’s telling you. And like I said, you’re an idiot, because you believe it. Everybody lies.”

Ridiculous Fish is a great blog. I missed this post until I saw people mention it on Twitter because it looks like the feed URL changed.

Beware of Versions and Auto Save in 10.7

Gus Mueller:

You open up the PSD in Preview, make a minor edit to it such as adding a little text to it or draw a couple of red lines. The intention is to select all, copy, and go to your email app to paste it into a message. You'll just undo the changes or close it without saving later on.

In the background, when you left Preview it autosaved the file and destroyed all the layers. You even quit Preview without thinking, so you didn't get a chance to decline saving it.

Auto Save will be helpful for most users, but it’s also almost guaranteed to make me lose data one of these days. For more than 20 years I’ve been opening documents and making changes that I have no intention of saving. After working in another window or application for a while, I’ll go back, close the document, and click “Don’t Save” when it asks. Lion’s Auto Save would instead write those changes to disk without asking. Sure, the old version would be accessible (for a while), but I’d have to remember to go and revert the document. Or, I suppose, remember to do things the Lion way and duplicate the document before making changes I don’t intend to save. So far I’ve rarely remembered to do that, but I’ve been saved by the fact that the documents I was editing were stored in Git or EagleFiler, which alerted me to the changes I’d unintentionally made. I prefer the old-style Auto Save (like is available in BBEdit), where you can get back unsaved changes if there’s a crash, but it doesn’t overwrite your files unless you say so.

Tuesday, September 20, 2011

How to Stop Safari 5 From Unexpectedly Reloading Pages

Jason Sims:

You should now see a Debug menu in Safari, to the right of the Help menu (not to be confused with the Develop menu). In this menu, disable “Use Multi-process Windows” by selecting it (when it’s disabled, it will no longer have a checkmark next to it).

Apple IDs

Glenn Fleishman:

By having an Apple ID serve every function related to Apple — operating system, purchasing, and cloud-stored data — our friends in Cupertino may have bitten off too much. Simplicity is a wonderful concept, and we support it fully. Apple’s integration of the Apple ID into Lion shows how well it can be done as an adjunct and support, while allowing multiple identities in one place. If the company could only bring that same level of consideration to the broader use of Apple IDs, it would make many of us a little more sane.

Monday, September 19, 2011

Netflix and Qwikster

Reed Hastings:

Another advantage of separate websites is simplicity for our members. Each website will be focused on just one thing (DVDs or streaming) and will be even easier to use. A negative of the renaming and separation is that the Qwikster.com and Netflix.com websites will not be integrated. So if you subscribe to both services, and if you need to change your credit card or email address, you would need to do it in two places. Similarly, if you rate or review a movie on Qwikster, it doesn’t show up on Netflix, and vice-versa.

The recent pricing changes didn’t bother me, but splitting the service into two sites seems like a terrible idea. How does removing integrated search, queues, and ratings help customers? I thought the idea was to leverage the DVD customer base to grow their streaming business. As a DVD subscriber, the convenience of Netflix streaming is gone, so I may as well look to other streaming services first, ones that offer content à la carte.

I like this comment by Jeremiah Cohick:

You’re continuing to make a classic mistake: thinking you’re something different than what everyone believes you are. You’re not a DVD company and a streaming company: you’re where I go to watch movies. That’s it. The future clearly is streaming, but by separating and charging more for access, you’re wildly less valuable to me. I’ll likely cancel. You haven’t listened to customer feedback. You’re delusional and you’re lost.

The “explanation” from Hastings makes things less clear than before. I can only guess that they have some other major business change planned but as of yet unannounced.

Thursday, September 15, 2011

Google, JavaScript, and Dart

Lambda:

A leaked Google memo, The Future of JavaScript, from November 2010 is being circulated around the Internet, outlining Google’s supposed technical strategy for Web programming languages. Google plans to improve JavaScript, while also creating a competitor to JavaScript, Dart (ex-Dash), that it hopes will be the new lingua franca of the Web.

Apple and Microsoft already control the primary languages for their platforms.

Update (2011-09-16): JavaScript creator Brendan Eich:

A Dart to JS compiler will never be “decent” compared to having the Dart VM in the browser. Yet I guarantee you that Apple and Microsoft (and Opera and Mozilla, but the first two are enough) will never embed the Dart VM.

So “Works best in Chrome” and even “Works only in Chrome” are new norms promulgated intentionally by Google. We see more of this fragmentation every day. As a user of Chrome and Firefox (and Safari), I find it painful to experience, never mind the political bad taste.

Grappler

Grappler, from The Little App Factory, is a little app for downloading videos from YouTube and other sites. I’ve tried a variety of applications, scripts, and helper Web sites over the years, as well as View Source and Safari’s Activity window. Grappler is much easier. Often, I don’t actually want to watch the video, just listen to the audio from my iPhone. Grappler makes that easy, too.

Metro

John Gruber:

Metro is to Microsoft what iOS is to Apple — starting over from scratch, carrying no legacy baggage or expectations. Windows 8’s “Desktop”, the traditional Windows interface, is like Mac OS X. The big difference, obviously, is that Apple has clearly separated the two, and Microsoft has put them together.

Jesper:

Windows 8, even with both environments, can still be used to power an iPad rival. I certainly didn’t expect to be writing that until just recently, but it’s true. Microsoft has made the right bet and made it look like the recumbent “let’s do nothing and hope we still win” position. Windows 8′s tablet chops are now on the non-ridiculous end of the scale and you could do something brilliant with Metro apps.

Steven Sinofsky:

For the web to move forward and for consumers to get the most out of touch-first browsing, the Metro style browser in Windows 8 is as HTML5-only as possible, and plug-in free. The experience that plug-ins provide today is not a good match with Metro style browsing and the modern HTML5 web.

Reliable Crash Reporting

Landon Fuller:

Implementing a reliable and safe crash reporter on iOS presents a unique challenge: an application may not fork() additional processes, and all handling of the crash must occur in the crashed process. If this sounds like a difficult proposition to you, you’re right. Consider the state of a crashed process: the crashed thread abruptly stopped executing, memory might have been corrupted, data structures may be partially updated, and locks may be held by a paused thread. It’s within this hostile environment that the crash reporter must reliably produce an accurate crash report.

Mac developers may soon be updating their crash reporters, as Lion’s application sandbox requires a temporary entitlement to access the crash log files.

In theory, you can get crash logs from iTunes Connect, but there’s no way to contact the user who submitted them, and I’ve never actually seen any crash logs show up there for my applications.

Wednesday, September 14, 2011

John Sculley Interview

John Sculley (via Hacker News):

What they needed was someone who could keep the Apple II computer, which was a cash machine, commercially alive for three more years because Steve Jobs was still a year away from introducing the Macintosh. In 1983, Apple was outsold by each Atari and Commodore by 2-to-1. The IBM PC had been introduced a year-and-a-half earlier and was gaining momentum.

Keeping the Apple II alive didn't require someone to know much about computer technology, it required someone who knew something about how to market and sell a near end-of-life product.

Friday, September 9, 2011

Meet Amazon.com’s First Employee

GeekWire interviews Shel Kaphan:

I remember, at one point, Jeff was all excited that we call it Relentless with the idea that we would relentlessly satisfy customer needs or something. It took a little convincing that perhaps that was not going to have the right connotations in everybody’s minds.

Is that worse than MacMan?

One of the early controversies about the company is that we were claiming that we had a million titles. Well, we did have a million titles. We didn’t have a million books, but we had a million titles in the sense that we could order them. We might find out that the publishers might take several months to get them to us.

He says the company surpassed even Bezos’ expectations of size and scope.

Sandbox Corners

Daniel Jalkut:

I think that Apple would have a lot more developer enthusiasm for this feature if it wasn’t so clear to many of us that our apps will be forced to lose features in order to adopt sandboxing. And while users may be happy about the prospects of improved security with the sandbox, I think there will be less excitement about the diminished functionality of apps whose features don’t fit nicely into the sandbox confines.

Sandboxing is a very nice idea in theory, but so far the benefits seem to be hypothetical while the costs—in features and development time—are real. Furthermore, we’re coming up on the November deadline, and Apple has yet to actually say what its policy will be.

Thursday, September 8, 2011

1Password 3.9

1Password 3.9 is now available, and only from the Mac App Store. It’s the first non-Apple application I’ve installed that’s sandboxed:

icarus$ codesign -d --entitlements - /Applications/1Password.app
Executable=/Applications/1Password.app/Contents/MacOS/1Password
??qq&<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-write</key>
    <true/>
    <key>com.apple.security.network.client</key>
    <true/>
    <key>com.apple.security.print</key>
    <true/>
    <key>com.apple.security.temporary-exception.mach-lookup.global-name</key>
    <string>com.agilebits.onepassword-osx-helper</string>
</dict>
</plist>
icarus$ codesign -d --entitlements - /Applications/1Password.app/Contents/Library/LoginItems/1Password\ Helper.app
Executable=/Applications/1Password.app/Contents/Library/LoginItems/1Password Helper.app/Contents/MacOS/1Password Helper
??qq?<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.files.user-selected.read-write</key>
    <true/>
    <key>com.apple.security.network.server</key>
    <true/>
    <key>com.apple.security.temporary-exception.files.home-relative-path.read-only</key>
    <array>
        <string>/Library/Safari/Databases/safari-extension_com.agilebits.onepassword-safari-2bua8c4s2c_0/</string>
        <string>/Library/Application Support/Google/Chrome/Default/databases/chrome-extension_gkndfifopckmhdkohjeoljlbfnjhekfg_0/</string>
        <string>/Library/Application Support/Firefox/Profiles/OnePassword.sqlite</string>
    </array>
    <key>com.apple.security.temporary-exception.files.home-relative-path.read-write</key>
    <array>
        <string>/Dropbox/</string>
    </array>
</dict>
</plist>
icarus$ codesign -d --entitlements - /Applications/1Password.app/Contents/Library/LoginItems/1Password\ Helper.app/Contents/XPCServices/ThumbnailService.xpc/Executable=/Applications/1Password.app/Contents/Library/LoginItems/1Password Helper.app/Contents/XPCServices/ThumbnailService.xpc/Contents/MacOS/ThumbnailService
??qq/<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
    <key>com.apple.security.app-sandbox</key>
    <true/>
    <key>com.apple.security.network.client</key>
    <true/>
</dict>
</plist>

You can see that the XPC service that fetches thumbnails over the network does not have access to the filesystem. And the helper application that reads the files only acts as a server.

Because of sandboxing and the Mac App Store, various features have been removed. You can now only have one keychain, and it must either be stored in 1Password’s container or at the top level of Dropbox’s standard location. Dropbox support and communicating with the browser extensions require temporary entitlements.

Normally I would be up in arms about a good application being crippled by Apple’s rules, but in this case I don’t think I’ll miss anything—unless (until?) the temporary entitlements go away. I have a single keychain, I don’t store it in a funny location, and I don’t want to inject code into my browsers.

Furthermore, I have no reason to distrust AgileBits—and they seem like a great company from our limited dealings—but it never seemed prudent to let my password application auto-update by contacting their server. With the Mac App Store, I can get automatic updates from Apple while blocking the application itself from using the network.

Note: As far as I can tell, the 1-star review from “Ptg4mac” claiming that version 3.9 can’t read files from previous versions is incorrect.

Tuesday, September 6, 2011

Comparing iPhone Text Editors, v6

Since version 5 of my comparison, I’ve added rows for tracking iPad and TextExpander touch support.

Elements added support from LF line breaks and a nice interface for choosing the folder on Dropbox. It also has an interesting Scratchpad feature. Locayta Notes added support for choosing the Dropbox folder, background colors, and sorting by date. Nebulous Notes added multi-file searching. WriteUp, still my preferred editor, syncs faster with Dropbox than before and now supports .taskpaper files.

It’s nice to see so many of the features that I track become standard across nearly every app in just a matter of months.

Droptext 1.2.1 Elements 2.0.1 Locayta Notes 2.0.1 Nebulous Notes 2.1 Notely 1.3 Notesy 2.0.2 PlainText 1.4.1 Simplenote 3.1.7 (Premium) Write 2 1.1 WriteRoom 3.0 WriteUp 1.5.1
Choose Folder on Dropbox Yes Yes Yes Yes1 Yes Yes Yes Yes2 No Yes Yes
Nested Folders Yes Yes No Yes1 Yes Yes Yes No Yes Yes Yes
Works Offline No Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Choose Font No (Helvetica) Yes Yes3 Yes Yes Yes4 No (Georgia) No (Helvetica) Yes Yes Yes
Font Size No Yes Yes3 Yes Yes Yes4 No Yes Yes Yes Yes
Font Color No No10 Yes3 Yes Yes Yes No No No10 Yes No10
Background Color No No10 Yes Yes Yes Yes No No No10 Yes No10
Multi-File Search No Yes Yes5 Yes Yes Yes9 Yes Yes Yes Yes Yes
Search Results List No No Yes No No No No No No No No
Jump Within File No No No No No No No Yes6 No No Yes
LF Line Breaks Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Sort by Name Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes Yes
Sort by Modified No Yes Yes No Yes Yes Yes No7 Yes Yes Yes
Rearrange Lines No No No No No No No Yes No No No
Versions No No No No No No No Yes8 No No No
TextExpander Yes Yes No Yes Yes Yes Yes No Yes Yes Yes
iPad Yes Yes Yes Yes Yes Yes Yes Yes No Yes Yes
Price $1 $5 free $2 $2 $5 ads or $5 $20/year $2 $5 $3

1. Rather than syncing everything, Nebulous Notes makes you choose individual files as “auto-saves,” which is a drag.

2. Simplenote seems to be much slower than the other apps at picking up changes from Dropbox. It was often 5 minutes out-of-date, and sometimes hours or days. You can force it to sync, but to do that you have to go to the Simplenote Web site.

3. Locayta Notes is the only app I saw that lets you set font and color options per-file.

4. Notesy lets you set both a variable-width font and a fixed-width font, which is a good compromise between choosing just one and choosing per-file.

5. Locayta Notes does some sort of indexed/prefix search, coupled with auto-correct, which didn’t work well for me. Some words it didn’t find at all. When searching for “cat” it would find lots of useless matches of “at” but totally miss “wildcat”.

6. Simplenote’s results-jumping did not work for me with files containing basic Unicode characters such as é and . The tech support person was not able to tell me which subset of characters to avoid, so the only solution seems to be to stick with ASCII.

7. The option is there, but in my experience the modification dates shown in Simplenote, if I’m using Dropbox, have little relation to when I actually edited the files. The tech support person said this is not the normal behavior and is looking into the matter but has not yet found a solution for me. Even going by the displayed dates, the sorting is sometimes out of order.

8. Simplenote’s versions feature is like the one in Lion and works within the app—very cool.

9. Excellent options for searching by word (Boolean AND), phrase, or regular expression. You can also choose whether to search everything or just the filenames.

10. You can’t pick colors, but there are preset themes to choose from.

Friday, September 2, 2011

The Part of Xcode 4 That Tires Me Out

Brent Simmons:

[T]he only thing worse than managing multiple windows is managing multiple panes.

Yep.

Update (2011-09-05): Gus Mueller:

And I really miss having Interface Builder as a separate application. What ever happened to the philosophy of “small sharp tools”?

Thursday, September 1, 2011

ATPM 17.09

The September issue of ATPM is out: