Archive for September 2013
Sunday, September 29, 2013 [Tweets] [Favorites]
It’s no coincidence that this loss of control and gain in precision go hand in hand; they are, in fact, one and the same. As abstraction increases, complexity decreases; and control flow is inherently complex. Specific control flow is the opposite of high abstraction. Per Kowalski, ALGORITHM = LOGIC + CONTROL; and in particular, declarative abstractions gradually abstract the control away, replacing it with structure.
A Keynote version is also available.
This is the real reason why Apple doesn’t care about upgrade pricing: there’s no demand from customers. The market has shown that free apps will be downloaded at least an order of magnitude more than paid-up-front apps, and smart use of in-app purchase in a free app is likely to make more money. Over time, this trend has only become stronger and more clear.
Paid-up-front iOS apps had a great run, but it’s over. Time to make other plans.
A large part of this is due to the way Apple has set up the rules and incentives in its marketplace. Apple thinks it benefits from having a very large number of free or cheap apps. It’s in the business of selling $550 phones and wants to commoditize the complements. The more interchangeable apps are, the more power the owner of the store has. From Apple’s point of view, the App Store probably “behaves correctly.”
However, I think it reflects poorly on the platform to have so many apps that are junk or abandoned. It makes me unhappy that I “throw away” the majority of the apps that I buy, after quickly finding that they didn’t work the way I wanted. I feel like I’m funding development of apps that look superficially good while underpaying for the genuinely good ones that I like and use.
But the market for app stores is not competitive, so we don’t get to see what might have been. The disfunction is just the way things are. The products we get will be the ones that can survive in this world.
What Marco is reporting here is that the old-fashioned “make something and get people to pay for it” business is much harder to pull off and likely to always be left in the dust by someone making the same thing for free, getting 100x the user base, and getting 1% of them to pay for some value added feature.
It’s a shame that psychology works this way. The more businesses do this, the harder it becomes for others not to do so. And most don’t seem to be able to provide good support for 100x the users.
Update (2013-09-30): Kevin Hoctor suggests In-App purchase; Mike Rundle suggests trials.
Friday, September 27, 2013 [Tweets] [Favorites]
Adding it all together, it’s a pretty big win. My casual benchmarking indicates that basic object creation and destruction takes about 380ns on a 5S running in 32-bit mode, while it’s only about 200ns when running in 64-bit mode. If any instance of the class has ever had a weak reference and an associated object set, the 32-bit time rises to about 480ns, while the 64-bit time remains around 200ns for any instances that were not themselves the target.
In short, the improvements to Apple’s runtime make it so that object allocation in 64-bit mode costs only 40-50% of what it does in 32-bit mode. If your app creates and destroys a lot of objects, that’s a big deal.
Update (2013-10-16): Bob Wilson:
At the time iOS was first developed, SjLj was the only exception handling mechanism supported by GCC for
ARM. I think DWARF unwinding support for ARM may have been added to GCC right around the same time but it
didn't arrive quite in time to be adopted for iOS. Changing it after the first release would have been a
major ABI break, so we've been stuck with SjLj. Note that the new 64-bit iOS ABI does _not_ use SjLj.
Thursday, September 26, 2013 [Tweets] [Favorites]
Insiders recall how absurd it became when the engineering teams became increasingly split over who did and didn’t have access to the real UI, despite needing to work together. Ganatra remembers having to sprint back and forth between rooms to serve as a secure translator between the two teams. “I would go into the room where the full UI was, then come back and draw the rough proportions on the whiteboard for the other engineers,” he recalls.
Though more engineers were eventually given access to the full-blown UI, Forstall’s team was never truly on the same page. In fact, in Grignon’s recollection, he had to go to extremes to work around the system to the point where he had to sit his own engineers next to one another with a curtain in between—one with full iPhone access, the other with Skankphone access—to debug the code.
Starting on or around September 18, some iCloud customers found that apps that use iCloud to sync data between devices could no longer do so—they either would no longer sync or appeared to have lost their data completely. The apps otherwise functioned normally, but simply didn’t show any saved information or could not update or sync existing info.
Apple’s System Status webpage has yet to indicate any iCloud issues.
It’s inevitable that any service will have some downtime. But this seems to have been going on for more than a week. Worse, the OS was not designed to handle this failure mode gracefully. We don’t even know what will happen when iCloud’s Documents & Data syncing comes back online:
Unfortunately, before discovering that the issue was being caused by a larger iCloud issue, some developers recommended standard app-troubleshooting procedures, including deleting apps and reinstalling them, and even asking users to create new data and attempt to sync with iCloud to “jump start” a sync. In theory, the original data is still in iCloud and will be restored to these apps once Apple fixes the issue, but there’s always a chance that new data created for troubleshooting reasons will overwrite what’s in iCloud, depending on how each app handles sync and that app’s sync status at the time the problem started.
Ive: The parallax is a nice example. One of the things that we were interested in doing is, despite people talked about this being “flat,” is that it’s very, very deep. It’s constructed and architected visually and from an informational point of view as a very deep UI, but we didn’t want to rely on shadows or how big your highlights could get. Where do you go? I mean, there is only so long you can make your shadows.
Federighi: If that became laggy, separated in time, your own mental model for what you were doing would be broken, and suddenly we’d have a much more complex interaction problem to solve for the user. But if we could solve all the problems of the latency and the touch screen, the hardware problem, the speed of the graphics to move it, then suddenly we didn’t have to teach you because we created something that you could process intuitively. We tend to think how can we make it so effective that there is nothing to teach.
On my iPhone 4S, the animation is smooth, but it makes the OS feel slow.
In 2010, FastMail was bought by Opera Software. The developers and staff of FastMail have now bought back the company. This means that FastMail is once again an independent company, dedicated to building the best possible email experience for our users. We have big plans for the future, and we will continue to roll out new features and enhancements over the coming months.
Sounds good to me.
In introducing the iPad, Jobs likened the PC to a truck while the iPad was more like a car. Most consumers don’t really need a truck he implied, but he never meant to suggest PCs were going away. What if Jobs got the analogy slightly wrong and the iPad is more like a motorcycle?
I think tablets and personal computers will both be with us for a long time. Both are good at things the other is not. What I don’t understand is the appeal of a tablet with a keyboard. It seems like such a poor substitute for a notebook, while losing many of the advantages of standalone tablet. Yet this seems to be a popular way to use an iPad.
Wednesday, September 25, 2013 [Tweets] [Favorites]
And you may have discovered that you can only select your photos one at a time — there is no “select all” option to be found. While this is a good way to selectively trim the size of your Camera Roll, there is now another way to delete all your photos.
Again access the Usage option under the General section of the Settings app and tap on Photos & Camera. This time swipe your finger across the Camera Roll item in the list to reveal a Delete button. By clicking on thus button you will remove all photos from your iPhone’s Camera Roll.
I tried this with iOS 7, but the Delete button didn’t appear when I swiped. I’ve also heard that in the Photos app you can two-finger swipe to batch select photos; that doesn’t work for me either. So, as far as I can see, the only way to delete photos from the iPhone’s camera roll (without using a Mac or PC) is to tap them individually.
iPhoto on the Mac makes it easy to delete photos that have already been imported. Aperture does not, so I end up having to use Image Capture if I don’t want my phone to fill up. Of course, neither of these methods works if you use Wi-Fi syncing or otherwise don’t connect the iPhone directly to the Mac.
The other photo management problem I have is that Photo Stream always stores the 1,000 latest photos on the phone. That’s nearly 1 GB gone that I will never use, since my processed photos are all on Flickr. The only way around this seems to be turning off Photo Stream. You can’t turn off downloads without also turning off uploads. So then my new photos wouldn’t be backed up, and I would have to USB connect whenever I wanted to import them.
You can, however, manually delete photos from Photo Stream after they’ve been imported. This frees up space on the iPhone as well as the Mac’s SSD.
Tuesday, September 24, 2013 [Tweets] [Favorites]
I brainstormed many potential names in a giant text file over a couple of weeks, enlisting help from friends, Invent-a-Word, Wordoid, and lists of English prefixes and prepositions. Even if I knew a name was bad or unusable immediately, I still wrote it down in case it could later inspire a usable variation.
I like the name. I’ll be interested to see the app.
In iOS 7, the Music app no longer plays podcasts, and I’m still not that fond of the Podcasts app. So I will be giving third-party podcast apps another try. Unfortunately, since some of the episodes are only stored on my Mac, it’s not as easy to (fully) switch between them as with Twitter clients and weather apps.
The other issue is that I like to use iTunes to maintain a local archive, offloading played episodes to another hard drive. I don’t see a good way to sync the played status with other apps.
So I figure: “let me go to iCloud.com and look for a Safari bookmarks thing, delete the hairball mess and then maybe it will work?” But there is no such management tool anywhere I can find anywhere in iCloud.
On another computer, I deleted all bookmarks, thinking maybe if I merged I’d get a snapshot of the hairball. I then did Merge several times with nothing showing up—zero bookmarks. So apparently one gets hairball or nothing.
The problem is that there is nowhere where you can reset or replace the truth. You are always interacting with iCloud from a distance, with latency.
I had relatively few problems with iCloud bookmark syncing until last week. I did an Erase All Content and Settings on my iPad, then set it up using someone else’s Apple ID. I was then surprised to find that Safari contained some (but not all) of my bookmarks. Fortunately, when I deleted them they stayed deleted, and the deletion did not propagate to my other devices.
I’ve long used Acorn to create a custom lock screen wallpaper for my iPhone. The bulk of the image is one of my photos. At the bottom is a black bar with some white text that includes my emergency contact and health information.
(There are apps such as ICE Standard and Emergency Contact that purport to make this easy, but in my experience the images they generate look terrible and omit some of the information I entered.)
iOS 7 introduces three problems:
- The Control Center and camera widgets now appear at the bottom of the screen. There’s no longer a good space there to put my text. I had to move it up, which doesn’t look as good.
- It’s now much harder to read the white clock text on top of my photo (which is not actually that light). I added a black bar at 50% opacity to that part of the photo to increase the contrast.
- Most importantly, the parallax feature makes it harder to create pixel-perfect wallpapers. If you create the wallpaper at the resolution of the screen (640×960 for my iPhone 4S), iOS 7 displays it “zoomed in.” The edges (which included part of my health insurance ID) get cut off, and the text doesn’t look sharp. Presumably this is because the parallax effect requires the wallpaper to be larger than the screen, however iOS 7 does this even when the parallax effect has been turned off using the Reduce Motion setting. An Apple Support discussion on this topic already has 52,000 views and almost 300 replies. The solution seems to be to add a black border around your image—Andy Vandervell recommends 200 pixels—so that it ends up at the right size after the OS crops it. Then you have to “Move and Scale” it exactly right to manually crop out the border.
Update (2013-10-07): Dan Frakes:
If you have a lock-screen image with contact/medical/allergy info—as you should—even a single notification blocks it, with no way to dismiss the notification.
Update (2013-11-06): John Carey has some great wallpapers and recommends a resolution of 744×1392 for iPhone and 2524×2524 for iPad.
Update (2013-12-01): Even with these dimensions, I still had to “Move and Scale,” so it’s pretty much impossible to get a pixel-perfect wallpaper.
ASCIIwwdc offers searchable full-text transcripts of the WWDC 2013 session videos (via Mattt Thompson). Great work. The transcripts are from the .srt files files provided by Apple, but presumably Apple will frown on this distribution of their content and have it shut down. You could download the site via wget or, later, use the source code to regenerate it from .srt files that you download from Apple.
I recently discovered two iPhone apps that can “scan” documents using the camera, perform OCR, and then e-mail the text:
I find the Mac version of PDFpen to be much nicer than ABBYY FineReader, although the OCR is somewhat less accurate for documents from my ScanSnap. I often invoke PDFpen’s OCR via AppleScript.
On iOS, I found TextGrabber’s interface to be smoother and faster. The edge detection worked better, and the OCR was much more accurate.
Michael Kamprath (via Nicholas Riley):
Why on earth would I hit the
star, a universal symbol for favoriting or liking, when I want to “Never Play This Song”?
Fabien Sanglard (via Lemont Washington):
I recently came across Paul Heckbert’s business card raytracer.
For those that have never heard of it: It is a very famous challenge in the Computer Graphics field that
started on May 4th, 1984 via a post on
comp.graphics by Paul Heckbert ( More about this in his article "A Minimal Ray Tracer" from the book Graphics Gems IV).
The goal was to produce the source code for a raytracer...that would fit on the back of a business card.
Some of the bits still encode the pointer to the object’s class. But neither OS X nor iOS actually uses all 64 bits of virtual address space. The Objective-C runtime may use these extra bits to store per-object data like its retain count or whether it has been weakly referenced.
This is along the lines of what Marcel Weiher recently suggested except that the class objects are grouped so that the class pointer only needs 30 bits. This leaves 19 bits for the extra retain count, plus more for flags such as whether there are weak references or associated objects.
This should be great for reducing memory use and increasing speed. On the Mac, accessing
isa directly has been discouraged for a long time, so hopefully this optimization will eventually show up there as well.
Monday, September 23, 2013 [Tweets] [Favorites]
For the longest time, this boringly essential function [Base64] was completely MIA, leaving thousands of developers to copy-paste random code snippets from forum threads. It was an omission as conspicuous and annoying as JSON pre-iOS 5.
Lots of great stuff, including Base64,
NSURLComponents (sorely needed), blink and smile detection, barcode scanning, and access to Safari’s Reading List. I’ll be interested to see whether
NSProgress takes off.
In fact, just about every map screen I look at in my neighborhood has a mistake of some sort. A nonexistent school shows up a few blocks from my home, several miles from the school’s actual location. The National Institutes of Health Bethesda main campus, not exactly a minor landmark, is not indicated on the map. (I reported both of these errors to Apple a year ago.) The Walter Reed National Military Medical Center is shown as the national Naval Medical Center, a name dropped two years ago, and the Uniformed Services University of the Health Sciences and Howard Hughes Medical Institute are missing.
Apple has still not done what is needed to improve the shortcomings of the apps itself. There are still no public transit directions, one of the more useful features of Google Maps. Switching between driving and walking instructions remains awkward.
We heard a lot last fall about how Apple would catch up throughout the coming year. Then when things didn’t seem to be improving much, we heard about how Apple was on a yearly schedule, with major improvements on the way for iOS 7. Apple itself has barely said anything about maps lately. Nearly every time I’ve tried to use Apple Maps, it has gotten something important wrong. Google Maps has rarely given me any trouble.
Back with iOS 5, it was possible to ask Siri or tap on a contact’s address and have it open up in a top-quality map. This is no longer possible today, because although Google Maps is in the App Store, all the OS services are hard-coded to use Apple Maps.
Matthew Green (via Jonathan Rentzsch):
In this post I’m going to try to explain the curious story of Dual-EC. While I’ll do my best to keep this discussion at a high and non-mathematical level, be forewarned that I’m probably going to fail at least at a couple of points.
Officials from RSA Security are advising customers of the company’s BSAFE toolkit and Data Protection Manager to stop using a crucial cryptography component in the products that were recently revealed to contain a backdoor engineered by the National Security Agency (NSA).
We are still investigating the issue and further research will be required to determine if a workaround is possible. At this time, it is clear that the new Apple TV software demands Apple’s proprietary FairPlay encryption in order to be allowed to send audio to it. This limitation was not present in older versions of the Apple TV software. Figuring a way around this encryption, or if it’s possible at all, may take some time.
There’s more general information on Hacker News. Christopher Breen has more general information about Apple TV 6.0:
Unlike previous updates that added new channels, version 6 of the Apple TV firmware goes under the hood, adding support for Apple’s iTunes Radio streaming service, allowing purchases from the iTunes music store, supporting podcast syncing, and providing access to shared iCloud Photo Streams. Additionally you can stream purchased iTunes content via iCloud to any Apple TV, even when it isn’t currently using your iTunes credentials.
Update (2013-09-26): Paul Kafasis:
Today, we’re happy to say that issue has been resolved in Airfoil for Mac. Airfoil 4.8.1, just released, works fine with the new Apple TV update (and all other AirPlay-compatible devices).
Dean Takahashi (via John Gruber):
In its first TouchMarks benchmark test, the iPhone 5 responded to touches at an average time of 55 milliseconds, compared to 85 milliseconds for the iPhone 4. The closest Android device was the Samsung Galaxy S4 at 114 milliseconds.
Jens Andersson (via Hacker News):
Well, for one thing we can see that the gaming-devices consistently outperformed the smart-phones. I can only guess why, but it is possible that the Nintendo 3DS and the PSVita can have lower latency since they will never have to render anything on top of your game like a phone sometimes do. Also, the input handlers are usually very effective on game-devices, allowing you to read the latest available input rather than have to wait for it to be sent to you through an event-handler like you have to on iOS and Android.
He measured 81 milliseconds for the iPhone 5 vs. 23 milliseconds for the Nintendo 3DS and just 9 milliseconds for the Nintendo DS.
Rian van der Merwe:
I’m mesmerised by the animations in iOS 7, and none more so than the experience of opening and exiting an app within a folder. To me, it feels like you’re doing Parkour through your apps, deftly using your surroundings to propel yourself forward and maintain as much momentum as possible.
The problem arises when we bring up the Control Center. Conceptually, this is a third layer that’s above the level of the icons. Apple says it’s like looking through rice paper, and the various previews I’ve been reading over the past few months have talked about it being like looking through frosted glass. The translucency of this layer is supposed to give you a sense of depth. Unfortunately, it breaks illusion of the Parallax effect.
I’d like nothing more from Apple than to be able to go to the accessibility settings in OS X Mavericks and iOS 7 and see ‘disable animation effects’. For most people, this option existing won’t affect them. But for many people currently suffering various motion symptoms through standard device use, it will offer a level of delight like no other Apple update. For them, devices will suddenly become truly magical.
Friday, September 20, 2013 [Tweets] [Favorites]
I ended up ordering an iPhone 5s (32 GB, Space Gray, AT&T, with dock) to replace my 4S (traded in to Amazon for $227.75 in gift cards, amazingly; other options here). I’m giving the cheaper AmazonBasics Lightning cable a try; it also comes in multiple lengths. Most of the time, I put the iPhone in my pocket without a case. However, for hiking, skiing, or just throwing it in a bag, I’ve long used a Timbuk2 ballistic nylon, velcro flap case with a belt loop. Alas, what seems to be the current version of this case, is ugly, and the two sizes are either too short or too wide for the iPhone 5/5s/5c. I’ve thus gone with WaterField Designs’ iPhone Smart Case, which has a detachable belt clip. I’ve been using their laptop SleeveCases for years, and they’re great.
Erin McCarthy (via Khoi Vinh):
For about a year, Crutchfield conducted interviews and focus groups, tweaking the design of the Trapper Keeper along the way. “There were probably five or six iterations,” he says. And once he was happy with the result—a PVC binder with plastic, pinchless rings (they slid open to the side instead of snapping open), a clip that held a pad and a pencil, and flap held firmly closed by a snap—it was time to run a test market, which would help them determine if the product was truly viable.
I remember specifically not choosing Trapper Keepers when shopping for school supplies, but I don’t recall why. Possibly, they didn’t then have D-rings.
If Apple had stuck to its playbook from the past few years, the 5C would not exist, and instead, the year-old iPhone 5 would have hung around for another year, at $99 on contract, with 16 GB of storage. Engineering-wise, the afore-noted exceptions aside, they’ve stuck to the old plan. But marketing and branding-wise, they’re in all new territory. The mid-range iPhone model is no longer an afterthought, but instead a full-fledged family member, with its own TV commercials, two storage/pricing tiers (16 GB for $99, 32 GB for $199, on contract), and most importantly, a distinctive new appearance and brand.
Feel-wise it’s not too dissimilar from the old 3G and 3GS (both of which I still have sitting here in my office), but it presents a far more premium overall effect than those previous forays into plastic iPhones. The 3G/3GS had more seams (because of the metal bezel between the plastic back and front touchscreen), and those seams were more noticeable. The 5C has just one seam, between the plastic and the glass, and that seam is very tight. The 5C is not as thin as the 5 or 5S, but it’s so much thinner than the 3G/3GS it’s not even funny. Side-by-side it’s hard to believe the 3GS is only four years old. The 5C buttons — power, ringer toggle, volume, and home — all feel good, with nice crisp clickiness.
First, performance. Apple claims this is the biggest year-over-year improvement in computing performance in the history of the iPhone, and in both my day-to-day experience and some benchmark testing over the past week, I have no reason to doubt them. The iPhone 5S is fast.
To put that in context, the iPhone 5S beats my 2008 15-inch MacBook Pro by a small measure in the Sunspider benchmark (with the MacBook Pro running the latest Safari 6.1 beta). The iPhone 5S is, in some measures, computationally superior to the top-of-the-line MacBook Pro from just five years ago.
A fingerprint sensor could be one of those cool features that everyone talks about, but nobody ends up using in their day-to-day lives because it’s too much of a hassle. I’ll be honest, heading into the event, I was wondering if Apple’s implementation of the sensor would be good enough to actually make it useful. Not just for a demo to make people gasp and clap, but could I use it every day.
The answer is unequivocally yes.
Anand Lal Shimpi:
The new space grey finish is lighter in color (truly a grey rather than a black) and has more prominently colored chamfers. The move to a lighter color is likely to not only offer a little bit of visual differentiation, but also to minimize the appearance of scuffs/scratches on the device. My black iPhone 5 held up reasonably well considering I carry it without a case, but there’s no denying the fact that it looks aged. Interestingly enough, I never really got any scratches on the back of my 5 - it’s the chamfers that took the biggest beating. I have a feeling the new space grey finish will hold up a lot better in that regard as well.
The most visible change to Apple’s first ARMv8 core is a doubling of the L1 cache size: from 32KB/32KB (instruction/data) to 64KB/64KB. Along with this larger L1 cache comes an increase in access latency (from 2 clocks to 3 clocks from what I can tell), but the increase in hit rate likely makes up for the added latency. Such large L1 caches are quite common with AMD architectures, but unheard of in ultra mobile cores. A larger L1 cache will do a good job keeping the machine fed, implying a larger/more capable core.
Unlike the 64-bit x86 transition, ARM’s move to 64-bit comes with a new ISA rather than an extension of the old one. The new instruction set is referred to as A64, while a largely backwards compatible 32-bit format is called A32. Both ISAs can be supported by a single microprocessor design, as ARMv8 features two architectural states: AArch32 and AArch64. Designs that implement both states can switch/interleave between the two states on exception boundaries. In other words, despite A64 being a new ISA you’ll still be able to run old code alongside it.
Anand Lal Shimpi:
The iPhone 5c leverages the entirety of the iPhone 5 hardware platform, but moves from a glass + aluminum construction down to a more cost effective glass + polycarbonate design. The iPhone 5c retains all other features of the iPhone 5 including in-cell touch, Lightning connector, the same rear facing iSight camera stack and A6 SoC. It even brings some new features to the table like sharing the same front facing FaceTime HD camera as the iPhone 5s. Other elements aren’t necessarily newer but are at least shared with the 5s platform. For example, the WiFi, cellular and BT hardware is different than the iPhone 5, but shared across the 5c and 5s. Having as many common components between Apple’s two iPhones at this point is another great way to capitalize on economies of scale.
Curiously, iFixit didn’t notice anything that looked like that M7 co-processor that Apple talked up at its September 10 event. The teardown bosses speculate that it might not be a separate chip after all, but rather a block integrated into the main A7 chip itself—iFixit doesn’t seem sure of this, however, and neither are we.
We have confirmed through early analysis that the device is fabricated at Samsung’s Foundry and we will confirm process type and node later today as analysis continues. That being said, we suspect we will see Samsungs 28 nm Hi K metal Gate (HKMG) being used. We have observed this same process in the Samsung Exynos Application processor used in the Galaxy S4.
The M7 is dedicated to processing and translating the inputs provided to it by the discrete sensors; the gyroscope, accelerometer and electromagnetic compass are mounted throughout the main printed circuit board. Traditional Apple techniques lead us to believe that these discrete sensors will most likely be STMicroelectronics for the accelerometer and the gyroscope, while the electromagnetic compass would again be an Asahi Kasei Microdevices (AKM). We have since confirmed the compass to be AKM’s AK8963.
Update (2013-09-24): iFixit:
With the help of fancy, expensive equipment, Chipworks produced a die photograph of the A7. It looks a lot like its predecessor, the A6.
Dustin Curtis (via John Gruber):
The edge chamfer leading to the top of the screen is no longer as easy to scratch as it was on the iPhone 5 (some black iPhone 5 phones look very worn), and the plastic border around the screen is now recessed about 1mm further than on the 5.
As far as I can tell, the screen is absolutely identical, but the 5s screen appears to attract fingerprints more easily; this could be due to a change in the oleophobic coating application, formulation, or design.
It deletes podcasts you wanted to save:
First of all, it deletes your podcasts. If you’ve been downloading and saving podcasts – because you haven’t gotten around to listening to them, or just because there are some you want to save – you’ll find that most of your podcasts are simply gone.
You’d think that if iTunes deletes your podcasts, you can get them back. I’ve been saving up the Prairie Home Companion podcast for years, and I have episodes back to 2007. Fortunately, these were not in my iTunes library, because after deleting the episodes from my Podcasts library, iTunes only shows me episodes going back to 2010 in the cloud. So if you have episodes of a podcast you want to keep, back them up, if they’re still in your iTunes Media folder, or if you have a backup; you may not be able to get them back from the Podcasts library.
And prevents you from deleting podcasts you wanted to clear away:
Here’s one problem: you cannot delete old podcasts. If you do – deleting them, and their files – they still show up in the podcast list. […] These podcasts never go away. They’ll show cloud icons for you to redownload them as long as they’re still available from the iTunes Store. So if you have a podcast with lots of episodes, you’ll have a very long list when you look at it in List view.
Update (2013-09-23): Paul Hagstrom:
Podcasts actually got deleted from my Mac’s iTunes library after syncing w/ iOS 7. All settings everywhere are keep all/do not delete. Grr.
Update (2013-10-01): Andrew Pontious also reported deletions.
Update (2013-10-16): Josh Centers:
After trying to use iTunes 11.1 to listen to podcasts for a few weeks, I’m going back to Instacast for Mac and iOS, and I suggest you do so as well (see “Instacast for Mac Fills the Desktop Podcatcher Gap,” 31 May 2013). Even after completely overhauling the way podcasts are handled, it’s obvious that Apple just doesn’t get it. Syncing is broken, iTunes doesn’t offer sensible controls for podcast listening, and the Podcasts app’s iOS 6 aesthetic looks and feels horribly dated.
Andy Greenberg (via Andrew Cunningham):
Jose Rodriguez, a 36-year-old soldier living in Spain’s Canary Islands, has found a security vulnerability in iOS 7 that allows anyone to bypass its lockscreen in seconds to access photos, email, Twitter, and more. He shared the technique with me, along with the video above.
As the video shows, anyone can exploit the bug by swiping up on the lockscreen to access the phone’s “control center,” and then opening the alarm clock. Holding the phone’s sleep button brings up the option to power it off with a swipe. Instead, the intruder can tap “cancel” and double click the home button to enter the phone’s multitasking screen. That offers access to its camera and stored photos, along with the ability to share those photos from the user’s accounts, essentially allowing anyone who grabs the phone to hijack the user’s email, Twitter, Facebook, or Flickr account.
How does this keep happening?
Walter Mossberg, in 1991:
Super Boomerang: This one lets Mac users leap quickly to their most-used folders, or directories, and summon their most-used files from any program’s standard “open” or “save” command. The program remembers your frequently used files and folders. It’s bundled as part of a package called Now Utilities. (Now Software, $89.)
Thursday, September 19, 2013 [Tweets] [Favorites]
iOS was introduced back in 2007 with the original iPhone and has been expanded, refined, and improved ever since. Part of knowing where we’re going is knowing where we’ve been. Here are our reviews of past versions of iOS for iPhone and iPod touch, and since 2010, iOS for iPad as well.
Everything is slower in iOS 7, usually by one to one-half second or so but sometimes by more. These tiny delays can add up—if you unlock your phone, check your mail or messages quickly, and then put your phone away in the course of 10 or 15 seconds, that lag can become a significant percentage of the time you spend.
One thing to note about iOS 7 on the iPhone 4 is that it looks slightly different than it does on every other supported device. The iPhone 4 is the last device standing that uses Apple’s A4 SoC (the original iPad was dropped in iOS 6, and iOS 7 drops the fourth-generation iPod touch), and as such it’s working with a slower CPU and GPU than the A5, A6, and A7-equipped phones and tablets that make up the rest of Apple’s lineup. To take some of the load off of its weaker hardware, Apple has turned off translucency and other graphical effects throughout the OS in favor of simpler and less taxing transparency. It’s worth noting that you can also disable these visual effects on newer iPhones and iPads in the accessibility settings by enabling “Increase Contrast.”
Tap on Settings, then General > Accessibility, and tap the slider next to Bold Text. Your iOS device will have to restart (but it’s a quick restart). Here’s how it will look. On the left, the original font weights on my iPod touch, and on the right, bold fonts on my iPhone. If you want to be able to read your iOS device more easily, you’ll make this change.
Unsurprisingly, you’ll notice your non-Retina screen the most when you’re looking at those light fonts and lines. Take, for example, the passcode entry keypad, where the small letters underneath the numbers look very jagged on the iPad mini, where they’re small-but-smooth on the fourth-generation iPad. The same goes for icons with fine detail, a design element used liberally throughout the operating system. It’s obvious that things like the battery life indicator and the new Safari icon were designed with Retina in mind and then downscaled, where iOS 6 and previous versions were designed for the earlier, lower-resolution iPhones and iPads and then sharpened for Retina screens later.
Brian Klug & Saumitra Bhagwat:
A new feature is dynamic type (through the new Text Kit set of UIKit classes), which essentially is an accessibility feature that enables users to change the font size bias system wide and in applications that use the UIFont method to get a font size. This automatically adjusts weight, character spacing (kerning) and line height, and seems like an awesome change for users who need larger font sizes for elements to be readable.
I was hoping they would create either some different means of conveying cellular signal strength than just changing the tired old bars metaphor to circles which also no longer even convey magnitude. The bars at least previously each had different amplitudes, is 4 dots 4 times as good as 1 dot? Is each dot the same amount of relative change? I just find the entire metaphor tiring across the entire industry and was hoping Apple would do something other than change the bars to dots and take up more horizontal space in the the already crowded status bar.
For starters, there were some (rather timid, but quite effective) enhancements in terms of external keyboard support.
What’s new is that, once Find My iPhone is turned on, you must enter the Apple ID password for that iCloud account to disable the service. Up to this point, savvy thieves knew to disable Find My iPhone on an unlocked iOS device immediately to prevent tracking — that will no longer be possible.
The second — and most important — strike is that the device cannot be erased without entering the owner’s Apple ID password, preventing a thief from resetting a stolen iPhone to factory defaults before reselling it.
And although it’s very convenient to be able to tweak settings without having to unlock your phone, disabling Control Center on the lock screen will enhance security, as a would-be thief won’t be able to put your phone or tablet in Airplane Mode—thus rendering the tracking features of Find My iPhone, iPad, or iPod useless.
For example, buttons are by and large gone in iOS 7, replaced in many places by text. At first, this struck me as counterproductive, but the more I thought about it, the more I realized how much we’re all used to tapping or clicking on text now. We click on hyperlinks every day on the Web. We tap on the name of the song we want to hear on our iPhone.
That said, it can be confusing when you want to use a toggle, like the Shuffle button in iOS 7’s Music app—I still have trouble figuring out the difference between it saying Shuffle, meaning the command, and Shuffle All, which refers to “the current status of your music playback.”
But my biggest question is, “Why doesn’t AirDrop work with the Mac?” In case you don’t believe me, I’ve tested it—oh, I’ve tested it. It seems darned peculiar to release two operating systems with identically named features that work the same way yet are not compatible with one another.
Give iOS 7 some time. It takes about two weeks to adapt and it will grow on you.
Everyone keeps talking about how “flat” iOS 7 is but it doesn’t feel that way to me. Zipping up and down through folders and apps makes this operating system feel like there truly is a third axis.
The new Control Center in iOS 7 is a better solution to a similar problem, if a bit of a cluttered eyesore. No matter where you are on your device, a swipe up from the bottom bezel brings up another semi-translucent menu. This one contains quick toggles for Wi-Fi, Airplane Mode, and others; sliders for volume and screen brightness; audio controls; and for some reason, shortcuts to the calculator, flashlight, and timer. I love the idea — turning on Airplane Mode used to take far too long — but there are too many options and too many icons, and there’s absolutely no reason this shouldn’t be customizable. Even still, Control Center is great. (It took awhile to re-train my finger to swipe instead of double-tap every time I wanted to switch songs, though.)
Spotlight doesn’t have a dedicated Home screen page anymore. It’s now accessible from any page — just swipe down on any screen to reveal it and swipe up to hide it.
There is a new system-wide gesture to “go back” to a previous screen inside an app: just swipe from the left edge of the screen.
You can quit more than one app at a time from multitasking just by using multiple fingers simultaneously and swiping up on the apps you want to close.
You can now see alt text for images in Safari (useful for websites like xkcd). Just tap & hold an image to read the text.
Some people will love this “opening up” of the Lock Screen, which increases the space that can be used to display a photo or art of your choice. Others will note a wide variety of problems Apple’s new approach has created. Far too often, text blends into self-supplied Lock Screen wallpaper, forcing an aggravating search for imagery that works or a hunt for Accessibility Settings to fix the text. Additionally, non-intuitive bracket and bar icons have replaced some of the ingenious sliders Apple originally came up with to unlock the device’s features.
Apple’s redesign of Safari is nearly a mess, particularly on the iPhone and iPod touch. Also used in other apps, the company’s new ultra-thin icons are most significantly annoying here, replacing thick, highly visible triangular arrows with scant bracket icons, a bookpage-themed bookmark icon with what now looks like an abstract butterfly, and the clearly-labeled “Reader” button with a set of four bars in a paragraph-like fashion. Safari feels like someone was trying to design a futuristic web browser without taking core things such as icon legibility and user experience into account.
Another good example that gives you an idea of how much iOS 7 values context are the new translucent bars. Again, in an app like Safari (but also the App Store and Mail) the status bar and toolbar are translucent, showing a portion of blurred content with a subtle transparency effect. This isn’t just good-looking (I personally love the effect), it’s also useful in that, if there’s, say, a photo below the text you’re reading, you’ll know before scrolling to it. iOS 7’s graphics layout engine is smart in this regard as it treats photos and text differently: photos will be blurred with their primary colors, but, in order to avoid confusion with overlapping icons and letters, if text is behind a bar, iOS 7 will automatically increase the opacity of its UI to not show blurred text. This is the reason why, in apps like Mail and Safari, photos that underlap navigation bars and toolbars will be blurred, but text won’t show through the UI, cluttering it.
Apple has applied parallax to various iOS elements like alert dialogs, icons, badges, and it has provided developers with APIs to add parallax and other motion effects to their apps. While parallax contributes to iOS 7’s feeling of depth and layering, I think it’s mostly a gimmick, and not as effective in communicating certain aspects of the user experience as translucency, color, precise typography, or animations.
That new interface is the most visible indication of the new multitasking system’s presence. Instead of relying on a bar of app icons, you double-click your device’s Home button to zoom out into a card-based interface, which shows you the app screens themselves (as they were when you last viewed them); tap any screen or the app icon below it to go to that app. You can quickly scroll over either the icons or the app screens to view your recent apps.
Not only does this make it easy to pick out which app you’re looking for, but it means you can quickly refer to a piece of information in one app without actually bringing that app to the foreground.
The web filtering in iOS 7 is a feature of the low-level networking system in iOS 7 (known as NSURLConnection). It filters all web traffic that comes through that channel. This means that all web views built into apps, as well as third-party browsers such as Chrome, iCab and Dolphin, get filtered.
It introduces a lot of new features and frameworks. One of them is UIKit Dynamics that allow you to add real-world inspired interactions to your UI. You can add to your views behaviors as gravity, forces, elasticity and you can also combine them to create your own behaviors. This type of behaviors is usually used in gaming to provide a better UI interaction. UIKit Dynamics are designed for UI instead. If you want to build video games, please, refer to the SpriteKit framework that includes the same type of interactions. UIKit Dynamics do not replace Core Animation, UIView animations or motion effects. UIKit Dynamics are part of the UIKit framework.
Update (2013-09-20): John Cox (via Hacker News):
Apple's iOS 7 is the first large-scale use of a newly-minted Internet protocol, called multipath TCP. It lets computers send and receive data across different network paths and interfaces at the same time, such as Ethernet, Wi-Fi and 3G.
Dan Frakes on the improvements to Mail:
iOS 7 goes a big step beyond that by letting you customize the special views that appear here. Tap Edit when viewing the Mailboxes screen, and not only can you rearrange your current mailboxes, you can hide ones you don’t use, and you can add a number of new special views. Tap each item to enable or disable it, and drag the horizontal-lines icon on the right to rearrange the order of items.
Yes, VIP haters, this means you can finally disable the VIP view. But even more useful are the various special views you can enable here: Unread (all unread messages), To or CC (messages specifically addressed to you), Attachments (messages with attachments), All Drafts (all draft messages across all your accounts), All Sent (the same for sent messages), and All Trash (the same for deleted messages).
Apple heeded my complaints with iOS 7. There's now an option to make Do Not Disturb do what it should—completely silence your iOS device.
Head over to Settings, tap on Do Not Disturb, scroll down to the bottom, and set Silence to Always, instead of Only While iPhone Is Locked.
While this button won’t be coming back soon, there’s a way to type .com with one-and-a-half keypresses. When you’re in a web browser, and want to type .com, just tap and hold the . button to the right of the space bar, and you’ll see a popup menu which lets you choose from a number of top-level domains: as you can see below, I can choose from .us, .org, .edu, .net and .com.
Update (2013-09-23): Ask Different:
iOS 7 brings with it the option to place audio-only FaceTime calls (for the times when you are in no state to make a video call). Go to a contact’s info page, and hit the receiver icon in the FaceTime section. It is possible to turn on video later in an ongoing call.
Update (2013-09-25): equinux:
In our opinion, the passcode in iOS 7 has a visual security gap: when you enter your passcode, the larger buttons light up a lot longer than with iOS 6. It’s always been possible to watch a person entering their passcode, but the new extended illumination, and increased button sizes make it much easier for the “viewers” to see exactly what has been entered.
The Omni Group:
OmniFocus 2 for iPhone was truly developed from scratch for iOS 7. First, we put together a home screen that was capable of showing a bit more than before. We all love Forecast — in OmniFocus 2, you’ll get a peek at your week on page one. With iOS 7’s tint colors, each badge and each view of the app has a specific feel. And if you need to go all the way to the Home screen, tap-and-hold the back button to get there.
The background refresh is what I’ll probably like the most. Unfortunately, it doesn’t yet work with TextExpander on iOS 7.
The new start up screen puts everything you need on one iOS 7-friendly screen. Forecast is across the top of the screen along with a live count of due items for each of the next seven days. There are also large buttons on the home screen for the Inbox (including an inbox count), Flagged items (also with a count), Projects, Nearby, and Contexts. Finally there is a list of perspectives at the bottom of the screen. Like before, you can star individual perspectives and they will show up on this screen and you can access all perspectives by tapping on the Perspectives button.
More interestingly, the Omni Group really got back to basics. They obviously spent some time retooling the most basic of features to make the entire experience more usable. Take the task detail view as an example – the notes section for a task is no longer hidden behind an obscure blue arrow. Notes and even Attachments now have their own dedicated tabs in the task detail view and no longer feel like a UI afterthought. Furthermore, attachments are no longer line items in a table-view, but instead have been replaced with a collection view as shown below. As more attachments are added, additional equal sized squares are added to the collection.
Update (2014-08-01): OmniFocus 2.2 (released July 15) adds back support for TextExpander touch.
Prior to iOS 7, TextExpander stored shared snippet data in a persistent pasteboard named “TextExpander”. The TextExpander code in supported apps read from the “TextExpander” pasteboard. Unfortunately, other libraries used these persistent named pasteboards to store and retrieve information used to track users across apps, without their knowledge or consent.
Apple decided to put a stop to that by prepending one’s team ID to their named pasteboards, e.g. “Smile.TextExpander”. This allows shared pasteboards within one’s own company’s apps but not across unrelated apps.
TextExpander touch 2.1 (and later) supports storing shared snippet data in a long-past, completed reminder.
Tuesday, September 17, 2013 [Tweets] [Favorites]
The users who have likely had the most “success” (using the term loosely) with replacing Office are likely the individual users I mentioned early on who are simply using Office documents as containers, not using any Office specific features to much depth, and can likely survive just using the document export features in Google Docs, iWork, or any other Web/mobile productivity suite not from Microsoft. Admittedly, Microsoft surely sees this scenario, and as such has made the Office Web Apps for consumers freely available and interconnected with SkyDrive.
Even the Mac version of Office is not always a viable substitute. And I’ve seen iWork documents destroyed when moving from Mac to iPad, to say nothing of using it to edit actual Word or Excel documents.
nigelgoodman (via Peter Hosey):
In the “Movies” folder and any folder created inside it the above extra meta data columns can be added, and this applies to any other “Movies” folder created anywhere else - on another drive for example. But if you have another folder elsewhere that is labeled “Films”, for example, the extra columns cannot be added.
However it is easy to add these columns - simply (re)name the folder “Movies”. Open it and add the columns that you want. Then return and rename the folder back to “Films” or whatever. The extra columns remain and are still there after a log-out or restart.
Atlassian has released a new version of its SourceTree client for Git and Mercurial. I use it in concert with Tower. Tower has a cleaner user interface that’s great for committing changes and viewing the contents of a commit, including multiple files at once. SourceTree, though, has a better per-file history view and can search the contents of a commit rather than just the comments. (This search feature seems to be broken for me in the current version; I’m currently talking with their tech support people about it.)
For reasons that I don’t understand, neither client provides an easy way for me to get the revision history for a file that I have in the Finder, Terminal, or an editor. You’d think that you could drag and drop it onto the Dock icon or use AppleScript or a command-line tool. Instead, you have to drill down or search for it from within the client.
Update (2013-09-20): The “File Changes” search bug is fixed in SourceTree 1.7.1.
At O’Reilly Media, we’ve built a successful business and have had a big impact on our industry, but looking back at our history, it’s also clear to me how often we’ve failed, and what some of the things are that kept me, my employees, and our company from achieving our full potential. Some of these were failures of vision, some of them were failures of nerve, but most of them were failures in building and cultivating the company culture.
Brian Roemmele (via John Gruber):
There are numerous reasons Apple moved to the A7 processor. One reason is the hardware requirements of Touch ID. To economically create the Secure Enclave, Apple needed a processor that is already aware of the concept of encryption and security at a native level and has the dedicated hardware to make a segregated and secure area with in the processor architecture.
Presumably, easy phone unlocking is just the beginning of Apple’s plans for the fingerprint scanner.
I used to worry that once I got a number of customers, supporting them would take up too much time for me to move the ball forward on new releases and new products. The only strategy I had to counteract this was to ship products that are as simple as possible and as bug-free as possible. It seems to have worked so far. As a side benefit, I found out that people much prefer super-simple products that don’t have bugs.
I pretty much agree except for his comments on not tracking enhancement requests. I would say that you don’t have to worry too much about tracking priorities, as it’s usually clear what people want most. However, even for the obvious items, it’s nice to have a place to stash notes on how I plan to implement the feature and what the important trade-offs are. Secondly, I believe that there’s a long tail of second-tier features and details that only a small number of people request but that add up to a substantially better product. As a user, I often find that the important differences between two apps are not ones that would have appeared on the list of major features.
Morgan Housel (via Hacker News):
He created a culture that’s not only different from, but often totally at odds with, how most business leaders think. He’s also quite quotable. Here are 20 smart things Bezos has said over the years.
[We] set up a subdomain dedicated to serving our feed that refers directly to the delivery service. Technically, it’s just a CNAME record for feeds.git-tower.com referencing feeds.feedblitz.com.
This lets them use thirty-party analytics while retaining control of their URL and allowing the feed to link to their stylesheet.
Back when season 5 of Breaking Bad started, iTunes sold a season pass that offered “all current and future episodes of Breaking Bad, Season 5.” When the producers decided to lengthen the season, and split it into two parts, Apple reneged on their commitment, no longer providing “all current and future episodes.”
A class action suit has been filed.
The claim also says Breaking Bad’s creators and actors have consistently described the 16 final episodes as “Season 5.”
Update (2013-09-24): Kirk McElhearn received a credit for purchasing the remaining episodes.
PhotoReviewer is now compatible with Mac OS X 10.6 and later. I used this app a lot in the early days of Mac OS X, as it was great for going through large batches of images to delete the unwanted ones and organize/prioritize the reminder. Then, with Mac OS X 10.5 (I think), it stopped working.
Preview, in those days, would try to open each image in a separate window, which took a long time and would usually exhaust the available RAM, then grind the system to a halt with paging. There was also no easy way to move or delete the images, and Preview wasn’t (and still isn’t) AppleScriptable. Newer versions of Preview can open large batches of images in a single window, and you can press Command-Delete to get rid of the bad ones.
The venerable GraphicConverter now offers Slide Show mode, with additional review features and a more complex interface.
PhotoReviewer, I think, handles the basics the best and is much faster than the alternatives.
FastMail (via Nick Matsakis):
Our plan at FastMail is to detect iOS clients, and convert all searches into FUZZY searches. This causes matches to be done on “terms” rather than pure sub-strings, but allows us to use our xapian powered index which should make matching and fetching results much, much quicker.
I wonder why MobileMail is using a body substring search to begin with. The Mac version only supports term and prefix searches. (I think a previous version may have supported wildcards.) EagleFiler offers the option to “Match Partial Words” or not.
I use FastMail as a backup SMTP server for sending customer e-mails. Amazon SES is cheaper but more often rejected by mail servers.
FCModel is a generic model layer on top of FMDB. It’s intended for people who want some of Core Data’s convenience, but with more control over implementation, performance, database schemas, queries, indexes, and migrations, and the ability to use raw SQL queries and SQLite features directly.
FCModel accomplishes a lot of what Brent Simmons wrote about. This is my version of that.
It’s a basic object mapper that supports uniquing/caching but not relationships. Unlike Core Data, the objects can be modified from any thread.
I think Core Data is OK as far as it goes but that it needs an “escape hatch” to do more database-style operations. In other words, instead of having to drop Core Data entirely, you would stay with the framework but forego certain object niceties that don’t work well with those commands.
Update (2013-09-19): Collin Donnell:
The truth is that because Core Data is a general solution which completely abstracts you away from the idea of using a database, I’m not sure there’s anyway that it couldn’t be a bit complex in places and that there wouldn’t be walls to bump up against. In my experience with Core Data everything works great except when it doesn’t, and because you’re so abstracted away from the implementation detail of it using a SQLite store, when you do hit those walls, you hit them hard.
If you have an older version of iOS than is supported by an app, Apple now lets you download the last compatible version of the app (via Ryan Christensen, Paul Haddad, and Aaron Souppouris). This is great news, as I thought iOS 7 was a potential disaster in the making. Buy a song or a movie from Apple, and you “own” it and can download it on any device, any time. But buy an app, and this ability only lasts until a new version drops support for your OS, which is probably sooner rather than later. Apple’s developer tools are forward-looking and discourage support of older OS versions.
There remain some questions, though:
- Does the new version of the app have to be available in the App Store in order to download the old version? That is, if version 2.0 is a new SKU, will owners of older devices still be locked out of buying the last compatible version of the app?
- Does the answer to #1 change if you had already purchased the original SKU? For example, say you purchased OmniFocus 1.x on an iPad 1. Does it go away when you restore from an iCloud backup?
- What if the last compatible version was buggy, or has become so due to changes to external services that the app depends upon? There seems to be no way for the developer to submit a fix.
- Will this feature come to the Mac App Store? Many apps that should be able to easily run on Mac OS X 10.6 or 10.7 cannot, because of sandbox bugs that weren’t fixed until 10.8 or 10.9.
Update (2013-09-17): See also the Hacker News discussion. Also, an important point is that, with the current developer tools, if you make a 64-bit version (for optimum performance on the iPhone 5s) the fat binary will only run on iOS 7 (even though that same code compiled as 32-bit could support earlier versions).
Kyle Richter (via John Gruber):
No one ever told us [developers] about it. Let me rephrase that, because it sounds pretty entitled. No developer expects Apple to run this kind of stuff by them ahead of time. The problem is no one ever thought this was a possibility. The common misconception here is when an app is updated it is updated to add new features and maybe some bug fixes. These new features may require a newer version of iOS so old users are left in the cold. The truth is a lot happens under the covers during updates, API endpoints are updated, data models changed, multiplayer protocols changed, even legal issues are addressed.
Update (2013-09-19): Here’s Apple’s official announcement:
Previous versions of your apps are now available for re‑download by users who have already purchased them, allowing customers to use your apps with older devices which may no longer be supported by the current version of your app. If you do not wish to make these versions available, you can manage the availability of your apps' previous versions in the Rights and Pricing section of the Manage Your Apps module in iTunes Connect. Learn more.
Monday, September 16, 2013 [Tweets] [Favorites]
PCalc’s decimal point key changes to Frac when the 2nd key is active. This allows you to enter fractions and mixed numbers directly. The calculations aren’t done as fractions—PCalc converts them immediately to decimal—but you can enter them that way. More important, you don’t have to use the 2nd key to do it.
Update (2013-09-17): See also the Hacker News discussion.
Has the reliability of open source compilers decreased since GCC 2.7? This does not appear to be the case. In fact, this experiment indicates that the opposite might be true. Of course we need to be careful in interpreting these results, since randomly generated C programs are not necessarily representative: they could trigger bugs that no real C program triggers, while also missing all of the bugs that Miod is complaining about. On the other hand, take a look at the C programs above that trigger the new wrong-code bugs and try to convince yourself that these patterns will never occur during compilation of real code. A different source of bias in these results is that GCC 2.7 was never tested with Csmith, but the current versions of GCC and Clang have been subjected to extensive random testing.
The stupidest aspect, as far as I am concerned, is that, at least in my case, the simple fact of falling asleep apparently causes enough of a change in my heart rate to trigger the alarm. As you can imagine, falling asleep is not the easiest thing to do in a busy ward at the best of time. When you’ve been put to sleep for six hours and have a bit of a headache, it’s even harder. But really, it does not help at all that, right at the time when you finally fall asleep, the idiotic heart rate monitor emits a beep that is, of course, close enough to wake you from your not-quite-asleep-yet state.
Saturday, September 14, 2013 [Tweets] [Favorites]
John Leyden (via Roger Henriques):
The release of Parallels Desktop 9 for Mac, the latest version of the virtual-machine software that allows users to run Windows apps on a Mac computer (among other things) was accompanied by howls of discontent from several people on Parallels’ user forum. The complaints centered on the automatic and silent install of Access trial software. Access allows Windows and Mac apps to be run from an iPad fondleslab.
Complaints arose because the software was installed to users’ system without their consent, using a saved admin password that punters were not asked to re-enter. Worse yet, the desktop client launched Access without informed consent, signing into an external server in the process: a range of behaviours that allowed the more vociferous critics to compare the technology to a trojan.
Atb Levy (via Clark Goble):
Both the DFU and Recovery Mode are very useful to install custom firmware, update, unlock or Jailbreak iPhone, iPod Touch or iPad. Entering or exiting from DFU or recovery mode depends upon the timing of pressing the Sleep and Home Button. Pressing home button for too long may lead to recovery mode instead of DFU mode.
You can also use DFU mode to downgrade the OS.
Friday, September 13, 2013 [Tweets] [Favorites]
RegEx Knife is a port of the Regular Expressions Tester functionality from Affrus 2 to the iPad. This tool allows you to enter regular expressions into a syntax highlighted editor, enter sample text against which the regular expression is matched, and finally, enter a substitution template which is used to transform the sample text.
Looks great, although the idea of typing regular expressions on the iPad keyboard makes me want to run for the hills.
Update (2014-07-17): The app now available in the App Store.
Starting in the late spring or early summer, my main MacBook Pro started losing its Wi-Fi connection to the AirPort Extreme Base Station (fifth generation) several times per day. Instead of five black signal strength bars in the menu bar, I would suddenly see five gray ones. This seemed to happen most often while the Mac was doing an unattended Arq backup. I could always re-select my network from the menu, and it would instantly connect again with full signal strength. It would never auto-reconnect, however. The problem never affected other computers or iOS devices, even ones the same 35-foot distance from the base station.
I saw Console messages like this:
9/9/13 12:01:14.000 AM kernel: MacAuthEvent en0 Auth result for: 70:73:cb:bb:ae:47 MAC AUTH succeeded
9/9/13 12:01:14.000 AM kernel: wlEvent: en0 en0 Link UP virtIf = 0
9/9/13 12:01:14.000 AM kernel: wl0: Roamed or switched channel, reason #8, bssid 70:73:cb:bb:ae:47
9/9/13 12:01:14.000 AM kernel: en0: BSSID changed to 70:73:cb:bb:ae:47
9/9/13 12:01:14.000 AM kernel: en0::IO80211Interface::postMessage bssid changed
9/9/13 12:01:17.000 AM kernel: wlEvent: en0 en0 Link DOWN virtIf = 0
9/9/13 12:01:17.000 AM kernel: AirPort: Link Down on en0. Reason 2 (Previous authentication no longer valid).
Searching the Apple discussion forums, people have been reporting symptoms like this (probably with different causes) since since Lion, if not earlier.
I found a potential workaround in that there’s a command-line tool that can check whether Wi-Fi is active:
networksetup -getairportpower en0
Wi-Fi Power (en0): On
Which means that it should be easy to write a cron job that re-enables it if necessary:
networksetup -setairportpower en0 on
That could be my backup plan, but I wanted to actually fix this. I called AppleCare, and the specialist walked me though some basic troubleshooting steps: resetting the SMC, resetting the PRAM, doing a safe boot, and resetting the base station. He then got some more specialized information. I was told that:
- In the Network preferences, “Require administrator authorization to: Turn Wi-Fi on or off” should be checked. I had thought that this was for when the user turns it off, but the wireless specialist said that it also prevents the Mac from turning off the Wi-Fi chip due to inactivity.
- In the Energy Saver preferences, “Wake for Wi-Fi network access” should be checked. I had thought this was for waking the Mac from sleep, but the wireless specialist said that this prevents the Mac from putting the wireless card to sleep, which it tries to do even when the Mac is plugged in and set never to go to sleep.
I was skeptical about this advice, but I tried it. It didn’t help.
It was then suggested that I run Wireless Diagnostics by holding down the Option key and choosing it from the AirPort menu. I had done this before, and it found no problems. However, rather than immediately seeing the report, you can choose the option to “Monitor my Wi-Fi connection.” It will then keep running in the background. When there’s a problem with the connection, it will bounce its Dock icon, write a lot of log files to the desktop (reminiscent of sysdiagnose), and present some recommendations.
In my case, one of the suggestions was to use a dual-band wireless router (which I already had). Another was that the 5GHz band is typically less susceptible to interference from other devices than the 2.4GHz band. I had been using the standard configuration in AirPort Utility with the both the 2.4Ghz and 5GHz channels set to Automatic. On this advice, I checked the box to specify a separate “5Ghz network name,” so that the Mac doesn’t try to connect at 2.4Ghz. After selecting this network in the AirPort menu, the Mac has been reliably connected to the network ever since. (With Wireless Diagnostics running in the background, it has detected several disconnections, but it is apparently reconnecting automatically and immediately so that this is not noticeable.)
Unfortunately, many applications do not currently play their sound effects properly, ignoring the user’s Sound Effects output selection. The end result for users is that audio snippets which are in fact sound effects incorrectly play through the main audio output. Luckily, fixing the problem is quite simple. Below, we show example code for playing back audio with Cocoa’s NSSound, on the system alert device.
Their code sets the device playback identifier on an
NSSound, which you can then play in the normal way. I found that this correctly plays the sound on the right device, but it does not respect the “Alert volume” in System Preferences. For SpamSieve, I have been using the
AudioServicesPlayAlertSound() API, which uses both the alert device and the alert volume.
The Camera app’s 5s-only features are worth a mention as well. With the 5s’ A7 chip, iOS 7 can automatically adjust the camera’s white balance and exposure, run algorithms to pick the best shot out of multiple ones that were actually taken behind the scenes upon pressing the shutter button, and provide automatic image stabilization without the user ever knowing what’s going on with the CPU, optics, and camera software. When all the pieces are combined, the user knows that the iPhone 5s can take slow-motion videos, shoot up to 10 photos per second, make people’s faces more natural when the flash is on, remove shakiness, and zoom on live video. Behind the scenes? iOS 7, the A7, and the camera sensor work in tandem to capture more light, process information such as closed eyes and movements, and then present it through the interface. When using an iPhone, the user only knows that the 5s takes better photos with cool new features.
All I know is that for everything that Android and Google are getting right these days, they still haven’t gotten close to touching Apple in the area that is of utmost importance to me: photo quality.
Here’s Apple’s iPhone 5s photo gallery.
Update (2013-09-24): Dean Holland (via John Gruber):
In a break with previous iPhones, you can’t press-and-hold to focus in advance. The 5S shoots when you press the on-screen button, not when you release it. You can still use either of the volume buttons on the phone to shoot, or the volume buttons on the earphones as a remote control/cable-release. I like the new way - it feels much more responsive, but I have to be careful of wobbling the camera in low light.
But I’d argue that technical innovation is not what this phone is about. I’ve found the iPhone 5S to be the most fun iPhone camera to date. Instead of extra pixels, I’m enjoying the speed, performance, and the new party tricks of burst shooting, slow-motion video, and easier, better low-light shooting. It’s the most ‘invisible’ of the phones, as it just gets out of your way, so you can enjoy what you’re doing. If you like shooting on smartphones, I’d recommend that you give it a try.
If getting the best technical quality and detail is important to you, none of the improvements in the iPhone 5S is likely to appeal. Picture quality in good light hasn’t improved compared to the iPhone 5 - arguably it’s deteriorated a little. Picture quality in poor light has improved considerably, but is still far short of both the quality and usability of a dedicated camera for night photography.
Caltech has made the excellent Feynman Lectures on Physics available online (via Evan Hensleigh). The formatting looks great, with HTML5, SVG figures, and LaTeX equations rendered using MathJax.
Thursday, September 12, 2013 [Tweets] [Favorites]
Adam C. Engst:
From the perspective of someone who lives and breathes text, this is a wrong-headed move, because it is both inconsistent and introduces confusion-causing ambiguity, not just into everything that’s written from now on, but also into the historical record. From now on, whenever you see the word “iPhone 5s” in a sentence, you’ll have to read carefully to determine if it’s talking about the iPhone 5s, or several iPhone 5s. In some cases, there may be no way of knowing what’s meant — you can’t know what I’m referring to when I say “The iPhone 5s flew off shelves.”
Todd C. Miller (via Dan Goodin):
The flaw may allow someone with physical access to a machine that is not password-protected to run sudo commands without knowing the logged in user’s password. On systems where sudo is the principal way of running commands as root, such as on Ubuntu and Mac OS X, there is a greater chance that the logged in user has run sudo before and thus that an attack would succeed.
The bug was reported in March. Mac OS X 10.8.5 ships with sudo 1.7.4p6, which would seem to be within the range of versions exhibiting the bug.
Whenever your browser equipped with Perspectives visits a secure site, it consults several notary servers to see if most of them agree that the signature you received matches the one they have seen most regularly. If not, you're warned. It could be that only your part of the world is getting an illegitimate certificate, or that, worldwide, it all changed at once.
The old versions of OmniFocus for iPhone, OmniOutliner for iPad, and OmniPlan for iPad will be removed from the App Store. If you’re not planning on updating to iOS 7 or need a version of any of these apps that runs on iOS 6 for any reason, you’ll want to grab them before the new releases ship. However, please note that we don’t plan on doing any more work on these iOS 6 apps: our iPhone and iPad development efforts are now fully focused on iOS 7.
If you have an iPhone 3GS or for some reason don’t plan to upgrade to iOS 7, you’ll need to keep your own backups of any apps that you use. The App Store makes it easier to buy apps and to update them, but it’s not designed for folks with older hardware or OS versions.
Since people could keep using this app indefinitely, I could be on the hook to MapQuest for service fees indefinitely. So I set the app up under a subscription model: the purchase price gets you three months, and then a year’s service is $5. That way, while my liabilities to MapQuest scaled with usage, so did my ability to pay them.
Unfortunately, since the app’s release, this kind of model has been explicitly forbidden by Apple’s App Store Guidelines:
11.9 Apps containing “rental” content or services that expire after a limited time will be rejected
Elia Freedman (via Ben Thompson):
Historically, as a developer, our priorities lined up nicely with the big player in the market: Microsoft. Microsoft makes money from software so it wants hardware and peripherals to be free. Since we make money from software, too, us developers have been in pretty good shape. Add in the fact that Microsoft primarily sells productivity software and us productivity app developers have done really well business model-wise.
But Apple and Google want software to be free, as iWork now is.
Steve came to me and he said, “I want to drop the price of the Macintosh and I want to move the advertising, shift a large portion of it away from the Apple 2 over to the Mac.”
I said, “Steve, it’s not going to make any difference. The reason the Mac is not selling has nothing to do with the price or with the advertising. If you do that, we risk throwing the company into a loss.” And he just totally disagreed with me.
%zd, %tu, %tx (signed, unsigned, hex) currently format
NSUInteger with no warnings.
The printf(3) man page:
Note: the t modifier, when applied to a o, u, x, or X conversion, indicates that the argument is of an unsigned type equivalent in size to a
ptrdiff_t. The z modifier, when applied to a d or i conversion, indicates that the argument is of a signed type equivalent in size to a
Apple’s String Format Specifiers documentation still recommends casting to
unsigned long and using %ld or %lu.
Michael Larabel (via Marcel Weiher):
Going back for many months we have known that FreeBSD developers (and BSD users in general) have been pushing for a LLVM/Clang world and to limit the usage of GCC. Clang has grown in functionality for being on-par with GCC as a C/C++ compiler and it’s more liberally licensed than the GPLv3 GCC and the LLVM-based feature-set continues to expand like faster and lighter compilations.
But despite the believed uniqueness of fingerprints, using a fingerprint scan as an authentication credential isn’t a panacea for security problems. It’s worth taking a little time to understand the technology, what it can do, and how it will integrate with your digital life.
But the real reason is that using fingerprints creates better security through improved usability. Most people, if they use a passcode at all, stick with a simple four-digit passcode, which is easy for an attacker to circumvent with physical possession of your iPhone. Longer passphrases, like the obscure 16-character one I use, are far more secure, but a real pain to enter repeatedly. A fingerprint reader, if properly implemented, provides the security of a long passphrase, with more convenience than even a short passcode.
Update (2013-09-12): Marcia Hofmann:
Because the constitutional protection of the Fifth Amendment, which guarantees that “no person shall be compelled in any criminal case to be a witness against himself,” may not apply when it comes to biometric-based fingerprints (things that reflect who we are) as opposed to memory-based passwords and PINs (things we need to know and remember).
Apple announced that you can’t unlock via fingerprint after a reboot, or if the phone hasn’t been used within 48 hours.
Danny Yadron and Ian Sherr:
Apple testers have found the device sometimes doesn’t work with moisture-laden fingers covered in sweat, lotion or other liquids.
Update (2013-09-13): Mary Branscombe:
And like the sensor in the iPhone 5S, the sensors that will be in laptops and keyboards and other phones can detect the ridge and valley pattern of your fingerprint not from the layer of dead skin on the outside of your finger (which a fake finger can easily replicate), but from the living layer of skin under the surface of your finger, using an RF signal. That only works on a live finger; not one that's been severed from your body.
Update (2013-09-20): Apple (via Ivan Krstić):
Every fingerprint is unique, so it is rare that even a small section of two separate fingerprints are alike enough to register as a match for Touch ID. The probability of this happening is 1 in 50,000 for one enrolled finger. This is much better than the 1 in 10,000 odds of guessing a typical 4-digit passcode. Although some passcodes, like “1234", may be more easily guessed, there is no such thing as an easily guessable fingerprint pattern. Instead, the 1 in 50,000 probability means it requires trying up to 50,000 different fingerprints until potentially finding a random match. But Touch ID only allows five unsuccessful fingerprint match attempts before you must enter your passcode, and you cannot proceed until doing so.
It’s disheartening that the writer got the probability wrong. The expectation is that it will take 50,000 different fingerprints. But it could happen on the first try, or take many more than 50,000. This is all assuming that fingerprints are i.i.d., which is probably not the case.
Update (2013-09-23): Chaos Computer Club:
“In reality, Apple’s sensor has just a higher resolution compared to the sensors so far. So we only needed to ramp up the resolution of our fake”, said the hacker with the nickname Starbug, who performed the critical experiments that led to the successful circumvention of the fingerprint locking. “As we have said now for more than years, fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints.”
Is Touch ID Worth Having? I’d say yes (cautiously). John Gruber
that pre-Touch-ID, the most popular iPhone lock method was none,
swipe and you’re in. If this changes that, it’s probably worthwhile.
The fingerprint reader built in to the iPhone 5s is not as fast as I expected. It's not instant as some have suggested but rather requires a slightly longer press than I would typically use. With the screen off, I typically give a quick press to turn it on. This is not sufficient to unlock the phone. I found that to unlock the phone I had to hold my finger on the button until the screen display became active.
Update (2013-09-24): Marc Rogers:
Yes, TouchID has flaws, and yes, it’s possible to exploit those flaws and unlock an iPhone. But, the reality is these flaws are not something that the average consumer should worry about. Why? Because exploiting them was anything but trivial.
Wednesday, September 11, 2013 [Tweets] [Favorites]
I was enjoying the iPhone 5c web page where you can experiment with the phone/case color combos. It’s very nicely done. Suddenly I was aghast — a chunk of the word “iPhone” can be seen through one of the holes in the case. While some will say “big deal,” those who love Apple’s taste and values will feel like they got punched in the stomach. Clearly someone fell asleep at the wheel. It not only looks like a mistake — it looks ugly.
Look at the image at the top of this article and note that in Phil’s presentation of iPhone 5c yesterday, this grievous mistake had been Photoshopped away.
I’m glad to see that Apple has made an iPhone 5 dock after all (via Jordan Merrick):
Charge and sync your iPhone 5s or iPhone 5 with the iPhone 5s Dock. Your iPhone sits upright in the dock as it syncs or charges, so it's perfect for a desk or countertop. It features a convenient audio line out port that connects to powered speakers. It supports other iPhone 5 accessories, such as the Lightning to USB Cable (sold separately). You can even conduct speakerphone calls with your iPhone in its dock.
There’s a separate dock for the iPhone 5c.
Tuesday, September 10, 2013 [Tweets] [Favorites]
However, I have to say, I have had the complete opposite experience with regards to performance. Having measured various projects before and after converting to ARC, I have seen numbers between 30% and 100% slowdown with ARC. The average is probably around 50%. I have never seen performance improve when using ARC.
It shouldn’t really be surprising. ARC adds an astounding number of additional reference counting ops to all code involving object pointers. If that were compiled, ObjC would be completely unusable and slower than all the so-called scripting languages out there. So for things to be usable, ARC then has the optimizer try to undo most of the damage and finally adds some clever runtime hacks to mitigate the rest.
Since the hacks and the remaining damage are somewhat orthogonal, you sometimes end up ahead and sometimes you end up behind.
The other thing that should be considered when seeing heroic hacks like the autorelease-undoer is that such techniques rarely arise spontaneously from an idle moment of relaxed performance optimization. More usually, they happen because there is some sort of “ho lee f*k” moment, where performance regression is so bad/project-threatening that something drastic/heroic needs to be done.
Corporations and people being what they are, official communication tends to focus more on the heroics than the “ho lee f*k”, so documentation on the performance of new technology tends to be, er, “optimistic”.
Actually, after doing a naive ARC migration I find a 30%slow-down on this sample.
It look like the main slowdown is induced by an increase of retain/release calls introduced by extra-safety.
Indeed, the conventional wisdom is that adopting ARC will make your app faster. It would be interesting to see whether the slowness is concentrated enough that it could be addressed by moving a few key methods to a separate file that’s compiled without ARC.
Update (2013-09-11): John McCall:
For what it’s worth, the autorelease optimization was planned; the performance problem it solves was extremely predictable, since it’s actually a noticeable performance problem in MRC code as well.
Overall, while we’re happy to see that some people see performance improvements, our expectation going in was always that ARC would cause some regressions, and that while in most code those would be lost in the noise, in some cases people would need to help ARC out with things like __unsafe_unretained. Ultimately, ARC is just a tool for improving your productivity as a programmer, not a magic button with no downsides.
More likely performance reasons/targets for opting out are things like inline reference counts and, especially, object caches. For me they generally bring factors of improvement, if not orders of magnitude, when applicable (wasn’t it CoreGraphics that had problems with their object cache no longer working on GC, thus killing performance?) Being able to mix-n-match and opt out is definitely one of the awesome features of ARC.
On the inline reference counts: when I was doing my recent tests on archiving performance, I suddenly found that object creation (1M objects) was taking longer than expected. Adding an inline retain count *halved* the running time for creating the object graph (155ms vs 300ms)! I have to admit I was bit surprised that the difference would be this big, considering the intrinsic cost of object creation. (Out of curiosity I tested it with ARC and it took 400ms)
ARC doesn’t replace the benefit of having an inline reference count. I think if we could magically bless all objects with an inline reference count without worrying about disrupting existing hard-coded object layouts, we probably would.
We’ve found that it usually doesn’t take very many __unsafe_unretained annotations to eliminate most regressions. There are a ton of places where any human reading the code would immediately realize that an object won’t get released, but ARC can’t quite prove that, usually because there’s an intervening message send. Most of those places don’t detectably affect performance; it’s the one or two that happen in a loop and therefore trigger 40,000 times that you notice. But by the same token, those sites tend to show up in Instruments and so are easy to track down and fix.
Update (2013-09-14): Marcel Weiher suggests some ways to add an inline reference count:
3. 3 bits in the class pointer
Since we aren’t allowed to get the isa pointer directly these days anyhow, that means we can mask out the low-order bits in object_getClass(), objc_msgSend() and the non-fragile ivar access code..hhmmm. Number of bits depends on whether you just rely on alignment or also grab what’s there from malloc() bucketing (probably shouldn’t). The “Getting Reference Counting Back into the Ring” paper claims that with 3 bits of recount, you avoid overflow for > 95% of objects, so that would be pretty good.
4. Do it yourself assistance
How about a function that takes a pointer to wherever I stashed my reference count and did all the right things, for example wrt. weak references? Or a macro.
We’ve certainly looked into things like this.
vombat cleverly discovered that SQLite’s strftime function parses ISO-8601 (i.e. JSON) dates an order of magnitude faster than NSDateFormatter does, even with the overhead of having to generate and evaluate a SQL SELECT statement to run it.
I decided to go one step farther — I tweezed out the ~250 lines of C code from SQLite that implement the actual parsing, and got them to build independently. This adds another factor of 2x speed.
I enjoy reading the SQLite code.
NSDateFormatter also seems to be responsible for Numbers’ horrific performance when opening CSV files.
After hearing about it on ATP, I gave the Wordbox iPhone text editor a try. I like the “Magical Scroll Button” that lets you select text by tapping a button rather than tapping and holding (and waiting). Unfortunately, you have to tap twice—once on the button and once on Select before you can begin drag-selecting. And showing the button adds an extra row to the keyboard, which uses a lot of valuable screen space unless you are otherwise using the Markdown keys.
I think it’s worth it, though. Text selection and editing are what most make using iOS feel like a chore to me. I recall my old Pilot 5000 with a stylus being more pleasant. Wordbox’s button makes it a little better, but I think Apple needs to come up with something a lot better. Gestures, cursor keys? I don’t know.
Wordbox feels very fast, much moreso than WriteUp. However, it’s missing some important features that I want. For example, there’s no way to search the contents of your files (just the names). It can sync with Dropbox, but only to ~/Dropbox/Apps/Wordbox.
Monday, September 9, 2013 [Tweets] [Favorites]
Bruce MacEvoy has a very interesting site about watercolor techniques, which includes this article on mixing green (via Kyle Sluder):
When we go to mix paints, we find it’s difficult to pick the right paint combination — blue and yellow, or green and yellow, or green and blue? — to get the right shade of green, because green mixtures are different from other mixtures. We must know the material behavior of different pigments and paints, and which ones to choose for different purposes. When we mix them, we find that green mixtures follow curves rather than straight lines across a color wheel, and they often require three paints to mix accurately, rather than the two paints we’re been taught (“yellow and blue make green,” etc.). All these mixing complications are the reason there are so many premixed convenience green paints on the market — more premixed colors than for any other hue.
John Gilmore (via Tim O’Reilly):
Every once in a while, someone not an NSA employee, but who had longstanding ties to NSA, would make a suggestion that reduced privacy or security, but which seemed to make sense when viewed by people who didn’t know much about crypto. For example, using the same IV (initialization vector) throughout a session, rather than making a new one for each packet. Or, retaining a way to for this encryption protocol to specify that no encryption is to be applied.
The resulting standard was incredibly complicated—so complex that every real cryptographer who tried to analyze it threw up their hands and said, “We can’t even begin to evaluate its security unless you simplify it radically”. […] That simplification never happened.
The IPSEC standards also mandated support for the “null” encryption option (plaintext hiding in supposedly-encrypted packets), for 56-bit Single DES, and for the use of a 768-bit Diffie-Hellman group, all of which are insecure and each of which renders the protocol subject to downgrade attacks.
An interesting CS Theory Stack Exchange question (via @CompSciFact):
I am preparing for a talk aimed at undergraduate math majors, and as part of it, I am considering on discussing the concept of decidability. I want to give an example of a problem which we do not currently know to be decidable or undecidable. There are many such problems, but none seem to stand out as nice examples so far.
What is a simple-to-describe problem whose decidability is open?
Sunday, September 8, 2013 [Tweets] [Favorites]
It is impossible to absolutely prove that our answers to the easy questions above are truthful. But what I can do is provide a number of more verifiable claims, each of which makes it harder for us to lie about any of this. In combination, these should be enough to persuade you that there is no backdoor (deliberate weakness) in 1Password and that it would be very unlikely for one to be introduced.
One idea that’s not addressed is whether there could be a backdoor in the AES library that they’re using. Actually, what I found most interesting about this post was that they publish the full details of the 1Password 3 Agile Keychain and 1Password 4 Cloud Keychain file formats:
The Agile Keychain format used a separate file for each item in the user’s keychain. Experience has taught us that not only that having each item in its own file creates difficulties for some filesystems, but that it also brings a penalty with data syncing as well. There is an overhead for synching each individual file irrespective of its size. Having hundreds or thousands of small files led to inefficient syncing in some cases. On the other hand, we don’t want a single monolithic file, which would introduce its own problems for synchronizing 1Password data across systems.
We combine items into 16 bands depending on the the item’s unique identifier (UUID). For example, all items that have a UUID beginning with “C” will be listed in the file
band_C.js. Band files range from
band_F.j. If there are no items in a particular band, there will be no band file for it.
All too many Mac versions of Windows keyboards have all three modifiers the same size, as the original Windows models do, and some even still have four keys in the lower-right corner (with the fn key in the place of the right-click key).
If you have a fn key, fn-return should be Enter, exactly as on Apple’s laptops. I don’t care about this for extended keyboards, but for a compact keyboard, it’s a requirement, and if you have an fn key anyway, better to support it than not. If nothing else, it’s an affordance to heavy laptop users, who’ll be used to fn-return as a habit.
Parallels has released an annual upgrade ever year since it was released, but VMware tended more towards the 2 year mark between major releases. Now, though, both companies are releasing new versions in lockstep with new versions of OS X, and if you are serious about running Linux or Windows on your Mac, you’ll be upgrading both OS X and your virtualization tool of choice each year. And this year, you’ve got more choices than ever as both apps are trying harder to appeal to casual users and the more advanced needs of IT teams.
He says that the previous versions work fine with Mavericks, however.
Friday, September 6, 2013 [Tweets] [Favorites]
My conclusion in In The Gatekeeper and the Keymaster was that Apple doesn’t plan to offer upgrade pricing in the Mac App Store. Rich Siegel says Apple advises making version 2 a separate app. If that’s the case, Apple should focus on making that model smoother. Right now, unless you offer free updates forever, you eventually have to remove version 1 from the store and add version 2. The user experience for this is terrible. If the store and the OS understood that this is what was happening, there’s so much that it could do to make the process smoother. TUAW commenter chrismcs has a great list of some of the issues.
My whole attitude changed when Michael Piatek (one of the star engineers in the group) sent me an initial cut at the core system rewrite in Go, the result of less than a week’s work. Unlike the original C++ based system, I could actually read the code, even though I didn’t know Go (yet). The #1 benefit we get from Go is the lightweight concurrency provided by goroutines. Instead of a messy chain of dozens of asynchronous callbacks spread over tens of source files, the core logic of the system fits in a couple hundred lines of code, all in the same file. You just read it from top to bottom, and it makes sense.
Intermission, a cool new app from Rogue Amoeba:
Intermission lets you pause and rewind live audio on you computer. Streaming audio will never be the same!
With Intermission, you can jump back and replay something you missed, then resume live playback. Use it to pause any audio while you take a call, answer the door, or use the restroom. You can even pause streaming audio on services like Pandora, iTunes Radio, or Spotify to build a buffer, then skip right past the ads and songs you don't want to hear!
Thursday, September 5, 2013 [Tweets] [Favorites]
The New York Times (via Nicolas Seriot):
Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth.
The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.
The N.S.A. hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.
Update (2013-09-06): Nate Anderson:
More practically, it will probably lead to increased spying, as other nation-states and hackers exploit the ways that NSA has degraded Internet encryption. Backdoors create security breaches exploitable by unintended users—remember the Athens Affair? A built-in backdoor meant for law enforcement was accessed by others to spy on some of Greece’s top leaders.
By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.
Bruce Schneier, who has seen the documents, says that ‘math is good’, but that ‘code has been subverted’. He also says that the NSA is ‘cheating’. Which, assuming we can trust these documents, is a huge sigh of relief. But it also means we’re seeing a lot of (2) and (3) here.
With all this in mind, I have five pieces of advice […] My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software.
Even though Mac OS X uses OpenSSL, etc., it counts as closed-source since you aren’t compiling it. And if you were….
John C. Welch:
Well, with Acrobat XI, there’s FINALLY an improvement there. The feature is back, and the PDFs created from it are so much better than what they were. Best of all, you can do the conversion via drag and drop. Drag a Word file onto Acrobat and a few seconds later, you have a PDF that is a pretty damned good representation of the document. You do have to have Office 2008 or 2011 on your system, because Acrobat XI is using AppleScript for this. (I know, I know, it is a shock. Do sit down for a minute if you need to.)
This was previously only possible with the Windows version of Acrobat.
I’m not a pro, but I know enough to be dangerous :)
So, one weekend this summer, I rolled up my sleeves and dove into the trenches with our logo design team: Bob Stohrer, Marc DeBartolomeis, Russ Khaydarov, and our intern Max Ma. We spent the majority of Saturday and Sunday designing the logo from start to finish, and we had a ton of fun weighing every minute detail.
So, the stunt was mostly just a stunt but it worked in creating expectation and giving Yahoo some momentum into launching its logo. The problem is: the result did not deliver. Showing mildly venturesome graphic approaches throughout the 29 days gave me hope that there would be something radically cool at the end of the process. There wasn’t.
This is not how any company, big or small, cherished or unknown should design a company identity. The more I read about Yahoo!’s process for this redesign, the less respect and confidence I have in them. […] It’s that point of gullible disbelief where one starts to look around for hidden cameras. Are we being punked?
The new logo isn’t awful, but it isn’t great, either. The video does show a grid with lots of circles.
Update (2013-09-06): Oliver Reichenstein:
This post is not about the technical quality of the logo. I am not writing about brand design, but about brand management. This is about a simple rule: Brand design follows brand management, not the other way around.
Yes, we could have done a lot of different things besides throwing 29 disparate high school lettering projects on the internets for a month to see if anyone cared. But that would have required adult supervision for design and, honestly, we don’t care that much.
Designing for mathematical consistency ignores three related factors: that identical widths and shapes appear differently to the eye in different combinations within a letter or glyph; that identical shapes blend together and are harder to differentiate across words and lines; that letters in a typeface are placed alongside each other, and one must adjust to deal with common juxtapositions.
Update (2013-09-20): Marissa Mayer defends the new logo (via Brand New).
A few more thoughts on Apple shutting down OmniKeyMaster:
- I’ve re-read the Mac App Store Review Guidelines, particularly rule 2.21 and section 7, and it seems clear that none of the existing rules forbid what The Omni Group was trying to do.
- Omni, one of the highest-profile Mac developers, and a regular on the Mac App Store top-grossing list, announced its plan in January. Yet apparently no one from Apple said anything until a week after OmniKeyMaster shipped, wasting months of development time and confusing customers.
- That said, I doubt anyone is really surprised by Apple’s reaction or timing.
- It is surprising how many people seem to think that this was all a creative Omni ploy to screw its own customers.
- In-App Purchase is not a solution. The people suggesting that don’t understand how it works.
- Ken Case writes: “We will continue to ask Apple to support upgrade pricing in the App Store, and I would encourage others to do the same[…].” I don’t think the solution is a Radar. Apple has known all along that developers wanted this. Lacking support for paid upgrades is not an unimplemented feature request; at some point you have to conclude that it’s a deliberate business/design decision, however misguided.
- The Mac App Store still makes a lot of sense for games and little apps, but it’s an increasingly bad fit for applications. Sandboxing, the unpredictable review process, Apple’s cut, no trials, and the lack of any kind of support for upgrades (even helping customers migrate to a 2.0 SKU) make purchasing there a second-class experience in many respects. Access to iCloud is looking less like the carrot that I thought it would be.
- This is not to say that the Mac App Store is a failure, but it could have been so much better. It’s sad that Apple is botching it unnecessarily.
You’d think that Apple would try its hardest to make developers want to switch to the App Store — and in some ways, they have. They’ve made it relatively simple today for anyone to sell apps on the Mac without having to worry about license keys and payment providers, and regularly give incredibly valuable promotion to apps the App Store team loves. But, at the same time, their policies like sandboxing requirements have made some apps impossible to sell on the App Store, such as the aforementioned TextExpander, and their insistence on either offering upgrades to apps as free updates or full new products have frustrated any number of developers.
This is strange, because a number of similar tools (made by other independent developers) already exist on the Internet and they have been letting customers generate standalone licenses for several months. Perhaps Apple just didn't like that a name such as The Omni Group had found a way to make the process so easy? Was The Omni Group's tool built in such a way that it broke some Apple rules? Did The Omni Group think OmniKeyMaster would be okay because other solutions existed? Is Apple going after similar solutions as well?
Update (2013-09-05): Mark Bernstein:
The update is worth a lot because there’s very little risk. You already use the program all the time; the update will improve your environment slightly every day. You load the program three times a day; those saved seconds from the load time and the prevented crashes add up. They’re money in the bank. The value of a modest upgrade to a program you use a lot is actually greater than the expected value of the initial purchase.
Update (2013-09-11): Ken Case:
While depressed software pricing may make the platform more attractive in the short term (and Apple can make up for their own software losses with increased platform sales), over the long term it discourages developers and consumers from ever investing in high-end software solutions. I suspect the lack of this flexibility may be one big reason why we don't find apps like Modo and Mathematica in the App Store.
Peter N. Lewis:
[Given] Apple’s continued stance on refusing apps which cannot be sandboxed (which includes any app that tried to provide better functionality for Apple apps like: Finder, AppleScript Editor, Automator, Xcode, Terminal, Activity Monitor, Dock or Time Machine!), and given their continued stance against paid upgrades (which breaks the feedback loop so that the developer is never working for existing customers, only for other users not currently using a version of the application), it was clearly time to for Keyboard Maestro to exit the Mac App Store, and the latest message from Apple to Omni has confirmed that.
It really is a shame that Apple has chosen this course, excluding or limiting some very powerful applications, and perhaps they will eventually change their minds, but until then we will do our best to continue developing and enhancing Keyboard Maestro outside the Mac App Store, and probably be joined by an ever growing number of quality applications.
Wednesday, September 4, 2013 [Tweets] [Favorites]
Lots of people on Twitter and HN reporting that the latest update to Google Authenticator, Google’s app for dealing with two-factor authentication, removes any account you’ve set up.
Google has now pulled the iOS app.
If they had released this two weeks later, iOS 7’s auto-update feature would have bricked everyone’s accounts.
Google Auth 2.0 redefines two-factor auth: something you know + something you DON’T have. Their entire purpose in life is this second part and they completely and absolutely botched it. I can’t believe this passed testing at both Google and Apple.
Do people really think that the App Store reviewers do this sort of testing? The other iOS-related problem is that, even if you still have an old copy of the app, there’s no way to restore the data for it without overwriting your newer data in other apps.
When I add sites to Authenticator, I take a screenshot of the QR code and tuck it away in an encrypted document
I had thought the codes were time-dependent, but apparently not. Perhaps I should be saving them in 1Password.
Update (2013-09-10): Google Authenticator 2.0.1 is now available and fixes the bug.
I’ve been using the $20/year Vigil iOS app to monitor my Web sites. It doesn’t offer a lot of options or information, but it’s easy to set up and can notify you via iOS push notifications.
Neil Brewitt told me about Uptime Robot, which is free and seems to offer a lot more: an API, notifications via e-mail, SMS, RSS, etc. To receive iOS push notification, you need the free Boxcar app (or, I guess, one of the unofficial clients). Or, if you follow @uptimerobot on Twitter, it can send direct messages to your Twitter client of choice.
Both sides in the litigation admit that if Apple routes its FaceTime calls through relay servers, it will avoid infringing the VirnetX patents. Once Apple was found to be infringing—and realized it could end up paying an ongoing royalty for using FaceTime—the company redesigned the system so that all FaceTime calls would rely on relay servers. Lease believes the switch happened in April.
At trial, Apple engineer Patrick Gates testified about how FaceTime works. He downplayed the impact that changing the system would have on FaceTime quality—presumably to show how unimportant the VirnetX patents were.
But since the switch to relays, call quality has apparently degraded, though the article only cites the number of complaints since April.
Jesper is back:
But it bugs me that its most likely happenstance coincidence with the Mac mini bottom plate has people whooping and cheering, instead of wondering what’s making them drag rules shaped by necessary physical compromises into something that by Apple’s own ambition should be so unbound by physical compromises as possible.
I’ve put up the classes that Acorn uses to read and write PSD files on GitHub: github.com/ccgus/fmpsd.
How cool is that?
I have argued that Stephen Elop made a massive strategic error by choosing Windows Phone over Android; coming from Microsoft, he failed to appreciate that Nokia’s differentiation lay not in software, but in everything else in the value chain. It would have been to Nokia’s benefit to have everyone running Android, including themselves. Everyone would have the same OS, the same apps, may the best industrial design, distribution, and supply chain win.
Elop threw it all away.
Will Elop be CEO? If my original theory is true – that Nokia was on the verge of leaving Windows Phone, either for Android or bankruptcy – then Elop simply can’t be a serious candidate.
The problem for Microsoft in mobile is that Android has completely destroyed the value of a licensed OS; Microsoft’s traditional software model is broken. The only way to make money is to sell hardware to a segment of the market (with lower margins relative to software), or services that sit on top of OSs (with lower prices relative to software).
If you believe that strategy is about making choices, then it’s clear that “Devices and Services” isn’t a strategy at all.
They ought to pursue a strategy – services – that entails just that: being everywhere. Unfortunately, they now have $7 billion more reasons and the distraction that comes with them to pursue a strategy that they themselves see as winning only 15% of the market.