Archive for December 2016

Wednesday, December 28, 2016 [Tweets] [Favorites]

Amazon Echo Privacy

John Gruber:

There’s an argument that we’re still in the very early stages of voice-driven personal computing. That, for example, Apple is not too late in putting out an Echo-like dedicated appliance. But Amazon is running full steam ahead here. 5,000 hotel rooms here, 5,000 hotel rooms there, and all of a sudden Echo is the entrenched market leader.

Elizabeth Weise (via Hacker News):

Police in Bentonville, Ark., asked Amazon for audio and other records from an Echo digital assistant in the home of James Andrew Bates after Victor Collins was found dead in Bates’ hot tub last year, The Information reported Tuesday.


Amazon refused both times. In a statement to USA TODAY, Amazon said will not release customer information without a valid and binding legal demand properly served on it.


It’s important to note that “always listening” doesn’t mean “always recording.” The Echo is actually only always listening for its “wake word,” which by default is the name of its voice recognition program Alexa.

The Echo only keeps fewer than 60 seconds of recorded sound in its storage buffer. As new sound is recorded, the old is erased. So there’s no audio record made of what went on in a room where an Echo sits.

MacBook Pro Ethernet Adapter Benchmark

Paul Haddad notes that Apple’s Thunderbolt to Ethernet adapter is slightly faster than Belkin’s USB-C to Ethernet adapter and uses much less CPU. Unfortunately, the former must be chained with the Thunderbolt 3 to Thunderbolt 2 adapter. I wonder how the various docking stations compare.

Christmas Card Mail Merge

Casey Liss:

If you’re willing to make precisely zero edits to the address labels that are created from the Contacts app, it’s actually quite easy to print labels. […] For me, I wanted to address couples as, say, “Stephen and Merri Hackett”, even if my contact card had only Stephen’s name in it. This got very complex very quickly, but I was able to figure it out.

He exports to CSV, edits the file in Numbers, and uploads it to the Avery Web site to get it formatted (I guess as a PDF).

I had thought that Address Book’s (now Contacts’) support for custom fields would eventually solve this problem. Make a field for how you like the name printed and make a group with all the contacts you want to print. Then just keep the addresses up-to-date throughout the year. But, in practice, one ends up making the same manual name changes each year. And there’s no good way to sync contacts between different users. We end up maintaining several parallel address lists in Google Docs and then copying/pasting individual addresses into the DYMO software.

Amazon Could Be More International

Dave Winer:

I bought a gift card for a friend who lives in the UK, but I bought it on, thinking that would be great because they’re so international. But it turns out you can’t use an card on


I got on the phone with Amazon, probably talking with someone in China (even more international) and we figured out the only thing to do was to cancel the gift card, and I’ll now have to become a member of so I can give my friend a gift card she can actually use in the country she lives in.


So I went ahead and logged on to with my American account and it worked. So the rep was wrong, I didn’t need to create a new account.

Update (2016-12-29): Damien Petrilli:

Apple is far worst with their appleID. Switching country makes you lose purchase history / cloud capabilities.

PHPMailer Security Bug

Tom Spring:

A critical PHPMailer bug tied to the way websites handle email and feedback forms is leaving millions of websites hosted on popular web-publishing platforms such as WordPress, Drupal and Joomla open to attack.


Golunski says the Sendemail validation is done using the RFC 3696 specification that in some circumstances allows hackers to add quotes and characters within an email address. When unverified, those quotes and characters can be interpreted as command line arguments that create the remote code execution vulnerability in PHPMailer.

As soon as I read about this, I started seeing 404s for PHPMailer in my Apache logs. So it seems that hackers are already probing to find sites that have it installed.

Update (2017-01-04): Kenn White:

Oh this will be particularly nasty, particularly since the majority of (tens of millions of?) site owners don’t know they’re running it.

Tuesday, December 27, 2016 [Tweets] [Favorites]

Goodbye Mint, Goodbye Fever

Shaun Inman:

As of today I’m officially suspending sales and support of Mint and Fever. But! As self-hosted software, absolutely nothing changes and you can continue using both Mint and Fever as you were yesterday.


These things were not distractions. The baby and the new game and my next are where I will be focusing my energy going forward.

Michael Rockwell:

I reviewed Mint and Fever around the time I first installed them and they’ve been my favorite web analytics and RSS syncing services ever since. But the writing’s been on the wall for both of them for quite some time — development has drastically slowed over the past two years. I expect I’ll continue using them for a while, but eventually I’ll have to migrate to something else.

I gave up Mint some years ago for a faster, more customizable homegrown solution. But I still really like Fever and am not looking forward to having to find a replacement.

The writing also seems to be on the wall for ReadKit, my current Mac RSS reader of choice. It still works, but development has slowed, bugs have gone unfixed, and e-mails remain unanswered.

So I’ll be looking for both a new RSS server and client. For clients, I found this roundup helpful, but so far I’m not enthused about any of the options. Except for Vienna, the apps seem underpowered and overly iOS-like, and Vienna doesn’t have many syncing options. Syncing aside, I don’t see anything to rival NetNewsWire 3.

As to the servers, it’s exciting how many options there are now, but it is not easy to compare them. I want to know how often they fetch and how they handle updates, deletions, and retention. I guess I’ll need to make a bunch of test accounts.

Update (2017-01-03): John Gruber:

R.I.P. Mint, the best simple web stats tool I’ve ever seen.

Would love to find a replacement with similar design.

A new version of ReadKit was just released, and the developer responded to my bug report and said it will be fixed soon.

Mac and iOS Trajectories

Riccardo Mori:

I have a hard time believing it, but for the sake of argument, let’s say the Mac has reached the end of the line. Let’s say there’s little room left to innovate on the hardware side, and just room for small refinements and life-support maintenance on the software side. Let’s say Apple is not entirely wrong in choosing to neglect the Mac. Let’s say iOS is really the future and the right bet.

How is iOS supposed to evolve to become as mature and versatile a platform as the Mac?


If touch remains the only input method in iOS, how can the user interface and the user interaction be kept ‘simple’ when future iOS devices need to connect and interact with other peripherals?


When I walk down this hypothetical path, what I see in iOS’s trajectory, more than sheer innovation, is a reinvention of the wheel.


A Post-PC era where we should eventually get rid of traditional computers to switch to devices and an operating system that will have to behave more like traditional computers to provide a similar level of versatility. And we will have gone through the effort to reach a similar level of productivity as we have now on the Mac because…? Because iOS is nicer and feels fresher? And for how long will iOS keep feeling nicer and fresher?

Previously: How Apple Alienated Mac Loyalists, Understanding Apple’s Marginalization of the Mac, iOS Lacks a Document Filing System.

Update (2016-12-28): Jason Brennan:

Can you imagine doing anything even remotely like that even on a big ass iPad with a keyboard? I’ve waited for years to see something great like this, like “hanging out” and mucking around on an iOS device, but I’m still waiting.

A lie I keep telling myself is multi-touch is so fantastic. It’s amazing, right? You can use all your fingers (and then some!), to uhm, touch your screen. To do what, I still don’t know. Almost ten years of iOS and about the best multitouch app I can think of is Maps: it’s got two-finger-gestures!

After all this time, after all this waiting and lying to myself, I think multi-touch has been a big red herring. I’ve always looked at it and seen potential, like, this is the year of the multitouch desktop but it’s never materialized. iOS has always felt incredibly stunted to me, but I kept telling myself, we just need time to re-imagine software, we’re all just stuck in the desktop mindset, it’ll come.

Friday, December 23, 2016 [Tweets] [Favorites]

Investigating ChronoSync 4.7 for Cloud Backup

Glenn Fleishman:

We at TidBITS were excited to see ChronoSync add options to use Amazon’s Simple Storage System (S3) and Google Cloud Storage as sources or destinations. ChronoSync 4.7 also added support for SFTP (Secure FTP), which gives you even more remote file storage options.


Because of ChronoSync’s extreme flexibility and the complexity of understanding and setting up cloud storage services, the discussion below gets quite involved. The executive summary is that ChronoSync is a great option for those who need the ultimate control over offsite backup, but ends up being more expensive and slower than dedicated cloud backup services.

I’m pretty happy with Arq (+ Amazon Cloud Drive) and CrashPlan, but it’s good to see a new and different type of cloud backup option. For example, the Synchronize Bidirectional feature looks like an interesting alternative to Resilio Sync when combined with Archive Replaced Files. I also like that there’s a Preview feature.

Unlike Arq, the files are not encrypted until after they get to the cloud storage provider.

Consumer Reports on the New MacBook Pro’s Battery Life

Jerry Beilinson (Hacker News, MacRumors, 9to5Mac):

The laptops did very well in measures of display quality and performance, but in terms of battery life, we found that the models varied dramatically from one trial to another.

As a result, these laptops are the first MacBooks not to receive recommended ratings from Consumer Reports.


Once our official testing was done, we experimented by conducting the same battery tests using a Chrome browser, rather than Safari. For this exercise, we ran two trials on each of the laptops, and found battery life to be consistently high on all six runs.

Lower battery life could be a hardware issue, but the variability makes me think the culprit is software. I’ve been seeing high CPU use with Safari for a while now, though I think it has historically been more efficient than Chrome. I wish Consumer Reports had done the same test on last year’s MacBook Pro running macOS 10.12.2. I wonder whether the variability in those results would have been more similar to the new MacBook Pros or to their original 2015 test.

Previously: macOS 10.12.2 Removes Battery Time Remaining Estimate, New MacBook Pros and the State of the Mac.

Update (2016-12-23): John Gruber:

Either something is seriously wrong with these new MacBook Pros, or something is seriously wrong with Consumer Reports’s testing (or both).

Rene Ritchie:

Now, I don’t think Consumer Reports is faking news here, but I do think they’re after attention more than they are answers. Otherwise, I think they would have taken the time to figure out what happened, why, and presented something truly useful.

Phil Schiller:

Working with CR to understand their battery tests. Results do not match our extensive lab tests or field data.

Update (2016-12-27): John Gruber:

Anecdotally, reports from DF readers are all over the map. Many are complaining that battery life is poor — not based on the “time remaining” estimate that Apple removed from the battery menu item in 10.12.2, but on real-world usage. Some though, are getting excellent battery life (as I did in my review, mostly using a Core i5 13-inch model with Touch Bar). Others are claiming they were getting poor battery life but it has greatly improved after upgrading to MacOS 10.12.2.

Nick Heer:

Walt Mossberg also saw unpredictable battery life, though not to the extent that Consumer Reports did:

The biggest surprise in my tests was just how inconsistent the Touch Bar Pro’s battery life was. I have tested hundreds of laptops over the years and Macs have almost always excelled at meeting or beating their promised battery lives, both in my longtime battery test regime and in typical daily use. But the 13-inch MacBook Pro with Touch Bar wasn’t as reliably consistent as previous Macs.

Update (2017-01-02): Jon Gotow:

I’ve been wondering if this might actually be the source of the much-talked about Consumer Reports findings that the new MacBook Pros have very inconsistent battery life. Their results varied widely from test to test (on the same computer) – maybe one of the WebKit helper processes was just flipping out once in a while due to some underlying bug in Sierra’s interprocess communication or process management services.

While that’s just my own random speculation, the issue of processes running amok seems to be a recurring annoyance to some folks. To help you detect this sort of stuff, I’m adding an option in App Tamer to notify you if a process starts consuming excessive CPU time. If it does, it gives you the options shown in the screenshot.

Thursday, December 22, 2016 [Tweets] [Favorites]

App Transport Security Requirement Delayed

Apple (Slashdot):

At WWDC 2016 we announced that apps submitted to the App Store will be required to support ATS at the end of the year. To give you additional time to prepare, this deadline has been extended and we will provide another update when a new deadline is confirmed.

Previously: App Transport Security.

Update (2016-12-23): Nick Heer:

I hope a hard deadline comes soon and that Apple sticks to it. It’s easy to confirm that a connection is private on the web; it isn’t within an app.

Fixing AVPlayer Playback Transparency

Ashley Nelson-Hornstein:

To test this theory, I downloaded one of the videos made in the client’s app, dropped it into Apple’s example project, and made a couple of quick changes so that Apple’s project would use the video I added instead of one selected from Camera Roll. I ran the project and voilà, the same initial flash of transparency reproduced in the example project.


This “empty edit” sounded exactly like what was being inserted into the beginning of the client’s app-created videos. I looked at how the client’s app was appending buffers to AVAssetWriterInput and noticed that the code never ensured the first buffer appended to the file had the same time as the startTime of the video.

CwlSignal and Reactive Programming

Matt Gallagher:

The careful separation of “input” and “output” and the modelling of reactive programming as a channel is a distinguishing feature of CwlSignal. Other common implementations treat reactive programming as an implementation of the “Observer” pattern but this leads them to hide the input end of their channels or confusingly use types that are both input and output, when only an input interface is desired.


Unlike functional programming inspired transformation functions (e.g. map, flatMap), the fundamental transform in CwlSignal does not return its result but sends it into the SignalNext (interface equivalent to SignalInput for sending to the next Signal in the chain). This design allows you to emit any number of values or an error.

Matt Gallagher:

In this article, I’ll explain why I consider reactive programming to be one of the most important design patterns for application programming by looking at three scenarios that are common in application development, yet are a drain on development time, lead to frequent bugs and make design and refactoring hard. I’ll show how reactive programming addresses the verbosity, eliminates the unsafety and restructures the code to aid maintainability.


The biggest advantage comes when you realize that in applying a solution to just one of these problems, you’ve gained a solution to the other three for free.

What Y2K Was Like at Microsoft

Kareem Anderson (via Hacker News):

However, in 1999, a large intersection of people were clearly preparing for the worst in the following year as the Y2K scare ran rampant across the globe. As the Y2K scare or otherwise known as the Millennium Bug, grew in myth banks, software providers, computer OEMs, and other electronic device manufacturers prepared for an estimated issue programmers were not taking into account when applying the Gregorian calendar rule to software.


Fortunately, nothing ever actually became of the Y2K pandemonium, but longtime Microsoft developer and semi-official Windows historian Raymon Chen discusses how the company prepared for a potential electronic catastrophe.

Wednesday, December 21, 2016 [Tweets] [Favorites]

My AirPods Experience

I’ve only been using them for about a day, but so far it seems like Apple got this one right. The AirPods seem to be exactly what you’d expect: OK audio, easier pairing and device switching, a bunch of nice design touches that just work. The charging case is delightful.

The biggest question mark was whether they would fit my ears and stay in. I always found the EarPods a bit loose. The AirPods look very similar but stay in much better. They don’t feel quite as solid when moving as my (now broken) Jawbone ERA headset, but they are much better than my current Plantronics M165. I did not have any problems exercising or changing my shirt.

The biggest flaw is that there are no buttons. Controlling the audio with Siri is unreliable at worst and slow at best. Not only does it take a while to speak your command and for Siri to react to it, but it even feels like a long time between double-tapping and when Siri is ready to listen. This does not seem to be due to the tap detection, because when I set double-tap to play/pause it reacts promptly. Siri also seemed very loud compared with the volume of the music and podcasts I was listening to.

As-is, the AirPods work well for general use and exercise. I’d like to see a version with more noise isolation and/or canceling for airplane use and working in noisy environments.

See also: Kirk McElhearn, David Sparks, Jason Snell, Stephen Hackett, Julio Ojeda-Zapata.

Previously: AirPods.

Update (2016-12-22): Josh Centers:

I tried a few different troubleshooting steps, including toggling Bluetooth, unpairing and re-pairing, and restarting the Mac, and this combination is eventually what worked[…]

Stephen Coyle:

Disappointingly, and contrary to what I expected, AirPods have the worst latency of everything I’ve tested so far. For context, a wired connection achieved latencies of 61ms playing Tapt, and 106ms using the iOS keyboard. The AirPods had latencies of 251ms and 296ms respectively, in the same tests. Even the worst offender in my previous test, the JBL Flip 2, achieved significantly shorter latencies (218ms and 258ms, respectively). In contrast, my £30 Brainwavz Bluetooth earbuds achieved respective latencies of 199ms and 249ms in the same two tests. I would theorise that perhaps the need to ensure both AirPods play sounds in sync necessitates some small amount of additional communication, and thus latency. Hopefully it’s something that could be improved with software updates in future. Of course any wireless technology is going to be slower than a contemporary wired solution, and I didn’t expect the AirPods’ latency to be on par with wired audio, but their failure to beat the latency of much cheaper Bluetooth earbuds is a downer.

Update (2016-12-23): I did not have problems previously, but today the left and right AirPods got out of sync five times within about 30 minutes. There was also a time when I pressed the Play button and got no audio (and no incrementing counter).

Greg Barbosa:

A few days after having received my AirPods order, I’ve quickly come to realize how the lack of accessible audio playback controls can hinder the overall experience.


Between an ever-decreasing Wi-Fi signal strength and iOS’ inability to quickly switch back to cellular, I have zero luck using Siri when walking from my front door to the elevator. Siri needs an internet connection to understand even the most basic of commands, and that’s what frustrates me most. Apple already solved this issue years ago.

Voice Control, Siri’s iOS predecessor, could handle offline requests with no issue.

See also: John Gruber, David Pogue, Benjamin Mayo.

Update (2016-12-27): See also: Accidental Tech Podcast.

PyPy’s Hash Table Implementation

Maciej Fijalkowski (via David Smith):

One surprising part is that the new design, besides being more memory efficient, is ordered by design: it preserves the insertion order.


Here, compact_array stores all the items in order of insertion, while sparse_array is a 1/2 to 2/3 full array of integers. The integers themselves are of the smallest size necessary for indexing the compact_array. So if compact_array has less than 256 items, then sparse_array will be made of bytes; if less than 2^16, it’ll be two-byte integers; and so on.

This design saves quite a bit of memory.


The obvious benefit of having more compact dictionaries is an increased cache friendliness. In modern CPUs cache misses are much more costly than doing additional simple work, like having an additional level of (in-cache) indirection.


To preserve order, when we delete an entry, we mark the entry as removed but don’t otherwise shuffle the remaining entries. If we repeat this operation often enough, there will be a lot of removed entries in the (originally compact) array. At this point, we need to do a “packing” operation, which moves all live entries to the start of the array (and then reindexes the sparse array, as the positions changed).

Previously: Accidentally Quadratic Rust Hash Tables, Exploring Swift Dictionary’s Implementation, Exposing NSDictionary.

More macOS Preview PDF Trouble

Brooks Duncan (via Eddie Smith):

In the comments to my blog post about ScanSnap on Sierra, awesome DocumentSnap reader Alex writes this:

Since updating to macOS 10.12.2 I have found that Preview destroys the OCR layer of PDFs scanned and OCR’d with the latest ScanSnap Manager software if you make any sort of edit with Preview (e.g. deleting or reordering pages). After editing and saving with Preview, the PDF is no longer searchable and text is not selectable. Managed to replicate the problem on another Mac running 10.12.2. Doesn’t seem to affect PDFs scanned and OCR’d with other scanners or applications. Just wanted to warn everyone to perhaps wait before updating, and check that they haven’t unwittingly destroyed their OCR if they have already updated.


As you can see, it seems to be something to do with Preview on macOS Sierra 12.12.2. Alex said that he didn’t see the issue with other scanners, but I ran into it with both ScanSnap and Doxie. Both of those scanners use ABBYY for OCR, so that may be relevant.

I ran into a lot of PDF bugs in macOS 10.12.0. None have been fixed, as far as I can tell, and I’ve already filed two Radars for new issues in 10.12.2. It’s sad that basic functionality remains broken for so long—especially given that PDF was an area where Apple used to excel.

Update (2017-01-02): Adam C. Engst:

It pains me to say this, speaking as the co-author of “Take Control of Preview,” but I have to recommend that Sierra users avoid using Preview to edit PDF documents until Apple fixes these bugs. If editing a PDF in Preview in unavoidable, be sure to work only on a copy of the file and retain the original in case editing introduces corruption of any sort. Smile’s PDFpen is the obvious alternative for PDF manipulation of all sorts (and for documentation, we have “Take Control of PDFpen 8” too), although Adobe’s Acrobat DC is also an option, albeit an expensive one.

In the meantime, we’ll be watching closely to see which of these PDF-related bugs Apple fixes in 10.12.3, which is currently in beta testing.

John Gruber (tweet):

On the bright side, when this happened with the iWork suite, the Mac apps eventually gained back most of the functionality that was removed for parity with iOS. But it sure seems like Apple pulled the trigger on this at least a year before it was ready.

Update (2017-01-03): Chuq Von Rospach:

“parity with IOS took priority” over backward compatibility. As it did with Keynote, Pages, Numbers, iMovie, Photos… Very Apple.

See also: MacRumors and Hacker News.

Update (2017-01-05): Lloyd Chambers:

[Data] loss supports the “disdain and contempt” theory, but does not rule out sheer incompetence.

Note the “common core” thing—a very dangerous trend for future APIs in terms of reliability, compatibility and data integrity particularly since Apple seems to have no idea what unit testing is.

Whose data of any kind is safe when Apple has no qualms about rewriting APIs that damage user files?

Farewell to the Apple Watch

Matt Gemmell:

My usage pattern was ludicrous, given what the thing can do. To me, it was a wristwatch with some notifications, and I was charging it every night. The notional benefit of long-term heart-rate monitoring (I have a heart condition) is nullified by it only taking readings every ten minutes unless you’re actively in a workout, which of course consumes a lot of power and can’t possibly be left on all day. And because of Apple Pay, I had to unlock the thing every time I put it back on.

What I actually need is something much simpler as a health tracker, and a basic timepiece. If Apple happens to make a future model with truly multi-day battery life (when tracking 2-3 workouts per day, and constant heart-rate monitoring at least every five seconds), plus an always-on time display, I might be interested again. For now, no.

I’m a different person than I was, and this kind of gadgetry needs to fade into the background. It was too demanding, in terms of the overly-clever interface of swipes and taps and wheel-spinning and button-pressing[…]

Update (2016-12-27): Kirk McElhearn:

But I’ve never been truly convinced that the Apple Watch made my life any better. So it’s time to give the Apple Watch a rest. In the next couple of days, I will remove it from my wrist and place it in a drawer. I want to ignore it entirely; I still write about this stuff, so I will test it from time to time as Apple updates the device’s software. But I don’t see any reason to keep using the Apple Watch.


Using third-party apps was a horrible experience early on, but, even now that they launch faster, I don’t find any to be useful. It’s too much of a hassle to use the tiny display of the Apple Watch when I have my iPhone handy. As such, I have only used Apple’s stock apps, with the exception of one or two apps that added complications.


One more thing, and I’ve thought this from the beginning: the Apple Watch is ugly. In ten years, when Apple has figured out how to make an attractive wearable, we’ll look back on this device the way we now look at those watch/calculators from the 1970s. It’s just unattractive design. I don’t blame Jony Ive; he had to work with the limitation of a rectangular display, and I predict that Apple will make a round one at some point, which will be a lot better looking.

Tuesday, December 20, 2016 [Tweets] [Favorites]

How Apple Alienated Mac Loyalists

Matthew Panzarino (Hacker News, MacRumors, 9to5Mac, Slashdot):

“Some folks in the media have raised the question about whether we’re committed to desktops,” Cook wrote. “If there’s any doubt about that with our teams, let me be very clear: we have great desktops in our roadmap. Nobody should worry about that.”


No mention of whether that meant iMac or Mac Pro or both, but at the very least it’s encouraging to those of us who couldn’t live without a desktop computer.

Marco Arment:

Reading between the lines: the Mac Pro is very likely dead. To Tim Cook, the iMac is the desktop, period.

Chris Adamson notes that the statement came on the third anniversary of the last Mac Pro update.

John Gruber:

I’ll note that Cook only calls out the 5K iMac — no mention of the Mac Pro.

Stephen Hackett:

He didn’t mention the Mac mini or Mac Pro. I’m sure he’s aware how long in the tooth they are, and praising them at this point would have been seen as a little ridiculous.

Mark Gurman (MacRumors, Hacker News, Slashdot, TidBITS, ArsTechnica):

Interviews with people familiar with Apple’s inner workings reveal that the Mac is getting far less attention than it once did. They say the Mac team has lost clout with the famed industrial design group led by Jony Ive and the company’s software team. They also describe a lack of clear direction from senior management, departures of key people working on Mac hardware and technical challenges that have delayed the roll-out of new computers.


Four years ago at Apple’s annual developer conference, marketing chief Phil Schiller pledged to keep the computer front and center in the company’s product arsenal. “Nobody turns over their entire line as quickly and completely as we do at Apple,” Schiller said.


In the run-up to the MacBook Pro’s planned debut this year, the new battery failed a key test, according to a person familiar with the situation. Rather than delay the launch and risk missing the crucial holiday shopping season, Apple decided to revert to an older design. The change required roping in engineers from other teams to finish the job, meaning work on other Macs languished, the person said.


In another sign that the company has prioritized the iPhone, Apple re-organized its software engineering department so there’s no longer a dedicated Mac operating system team. There is now just one team, and most of the engineers are iOS first, giving the people working on the iPhone and iPad more power.


Mac fans shouldn’t hold their breath for radical new designs in 2017 though. Instead, the company is preparing modest updates: USB-C ports and a new Advanced Micro Devices Inc. graphics processor for the iMac, and minor bumps in processing power for the 12-inch MacBook and MacBook Pro. Cue the outrage.

Dell (via Hacker News):

With the UltraSharp 4K Ultra HD display (3840 x 2160), you can see each detail of every pixel without needing to zoom in. And with 6 million more pixels than Full HD and 3 million more than the MacBook Pro, you can edit images with pinpoint accuracy without worrying about blurriness or jagged lines.


The most powerful XPS laptop we’ve ever built includes the latest 7th Gen [Kaby Lake] Intel® Quad Core™ processors and an optional 4GB GeForce® GTX 1050 graphics card with the latest and greatest Pascal™ architecture, so you can blaze through your most intensive tasks.


Supports up to 32GB of memory with a bandwidth of 2133MHz, 1.3 times the speed of 1600MHz options.

Previously: New MacBook Pros and the State of the Mac, Understanding Apple’s Marginalization of the Mac.

Update (2016-12-21): See also: Hacker News.

Update (2016-12-22): Stephen Hackett:

None of these snapshots are due to an inherent flaw with the Mac itself, but with how Apple seemingly views it.

Update (2016-12-23): Lloyd Chambers:

Properly understood, the Bloomberg article is a damning indictment of the cultural change at Apple, at least if one admires true excellence and great (not just good enough) product design.


Apple’s working model for both hardware and software is now “ship by calendar”, not “ship by quality and excellence”.

Update (2017-01-02): See also: The Talk Show and Accidental Tech Podcast.

DTrace at Home

Adam Leventhal:

I’m not the first person to hit this. The problem seems to have existed since CS6 was released in 2016. None of the solutions was working for me, and — inspired by Sara Mauskopf’s excellent post — I was rapidly running out of the time bounds for the project. Enough; I’d just DTrace it.


Looking through /usr/include/sys/resource.h we can see that 1008 corresponds to the number of files (RLIMIT_NOFILE | _RLIMIT_POSIX_FLAG). Illustrator is trying to set that value to 0x7fffffffffffffff or 2⁶³-1. Apparently too big; I filed any latent curiosity for another day.


First I used DTrace to find the code that was calling setrlimit(2): using some knowledge of the x86 ISA/ABI[…]


Instead I used lldb to replace the call with a store of 0 to %eax (to evince a successful return value) and some nops as padding[…]

Stroustrup’s Rule and Layering Over Time

Dave Herman (via Ehud Lamm):

One of my favorite insights about syntax design appeared in a retrospective on C++ by Bjarne Stroustrup:

  • For new features, people insist on loud explicit syntax.
  • For established features, people want terse notation.

I call this Stroustrup’s Rule. Part of what I love about his observation is that it acknowledges that design takes place over time, and that the audience it addresses evolves. Software is for people and people grow.

LG 5K UltraFine Display Delayed

Ben Lovejoy:

LG has confirmed that the 5K UltraFine monitor Apple recommends for use with the new MacBook Pro models has been delayed. A company representative told us that LG does not yet have a confirmed date for availability.

LG originally said ‘early December,’ while Apple was more cautious on its website, simply stating ‘December.’ As we noted last week, Apple is already leaving things rather late to allow people to take advantage of its introductory pricing …

Apple is offering the 5K UltraFine at a launch price of $974, but only up until December 31. Given that it hasn’t even opened pre-orders yet, that isn’t going to allow people much time to place their order before the price jumps to $1299.

Update (2016-12-21): Joe Rossignol:

LG’s new UltraFine 5K Display is now available for purchase for $974 on Apple’s website in the United States, with orders initially estimated to ship in 3-5 business days but quickly slipping to 2-4 weeks.

Apple has extended its $974 sale price for the display until March 31, 2017, when the price will return to $1,299.95. The discount was previously set to expire on December 31, but it was likely extended due to the display’s lack of availability until late into the month. Apple’s discount on USB-C adapters is similarly extended.

User Automation Blog

Sal Soghoian (tweet):

This website is dedicated to informing individuals about the tools at their disposal that can be used by them to control the devices they engage with and rely upon every day. I hope you find this information useful.

Alas, there is no RSS feed.

Previously: Thank You, Sal.

Monday, December 19, 2016 [Tweets] [Favorites]

Swift: Challenges and Opportunity for Language and Compiler Research

Chris Lattner (PDF, tweet, Hacker News):

That said, many of the things we talked about earlier are actually powered by the LLVM JIT, including the REPL, #! scripts, Playgrounds, and the LLDB debugger. Being able to pick and choose the right compilation model for a specific use case is a strong point of LLVM.


The compiler can optimize Swift ARC better than (e.g.) a C++ compiler can optimize shared pointers, because the language model explicitly allows early destruction of objects.


Functions normally take ownership of their arguments, so that call will have to copy each element, incrementing any reference counts inside it.

By simply annotating the argument as borrowed, we can easily avoid that, letting the function decide whether it needs to copy. This annotation also makes this method correct for collections of affine types.


Async/await are effectively proven at this point and would fit well with the Swift type system and structure, we should probably just do it.


Funny how people here mention source breaking change as the main issue with the language. I think it’s because they haven’t used swift on a large codebase. The main issue once you start to work on a big project are compiler crash and compilation time.

I really don’t understand how a compiler can crash that much ( actually i’ve been coding in many client and server languages before and it’s the first time i see a compiler crashing while i code).

I completely agree. I welcome the source breaking changes because they have made the code much better. But the compiler and editor don’t feel like they’re at a 3.x level of reliability. I don’t have a large codebase.

Sidenote: I encountered lots of PDF bugs in macOS 10.12.2 trying to select and copy/paste text from this PDF.

macOS 10.12.2: SSH Starts Asking for id_rsa Passphrase

I have an id_rsa file set up so that I can SSH and Git into my servers. The SSH keys are protected by a passphrase. ssh-agent remembers the passphrase so I don’t have to keep entering it, and it can get the passphrase from the Mac keychain so that I don’t have to enter it at all. When I updated to macOS 10.12.2, I was suddenly being prompted for the passphrase again. It seems that macOS 10.12 added a new UseKeychain option for ssh, but this didn’t affect me because it defaulted to on. As of macOS 10.12.2, it defaults to off. There was also a change in macOS 10.12 that meant keys were no longer automatically added to the agent. I don’t think this affected me because mine had already been added and I didn’t start using any new servers.

Anyway, to get back to the behavior I like where auto-login works, I set up my .ssh/config file as:

Host *
  UseKeychain yes
  AddKeysToAgent yes

Update (2016-12-22): Apple Technical Note TN2449:

Prior to macOS Sierra, ssh would present a dialog asking for your passphrase and would offer the option to store it into the keychain. This UI was deprecated some time ago and has been removed.

Instead, a new UseKeychain option was introduced in macOS Sierra allowing users to specify whether they would like for the passphrase to be stored in the keychain. This option was enabled by default on macOS Sierra, which caused all passphrases to be stored in the keychain.

This was not the intended default behavior, so this has been changed in macOS 10.12.2. To store passphrases in the keychain, set this option in your ssh configuration file[…]

Golang’s Real-Time GC in Theory and Practice

Will Sewell (via Hacker News):

In this blog post, we’ll look at Go’s garbage collector. We’ll see how it works (the tricolor algorithm), why it works (achieving such short GC pauses), and most importantly, whether it works (benchmarking these GC pauses, and comparing them with other languages).


The GC still has two stop-the-world phases: the initial stack scan for root objects, and a termination of the mark phase. Excitingly, this termination phase has recently been eliminated. We will discuss this optimization later. In practice we found the pause times of these phases to be <1ms with very large heaps.


The key takeaway from this investigation is that GCs are either optimized for lower latency or higher throughput. They might also perform better or worse at these depending on the heap usage of your program. (Are there a lot of objects? Do they have long or short lifetimes?)

Update (2016-12-20): Mike Hearn (Hacker News):

The reality is that Go’s GC does not really implement any new ideas or research. As their announcement admits, it is a straightforward concurrent mark/sweep collector based on ideas from the 1970s. It is notable only because it has been designed to optimise for pause times at the cost of absolutely every other desirable characteristic in a GC.

NSRegularExpression and Swift

Nate Cook:

Well, many NSRegularExpression methods use NSRanges, as do the NSTextCheckingResult instances that store a match’s data. NSRange, in turn, uses integers for its location and length, while none of String’s views use integers as an index[…]


With that in mind, here are a few additions to String that will make straddling the Swift/Objective-C divide a bit easier:

extension String {
    /// An `NSRange` that represents the full range of the string.
    var nsrange: NSRange {
        return NSRange(location: 0, length: utf16.count)

    /// Returns a substring with the given `NSRange`, 
    /// or `nil` if the range can't be converted.
    func substring(with nsrange: NSRange) -> String? {
        guard let range = nsrange.toRange() 
            else { return nil }
        let start = UTF16Index(range.lowerBound)
        let end = UTF16Index(range.upperBound)
        return String(utf16[start..<end])

    /// Returns a range equivalent to the given `NSRange`,
    /// or `nil` if the range can't be converted.
    func range(from nsrange: NSRange) -> Range<Index>? {
        guard let range = nsrange.toRange() else { return nil }
        let utf16Start = UTF16Index(range.lowerBound)
        let utf16End = UTF16Index(range.upperBound)

        guard let start = Index(utf16Start, within: self),
            let end = Index(utf16End, within: self)
            else { return nil }

        return start..<end

Hiding Your Action and Share Extensions In Your Own Apps

Aditya Krishnadevan:

In PDF Viewer, we use a UIActivityViewController to share PDFs. This means that our Action extension shows up in the list of actions as well! So a user would see an "Import to PDF Viewer" button inside PDF Viewer. There isn't an easily available API to prevent this from happening. However, the extension's Info.plist does have NSExtensionActivationRule inside NSExtensionAttributes.


The important bit is AND NOT (ANY $attachment.registeredTypeIdentifiers UTI-CONFORMS-TO ""). This ensures that if the UIActivityViewController is created with any items matching, your extension will not be displayed in the list of options. […] Next we need to add an item with a UTI matching to the items passed into the UIActivityViewController.

Friday, December 16, 2016 [Tweets] [Favorites]

“Untranslocating” an App

Patrick Wardle:

So, now imagine an attacker has found an legitimate signed application that attempts to load or execute some relatively external content (i.e outside it’s app bundle, but within the same download package). In the past, they could use this to bypass Gatekeeper as such external content was not verified. Now however, when the user double-clicks the application to execute it, the OS intercepts this, and will create a read-only DMG image on the fly for the application bundle, and only the application bundle. This translocated copy is then executed. Here in this new location, it will not be able find the unverified external content (as it was not copied over), and thus the attack fails.


As a security researcher/hacker, I must give a lot of kudos to Apple for (finally) fixing the underlying issue in comprehensive manner. However as developer, f**kkkkk this broke a lot of stuff.


With this information the translocated application can programmatically both remove the quarantine attribute and then re-execute the original instance of the application (e.g. in ~/Downloads). The net result of this is that the App Translocation is ‘undone’ and the application is transparently executed from its original location on a writeable filesystem.

However, this is not safe for apps that actually use external resources because it undoes the protection that App Translocation provides.

Previously: Gatekeeper Path Randomization.

Update (2016-12-19): Despite finding Wardle’s technique interesting, I should note that I agree with Apple’s recommendation to use signed disk images, which DropDMG can help you create.

GitHub’s Business

Eric Newcomer (Hacker News):

Though the name GitHub is practically unknown outside technology circles, coders around the world have embraced the software. The startup operates a sort of Google Docs for programmers, giving them a place to store, share and collaborate on their work. But GitHub Inc. is losing money through profligate spending and has stood by as new entrants emerged in a software category it essentially gave birth to, according to people familiar with the business and financial paperwork reviewed by Bloomberg.


The issue took on a new sense of urgency in 2014 with the formation of a rival startup with a similar name. GitLab Inc. went after large businesses from the start, offering them a cheaper alternative to GitHub. “The big differentiator for GitLab is that it was designed for the enterprise, and GitHub was not,” says GitLab CEO Sid Sijbrandij. “One of the values is frugality, and this is something very close to our heart. We want to treat our team members really well, but we don’t want to waste any money where it’s not needed. So we don’t have a big fancy office because we can be effective without it.”

Almost nine years old, revenue of almost $100 million per year, but losing money—I guess because they have 600 employees.

Previously: What It’s Like to Take on Venture Capital Investment.

Update (2016-12-20): Manton Reece:

These numbers seem fantastic except that GitHub is losing money overall. GitHub has transformed from a small profitable company to a large unprofitable VC-backed company.

Update (2016-12-21): Moritz Plassnig (via Hacker News):

Despite all the adoption and great numbers that I mentioned, GitHub is seeing more competition recently. GitLab is doing a wonderful job in challenging them on a product level. For many years, GitHub didn’t have any competition which naturally led to less pressure and a slower pace for releasing product improvements. This development combined with some troubling cultural issues, multiple changes in the leadership team, and an influx of cash from huge financing rounds caused a lot of employee turnover. Changing your company culture from bootstrapping, no managers, and “Optimizing for Happiness“ to being a VC-backed startup with a lot of money, directly translating into more employees, is hard - very hard.


It’s hard to analyze GitHub’s financials and metrics without having direct access to the data. With what we know from Bloomberg, GitHub is to be doing very well financially. $140M in ARR with roughly 62% YoY growth makes them an IPO candidate. GitHub historically generated the majority of their revenue without Sales and outside of the enterprise market. Their ability to move up-market, close large deals and generating more than 50% of their revenue with their enterprise product is very promising and will allow them to maintain a high revenue growth rate.

Replacing Auto Layout With LayoutKit

Nick Snyder (via Dave Verwer):

Here’s an example of a layout in the LinkedIn app. It has two labels: there’s a multi-line label on the left, and a single line label on the right. For the right label, we just want it to be as big as it needs to be to display the content. Think of it as a badge with a number. Then the left label just has some arbitrary amount of text that we want to wrap to up to two lines.

To accomplish this using Auto Layout, on the right label we give it required content hugging and required content compression resistance, so that it’s exactly the width that it needs to be. This worked fine in iOS 8, and it worked fine with all the sample data that we tested this layout with during development. But when iOS 9 launched, this caused a huge performance problem for some of our users that we didn’t know about until they started complaining.


We have Auto Layout as our baseline, 1x. You can see that if you use UIStackView, it’s actually slower than Auto Layout because it’s built on top of Auto Layout. On the right, we have manual layout. Manual layout is 9.4 times faster than Auto Layout. On the green we have LayoutKit, and LayoutKit is about 7.7 times faster than Auto Layout. Not as fast as doing manual layout, but you get a lot of nice things without having to write a lot of code.

Touch Bar Crash Protection

Daniel Jalkut:

I wrote previously about crashes related to Apple’s Touch Bar. These crashes seem to affect all apps that were built with a certain toolchain. Most likely it affects all apps that were built against an SDK of a certain vintage. For example, some of my apps that are still built against a 10.6 SDK crash on Touch Bar Macs, either frequently or infrequently, depending upon the user.

I had hoped that we might see a fix from Apple in macOS 10.12.2, but alas the issue is still there.


Poking around the AppKit infrastructure supporting the Touch Bar, I discovered a secret NSUserDefaults setting, NSFunctionBarAPIEnabled, which seems to determine whether the system exposes an app to the Touch Bar at all. It defaults to YES, but if it’s set to NO for an app, I think the app remains more or less invisible to the Touch Bar.

Worth a try if, like me, you are getting crashes in DFRFoundation/DFRElement/CALayer.

Thursday, December 15, 2016 [Tweets] [Favorites]

Another Git Catastrophe Cleaned Up

Mark Dominus:

At that point I realized that git-filter-branch also provided a less peculiar way out of the pickle once we were in: Instead of using my merge driver approach, I could have filtered the original topic branch to produce just branch B, which would have rebased onto master just fine.

I was aware that git-filter-branch was not part of my personal toolkit, but I was unaware of the extent of my unawareness. I would have hoped that even if I hadn't known exactly how to use it, I would at least have been able to think of using it. I plan to set aside an hour or two soon to do nothing but mess around with git-filter-branch so that next time something like this happens I can at least consider using it.

Update (2016-12-21): See also: Hacker News.

macOS 10.12.2 Impedes Safari Bookmarklets

Daniel Jalkut:

Safari Bookmarklets that invoke a custom scheme yield a warning like this in 10.12.2.

There’s a Cancel/Allow confirmation alert each time you invoke the bookmarklet, even multiple times for the same app in the same session. It’s really annoying. I often use to bookmarklets to create blog posts in MarsEdit and to archive Web pages in EagleFiler.

Nick Heer:

The (relatively recently) redesigned confirmation dialogs don’t help matters. I thought it was a scam on first sight.

Some people say that Safari’s newish iOS-style alerts are supposed to help users distinguish alerts that Web sites create via JavaScript from alerts created by apps or the system. That makes it harder for a site to trick you. That sounds nice in theory, but of course the distinction is absent on iOS. And, more importantly, why then is Safari presenting this bookmarklet alert as if it were from JavaScript?

eBay Is for Suckers

Matthew Sag (via Jeff Atwood):

The wonderful thing about eBay when it first arrived was that it freed so many people from the tyranny of small markets. eBay provided a marketplace where trust was built on reputation and feedback and the size of markets was only constrained by the cost of shipping. Recently, however, eBay has reengineered its services so that buyer trust is based on a seemingly absolute guarantee that the seller will always lose in any dispute.

No one should be surprised that unscrupulous buyers use eBay to commit fraud on unsuspecting sellers. What surprised me was the extent to which eBay now facilitates this fraud through its “buyer protection program”. In October this year I listed a very slightly used iPhone 6S for sale on eBay and was quite satisfied when it eventually sold for $465. This satisfaction was short-lived, however, as I came to realize that I had been taken in by an eBay scammer.

If at all possible I sell via Amazon or Gazelle. Their Web sites are much better designed, too.

eBay is still great for buying hard-to-find items. I no longer use it for deals on common items, because, even though you have a lot of protection as a buyer, it takes a lot of time to actually get your money back.

The Businesses Apple Has Left Behind

Stephen Hackett:

This year, Apple has exited the external display business and is rumored to be discontinuing its AirPort wireless routers.

These developments have left a bad taste in many users’ mouths, but 2016 isn’t the first time Apple has shuttered an entire product line.

By my count, there are five major categories of products or devices that Apple has abandoned over the years.

Evernote Privacy Policy

Evernote (via Ragnar Tørnquist, Rob Price, Hacker News):

To get there, Evernote data scientists need to do spot checks as they develop the technology. If you choose to participate, they’ll see random content, but they won’t know who it belongs to, and they’ll only see the snippet they’re checking. Not only that, but if a machine identifies any personal information, it will mask it from the employee. If you choose not to participate, your notes will not be included in this research.


If you do opt out, however, you may not be able to get the most out of your Evernote experience. And please note that you cannot opt out of employees looking at your content for other reasons stated in our Privacy Policy (under the section, "Does Evernote Share My Personal Information or Content?").

Jeff Benjamin:

That’s not to say that I agree with Evernote’s policy, but understand that this update isn’t really changing much from what’s already possible with the currently existing policy.

Tim Hardwick:

Evernote says that only a limited number of employees who have undergone background checks will be able to access note content and that users can encrypt notes to prevent staff from reading them.

Update (2016-12-16): Husain Sumra:

Evernote tonight announced that it no longer plans to implement a controversial new privacy policy that caused some Evernote users to threaten to stop using the service.

Tuesday, December 13, 2016 [Tweets] [Favorites]

The Discrete GPU and You

Chris Liscio:

The combination of a dGPU and lower-capacity battery means that the practical battery life of these machines gets cut in half (or worse) when the dGPU is active. I’m not sure that previous models had nearly as bad a “battery life delta” as these ones, but boy-howdy is it noticeable in practice on this system.


This whole problem can be very easy to solve. You just have to set NSSupportsAutomaticGraphicsSwitching key to YES in your application’s Info.plist. The trouble is that an OpenGL context is being created, which defaults to switching the dGPU on. Enabling this flag in the plist will very likely fix the problem on its own, as the frameworks should Do the Right Thing (more details below) if they need access to OpenGL.


To solve the bug I had, it turned out that I was making a call to -[NSOpenGLContext clearDrawable] in the dealloc method of my custom NSOpenGLView. My NSOpenGLContext was already destructed, and a whole new NSOpenGLPixelFormat was getting created and kicked the GPU on again. The call I should have used instead was -[NSOpenGLView clearGLContext] (though I don’t even know if that’s really required, to be honest.

Previously: macOS 10.12.2 Removes Battery Time Remaining Estimate, gfxCardStatus.

Update (2016-12-13): McCloud:

you can explicitly ask CoreGL not to turn on the discrete GPU

You need to create your context with kCGLPFASupportsAutomaticGraphicsSwitching - won’t trigger discrete transition.

Uber Whistleblower on Location Privacy

Will Evans (via Christopher Soghoian, Hacker News):

“Uber’s lack of security regarding its customer data was resulting in Uber employees being able to track high profile politicians, celebrities, and even personal acquaintances of Uber employees, including ex-boyfriends/girlfriends, and ex-spouses,” Spangenberg wrote in a court declaration, signed in October under penalty of perjury.

After news broke two years ago that executives were using the company’s “God View” feature to track customers in real time without their permission, Uber insisted it had strict policies that prohibited employees from accessing users’ trip information with limited exceptions.

But five former Uber security professionals told Reveal from The Center for Investigative Reporting that the company continued to allow broad access even after those assurances.


In addition to the security vulnerabilities, Spangenberg said Uber deleted files it was legally obligated to keep. And during government raids of foreign Uber offices, he said the company remotely encrypted its computers to prevent authorities from gathering information.

Nick Heer:

In separate news, Uber recently updated their privacy policy to allow tracking users’ location data for up to five minutes after exiting the vehicle.

Oluseyi Sonaiya:

Let’s not forget that Google exposed people’s private information on the basis of an automatic social graph constructed from their email.

All of which is to say that while Uber’s privacy violations are symptomatic of organizational failure, all information caches are vulnerable.

Update (2016-12-15): Anita Balakrishnan (via Slashdot):

It’s absolutely untrue that ‘all’ or ‘nearly all’ employees have access to customer data, with or without approval,” Uber said. “We have built [an] entire system to implement technical and administrative controls to limit access to customer data to employees who require it to perform their jobs. This could include multiple steps of approval—by managers and the legal team—to ensure there is a legitimate business case for providing access.”

Update (2016-12-20): John Gruber:

I don’t trust Uber. But we can collectively verify that in this case, they’re doing exactly what they say they’re doing.

Update (2016-12-22): John Gruber:

Daring Fireball readers on Twitter started sending me screenshots of their Location Services settings, showing that the Uber app is still checking for their location days or even weeks after they last used the app.

Update (2016-12-27): John Gruber:

I think this might explain it. I’m thinking Apple should change this so that these extensions only load when you tap the “Ride” tab in Maps. As it stands now, they load (and check your location) every time you enter the Maps app, period.

macOS 10.12.2 Removes Battery Time Remaining Estimate

Jim Dalrymple (MacRumors, Hacker News, 9to5Mac, Slashdot):

Some users have reported problems with battery life, but Apple told me that after a lot of testing they stand behind the 10 hour battery life with the new MacBook Pro.

However, to help users better determine the battery life, Apple has removed the “time remaining” indicator from the battery icon in the menu bar with the latest update. You can still see the image on the top of the screen, and you can see the percentage, but you will no longer be able to see how much time is remaining before your battery dies.

The reason for removing it is very simple: it wasn’t accurate.

John Gruber:

This is like being late for work and fixing it by breaking your watch.

Benjamin Mayo:

My personal experience is that this estimate was always widely inaccurate on every MacBook I’ve owned. It would change erratically and jump from seven hours to three hours on a whim, based on whatever intensive task was just opened. Its removal doesn’t come as a hindrance, therefore, because I was never really basing my computer usage around what that readout said. Some Windows manufacturers have already removed battery time estimates from their PC laptops.

The new update makes the Mac mirror how iOS has always worked[…]

I tend to think that an inaccurate (but constantly updating) estimate is better than none. Otherwise, people will have to make their own estimates, which takes attention and is likely to be even less accurate. I never liked how the estimate claimed to be accurate down to the minute. I would like to see an estimate with fewer significant digits, both to hide the erratic changes and to avoid over-representing the accuracy.

Secondly, would this have even become an issue if Apple hadn’t made the new MacBook Pro’s battery smaller? This smells like a software bandaid for a hardware problem, like when they responded to antenna problems by making the iPhone signal strength bars taller.

Update (2016-12-13): Marco Arment:

My 15-inch 2016 MacBook Pro with Touch Bar is pretty good in most ways, but it’s a noticeable regression in battery life from the previous generation. Apple claims it lasts 10 hours, but I’ve never gotten that — in a fairly light web-productivity workload, I average around 5–7 hours, and if I’m using Xcode, I’m lucky to get 4–5 hours.


Having used Apple laptops for over a decade, I’ve always found the time-remaining estimate to also be a good indicator of how much power I’m burning with my current activities so I can “budget” my battery usage when I’m going to need it.


A percentage only tells you the current state, not the rate of change — it would take much longer to notice an unexpected power drain from the percentage alone.

Mike Flegel:

“Mileage estimates in a Tesla depend on a lot of factors, so we’re going to get rid of Distance-to-Empty. You’re welcome.”

Update (2016-12-14): John Gruber:

I know iOS has never had a time remaining estimate. That’s fine for iOS. I think it’s useful on MacBooks, especially just as a loose estimate.


On iOS, the battery % indicator is not a battery % indicator. It’s a time remaining, converted to % with some fudge factors.

This is why on iOS you can sometimes see the battery % go up after you exit a power hungry app.

There is more information about that here and here.

Update (2016-12-15): You can still get time remaining estimates using Activity Monitor, iStat Menus, Outlet, and pmset.

Update (2016-12-27): Kaspars Dambis (via Hacker News):

Assuming that macOS is pulling the battery estimates from the TI chip (see pages 16 and 17 of the datasheet for all the available data fields) it is possible that the algorithms used by the chip don’t account for certain power usage behaviours of various components (for example, power saving modes) which produced wildly inaccurate estimates.


Here is a great paper on the internals of the MacBook battery by Charlie Miller and a video of his talk at DEFCON 2013 on the same subject[…]

Monday, December 12, 2016 [Tweets] [Favorites]

The Opportunity of Swift on the Server

Stephan Knitelius (via Chris Lattner):

Java and other languages that compile to Java byte code run on the JVM. In a world of Docker containers the JVM is just yet another layer eating up resources. The claim “write once run any where” is just as true for a Swift applications packaged into a Docker container as for a Java Application running on top of a JVM.

Running an application in JVM, that is running in a Docker container, that is running on a virtual host seems rather ludicrous. Swift compiling to native machine code, has the advantage of a rather small memory footprint. When running hundreds or thousands of instances, as many tech companies do, even saving a couple of MB on memory footprint generates real business incentive.


Also garbage collection comes at a high cost. Employing concurrent mark and sweep algorithms, it still requires more memory and CPU cycles then immediately assigning and releasing memory as needed.

Insanity: Template-Based Code Generation for Swift

Krzysztof Zabłocki (tweet):

Swift is a beautiful language that powers a lot of great iOS apps. Unfortunately it features very limited runtime and no meta-programming features. This has led our projects to contain a lot of duplicated code patterns, they can be considered the same code, just with minimal variations.


Insanity is a tool that scans your source code, applies your personal templates and generates Swift code for you, allowing you to use meta-programming techniques to save time and decrease potential mistakes.

Soroush Khanlou:

Codegen is gonna become a crucial part of Swift development in not very long.

Update (2016-12-12): Martin Pilkington:

I can’t help but feel that code generation is a code smell. Shows a language/API weakness.

Update (2016-12-13): Krzysztof Zabłocki:

Insanity has been renamed to Sourcery, and we just released 0.3.0 version, old links / remotes should work fine.

Mac Users Switching to Surface

Brian Hall (9to5Mac, MacRumors, Hacker News):

Our team gets so excited about meeting new Surface users and hearing their feedback, and we get to meet a lot more this holiday season! From Surface Pro, to Surface Book, to Surface Studio, to Surface Hub, we’re having our best holiday ever.


More people are switching from Macs to Surface than ever before. Our trade-in program for MacBooks was our best ever, and the combination of excitement for the innovation of Surface coupled with the disappointment of the new MacBook Pro – especially among professionals – is leading more and more people to make the switch to Surface, like this. It seems like a new review recommending Surface over MacBook comes out daily.


I’m one of the people that switched from a MacBook Pro to the new Surface Book.

The entire experience was dreadful for me.


As far as the actual product goes - I found the trackpad to be lacking. It just felt a bit buggy and non-responsive at times. I have yet to find a trackpad as solid as the ones that Apple ship. This became more apparent of time after using the product. Aside from the trackpad I don’t have too many complaints, except for things that are of personal preference (I can’t say I like the design / functionality of the snake hinge). I also realized, as mainly a pro user, that I don’t have much use / need for the touch screen or tablet portion of the device.

Which Macs Are People Using?

I’ve been thinking about the Mac lineup lately. When will Apple updates its desktop computers? And, when it does, should I switch back to using a desktop as my primary computer? There’s been a lot of talk lately about how notebooks have really taken over and how Apple doesn’t update the Mac mini and Mac Pro very often because they don’t sell well. This may be true (and also partly a self-fulfilling prophecy). However, I can say that people definitely do use them. Here are some recent statistics from my customers:

40%MacBook Pro
10%Mac Pro
8%MacBook Air
6%Mac mini

Of course, these numbers are not representative of the Mac market as a whole. My customers are probably slightly more technical than Mac users in general, though not as much as you would think. All I know for sure is that they represent people who pay for software and have great taste.

Starting at the top, I think most people would have expected the MacBook Pro and iMac to dominate. You might not expect to see 10% using Mac Pros, when the Mac Pro hasn’t been updated since 2013. The number for the Mac mini is probably better than you would expect, too, considering that it’s rarely talked about and surely many of them are used as servers. There’s actually a 50:50 split between notebooks and desktops. Apple has got to be selling more notebooks now, but desktops probably stay in use longer.

The numbers for the MacBook seem really low to me. The 2% (1.68% before rounding) includes both the MacBook One and the plastic MacBook that was discontinued in early 2012. The 12-inch MacBook never seemed attractive to me—overpriced and underpowered, not to mention the keyboard—but I would have expected to see more people using it. There are already 1.49% using the new MacBook Pros with Touch Bar, despite shipping delays. It’s frustrating that Apple sees the MacBook One as a worthwhile niche but doesn’t want to make a high-end MacBook Pro with a larger display, more RAM, a real keyboard and trackpad, etc.

A few more notes:

Update (2016-12-12): Seth Willits:

My customers: Prosumer app very close to yours, though MBA and MP are switched. Pro app: 70% MBP, iMac 15%. Same order below.

Friday, December 9, 2016 [Tweets] [Favorites]

Accidentally Quadratic Rust Hash Tables

Accidentally Quadratic:

I enjoy this bug for at least two reasons: One, it’s fun technically, allowing us to take a brief deep dive into hash-table implementation – something most of us are normally able to treat as a solved problem – and two, it’s a great example of subtle quadratic behavior in a system specifically designed by smart and well-informed developers to avoid the possibility of accidental quadratic behavior!


Robin Hood hashing improves on linear probing with a simple trick: When you’re scanning forward from H%N, look at each element you encounter. If the inserting element is further from its “natural” bucket than the element in the bucket you’re considering, then swap the new element and the element in that bucket, and continue scanning with the other element.


Rust’s problem arises when you iterate over one table and insert the resulting entries into another table. The problem occurs because iteration over a hash table [proceeds] by walking the backing array of the hash table directly. This results in yielding entries approximately in hash order, which turns out to be fatal when combined with the other elements of Rust’s [implementation].

Via Alexis Beingessner:

Meanwhile Swift’s Dictionary is just plain old First Come First Serve with Java-style hash codes. Lots of work to do there!

Previously: Exploring Swift Dictionary’s Implementation, Exposing NSDictionary.

How to Unit Test Private Methods in Swift

Bart Jacobs:

While access control is a very welcome addition with many benefits, it can complicate unit testing, especially if you are new to unit testing. You probably know that you can apply the testable attribute to an import statement in a test target to gain access to entities that are declared as internal.

While this is a convenient addition, it doesn’t give you access to private entities in a test target.


The key takeaway of this article is that private entities don’t need to be unit tested. Unit testing is a form of black-box testing. This means that we don’t test the implementation of the AccountViewViewModel struct, we test its specification.

This doesn’t mean that we are not interested in the implementation, though. We need to make sure the suite of unit tests covers every code path of the entity we are testing. Code coverage reports are invaluable to accomplish this.

I don’t find this very persuasive.

iOS App Rejected for Using Pre-selected RSS Feeds

Mike Rundle:

Now I know what was taking so long. Rejected because I use… public RSS feeds like 100 other apps. Thanks, Apple.

Well, Apple denied my appeal. Interesting (simple news app with pre-selected RSS feeds) is no longer allowed under App Store Guidelines.

Their explanation centered around users needing to add the RSS feed themselves (OK) vs. pre-configured list (Not OK.) Makes no sense.

Update (2016-12-10): The app in question is Interesting.

Federico Viticci:

This App Review rejection is lame and makes no sense. No curated news apps? What’s the harm?

John Gruber:

That’s crazy. Surely there are a slew of RSS readers already in the store with default subscription lists.

Mike Rundle:

I can’t even believe this now. People on the App Review Board have potentially never used an app before.

Apple says that any app that loads content from Reddit must open all URLs externally into Safari. Opening inside the app is forbidden.

Super Mario Run

Andrew Webster:

Now Nintendo is finally moving with them. Next week will see the launch of Super Mario Run on iPhone and iPad (an Android version is coming later), marking the first proper Nintendo-developed game on a mobile device. It’s a very different tactic compared to the “blue ocean strategy.” Instead of creating its own space, Nintendo is diving into one of the most crowded and competitive markets around, going up against the more than 2 million apps available in Apple’s digital marketplace. But with that comes a great opportunity. While Nintendo’s best-selling hardware reached 150 million people, Apple sold its billionth iPhone this summer. It’s a chance to introduce a new generation of players to the company’s characters, just as the original Super Mario Bros. did on the NES more than 30 years ago.


Miyamoto says that Nintendo has been toying with the idea of a one-button Mario game since the days of Wii. “As we were doing those experiments, we thought that that kind of approach would perhaps best be suited to iPhone,” he says. “So that became the basis for Super Mario Run.” But whether it was for Wii or iPhone, the goal behind this streamlined Mario was the same: to bring the distinct flavor of Super Mario to as many people as possible. “Nintendo has been making Mario games for a long time, and the longer you continue to make a series, the more complex the gameplay becomes, and the harder it becomes for new players to be able to get into the series,” Miyamoto says. “We felt that by having this simple tap interaction to make Mario jump, we’d be able to make a game that the broadest audience of people could play.”

Mitchel Broussard:

Shigeru Miyamoto has confirmed that Nintendo’s upcoming iPhone game Super Mario Run will require an always-on internet connection to play, which Miyamoto said is “a requirement that’s been built into the game to support security.” The security element is one of the big reasons why the company decided to launch on iPhone first, Miyamoto said, and it helps the game’s three separate modes function together while always keeping the software secure and safe, preventing piracy in the process (via Mashable).

This is to prevent piracy.

Update (2016-12-10): John Gruber:

But people on planes and subways do play games on their phone.

UPDATE: Another big problem: kids with iPod Touches and old SIM-less iPhones.

Update (2016-12-16): Tim Hardwick:

Undoubtedly many users tapped or clicked the button thinking they would be first to play Nintendo’s debut title on iOS. But the delay between the game’s appearance in the App Store and the actual delivery of notification prompts has left many users skeptical of the feature.

I never received the notification.

See also: Marco Arment on the e-mail notification.

I loved the original Super Mario Bros. but find Super Mario Run rather boring.

John Gruber:

The first-run on-boarding process is clunky though. You have to pick your country, and the United States is way down at the bottom of a long alphabetically sorted list. I’d rather be asked to grant access to my location — my phone knows where I am. And there was some confusing shit about creating a Nintendo account.

Update (2016-12-19): I have been reading that Super Mario Run doesn’t follow the App Store guidelines and ties its in-app purchase to your Nintendo account instead of to your Apple ID. If you don’t have a Nintendo account, you can’t restore your purchase.

Update (2017-01-02): Madeline Farber (via fuckingappstore):

Reviews in Apple's App Store (so far, the game is only available on iPhone) show an average rating of two and half stars out of five. Overall, there have been nearly 50,000 reviews. Its reviews make it among the lowest rated app among those at the top of the download rankings, according to Bloomberg.

Thursday, December 8, 2016 [Tweets] [Favorites]

How to Do XCTestCase tearDown Wrong (and Right)

Jon Reid (via Natasha Murashev):

In other words, it builds up the entire set of XCTestCase instances before running a single test. […] setUp and tearDown were invented because the entire collection of test cases is created up front. They provide the hooks to manage object life cycle in tests.

This has two important implications:

  1. Anything automatically created as part of the XCTestCase’s initialization will exist too soon.
  2. Anything not released in the tearDown will continue to exist, even while other tests run.

Think of any object that alters global state, and shudder.

Which is too bad because the Swift code isn’t as clean when everything has to be optional, since it isn’t initialized in init.

Method Dispatch in Swift

Brian King:

Compiled programming languages have three primary methods of dispatch at their disposal: direct dispatch, table dispatch, and message dispatch, which I explain below. Most languages support one or two of these. Java uses table dispatch by default, but you can opt into direct dispatch by using the final keyword. C++ uses direct dispatch by default, but you can opt into table dispatch by adding the virtual keyword. Objective-C always uses message dispatch, but allows developers to fall back to C in order to get the performance gains of direct dispatch. Swift has taken on the noble goal of supporting all three types of dispatch. This works remarkably well, but is a source of confusion to many developers, and is behind a number of gotchas that most Swift developers have encountered.


So, how does Swift dispatch methods? I haven’t found a succinct answer to this question, but here are four aspects that guide how dispatch is selected:

  • Declaration Location
  • Reference Type
  • Specified Behavior
  • Visibility Optimizations


Above, I mentioned that methods defined inside the initial declaration of an NSObject subclass use table dispatch. I find this to be confusing, hard to explain, and in the end, it’s only a marginal performance improvement.

Swift extensions use direct dispatch (less dynamic than in the class declaration), while NSObject extensions use message dispatch (more dynamic than in the class declaration). Then he gives an example where an NSObject override method is not called because it’s in an extension rather than directly in the subclass; the location of the initial declaration matters. Also, you can override NSObject extension methods but not Swift ones. And don’t forget protocols. It’s all rather confusing.

Update (2016-12-10): See also: Ling Wang.

Making Sense of Color Management

A Book Apart:

Get clarity in the tricky endeavor of managing colors from initial design to final product. Learn why colors shift, the science behind the human eye and color profiles, and how to set up your image editor and development environment for consistent color. Craig Hockenberry takes you through every step of color management, with indispensable advice on readying your work and workflows for new technologies.

Update (2016-12-09): Craig Hockenberry:

As a developer, you might be interested in taking a look behind the curtains at the book’s mini-site. You’ll find additional articles, new markup for the web, and sample code for both iOS and macOS. The book provides essential background for these examples, but it will give you a taste of what you’ll be learning.

Update (2017-01-03): See also: John Gruber.

The Slowness of Archive Utility

Rob Griffiths:

Not only is this randomly-resizing dialog box visually annoying, it turns what should be a super-fast process into one that takes a ridiculous amount of time. The end result is that users think they have a slow machine—”it took over 12 seconds to expand 25 tiny little archives!”—when what they really have is a horrendously slow GUI interface to a super fast task.

It took just 0.013 seconds with gzip Terminal.

Update (2016-12-09): Nick Heer:

[…] many archives will take less than a second to expand using the Terminal. Those files should, ideally, be unarchived in place, without opening an additional window.

Wednesday, December 7, 2016 [Tweets] [Favorites]

Swift Optionals and String Interpolation

Ole Begemann:

Do you know this problem? You want to display an optional value in the UI or log it to the console for debugging, but you don’t like the default string conversion for optionals, which results in either "Optional(…)" or "nil".


The problem with the third option is that the nil-coalescing operator ?? requires matching types — if the left operand is a T?, the right operand must be a T. Applied to the example above, this means I can provide another Int as a default value, but not a string — which is what I’d like to do in this situation.


I solved this by defining my own custom optional-string-coalescing operator.

Transferring Photos to a New Mac

Becky Hansmeyer:

The next thing I wanted to do was move my Photos and Music libraries over. I dug into my last Time Machine backup and transferred the 90GB Photos library file to my new Mac. However, when I opened Photos, things got…weird. Only a few thumbnails appeared, and Photos refused to let me switch on iCloud Photo Library without purchasing more space, because it was planning to re-upload everything. I went ahead and upgraded to the next storage tier hoping that Photos would check with the server, realize it didn’t need to re-upload everything, and calm the heck down. I was wrong.

So, I closed the program, trashed the library, and started over. This time I switched on iCloud Photo Library to begin with. All of my thumbnails appeared, and Photos started downloading all 11,000 photos and 200+ videos from the cloud. Although not ideal, this was the better option for me because my download speed can top out at 10Mbps while my upload speed is only 0.73Mbps. As of right now, 6 days later, there are ~2,500 left to download.

Still, I can’t believe Photos forces users to either re-upload everything or re-download everything if they use iCloud Photo Library.

If you can’t practically transfer the Photos library, then it sounds like you would have to re-tag all the faces.

Finder Keyboard Shortcut to Show Invisible Files

Quinn Taylor:

macOS 10.12 #protip: Finder supports ⇧⌘. to toggle visibility of hidden files, just like Open/Save panels have for a while.

That’s Shift-Command-Period.

Why Does calloc Exist?

Nathaniel J. Smith (via Hacker News):

So there are lots of books and webpages out there that will claim that the calloc call above is equivalent to calling malloc and then calling memset to fill the memory with zeros[…] So… why does calloc exist, if it’s equivalent to these 2 lines? The C library is not known for its excessive focus on providing convenient shorthands!


When calloc multiplies count * size, it checks for overflow, and errors out if the multiplication returns a value that can’t fit into a 32- or 64-bit integer (whichever one is relevant for your platform).


So that’s the first way that calloc cheats: when you call malloc to allocate a large buffer, then probably the memory will come from the operating system and already be zeroed, so there’s no need to call memset. But you don’t know that for sure! Memory allocators are pretty inscrutable. So you have to call memset every time just in case. But calloc lives inside the memory allocator, so it knows whether the memory it’s returning is fresh from the operating system, and if it is then it skips calling memset.


It turns out that the kernel is also cheating! When we ask it for 1 GiB of memory, it doesn’t actually go out and find that much RAM and write zeros to it and then hand it to our process. Instead, it fakes it, using virtual memory[…]


That’s a nice alternative history fiction.

Here’s an early implementation [that just calls malloc].


There are several interesting things we learn from poking around V6 though:

  • calloc originated not on UNIX, but as part of Mike Lesk’s “iolib”, which was written to make it easier to write C programs portable across PDP 11 UNIX, Honeywell 6000 GCOS, and IBM 370 OS[0]. Presumably the reason calloc is the-way-it-is is hidden in the history of the implementation for GCOS or IBM 370 OS, not UNIX. Unfortunately, I can’t seem to track down a copy of Bell Labs “Computing Science Technical Report #31”, which seems to be the appropriate reference.
  • calloc predates malloc. As you can see, there was a malloc-like function called just alloc (though there were also several other functions named alloc that allocated things other than memory)


OpenBSD added calloc overflow checking on July 29th, 2002. glibc added calloc overflow checking on August 1, 2002. Probably not a coincidence. I’m going to say nobody checked for overflow prior to the August 2002 security advisory.


It is not only a security flaw but also violation of C Standards (even the first version ratified in 1989, usually referred to as C89). […] So if it cannot allocate space for an array of nmemb objects, each of whose size is size, then it has to return null pointer.


And then there’s of course when calloc returns non-zeroed memory once in a while, which causes... ‘interesting’ bugs.

Tuesday, December 6, 2016 [Tweets] [Favorites]

Apple’s Support Gap

Nick Heer:

I’ve been trying to book some time at my local Apple Store to get my iPhone’s battery swapped, and it has not been easy — at least, not compared to the way it used to be. Previously, I’d open the Apple Store app on my phone, open up my store’s page, and tap the button to get support. I could easily make a Genius Bar appointment from there with just a few taps.


Once you’re directed to Apple’s support site, you’re in for another blow: it’s probably the least-stable online service Apple offers, in a really big way. It frequently doesn’t load at all; when it does, I often see some form of server-side failure midway through the booking process. This isn’t new — a friend of mine asked me several months ago to help him book an appointment because the website wasn’t loading for him, and I wasn’t able to make it work either.

Marco Arment:

Even then, for me, it usually takes 3+ days to get an appointment, or a 2-hour walk-in wait.

My iPhone 6s suffers from the unexpected shutdown issue. When I talked with Apple about what to do, I had two options. I could do a mail-in repair, which would mean not having a phone or camera for a week or so. Or I could wait 2+ weeks until one of the local Apple Stores might be accepting appointments to replace the battery. (There is apparently a shortage of replacement batteries.) Even if I could get an appointment, this would be a big time commitment, as the closest store is about two hours away. So far, I’ve opted to do nothing in the hope that sometime I will happen to be near an Apple Store and be able to make a last-minute appointment. I’m also considering whether I should stop selling my old iPhones when I upgrade, so that I’ll have a spare.

Update (2016-12-07): It turns out that my local Best Buy, only 15 minutes away, offers iPhone battery replacement services. However, they do not expect to have batteries in stock anytime soon. Another local Apple service provider, which previously did not service iPhones, says that they do not have batteries in stock but can get one within three days after verifying that an iPhone 6s is eligible.

Ben Lovejoy:

Apple initially said that it found that battery components in a particular batch of iPhones were exposed to the air for too long before assembly, causing the batteries to cut out. It has now updated its statement to say that some customers with phones from outside this batch have also experienced shutdowns, and that it will be issuing an iOS update to help track down the cause…

Update (2016-12-12): Dr. Drang:

The first thing I learned at our appointment was that the store had no batteries in stock and we might have to wait up to two weeks for them to come in (that was an overly pessimistic estimate). We were assigned to a store employee who checked the condition of our phones and filled out all the forms necessary for the replacement. She also walked us through the steps of turning off Find my iPhone, but she didn’t have us erase any data. The replacement, she said, would take an hour or two to perform.

One thing that surprised me was when she asked for our phones’ passcodes and typed them into the form she was filling out on her iPad. I guess it makes sense that they need the passcode to turn the phone on and test it after replacing the batteries, but I was taken aback by the sort of matter-of-factness with which she asked for the keys to all our data. I changed the passcode after I got the replacement, but had I known ahead of time that they’d need it, I would have created a temporary code for the store to use and then changed it back to my regular code afterward.

We left the store without new batteries or any concrete sense of when we’d get them.

Update (2016-12-27): Dr. Drang:

I’ve never had bad service at an Apple Store before. They’re very busy, and service is never instant, but I understand that and have always been happy with how I’ve been treated. This, though, was a pile-on of what used to be considered very un-Apple-like behavior. Whatever system they’re using to track customers and service requests failed 2–3 times on the same request. Both my wife and I wrote about the problems on the customer feedback forms we got from the store.

Is this whining? If I were dealing with a discount store, I’d say yes. But expectations for Apple are higher, commensurate with the price you pay for their products and the quality image the company projects.

David Heinemeier Hansson:

Need iPhone repaired. Didn’t have patience for Genius route. Tried setting up mail service. 5 reps and 2.5 hours later I’m still on hold.

Update (2017-01-02): Joel Spolsky:

Bought new MacBook Pro. One of the keys didn’t work unless you really whacked it. Spent 4 weeks waiting for a replacement from Apple

Update (2017-01-03): David Heinemeier Hansson:

Remember those 3h I spent with Apple Support to get my iPhone registered for a screen change? Well, they just sent my phone back, no fix ;-(

Despite being willing to pay whatever for the screen change, scratch apparently wasn’t big enough for them to act. Need to smash it more ;-(

Dealing with Apple Support really is akin to DMV. You wait in line forever to be served. Then they send you to the back with “wrong form!”

How to Disable Magic Mouse Scrolling

Brian Dunagan:

Yes, yes, multi-touch is amazing. Unless you’re my grandmother, and you’re just trying to use the mouse that came with the computer to get your email. She was constantly getting frustrated with how Magic Mouse responded to her touch rather than her click, so I disabled the multi-touch features.

My grandmother had the exact same problem. He has a list of Terminal commands to disable scrolling entirely. I think you can turn off inertial scrolling in the Accessibility pref pane, and you can turn off gestures in the Mouse pref pane, but there’s no checkbox for scrolling itself.

Distributed Visa CVC Guessing

Juan Buis (via Andrew Abernathy):

According to research from the University of Newcastle, there’s a gaping hole in credit card security that makes it easy for hackers to retrieve sensitive information. The researchers discovered that if guesses for the card’s CVC number are spread out between a lot of different websites, the card’s security systems aren’t triggered and the owner isn’t notified that a fraudulent activity might be taking place. The video above shows it only takes six seconds for a specially designed toolkit to reveal a card’s secure code.


Only Visa cards are susceptible to the security flaw, as other card issuers like MasterCard track the hacker’s guessing efforts across different websites. The Visa ecosystem, however, isn’t setup to take actions on multiple websites into account.

Anil Dash Is the New CEO of Fog Creek Software

Joel Spolsky (Hacker News):

In short, we need Anil to help support us with ideas and leadership for HyperDev (now renamed Gomix) and any future products we come up with, and we need his soapbox and industry connections to continue to keep Fog Creek Software relevant. Thus I think the perfect position for him is as CEO of Fog Creek Software.

A typical startup is built around a single product, and some theory that people will pay money for that product. This theory eventually become false, and the company goes away. But Fog Creek was different. We were just a place where great people come together to build great things. People come here because of the other people that are here. And that makes it fundamentally much stronger and longer lasting.

That sounds great for the employees and company, but I was really hoping to read about a strong commitment to continuing to improve the supposed flagship product, FogBugz.

Benjamin Pollack:

The downside, of course, is redundancies and frayed vision. In a world where Trello and StackExchange remained at Fog Creek, I can imagine Fog Creek being the productivity company, with all of these tools tightly integrated à la Microsoft Office and presenting a coherent vision of how to develop software. You won’t get that if you’re spread across multiple companies. And, of course, you can end up in situations where, specifically because of all the reasons I pointed out above, two of your companies are going at each other a bit (e.g. Trello vs. FogBugz), which, even if subtle (those products don’t honestly actually compete much), means you’re spending at least some money competing with yourself. And, of course, you lose out on being able to easily move employees from one company to another, reusing technology amongst multiple companies, etc.

See also: what happened with Co-pilot and Kiln.

Update (2016-12-07): Anil Dash:

Fog Creek’s flagship product FogBugz has long been the best tool for helping teams make great software — I know because we used to use it to make Movable Type and TypePad back when I was helping get those products off the ground a decade ago.

Monday, December 5, 2016 [Tweets] [Favorites]

Guarding Against Long Swift Compiles

Soroush Khanlou:

In May, Jordan Rose added a Swift flag for emitting warnings whenever a function takes longer than some threshold to compile. You can leave this flag enabled in your project, and it will warn you whenever any slow functions are added to the project.


Add two flags: -Xfrontend and -warn-long-function-bodies=100, where 100 is the number of milliseconds you’d like the warning threshold to be

Previously: Exponential Time Complexity in the Swift Type Checker.

Update (2016-12-06): Simone Manganelli:

Haven’t seen anyone warn about this, but merely enabling these debugging flags can cause compile time to drastically increase.

The Operating System Fountain of Youth

Jean-Louis Gassée:

Today, macOS is a fully-grown computer operating system, pleasant, fast, flexible. But it’s also enormous — RAM and disk storage requirements are measured in gigabytes — and it isn’t exactly bug-free. An ex-Apple acquaintance recently told me there are something like 10,000 “open” bugs on an on-going basis. The number that are urgent is, of course, a fraction of the gamut, but like any mature operating system, macOS has become a battlefield of patch upon patch upon patch.


It appears that a new direction may have been tempting. At the time that Apple’s smartphone project began, an Apple employee and former Be engineer offered Palm Inc. $800K for a BeOS “code dump” — just the code, no support, no royalties. The engineer was highly respected for his skill in mating software to unfamiliar hardware; BeOS was a small, light operating system; draw your own conclusion… Palm, which had purchased Be a few years before that, turned him down.


iOS managed to succeed where “lite” versions of mature operating systems failed, and it succeeded on a much larger scale than existing personal computers. The ubiquity of iOS devices ensures the operating system’s future, but it’s not just the higher unit volume that’s attractive: iOS is younger and nimbler than its noble and worthy macOS forefather. As I stated last week, it will assume more and more of the duties of Apple’s historic Macintosh.

Exploring Swift Memory Layout

Mike Ash:

This function works on an arbitrary type, takes a value and returns an array of unsigned 8-bit integers, or bytes. After you create an arbitrary item, calling this function and passing it that item and it’ll hand you back the bytes that make it up. This will serve as the foundation for this whole program.


We can’t know how stuff is being treated at this level because we just get a bunch of bytes and we don’t know what they mean. So we’re going to optimistically go through and slice it up into chunks of eight bytes. We take those chunks, pull them all out and ask, “What if these were pointers, what would that mean?”


On Mac and iOS, there is a low level function called mach_vm_read_overwrite. This is a system call where you give it two pointers and how many bytes to copy from one pointer to another. This call works exactly like memcpy from the C standard library except memcpy will crash your program if it is passed a bad pointer, and mach_vm_read_overwrite just returns an error because it is a system call. Since the call is performed at the kernel level, it can be checked safely and return an error saying that the pointer didn’t correspond to a real address. Because we can go through and reliably follow this tree without crashing we can try every pointer by passing it to this function. If it comes back with an error we just ignore it and move on to the next pointer.


dladder gives you the symbol that comes immediately before the pointer you give it. You can choose a starting address and get the symbol information back. If it returns that there is a symbol, advance one byte and test again, and continue testing and advancing until it returns false. This allows you to know exactly how long something is.

Backing Up the Internet Archive

Jason Scott:

The first is that the Internet Archive is adding another complete mirror of the Wayback machine to one of our satellite offices in Canada. Due to the laws of Canada, to be able to do “stuff” in the country, you need to set up a separate company from your US concern. If you look up a lot of major chains and places, you’ll find they all have Canadian corporations. Well, so does the Internet Archive and that separate company is in the process of getting a full backup of the Wayback machine and other related data. It’s 15 petabytes of material, or more. It will cost millions of dollars to set up, and that money is already going out the door.


There are backups of the Internet Archive in other countries already; we’re not that bone stupid. But this would be a full, consistently, constantly maintained full backup in Canada, and one that would be interfaced with other worldwide stores. It’s a preparation for an eventuality that hopefully won’t come to pass.

Via Nick Heer:

If you rely upon the Internet Archive as much as I do, you can give them money to keep preserving websites, live audio recordings, classic PC games, and loads more.

Kim Zetter (via Hacker News):

So after the FBI sent the Internet Archive the NSL in August, demanding the name, address, length of service and a list of all accounts used by one of the archive’s supposed subscribers, the archive and the EFF sent the bureau a letter challenging the legality and constitutionality of the NSL and gag order. They also disclosed in the letter that the archive didn’t possess any records that matched the FBI’s request. Archive subscribers can use their accounts to upload contributions of books, music and other digital material or to comment on material others have uploaded. But the archive had no records of a subscriber matching the FBI’s target.

Friday, December 2, 2016 [Tweets] [Favorites]

The RawRepresentable Protocol in Swift

Ole Begemann:

Note that adding raw values to an enum doesn’t affect how the enum is laid out in memory. The compiler always determines how many bits it needs to discriminate between all enum cases and then assigns a unique integer tag value to each case. Even for enums with integer raw values, this tag is not the same as the raw value — they are completely different things. This also means you don’t have to worry that an enum with strings as raw values will take up more memory than a “plain” enum — the constant strings are only stored once in the binary, not for each instance.


In fact, the raw value syntax is simply shorthand for conforming the enum to the RawRepresentable protocol, which defines the rawValue property and initializer. When you define the above enum, the compiler generates code equivalent to this[…]


Once you realize that there’s no magic behind enums with raw values, it opens up the possibility to use all kinds of types as raw values.

File Reference URLs Don’t Work in Swift 3


In Swift 3.0 (i.e. Xcode 8.0 or Xcode 8.1 beta 1), a call to fileReferenceURL does not give a file reference URL anymore... this code

import Foundation
let string = "file:///Users/admin"
if let url = NSURL(string: string) {
  if let ref = url.fileReferenceURL() {
    print ("ref = (ref)")


ref = file:///Users/admin/

while it should have been printing

ref = file:///.file/id=6571367.437879/

as it did, correctly, in Swift 2.2 (and before) in Xcode 7.3.1 for example.

Via Charles Srstka:

.fileReferenceURL doesn’t exist on URL. It does exist on NSURL, but thanks to the bridging magic it returns a URL, which the ObjC-Swift bridge turns into a normal file path URL.

Frédéric Blondiau has some workarounds, but these are distasteful to me because they rely on the internal details of both NSURLFileResourceIdentifierKey and file reference URLs.

It seems like the proper short-term solution would be to write some Objective-C code to return an object that is not bridged to URL. This could probably be the actual NSURL typed as id. Or, if you’re going to use an opaque token anyway, another option would be to store bookmark data. I assume that would be slower, though.

Status Board Discontinued

Cabel Sasser (MacRumors):

Unfortunately, while Status Board became a beloved friend to offices around the world, sales weren’t enough to sustain further development.


First, we had hoped to find a sweet spot between consumer and pro users, but the market for Status Board turned out to be almost entirely pro, which limits potential sales on iOS — as we’ve learned the hard way over the past couple of years, there’s not a lot of overlap right now between “pro” and “iOS”. Second, pro users are more likely to want a larger number of integrations with new services and data sources, something that’s hard to provide with limited revenue, which left the app “close but not quite” for many users. Finally, in the pro/corporate universe, we were simply on the wrong end of the overall “want a status board” budget: companies would buy a $3,000 display for our $10 app.


You should have done a native Apple TV version of this when it became possible. Would make total sense to me.

Cabel Sasser:

Apple never provided an official WebKit view for Apple TV apps, and Status Board depends heavily upon them, for custom panels, etc. So unfortunately, it wasn’t possible to port an Apple TV version, even though that would make the most sense…

Amazon Fire TV Stick 2

Joe Rosensteel:

Apple doesn’t offer anything remotely in this price range [$30]. The 3rd generation Apple TV was discounted to $70, and then discontinued this September without any replacement, leaving the $150 4th generation Apple TV as the least expensive streaming device Apple makes. It’s also not as portable as an HDMI stick device.


I certainly think that if you’ve been frustrated by trying to AirPlay Amazon Video that you should purchase this, because I don’t think hell is going to freeze over any time soon.

If someone isn’t an Amazon Prime member, or they want to exclusively use iTunes media, then this isn’t a good option. If you want HBO, Netflix, and Prime video with voice search at a relatively inexpensive price-point, then this is the best option, and I would encourage you to consider it before the sale ends.

The Limitations of Android N Encryption

Matthew Green:

Android’s early attempts at adding encryption to their phones followed the standard PC full-disk encryption paradigm. Beginning in Android 4.4 (Kitkat) through Android 6.0 (Marshmallow), Android systems shipped with a kernel device mapper called dm-crypt designed to encrypt disks at the sector level.


In principle, a clever implementation could evict sensitive cryptographic keys from RAM when the device locks, then re-derive them the next time the user logs in. Unfortunately, Android doesn’t do this — for the very simple reason that Android users want their phones to actually work. Without cryptographic keys in RAM, an FDE system loses access to everything on the storage drive. In practice this turns it into a brick.


In the Apple system, the contents of each file is encrypted under a unique per-file key (metadata is encrypted separately). The file key is in turn encrypted with one of several “class keys” that are derived from the user passcode and some hardware secrets embedded in the processor.


By giving developers the option to individually protect different files, Apple made it possible to build applications that can work while the device is locked, while providing strong protection for files containing sensitive data.

Apple even created a fourth option for apps that simply need to create new encrypted files when the class key has been evicted from RAM. This class uses public key encryption to write new files. This is why you can safely take pictures even when your device is locked.


If you’re an optimistic type, you’ll point out that Android is clearly moving in the right direction. […] On the other hand, you might notice that this is a pretty goddamn low standard. In other words, in 2016 Android is still struggling to deploy encryption that achieves (lock screen) security that Apple figured out six years ago.

Thursday, December 1, 2016 [Tweets] [Favorites]

Apple’s New OS “Activation” for Touch Bar MacBook Pros

Erik Gomez (via Hacker News):

Last week Joe Chilcote discovered an interesting message when imaging a Late 2016 MacBook Pro TouchBar […]:

A critical software update is required for your Mac. To install this update you need to connect to a network. Select a Wi-Fi network below, or click Other Network Options to connect to the internet using other network devices.


Attempting to skip this page would lead to an additional failure […] Even more worrying was the final note:

Your Mac can’t be used until this update is installed.


Welcome to the future of Apple’s hybrid ARM/x86 platform.

It’s also quite clear that destroying entire disks is going to lead to some pain points for people still imaging.

Erik Gomez:

Online Activation is typically required after Internet Recovery or a full disk wipe and subsequent re-image.


Offline Upgrades seems to occur each time the machine there is a new firmware detected in the iBridge1_1Customer.bundle.


My spidey sense tingled when I first noticed offline activations and offline upgrades. It was clear that Apple didn’t want to force a “Critical Update required” screen every time there was a new point release and we could use this to our advantage.

Spark Mail Stores Credentials in Cloud


Spark is much more than a mailbox. It’s a smart, unified inbox which collects all of your emails and automatically categorizes them for easy processing.

Ole Begemann:

While everyone’s raving about @sparkmailapp, remember that they store the credentials to your email(!) on their servers.

Readdle’s privacy policy:

In the event you delete your data from Spark, or revoke access to your data, or delete your Spark account, all your data, as well as your authentication/password information, is completely and permanently deleted from our servers, and we, therefore, do not have access to any of your data anymore.


Credentials are stored in encrypted form on Amazon server. There’s no way to access them in the original form

Presumably, whatever they’re storing is enough to access your mail. Otherwise, what would be the point? This is a concern, not only because of privacy, but also because access to your e-mail account can (through password resets, in the absence of two-factor authentication) unlock all of your other accounts.

My guess is that the main reason Readdle wants their server (rather than just the app running on your phone) to be able to access your mail account is for push notifications. My understanding is that Apple’s Mail app gets special privileges to run in the background and use push to detect when the IMAP or Exchange server has new messages. It also does background polling.

Third-party iOS apps are not allowed to do either of these things, just as they cannot register for the mailto: protocol. However, if Readdle’s server can monitor the mail account for new messages, it can send an Apple Push Notification to wake up the iOS app. Alternatively, you can turn off this feature. However, then you would not get background notifications of new mail, and it would probably use more battery power in the foreground.

Previously: FastMail Enables IMAP Push for iOS.

The Mac App Store Is Full of Scams

Justin Pot (via John Gruber):

Try to put yourself into the mental state of a novice computer user. You have a brand new iMac, and you want to edit some Excel spreadsheets. In the dock you find that App Store you’ve heard so much about, so you open it. You find the search bar, then type “Microsoft Excel.”


It’s…templates. A $30, 293MB collection of templates, all of which are useless without Microsoft Office.


Let’s be blunt: these customers were ripped off, and Apple pocketed $10 each. And you’ll only see these comments if you scroll past the two five star reviews that mention the word “app” numerous times. Both of those reviews, by the way, were left by accounts that haven’t reviewed any other apps in the Store.


Search for “Indesign” and you won’t find Adobe’s publishing tool, but you will find several bundles of tutorial videos with icons that mimic InDesign’s closely.


And other developers seem to be working some dark App Store SEO magic. Search for “Firefox” or “Chrome” and the top application is “Fast Browser,” a $1 app that hasn’t been updated since 2014.

A History of Hard Drives

Peter Cohen:

IBM made the first commercial hard disk drive-based computer and called it RAMAC – short for “Random Access Method of Accounting And Control.” Its storage system was called the IBM 350. RAMAC was big – it required an entire room to operate. The hard disk drive storage system alone was about the size of two refrigerators. Inside were stacked 50 24-inch platters.

For that, RAMAC customers ended up with less than 5 MB – that’s right, megabytes of storage.


In 1980, a young upstart company named Shugart Technology introduced a 5 MB hard disk drive designed to fit into personal computers of the day. It was a scant 5.25 inches in diameter. The drive cost $1,500. It would prove popular enough to become a de facto standard for PCs throughout the 1980s. Shugart changed its name to Seagate Technology.


There’s no question that the hard drive market is in a period of decline and transition. Hard disk drive sales are down year-over-year. Consumers switch to SSD or move away from Macs and PCs altogether and do more of their work on mobile devices.

Regardless, Innovation and development of hard drives continue apace. We’re populating our own Storage Pods with 8 TB hard drives. 10 TB hard drives are already shipping, and even higher-capacity 3.5-inch drives are on the horizon.