Friday, December 12, 2025
Apple (xip, downloads):
Xcode 26.2 includes Swift 6.2.3 and SDKs for iOS 26.2, iPadOS 26.2, tvOS 26.2, macOS 26.2, and visionOS 26.2. Xcode 26.2 supports on-device debugging in iOS 15 and later, tvOS 15 and later, watchOS 8 and later, and visionOS. Xcode 26.2 requires a Mac running macOS Sequoia 15.6 or later.
[…]
You can now annotate C types with the SWIFT_SHARED_REFERENCE attribute.
[…]
Retain and release operations for SWIFT_SHARED_REFERENCE types can now be methods of the type. You can now annotate a C/C++ type with SWIFT_SHARED_REFERENCE(.doRetain, .doRelease) to use methods doRetain and doRelease as the lifetime operations for the type.
Nothing about the simulator and visionOS issues.
Previously:
C Programming Language C++ Programming Language Mac macOS Tahoe 26 Memory Management Programming Xcode
Juli Clover (release notes, security, enterprise, developer, full installer, IPSW):
macOS Tahoe 26.2 includes Edge Light, a feature that illuminates your face with soft light when you’re on a video call in a room with poor lighting. The update also adds alarms for the Reminders app, new podcast features, updated AirDrop settings, and more.
When was the last time Apple released new OS versions on a Friday?
Jeff Johnson:
I think macOS 26.2 once again erased my Local Network permissions.
Previously:
Mac macOS Release macOS Tahoe 26
macOS 15.7.3 (security, full installer):
This update provides important security fixes and is recommended for all users.
macOS 14.8.3 (security, full installer):
This update provides important security fixes and is recommended for all users.
See also: Howard Oakley.
Previously:
Mac macOS 14 Sonoma macOS 15 Sequoia macOS Release
Juli Clover (release notes, security, developer):
watchOS 26.2 changes the labeling for Sleep Score point ranges to better match how people might be feeling after a night of rest. The update adjusts the ranges for Very Low, Low, OK, High, and Very High sleep score results. Very High is also a new classification that replaces Excellent.
Previously:
Sleep watchOS watchOS 26 watchOS Release
Juli Clover (release notes, security, enterprise, developer):
iPadOS 26.2 continues with the multitasking improvements that were added with iPadOS 26.1. You can now drag and drop apps from the Dock, Spotlight Search, or the App Library to different multitasking views, including Slide Over.
Apps can be dragged to the far left or far right to enter Slide Over mode, or to the left or right to enter a tiled view. There’s also an option to drag an app to the middle to open up a larger or smaller window, with visual indicators to make it simple.
Federico Viticci (Jason Snell, MacRumors):
As you can see, the gestures are pretty much the same ones as iPadOS 18, but the interaction is slightly different insofar as the “pull indicator” for Slide Over (re-introduced in iPadOS 26.1) now serves two purposes. That indicator now acts both as a signal that you can drop a window to instantly tile it as one half of a Split View, and it’s also a drop target to enter Slide Over right away. The design is clever, if maybe a little too hard to discover…but that’s always been the case with multitasking gestures that aren’t exposed by a menu – which is exactly why Apple is now offering plenty of options in iPadOS 26 to discover different multitasking features in different menus.
I’m glad to see Apple quickly iterate on iPadOS 26 by finding ways to blend the old multitasking system with the platform’s new windowing engine. Based on the comments I received after publishing my iPadOS 26 review, enough people were missing the simplicity of Split View and Slide Over that I think Apple’s doing the right thing in making all these multitasking systems coexist with one another.
Previously:
iOS Multitasking iPadOS iPadOS 26 iPadOS Release
Juli Clover (release notes, security, enterprise, developer):
iOS 26.2 adds an option to activate an alarm when a reminder is due, an option to change the opacity of the time on the Lock Screen, updated AirDrop functionality, and new features for the Podcasts app.
It also brings Live Translation for the AirPods to the EU, and adds support for alternative app stores and other voice assistants in Japan.
See also this previous article.
Mr. Macintosh:
To be clear, I think it’s absurd that Apple doesn’t allow iOS users to downgrade. This year, Apple unsigned iOS 18 just a week after iOS 26 launched, meaning it could never be downgraded to again.
Previously:
iOS iOS 26 iOS Release
Juli Clover (no release notes):
According to Apple’s release notes, HomePod Software 26.2 includes performance and stability improvements.
Needless to say, it still won’t play a lot of the music I’ve purchase from Apple.
Previously:
audioOS audioOS 26 audioOS Release
Juli Clover (release notes, security, developer):
The tvOS 26.2 update changes the way that profiles work on the Apple TV , adding an option to create a profile without an Apple Account. With no need for an Apple Account, profiles can be created for guests and children.
For profiles made for children, there is an age-restricted mode that limits the content that kids can access in the Apple TV app.
Previously:
tvOS tvOS 26 tvOS Release
Juli Clover (release notes, security, no enterprise, developer):
visionOS 26.2 expands the Travel Mode feature to cars and busses, plus it adds new features for spatial accessories like the Logitech Muse.
Previously:
visionOS visionOS 26 visionOS Release
Thursday, December 11, 2025
Caitlin Huston (The Verge, Variety):
In the letter, sent Wednesday, Disney says there has been copyright infringement on a “massive scale,” given its claims that Google has been using AI models and services to “commercially exploit and distribute copies” across many channels, including Google Workspace applications and the YouTube mobile application.
“Google has deeply embedded its infringing video and image AI Services into its broad family of products and services actively used by over a billion people. This multiplies the scope of Google’s infringement, and harm to Disney’s intellectual property, not to mention the ill-gotten benefits Google enjoys from its unauthorized exploitation of Disney’s copyrighted works,” the letter reads.
OpenAI (Hacker News, CNBC, Hacker News):
As part of this three-year licensing agreement, Sora will be able to generate short, user-prompted social videos that can be viewed and shared by fans, drawing on more than 200 Disney, Marvel, Pixar and Star Wars characters.
[…]
Alongside the licensing agreement, Disney will become a major customer of OpenAI, using its APIs to build new products, tools, and experiences, including for Disney+, and deploying ChatGPT for its employees.
As part of the agreement, Disney will make a $1 billion equity investment in OpenAI, and receive warrants to purchase additional equity.
No details on the licensing agreement, but my guess is that, like the Apple-Gemini deal, OpenAI isn’t paying enough to offset the flow going the other way. I thought Disney would want to keep tighter control over their IP, but it seems like they’re using it to buy a lottery ticket.
M.G. Siegler:
So that’s not just a one-two punch, it’s more like a one-two-three-four punch combo. With this last bit being key because Disney is obviously now going to be directly incentivized to favor any work and partnerships with OpenAI.
[…]
So is Disney doing the right thing here? Time obviously will tell, but this is also fairly limited in scope – both time-bound and IP-bound – clearly on purpose. And working with a company to ensure better oversight of IP infractions seems like a better move than simply suing. Sorry, Midjourney, Character.ai, and now Google!
Previously:
Artificial Intelligence Business Copyright Disney Google Legal OpenAI Sora YouTube
Apple:
Apple today announced 45 finalists for this year’s App Store Awards, recognizing the best apps and games across 12 different categories for creating exceptional experiences that inspire users to accomplish more, reimagine their daily workflows, and push creative boundaries.
Confusingly, this is different from the Apple Design Awards, which happen around WWDC. Many of the best Mac apps are not in the Mac App Store and so aren’t eligible for either list.
John Gruber (Mastodon):
I did not enjoy all of them as much as Apple did.
[…]
iPhone app of the year Tiimo bills itself as an “AI Planner & To-do” app that is designed with accommodations for people with ADHD and other neurodivergences. Subscription plans cost $12/month ($144/year) or $54/year ($4.50/month). It does not offer a native Mac app, and at the end of onboarding/account setup, it suggests their web app for use on desktop computers.
[…]
The app seems OK, but not award-worthy to me. But, admittedly, I’m not in the target audience for Tiimo’s ADHD/neurodivergent focus. I don’t need reminders to have coffee in the morning, start work, have dinner, or to watch TV at night, which are all things Tiimo prefilled on my Today schedule after I went through onboarding. As I write this sentence, I’ve been using Tiimo for five minutes, and it’s already prompted me twice to rate it on the App Store. Nope, wait, I just got a third prompt.
[…]
Essayist is a document-based (as opposed to library-based) app, and its custom file format is a package with the adorable file extension “.essay”. The default font for documents is Times New Roman, and the only other option is, of all fonts, Arial — and you need an active subscription to switch the font to Arial.
[…]
The app carries a few whiffs of non-Mac-likeness (e.g. the aforementioned lack of Settings, and some lame-looking custom alerts).
I tuned out the ADAs years ago when Apple kept gushing about how apps that violated all sorts of platform conventions did such a good job of following the human interface guidelines. If you want to see which apps are popular, there are charts for that. These days, I think the awards are mainly useful to see what types of things Apple wants to promote. This year, that included an app with no Mac version and an app that Gruber suspected be Catalyst. Between that and the example Apple’s setting with its own design work, it’s nudging things the wrong direction. It falls to others to set the standard.
Apple:
Explore a new visual gallery to find how teams of all sizes are taking advantage of the new design and Liquid Glass to create natural, responsive experiences across Apple platforms.
Mike Rockwell:
Every single example they show looks worse with Liquid Glass than it did with the previous design language. Poor contrast, distracting translucency — it’s a mess.
Previously:
Update (2025-12-12): Matt Sephton:
Also the Liquid Glass gallery doesn’t have any macOS apps.
App Store App Subscriptions Artificial Intelligence Design Essayist Font iOS iOS 26 iOS App Liquid Glass Mac Mac App Mac App Store macOS Tahoe 26 Tiimo
Adam Engst:
Put simply, an interface shouldn’t make it too easy to perform a destructive action or create more work for you, and inadvertent calls can easily create more work. You may prefer a different behavior than I do, but I hope we can all agree that it’s good to have a choice of whether a tap on a recent call initiates a callback or opens its associated contact.
But isn’t it weird that the way you toggle the tap-a-call behavior is by switching the Phone app’s view? What if you like Unified view but prefer that tapping a recent call starts a callback rather than opening a contact?
[…]
Here’s the odd part: if you switch the Phone app to Classic view and then return to Settings, the Tap Recents to Call switch disappears, and Hold Assist Detection slides up. […] This is deeply wrong. “User interface elements should not come and go based on settings adjusted elsewhere,” said Paul Kafasis, while holding his nose and fanning the air with his hand, in an exaggerated gesture of disgust aimed at Apple.
Previously:
Design iOS iOS 26 Phone.app
Wednesday, December 10, 2025
Tim Hardwick (Hacker News):
The Tech Transparency Project, a non-profit advocacy group, flagged 52 apps in the App Store that had links to entities found on the Treasury Department’s list of Specially Designated Nationals (SDNs), a designation that prohibits U.S. companies from doing business with them.
Linked organisations included Russian financial institutions such as Gazprombank and National Standard Bank propping up Moscow’s invasion of Ukraine, and China’s Xinjiang Production and Construction Corps (XPCC), which has been sanctioned for involvement in repression of Uyghur minorities. Another app was run by a company owned by an accused Lithuanian drug trafficker.
The linked entities reportedly used name variants, shell developers, or partial references to obscure their sanctions status.
[…]
Legal experts say that [2019] agreement increases Apple’s exposure now, since the latest similar lapses suggest its promised improvements were insufficient. The findings also call into question Apple’s long-standing claim that its App Store provides a “safe and trusted” environment for users.
Given what gets through App Review, I’m sure you’re shocked that Apple’s sanctions status matching didn’t account for “spelling and capitalization variations” or “country-specific business suffixes.” Apple subsequently removed 35 of the apps but disputes that the others were in violation. The Google Play Store had 18 violations.
Previously:
App Review App Store App Store Scams iOS iOS 26 iOS App Legal Russia
Jim Nielsen (Hacker News):
I’ve never liked the philosophy of “put an icon in every menu item by default”.
[…]
This posture lends itself to a practice where designers have an attitude of “I need an icon to fill up this space” instead of an attitude of “Does the addition of a icon here, and the cognitive load of parsing and understanding it, help or hurt how someone would use this menu system?”
Apple currently says:
Don’t display an icon if you can’t find one that clearly represents the menu item. Not all menu items need an icon. Be careful when adding icons for custom menu items to avoid confusion with other existing actions, and don’t add icons just for the sake of ornamentation.
and in fact omits many icons in their apps. But I agree with Nielsen that there doesn’t seem to be a clear rationale for when they do this. It’s inconsistent and feels like they just didn’t finish the job or didn’t have suitable stock icons rather than that they actually considered and decided that certain commands shouldn’t have icons. It’s a mess.
Let’s look at the “File” menu in Safari[…] Some groupings have icons and get inset, while other groupings don’t have icons and don’t get inset.
[…]
Some of these menu items have the notion of a toggle (indicated by the checkmark) so now you’ve got all kinds of alignment things to deal with. The visual symbols are doubling-up when there’s a toggle and an icon.
[…]
You know what would be a fun game? Get a bunch of people in a room, show them menus where the textual labels are gone, and see who can get the most right.
Apple’s previous human interface guidelines specifically said not to use “arbitrary symbols in menus, because they add visual clutter and may confuse people.”
Nick Heer:
I am running 26.2, with a more complete set of icons in each menu, though not to the user’s benefit. For example, in Neilsen’s screenshot, the Safari menu has a gear icon beside the “Settings…” menu item, but not beside the “Settings for pxlnv.com…”, or whatever the current domain is. In 26.2, the latter has gained an icon — another gear. But it is a gear that is different from the “Settings…” menu item just above it, which makes sense, and also from the icon beside the “Website Settings…” menu item accessible from the menu in the address bar, which does not make sense because it does exactly the same thing.
James Thomson:
On Tahoe, why is the image next to the save command in the File menu “square.and.arrow.down”, but the export and share commands are “square.and.arrow.up” and import has the arrow pointing down?
The arrow icons feel very iOS. I think the basic idea is that down means into the app and up means out of the app, but it doesn’t quite work for me because saving on the Mac can create a file anywhere. If there’s a command to save, that means it’s not going into the app’s own managed storage, like with saving a photo on iOS. And the difference with save vs. export is really the file format, not the location, so it doesn’t really make sense that the arrows would go in opposite directions.
Previously:
Apple 1992 vs 2025
I also think that the policy of placing icons in the menu is not good. First of all, currently the icons do not cover everything, there is information overload, things are easy to represent with pictograms but actions (commands) are abstract and difficult to iconize, etc.
Design Finder Google Sheets Icons Liquid Glass Mac macOS Tahoe 26 Safari
Wade Tregaskis:
Given how buggy Apple’s screen saver framework is, I suggest not relying on animateOneFrame if you can at all avoid it. Even if that means setting up your own timer. That way when they likely break that too in some future macOS release, your screen saver won’t necessarily break as well.
[…]
stopAnimation is only used for the live preview thumbnail shown in the Screen Saver System Settings pane. It is never called in normal operation of the screen saver (contrary to what Apple’s documentation says – Apple broke that in macOS Sonoma and later).
[…]
Here’s the second big bug in Apple’s screen saver framework – every time the screen saver starts, your ScreenSaverView subclass is created again. But the old one doesn’t go anywhere. So now you have two copies running simultaneously, which as at the very least wasteful, and can easily lead to gnarly bugs and weird behaviour (e.g. if both are playing sound, or both modify persistent state).
[…]
Unfortunately Apple’s screen saver system will never terminate your screen saver process. Worse, even if you do nothing yourself, Apple’s screen saver framework code will run in an infinite loop, wasting [a small amount of] CPU time.
There was a longstanding API that worked fine for many years but then got progressively more broken.
Update (2025-12-11): James Miller:
Same experience years ago making a recreation of the After Dark Flying Toaster screensaver. It was such a strange development process…
Kevin Boyd:
I tried writing one a few years ago and got stymied by everything being terrible & no information being available. Maybe I can get back into it soon.
Bug Core Animation Mac macOS Tahoe 26 Programming Screensaver Swift Programming Language
Rebecca Bellan:
The New York Times filed suit Friday against AI search startup Perplexity for copyright infringement, its second lawsuit against an AI company. The Times joins several media outlets suing Perplexity, including the Chicago Tribune, which also filed suit this week.
The Times’ suit claims that “Perplexity provides commercial products to its own users that substitute” for the outlet, “without permission or remuneration.”
[…]
Perplexity tried to address compensation demands by launching a Publishers’ Program last year, which offers participating outlets like Gannett, TIME, Fortune and the Los Angeles Times a share of ad revenue. In August, Perplexity also launched Comet Plus, allocating 80% of its $5 monthly fee to participating publishers, and recently struck a multi-year licensing deal with Getty Images.
Emma Roth:
Perplexity became the subject of several lawsuits after reporting from Forbes and Wired revealed that the startup had been skirting websites’ paywalls to provide AI-generated summaries — and in some cases, copies — of their work. The NYT makes similar accusations in its lawsuit, stating that Perplexity’s crawlers “have intentionally ignored or evaded technical content protection measures,” such as the robots.txt file, which indicates the parts of a website crawlers can access.
[…]
The NYT is seeking damages and is also asking the court to permanently block the AI startup from engaging in its allegedly unlawful behavior.
Perplexity’s spokesperson didn’t seem to deny the allegations.
Previously:
Artificial Intelligence Business Copyright Lawsuit Legal Perplexity The New York Times Web Web Crawlers
Tuesday, December 9, 2025
Pebble (Hacker News):
Introducing Pebble Index 01 - a small ring with a button and microphone. Hold the button, whisper your thought, and it’s sent to your phone. It’s added to your notes, set as a reminder, or saved for later review.
Index 01 is designed to become muscle memory, since it’s always with you. It’s private by design (no recording until you press the button) and requires no internet connection or paid subscription. It’s as small as a wedding band and comes in 3 colours. It’s made from durable stainless steel and is water-resistant. Like all Pebble products, it’s extremely customizable and built with open source software.
[…]
What if the speech-to-text processing misses a word or something?
You can always listen to the each recording in the app.
This sounds good, but I don’t want another device. I try to do this with my Apple Watch, but it doesn’t work as well as I’d like. Apps, of course, can’t repurpose any of the hardware buttons. I don’t know of a complication that lets you just press a button to record audio to be transcribed as text. The Reminders complication takes 4 taps (complication, Add Reminder, microphone button, Done) to add a reminder via voice. Siri works without any taps but often screws it up by trying to interpret what I said. If I mention anything that sounds like a meal, a time, or a location, I might end up with that text removed and instead have the time and location fields set on the reminder for when I arrive at that place, which is never what I want. This also seems to confuse OmniFocus and prevent it from importing the reminder.
Julian Chokkattu:
There’s no way to recharge the ring. Migicovsky says he didn’t want yet another gadget to charge every day, so instead, the Pebble Index has non-rechargeable silver oxide hearing aid batteries designed to last two years with average use. Once the device’s battery is nearly dead, users will receive a notification in the app, and the idea is you’ll buy a new Pebble Index—an idea that’s easier to get behind knowing the ring costs just $75, though the price will jump to $99 after the first batch.
Ryan Whitwam:
Core Devices, the new home of Pebble, says the Index is designed to be worn on your index finger (get it?), where you can easily mash the device’s button with your thumb. Unlike recording notes with a phone or smartwatch, you don’t need both hands to create voice notes with the Index.
[…]
After you record a voice note, it’s beamed over Bluetooth to your phone (Android or iOS), and it stays there. The recording is converted to text and fed into a large language model (LLM) that runs locally on your device to take actions. The speech-to-text process and LLM operate in the open source Pebble app, and no data from your notes is sent to the Internet. However, there is an optional online backup service for your recordings.
Previously:
Update (2025-12-11): See also: MacRumors and Eric Schwarz.
Artificial Intelligence Environment iOS iOS 26 iOS App OmniFocus Pebble Reminders Siri Speech Recognition watchOS watchOS 10
Matt Massicotte (Mastodon):
We’re in a protracted period where not only are settings very important, they are also deeply and persistently misunderstood.
The settings you use can have a profound effect on your code.
But there are a lot of them! And I think it’s pretty reasonable that you might not want to dig into every single one. So, here an attempt at some guidance.
Previously:
Compiler Programming Swift Concurrency Swift Programming Language
Mike Rockwell:
I’ve been a happy Linode customer for years, but they experienced an outage Sunday morning that took my Cloudron server offline, impacting my Mastodon and Pixelfed instances. As of this writing they’re still offline and I’ve received an email letting me know that there is a potential for data loss.
Manton Reece:
I didn’t get a warning about data loss. This outage did wreck a sizable part of my Sunday, which was already stressful for unrelated reasons. And worse, it affected my customers’ weekends. I try to be patient with hosting providers because I’m one too, and I know how frustrating and unproductive it can be to feel piled on with complaints. But this outage was likely the most significant I’ve seen in the 10+ years I’ve been using Linode.
These events are a time to revisit past decisions. I was already feeling that I was overpaying for Linode. With a bunch of servers and databases, it’s a lot of money for a tiny company like Micro.blog, money that I could use to pay myself more or hire someone.
This year we’ve expanded to servers in Europe, hosted by Hetzner. I’m also now consolidating more of our S3-like storage to actually use AWS.
John Brayton:
Some of Unread’s functionality requires server infrastructure. I run servers to support both Unread Cloud and Unread’s webpage text functionality.
Linode was my hosting provider of choice for a long time, but I recently moved these systems to Hetzner. I wanted to write a bit about how Linode and Hetzner compare.
These are all much less expensive than DreamHost (after its introductory period).
Much of Unread’s server work consists of accessing feeds and webpages from websites. Hetzner’s instances at the pricing above are available in Nuremberg, Falkenstein, and Helsinki — all of which are in the European Union. Some websites outside the EU that do not have international audiences block access to clients in the EU, presumably because those websites do not want to comply with EU privacy laws.
[…]
My solution for Unread’s servers was to host a proxy in a United States data center. When Unread’s feed retrieval system or webpage retrieval system get a forbidden response, they retry the request using the proxy server hosted in the United States.
Previously:
Update (2025-12-11): Marco Arment:
I didn’t realize that Hetzner had expanded to the US. And their prices are WAAAAYYY cheaper than Linode’s now.
(Turns out that charging 20% higher prices for the same resources over ~5 years in the web-hosting business makes you pretty easy to beat.)
Seriously looking at Hetzner now. Any experiences running medium-scale applications there, like maybe 20 server instances with ~a terabyte of databases?
Long-term reliability?
DreamHost Hetzner Linode Micro.blog Unread App Web Web Hosting
Nikita Prokopov:
Top (Windows 95): great contrast, obvious shapes. Instantly readable.
Middle (Windows 11): shapes are still self-explanatory, but contrast is gone.
Bottom (Windows 11 Insiders): what am I even looking at? The only shape I can understand here is the Run button. Barely visible, though.
Nick Heer:
As someone who uses a Windows computer for my day job, I can confidently say this allergy to contrast affects both platforms alike, and Prokopov’s comparison offers just one example. Why this trend persists, I have no idea.
Previously:
Update (2025-12-11): Sherief, FYI:
my mom got a new laptop and had trouble dragging windows around, I tried taking a look and out of the box the draggable area is the same color (not even low contrast) as non draggable chrome.
Design History Windows Windows 11
Monday, December 8, 2025
Andrew Oliver (via Hacker News):
Applets are officially, completely removed from Java 26, coming in March of 2026. This brings to an official end the era of applets, which began in 1996. However, for years it has been possible to build modern, interactive web pages in Java without needing applets or plugins. TeaVM provides fast, performant, and lightweight tooling to transpile Java to run natively in the browser.
Previously:
History Java Programming Sunset Transpiler Web
Igor Kulman (Mastodon):
The app is real, finished, tested, documented, and ready for submission.
All I needed was to join the Apple Developer Program.
[…]
When you want to publish an app on the App Store, the process is supposed to be simple: you sign in with your Apple ID, fill in your details, pay €99, and you’re in.
Except step 2 silently rejects me.
He contacted Apple Support:
And I was told, literally, that I cannot join, they will not tell me why, and there is nothing I can do.
[…]
After exhausting all normal support routes, I filed a formal GDPR request asking Apple for access to the data used in the automated decision that blocks my enrollment.
But he still didn’t get anything useful. Without sideloading, that means there’s no way to distribute the app.
Previously:
Update (2025-12-10): Ricardo J. Méndez:
So it’s not just my company and they have something borked in their flow, which on top of that is not set up to provide proper feedback.
Kuba Suder:
I fucking hate when companies do shit like this 😒 They’ve done the same with one of my iOS apps long time ago.
Update (2025-12-12): Jeff Johnson:
I contacted Apple Developer Support on October 27 about my developer response stuck in a Pending state, unpublished in the App Store.
After back and forth with Apple, my case was supposedly “escalated” on November 6, but nothing has changed.
After my latest inquiry, my “point of contact” said yesterday that Apple Developer Support is closing my case and providing no further updates.
App Store Apple Developer Account European Union GDPR iOS iOS 26 Programming Sideloading
Alex Rosenberg:
A few times now I’ve accidentally replaced a password that might have still been valid.
I’d like to be able to look through historical passwords for a site. It can be well-buried behind an option-click or something. Ideally they have timestamps of when they were valid too because why not, it’s a small amount of data.
1Password and PasswordWallet do this automatically, and I think it’s a great feature. It turns out that Passwords.app added it in macOS Tahoe and iOS 26, but I don’t think the user interface makes this very clear. The View History button doesn’t show up until after you’ve already changed the password, and it’s below the (possibly very long) Notes, rather than up next to the Modified date. So, when browsing all my old passwords, none of them show the button. When changing a password, it’s not until after you’ve defensively pasted the old one into the Notes (or not) that you find out there’s a rescue feature for the data loss that might have occurred.
And, as Marc Edwards reports, Apple missed a great opportunity to use the history:
It’s pretty easy to get Apple Passwords to lose data.
Create a new item with a password of “a”. Sync to two devices. Turn off internet on both devices. Set the password to “b” on one device, and “c” on the other device. Turn on internet. The conflict gets resolved silently. “b” might win, or “c” might win, probably based which changed most recently.
Apple Passwords has password history, but the discarded data wasn’t in my history.
[…]
iCloud Drive also silently resolves conflicts using a similar method, potentially destroying data. The same test can be used. Dropbox, Tresorit and other cloud storage services keep timestanped copies of files when it’s not obvious which version is the latest.
See also: Mac Power Users for discussion of other features people are interested in before switching.
Apple Password Manager Bug Datacide Design iOS iOS 26 Mac macOS Tahoe 26 Passwords Syncing
Juli Clover:
Apple could ultimately have to pay up to an estimated 637 million euros to address the damage suffered by 14 million iPhone and iPad users in the Netherlands.
The lawsuit dates back to 2022, when two Dutch consumer foundations (Right to Consumer Justice and App Store Claims) accused Apple of abusing its dominant market position and charging developers excessive fees. The lawsuit was filed on behalf of Dutch iPhone and iPad users, and it claimed that Apple’s 30 percent commission inflated prices for apps and in-app purchases.
[…]
The civil App Store fee case that Apple is now facing in the Netherlands is separate from the dating app case that was levied against Apple by ACM, the Dutch competition authority.
Previously:
Antitrust App Store Apple European Union iOS iOS 15 Lawsuit Legal Netherlands
Friday, December 5, 2025
Apple (MacRumors):
Apple today announced that Jennifer Newstead will become Apple’s general counsel on March 1, 2026, following a transition of duties from Kate Adams, who has served as Apple’s general counsel since 2017.
She was previously chief legal officer at Meta and helped write the Patriot Act.
Lisa Jackson, vice president for Environment, Policy, and Social Initiatives, will retire in late January 2026. The Government Affairs organization will transition to Adams, who will oversee the team until her retirement late next year, after which it will be led by Newstead.
It sounds like her position is being eliminated.
Dan Moren:
Newstead will not head up environmental and social initiatives—those will instead transfer to newly installed chief operating officer Sabih Khan, who also picked up some new responsibilities in Giannandrea’s departure. Safe to say he’s going to be very busy; it does suggest that Apple considers its environmental affairs part of its operations pipeline.
See also: signüll.
Dan Moren:
Maybe Alan Dye was traded to Meta for a general counsel and a player to be named later?
John Gruber:
So it’s not just that Alan Dye jumped ship from Apple for the chief designer officer role at another company. It’s not just that he left for a rival company. It’s that he left Apple for Meta, of all companies. Given what Cook has said about Meta publicly, one can only imagine what he thinks about them privately. Apple executives tend to stay at Apple. The stability of its executive team is unparalleled. But Dye is a senior leader who not only left for a rival, but the one rival that Cook and the rest of Apple’s senior leadership team consider the most antithetical to Apple’s ideals.
[…]
How could someone who would even consider leaving Apple for Meta rise to a level of such prominence at Apple, including as one of the few public faces of the company?
[…]
It’s also that it’s now clear that Dye’s moral compass was not aligned with Apple’s either. Tim Cook and the rest — or at least most? — of Apple’s senior leadership apparently couldn’t see that, either.
You could also look at this and the hiring of Newstead as more evidence that Apple’s privacy talk is more about marketing than deeply held ideals. (In fairness, I don’t know what Newstead’s contributions to the Patriot Act actually were—it’s possible she was trying to make it better for privacy.)
Previously:
Update (2025-12-10): John Gruber:
This news yesterday is just typical planned retirements. The timing is slightly unfortunate though. In the eyes of observers unfamiliar with the company, they might be misconstrued as signs of executive upheaval, occurring on the heels of the minor and major dramas of Giannandrea’s and Dye’s departures. The Jackson / Adams / Newstead transitions announced yesterday are nothing of the sort.
[…]
Lastly, I wouldn’t read anything into Newstead coming to Apple by way of Meta.
I agree that the What the heck is going on at Apple? rhetoric is overblown, but the structural changes could be significant. At the least, Newstead brings significant antitrust and regulatory experience from her time at Meta.
Alan Dye Apple Business Environment Legal Privacy Tim Cook
Dominic Preston (Hacker News, MacRumors, Slashdot):
Netflix has announced that it’s struck a deal to acquire Warner Bros. for $82.7 billion. The purchase will go through after Warner Bros.’ planned split from Discovery, now expected to take place in Q3 2026.
[…]
Netflix suggests it has no immediate plans for drastic change at Warner Bros., describing HBO and HBO Max as a “compelling, complementary offering” alongside its own streaming service, and saying it will maintain the studio’s current operations, including theatrical releases for films.”
Eric Schwarz:
[Today’s] news immediately made me think of Netflix Co-CEO Ted Sarandos’s GQ interview (Web Archive link) back in 2013 when he was the Chief Content Officer:
“The goal…is to become HBO faster than HBO can become us.”
[…]
What’s funny is that fifteen or twenty years ago, this merger wouldn’t have been plausible, but if it had, the Netflix brand would have most likely gone away. At this point, the Netflix brand is strong enough that I could seem them simply building out sections of select legacy brands under the Netflix umbrella (not unlike what Disney+ currently has and Warner Bros. Discovery had done initially after that merger.)
John Gruber:
I don’t know if this deal makes sense for Netflix, but Netflix has earned my trust. Netflix is a product-first company. They care about the quality of their content, their software, their service, and their brand. If you care about the Warner/HBO legacy, an acquisition by Netflix is a much, much better outcome than if David Ellison had bought it to merge with Paramount.
M.G. Siegler:
For now, I’ll just tout my predictions from last year, both that WBD would be acquired, but also that Netflix would eventually backtrack on their theatrical release stance. Book look good right now.
Adam Chandler:
Infinite Timelines, Netflix just becomes Comcast in 20 years and charges $250 a month for hundreds of ‘channels’ that still have advertisements but nothing good to watch.
Previously:
Update (2025-12-10): Rosyna Keller:
What will this mean for the infinite auto-playback HBO Max currently offers when playing back a serious?
Will Netflix also remove the Apple TV app integration with HBO Max?
See also: Erik Hayden, David Goldman, Ben Thompson, M.G. Siegler.
Acquisition Antitrust Business HBO Max Netflix Video Web
Mothers Ruin Software (Mastodon):
Restored the ability to decode recently-created URL Bookmarks. Apple changed this binary format in macOS 26.1, macOS 15.7.2 and macOS 14.8.2, and that would cause the decode to fail. Archaeology can now decode the new bookmarks, and will show the new (usually empty) Team ID therein.
[…]
Updated the app icon to be more compatible with macOS Tahoe squircle clipping. (This is about as far as we’re willing to go on this front.)
It’s unclear to me whether this format change means that aliases or app data created on newer versions of macOS won’t be forward compatible on older versions.
Previously:
Archaeology Liquid Glass Mac Mac App macOS Tahoe 26 Security Scoped Bookmarks
Ashley Belanger (Hacker News, 3):
The European Commission announced that X would be fined nearly $140 million, with the potential to face “periodic penalty payments” if the platform fails to make corrections.
A third of the fine came from one of the first moves Musk made when taking over Twitter. In November 2022, he changed the platform’s historical use of a blue checkmark to verify the identities of notable users. Instead, Musk started selling blue checks for about $8 per month, immediately prompting a wave of imposter accounts pretending to be notable celebrities, officials, and brands.
Today, X still prominently advertises that paying for checks is the only way to “verify” an account on the platform. But the commission, which has been investigating X since 2023, concluded that “X’s use of the ‘blue checkmark’ for ‘verified accounts’ deceives users.”
Twitter very publicly eliminated the verification program. The blue checkmark now indicates that you’re a premium subscriber (which I’m not, so I lost mine). If you click on a blue checkmark, it shows a popover stating, “This account is verified. Learn more,” with the link accurately describing what the checkmark means. There is still some level of verification (name, photo, phone number, “no signs of being misleading or deceptive”), but they no longer check your government ID. I don’t understand the argument that this is illegal. I did not see a requirement in the DSA that the word “verified” must have a certain meaning. (Government and other officials have a stricter verification process and get a grey checkmark.)
The other parts of the fine are because the DSA wants Twitter to allow researchers access to information about its ads and “the platform’s public data.” The DSA has some interesting requirements for ads. I’d like to see how the other large online platforms and search engines are complying with this. There is still a Twitter API for the public data—maybe the issue is that it’s paid? But most of the data isn’t really public anymore, anyway, since it requires logging in.
On Friday, Musk reposted criticism of the EU fine from a lawyer, Preston Byrne, who quoted Vance’s X post and suggested that Congress should act “ASAP” to pass a law that he proposed. If passed, that law “would allow X to sue the European Commission in US federal court for three times this amount and get injunctive relief against the Commission’s orders.”
Previously:
Advertising Business Digital Services Act (DSA) European Union Legal Twitter Web
Thursday, December 4, 2025
Juli Clover:
Russia has blocked Apple’s FaceTime video calling app in an ongoing effort to eliminate private communication methods, reports Reuters. Russia claims FaceTime is being used for criminal activity, and that blocking the app is a legitimate law enforcement measure. Social network Snapchat and multiplayer gaming platform Roblox were also banned this week.
[…]
FaceTime is now restricted nationwide, and has likely been blocked at the network level, so it may still be accessible through a VPN. Moscow residents are seeing a “User unavailable” message when attempting to use FaceTime , which is the error displayed when a FaceTime call is unable to connect. The app still opens and activates, so Apple hasn’t removed it.
Osmond Chia (Hacker News):
Russia has blocked access to popular gaming platform Roblox due to concerns over child safety and extremism, including the spread of LGBT-related content.
The country’s media regulator said Roblox had become rife with “inappropriate content that can negatively impact the spiritual and moral development of children”, according to local news outlets.
[…]
The Roskomnadzor also flagged reports of sexual harassment of children and the sharing of intimate images on the platform. Other countries have raised similar issues, and the platform is already banned in certain countries, including Turkey, over concerns about child safety.
[…]
Last month, Texas Attorney General Ken Paxton sued the platform over “flagrantly ignoring” safety laws and “deceiving parents” about the dangers it posed to young people.
Previously:
Update (2025-12-09): John Gruber:
I’m curious why iMessage isn’t blocked too.
Jeff Johnson:
I’m not sure iMessage can be blocked without blocking all Apple services, because it operates over the standard https port and shares domains with other services.
Update (2025-12-11): John Gruber:
This thread on Mastodon, prompted by my wondering why Russia is blocking FaceTime but not iMessage, suggests that because iMessage messages are sent via APNs, a network (or entire nation) seeking to block iMessage can only do so by blocking all push notifications for iOS. That’s why on airplanes with “free messaging” on in-flight Wi-Fi, you usually also get all incoming push notifications, even for services that aren’t available on the free Wi-Fi.
[…]
Apple might have architected iMessage this way to make iMessage veto-proof with cellular carriers, who, at the time of iMessage’s announcement in June 2011, were already promoting iPhone push notifications as a reason to upgrade from a dumb phone to an iPhone with a more expensive plan.
Adam Shostack:
Oh, this answers a question I’ve had for a long time, which is how in flight wifi blocks photos.
APNs can only relay messages up to 4 or 16 KB in size, depending on the iOS or iPadOS version. If the message text is too long or if an attachment such as a photo is included, the attachment is encrypted using AES in CTR mode with a randomly generated 256-bit key and uploaded to iCloud.
Children FaceTime iMessage iOS iOS 26 iOS App Lawsuit Legal Roblox Russia Snapchat Texas
Simon Fondrie-Teitler (Hacker News, Slashdot):
In October Kohler launched Dekota, a $600 (plus monthly subscription) device that attaches to the rim of your toilet and collects images and data from inside, promising to track and provide insights on gut health, hydration, and more. To allay the obvious privacy concerns, the company emphasizes the sensors are only pointed down, into the bowl, and assures potential buyers that the data collected by the device and app are protected with “end-to-end encryption”.
Kohler Health’s homepage, the page for the Kohler Health App, and a support page all use the term “end-to-end encryption” to describe the protection the app provides for data. Many media outlets included the claim in their articles covering the launch of the product.
However, responses from the company make it clear that—contrary to common understanding of the term—Kohler is able to access data collected by the device and associated application. Additionally, the company states that the data collected by the device and app may be used to train AI models.
E2EE has become a marketing term, and I no longer believe it unless the company also provides a technical description of what they mean by it. For over a decade—before iCloud Advanced Data Protection—Apple marketed iMessage as being E2EE. This was technically true, because the protocol was E2EE, but in practice the system was not E2EE because Apple had access to the key (in the iCloud backup). In Kohler’s case, there seems to be nothing that’s actually E2EE. It’s “simply HTTPS encryption,” combined with “technical safeguards and governance controls.”
Previously:
Artificial Intelligence iOS iOS 26 iOS App Kohler Privacy
Paul Kafasis (release notes):
You can now play audio through multiple outputs at once, with grouped output devices.
[…]
SoundSource has outstanding new support for sending audio to AirPlay devices like HomePods, Sonos systems, and more. That means you can route an individual application to one or more AirPlay devices, while leaving the rest of your audio playing from a local output. You can also stream all of your Mac’s audio to multiple AirPlay devices, in sync.
[…]
The new Audio Devices window gives you tremendous control over the audio devices connected to your Mac.
These days, I only use my own ToothFairy app, but if you have more advanced audio needs SoundSource has lots of features and a nice interface.
Previously:
AirPlay Audio Mac Mac App macOS Tahoe 26 SoundSource
GitLab (via Hacker News):
Our internal monitoring system has uncovered multiple infected packages containing what appears to be an evolved version of the “Shai-Hulud” malware.
Early analysis shows worm-like propagation behavior that automatically infects additional packages maintained by impacted developers. Most critically, we’ve discovered the malware contains a “dead man’s switch” mechanism that threatens to destroy user data if its propagation and exfiltration channels are severed.
[…]
The malware infiltrates systems through a carefully crafted multi-stage loading process. Infected packages contain a modified package.json with a preinstall script pointing to setup_bun.js. This loader script appears innocuous, claiming to install the Bun JavaScript runtime, which is a legitimate tool. However, its true purpose is to establish the malware’s execution environment.
Previously:
Bun GitLab JavaScript Malware Node.js Open-source Software Programming Security
Wednesday, December 3, 2025
Chance Miller:
Alan Dye, Apple’s vice president of Human Interface Design since 2015, is departing the company. Bloomberg reports that Meta has poached Dye as part of its push “into AI-equipped consumer devices.”
Stephen Lemay, a 26-year Apple design veteran, will take over the role from Dye, who officially joins Meta [to become Chief Design Officer] on December 31.
Can he take Liquid Glass with him?
Juli Clover:
Dye has been at Apple since 2006, joining the marketing and communication team as a creative director. He transitioned to Jony Ive’s user interface team in 2012 to work on iOS 7, and he worked on subsequent iOS, iPadOS, macOS, watchOS, and visionOS design updates.
John Gruber:
I think this is the best personnel news at Apple in decades. Dye’s decade-long stint running Apple’s software design team has been, on the whole, terrible — and rather than getting better, the problems have been getting worse.
Chris Silverman:
I think the fact that Dye considered Meta a good fit gives some insight into why everything he’s influenced at Apple feels so profoundly un-Apple-like.
Warner Crocker:
Frankly, I think we’re all looking forward to some change ahead.
Nick Heer:
I am sure more will trickle out about this, but one thing notable to me is that Lemay has been a software designer for over 25 years at Apple. Dye, on the other hand, came from marketing and print design. I do not want to put too much weight on that — someone can be a sufficiently talented multidisciplinary designer — but I am curious to see what Lemay might do in a more senior role.
Louie Mantia:
I like [Lemay]! I have a lot of respect for him.
Mario Guzmán:
Can we please get designers that remember that computers are bicycles for the mind and not just something to sit there and look pretty?
Previously:
Update (2025-12-09): Juli Clover:
Meta CEO Mark Zuckerberg today announced plans to launch a creative studio that will be led by former Apple UI designer Alan Dye.
Amanda Silberling:
This is a significant hire for Meta, as the company makes a push toward consumer devices like smart glasses and virtual reality headsets. Dye will focus on improving AI features in these devices and report directly to Chief Technology Officer Andrew Bosworth.
Sebastiaan de With (John Gruber, René Fouquet):
this post by Alan Dye on instagram seems almost designed to offend. The horrible “Create Mode” typesetting. Using a Steve Jobs quote to refer to going to Meta. Yikes
Jonathan Deutsch:
I heard that Mark Zuckerberg hates Liquid Glass as much as the rest of us, and gave Alan Dye a pile of cash to stop messing up macOS.
davemyersworld:
The only way you choose to leave 2 months after shipping a major new design system across all OSs is: you think you’ve finished the job, or you think it can’t be fixed. Either way, it doesn’t reflect well on Dye.
Or maybe it’s not about his work at Apple at all—he’s probably getting a raise and a bigger role in defining the future of VR, which I guess he cared about so much that he remade all of Apple’s platforms to look like visionOS.
Pieter Omvlee:
Alternate take: Dye was upset he was forced to pretend liquid glass was amazing when everybody, him included, knew it wasn’t ready. But after the Apple Intelligence disaster they needed something to distract the press and the liquid turd was dropped on all third party devs as a result. And so he left after the (expected) bad reception…
But there’s too many small and large, old and new unforced errors that have made macOS worse over the years that I do not buy that theory.
Craig Hockenberry:
Re: Alan Dye - good riddance!
One thought I had that I haven’t seen elsewhere: his departure may have been preemptive.
He was in Cook’s blindside, but he clearly had detractors within the organization, and it’s possible one would have become his boss during the CEO reorganization.
A “leave before being fired” situation.
Garrett Murray:
All of these things are true:
- Alan Dye should never have had the role he did at Apple
- Dye damaged Apple’s software for years (and for years to come)
- Tim Cook should have removed him long ago
- It’s a huge win for Apple’s users that he left
- Meta has such poor taste that they wanted him
Dave:
Honestly, I think this does nothing for Meta.
Every time a long time Apple exec leaves to join another company or create a new startup, people think that the Apple magic will be reproduced in that other company.
It never is.
And as aesthetically pretty as the Liquid Glass UI is, Alan Dye has never been foundational to Apple’s success.
I predict that this departure will neither hurt Apple nor benefit Meta. It’s a big splash that won’t fundamentally change either company.
Jonathan Wight:
The response to Alan Dye’s departure seems universally… gleeful?
Kontra:
Are Meta designers happy about Alan Dye joining them and voiced pleasure publicly on social media?
• • •
juan:
to commemorate alan dye moving from apple to meta, here’s one of his best quotes
Pavel Lokshin:
Good riddance to the guy who gave us iOS 7 „flat design" that Apple, thankfully, diluted bit by bit over the years. Dye’s latest crime against humanity is the „Liquid Glass“ interface of MacOS 26
Louie Mantia:
For the last year, leading up to what would eventually be known as Liquid Glass, we talked a lot about Apple’s sudden and drastic style change in iOS 7. I kept notes on little things Luka said, mostly because they make me laugh.
Louie Mantia (Mastodon):
Alan Dye may have left for a more lucrative offer from Meta, but this is absolutely a good thing for Apple, which also benefitted from “losing” Jony Ive.
[…]
Not to put too fine a point on it, but they started making products that appealed to themselves. Because since Steve Jobs died, Apple, its executives, and its corporate employees got significantly wealthier. It wasn’t just Jony who took an interest in luxury. The whole company did. Anyone with even a little bit of power in the company started to dress more expensively. They all look like they could walk right out of a fashion advertisement.
This is all to say Apple’s restyling was not just with iOS 7 or even Liquid Glass. It was in how Apple presented themselves as people who had good taste, because that’s their way of communicating authority on the subject of design.
Mario Guzmán:
Alan Dye single handedly made me hate using and looking at my Mac.
Miguel Arroz:
Not single handed. This was reviewed, approved and implemented by many people, from top to bottom of the hierarchy. That’s what concerns me most: the lack of taste from the top and the lack of will to say no from all levels below. Starting by Craig.
Jeff Johnson:
There’s a lot of hate for Alan Dye right now, but keep in mind that the dude did not magically promote himself to a leadership position, at either Apple or Meta. That was the choice of the people above him.
Craig Grannell:
I’ve said for a while that a key problem at Apple has been the lack of taste at the top.
M.G. Siegler:
But really, this all goes back further than that, to when Scott Forstall was ousted and Ive was put in charge of both hardware and software design for the first time.
[…]
With the benefit of hindsight, the merging of hardware and software design within Apple felt like a mistake that was born out of necessity, and perhaps convenience, at the time. While it’s natural to think that within a company “design” should encompass both areas, Apple was clearly build differently – until it wasn’t.
[…]
The fact that Apple has now lost two key presenters of recent marquee product unveils in the past few weeks alone, with Abidur Chowdhury (who was tasked with unveiling the iPhone Air in the all-important iPhone keynote!) also bolting for a startup, seems like an issue as well. Apple clearly – clearly – has a retention problem at the moment, something which historically has been one of the company’s main strengths. And to me, that speaks to larger issues up top.
Jesper:
What ended up summed up as skeumorphism eventually wore thin and looked dated (to some) because of the feeling that it was an unimpressive veneer that lacked dynamism and that forced designers to care too much about vain visuals. Reimagining the general thrust of the pre-iOS 7 world and, just to poke Google in the eye, delivering an actual "material"-focused design could have been a great innovation. Make different things look and feel different; have different textures and atmospheres. Provide the things that the typical iOS 6 app wished to deliver but with less effort and more sophistication; make every app feel easy to read visually (in both senses of the phrase) and assent to the fundamental idea that what helped people move through applications twenty and ten years ago still help them today.
Instead, the road towards blurry transparency-ism on top of denatured, austere UIs was taken. As a follow-up for the goofy reduction of title bars and streamlining of all conceivable apps to one general, see-through-sidebar-heavy layout, dipped in bleached white, it bled the platforms equally of usability and personality.
• • •
John Gruber (Mastodon, MacRumors):
What I’ve learned today is that Lemay, very much unlike Dye, is a career interface/interaction designer. Sources I’ve spoken to who’ve worked with Lemay at Apple speak highly of him, particularly his attention to detail and craftsmanship. Those things have been sorely lacking in the Dye era.
[…]
The sentiment within the ranks at Apple is that today’s news is almost too good to be true. People had given up hope that Dye would ever get squeezed out, and no one expected that he’d just up and leave on his own. (If you care about design, there’s nowhere to go but down after leaving Apple. What people overlooked is the obvious: Alan Dye doesn’t actually care about design.)
[…]
So the change in direction we may see — that many of us desperately hope to see — under Lemay’s leadership might be happenstance. More a factor of Lemay being politically safe, as someone predating Dye and outside Dye’s inner circle at Apple, than from Tim Cook or anyone else in senior leadership seeing a need for a directional change in UI design. But happenstance or not, it could be the best thing to happen to Apple’s HI design in the entire stretch since Steve Jobs’s passing and Scott Forstall’s ouster.
[…]
The most galling moment in Dye’s entire tenure was the opening of this year’s iPhone event keynote in September, which began with a title card showing the oft-cited Jobs quote “Design is not just what it looks like and feels like. Design is how it works.” The whole problem with the Dye era of HI design at Apple is that it has so largely — not entirely, but largely — been driven purely by how things look. There are a lot of things in Apple’s software — like app icons — that don’t even look good any more. But it’s the “how it works” part that has gone so horribly off the rails. Alan Dye seems like exactly the sort of person Jobs was describing in the first part of that quote: “People think it’s this veneer — that the designers are handed this box and told, ‘Make it look good!’”
[…]
Said my friend to me, regarding his interactions with Dye and his team at Apple, “I swear I had conversations in which I mentioned ‘key window’ and no one knew what I meant.”
Jason Snell:
The people I know at Apple speak of Lemay highly.
Brandon Walkin:
Steve’s the best manager I’ve ever had and is the perfect person to lead the team. Like Chan, I’m extremely excited about the new era of design at Apple.
Jason Anthony Guy:
One former colleague who worked with Lemay found him less than helpful as a designer and expressed surprise he’d managed to achieve such a senior design role, but Lemay at least seems to have a deep background in UI design. I hope that translates to Liquid Glass improvements.
Colin Devroe:
I hope Stephen Lemay’s first contribution as Head of UI Design at Apple is to make the active window (and buttons) in macOS clear and distinct.
Nathan Manceaux-Panot:
If people are right about Dye, and his successor, I’m really looking forward to seeing things steadily improve. Small improvements, one by one, over the years. Things being fixed, clever touches of usability appearing in dot updates.
It’ll be so healing—quite the contrast to the past few years.
Pieter Omvlee:
I thought this day would never come. There may be hope again for macOS. Praise be.
Dave Polaschek:
It doesn’t really change my decision to dig a tunnel out of the walled garden; it’s an interesting cautionary tale. If #TimApple had wanted to be a leader, he should’ve punted Dye at the first talk of Liquid Glass.
Mario Guzmán:
I have to say that just because Alan Dye is leaving, doesn't necessarily mean Apple is now reverting their UI back to what we had before. Sitting out macOS Tahoe probably won't do you any favors as I Liquid Ass will probably stick around for a few years.
Adam Engst:
With Liquid Glass, while I recognize the value of a consistent design language across all of Apple’s platforms, I can’t help but think of Eudora’s “Waste cycles drawing trendy 3D junk” setting. Liquid Glass can look elegant, particularly on the iPhone, but iOS wasn’t unattractive before. More importantly, I haven’t yet felt that Liquid Glass’s vaunted transparency does anything to make me more productive. Despite Dye’s departure (which appears to have been a surprise to upper management), Apple is unlikely to reverse course on Liquid Glass.
Adrian Schönig:
I’m thrilled to see where Apple software design is going next.
Steve Troughton-Smith:
Not gonna lie, upon seeing the subject I thought this was a Mac-Pro-style ‘mea culpa’ announcement 😂
• • •
See also: Slashdot, Mac Power Users, Dithering, Accidental Tech Podcast.
Previously:
Update (2025-12-11): Nick Heer:
While I am excited for the potential of a change in direction, I do not think this singlehandedly validates the perception of declining competence in Apple’s software design. It was Dye’s responsibility, to be sure, but it was not necessarily his fault. I do not mean that as an excuse, though I wish I did. The taste of those in charge undoubtably shapes what is produced across the company. And, despite a tumultuous week at the top of Apple’s org chart, many of those people remain in charge. To Snell’s point of not personalizing things, and in the absence of a single mention of “design” on its leadership page, the current direction of Apple’s software should be thought of as a team effort. Whether one person should be granted the authority to transform the taste of the company’s leadership into a coherent, delightful, and usable visual language is a good question. Regardless, it will be their responsibility even if it is not their fault.
Alan Dye Apple Business Design iOS Liquid Glass Mac Meta
Tyler Hall:
Maybe it’s because my eyes are getting old or maybe it’s because the contrast between windows on macOS keeps getting worse. Either way, I built a tiny Mac app last night that draws a border around the active window. I named it “Alan”.
Nick Heer:
I wish it did not feel understandable for there to be an app that draws a big border around the currently active window. That should be something made sufficiently obvious by the system.
Back in the System 7 days, Apple itself was working on a new design featuring thicker window borders. Users liked the forthcoming design so much that they installed the Aaron system extension to get it early. System 8 was codenamed Copland, after composer Aaron Copland. “Alan” is presumably a reference to departing Apple design VP Alan Dye.
Previously:
Update (2025-12-09): John Gruber (Mastodon):
It’s worth following Hall’s “the contrast between windows” link, which points to his own post from five years ago lamenting the decline in contrast between active and inactive windows in MacOS.
[…]
Jobs even prepared a slide, highlighting “Prominent active window” as a noteworthy new feature. In 2007, the increase of visual prominence for the active window, going from 10.4 Tiger to 10.5 Leopard, drew applause from the audience. But the level of visual prominence indicating active/inactive windows was much higher in 10.4 Tiger than in any version of MacOS in the last decade under Alan Dye’s leadership.
Previously:
Update (2025-12-12): Pierre Igot:
In order to make up for macOS’s shortcomings, I now have not one, but TWO apps that make the foreground window stand out more:
1) Tinkle, which plays a very simple animation inside the window when it comes to the foreground:
https://tinkle.pqrs.org
and
2) Alan, which puts a very simple frame around the foreground window:
https://tyler.io/2025/11/26/alan/
It’s extremely sad that these are required, and I wish they both came with more elegant/less basic options, but here we are.
Aaron Alan Dye Alan.app Design Liquid Glass Mac Mac App macOS Tahoe 26
Aditya Kalra and Munsif Vengattil (MacRumors):
India’s telecoms ministry has privately asked smartphone makers to preload all new devices with a state-owned cyber security app that cannot be deleted, a government order showed, a move likely to antagonise Apple and privacy advocates.
In tackling a recent surge of cyber crime and hacking, India is joining authorities worldwide, most recently in Russia, to frame rules blocking the use of stolen phones for fraud or promoting state-backed government service apps.
Ravie Lakshmanan:
Sanchar Saathi, available on the web and via mobile apps for Android and iOS, allows users to report suspected fraud, spam, and malicious web links through call, SMS, or WhatsApp; block stolen handsets; and allow a mobile subscriber to check the number of mobile connections taken in their name.
One of its important features is the ability to report incoming international calls that start with the country code for India (i.e., +91) to facilitate fraud.
“Such international calls are received by illegal telecom setups over the internet from foreign countries and sent to Indian citizens disguised as domestic calls,” the government notes on the website. “Reporting about such calls helps the Government to act against illegal telecom exchanges which are causing financial loss to the Government’s exchequer and posing a threat to national security.”
[…]
In a statement shared on X on December 2, 2025, India’s telecom minister Jyotiraditya M. Scindia said “this is a completely voluntary and democratic system” and that “users may choose to activate the app and avail its benefits, or if they do not wish to, they can easily delete it from their phone at any time.”
Aditya Kalra and Munsif Vengattil (MacRumors):
Apple does not plan to comply with a mandate to preload its smartphones with a state-owned cyber safety app and will convey its concerns to New Delhi, three sources said, after the government’s move sparked surveillance concerns and a political uproar.
[…]
At present, the app can be deleted by users. Scindia did not comment on or clarify the November 28 confidential directive that ordered smartphone makers to start preloading it and ensure “its functionalities are not disabled or restricted.”
Apple however does not plan to comply with the directive and will tell the government it does not follow such mandates anywhere in the world as they raise a host of privacy and security issues for the company’s iOS ecosystem, said two of the industry sources who are familiar with Apple’s concerns.
In 2021, Apple complied with a Russian law to offer government-approved apps for installation. Apple no longer directly sells iPhones in Russia, but it seems that resellers have to follow the new law that mandates pre-installing the MAX and RuStore apps.
Jon Brodkin:
The India directive isn’t just a request. The DoT said it ordered companies to comply within 90 days and submit a compliance report in 120 days, and that phone makers must “ensure that the pre-installed Sanchar Saathi application is readily visible and accessible to the end users at the time of first use or device setup and that its functionalities are not disabled or restricted.”
For devices that are already manufactured or ready to be sold to consumers, manufacturers and importers “shall make an endeavour to push the App through software updates,” the DoT said.
[…]
The Internet Freedom Foundation, an Indian digital rights advocacy group, said the government directive “converts every smartphone sold in India into a vessel for state mandated software that the user cannot meaningfully refuse, control, or remove. For this to work in practice, the app will almost certainly need system level or root level access, similar to carrier or OEM system apps, so that it cannot be disabled. That design choice erodes the protections that normally prevent one app from peering into the data of others, and turns Sanchar Saathi into a permanent, non-consensual point of access sitting inside the operating system of every Indian smartphone user.”
The group said that while the app is being “framed as a benign IMEI checker,” a server-side update could repurpose it to perform “client side scanning for ‘banned’ applications, flag VPN usage, correlate SIM activity, or trawl SMS logs in the name of fraud detection. Nothing in the order constrains these possibilities.”
Ravie Lakshmanan:
Following backlash and concerns that the security app would broadenthe government’s access to users’ devices and erode privacy, the Indian government has backed away from its plans to force smartphone makers to preload the Sanchar Saathi app on all devices sold in the country.
“Given Sanchar Saathi’s increasing acceptance, the government has decided not to make the pre-installation mandatory for mobile manufacturers,” it said in a statement released December 3, 2025.
Previously:
India iOS iOS 26 Legal Privacy Russia
Howard Oakley (Hacker News):
Over the last few weeks I’ve been discovering problems that have been eroding confidence in macOS. From text files that simply won’t show up in Spotlight search, to Clock timers that are blank and don’t function, there’s one common feature: macOS encounters an error or fault, but doesn’t report that to the user, instead just burying it deep in the log.
When you can spare the time, the next step is to contact Apple Support, who seem equally puzzled. You’re eventually advised to reinstall macOS or, in the worst case, to wipe a fairly new Apple silicon Mac and restore it in DFU mode, but have no reason to believe that will stop the problem from recurring. You know that Apple Support doesn’t understand what’s going wrong, and despite the involvement of support engineers, they seem as perplexed as you.
One reason for this is that macOS so seldom reports errors, and when it does, it’s uninformative if not downright misleading. Here’s a small gallery of examples I’ve encountered over the last few years, to bring back unhappy memories.
Previously:
Apple Software Quality Bug Mac macOS Tahoe 26 os_log
Tuesday, December 2, 2025
Jarred Sumner (via Hacker News):
Bun has been acquired by Anthropic. Anthropic is betting on Bun as the infrastructure powering Claude Code, Claude Agent SDK, and future AI coding products & tools.
[…]
- Bun stays open-source & MIT-licensed
- Bun continues to be extremely actively maintained
- The same team still works on Bun
- Bun is still built in public on GitHub
- Bun’s roadmap will continue to focus on high performance JavaScript tooling, Node.js compatibility & replacing Node.js as the default server-side runtime for JavaScript
[…]
Instead of putting our users & community through “Bun, the VC-backed startups tries to figure out monetization” – thanks to Anthropic, we can skip that chapter entirely and focus on building the best JavaScript tooling.
Previously:
Update (2025-12-03): Rui Carmo:
I thought this was wonderfully serendipitous since I have recently started porting this site’s engine to TypeScript on bun, following almost a year of running Node-RED on it and assorted other low-risk experiments.
I started doing it because bun is the closest thing I’ve come across yet to a “batteries included” JavaScript runtime: it bundles SQLite support, HTML parsing and sane HTTP primitives, can generate standalone executables, and the fact that it installs packages with sub-second delays and bundles its own TypeScript implementation is just icing on the cake.
Acquisition Anthropic Artificial Intelligence Bun Business Claude JavaScript Node.js Open Source
Mitch Stone:
According to Activity Monitor, the corespotlightd process often occupies more than 100% of the CPU load, sometimes spiking as high as 400% on my M2 Ultra Mac Studio. This problem has become so severe that it often pinwheels under normally non-intensive tasks. It can cause the video to flicker on my Studio Display. In one case it caused my Mac to kernel panic (crash).
[…]
All this said, based on the now 12(!) pages of discussion since I started this thread, I have become convinced that the problem is Spotlight trying to index documents with a large number of edits. This is exactly how it manifested for me, with an 80k word Pages document being edited by two people with Track Changes turned on. Between us, this resulted in probably more than a thousand edits. Towards the end of the editing, I was seeing beach balling every time I opened this document for more than a few minutes at a time, and had one kernel panic.
Once this editing process was completed, I Finder copied the document. I can now open and make additional edits to the copy without incident.
KWiPod:
For three days now:
• I’ve been editing these local Pages files, keeping them open alongside other apps like Mail, Messages, and large Numbers spreadsheets (still stored in iCloud).
• There have been no corespotlightd spikes.
• In fact, the corespotlightd process doesn’t appear at all in Activity Monitor when working outside of iCloud.
• In contrast, with Pages files stored in iCloud/Documents or iCloud/Desktop, corespotlightd is always active.
This suggests a strong link between Pages auto-saving to iCloud Drive and Spotlight re-indexing, which seems to trigger runaway CPS activity.
Via Malcolm Hall:
If you leave a Pages document open that is stored in iCloud Drive then Spotlight will fill the disk and the Mac will begin to hang as it writes out huge files every 10 seconds.
Previously:
Bug iCloud Drive macOS 15 Sequoia macOS Tahoe 26 Pages.app Spotlight
Gary Leff (Hacker News):
According to aviation insiders, there’s a possible grounding of Airbus narrowbodies coming worldwide.
[…]
10-15 passengers were hospitalized after the aircraft rapidly descended without being instructed by pilots to do so. The uncontrolled descent “likely occurred during an ELAC switch change” according to the National Transportation Safety Board. This is not supposed to happen! If there’s an issue with one ELAC computer, the other is supposed to take control without missing a beat.
BBC (Hacker News):
It’s thought the incident was caused by interference from intense solar radiation, which corrupted data in a computer which controls the aircraft’s elevation.
[…]
Former Qantas captain Dr Ian Getley, who holds a PHD in cosmic and solar radiation in aviation, says flights can be affected by coronal mass ejections (CME), which is when plasma is ejected from the sun into space.
The higher the severity of the CME, the more likely it is that issues could arise with satellites and aircraft electronics above 28,000 ft (8.5 km), he tell us.
Airbus (Hacker News):
Airbus has consequently identified a significant number of A320 Family aircraft currently in-service which may be impacted.
Airbus has worked proactively with the aviation authorities to request immediate precautionary action from operators via an Alert Operators Transmission (AOT) in order to implement the available software and/or hardware protection, and ensure the fleet is safe to fly.
Reuters (Slashdot):
Airbus said on Monday that the vast majority of around 6,000 of its A320-family fleet affected by the safety alert had been modified, with fewer than 100 jets still requiring work.
But some require a longer process and Colombia’s Avianca continued to halt bookings for dates until December 8. JetBlue said it would cancel 20 flights for Monday.
[…]
The sweeping warning exposed the fact that Airbus does not have full real-time awareness of which software version is used given reporting lags, industry sources said.
[…]
The fix involved reverting to an earlier version of software that handles the nose angle. It involves uploading the previous version via a cable from a device called a data loader, which is carried into the cockpit to prevent cyberattacks.
This seems like an impressive response. What’s the software fix for such a hardware problem? I guess you could add redundant storage with checksums or voting to determine which version is correct, but the stated fix of reverting to the previous version of the software doesn’t sound like that.
Previously:
Update (2025-12-03): Timo Hetzel:
the portable pc to apply the downgrade is not that portable.
See also the comments from Plume and Tarsier. The takeaway seems to be that this sort of memory corruption was anticipated, and that the planes already had redundant systems to mitigate it. The real story here is not that there was a bit flip but that Airbus had previously deployed a software update that broke the mitigation. That’s why the fix was simply restoring the old version. So this is just the story of a self-inflicted bug, though still good on them for the quick fix. There remains a bit of a mystery around why some planes also needed a hardware fix.
Airplane Data Integrity Programming RAM
Apple (Hacker News, MacRumors, The Register, NY Times, TechCrunch):
Apple today announced John Giannandrea, Apple’s senior vice president for Machine Learning and AI Strategy, is stepping down from his position and will serve as an advisor to the company before retiring in the spring of 2026. Apple also announced that renowned AI researcher Amar Subramanya has joined Apple as vice president of AI, reporting to Craig Federighi. Subramanya will be leading critical areas, including Apple Foundation Models, ML research, and AI Safety and Evaluation. The balance of Giannandrea’s organization will shift to Sabih Khan and Eddy Cue to align closer with similar organizations.
John Gruber:
In fact, I’m surprised he wasn’t out before WWDC this past June.
[…]
As for Subramanya, according to his LinkedIn profile, he was at Google for 16 years, and left to join Microsoft only five months ago. Either he didn’t like working at Microsoft, or Apple made him an offer he couldn’t refuse (or, perhaps, both).
Nick Heer:
When Apple hired Giannadrea from Google in 2018, the New York Times called it a “major coup”, given that Siri was “less effective than its counterparts at Google and Amazon”. The world changed a lot in the past six-and-a-half years, though: Siri is now also worse than a bunch of A.I. products. Of course, Giannadrea’s role at Apple was not limited to Siri. He spent time on the Project Titan autonomous car, which was cancelled early last year, before moving to generative A.I. projects. The first results of that effort were shown at WWDC last year; the most impressive features have yet to ship.
Jason Anthony Guy:
JG was seemingly too focused on research and development and not enough on shipping products (in Apple terms, he was perhaps good at his “Category 1”—AI research—and not so great at his “Category 3”—making that work available for others to successfully perform their Category 1).
Breaking up JG’s organization makes sense, then. (My understanding is it was a mess—apparently the admin he brought over with him from Google was running the team.) Subramanya keeps JG’s research and foundational AI portfolio (under Federighi’s SWE—Software Engineering), while I’ll guess that AI infrastructure, which wouldn’t fit well under SWE, shifts to Khan (Apple’s COO), and front-end and related services lands with Cue, who owns Services (like the App Store and App Store Connect). Fortunately, Cue’s and Federighi’s teams have a lot of experience working together to deliver products (Xcode Cloud or In App Purchase are but two examples), so I’m confident this bodes well for the future of Apple Intelligence.
Previously:
Apple Artificial Intelligence Business
Monday, December 1, 2025
ohoj Software:
We have made the difficult decision to discontinue Ducklet. While we had high hopes for this product, it has unfortunately not proven to be commercially viable, and as a result, we can no longer dedicate the time and resources necessary to support it moving forward.
I thought this app had potential. I’m sorry to see that it didn’t work out.
Fortunately, Base is back in development, and another new version was released today.
Previously:
Base Database Developer Tool Mac Mac App macOS Tahoe 26 SQLite Sunset
Jon Henshaw (via Jeff Johnson):
Jon Henshaw: I got pretty excited when Zuckerberg and Meta were being serious about integrating ActivityPub into Threads. And a lot of people I knew were just like, “It’s not going to happen,” and “They’re going to screw it up,” but I thought it was going to be for real this time. And The Verge had a couple of good interviews that convinced me they were committed to it. However, while I saw some really nice updates come through, I also saw some that weren’t so great. It felt like they were making poor choices, likely because of their legal department.
Eugen Rochko: That’s exactly how I would put it. It’s like Cambridge Analytica burned them, and they didn’t want a repeat. And that really limited what they could do. I obviously cannot speak for them. I haven’t spoken to anyone from their side for a long time now. But from our discussions when they were launching it, they asked questions about implementation details and how to do different things. It turned out they couldn’t do things because of their legal department, which was highly disappointing. I think the product they launched was promising, but it didn’t deliver to the very end. The whole concept of having federation behind an additional opt-in that people are not even aware of is not helpful, and there are a couple of details that are designed so carefully that it’s almost alienating, like how the pop-up appears every 30 days, asking users if they still want to continue fediverse sharing. As if it’s like, “my god, like I didn’t know, stop that.”
[…]
ER: I think what happened is that the engineers who were working on Threads were excited to do something decentralized and participate in the Fediverse. And before it launched, they felt like, on an organizational level, they needed to promise something different to Twitter, some more freedom to creators to move around, to have this decentralization that would basically provide a layer of security against things happening on Twitter for them to gain market share. But as it turned out, once they launched, they still got a lot of users, and their priorities quickly shifted. So instead of focusing on missing fediverse features, it became, “We need to build an NBA score widget into the sidebar,” or something like that. And I think that the only way to put this back on their roadmap is for more companies, platforms, and communities to make the fediverse a bigger part of their strategy, which will push them to refocus on it.
Laurens Hof (2024):
PeerTube has launched their mobile apps for Android and iOS. A major new feature of the apps is that it allows people to create a local account on their phone. A major barrier for PeerTube adoption is that it is hard to get a PeerTube account: with a PeerTube account you can upload videos, and most server admins only give out accounts sparingly due to costs and moderation concerns. Now this issue can be sidestepped by having a PeerTube account that is not tied to a specific PeerTube server at all. For people who want to use PeerTube just to browse and view videos this makes the platform more accessible.
PeerTube also talks about the struggles of launching their app on the stores: both Google and Apple have been very relunctant to allow such apps. Apple’s stringent policy on payment links means that they do not allow any PeerTube server to appear in the PeerTube iOS app if the PeerTube server has donation link on their server.
As a result, both the Android app and iOS app have very limited whitelisted servers that the app can actually connect to. PeerTube’s connections to the entire fediverse is limited to just a few servers, because of how Apple and Google control access.
Matt Birchler:
Another banger from Hank Green on why Threads fucking sucks. His benign attempt to get attention from his followers for his charity-oriented store during Black Friday was served to basically none of his audience. It wasn’t rage bait and it included a link off the platform: the poison combination for Threads to have any interest in showing that post to people.
Then he decided to try making snarky replies to other rage bait posts and include the link to the store in those posts. Turns out, that was a much more winning strategy for him, and he got a lot more views on those posts, which drove a lot more sales at his store. That’s business in 2025, babyyyy.
Previously:
ActivityPub App Store iOS iOS 18 iOS App Legal Mastodon Threads Web
Friday, November 28, 2025
Sam Roberts:
David Lerner, a high school dropout and self-taught computer geek whose funky foothold in New York’s Flatiron district, Tekserve, was for decades a beloved discount mecca for Apple customers desperate to retrieve lost data and repair frozen hard drives, died on Nov. 12 at a hospital in Manhattan. He was 72.
[…]
He and Mr. Demenus transformed a two-man operation in Mr. Demenus’s loft apartment into a business whose customers were as eclectic as the 200 or so employees who served them at makeshift help desks well before Apple formally established and branded “genius bars” in their stores.
[…]
During the nearly three decades before Tekserve shuttered its retail operations in 2016 — because of rising rents and competition from Apple’s stores — the sales and service outlet was where Carrie Bradshaw, played by Sarah Jessica Parker on HBO’s “Sex and the City,” raced when her PowerBook crashed. It was also the setting of Tamara Shopsin’s 2021 novel “LaserWriter II,” narrated by a 19-year-old newbie techie named Claire who works there.
Via Jason Snell:
Back in the day, when there were no Apple Stores, shops like Tekserve saved the bacon of Mac users on a regular basis. I never visited Tekserve, but it was legendary.
Previously:
Update (2025-12-03): Andy Lee:
It’s hard to explain what a magical place Tekserve was. They let us hold CocoaHeads meetings in a room in their basement, where the walls were lined with shelves full of curious vintage tech.
Update (2025-12-10): Adam Engst:
But perhaps David’s most interesting, albeit fictional, appearance in TidBITS came in my short-lived but fun foray into writing tech analysis in noir style. In “The Mystery of the Leopard Ship Date: Solved” (16 April 2007), I quoted him as saying:
“I’m personally disappointed, because I was looking forward to Time Machine.” This wasn’t surprising from a man who signs his email, ‘May You have 1000 Backups and Never Need One.’
I can’t remember how I got the quote, but that really was his email signature, and David did care deeply about backups.
History Mac Rest in Peace Unauthorized Repair
Jim O’Leary:
Secure backups let you save an archive of your Signal conversations in a privacy-preserving form, refreshed every day; giving you the ability to restore your chats even if you lose access to your phone. Signal’s secure backups are opt-in and, of course, end-to-end encrypted. So if you don’t want to create a secure backup archive of your Signal messages and media, you never have to use the feature.
If you do decide to opt in to secure backups, you’ll be able to securely back up all of your text messages and the last 45 days’ worth of media for free.
If you want to back up your media history beyond 45 days, as well as your message history, we also offer a paid subscription plan for US$1.99 per month.
[…]
At the core of secure backups is a 64-character recovery key that is generated on your device. This key is yours and yours alone; it is never shared with Signal’s servers.
Tim Hardwick:
Secure backups first came to Android in September. Signal says it plans to bring secure backups to its desktop app, and its longer term goal is to allow users to transfer message history between Android, iPhone, and desktop apps.
Dan Goodin (Signal, Hacker News):
One exception to the industry-wide lethargy is the engineering team that designs the Signal Protocol, the open source engine that powers the world’s most robust and resilient form of end-to-end encryption for multiple private chat apps, most notably the Signal Messenger. Eleven days ago, the nonprofit entity that develops the protocol, Signal Messenger LLC, published a 5,900-word write-up describing its latest updates that bring Signal a significant step toward being fully quantum-resistant.
John Gruber:
It is impressive that Signal is ahead of the curve on post-quantum computing. But speaking as someone who is currently switching between multiple phones regularly, they need to get their shit together on basic stuff like using more than one phone with the same Signal account, and making it take just a minute or less to switch your primary Signal phone from one device to another. Right now it takes me over 30 minutes to switch Signal from one phone to another, and I’m not a particularly heavy user of the app.
Previously:
Update (2025-12-02): John Gruber (Mastodon):
I’m glad this feature became available when it did, and that I enabled it over the weekend. Yesterday I set up my personal new iPhone this year, and this morning, when I tried to transfer my Signal account from my old iPhone to the new one, after claiming to reach “100%” of the transfer, and the Signal app reporting on both the old (source) and new (destination) phones that the transfer was complete, the app crashed on both phones. After that, the Signal app was in factory-fresh state on both phones, without any trace of my account history. I then restored the new iPhone from my brand-new online Signal Secure Backup, and that worked perfectly. And it somehow took far, far less time than the old device-to-device transfer — maybe one minute, versus 15 minutes or so for the device-to-device transfer that wound up failing.
Until now, transferring my Signal account history from one phone to another always felt like delivering a crate full of eggs while riding a rickety old bicycle without brakes on a bumpy cobblestone street.
[…]
This new secure backup system shows that your data can remain secure while also being backed up off device. I’m glad the feature is finally here, but it should have been here years ago.
Backup iOS iOS 26 iOS App Privacy Signal
Ken Macon (Hacker News):
European governments have taken another step toward reviving the EU’s controversial Chat Control agenda, approving a new negotiating mandate for the Child Sexual Abuse Regulation in a closed session of the Council of the European Union on November 26.
The measure, presented as a tool for child protection, is once again drawing heavy criticism for its surveillance implications and the way it reshapes private digital communication in Europe.
Unlike earlier drafts, this version drops the explicit obligation for companies to scan all private messages but quietly introduces what opponents describe as an indirect system of pressure.
It rewards or penalizes online services depending on whether they agree to carry out “voluntary” scanning, effectively making intrusive monitoring a business expectation rather than a legal requirement.
[…]
He warned that the framework also brings “anonymity-breaking age checks” that will turn ordinary online use into an exercise in identity verification.
It’s unclear to me whether iMessage’s existing Communication Safety features are compliant or whether Apple would have to add more aggressive scanning.
Previously:
Update (2025-12-01): Vítor:
No, I wouldn’t say the Communication Safety feature is enough to comply.
Communication Safety seems to be about preventing kids from receiving and sending nudity, while Chat Control is (ostensibly) about catching adults sharing CSAM.
Child Sexual Abuse Material (CSAM) Children European Union iMessage iOS iOS 26 Legal Privacy Signal
Richard Speed:
French cloud outfit OVHcloud took another hit this week after GrapheneOS, a mobile operating system, said it was ditching the company’s servers over concerns about France’s approach to digital privacy.
The project posted on X (formerly Twitter): “We no longer have any active servers in France and are continuing the process of leaving OVH.”
“France isn’t a safe country for open source privacy projects,” the group explained. “They expect backdoors in encryption and for device access too. Secure devices and services are not going to be allowed.
“We don’t feel safe using OVH for even a static website with servers in Canada/US via their Canada/US subsidiaries.”
GrapheneOS (Hacker News):
France is taking state actions against GrapheneOS. They’re conflating us with companies which they’ve previously gone after and taken over their servers. We aren’t vulnerable to being attacked in the same way but we still don’t want accesses to our website/network services being logged or our website being hijacked.
Kevin Pham (Hacker News):
While the operating system will still be available to French users, all website and discussion servers are being relocated abroad.
Until now, the project relied on OVH Bearharnois, a French hosting provider, for its core website and social media services. The migration plan moves the Mastodon, Discourse, and Matrix instances to a combination of local and shared servers in Toronto. Critical website infrastructure will be hosted by Netcup, a German‑based company.
[…]
Citing the government’s support of the European Union Chat Control proposal, GrapheneOS developers are also refusing travel to France. Developers are no longer allowed to work inside the country due to safety concerns.
La Quadrature du Net (Apple translation, Hacker News):
Two articles in Le Parisien yesterday, followed today by an article in Le Figaro, launched a shameful offensive against GrapheneOS, an open-source operating system for phones, free and accessible to all. At La Quadrature, it is one of the tools that we favor and regularly recommend to protect ourselves from advertising tracking or spyware.
GrapheneOS:
Absolutely no further details were provided about what was being claimed, who was making it or the basis for those being made about it. We could only provide a very generic response to this.
Our response was heavily cut down and the references to human rights organizations, large tech companies and others using GrapheneOS weren’t included.
[…]
GrapheneOS is a freely available open source privacy project. It’s obtained from our website, not shady dealers in dark alleys and the “dark web”. It doesn’t have a marketing budget and we certainly aren’t promoting it through unlisted YouTube channels and the other nonsense that’s being claimed.
GrapheneOS has no such thing as the fake Snapchat feature that’s described. What they’re describing appears to be forks of GrapheneOS by shady companies infringing on our trademark. Those products may not even be truly based on GrapheneOS, similar to how ANOM used parts of it to pass it off as such.
Previously:
Android France GrapheneOS Legal Open-source Software Privacy
Wednesday, November 26, 2025
Internet Archive (via Matt Mullenweg):
Internet Archive Wayback Machine Link Fixer is a WordPress plugin designed to combat link rot—the gradual decay of web links as pages are moved, changed, or taken down. It automatically scans your post content—on save and across existing posts—to detect outbound links. For each one, it checks the Internet Archive’s Wayback Machine for an archived version and creates a snapshot if one isn’t available.
When a linked page disappears, the plugin helps preserve your user experience by redirecting visitors to a reliable archived version. It also works proactively by archiving your own posts every time they’re updated, creating a consistent backup of your content’s history.
This is such a great idea. I’ve had it installed for a few weeks now but have mixed thoughts on the execution. The initial version had a bunch of significant bugs, and they seem to be doing a good job of fixing them. It seems to be thoughtfully designed to process a large number of old posts without overloading your server. The queueing functionality is also important because the Internet Archive’s own servers frequently go down.
The part where it submits your own posts, and the pages your post links to, to the archive seems to work well. I think this is the most important part because you can always go back and fix broken links, but you can’t go back and archive pages that weren’t archived. However, some of my posts since installing the plug-in (e.g. this one) don’t seem to have made it into the archive. This may be because the archive was down at the time of the post. Presumably, the Auto Archiver will eventually come back around and submit them again.
The part where it replaces broken links with archive links is implemented in JavaScript. I like that it doesn’t modify the post content in your database. It seems safe to install the plug-in without worrying about it messing anything up. However, I had kind of hoped that it would fix the links as part of the PHP rendering process. Doing it in JavaScript means that the fixed links are not available in the actual HTML tags on the page. And the data that the JavaScript uses is stored in an invisible <div> under the attribute data-iawmlf-post-links, which makes the page fail validation.
I have in the past manually inserted Internet Archive links when I came across links that were broken, and I thought I might use the plug-in to help with that instead of relying on the JavaScript fix-ups. However, when you set it to show broken links that are archived, I don’t see any such links. It’s currently showing me 188 pages of links where the Archive Status is “Link is excluded from being archived.” I tried sorting by Archive Status, but it still doesn’t show any that are both broken and archived.
The part where it finds broken links that are not archived is also not very useful because there are a huge number of links where it shows a 403 error even though the link still works. There doesn’t seem to be a way to separate the URLs that are genuinely gone from the ones that the Internet Archive doesn’t have permission to access.
Ashley Belanger:
Last month, the Internet Archive’s Wayback Machine archived its trillionth webpage, and the nonprofit invited its more than 1,200 library partners and 800,000 daily users to join a celebration of the moment. To honor “three decades of safeguarding the world’s online heritage,” the city of San Francisco declared October 22 to be “Internet Archive Day.”
[…]
An Internet Archive spokesperson confirmed to Ars that the archive currently faces no major lawsuits and no active threats to its collections.
Previously:
Datacide Internet Archive This Blog Web WordPress
Howard Oakley:
The Finder can display more information about files than their size and datestamps, and for some types of file can extend to a lot of useful metadata. These are shown in the Preview pane containing the file’s QuickLook thumbnail, in the Get Info dialog, and some can be added to the columns shown in List View.
[…]
To a degree, the user determines which fields are displayed in the Information shown in the Preview pane, although Apple doesn’t mention the key setting involved. Select the file, ensure the blue text to the right of Information is set to Show Less, then open its Preview Options using the Finder’s View menu.
[…]
It’s only when the Preview pane is showing less information that your Preview Options are applied, and they’re now used the same for all types of Image.
Unfortunately:
Most of the metadata can’t be displayed unless the file is in a folder indexed by Spotlight. It can’t even tell you the dimensions of an image.
With my typical window sizes, there’s barely any space below the preview to see the metadata. I like to hide the Quick Actions and Last Opened date, to make more space for what I care about, but this has to be set separately for each type of file. I assume these settings are fragile and will have to be reapplied many times.
- There’s no way to adjust the order (like you can in Lightroom). And the order in the Preview Options inspector doesn’t fully match the order in the actual Finder window (e.g. Tags is at the top in one and the bottom in the other).
Previously:
Exchangeable Image File Format (EXIF) Finder Mac macOS Tahoe 26 Metadata Spotlight
Tim Hardwick (2024):
[British consumer group] Which? alleges that the company makes it difficult for customers to use alternative cloud storage providers “by giving its iCloud storage service preferential treatment,” and “‘trapping’ customers with Apple devices into using iCloud.”
The consumer group filed the legal action with the Competition Appeal Tribunal, and said it was seeking damages for 40 million Apple users in the UK. If successful, the lawsuit could result in a £70 payout per customer. According to the Consumer Rights Act 2015, all those eligible are automatically included in the claim unless they choose to opt out.
Which? said it was urging Apple “to resolve this claim without the need for litigation by offering consumers their money back and opening up iOS to allow users a real choice for cloud services.”
Part of Apple’s defense is that almost 50% of customers don’t pay for iCloud+, which probably means that their photos and other data aren’t backed up. iOS doesn’t support backing up to other cloud services, and local backups now have added friction.
Hartley Charlton:
Apple told the Competition Appeal Tribunal that Which had not provided enough clarity about its third-party funder, Litigation Capital Management (LCM), which is paying for the legal action. LCM recently suffered a severe financial decline, losing 99% of its share value from its November 2024 level, leaving it worth about $16 million. Apple argued that this collapse raised questions about whether LCM could still support the lawsuit.
It also said that if it were allowed to pursue an appeal later in the process or if Which’s funding is withdrawn, Apple could face a significant risk of not being able to recover its legal costs because LCM might not be able to pay them.
Previously:
Antitrust Apple Backup iCloud iOS Lawsuit Legal United Kingdom
Mariella Moon:
Two authors have filed a lawsuit against Apple, accusing the company of infringing on their copyright by using their books to train its artificial intelligence model without their consent. The plaintiffs, Grady Hendrix and Jennifer Roberson, claimed that Apple used a dataset of pirated copyrighted books that include their works for AI training. They said in their complaint that Applebot, the company’s scraper, can “reach ‘shadow libraries’” made up of unlicensed copyrighted books, including (on information) their own. The lawsuit is currently seeking class action status, due to the sheer number of books and authors found in shadow libraries.
Malcolm Owen:
The suit hinges on whether Apple used the dataset referred to as “Books3.” The suit alleges that Books3 is based on the contents of a “shadow library” website known as Bibliotik, which allegedly hosted the contents of thousands of books.
The dataset was available on HuggingFace before being removed in October 2023, and it was also included as part of the RedPajama dataset. RedPajama was used as part of the OpenELM open-source models, which Apple made available in 2024.
Since Apple used a dataset that was connected to pirated books for OpenELM, the suit believes that Apple probably used the same techniques to train its Foundation Language Models.
[…]
In July, Apple doubled down on its claims of being ethical, including items accessible from the Internet. In a research paper, it explained that, if a publisher didn’t agree to data being scraped for training, it will not scrape the content.
Previously:
Apple Apple Intelligence Artificial Intelligence Copyright Lawsuit Legal
Tuesday, November 25, 2025
John Gruber (Mastodon) has a great post with new details about exactly what’s happening with sharing iPhone Wi-Fi network information in iOS 16.2. In brief, I think this turns the story on its head. The way this has been reported and discussed since November 4 seems to be wrong and almost backwards. First, I want to get into the facts of the situation, which I believe (but cannot independently verify) that Gruber has entirely correct. Second, I think there’s an interesting media story about how everyone got the wrong impression. And third, I have responses to some of Gruber’s explanations and opinions on Apple’s approach. First, the facts:
Apple is complying with the DMA, and they’re not disabling Wi-Fi network synchronization between an iPhone and a paired Apple Watch. What Apple is doing, in order to comply with the DMA, is changing how Wi-Fi networks sync with Apple Watch (in the EU), and offering new APIs in the EU for third-party paired devices to put them on equal (or near-equal?) footing with Apple Watch (in the EU).
[…]
The EU mandate to Apple is not that Apple must grant to third-party devices and their iOS companion applications this same functionality as it stands today — that is to say, access to the entire history of the iPhone’s known Wi-Fi networks. The EU mandate is that Apple must grant to third-party devices the same level of access to Wi-Fi network information that Apple Watch has. Apple is complying with this mandate in two ways: (a) by changing how much Wi-Fi network information an Apple Watch gets from the iPhone to which it is paired; and (b) creating a new framework in iOS 26.2 (gated by a new entitlement), Wi-Fi Infrastructure, that provides a set of public APIs, available only to apps in the EU, to (per the framework’s description) “share Wi-Fi network credentials securely between devices and connected accessories.”
[…]
The change for Apple Watch in the EU is that starting with iOS 26.2, when a new (or reset) Apple Watch is set up, the Apple Watch will no longer have the user’s list of saved Wi-Fi networks automatically synced from their iPhone. Only future networks will be synced — the same level of access that the new Wi-Fi Infrastructure framework is making available to third-party accessories.
I think the high-level takeaway is that Apple is not removing the network syncing feature. They’re actually keeping nearly all of the functionality, removing self-preferencing, and opening it up to third parties. As Gruber says, most Apple Watch users in the EU probably won’t even notice.
I think the restriction on historical network information is kind of weird. If an EU user buys a new phone and watch the day 26.2 is released, the watch gets all the info. But if a user who already has a phone gets a new watch (or perhaps replaces an existing watch?), that watch will never get the info for the older networks that the phone knows about unless the user physically goes back to those locations with the phone. The watch gets open-ended access to all the data going forward, but data from yesterday is forbidden. That seems confusing. Why is sharing the older data not even an option? You could argue that users wouldn’t understand what they are consenting to sharing, because they don’t remember where they’ve been. But the list of networks is visible on the iPhone and, probably, users will forget all about this setting when visiting new networks in the coming years, anyway.
Maybe the idea is that this is for the more technical user who wants to micromanage the data sharing. Maybe there’s a particular sensitive network that they don’t want the watch (or other third-party device) to know about. In that case, Apple’s implementation frees them from worrying about the past, and then going forward they can choose not to join that network on their phone to prevent it from syncing to the watch. This seems far-fetched to me and not very useful. Such a user would prefer to be able to use the Wi-Fi on their phone but also to be able to mark that network as private so that it doesn’t sync. Remembering not to connect is error-prone.
I also don’t really see why Apple cares so much about the SSID data. They’re happy to let you share other retroactive information like your contacts and your entire photo library, complete with time- and GPS-stamped photos. Is the rather coarse SSID information really that useful to data brokers?
The EU mandate to Apple is not that Apple must grant to third-party devices and their iOS companion applications this same functionality as it stands today[…] The EU mandate is that Apple must grant to third-party devices the same level of access to Wi-Fi network information that Apple Watch has.
The EU mandate doesn’t seem to address the biggest difference in functionality, which is that Apple Watch can piggyback on the iPhone’s connection to access captive Wi-Fi networks, but third-party watches can’t. The Wi-Fi syncing feature always had an (awkward) workaround, which is that a third-party device could manually log into a Wi-Fi network by typing its password. But it’s not really possible for a small-screened device to go through the prompts for accessing a captive network. Apple Watch doesn’t even try to offer this feature—it just gives the watch special access through the phone. I think this is way more useful than the password-syncing feature.
The news was broken by Nicolas Lellouche, reporting for the French-language site Numerama.
[…]
Lellouche’s report at Numerama broke this story (the reports at MacRumors and 9to5Mac are both based on Numerama’s), but the above is not an accurate summary of what Apple is doing with iOS 26.2.
How did this happen? The (translated) language, “Apple announced to Numerama that it had made the decision to disable Wi-Fi synchronization,” gives the impression that Apple reached out to Lellouche to tell him that they were removing the syncing feature in iOS 26.2. But why would Apple do that when it’s nearly the opposite of what they’re actually doing? If they were trying to tell Lellouche something else, and he misunderstood, why did Apple let the misinformation spread all around the Web without ever getting back in touch with him to correct the record? Why let everyone think that, as a result of the DMA, the functionality of Apple Watch in the EU will be significantly degraded?
I can think of two possibilities, neither a satisfying explanation. First, maybe Apple wanted to spread this misinformation as part of its anti-DMA PR crusade. They told Lellouche something that was technically true but missing the full context so that he concluded the worst. Evidence for this theory is that Apple PR has a high level of competence, so you’d think they’d notice if Lellouche misreported what they told him. Evidence against is that it seems like a pretty dumb strategy. Also, the API is publicly documented and was announced at WWDC.
The other theory is that Lellouche initiated the communication with Apple. Maybe he asked them a very precise question and got a narrow answer that was correct but gave the wrong overall impression. This might explain why Apple wasn’t closely following him to send a correction, but I have a hard time thinking how he could have phrased the question to end up in this situation and why Apple wouldn’t have been more careful to convey the full story.
There’s a similar mystery around the AirPods Live Translation feature. Apple first announced that it would not be available in the EU and then later said that it would be available but that it was delayed due to “additional engineering work” that the DMA required. It’s still unclear what that work was and what the state of the feature and third-party support are. Apple had said that it was “illegal” for them to “share these features with Apple users until we bring them to other companies’ products,” but there’s been no announcement that they’re doing the latter. Apple seems to be going out of its way not to tell us what’s actually happening. Oddly, Lellouche didn’t mention the Wi-Fi API but does mention a forthcoming multi-stream audio API that I haven’t seen documented or reported on by anyone else.
Back to Gruber:
There’s a reason why Apple isn’t offering the new Wi-Fi Infrastructure framework outside the EU, and that’s because they don’t believe it’s a good idea to grant any access at all to your saved Wi-Fi networks to third-party apps and devices. Especially without being able to specify, let alone enforce, a policy that Wi-Fi network information should be treated the way Apple treats it — remaining exclusively on device.
I don’t think Apple keeps it on-device, either. Doesn’t Wi-Fi information sync up to Apple’s servers through iCloud Keychain? And users don’t really have control over this because if you disable iCloud Keychain you can’t use passkeys. Not that I think iCloud Keychain is insecure, but this is a double-standard. There’s no enforcement for what Apple’s doing, either. We have to assume its good intent and lack of design flaws and bugs, but there’s no option to extend that courtesy to other companies.
The skeptical take […] that Apple’s intention here is, somehow, primarily about trying to drive anti-DMA sentiment amongst its EU users. […] Part of what makes this particular situation clarifying is that it’s so specific […] very few Apple Watch owners in the EU are likely to notice the change.
As described above, I don’t think Apple’s carve out for the historical data makes much sense, so I find this anything but clarifying. It’s odd how they got into this situation where there was lots of press coverage about how the EU was ruining Apple Watch, yet most Apple Watch owners won’t notice a change. They kind of got to have their cake and eat it, too.
If Apple were motivated by spite, and were trying to turn EU Apple Watch owners against the DMA, they’d just remove all Wi-Fi network syncing between the watch and its paired iPhone.
They wouldn’t do that because they would get blamed for obvious malicious compliance.
Tsai is making a few wrong assumptions here. First, Apple is enabling users (in the EU) to opt into having their iPhone share Wi-Fi information with third-party devices. Second, this mandate is not specific to smartwatches — it applies to any devices that can pair with an iPhone and have corresponding iOS partner apps. So Meta, with their lineup of smartglasses, does have corresponding devices. And, per Apple’s public statements, it is Meta in particular that has been zealously pursuing interoperability mandates pursuant to the DMA. I think it’s entirely possible that this entire issue regarding Wi-Fi network sharing was prompted by Meta’s interoperability requests to the European Commission.
My first wrong assumption was due the report from Lellouche, seemingly the only person (at the time) who got an official statement from Apple on this. For the second, I could see not buying Meta glasses on principle, and I could see buying them and wanting everything to “just work,” but I don’t see buying them and wanting to manually manage which Wi-Fi they have access to. You trust Meta enough to wear their device that records audio and video and talks to their servers, but you draw the line at letting it know which Wi-Fi network you’re on?
The “it should be up to the user” take benefits informed, technically savvy users. The “it shouldn’t be possible” take benefits uninformed, un-savvy users — users who in many cases have decided that they simply trust Apple.
No, it depends on whether the company receiving the data is unscrupulous. If Apple prevents a useful integration that was not actually dangerous, that is not a benefit to the user. Instead of Meta, imagine if a company like Panic made a device. I bet there are customers who trust Panic more than Apple. Also, adding friction disproportionately hurts the un-savvy users.
For at least the last 15 years, I’ve repeatedly emphasized that Apple’s priorities are in this order: Apple first, users second, developers third. The DMA attempts to invert that order, privileging developers first (in the ostensible name of fair competition with Apple, a designated “gatekeeper”), ahead of users, and ahead of Apple itself. So of course Apple is going to object to and resist mandates that require it to subordinate its own strategic desires — its own sense of how its products ought to be designed and engineered — especially when the primary beneficiary of the mandates aren’t users, but developers.
I disagree that the DMA is putting developers ahead of users. If a user buys two products from different companies and wants them to work better together, that’s a benefit to the user. If the users care about privacy and the developer doesn’t, they can choose not to buy the product, and then the developer doesn’t benefit.
The clearest example of that is the App Store. It’s overwhelmingly developers, not users, who object to the App Store model[…]. Users largely don’t have a problem with any of that. […] Users love the App Store model. With Apple in particular, users, by and large, like the idea that the platforms have stringent guardrails. Many buy iPhones because Apple exerts such control over the platform, not despite it.
I think users don’t have much visibility into what they’re missing and that Apple is in large part selling a false sense of security. For example, take the recent case of the Tea app, whose breach exposed user data that its App Store privacy nutrition label claimed it wasn’t even collecting. With so many factors (iPhone hardware, iOS, sandboxing, the App Store, the available apps) all tangled together, we don’t have a clear way of measuring what users actually care about. The clearest place to compare is probably the Mac, where the App Store model is optional, but the Mac App Store is at best a mixed bag. In some cases it’s easier, in some cases it isn’t. It’s full of scams and fake reviews but is missing many top apps. Whether or not you like it, it’s hardly a top reason to choose a Mac instead of a Windows PC.
Apple’s perspective is that protecting their customers’ privacy is, in fact, Apple’s responsibility — and one of their most important responsibilities at that. It’s illegal to steal cars, but every carmaker still puts locks on the doors and requires a key to start the engine. In numerous ways, Apple sees the DMA as mandating, privacy-wise, that they create something akin to cars that don’t require keys, trusting EU law to keep them from being stolen.
I see it more like Apple wants the car keys to be locked to your DNA, and the EU wants to make sure that you can hand them to your friend or mechanic.
You can reasonably make the case — and expert-level users (read: nerds) often do — that the user should always be in control. I bought the device, I should be able to run whatever software, with whatever privileges, I want. That perspective is valid, but it also describes a class of devices — PCs — that privilege the autonomy of third-party developers over the vendor-controlled stability of the OS.
Again, I object to this framing that if an expert user wants it, that’s preferencing developers. Their interests overlap but are not the same. For example, maybe I want to analyze my own Wi-Fi history even though I have no interest in developing a networking product. I can’t process that data because iOS doesn’t let me export it.
It’s always about trade-offs. And with this particular trade-off, it’s very clear which model is more successful in the market.
We have no true apples-to-apples comparison. Even if we did and the open option were less popular, I’m not sure what we should conclude from that. There are plenty of examples where society rightly chooses to protect the interests of groups that are outnumbered. Sometimes they also have companies advocating on their behalf for self-interested reasons. That doesn’t mean that there aren’t also good reasons or that the protections aren’t worthwhile.
Previously:
Update (2025-12-01): René Fouquet:
My cynical take is that Apple deliberately leaked technically incomplete information in order to provoke DMA-critical reporting. Apple continues to employ the tactic of spreading as much public resentment as possible among its users in the EU towards the EU.
The alternative seems to be that Apple was unaware of the misinformation being spread in their name or simply didn’t care.
Antitrust App Store App Tracking Transparency Apple Watch Digital Markets Act (DMA) European Union iCloud Keychain iOS iOS 26 Legal Privacy The Media watchOS 26 Wi-Fi
Friday, November 21, 2025
My apps are on sale for Black Friday, and here’s a list of deals that I found and that developers submitted. I’ll add more deals throughout the week as I see them.
Apps:
Accessories:
Books and Training:
Photos and Video:
Stores:
Lists of Deals:
Previously:
Bargain iOS iOS 26 iOS App Mac Mac App macOS Tahoe 26
Marcel Weiher:
So Tahoe apparently has a new Contacts app.
Unusably slow.
So slow that you think it has crashed.
Why am I not surprised that otool -L shows a SwiftUI dependency?
[…]
Oh, and it flickers and has visual glitches.
Not just when scrolling, also when just sitting there.
It really is incredibly slow, especially resizing the window, even on an Apple Silicon Mac. And, yes, the pane that shows the contact details has a distracting gray gradient that takes a split second to flash into place each time you click on a contact and then proceeds to sit there flickering.
The information density is way down. Each contact in the list takes three times as much vertical space because it now shows a photo. There doesn’t seem to be a way to turn this off, even though most of my contacts don’t have photos.
The details pane wastes a huge amount of space at the top for a giant photo (again, usually blank) and giant text for the name. Then it puts a thick bar on every contact, prompting you to edit the photo and poster. I have to make the window huge to see all the details. With my 14-inch MacBook Pro’s display at the highest resolution and the Contacts window maximized, the actual contact info (e.g. the first phone number) doesn’t get displayed until well below the top half of the screen. It also has messed up horizontal margins, like the Weather app.
Navigation in the list is all messed up. The arrow keys (and Shift arrow keys) sometimes stop working. Trackpad scrolling sometimes gets stuck. Page Up/Down and Home/End don’t work at all.
I selected 3 contacts at once and deleted them, and it beachballed for 10 seconds.
The Smart List editor doesn’t seem to have been tested since adopting Liquid Glass. The buttons literally overlap, and you can’t prevent this by making it wider.
See also: the MacRumors forum.
Previously:
Contacts Design Liquid Glass Mac macOS Tahoe 26 Music.app Software Rewrite SwiftUI
Thursday, November 20, 2025
Matt Massicotte (Mastodon):
Swift 6.2 gives you the ability make MainActor the default isolation. Unlike the rest of the features introduced as part of “Approachable Concurrency”, this is a long-term mode. It is optional and will remain so. However, this mode is enabled for new app targets in Xcode 26. And many people take this as a very strong signal from Apple, myself included.
[…]
Well I have made up my mind, at least for now. We should not. I’m not sure we should even have the ability to do so.
[…]
But when you finally encounter concurrency, and you almost certainly will, a default of MainActor can make those encounters much more difficult to understand and address.
[…]
(I also did a whole talk on this if that’s interesting.)
I still find this all rather confusing, but I’m inclined to agree with his argument. I understood the original motivation as sort of progressive disclosure. You shouldn’t have to deal with concurrency at all if you don’t need your code to be concurrent. But for most real apps you will have to understand and use the full Swift Concurrency. If opting in to MainActor (the keyword, not the default isolation) is easier than opting out, is that really helping in the end? Why start down a garden path that leads to a cliff? And is having the simple mode worth the confusion of having two modes, and having to keep straight which module is using which? (This is on top of having separate modes for Swift 5 and 6.)
Ryan Booker:
I’ve seen quite a few people saying something similar. What worries me is that not only is MainActor the default now, the WWDC videos introducing it are quite clear that Apple think you should make your App target and UI based modules all MainActor by default, with non UI modules nonisolated by default.
So I’m worried about fighting the tide, but also the idea that you have two inverted concurrency systems to reason about in one code base if you follow Apple’s suggestion!
Jonathan Wight:
The most vocal Swift Concurrency expert outside of Apple is recommending to avoid MainActor default isolation and you’re left wondering what is even the point.
Previously:
Update (2025-11-21): Matt Massicotte:
I want to add though, that I find it really confusing to look at MainActor default as some kind of alternative path towards a 6 migration. Because it’s really just automation, it does not change the nature of the problems you have to consider.
Update (2025-12-01): Tony Arnold:
I’m trying out a MainActor by default project today, and I can’t use LocalizedStringResources that are extracted from my xcstrings catalog 😳
Antoine van der Lee:
By enabling approachable concurrency and setting the default actor isolation to MainActor, you immediately establish a safer and more predictable foundation for Swift concurrency. It also makes your project more resilient to future Swift updates and encourages a consistent mental model from day one. You can learn more about this concept in my article Approachable Concurrency in Swift 6.2: A Clear Guide.
iOS iOS 26 Mac macOS Tahoe 26 Programming Swift Concurrency Swift Programming Language
Robert Hart and Dominic Preston (Hacker News, MacRumors):
Under intense pressure from industry and the US government, Brussels is stripping protections from its flagship General Data Protection Regulation (GDPR) — including simplifying its infamous cookie permission pop-ups — and relaxing or delaying landmark AI rules in an effort to cut red tape and revive sluggish economic growth.
The changes, proposed by the European Commission, the bloc’s executive branch, changes core elements of the GDPR, making it easier for companies to share anonymized and pseudonymized personal datasets. They would allow AI companies to legally use personal data to train AI models, so long as that training complies with other GDPR requirements.
The proposal also waters down a key part of Europe’s sweeping artificial intelligence rules, the AI Act, which came into force in 2024 but had many elements that would only come into effect later. The change extends the grace period for rules governing high-risk AI systems that pose “serious risks” to health, safety, or fundamental rights, which were due to come into effect next summer. The rules will now only apply once it’s confirmed that “the needed standards and support tools are available” to AI companies.
Update (2025-11-21): noyb (via endl):
As gradually leaked the last days by various news outlets, the EU Commission has secretly set in motion a potentially massive reform of the GDPR. If internal drafts become reality, this would have significant impact on people's fundamental right to privacy and data protection. The reform would be part of the so-called "Digital Omnibus" which was supposed to only bring targeted adjustments to simplify compliance for businesses. Now, the Commission proposes changes to core elements like the definition of "personal data" and all data subject's rights under the GDPR. The leaked draft also suggests to give AI companies (like Google, Meta or OpenAI) a blank check to suck up European's personal data. In addition, the special protection of sensitive data like health data, political views or sexual orientation would be significantly reduced. Also, remote access to personal data on PCs or smart phones without consent of the user would be enabled. Many elements of the envisaged reform would overturn CJEU case law, violate European Conventions and the European Charter of Fundamental Rights.
See also: AFP.
Update (2025-11-25): M.G. Siegler:
Sure, it’s a few seconds here and there, but those add up in aggregate. And I, like everyone who lives in Europe, am doing it many, many times a day. Every day. And some have been doing this for over 15 years now…
And it’s actually worse than tedious or time-wasting, it actually does the exact opposite of what the intent was: to make people more mindful of their privacy and give them more control. No one reads these anymore, no one.
Nick Heer:
If you are annoyed about cookie banners, get ready to have that dialled back — maybe, a bit. The proposed changes will allow users to set their cookie preference in their web browser. But media companies will be free to ignore those automatic signals and ask for your permission to set cookies anyway. Also, the circumstances under which consent is not required will be broadened, but websites will still need to ask before using cookies for targeted advertising. Oh, and consent is still required by laws elsewhere and, until policies are harmonized around the world, consent banners are here to stay. Even if everyone copies the proposed changes for the E.U., you will still see a lot of these banners if you spend a lot of time reading news.
Previously:
Artificial Intelligence European Union GDPR Legal Privacy Web
Freddie Harrison (Mastodon, Pieter Omvlee):
Early on in the process, we prototyped various approaches to the sidebar and Inspector, including floating options (the new default in Tahoe) and glass materials. Ultimately, we went custom here, with fixed sidebars that felt less distracting in the context of a canvas-based design tool.
Another area we went custom with was document tabs. Having them run along the top of the window didn’t work well with the toolbar and ultimately felt too boxy and imposing. Instead, they now live in the sidebar, and are just as functional.
[…]
As well as shipping our own glass effect soon after WWDC, we’ve adopted Liquid Glass in subtle ways in Copenhagen. You’ll find it in the toolbar, minimap and notifications at the bottom of the Canvas.
[…]
One of the first things you’ll notice when you work with the new Inspector is that most of the old popovers are now separate panels.
These new panels have a lot of advantages. You can move them freely around the window to bring them closer to your work. They also stay open if you change your selection and they’re still applicable, making similar changes across multiple layers more convenient.
[…]
We created a new set of icons (over 700 of them) — you’ll find them everywhere from menus, to the Inspector, and beyond.
Nick Heer:
This probably will not convert the kind of person who finds Liquid Glass revolting in its entirety, but I think this implementation is thoughtful and well-considered. Note, too, that Apple itself has not shipped any of its own Mac pro apps with Liquid Glass changes. The choices made by the Sketch team are instructional.
Mario Guzmán:
The Sketch design team should be the folks designing at Apple.
Haven’t they sucked up enough talent already?
Jonathan Fischer:
Random thing that I love: the whole application is still just 215MB.
Benjamin Schmidt:
In general a nice update and so far the best implementation of Liquid Glass, but that toolbar is breaking me. Muscle memory I built since Sketch 3 (partly Sketch 2 even) gone and replaced by searching icons in an ever changing toolbar.
Sketch:
A customizable toolbar wasn’t really a viable option in this era of macOS.
Previously:
Update (2025-11-21): Simon B. Støvring:
Sketch just pushed another big UX shift along with severe new bugs in core features. This time the sidebar indentation is all over the place, so I can’t trust folder relationships, and it slows me down a lot.
I don’t have time to relearn my design tool every few months just because Sketch thinks it’s fun to shake things up.
[…]
The right choice for me is to roll back to the previous version of Sketch and wait until the early rough issues in the latest update are ironed out. I’m glad Sketch makes that possible.
Nicolai Henriksen:
To me it is equally bad with Figma although in different ways. Big difference is that it is not when you install annew version but “while blinking”.
Steve Troughton-Smith:
Sketch made such a big deal about being a native Mac app a few years ago, as an argument against using Electron/Catalyst, but today the app’s (beautiful) new redesign doesn’t seem to use native controls or elements anywhere. Custom toolbar, custom sidebar, custom tooltips, custom ‘tabs’. I totally get it, but there’s a reason cross-platform toolkits exist, and I sure would prefer a full-featured native iPad version of my design tools than a Mac-shaped line in the sand.
Previously:
Update (2025-11-25): Pieter Omvlee:
I don’t think we’d have gone this custom if Liquid Glass looked more at home on the Mac than it does today. Let’s say our hand was a tad forced 😄
[…]
Im super proud of the job we did with Sketch for Liquid Glass, but we shouldn’t have had to go this far in the first place if the design language actually supported what we can call ‘Pro Apps’. I mean Xcode looks like a toy now, that can’t be right surely 😝
Nikhil Nigade:
Please reintroduce the “Share” button here. I use certain share extensions for my workflows, and the lack of a share button here is really breaking my momentum.
Jordan Morgan:
Just a Sketch appreciation post. I use it for every single blog post I make at the 9-5 and my own stuff. A fantastic feeling Mac app.
Design Graphic Design Liquid Glass Mac Mac App macOS Tahoe 26 Sketch
Eugen Rochko (via Hacker News):
After nearly 10 years, I am stepping down as the CEO of Mastodon and transferring my ownership of the trademark and other assets to the Mastodon non-profit. Over the course of my time at Mastodon, I have centered myself less and less in our outward communications, and to some degree, this is the culmination of that trend. Mastodon is bigger than me, and though the technology we develop on is itself decentralized—with heaps of alternative fediverse projects demonstrating that participation in this ecosystem is possible without our involvement—it benefits our community to ensure that the project itself which so many people have come to love and depend on remains true to its values. There are too many examples of founder egos sabotaging thriving communities, and while I’d like to think myself an exception, I understand why people would prefer better guardrails.
But it would be uncouth for me to pretend that there isn’t some self-interest involved. Being in charge of a social media project is, turns out, quite the stressful endeavour, and I don’t have the right personality for it.
Matt Birchler:
Rochko seems like a good guy and I thank him for all he’s done leading Mastodon all these years.
Update (2025-11-25): Laurens Hof (via Manton Reece):
Mastodon is also transitioning into a Belgium non-profit entity as the future home of the Mastodon organisation. The current Mastodon organisation is in Germany as the Mastodon gGmbH entity. This organisation automatically become a for-profit organisation after its charitable status were stripped away. The new Belgium entity (an AISLB) allows Mastodon to become a non-profit organisation again. The organisation does not know yet when exactly the transfer to this new Belgium entity will happen. Meanwhile, Mastodon will also continue to operate an US-based 501(c)(3), as a “strategic overlay and fundraising hub”.
Another important change is that the Mastodon organisation now owns the Mastodon brand and assets, which used to be owned by Rochko. The organisation has attracted various larger donations, with Mastodon listing Jeff Atwood and the Atwood Family (EUR 2.2M), Biz Stone, AltStore (EUR 260k), GCC (EUR 65k), and Craig Newmark. These donations are partially used to fund acquisition of the Mastodon brand and assets from Rochko. Rochko is receiving a one-time compensation of EUR 1M for transferring the Mastodon brand trademark and assets to the organisation, which also compensates him for 10 years of work on the project at a below-market rate. Hlatky noted that Rochko turned down earlier acquisition offers worth more than 10 times this amount to keep Mastodon as a non-profit and open-source project.
Business Mastodon Web
Wednesday, November 19, 2025
Daniel Jalkut:
For these scenarios, Xcode provides a handy checkbox that can be used to automatically attach when one of an app’s XPC services is launched. Look deep in the “Options” tab of the scheme editor’s “Run Action” page[…]
While this feature is great for XPC services in particular, there are many caveats. For example, Xcode will not automatically attach to XPC services that you didn’t build yourself. So, while an app that uses WebKit will employ many XPC services for accessing network resources or rendering web page content, Xcode will not attach to those processes automatically unless you built the WebKit project locally and are running against that version.
[…]
But here I run into another unfortunate limitation of Xcode’s attachment functionality: Xcode only attaches to the first named process it finds. FastScripts always keeps at least two RSScriptRunner processes going, so that when a script is invoked there will always be a process “primed and ready”. When several scripts are running in parallel, several RSScriptRunner processes are running. How do I attach to the one I care about debugging?
The solution I’ve come up with is to attach to them all. I’ve created an AppleScript that determines the process identifiers for every running process of a given name, and asks Xcode to attach to each one.
AppleScript Debugging Extensions FastScripts Mac macOS Tahoe 26 Programming WebKit Xcode XPC
Matthew Prince (Hacker News):
The issue was not caused, directly or indirectly, by a cyber attack or malicious activity of any kind. Instead, it was triggered by a change to one of our database systems' permissions which caused the database to output multiple entries into a “feature file” used by our Bot Management system. That feature file, in turn, doubled in size. The larger-than-expected feature file was then propagated to all the machines that make up our network.
The software running on these machines to route traffic across our network reads this feature file to keep our Bot Management system up to date with ever changing threats. The software had a limit on the size of the feature file that was below its doubled size. That caused the software to fail.
[…]
This post is an in-depth recount of exactly what happened and what systems and processes failed. It is also the beginning, though not the end, of what we plan to do in order to make sure an outage like this will not happen again.
He also has a HN comment about the writing of the postmortem.
John Gruber:
This is how it’s done.
See also: How Complex Systems Fail (via Thomas Ptacek).
Brian Krebs:
Some affected Cloudflare customers were able to pivot away from the platform temporarily so that visitors could still access their websites. But security experts say doing so may have also triggered an impromptu network penetration test for organizations that have come to rely on Cloudflare to block many types of abusive and malicious traffic.
Manton Reece:
Cloudflare’s outage yesterday shows the mind-boggling scale of their network. The graph has 25 million HTTP 500 errors per second.
Miguel Arroz:
Unpopular opinion, apparently: companies like cloudflare and Amazon provide very high quality services people and enterprises actually need, with a level of uptime and security vastly superior to what most of their customers would achieve on their own or using traditional providers. Their downtimes being so visible is a consequence of their success.
Dave Rahardja:
2025 is the year we learn that a tiny number of large companies have become single-point failures for the Internet in the US.
I feel like this kind of consolidation is undesirable for Internet resiliency, but also inevitable as the cost of implementing “undifferentiated” (in AWS’ parlance) infrastructure is not profitable to web service owners.
Previously:
Update (2025-12-10): See also: Accidental Tech Podcast.
Dane Knecht (Hacker News):
On December 5, 2025, at 08:47 UTC (all times in this blog are UTC), a portion of Cloudflare’s network began experiencing significant failures. The incident was resolved at 09:12 (~25 minutes total impact), when all services were fully restored.
A subset of customers were impacted, accounting for approximately 28% of all HTTP traffic served by Cloudflare. Several factors needed to combine for an individual customer to be affected as described below.
The issue was not caused, directly or indirectly, by a cyber attack on Cloudflare’s systems or malicious activity of any kind. Instead, it was triggered by changes being made to our body parsing logic while attempting to detect and mitigate an industry-wide vulnerability disclosed this week in React Server Components.
BBEdit Cloudflare Database Outage Web
Google (MacRumors, The Verge, Hacker News, model card, Hacker News):
And now we’re introducing Gemini 3, our most intelligent model, that combines all of Gemini’s capabilities together so you can bring any idea to life.
It’s state-of-the-art in reasoning, built to grasp depth and nuance — whether it’s perceiving the subtle clues in a creative idea, or peeling apart the overlapping layers of a difficult problem. Gemini 3 is also much better at figuring out the context and intent behind your request, so you get what you need with less prompting. It’s amazing to think that in just two years, AI has evolved from simply reading text and images to reading the room.
And starting today, we’re shipping Gemini at the scale of Google. That includes Gemini 3 in AI Mode in Search with more complex reasoning and new dynamic experiences. This is the first time we are shipping Gemini in Search on day one. Gemini 3 is also coming today to the Gemini app, to developers in AI Studio and Vertex AI, and in our new agentic development platform, Google Antigravity — more below.
Google (Hacker News):
Today, we are introducing Google Antigravity, our new agentic development platform. While the core is a familiar AI-powered IDE experience with the best of Google’s models, Antigravity is evolving the IDE towards an agent-first future with browser control capabilities, asynchronous interaction patterns, and an agent-first product form factor that together, enable agents to autonomously plan and execute complex, end-to-end software tasks.
[…]
We believe Antigravity’s product form factor represents the next fundamental step function in agent-assisted development. Thus, our goal is to channel it into the best product offering possible for end users. In today’s public preview:
- Google Antigravity for individuals at no charge
- Compatibility with MacOS, Linux, and Windows
- Access to Google’s Gemini 3, Anthropic’s Claude Sonnet 4.5 models, and OpenAI’s GPT-OSS within the agent, offering developers model optionality
It’s an Electron app based on Visual Studio Code and requires signing in with a Google account.
Dare Obasanjo:
A key innovation is how the tool reports its work. It shares task lists, plans, screenshots, and browser recordings to make it easier for the developer to confirm it’s doing the right thing.
In addition to the traditional IDE view it also has a Manager view is designed for controlling multiple coding agents at once.
Too bad they’ll probably kill it in a year 😁
Previously:
Update (2025-11-20): Google (Hacker News):
Today, we’re introducing Nano Banana Pro (Gemini 3 Pro Image), our new state-of-the art image generation and editing model. Built on Gemini 3 Pro, Nano Banana Pro uses Gemini’s state-of-the-art reasoning and real-world knowledge to visualize information better than ever before.
Update (2025-11-26): PromptArmor (via Hacker News):
An indirect prompt injection in an implementation blog can manipulate Antigravity to invoke a malicious browser subagent in order to steal credentials and sensitive code from a user’s IDE.
Update (2025-12-02): Deep-Hyena492 (Hacker News):
Google Antigravity just deleted the contents of my whole drive.
Antigravity Artificial Intelligence Electron Google Google Gemini/Bard Google Search Mac Mac App macOS Tahoe 26 Visual Studio Code Web
