Saturday, May 20, 2017 [Tweets] [Favorites]

iOS 11 iPad Wishes and Concept Video

Federico Viticci:

iOS for iPhone is, I believe, at a point of sufficient maturity: aside from particular feature additions, I don’t think there’s anything fundamentally missing from the iPhone. The iPad now bears the proverbial low-hanging fruit of iOS. There are obvious areas of improvement on iOS for iPad, which is, effectively, two years behind its iPhone counterpart. The iPad’s lack of meaningful software advancements allows us to explore deeper ideas; thus, in a break with tradition, I decided to focus this year’s iOS Wishes exclusively on the iPad and where Apple could take its software next.


The argument that the iPad doesn’t “need a filesystem” lost its validity when Apple introduced document providers in iOS 8 and the iCloud Drive app in iOS 9. iOS already has a visible filesystem, only it’s been rebuilt with simplicity in mind for the age of apps so it doesn’t expose system information like on macOS. The next logical step for Apple is to turn their scattershot implementation of document pickers and providers into a true Finder layer that can work with every app and be more cohesive and intuitive than what we have today.

Friday, May 19, 2017 [Tweets] [Favorites]

Xcode Autocomplete Frustrations

Erica Sadun:

A year after it debuted, Xcode’s enhanced autocomplete features continue to struggle with overly liberal matches[…]


Successful autocompletion promotes good matches and discards inappropriate ones. “upper“ should score high on CFStringUppercase and low on CGScreenUpdateOperation and CSSMERR_TP_INVALID_CERTGROUP_POINTER.

That’s not the only problem with autocomplete. Image literal completion is a big problem. Xcode often prioritizes images over code APIs. When starting to type “picker”, Xcode should not suggest “picture-of-lovely-cat”.

Every time I create a new variable in Swift (i.e. type let, space, and then a letter), Xcode gives me a useless list containing only names of images. Not only do I never want these—I use methods/properties to access my images rather than hard-coding strings in multiple places—but an image would not even be valid at that source location.

Getting Info From iTunes

Paul Kim:

With some versions, one API may return some special playlist that the others don’t. Also, [MediaLibrary API] is asynchronous while the others are synchronous. I don’t see that as a big deal either way as you can convert one into the other with a tiny bit of work.


As you can see, ML is pretty damn slow with ITLib being much, much, much faster. What is surprising to me is how much faster parsing the XML file is than ML.


The persistent IDs of entities in iTunes are hex strings. In the XML file, they are zero padded. In ML, though it returns strings, they are not zero padded (rdar://26624642 for you Apple folks watching from home). To add even more confusion to the mix, they are NSNumbers in ITLib.

Twitter Abandons “Do Not Track” Privacy Protection


While we had hoped that our support for Do Not Track would spur industry adoption, an industry-standard approach to Do Not Track did not materialize.

Steven J. Vaughan-Nichols:

Twitter was one of the first companies to support Do Not Track (DNT), the website privacy policy. Now, Twitter is abandoning DNT and its mission to protect people from being tracked as they wander over the web.


According to Sarah Downey, an attorney and privacy advocate, the Interactive Advertising Bureau and the Digital Advertising Alliance (DAA), which represent most online advertisers, have their own interpretation of Do Not Track: “They have said they will stop serving targeted ads but will still collect and store and monetize data.”

Nick Heer:

Like Google and Facebook, Twitter is now displaying the topics it thinks you’re interested in, how old it thinks you are, and what languages it thinks you speak — apparently, I speak Estonian and Portuguese. Twitter goes one step further and allows you to request a list of which advertisers are currently targeting your profile. As of writing, 874 advertisers have included my personal account in over two thousand of their audience lists, while 102 have for the Pixel Envy auto-posting account.

Retina Monitors

Casey Liss:

As I write this, there are three general options, that will work with most modern Macs[…]


Additionally, there are two options for those with a fancypants MacBook with USB-C[…]


If you look at Marc’s chart, you can see what the issue is. Displays over 24" that are only 4K land in “the bad zone”—more resolution than non-Retina, yet not enough to be full Retina.

As far as I can tell, only the 2016 MacBook Pro can drive a 5K display. For 4K at a decent refresh rate, you need a mid-2014 or later MacBook Pro.

Thursday, May 18, 2017 [Tweets] [Favorites]

Apple Wants 30% of Tips From Chinese Chat Apps

Tim Hardwick:

Apple has told several Chinese social networking apps to disable their “tip” functions to comply with App Store rules, according to executives at WeChat and other companies.

The tip functions in Chinese messaging platforms are free to use and allow people to send authors and other content creators monetary tips through transfers to mobile wallet accounts. However, according to The Wall Street Journal, Apple has decided that tips are equivalent to in-app purchases – similar to buying games, music, and videos – therefore Apple is entitled to a 30 percent cut of every transaction.


The annoyance stems from the way the tipping culture is viewed in China. Chinese app developers see tipping as fundamentally different from in-app purchases because users only tip voluntarily as a mark of appreciation when they consume content.

It sounds kind of like Apple asking for a cut of every PayPal transaction that’s initiated through an app. That really doesn’t make much sense.

The promise of in-app purchase was that it was supposed to make purchases uniformly easy for the customer. Instead, Apple’s insistence on 30% is degrading the user experience (e.g. Kindle) and encouraging developers to complicate their apps to route around the fee. And if Tencent doesn’t back down—and I don’t see why they would—this could really hurt iOS in China. Hopefully this spat will trigger a rethinking of Apple’s policies.

Previously: Apple’s China Problem: WeChat.

Update (2017-05-19): See also: Ben Thompson, John Bergmayer.

Android Adds Official Kotlin Support

Steve Yegge (Hacker News):

The only way a new language can make a big splash -- and I think this has been true for at least ten, maybe twenty years -- is for it to have a “killer app”. It needs a platform that everyone wants to use so badly that they’re willing to put up with learning a new language in order to program on that platform.

It turns out the perfect killer app here -- and this brings us full circle -- is Android’s crappy Red Light APIs. When you’re zooming along the road in Android-land, every time you hit an API that stops you in your tracks, you curse the platform. It doesn’t actually matter how many good APIs Android has, as long as there are sufficiently many bad ones to make you pause and look around for big solutions.


When you have a big gap like that, there’s an opportunity for a language-based solution. And unsurprisingly, the full-on departures are all based around specific languages that aren’t Java.

Kotlin’s competitive advantage, though, is that it’s not a full-on departure. It’s completely 100% interoperable and even interminglable with Java, almost (though not quite) to the extent that C++ was to C. Kotlin feels like an evolutionary step. You can just start mixing it right into your existing Android project, right there in the same directories, and call back and forth without batting an eyelash.

Mike Cleron (Hacker News):

Today the Android team is excited to announce that we are officially adding support for the Kotlin programming language. Kotlin is a brilliantly designed, mature language that we believe will make Android development faster and more fun. It has already been adopted by several major developers — Expedia, Flipboard, Pinterest, Square, and others — for their production apps. Kotlin also plays well with the Java programming language; the effortless interoperation between the two languages has been a large part of Kotlin’s appeal.

The Kotlin plug-in is now bundled with Android Studio 3.0 and is available for immediate download. Kotlin was developed by JetBrains, the same people who created IntelliJ, so it is not surprising that the IDE support for Kotlin is outstanding.

In addition to the IDE support, we’re announcing a collaboration with JetBrains to move Kotlin into a non-profit foundation. (Kotlin is already open sourced under Apache2.)

Maxim Shafirov:

Starting now, Android Studio 3.0 ships with Kotlin out of the box, meaning Android developers no longer need to install any extras or worry about compatibility. It also means that moving forward, you can rest assured that both JetBrains and Google will be supporting Android development in Kotlin.

In case you are concerned about other platforms that Kotlin supports (Kotlin/JVM for server and desktop, Kotlin/JS and Kotlin/Native), please be sure that they are as important for us as ever. Our vision here is to make Kotlin a uniform tool for end-to-end development of various applications bridging multiple platforms with the same language. This includes full-stack web applications, Android and iOS clients, embedded/IoT and much more.

Brandon Williams & Lisa Luo (tweet):

At Kickstarter, Android and iOS development co-exist harmoniously. Our small team of native engineers have spent the past two years embracing functional programming, from building our Android app using RxJava to rewriting our iOS app in Swift using ReactiveSwift. We have learned a lot from a cross-platform functional workflow and will talk about how FP, Swift and Kotlin have unified our approach in writing consistent code across platforms. We will give a tour of the features of Kotlin and all its similarities, strengths, and weaknesses with respect to Swift.

See also: Swift is like Kotlin (Hacker News).

Wednesday, May 17, 2017 [Tweets] [Favorites]


Brent Simmons and Manton Reece (via John Gruber, Hacker News):

The JSON Feed format is a pragmatic syndication format, like RSS and Atom, but with one big difference: it’s JSON instead of XML.

For most developers, JSON is far easier to read and write than XML. Developers may groan at picking up an XML parser, but decoding JSON is often just a single line of code.

Our hope is that, because of the lightness of JSON and simplicity of the JSON Feed format, developers will be more attracted to developing for the open web.

Seems like a good idea. Sure, it’s another standard, so if it catches on this will create more work for people writing code in this area. But the fact that it’s so easy to use could open up more possibilities, and I assume that it will be more amenable to the needs of new services. There’s a WordPress plug-in.

See also: Dave Winer (2012).

Update (2017-05-17): See also: Brent Simmons.

Update (2017-05-18): See also: Manton Reece.

TidBITS News Shows How an Old 32-bit iOS App Becomes 64-bit

Matt Neuburg:

To revive TidBITS News, therefore, I effectively had to rewrite the code from scratch as if I were creating the same app today, doing things the iOS 10 way. Luckily, TidBITS News is a fairly small, simple app; it has only three “scenes” — the master view (the list of article headlines and blurbs), the detail view (one complete article), and the player view (for listening to a recorded version of an article). But imagining a much more elaborate app, you can appreciate why a developer might not be willing to recast an old 32-bit app as 64-bit — it could be more work than it’s worth. (And the fact that Apple forces all updates to be given away for free means that it will generate absolutely no income from existing users. Is it any wonder apps are abandoned?)

Previously: iOS to Drop Support for 32-bit Apps.

FastMail “Lifetime” Member Plans

brong (via Hacker News):

FYI, we’re finally closing off guest and member accounts entirely. […] We have already not allowed new signups at those service levels for quite some time. We are offering very generous discounts for upgrades.

In 2002, the member account promised a lifetime mail account for a one-time $14.95 fee.


The member accounts were introduced at a critical time in Fastmail’s development, when they needed serious funding (when they first went paid).


That Fastmail have honored their commitment (to keep these accounts valid, over all these years) I consider impeccable.

Now they are reneging on that deal, although obviously anyone who signed up 15 years ago got a tremendous value. I don’t really understand why FastMail is doing this, since it seems like the 16 MB storage quota on the old plan would be enough to entice most users to upgrade. Anyone remaining wouldn’t drain their resources much—except perhaps for customer support. Is it really worth sullying their reputation? If the situation is so dire that they’ll go out of business if they keep their word, then as a satisfied non-lifetime customer I’m glad they’re not going down in flames to prove a point. On the other hand, it is worrying that either they’re simply choosing not to honor their commitment or that the business I’m relying on is that close to collapse.

The bottom line: customers should never count on anything actually being lifetime, businesses should only offer such plans as a last resort, and anyone who really cares about their e-mail address should get their own domain.

Moom vs. the Rectangular Grid Patent

Many Tricks (tweet):

The one change was to the grid, which switched from rectangular (with the circles of 3.2.7) to the new hexagonal layout, as seen at right.

Why did we change the design? Late last week, we learned there’s a US patent that covers resizing windows using a rectangular grid in a miniature preview image. We learned this when the patent’s owner told us they believed Moom’s grid was infringing on their patent. For now, we have redesigned the grid in such a way that no infringement claim can be made, and we’re working on further improvements.

This sort of thing should not be patentable. Plus, the timeline is depressing: the patent application was filed in 2008, the Moom feature shipped in 2011, the patent was granted in 2013, and the complaint was made in 2017.

See also: Hacker News.

Tuesday, May 16, 2017 [Tweets] [Favorites]

No More iPad mini Updates Planned

Jonathan S. Geller (via Zac Hall, Joe Rossignol, Hacker News):

First introduced in 2012, Apple’s iPad mini was a welcome alternative to the much larger, thicker, and heavier 9.7-inch iPad. There was no 5.5-inch iPhone Plus, so the iPad mini made a great choice for light reading and effortless web browsing, email, and gaming. The market doesn’t stand still, however, and we’re now looking at a redesigned iPad Pro to be launched this summer that should offer everything the current 9.7-inch iPad features, but in a smaller footprint with a larger 10.5-inch display.

On the other side, there’s the 5.5-inch iPhone 7 Plus, which is large enough to negate the need for a tablet for many users. The device you take everywhere, that’s always with you, that has the best camera, and that has everything else you need. The device that you already own. Therein lies the problem, and that’s why we have heard from a source close to Apple that the iPad mini is being phased out.

That’s a shame. Maybe the iPad mini hasn’t been selling well because it’s been neglected. The full-size iPad is too big and heavy for my liking. I’ve actually been hoping for a smaller and lighter iPad mini, more like a Kindle. As a fan of the iPhone SE, the fact that Apple sells a 5.5-inch phone does nothing to help my tablet needs. I don’t want a big phone, or a second phone. If they had a 5.5–6.5-inch iPod touch, that could be interesting, though it wouldn’t be able to run true iPad apps.

“MP3 Is Dead” Missed the Real, Much Better Story

Marco Arment (Hacker News):

So while there’s a debate to be had — in a moment — about whether MP3 should still be used today, Fraunhofer’s announcement has nothing to do with that, and is simply the ending of its patent-licensing program (because the patents have all expired) and a suggestion that we move to a newer, still-patented format.


AAC and other newer audio codecs can produce better quality than MP3, but the difference is only significant at low bitrates. At about 128 kbps or greater, the differences between MP3 and other codecs are very unlikely to be noticed, so it isn’t meaningfully better for personal music collections. For new music, get AAC if you want, but it’s not worth spending any time replacing MP3s you already have.


MP3 is supported by everything, everywhere, and is now patent-free.

Apple’s New Campus

Steven Levy (Hacker News):

For the next two hours, Ive and Whisenhunt walk me through other parts of the building and the grounds. They describe the level of attention devoted to every detail, the willingness to search the earth for the right materials, and the obstacles overcome to achieve perfection, all of which would make sense for an actual Apple consumer product, where production expenses could be amortized over millions of units. But the Ring is a 2.8-million-square-foot one-off, eight years in the making and with a customer base of 12,000. How can anyone justify this spectacular effort?


The meetings often lasted for five or six hours, consuming a significant amount of time in the last two years of Jobs’ life. He could be scary when he swooped down on a detail he demanded. At one point, Behling recalls, Jobs discussed the walls he had in mind for the offices: “He knew exactly what timber he wanted, but not just ‘I like oak’ or ‘I like maple.’ He knew it had to be quarter-cut. It had to be cut in the winter, ideally in January, to have the least amount of sap and sugar content.


Those post-Jobs details were largely crafted by Foster + Partners and Ive’s design team, who custom-developed almost every aspect of the building, down to the wash basins and faucets.


It’s hard not to be overwhelmed by all of this. Ask me sometime about the fonts in the elevator or the hidden pipes in the bathroom commodes. And it’s hard not to return again and again to the same question: Is Apple Park the arcadia outlined by Jobs in his public farewell, or is it an anal-retentive nightmare of indulgence gone wild?

In my experience, these sort of architectural marvels end up not being very functional, but hopefully they’ve bucked that trend. If it works as intended, this will be a great investment in the future, but it also sounds like there was a huge opportunity cost. Apple’s attention is its most limited resource. Apple Park’s design and construction has consumed a lot of time for key people these last several years, at the same time it seems like entire product lines have been neglected.

CMD-D | Masters of Automation Conference

Sal Soghoian:

The conference is called CMD-D (pronounced “Command-D”), and it will be held August 9th at the Santa Clara Convention Center. It’ll be a full day of exploring the current state of automation technology on both Apple platforms, sharing ideas and concepts, and showing what’s possible—all with the goal of inspiring and furthering development of your own automation projects.

To assist in this exploration of all things Automation, I’ve invited some of my smartest friends to present sessions focused on their own areas of automation expertise, on macOS and iOS. And, for those new to automation, we’re also planning a Scripting Boot Camp on August 8th.

All About Concurrency in Swift

Umberto Raimondi:

Swift 3 introduces a new function to perform assertions on the current execution context, that allows to verify if a closure is being executed on the expected queue. We can build predicates using the three enum cases of DispatchPredicate: .onQueue, to verify that we are on a specific queue, .notOnQueue, to verify the opposite and .onQueueAsBarrier to check if the current closure or work item are acting as a barrier on a queue.

Monday, May 15, 2017 [Tweets] [Favorites]

A Tale of Three Git Filter Branches

Greg Hurrell (via tweet):

I used git-filter-branch to rewrite the history of the repo containing this website’s files, processing 4,980 commits and transforming 3,702 wikitext files to Markdown along the way. I wrote three separate versions: the first would have taken as long as 42 days to complete, the second perhaps 3 to 4 days, and the third and final version completed in about an hour.


That last one sure sounds the most elegant, doesn’t it? But it also obliges us to accept a reality about Git’s object database: it’s made to be blazingly fast for certain common operations (git status, git commit etc) but not others. For example, answering that question of “detecting when an item first entered the repository” could require you to traverse back from the current HEAD all the way back to the root commit of the repository, which could mean examining a thousands-long commit chain. And note, even if you know how Git works and seek to minimize the number of git processes that you need fork and the number of commits that you actually need to examine (eg. by limiting git log with a pathspec), Git’s internals will still need to traverse that thousands-long chain in the worst case.

Searching for Swift Objects by Type

Tim Ekl:

This rubbed me the wrong way, specifically because of the is SpecialView/as! SpecialView combination. It seemed like I should be able to do the type check once and get the object back as that type, maybe using as?.


However, there’s a cost here: where previously we’d stop enumerating subviews once we found the first SpecialView, with flatMap we run all the way through the array before getting the first result. If subviews is an especially large array, this could become a performance hotspot very quickly.

In Objective-C, the obvious for loop or array-searching closure would do the right thing, without the need for concepts like flatMap and lazy. Then again, so would a Swift for loop with if let, but people would tend not to write it that way.

If you wanted to generalize this sort of view search in Objective-C, you could pass a class as a parameter. That doesn’t really work in Swift because you would end up with an awkward Any? return value. So you get into generics. You can pass a parameter of type Any.Type, but that doesn't really help because Swift can’t use this to determine the return type. Instead, you could make the function take no parameters, passing the type as a generic parameter that’s inferred based on the calling context. However, I think that makes the call sites look weird, and you still end up with an optional to unwrap.

Everything Is Broken

Dan Luu:

If I had to guess, I’d say I probably work around hundreds of bugs in an average week, and thousands in a bad week. It’s not unusual for me to run into a hundred new bugs in a single week. But I often get skepticism when I mention that I run into multiple new (to me) bugs per day, and that this is inevitable if we don’t change how we write tests. Well, here’s a log of one week of bugs, limited to bugs that were new to me that week. After a brief description of the bugs, I’ll talk about what we can do to improve the situation.

See also: Will Thompson (tweet).

This is how I feel using Apple’s software lately, but I guess the grass isn’t greener.

Update (2017-05-15): See also: Cédric Luthi.

Scholle McFarland:

macOS 10.12.5 bug has broken Calendar’s coolest custom alert--the one that lets you open a file automatically. Appppllllle!!! <shakes fist>

Instagram Now Supports Photo Uploads From Mobile Site

Juli Clover:

Prior to the update, Instagram only allowed photo uploads from its mobile apps, and the iOS app is limited to the iPhone, so iPad users were forced to download an iPhone-only app with an unoptimized layout to upload photos to the social network.

The Instagram website on mobile devices was previously only available for browsing photos, liking content, searching, and viewing notifications, but now it's possible to upload photos.

But it sounds like there still isn’t a first-class iPad experience, and you can’t upload from a Mac unless you set your browser to use the mobile version of the site.

Friday, May 12, 2017 [Tweets] [Favorites]

Amazon Prime Video Coming to Apple TV

John Paczkowski:

Amazon’s Prime video app — long absent from Apple TV — is indeed headed to Apple’s diminutive set-top box. Apple plans to announce Amazon Prime video’s impending arrive to the Apple TV App Store during the keynote at its annual Worldwide Developers Conference (WWDC) on June 5 in San Jose, California.


As part of the arrangement between the two companies, Amazon — which stopped selling Apple TV devices two years ago, when it also banned Google’s Chromecast devices from its virtual shelves — will likely resume selling Apple’s set-top box.

I still find Amazon’s policy of not directly selling iPads weird.

Secret Audio and Key Recording

Dan Goodin:

Almost a year after app developer SilverPush vowed to kill its privacy-threatening software that used inaudible sound embedded into TV commercials to covertly track phone users, the technology is more popular than ever, with more than 200 Android apps that have been downloaded millions of times from the official Google Play market, according to a recently published research paper.


SilverPush founder Hitesh Chawla said the finding surprised him because his company abandoned the ad-tracking business in late 2015.

Dan Goodin:

HP is selling more than two dozen models of laptops and tablets that covertly monitor every keystroke a user makes, security researchers warned Thursday. The devices then store the key presses in an unencrypted file on the hard drive.

People trust Apple to protect them from this kind of stuff.

Better GitHub Searching

Daniel Jalkut:

To search any subpath, just modify the search with the “path:” flag: “struct String” path:/stdlib. Six results, all pertinent to the actual implementation of “struct String”. Just what I was looking for.

There are lots of fancy constraints you can apply to GitHub searches, I simply hadn’t thought to look them up until now. Maybe some of them will make your exploration easier, too.

It’s so great having access to the Swift source during development.

How to Shoot on iPhone 7

Apple has a bunch of short videos that show how to use the iPhone’s camera (via Phil Schiller, Hacker News). Very nicely done.

Amazon Lowers Free Shipping Threshold to $25

Lauren Thomas:

In February, Amazon reduced its minimum order amount required to qualify for free shipping — for non-Prime members — to $35 from $49, price tracker BestBlackFriday first reported.

Amazon's website now reads that online orders of $25 or more, featuring eligible items, will qualify for free shipping.

This news comes after big-box retailer Wal-Mart, in January, rolled out free two-day shipping for orders over $35. The shift was one of the first major changes Marc Lore made at Wal-Mart since the retailer purchased his e-commerce start-up,, last year.

I gave in and got Prime, now that the Visa card gives you 5% back.

Previously: Amazon Increases Free Shipping Threshold, Amazon Increases Free Shipping Minimum to $35.

Update (2017-05-15): resoluteteeth:

Walmart has free two-day shipping on orders over $35 right now, with no membership required, and yet people are still writing articles like this asking, “will it be possible for Walmart to get 2 day shipping within the next couple years?”

We’ve had lots of problems with Walmart orders, such as boxes that never ship or arrive damaged. The prices are good, but you just can’t depend on receiving the correct, working item on time, like with Amazon.

Wednesday, May 10, 2017 [Tweets] [Favorites]

WhatsApp Extends Encryption to iCloud Backups

Tim Hardwick:

WhatsApp has offered end-to-end encryption on its messaging service for some time, but that encryption did not previously extend to iCloud backups of messages. Given that Apple holds the encryption keys for iCloud, a subpoena of Apple or an unauthorized iCloud hack could potentially allow access to WhatsApp messages backed up there.

However, WhatsApp has moved to prevent that possibility by also pre-encrypting the backup files.


According to Russian-based Oxygen Forensics, third-party hacking tools are able to download the encrypted WhatsApp data backed up to iCloud and then generate an encryption key to decrypt the data using the associated SIM card. The tools could potentially be used by police with access to a phone where the WhatsApp account has been deactivated but the encrypted messages are still stored in iCloud.

This is more protection than iMessage offers for iCloud backups, but it seems like both could benefit from allowing the user to specify a backup password, as is possible for local backups via iTunes.

Apple Music Redesign

Jason Yuan:

What you’ll find below is a case study offering potential solutions to address some of Apple Music’s problems, as well as ideas for future development. My process was guided by qualitative user research, Apple’s official Design Principles, and my own designer intuition.


I think Apple should focus on integrating existing social media with Apple Music instead of trying to push yet another one on its already overburdened consumers.


My solution was to implement a gesture that most users are already familiar with — the double tap — into the Now Playing experience. I observed that many users tried to press the “floating” album art in the present release (it just looks so delightful)…why not add a response?

Amazon Echo Show

Amazon (via Hacker News):

Echo Show brings you everything you love about Alexa, and now she can show you things. Watch video flash briefings and YouTube, see music lyrics, security cameras, photos, weather forecasts, to-do and shopping lists, and more. All hands-free—just ask.

Introducing a new way to be together. Make hands-free video calls to friends and family who have an Echo Show or the Alexa App, and make voice calls to anyone who has an Echo or Echo Dot.

Seems like a good idea, at a good price, although I agree that the design is not very attractive. Based on Phil Schiller’s comments, I assume that Apple is working on something similar, and that it will work with FaceTime, which is more convenient. It’s too bad that there are so many incompatible video calling platforms.

30 Years of PopChar

Günther Blaschek:

It all started back in 1987, when I tried to find a few special characters in the Symbol font. Apple’s Key Caps utility was not very helpful because I had to try all sorts of keyboard combinations to see which characters were available.


“Desk accessories” were an exception, as they were accessible from the Apple menu and could open a window on top of the current application. I therefore created a desk accessory called “Character Map” which displayed all symbols in a given font and let me copy and paste them into a text document.


Starting with version 3 (2006), PopChar had a search function for finding characters by their Unicode name. But what do you do if you don't know the name of a character?

In 2014, we extended PopChar 7 with a graphical “shape finder”.

Click a button, draw a shape and let PopChar search for characters that look like this.


To survive all these changes, PopChar has been redesigned and re-implemented from ground up again and again.

I think this is a good example of an app where the paid upgrade model worked well. Looking at the initial version, you might have thought that it was pretty much done. It solved the problem; how many more features could it need? It doesn’t seem like the kind of app that would need a lot of maintenance or that customers would want a subscription for. Yet platforms changed, Unicode and Emoji emerged, and the app continued to receive development attention and thrive. By App Store standards, 30 Euros is a lot for what seems like a little utility, but it’s a deceptively small app. There is a lot of functionality and design there, and from what I’ve heard from customers over the years, people love it.

Sierra Bluetooth Problems Due to GCD?

Howard Oakley:

One of the well-known problems in multi-tasking and concurrency is deadlock, when one task sits waiting for another, and the other task cannot proceed until the first task is complete. GCD is not immune from deadlock, and there are some curious issues which have arisen in El Capitan and Sierra which look suspiciously as if deadlock may have been their root cause.

I am also beginning to wonder if some of the persistent problems which we have experienced with Bluetooth disconnects, in both El Capitan and Sierra, are the result of issues within GCD, rather than in the Bluetooth drivers themselves. Even now, with Sierra 10.12.4, seldom a day passes without my Magic Trackpad 2 spontaneously disconnecting, then reconnecting.

These are all made the more complex by GCD’s heuristics, its ‘smart’ dispatching system. When trying to identify and diagnose problems, predictability is one of the most important properties, but because of those complex heuristics nothing about GCD follows clear and simple rules.

Previously: Sierra Bluetooth Problems and the Logitech K811 Keyboard.

Update (2017-05-15): Howard Oakley:

libdispatch (‘old’ GCD) provides facilities which include the management and dispatch of code threads or Operation Objects, which can be distributed optimally across the processor cores available in a Mac. In particular it manages multiple dispatch queues.

Centralized Task Scheduling (CTS) allows a developer to assign criteria for when a task should be performed, so that scheduled and other tasks can be deferred when necessary, for example when a laptop is running from its battery rather than mains power.

I hope that I have shown that Duet Activity Scheduler (DAS) manages heuristically a pool or queue of tasks or activities, and determines when to dispatch them for execution.

Monday, May 8, 2017 [Tweets] [Favorites]

After 19 Years, CMU Switches From Cyrus IMAP to Exchange/Gmail

Carnegie Mellon (via Hacker News):

In fall 2016, Computing Services began a multi-phased project to decommission the Cyrus email service as part of an effort to provide modern, industry standard, cost-effective email and calendar solutions.

The email and calendar services offered to campus have undergone a number of changes over the past several years. Many administrative departments have transitioned to Exchange providing an integrated solution with mobile support and advanced scheduling functionality; and in 2013, G Suite @ CMU became the default email service for undergraduate students.


Cyrus development will not be affected by this. While CMU has been running Cyrus, and employing one of the key developers, FastMail has a team dedicated to supporting the biggest open source project that we use. We have a new developer starting on Wednesday next week as well as Ken from CMU who has agreed to keep working on Cyrus as a FastMail employee and representing the project at conferences.

See also: Cyrus IMAP server.

Apple Updates Workflow

Juli Clover:

Apple-owned Workflow was updated to version 1.7.4 today, re-introducing features that were removed when Apple acquired the app and adding new Apple Music actions.


When Apple purchased Workflow, the Workflow team said app integrations and the Gallery would be updated on a regular basis, but a later report suggested Apple planned no more updates. Based on today’s update, which adds new features, that report was incorrect.

Though two new actions have been re-introduced, there are still features missing from the Workflow app. Maps actions are restricted to Apple Maps, and translating text only works with Microsoft's translation services. Other previous app actions, including Uber, Telegram, and LINE, are still unavailable.

Previously: Apple Acquires Workflow.

foreach Using Objective-C Generics

Peter Steinberger shares an Objective-C macro that lets you write foreach (object, collection), where object gets the proper type based on the collection’s type parameter. The benefits: you save space and typing vs. a standard for loop, yet you still get static checking and auto-completion. The code ends up looking like my macro from the old days before NSFastEnumeration and for…in loops.

Update (2017-05-15): Peter Steinberger:

I wrote a header that overrides mutable/Copy to pass along types+generic type data in Objective-C.

HandBrake Proton Trojan

HandBrake (Hacker News, MacRumors):

Anyone who has downloaded HandBrake on Mac between [02/May/2017 14:30 UTC] and [06/May/2017 11:00 UTC] needs to verify the SHA1 / 256 sum of the file before running it.

Anyone who has installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have 50/50 chance if you’ve downloaded HandBrake during this period.


Downloads via the applications built-in updater with 1.0 and later are unaffected. These are verified by a DSA Signature and will not install if they don’t pass.

Patrick Wardle:

So yah, when run, the infected Handbrake application:

  1. unzips Contents/Resources/HBPlayerHUDMainController.nib to /tmp/
. This ‘nib’ is a password protected zip file who’s password is: qzyuzacCELFEYiJ52mhjEC7HYl4eUPAR1EEf63oQ5iTkuNIhzRk2JUKF4IXTRdiQ
  2. launches (opens) /tmp/

Once the /tmp/ is launched, it displays a (fake) authentication popup - which is how the malware attempts to elevate its privileges[…]

Thomas Reed:

The fact that the malware requests an admin password yet installs all components in user space where no admin password is needed was initially puzzling, but that password request is actually not a system-generated prompt. It’s a phishing dialog displayed by the malware to obtain your password, which will be sent in clear text to api[DOT]handbrake[DOT]biz, the command & control (C&C) server for this malware.


This is a general-purpose backdoor with all the usual backdoor functionality. In addition, it appears this malware is exfiltrating the entire keychain, with all passwords. Thus, if you’re infected, the first priority should be changing all your online passwords. (After ensuring that your computer is free of infection, of course! Never change passwords on a device that may still be infected.)

Howard Oakley:

Apple has, over the last twenty-four hours or so, pushed another update to the XProtect data for macOS Sierra and, presumably, El Capitan.

Last year, something similar happened with Transmission, also from Eric Petit. However, the hacked Transmission was signed for Gatekeeper, whereas the hacked HandBrake was unsigned, like the normal HandBrake.


The HandBrake Team is independent of the Tranmission Developers. The projects share history in the sense that the same author created these apps but he is not part of the current HandBrake team of developers.

We do not share our virtual machines with the Transmission project.

Update (2017-05-17): Steven Frank (Hacker News):

In a case of extraordinarily bad luck, even for a guy that has a lot of bad computer luck, I happened to download HandBrake in that three day window, and my work Mac got pwned.

Long story short, somebody, somewhere, now has quite a bit of source code to several of our apps.

Saturday, May 6, 2017 [Tweets] [Favorites]

Apple’s China Problem: WeChat

Ben Thompson (Hacker News):

The fundamental issue is this: unlike the rest of the world, in China the most important layer of the smartphone stack is not the phone’s operating system. Rather, it is WeChat. Connie Chan of Andreessen Horowitz tried to explain in 2015 just how integrated WeChat is into the daily lives of nearly 900 million Chinese, and that integration has only grown since then: every aspect of a typical Chinese person’s life, not just online but also off is conducted through a single app (and, to the extent other apps are used, they are often games promoted through WeChat).


Naturally, WeChat works the same on iOS as it does on Android. That, by extension, means that for the day-to-day lives of Chinese there is no penalty to switching away from an iPhone. Unsurprisingly, in stark contrast to the rest of the world, according to a report earlier this year only 50% of iPhone users who bought another phone in 2016 stayed with Apple.

John Gruber (tweet):

If it really is true that “the operating system of China is WeChat, not iOS/Android”, that’s the whole ballgame right there.


Apple has nothing to worry about as long it makes desirable iPhones. But WeChat has killed any possiblity of FaceBook or Snapchat in China.

Lucien Hoare:

Thought experiment: what would Apple do if WeChat started using private APIs (or other rule breaking feature) Could they afford to reject?

Like Uber. I don’t quite understand how WeChat is allowed in the App Store in the first place; doesn’t it offer apps within an app?

Ben Lovejoy:

Samsung smartphone shipments fell by 60% year-on-year in China during the first quarter of the year according to Counterpoint Research data. The company saw its market share in the country slashed from 8.6% in Q1 2016 to 3.3% Q1 2017.

The main reason for the fall at a time when smartphone sales in China are still growing was far stronger competition from local brands …

Roost and Nexstand Laptop Stands

Mark Jaquith:

Increasingly I found myself hunched over at a coffee shop, or curled up on a couch. Not good for my back or my neck.


That slim black plastic thing is the Roost Laptop Stand. That’s what it looks like all folded up. Here’s what it looks like in action[…]

This raises my laptop screen between 6 and 12 inches (it is adjustable), which means I’m not peering down at it, but am looking straight ahead. It seems like a little thing, but it makes a huge difference in my comfort.

I started reading the Amazon page, and which pointed me to the similar Nextstand Laptop Stand, which is $30 instead of $75.


When folded, the Nexstand is about 1” longer than the Roost, and slightly thicker. This means the Roost is more compact than the Nexstand, and for me that is a bonus - the extra inch that I save in my bag means I can stuff an extra pair of socks in that space!

When expanded though, the Nexstand’s extra inch of length makes a big difference in that it appears considerably larger than the Roost. It suggests the Nextstand can hold a thicker or wider laptop than the Roost, but the Roost is still very capable despite its smaller size. The Nexstand comes with extra clips for thinner laptops.


Both the Roost and Nexstand are excellent, solidly built stands that will hold your laptop steady. I don’t want to advocate one above the other and have personally kept both for now. The Nexstand’s price represents excellent value and there’s nothing really negative about its quality, so if price is important to you, or you have a really large thick laptop, go with the Nexstand. The Roost provides extra luxuries such as rubber paddings and a more compact frame, but for the price it’s slightly more difficult to justify - if the price point doesn’t bother you then the Roost certainly represents a more “upgraded” model.

Phil Schiller on App Store Upgrade Pricing

Kunal Dua interviewed Phil Schiller (via Federico Viticci, Steve Troughton-Smith):

The reason we haven’t done it is that it’s much more complex than people know, and that’s okay, it’s our job to think about complex problems, but the App Store has reached so many successful milestones without it because the business model makes sense to customers. And the upgrade model, which I know very well from my days of running many large software programmes, is a model from the shrink-wrapped software days that for some developers is still very important, for most, it’s not really a part of the future we are going.

I think for many developers, subscription model is a better way to, go than try to come up with a list of features, and different pricing for upgrade, versus for new customers. I am not saying it doesn’t have value for some developers but for most it doesn’t, so that’s the challenge. And if you look at the App Store it would take a lot of engineering to do that and so would be at the expense of other features we can deliver.

On the other hand, subscriptions aren’t available for all types of apps, are more difficult to implement and use, and—except for really high-priced apps—customers seem to dislike them compared with upgrade fees.

Previously: Software Pricing Damage, App Store Subscriptions Clarification, Pre-WWDC App Store Changes.

Update (2017-05-06): Mark Munz:

I’ve never seen the level of anger from loyal customers like when topic of subscriptions was brought up.

Michael Love:

I’m fortunate that my biz model allows me to monetize old users w/o upgrades, but does affect what I spend time on.

We’ve also done a major, time-consuming UI refresh on iOS, and two of them on Android, since those have a big impact on new customer sales.

But making a heavily-used feature better in ways that are only obvious to people who already bought it is not a very profitable proposition.

Whereas with paid upgrades, making a heavily-used feature better in ways that are obvious to existing customers is how you make money.

In other words, existence of ‘professional’ apps is kind of a happy accident that relied on historical circumstances we may never see again.

Update (2017-05-07): Marco Arment:

Paid upgrades aren’t always bad, but I think he’s right that they’re ideal for a pretty narrow niche relative to the entire App Store.

Siddhartha Oza:

Since OS upgrades are always free, I doubt we will ever see upgrade pricing.

Apple can’t allow OS to upgrade and a few apps stop working.

Andrew Hart:

It’s how well paid upgrades do on the Mac, and how often they’re utilised, that convinces me otherwise.

Peter N Lewis:

Upgrade pricing is not about “value for some developers” - it is about ensuring value for existing users by closing the feedback loop.

Dan Counsell:

Hands up if you’re a user and prefer subscriptions rather than paid upgrades for apps.

Jeff Johnson:

There’s a mix of app buyers:

1. Always upgrade posthaste

2. Upgrade years later

3. Never upgrade

Subscriptions scare 2 & 3 from buying app.

Diane Ross:

Apps that I recommend with subscriptions scare away 9/10 users.

Matt Gemmell:

This Schiller interview’s segment re app upgrade pricing seems extremely disingenuous. The issue isn’t “complexity”.

Will Cosgrove:

Major eye rolls when I read this quote. They want apps to be free and ad supported or VC funded money losers.

Traditional devs have no place in the app store. No one, including Apple, wants to pay for the work involved iterating apps.

Ivan Vučica:

I love “App Store has one price for an app, when you see it, you see if there’s a price on it, that’s the price” <- what are IAPs then?

Update (2017-05-12): Dan Counsell (tweet):

The idea that developers will be able to charge their users a few bucks a year and make a living from it is bonkers. You only have to do the maths to see this is going to be tough for anyone what tries it[…]


No sane person wants to subscribe to each app they use on their phone.

Here’s how I’d like monetise my apps on the App Store:

I release version 1.0 of my app on the App Store. I continue to ship free updates just like I do now. Then when I’m ready to release version 2.0, the App Store can prompt all my existing users and asks if they’d like to purchase the upgrade. The user can choose to upgrade then, or ignore it.

Kirk McElhearn (blog):

Apple doesn’t generally use the excuse that something is too hard. But Schiller makes it clear hear that this process is complex.

Update (2017-05-15): Ben Thompson:

Still, even if the U.S. government is less to blame than Smith insists, nearly two decades of dealing with these security disasters suggests there is a systematic failure happening, and I think it comes back to business models. The fatal flaw of software, beyond the various technical and strategic considerations I outlined above, is that for the first several decades of the industry software was sold for an up-front price, whether that be for a package or a license.


The truth is that software — and thus security — is never finished; it makes no sense, then, that payment is a one-time event.

Thursday, May 4, 2017 [Tweets] [Favorites]

Hollywood Archivists Can’t Outpace Obsolescence

Marty Perlmutter (via Michael Love):

These days, the major studios and film archives largely rely on a magnetic tape storage technology known as LTO, or linear tape-open, to preserve motion pictures. When the format first emerged in the late 1990s, it seemed like a great solution. The first generation of cartridges held an impressive 100 gigabytes of uncompressed data; the latest, LTO-7, can hold 6 terabytes uncompressed and 15 TB compressed. Housed properly, the tapes can have a shelf life of 30 to 50 years.


As each new generation of LTO comes to market, an older generation of LTO becomes obsolete. LTO manufacturers guarantee at most two generations of backward compatibility. What that means for film archivists with perhaps tens of thousands of LTO tapes on hand is that every few years they must invest millions of dollars in the latest format of tapes and drives and then migrate all the data on their older tapes—or risk losing access to the information altogether.


The head of digital archiving at one major studio, who asked not to be identified, told me that it costs about $20,000 a year to digitally store one feature film and related assets such as deleted scenes and trailers. All told, the digital components of a big-budget feature can total 350 TB.


When Pixar wanted to release its 2003 film Finding Nemo for Blu-ray 3D in 2012, the studio had to rerender the film to produce the 3D effects. The studio by then was no longer using the same animation software system, and it found that certain aspects of the original could not be emulated in its new software. The movement of seagrass, for instance, had been controlled by a random number generator, but there was no way to retrieve the original seed value for that generator.

Software Pricing Damage

Matt Gemmell:

Has Apple created a huge market, in terms of potential customers? Absolutely. It’s just done so at the expense of its platform-invested developer community. Judging by the company’s value and income, it was a very wise move, and you can justify it on that basis if you choose. But don’t ignore the reality of the situation. Apple is not a benevolent entity; your human-centric partner in aesthetics and ethos. If that was ever true at all.


For developers who target the Mac, the last segment of the glass-and-aluminium Cupertino hardware line-up to still have plausibly sustainable economics, there’s only one course of action: pray that Apple remains disinterested.

See also: Paul Haddad.

Update (2017-05-05): Wojtek Pietrusiewicz:

I also tend to feel that developers themselves are partly to blame. For example, many years ago App A launched at $9.99. A few months or years later, competing App B comes along, but it starts out at $4.99. After a while, App A starts a 50% sale (and often doesn’t raise the price again). App C comes along at $0.99, followed by App D, which is free with in-app purchases. That’s the trend that I have seen for many of my favourite apps.

For sure, but I think a lot of this is because the App Store is designed to encourage it.

Update (2017-05-06): See also: Rene Ritchie, Colin Cornaby, Ben Oberkfell , McCloud (2).

Update (2017-05-10): Riccardo Mori:

The brief pre-App Store period when Apple promoted the creation of Web apps for the iPhone, and later the early offering of so many low-cost and free apps from third parties, strongly reinforced this idea in the eyes of most consumers; that these apps were simply low-value additions designed to extend their iPhone’s functionality. ‘Mobile apps’ were not viewed as regular software packages, but something smaller, lighter, etc. This, in turn, didn’t justify having to pay for these little apps more than one or two dollars.

Exception-oriented Exploitation on iOS

Ian Beer (via John Gordon):

My guess is that the developer copy-pasted the code for the entire function then tried to add the extra level of indirection but forgot to change the third argument to the copyin call shown above. They built XNU and looked at the compiler error messages. XNU builds with clang, which gives you fancy error messages like this:

error: no member named 'recipes_size' in 'struct mach_voucher_extract_attr_recipe_args'; did you mean 'recipe_size'?
if (copyin(args->recipes, (void *)krecipes, args->recipes_size)) {

Clang assumes that the developer has made a typo and typed an extra ‘s’. Clang doesn’t realize that its suggestion is semantically totally wrong and will introduce a critical memory corruption issue. I think that the developer took clang’s suggestion, removed the ‘s’, rebuilt and the code compiled without errors.


Perhaps most importantly: I think this bug would have been caught in development if the code had any tests. As well as having a critical security bug the code just doesn’t work at all for a recipe with a size greater than 256. On MacOS such a test would immediately kernel panic. I find it consistently surprising that the coding standards for such critical codebases don’t enforce the development of even basic regression tests.