Wednesday, February 19, 2020 [Tweets] [Favorites]

Larry Tesler, RIP

William Gallagher (mhaeberli, Hacker News, Reddit):

From 1980 to 1997, he worked for Apple, recruited by Steve Jobs, and ultimately rising to become vice president and chief scientist. In his 17 years at Apple, he began on the Apple Lisa, ran the development of the Newton, and invented Copy and Paste.

He was also a major contributor to key Macintosh software including QuickTime, AppleScript and Bill Atkinson’s HyperCard.

Tesler was the person Xerox assigned to show Steve Jobs around its Palo Alto Research Center in late 1979.

[…]

Tesler advised Amelio to buy NeXT, but also warned him.

Luke Dormehl:

Tesler was passionate about something called modeless computing, meaning a type of computing (now taken for granted) in which the user doesn’t have to switch constantly between different input states. His Dodge Valiant bore a customized license plate reading “NO MODES.” He regularly wore a T-shirt warning colleagues not to “Mode Me In.” And his Twitter handle was @nomodes.

Previously:

Which OS Services Are App Store–only?

Drew McCormack:

OK, I was sure I must have been messing up somehow, but it turns out Sign In with Apple is not supported in Developer ID signed apps (source DTS). Must be the only entitlement that requires the Mac App Store. It is undocumented and portal never gives an appropriate error.

Adrian Thomas found that there is actually a Supported capabilities (macOS) help page that lists which APIs work with a free developer account, a Developer ID app, and a Mac App Store app. The latter two require a paid developer account. Aside from Sign in with Apple, Low Latency HLS and Game Center are exclusive to the Mac App Store.

Previously:

Developer Laws

Dave Kerr (via Gus Mueller):

There are lots of laws which people discuss when talking about development. This repository is a reference and overview of some of the most common ones.

For example: Amdahl’s Law about optimization, Brooks’ Law about staffing, and Tesler’s Law about complexity, along with principles such as the Liskov Substitution Principle, YAGNI, and The Fallacies of Distributed Computing.

A possible addition: the Lindy Effect.

Tuesday, February 18, 2020 [Tweets] [Favorites]

Catalina Data Protections Break File Sharing

WillyC:

The new data protections in Catalina make some folders inaccessible by default (for example the ‘Documents’ folder). When an application tries to access one of these folders the OS presents the user with a dialog box to ensure they intended the access.

This seems to have had the effect of breaking home folder network shares. If you enable file sharing in macOS, any registered user is able to access their home folder using their own credentials. This works in Catalina, but the special private folders (Documents, Downloads, Desktop) can’t be interacted with. Attempts to interact with them result in an ‘access denied’ error and no dialog is presented to the user on the server machine that would allow access. On the client machine, in both Finder and Terminal these folders simply appear empty and you get a permissions error if you attempt to create a file.

You log into your Mac with file sharing but can’t access your own folders. The server Mac doesn’t prompt to allow access, and there doesn’t seem to be a way to manually grant it. I found that sometimes toggling file sharing off and then on again helps. But this may not be easy to do while you’re sitting at the client Mac. And the problem eventually comes back.

Previously:

iOS Optimization Tips

Rony Fadel (tweet):

We’re tempted to think of labels as lightweight in terms of memory usage. In the end, they just display text. UILabels are actually stored as bitmaps, which could easily consume megabytes of memory.

[…]

When you dispatch_async a block onto a concurrent queue, GCD will attempt to find an idle thread in its thread pool to run the block on. If it can’t find an idle thread, it will have to create a new thread for the work item. Quickly dispatching blocks to a concurrent queue could leads to quickly creating new threads.

[…]

The concurrent queues you get from dispatch_get_global_queue are bad at forwarding QoS information to the system and should be avoided.

[…]

Avoid using dispatch_semaphore_t to wait for asynchronous work

[…]

UIKit implements tags using objc_get/setAssociatedObject(), meaning that every time you set or get a tag, you’re doing a dictionary lookup, which will show up in Instruments[…]

Jared Sorge:

I don’t know how many times I have kept text in a label when I perhaps didn’t need to. I also didn’t know that the right place to nil-out text in reusable views (UI{Table|Collection}ViewCell) is not in their prepareForReuse() method but in the delegate’s didEndDisplaying method instead.

Previously:

Goodbye, Mac360

Ron McElfresh:

Mac360 started life back in mid-2004 as a test among friends to get into blogging and to try out Mac OS X Panther Server on an old, unused goose-neck iMac.

[…]

Through the years we saw it all. The Mac moved to Intel Inside. The iPhone arrived. The App Store. iPad. Apple Pay, Apple Music, AirPods, and much more. We saw Apple’s stock price and valuation rise to record levels. We graced Mac360 with advertising to help pay some bills and give the growing staff an incentive to continue to write about all things Apple.

[…]

Yes, all good things come to an end.

A few years ago I came down with an odd neuromuscular disorder that has slowly become debilitating. After 18 months of tests with a dozen different doctors I was referred to Mayo Clinic in Minnesota. More doctors and extensive tests confirmed a preliminary diagnosis of ALS.

Thanks to Ron and crew for all they’ve done. I hope there’s a way to preserve the archive.

Via Dave Mark:

Here’s a link to a GoFundMe to help defray Ron’s medical expenses.

YouTube App Ending In-App Purchase

Juli Clover:

YouTube today sent out emails to customers who are subscribed to its YouTube TV service through Apple’s App Store, letting them know that App Store subscriptions are going to be discontinued in March.

[…]

The YouTube TV app will need to remove all references to subscribing and signing up from its app when in-app purchases disappear, as Apple does not allow apps to link out to third-party subscription purchase options.

Chris Welch (tweet):

Other streaming TV services like Sling TV and Hulu with Live TV don’t offer in-app subscriptions. (Hulu does for its regular on-demand service, however.)

An increasing number of popular services, including Spotify, have stopped accepting new subscriptions through in-app purchases. But in Spotify’s case, the company allows existing customers to keep paying through Apple.

Apple’s developer terms require a 70 / 30 split in a customer’s first year of paying for a subscription through the App Store. After that, the developer gets 85 percent, and Apple takes 15. YouTube TV regularly costs $49.99, but subscribers who pay through Apple are charged a higher $54.99 to help offset Apple’s rules. But apparently, YouTube no longer wants to bother with that, either.

Even with the multi-year discount and charging iOS users $5 extra, Google was still ending up with less by using IAP. Prioritizing services revenue means Apple gets 30/15% of $0, customers get a worse experience, and Google gets their personal information.

Russell Ivanovic:

Let’s be honest. Apple taking a 30% cut for simply processing a transaction is beyond ridiculous. That it drops to 15% in year 2 isn’t better. Other payment processors charge 2.5% 🤪

Or put another way: if Apple gave you the option to use someone else how many people would keep using their service at the current pricing? If the answer is “almost no one” then it’s not a competitive or good service. It’s a monopoly

Previously:

Monday, February 17, 2020 [Tweets] [Favorites]

Why There’s No Instagram iPad App

Mitchel Broussard (Reddit):

Instagram CEO Adam Mosseri took to the platform over the weekend to answer a few user questions on his story, shared by The Verge’s Chris Welch. Among the many things asked, the topic of an official iPad app for Instagram was brought up, and Mosseri explained why we haven’t seen one yet.

According to Mosseri, the company “would like to build an iPad app” for Instagram, “But we only have so many people, and lots to do, and it hasn’t bubbled up as the next best thing to do yet.”

It seems like there must be more to it than that. Even if they didn’t want to reimagine the app for iPad, they could tweak the iPhone app to make it fill the whole screen. So either they predict so little value for an iPad app—even multiplied by the huge size of their userbase—or an iPad app would somehow be a negative. Do they get more tracking and user data if you browse on an iPad in Safari?

Previously:

The Paywalled Garden: iOS Is Adware

Steve Streza (tweet):

All that money comes from the wallets of 480 million subscribers, and their goal is to grow that number to 600 million this year. But to do that, Apple has resorted to insidious tactics to get those people: ads. Lots and lots of ads, on devices that you pay for. iOS 13 has an abundance of ads from Apple marketing Apple services, from the moment you set it up and all throughout the experience. These ads cannot be hidden through the iOS content blocker extension system. Some can be dismissed or hidden, but most cannot, and are purposefully designed into core apps like Music and the App Store. There’s a term to describe software that has lots of unremovable ads: adware, which what iOS has sadly become.

If you don’t subscribe to these services, you’ll be forced to look at these ads constantly, either in the apps you use or the push notifications they have turned on by default. The pervasiveness of ads in iOS is a topic largely unexplored, perhaps due to these services having a lot of adoption among the early adopter crowd that tends to discuss Apple and their design. This isn’t a value call on the services themselves, but a look at how aggressively Apple pushes you to pay for them, and how that growth-hack-style design comes at the expense of the user experience.

M.G. Siegler:

Wow, this is... aggressive. An almost full-screen self-ad on launch of the Apple Wallet app...

Oliver Haslam:

Emails, I don’t mind. It’s the location of the ad that’s the issue. The Wallet app is no place for an ad.

Marco Arment:

Neither is the Music app, but it’s often an Apple Music ad.

Same will happen to the TV app for TV+. They’ve already compromised Wallet (Card), App Store (Arcade), News (News+), and notifications.

The system UI doesn’t purely serve us anymore — it’s Apple’s upselling machine.

Daan Odinot:

Apple leveraging the shit out of the fact that they control the platform. They must know that they’re playing with fire here.

Marco Arment:

Are they? What can we really do about it?

Apple first let other apps turn our phones into marketing machines by non-enforcement of their rule against marketing/promotional push notifications.

Then they started routinely violating it themselves.

Actions speak: they don’t care.

Kyle Howells:

Apple’s services push is ruining the company.

Apple’s high quality and user focused design wasn’t inherently built into the company. It was a result of the companies incentives being to please their customers so they buy more hardware.

Once you switch to selling services the incentives switch too and so the quality disappears

This was completely predictable, and immensely disappointing.

Apple is destroying all the premium, high quality things we liked about them in pursuit of the myth of infinite growth modern companies have blinded themselves into believing in.

David Chartier:

Have we talked about how the TV app in tvOS 13 now just displays a bunch of ads for shows we haven’t heard of or don’t care about?

It used to display our most recently watched shows and films, making it super easy to get back to them.

This is an awful change.

Steve Troughton-Smith:

Really though I’m pretty unhappy Apple’s TV+ service is going to debut in an app with mixed free/streaming and paid/rental movies, especially with Family Sharing where everything is linked to my credit card. I can’t stand that it mixes both kinds of content in recommendations

Josh Centers:

The Apple TV app on the Apple TV is currently the bane of my existence. In theory, it should be a tidy way to manage everything you watch, bringing together content from Apple, Disney+, HBO, Hulu, and other streaming services (but still not Netflix, for some reason), plus live news and even sports. It sort of does that, but over time, Apple has started using the app to push the company’s own paid content, especially its Apple TV+ service.

Michael Rockwell (tweet):

It’s becoming clear that Apple is more than happy promoting their services through apps like Apple TV. And because of this, I’ve slowly moved away from using Apple’s apps and services toward alternatives. =

Dave:

Besides the blatant ads that we’re seeing more frequently in the UI, the issue that’s perhaps even more egregious is that entire app UIs are designed as ads.

They like to refer to it as “curation” but that’s really just another word for “advertisements”.

Dave (Reddit):

The reason this was controversial is that unlike the Up Next items, which were useful in showing you what’s on deck, the new full screen previews served no functional purpose and were essentially advertisements for content to watch. Firstly, this is a problem because it frequently suggests content you don’t even have access to without paying extra. But even more importantly, this speaks to a much bigger issue that has spread across the tech world — curation is destroying the user interface.

This may be the single biggest design problem in the tech world today.

I mean that sincerely. There is this ubiquitous tendency where “recommendation” has become another word for “advertisement”. Entire UIs are designed around how curators (both human and algorithmic) can suggest content for you.

Steve Streza:

The Apple News app is an obscene unending ad for News+ and it makes me want to yeet the app clean off every device it’s on.

Thom Holwerda:

The weird reality nobody wants to talk about: Apple, claiming not to be an ad company, puts tons of ads on its devices, while Google, definitely an ad company, puts effectively zero ads on Android.

Steve Streza:

More of the adware that permeates every corner of iOS. If you search for something in the Music app, it shows you an ad for Apple Music with no option to buy. Then if you go to the iTunes Store, it shows you... another ad for Apple Music.

Corbin Dunn:

Apple’s full size ad for News+ in the News “Mac” app. I don’t want to see any News+ stuff. How do I disable this?

Marco Arment:

After installing Catalina, EVERY app on my Mac had to re-ask for notification permission, even those I’d granted before.

Except fucking Apple News, which I never granted notification permission to, and enables itself for banners and sounds by default.

Zero respect for users.

Daniel J. Wilson:

Third-party apps have to be granted explicit permission to display notifications (even if they were already in use on your Mac), but Apple can display a marketing message for their browser when rival Chrome is launched for the first time on Catalina. Cool.

David Chapman:

iOS 13 has crippled the Health app and turned it into an ad platform.

Yes, I will probably buy a $3 app from the store in order to get the functionality back, so Apple will get $1 now. It will lose ~$100 in lifetime customer value by making me less likely to buy Apple products.

Ryan Jones:

Apple’s email receipts are killing me / customer support.

They don’t even have the app’s name, but an Apple Card ad made the cut! 🙄

Ben Szymanski:

I can’t believe that this is what the first party Mac software looks like now.

Ruffin Bailey:

I continually get bombarded now with what amount to advertisements asking for me to either buy more space now or, the other button says, “Not now”, implying, “Sure, I’ll do this later”. There is no, “I realize I’m out of space and I’ll handle it on my own danged time, thanks,” option. There was a time a week or two ago where, no lie, I was getting notifications about being out of space every 10-15 minutes on my iPhone.

[…]

That is, the only solution Apple provides for you when you’re out of iCloud space is for you to buy more iCloud space. That’s broken. That’s the wrong attitude. What is that space being used for? Are there smart ways to do these things another way?

rth.wtf:

The new push for services revenue feels totally off-brand for Apple. Or at least the old Apple. Maybe we’ve entered a new era for the company where growth-at-all-costs is the chief motivator for how they’re going to treat customers going forward.

John Gruber (tweet):

But I worry that with its services push, Apple is turning into an advertising company too. It’s just advertising its own services. In iOS 13 they put an ad for AppleCare at the very top of Settings. They use push notifications to ask you to sign up for Apple Pay and Apple Card, and subscribe to Apple Music, TV, and Arcade. The free tier of Apple News is now a non-stop barrage of ads for Apple News+ subscriptions. Are we at the “hellscape” stage with Apple? No, not even close. But it’s a slippery slope. What made Apple Apple is this mindset: “Ship great products and the profits will follow” — not “Ship products that will generate great profits”.

It is essential that product people remain in charge of these decisions at Apple, not services people.

Previously:

Update (2020-02-18): Dave Wood:

This sort of thing has me recommending friends/family look at Windows instead of macOS. It hurts my soul, but if you’re going to be treated like an animal by the vendor, you may as well get the cheap hardware and save some $.

Ed Cormany:

this is…not even close to the accepted meaning of the word “adware”.

Nick Heer:

Streza calls iOS “adware”, which I think is hyperbolic. But there’s no denying that using Apple’s products is starting to feel like visiting a department store that’s more intent on pushing its credit card than selling you a pair of shoes.

For me, the result has been plainly obvious: I treat many of Apple’s first-party apps as mere containers for their subscription services.

[…]

Some of these things are utilities; music shouldn’t feel like a utility, but it does now.

[…]

I don’t think it’s necessarily wrong for Apple to use its platform owner advantage to push its services, but I do think that, currently, it is making those products worse.

Tyler Hall:

I happily and enthusiastically paid for all that music. But now? Every time I see the $14.99 charge for our Apple Music family plan hit my checking account, I wince. I pay it begrudgingly because I feel like I have no other choice.

Let me be 100% crystal clear about this. The only reason I subscribe to Apple Music over Spotify or Tidal – or, hell, – Amazon Music or god-knows-what thing YouTube is currently offering, is because it’s the first-party, default service on macOS and iOS. The friction to use any other app that competes with a pre-installed, first party app on iOS (and increasingly macOS) is just too damn high.

Cameron Braun:

It’s been a slow, steady change, so I hadn’t really noticed it. But @SteveStreza is right here... @Apple is pushing its limits and it’s making the user experience worse...

Dare Obasanjo:

This is an amazing graphic from @SteveStreza that shows how iOS is now nagware constantly upselling you to services from an Apple credit card to music subscriptions. Apple does this while cracking down on Google’s ad business in the name of privacy.

We live in an interesting world where Apple has convinced the tech press that seeing targeted ads while using Google products is bad but seeing ads for Apple branded high interest credit cards in the native iOS wallet app is the moral high ground. 🤷🏾‍♂️

Ben Lovejoy (tweet):

Apple-focused writers don’t call Apple out, he suggests, because we mostly subscribe to Apple services so don’t see the promos. I’m not sure that’s the case. Personally, I subscribe to Apple Music; have a free one-year trial to Apple TV+ that I’m unlikely to ever pay for; can’t get the Apple Card in the UK; don’t subscribe to Apple Arcade; and rarely if ever notice app promos in the App Store.

nz:

This is absolutely a problem—I didn’t pay a thousand bucks for a phone, just to have Tim Cook use it as a billboard. I’d I wanted to be a tool for advertising, I’d use Android.

Most insidious by far are the push notifications. I could maybe live with having to dismiss a subscribe dialog when opening the app. Having the system interrupt me to try to sell something is so wrong Apple even has rules against it … not that they or anyone follow those rules. Frankly, that alone has made notifications worthless, since the lack of granularity means I’m just turning off everything.

Dave Mark:

We’ve all seen the wave of ads, seemingly everywhere you turn. Especially if you have not subscribed to a particular service. […] I get it. Apple’s market is maturing, and shareholders demand growth. Apple has turned to services for that growth and these ads are a necessary evil.

Kirk McElhearn:

What I don’t understand is why I see these ads in the iTunes Store, even though I subscribe to Apple Music.

Brian Webster:

Apple: Let’s see how many ads for our services we can get away with putting in our built-in apps.

Samsung: hold my beer.

Steve Streza:

To address some common rebuttals. […]

See also: Hacker News.

Friday, February 14, 2020 [Tweets] [Favorites]

SwitchGlass 1.0

John Siracusa:

SwitchGlass adds a dedicated application switcher to your Mac.

[…]

Apple provides APIs to activate applications, optionally also bringing all of their windows to the front. Sometimes, when a call is made to one of these APIs, nothing happens. Or sometimes the app activates but none of its windows come to the front, even though the API call asked for all windows to come to the front. These bugs have existed in macOS for many years, and I’ve not yet found workaround for them in SwitchGlass.

[…]

Q: Why can’t I use SwitchGlass to quit apps?

Sandboxed Mac apps cannot tell arbitrary other applications to quit.

[…]

The area of the preferences window used to set the app switcher’s positon on the screen is meant to show a tiny version of each display’s desktop background image. Unfortunately, sandboxed Mac apps cannot read images from arbitrary locations without asking for permission first. SwitchGlass can access the desktop pictures that come bundled with macOS, but it cannot see any of your personal pictures. I decided it wasn’t worth prompting for permission for this visual frill, so if SwitchGlass cannot read your desktop background image, it will just show a gray box instead.

Brad Ellis discusses designing the icon.

Companies that Scrape Your E-mail

Joseph Cox (via Bruce Schneier, Hacker News):

The popular Edison email app, which is in the top 100 productivity apps on the Apple app store, scrapes users’ email inboxes and sells products based off that information to clients in the finance, travel, and e-Commerce sectors. The contents of Edison users’ inboxes are of particular interest to companies who can buy the data to make better investment decisions, according to a J.P. Morgan document obtained by Motherboard.

[…]

Some of the companies listed in the J.P. Morgan document sell data sourced from “personal inboxes,” the document adds. A spokesperson for J.P. Morgan Research, the part of the company that created the document, told Motherboard that the research “is intended for institutional clients.”

[…]

Edison is just one of several companies that offer free email apps which then sell anonymized or pseudonymised data derived from users’ inboxes. Another company that mines inboxes called Foxintelligence has data that comes from users of the Cleanfox app, which tidies up users’ inboxes.

Edison:

To keep our Edison Mail app free, and to protect your privacy by rejecting an advertising-based business model, our company Edison Software, measures e-commerce through a technology that automatically recognizes commercial emails and extracts anonymous purchase information from them. Our technology is designed to ignore personal and work email, which does not help us measure market trends.

Michael Potuck:

While the developer says on its website that it does “process” its users’ emails, Edison customers that Motherboard interviewed said they didn’t realize what was happening.

And when looking at the big picture, Edison having phrases like “privacy by design” and “privacy first” on its website can feel misleading after learning about how they scrape and sell personal data.

Joe Rossignol:

Edison’s privacy policy and support website also indicate that users can opt out of having their anonymized data shared with Edison Trends partners by navigating to Account > Settings > Manage Privacy in the app.

Nick Heer:

Slice is owned by Rakuten, a Japanese e-commerce conglomerate that also owns Unroll.me. A few years ago, the latter company was at the centre of a similar controversy over the appropriateness of scraping users’ inboxes for marketing data that can be sold.

Previously:

Unpaid Apple Store Bag Checks Ruled Illegal

Mikey Campbell (L.A. Times, Hacker News, Reddit):

The California Supreme Court in a decision delivered on Thursday found Apple broke state law by not paying retail workers for the time they spent participating in mandatory bag and device searches, leaving the company liable for millions in unpaid wages.

In a unanimous ruling (PDF link), the court holds employees were and are in Apple’s control during mandatory exit searches of bags, packages, devices and other items. As such, Apple is required to compensate its employees for time spent on the anti-theft program, which in this case allegedly amounted to up to 20 minutes worth hundreds or thousands of dollars a year.

Juli Clover:

Apple requires all personal packages, bags, and Apple devices that belong to retail employees to be checked by a manager or security before an employee is allowed to leave the store for any reason, including breaks, lunch, and the end of shifts.

Employees are also required to clock out before submitting to an exit search, and have estimated that the time spent waiting and undergoing searches ranges from five to 20 minutes. On busy days, some employees have waited for up to 45 minutes waiting for a bag check.

Apple has argued that allowing employees to bring bags and devices to work is a convenience and has positioned the searches as a “benefit” because employees could prevent searches by not bringing personal items or could be banned from bringing personal items all together. The California Supreme Court says that such a ban would be “draconian” and that Apple’s arguments that employee iPhones are a convenience are “at odds” with how the iPhone is described in marketing materials.

Update (2020-02-18): John Gruber:

This whole thing is an embarrassment for the richest company in the world. I can see how it happened in the first place, but once it got to court, Apple should have recognized that the policy was flatly wrong and settled it by fully paying wages for time spent in these checks to retail employees worldwide.

[…]

Second, taking this lawsuit to the state supreme court left Apple’s lawyers arguing that employees don’t need to take their Apple devices to work. Who doesn’t take their phone to work? I literally don’t know anyone who leaves the house for anything without their phone.

David Heinemeier Hansson:

Really a stain on the company. And they took it to the California supreme court? WAT?

Still can’t get over how Cook signed off on the gaslighting argument that getting frisked at work is a “benefit” to employees, and if they didn’t want that “benefit”, they could leave their iPhones at home.

macOS 10.15.3 Time Machine Problems

Howard Oakley:

In yesterday’s article, I described how I discovered that two of my Time Machine snapshots had apparently got stuck, and couldn’t be deleted when automatic backups tried to ‘thin’ those snapshots. That in turn was filling my log with error messages every time that Time Machine made an automatic backup. This article explains what happened, and how I fixed the problem.

Howard Oakley (Hacker News):

If you’re intending to rely on Time Machine backups in macOS 10.15.3, you might want to use an alternative as well. I can now confirm that making the first full backup using Time Machine can take so long that it may not be feasible, and that some users are also experiencing failure to restore from an existing backup.

[…]

If you are intending to make a full first backup using Time Machine in 10.15.3, you should be wary of its potential to never complete, and be prepared to fall back to a substitute backup system. If you do encounter very slow progress during the first backup, cancel it, remove the incomplete backup, add the .DocumentRevisions-V100 folder at the root of each volume to be backed up to Time Machine’s exclude list (press Command-Shift-. to see hidden items in the file selector dialog), then try again.

Previously:

Update (2020-02-17): Howard Oakley:

This article explains how you might determine if this is the cause of your Mac backing up slowly, and if it is, what you might do about it.

macOS 10.15.3 Update Erases Log Files, Too

Mr. Macintosh:

Almost all the /var/log files have been erased and start over the minute after the 10.15.3 update finished installing.

[…]

This is my 4th article on 10.15.3 Combo Update issues. If you have not seen them yet, you can view them below.

Previously:

Thursday, February 13, 2020 [Tweets] [Favorites]

How Important Our Phones Are

John Gruber:

Yes, phones that cost $1,000 or more are expensive. Yes, that’s outside the budget for most people. But why in the world would anyone argue this is ”hard to justify”? Phones are, for most people, the most-used computing device in their lives.

[…]

There are way more people on the planet who’d rather have a $1,400 phone and a $400 laptop than the other way around.

Phones are too important to be limited to software approved and sold by their platform vendor.

macOS 10.15.3 Update Doesn’t Create APFS Snapshot

Mr. Macintosh:

Something happened in the latest set of Apple updates released on January 28th. The Automatic Backup Snapshots are no longer working!!! At first, I thought it only happened on the 10.15.3 Combo update. I then checked the 2020-001 Security Update on High Sierra and it’s not working either!

I found this out while I was writing another article on Catalina Logs. I built a 10.15.2 device and updated it to 10.15.3. I booted to recovery to restore the from the automatic snapshot only to find that it was missing!

[…]

I am not totally sure what’s going on here, if I had to guess this a bug. I wanted to let you know about this. The last thing you want to do is rely on that automatic backup snapshot only to find out it was never created.

Plus, the installer apparently purges any snapshots that you made manually.

Previously:

2020 State of Mac Malware

Malwarebytes Labs:

Mac threats increased exponentially in comparison to those against Windows PCs. While overall volume of Mac threats increased year-over-year by more than 400 percent, that number is somewhat impacted by a larger Malwarebytes for Mac userbase in 2019. However, when calculated in threats per endpoint, Macs still outpaced Windows by nearly 2:1.

Emphasis added. This sounds really bad at first, like the number of Mac threats is growing in proportion to the (larger) number of Windows threats. But I guess they are just using the non-technical meaning of “exponential,” so the whole thing boils down to “more than.”

The full PDF report:

Of all the threats seen this year, only one incident involved anything other than tricking the user into downloading and opening something they shouldn’t. That is the incident in which Coinbase, and several other cryptocurrency companies, were targeted with malware that infected systems through a Firefox zero-day vulnerability. Affected systems were infected with the older Wirenet and Mokes malware. This was the first time such a vulnerability had been used to infect Macs in any significant way since 2012, when Java vulnerabilities were used repeatedly to infect Macs (until Apple ripped Java out of the system, ending the threats). Beyond that what we saw was a virtual landslide of adware and PUP detections, far outpacing growth on the Windows side. While these threats are not considered as dangerous as traditional malware[…]

[…]

We define “traditional malware” as malicious software such as backdoors, Trojans, and spyware.

[…]

Among the top 10 Mac threats (for both consumers and businesses) are a mix of PUPs and adware. The PUPs are a variety of mostly “cleaning” apps that have been determined as unwanted[…]

So the words “threat” and “malware” also have unexpected definitions that include potentially unwanted apps and adware.

Sara Morrison:

The amount of malware on Macs is outpacing PCs for the first time ever, and your complacency could be your worst enemy.

“People need to understand that they’re not safe just because they’re using a Mac,” Thomas Reed, Malwarebytes’ director of Mac and mobile and contributor to the report, told Recode.

[…]

“There is a rising tide of Mac threats hitting a population that still believes that ‘Macs don’t get viruses,’” Reed said. “I still frequently encounter people who firmly believe this, and who believe that using any kind of security software is not necessary, or even harmful. This makes macOS a fertile ground for the influx of new threats, whereas it’s common knowledge that Windows PCs need security software.”

This sounds unnecessarily alarmist compared with the contents of the report, and I remain convinced that for most users Apple’s built-in security measure are sufficient. I’ve seen far more Mac problems caused by anti-virus software than actual viruses.

Ben Lovejoy:

Third, and most crucially of all, Mac malware is not a virus. These are not apps that can spread from machine to machine, installing themselves. macOS doesn’t allow unsigned apps to be installed without user permission.

Previously:

Update (2020-02-14): Apple:

Apple is committed to providing great experiences that respect customer privacy and security. When joining the Apple Developer Program and accepting the Program License Agreement, developers agree to ensure that their software is safe and secure for their users. They also agree to cooperate with Apple systems, such as the notary service, designed to help protect users from malware (e.g., viruses, trojan horses, backdoors, ransomware, spyware) or malicious, suspicious, or harmful code or components when distributing Developer ID–signed Mac software outside the Mac App Store. The examples below are provided to help clarify some of the behavior that is not permitted for Mac software distributed in this way.

Via Jason Snell:

It seems that many of the items in Malwarebytes’ report have gotten the hammer from Apple and are no longer actively circulating. The report’s long list of Mac software is an alert that the Mac is now a much more enticing target for makers of adware and other scam software. It certainly can’t be a coincidence that Apple is stepping up enforcement of its policies at the same time that the number of these sleazy apps is increasing.

[…]

It’s valid to wonder if the Mac’s reputation for being a safe harbor leads some Mac users to make bad security choices. But “Macs don’t get viruses” is a statement that is still overwhelmingly true. Even if it makes it awfully hard to sell Mac anti-malware software.

Update (2020-02-17): Nick Heer:

So the chance of experiencing malware — not adware or what Malwarebytes calls “potentially unwanted programs”, but malware — on a Mac actually fell in 2019, according to this report.

Michael Nordmeyer:

Cleanfox and Unroll.me are still being featured on the iOS app store in a “Declutter Your Digital Life” story

Thomas Reed:

“Macs don’t get viruses” is a statement that is still overwhelmingly true.

I see so many people getting infected because they believe this...

Also, keep in mind that adware and PUPs are not harmless. They engage in scams, intercept network traffic, exfiltrate sensitive user data (like browser history), and open all kinds of security holes that could be taken advantage of by more malicious software.

Jason Snell:

As I wrote, “It’s valid to wonder if the Mac’s reputation for being a safe harbor leads some Mac users to make bad security choices.”

That said, I do think you and your employer are stoking fear and that Malwarebytes benefits from that fear. I’m not surprised you take exception.

Apple has multiple methods of stopping bad actors and has stepped up its game in recent months. This third party stuff is almost worthless unless you are making some very bad decisions

BlueMail Back in Mac App Store

Joe Rossignol:

Last week, after months of making little to no progress with Apple towards having its Mac app reinstated, BlueMail co-founders Ben Volach and Dan Volach penned an open letter to the developer community that encouraged any developers who feel that Apple has kicked them out of the App Store or otherwise treated them unfairly to reach out to them and share their stories.

Just days later, the BlueMail app has returned to the Mac App Store. In a press release, BlueMail parent company Blix said it has no intention of dropping its legal case against Apple, which it believes extends beyond the removal of BlueMail on the Mac App Store to the “suppression of its iOS app and the infringement of Blix’s patented technology through ‘Sign in with Apple.’”

Joe Rossignol:

In a statement last week, shared with MacRumors, Apple said it “attempted on multiple occasions to assist them in getting their BlueMail app back on the Mac App Store,” but said “they have refused our help.” Apple added that BlueMail was “proposing to override basic data security protections which can expose users’ computers to malware that can harm their Macs and threaten their privacy.”

[…]

Specifically, Apple says its Developer Technical Support team advised the BlueMail team to make changes to how it packages its Mac app in order to resolve a security and privacy warnings issue related to the app creating a new binary with a bundle ID that changes on each launch.

Of course, it’s perfectly normal for an e-mail client to run up against section 3.3.2. So, if I understand this correctly, they made a sketchy app and refused to fix the obvious problem because they wanted to do a PR stunt?

Previously:

Wednesday, February 12, 2020 [Tweets] [Favorites]

KVO Reentrancy Canary

Ilya Kulakov (tweet):

While possibility of race conditions in the multithreaded code is a side effect of the desired behavior when multiple processing units compute result based on the shared data, Same-Stack Race Conditions are outright incorrect.

KVO, while often a hated victim, is not the only troubled technology. Everything that uses same-stack callbacks, including Delegates and Notifications, is susceptible.

[…]

In Objective-C and Cocoa I use the following lock-like approach that relies on RAII scopes (and relatively “modern” Clang and GCC that support the cleanup attribute) to detect the errors[…]

Previously:

iOS 13 UTI Bug

Brent Simmons (tweet):

But in NetNewsWire for iOS (currently in beta) this sometimes doesn’t work because, for some people, the system won’t let you select an OPML file to import. (This does not happen on Macs.)

[…]

We found that if a user has another app that declares an OPML UTI — and that UTI doesn’t match ours — then the document picker will not see those OPML files as the type we accept (org.opml.opml) but as something else.

The workaround is to let the user select any text file, which is not great.

Guy English:

Remember when Apple maintained a register for type/creator codes. This was supposed to get away from that and yet... It does seem like some simple web registry system (optional) would help developers who want to do the right thing (the vast majority) be able to do so more easily.

Jake Carter:

That was a fun one I hit when working on OmniOutliner. After hitting other issues I believe we settled on declaring ourselves as able to read ALL file types and just screen them at the time we try to open them. Not great, but it worked.

Kyle Howells:

I ran into the exact same problem the very first time I tried to use the iOS file pocket APIs.

Apple doesn’t like how messy and imprecise file extensions are so they don’t let iOS apps use them. Instead you have to use a much more complex API involving UTI definitions. Except iOS doesn’t handle conflicts well, making the entire thing useless.

I ended up giving up asking for ‘public.data’ (everything) and then just filtering the selected file name in app.

That was the only way I could guarantee the user would actually be able to use my app without another apps UTI definition breaking my app completely.

Especially as iOS is designed that the system knows best and doesn’t allow the user any sort of override or control.

iOS doesn’t have an option to allow the user to even see the file extensions, let alone change them.

Peter Steinberger:

We‘re running into a similar problem where apps override the public PDF. Been hunting them down and explaining them the error one by one, but it‘s like Don Quijote.

Curtis Herbert:

This has been a blight in the GPS world for apps that import GPX files. Apple’s suggestion in the dev forums was ... less than practical.

Annoyingly, this wasn’t a problem until iOS 13. It’s really annoying that Apple opted for the “technically correct” way that lets one rogue app break the user experience.

Douglas Hill:

It looks like UIKit’s document picker and browser use UTTypeCreatePreferredIdentifierForTag. It’s behaviour is documented as being undefined, so some random type wins.

Audit your code! Use UTTypeCreateAllIdentifiersForTag instead to handle all possibilities.

Update (2020-02-14): Wood Borer:

This has been a problem on the Mac for years. I even wrote a whitepaper about it, trying to get Mac TeX developers to coordinate our own set of common UTIs.

Jonathan Grynspan:

Re the “UTI bug”: if people are still seeing issues in the latest seeds, please file bugs so the right folks know what’s not working.

Tuesday, February 11, 2020 [Tweets] [Favorites]

Google Maps at 15

Lauren Goode (tweet):

Jen Fitzpatrick leads the Google Maps team, and also happens to be one of the earliest Googlers. She first joined the company as a software coding intern in 1999, and worked on Google’s search, advertising, and news products before finding her way to Maps. Fitzpatrick sat down with WIRED ahead of the app’s 15th birthday to talk about the evolution of digital maps, how she plans to keep advertising from being as confusing on maps as it is in search, and a future in which Google Maps is more than just a driving app.

[…]

I think we had a hypothesis going into the AR-based walking navigation effort that it would be most helpful for people when they were in very unfamiliar settings, in a travel kind of scenario. And I think we’ve seen that to be the case.

[…]

I think you’ll see Google Maps evolve to be an application that’s much, much better at getting you from here or there no matter what mode of transportation you’re using, even if you’re chaining together multiple modes of transportation.

Alexandra Erin:

If you find yourself using AirBNB, here’s what I would suggest, based on the past ~5 years of scammer stories:

1. Plug the address into Google Maps first.
2. Compare Street View pictures of the property to the interior photos.
3. Verify the hosts exist.

Eric Young:

Apple Maps vs Google Maps in an emergency

Los Angeles county already received the Apple Maps revamp that supposedly made it on par or better than Google Maps

This can have deadly consequences for anyone relying on Apple Maps during an emergency

Previously:

More About SwiftUI

Apple (via Tony Arnold):

You’ll start by adding a macOS target to your project, and then reusing the shared data you created for the iOS app. With all of the assets in place, you’ll create SwiftUI views to display list and detail views on macOS.

Follow the steps to build this project, or download the finished project to explore on your own.

Chris Eidhof:

After a few months spent delving into SwiftUI, we decided to write a short book: it’s called Thinking in SwiftUI. Since SwiftUI is still in its early days, the book focuses on the concepts behind the framework that we believe are essential to understand. It is not a reference for SwiftUI’s platform-specific APIs, but rather a guide to honing your intuition about how SwiftUI works.

Nikita Prokopov:

First, the general approach SwiftUI is taking (reactive declarative data-driven UI framework) is really solid and considered state-of-the-art as of the current day of the year. No complaints here, great job, we all needed that, thank you Apple for releasing it. No, seriously. It’s a great tool and I’m looking forward to using it.

But, a few things I noticed in SwiftUI concern me. I think they could illustrate points in the UI framework design that future systems could handle better. Without further ado, let’s start with the biggest problem in API design: commas!

Will Townsend:

Today I’ll explain how to create your own Button Styles, and hopefully show you the difference between ButtonStyle and PrimitiveButtonStyle, and why you’d use one or the others.

Scott James Remnant (via Joshua Emmons):

One of the first things presented about SwiftUI is that its views choose their own sizes, and that once chosen, those choices cannot be overridden. This is such a simple statement that it would be easy to move on quickly to get to the good stuff.

This would be a mistake, because this simple statement fundamentally changes everything you know about layout.

[…]

This doesn’t contradict what we’ve just learned about chosen sizes not being able to be overridden, it actually demonstrates another key principle we haven’t learned yet: a view receives a proposed size from its parent before it chooses its own size.

Alexander Grebenyuk:

SwiftUI no longer uses Auto Layout, gone all of the cruft introduced over the years. SwiftUI has a completely new layout system designed from the ground up to make it easy to write adaptive cross-platform apps. […] I can’t be more excited to dig deep into the SwiftUI layout system to see what it has to offer.

Ole Begemann:

SwiftUI’s layout algorithm may be simple on the surface, but the way the built-in views and view modifiers interact is tremendously complex (and largely undocumented).

Javier:

After spending some time testing the limits of alignment guides, I arrived at the conclusion that they do work. However, there’s confusion about what we expect from them. This confusion comes from not realizing there’s a whole set of implicit alignment guides in effect. When we ignore them, things do not go our way.

Javier:

In this short article, we are going to explore several aspects of View equality. We’ll see what happens when we make a view conform to Equatable, and what is the purpose of EquatableView and the .equatable() modifier.

Javier:

If you’ve been using SwiftUI for a while now, you probably hit the problem where you find yourself trying to update the state of a view from inside its body. Usually, Xcode complains during runtime. When it does, you are forced to put your update inside a DispatchQueue closure (not feeling too good about yourself) but you carry on anyway. Does this sound familiar? In this article, we’ll discuss why it sometimes is perfectly fine to apply that technique, but some other times, it’s a no-no (leading to CPU spikes or app crashes).

Jared Sorge:

In my last post I talked about some of the struggles I’m having getting up to speed with SwiftUI. Let’s dive in to a couple of examples.

Rob Whitaker:

Apple has taken the chance to re-think how some of their accessibility tools work for developers, and they’ve baked in accessibility right from the very beginning. Apple’s accessibility teams have been an integral part of some of the decisions that have shaped SwiftUI. You can see this throughout your SwiftUI code.

Mattt Thompson:

It’s hard to overstate how much of a game-changer Xcode Previews are for iOS development, and we couldn’t be happier to incorporate them into our workflow.

Kishikawa Katsumi:

I published SwiftUI online playground.

You can try SwiftUI and see the rendering results insanely easily.😊

Thomas:

I tried to replicate my app’s GUI using SwiftUI. Couldn’t get the basic layout right: standard controls do not size themselves correctly. Also, popup buttons do not draw their menu correctly. SwiftUI is plain broken on macOS.

I continue to hear about problems like this.

Wooji Juice:

If you want to make a Mac app, there are 4 primary APIs you could be using, in a sorta 2x2 grid: AppKit, UIKit (w/Catalyst), SwiftUI-in-AppKit, SwiftUI-in-UIKit. It’s a complex mess of what each does/doesn’t support — figuring out which to use for any given UI is trial & error

I’ve been trying to make one relatively simple bit of UI (in a standalone testbed app) for days. Every time I think I’m on a roll, I bump into a different wall of missing functionality. I try different implementations. I try different designs that don’t need same features.

It’s not even like you can say “Screw it, I’ll do everything old-school pure native AppKit and get access to everything”, cuz you’ll still be missing some things (e.g. SF Symbols aren’t supported, even tho they are all available on Mac since Catalyst apps can use them).

Previously:

Rejecting and Accepting an Appfigures Client

Vojtech Rinik:

I’ve always wanted to build a desktop app that would let me access my most important data quickly. Like those old dashboard widgets used to.

I finally got around to it, and started with Appfigures, my favorite service to track App Store sales.

[…]

We noticed that your app offers a subscription with a mechanism other than the in-app purchase API.

Can anyone explain to me, how did they let the official Appfigures app into the App Store? It’s the same thing, and I’m pretty sure they don’t have IAPs. It’s just a dumb viewer of the data.

Vojtech Rinik:

Right after the rejection, I submitted an appeal. I didn’t expect much. I heard the stories. Once your app gets rejected, there’s nothing you can do, I thought. Especially if you’re small and irrelevant.

[…]

To my surprise, I got a reply to my appeal. (At this point, I wasn’t expecting one.) Just two days later I received a response, which basically said “Yup, we checked again, you’re fine, actually.”

Unbelievable, I thought. The best part? This heart warming message at the end: “Thank you for your commitment to Mac app development.”

Monday, February 10, 2020 [Tweets] [Favorites]

Avalanche for Lightroom 1.0.5

Ric Ford:

Avalanche is a native Mac app from CYME that promises to quickly migrate Aperture photo libraries to Adobe Lightroom or Lightroom catalogs to folders of files while using AI for some processing assistance…

Claudia Zimmer:

Avalanche was born out of our need to move massive amounts of photos from Aperture to Adobe Lightroom. We tried many different ways to achieve this and it was frustrating because it was often incredibly slow, and lots of edits were lost in the process.  Then we started to work on CYME’s ambitious photo project and realized that the first building block was a component that would understand the inner structure of all major photo cataloging apps (Aperture, Photos, Lightroom, Luminar, CaptureOne,…). Having this component to read from and write into any catalog format, would indeed allow us to convert between them. So we decided to release a first product that would be that converter and gradually add more input and output formats to it.

Claudia Zimmer:

One of the promises of Avalanche is to preserve the visual aspect of the migrated images by applying some clever algorithms to derive the adjustments in Lightroom (for example) from the adjustments in Aperture.

[…]

The idea behind ML is to learn from a set of images that have been adjusted in Aperture and Lightroom, what are the “functions” to apply to the set of parameters in Aperture, in order to find, one by one, the value of each parameter in Lightroom.

Other migration tools simply bake the adjustments and metadata into the image. Avalanche tries to migrate the master images and then set up equivalent non-destructive edits. Of course, this won’t always be possible, as the Aperture and Lightroom engines are not documented and don’t support all the same features.

CYME:

But Avalanche goes one step further by attempting to migrate all the adjustments made to images into the destination catalog.

[…]

Avalanche does not require Aperture to run on the Mac. It can read the Aperture Catalog format natively.

Whereas Aperture Exporter needs to talk to Aperture via AppleScript.

Previously:

Update (2020-02-17): See also: Matthieu (via John Gordon).

macOS 10.15.4 to Warn About Deprecated KPIs

Apple:

At WWDC19, we announced the deprecation of kernel extensions as part of our ongoing effort to modernize the platform, improve security and reliability, and enable more user-friendly distribution methods. Kernel programming interfaces (KPIs) will be deprecated as alternatives become available, and future OS releases will no longer load kernel extensions that use deprecated KPIs by default.

[…]

Below is a list of deprecated KPIs as of macOS 10.15. In macOS 10.15.4, use of deprecated KPIs triggers a notification to the user that the software includes a deprecated API and asks the user to contact the developer for alternatives.

Via Howard Oakley:

Normally, this requires you to run the app (or its installer), during which it and macOS should prompt you to open the General tab of the Security & Privacy pane, authenticate, and agree to the kernel extension being installed. This consent is only available for a relatively short time: if it occurs when you’re out, it’s possible that it will vanish, and you may have to repeat the process to catch it. This is what Apple calls User-Approved Kernel Extension Loading, and doesn’t involve the Privacy tab, with which you’re probably now more familiar.

[…]

Sometimes, even after closing the app or installer and restarting, the kernel extension doesn’t get installed properly. You can repeat the process, maybe even a couple of times, restarting after each attempt. But in some cases – in Macs with a T2 chip only – the kernel extension won’t load properly unless you disable Secure Boot.

Previously:

Taika Waititi on MacBook Keyboards

Sam Byford (video, Hacker News, Reddit, MacRumors):

“Apple needs to fix those keyboards,” he said. “They are impossible to write on — they’ve gotten worse. It makes me want to go back to PCs. Because PC keyboards, the bounce-back for your fingers is way better. Hands up who still uses a PC? You know what I’m talking about. It’s a way better keyboard. Those Apple keyboards are horrendous.”

“I’ve got some shoulder problems,” Waititi continued. “I’ve got OOS [Occupational Overuse Syndrome, a term used in New Zealand for RSI] — I don’t know what you call it over here, this sort of thing here (gestures to arm), that tendon which goes down your forearm down into the thumb? You know what I’m talking about, if you guys are ever writing.

Daniel Jalkut:

It’s only because Apple allowed the MacBook Pro keyboard problem to go on SO LONG that it could possibly have become a talking point in an Oscar awards interview. I hope some lessons have been learned.

John Gruber (tweet):

Yes, there’s a new keyboard with scissor-switch mechanisms in the 16-inch MacBook Pro. It’s a pleasure to type on. But we’re still months away from the rest of the MacBook lineup being updated to use that new keyboard. And that’s a presumption on my part, that all MacBooks will get the new keyboard sooner rather than later. It certainly wouldn’t make any sense if they didn’t — but the whole butterfly-switch saga has never made any sense.

The 16-inch Macbook Pro’s keyboard is apparently more reliable and has more travel, but I think it’s still inferior to the pre-2016 keyboards. It’s less comfortable to type on because the keys feel hard, perhaps due to the reduced travel. And the Touch Bar makes it harder to type the F keys because you can’t feel where the key is, can’t be sure when you’ve pressed it, and can “press” it accidentally just by touching it.

Todd Ditchendorf:

From his description, I’m remotely diagnosing this guy with “Radial Tunnel.” Ergonomically speaking, Apple’s input devices are criminally bad.

Previously:

Update (2020-02-14): Edgar Wright:

The funny thing is though he’s not joking. And he’s right!

TDFKA:

Oh my god, I’m glad to know someone else feels my pain. This is my current keyboard, I ended up taping over several keys because they’re a nightmare when writing.

France Fines Apple for Throttling iPhones Without Telling Users

Romain Dillet (Hacker News):

France’s competition watchdog DGCCRF announced earlier today that Apple will pay a $27.4 million (€25 million) fine due to an iOS update that capped performance of aging devices. The company will also have to display a statement on its website for a month.

[…]

Many users may have noticed that their phone would get slower when they play a game, for instance. But they didn’t know that replacing the battery would fix that. Some users may have bought new phones even though their existing phone was working fine.

France’s DGCCRF also notes that iPhone users can’t downgrade to a previous version of iOS, which means that iPhone users had no way to lift the performance capping feature.

Via Nick Heer:

I don’t know — or, frankly, care — if €25 million is a fine that is too small, too big, or not worth issuing at all. What I do know is that it is ridiculous to defend Apple’s decision not to explain this to users at the time.

[…]

Of course it would not have been easy for Apple to explain why this decision made sense — Warwick alone spent about a thousand words retelling this saga. But it would have been right, and avoided accusations that the company was being underhanded and sneaky.

[…]

To be clear, there’s no indication that this wasn’t publicized at the time to avoid poor PR; that’s something Warwick implied. If anything, this seems like an example of stupidity, not malice.

It’s such an odd story. Recall that, after it became clear what was happening, Tim Cook said that people who didn’t know about the throttling weren’t “paying attention.” I’ve seen no evidence that anything was ever reported that people could have paid attention to. Then Apple retroactively added “improves power management” to the iOS 10.2.1 release notes, still without any indication that this meant it might slow down your phone.

Previously:

iOS 13 Cursor Placement and Text Selection

Federico Viticci:

The new operating systems remove one of iOS’ marquee and historical features – the magnification loupe – in the name of a revised text selection mechanism that lets you directly pick up the cursor and select text with gestures. While it is still possible to press on the keyboard with 3D Touch (or hold the space bar) to move the cursor, you can now simply pick up the blinking cursor and move it onscreen to drop it in a new position. When picked up, the cursor will enlarge slightly; in iOS 13.1, it’ll also subtly snap to the beginning and end of lines.

When you’re moving the cursor this way, iOS 13 will not show you a magnification loupe. The removal of that useful visual detail could be ascribed to the new text selection behavior in iOS 13: now, instead of double-tapping to enter text selection, you can tap, hold, and swipe to start highlighting text.

I like this new text selection gesture (even though it took me a while to get used to it), but I don’t buy the theory that removing the magnification loupe was necessary to avoid conflicts between old and new gestures. iOS could and should still display a magnification loupe when performing text selections: in the months I’ve been using iOS 13, I’ve found myself unable to tell with precision whether I was selecting the right portion of text because my finger was covering it and there was no magnification loupe on the side to double-check the text I was selecting.

Benjamin Mayo:

In the WWDC 2019 presentation, Craig Federighi praised the new UI for text selection, saying “there’s no need to double tap and no magnifying glass getting in your way”. I remember doing a double-take when he said it because that’s not really true at all. The magnifying glass was a convenience, rather than annoyance.

Mike Rockwell:

The text selection system in iOS 13 is absolute garbage. I can never tell if I have my selection point at the right place because my finger is always in the way.

The new design has been widely criticized, but I like it. It feels much faster, and I don’t miss the loupe because I can just slide my finger down after picking up the insertion point so that it doesn’t cover the part I’m looking at.

Rebekka Honeit:

Tap and hold the cursor until the cursor symbol appears bigger. Then drag the cursor to its new position and let it go.

[…]

Selecting a word, sentence, or paragraph has become a lot easier.

[…]

There are also new gestures for copy and paste.

[…]

To undo, swipe to left with three fingers.

To redo, swipe to right with three fingers.

Previously:

Friday, February 7, 2020 [Tweets] [Favorites]

YouTube Audio to Overcast

Mike Rockwell:

There’s just so many videos on YouTube that don’t really need the video component. Whether they be information videos or talk shows, often times you can get by without the visuals. For those videos, the YouTube app is a bit heavier than what is necessary for listening. Something like Overcast with its Smart Speed feature, is a much better solution.

[…]

So I put together a shortcut — Push To Overcast — that lets me download a video from YouTube, convert it to an audio file, and then easily upload it to Overcast.

[…]

The shortcut utilizes UPull.me to download the YouTube videos. I don’t know too much about the site or who built it, but it’s the best method I’ve found for downloading videos from YouTube.

I’ve been using Softorino YouTube Converter 2 for this, but it’s cool to see that it can be done from iOS, too.

Tracking Subscriptions

TJ Luoma:

With subscriptions being an important part of modern digital life, it seemed wise to find a way to keep track of them. First I turned to Bobby, which is an iPhone app that has been mentioned a few times on Mac Power Users for managing subscriptions.

Having used it quite a lot now, I can say that Bobby is both great and frustrating.

[…]

But the truth is that App Store subscriptions are easy to find and manage. It’s all of the other subscriptions that are harder to remember, but it’s worth taking the time to pay attention before you get another email thanking you for renewing a subscription that you had entirely forgotten about.

Editorial and Pythonista

Editorial 1.3.4 was just released, with support for modern iPhone screens but not iCloud Drive. Pythonista remains at version 3.2, last updated in 2017.

Ole Zorn:

I’ve just released an update for Editorial on the App Store that has been sitting on Apple’s servers for a while. It’s not the update some of you may have been waiting for, but it addresses some pain points like iPhone X support etc.

[…] I’d honestly feel better making it free (it’s still $4.99), but I’m concerned that this would lead to an influx of new users that I wouldn’t be prepared to handle support-wise, and who would end up disappointed anyway.

I feel terrible stretching this out for so long, but it’s come to a point where I just have to live with my negligence, born out of anxiety, and at least don’t let it die a death it doesn’t deserve.

[…]

The reasons I’ve stretched this out for so long are mostly personal and have to do with my mental health and experiences I’ve made in the last couple of years (mostly last year). I’m truly sorry that I’ve neglected something that quite a few people actually liked…

It’s great to get an update, even if minor. Zorn’s work has been an inspiration, and I wish the best for his health and business.

Ole Zorn:

This whole thing about Editorial also applies to Pythonista of course, with the difference that my income actually depends 100% on that app, so there are also purely selfish reasons that I don’t just put it on GitHub and let others deal with the mess, i.e. it pays the bills…

…I’m not proud of it, but it’s not easy to let go of something like this because it’s become a rarity in today’s App Store to generate meaningful income as one person, and I’m not sure if I’ll be able to recreate something like this in a few years or even now.

Aside from that, I still have love and a drawer full of ideas for the app...

Ole Zorn:

I spent a ton of time on this upgrade screen transition and heart-shaped particles. Just marketing? Sure, but it would have brought Python(ista) to a lot of additional people while still paying my bills – but: Too afraid my app is actually a gimmick and people are happy w/ free.

Previously:

Update (2020-02-14): Ole Zorn:

I completely forgot to post the Editorial 1.3.4 release notes here. It should be clear that this is a maintenance release to keep the app alive for existing users, but this is not the future.

Rui Carmo:

The second is that Pythonista is utterly unique in so many regards. It is an unstated masterpiece, and (at least in my view) pushed the envelope of what it is actually possible to do on an iPad beyond anything anyone else (even Apple) has done, so I really it needs to be future-proofed somehow.

[…]

Apple, in particular, should take note. Swift Playgrounds were cute to begin with, but none of my kids used them after the first couple of weeks because they are too limited to do anything remotely useful, and this pushes forward the notion that the platform itself is, if not borderline hostile to developers, at least fundamentally unsuited for programming in general, even at the most basic levels.

iCloud Drive Changing Empty Files

Anton Sotkov:

iCloud Drive servers recently started reverting all 0 byte files to the last non-empty version. Not a problem for most apps, but all plain text editors now have a bug where it’s impossible to remove all content from a file.

It looks like this has now been fixed, but it’s still scary. Aside from messing up user editable text files (where the problem might be obvious—or not, depending on when you last used the file), the modified files could have semantic meaning for an app, which then misbehaved or corrupted other data as a result.

Timo Hetzel:

Most certainly working around some iCloud bug that emptied files by itself.

Yariv Nissim:

I still have zero bytes files that I lost from Catalina beta. Checked now and they’re still empty. Would love for Apple to restore them because I have no backups of files in iCloud Drive.

Previously:

Update (2020-02-14): Maciej:

This is what one of 13.3.1 betas did to my iCloud main directory. Correct folders were properly displayed below that. Nothing seems to have been lost though.

Thursday, February 6, 2020 [Tweets] [Favorites]

Wacom Tablets Track Every App You Open

Robert Heaton (tweet, Hacker News):

But Wacom’s request made me pause. Why does a device that is essentially a mouse need a privacy policy? I wondered. Sensing skullduggery, I decided to make an exception to my anti-privacy-policy-policy and give this one a read.

In Wacom’s defense (that’s the only time you’re going to see that phrase today), the document was short and clear, although as we’ll see it wasn’t entirely open about its more dubious intentions (here’s the full text). In addition, despite its attempts to look like the kind of compulsory agreement that must be accepted in order to unlock the product behind it, as far as I can tell anyone with the presence of mind to decline it could do so with no adverse consequences.

[…]

Some of the events that Wacom were recording were arguably within their purview, such as “driver started” and “driver shutdown”. I still don’t want them to take this information because there’s nothing in it for me, but their attempt to do so feels broadly justifiable. What requires more explanation is why Wacom think it’s acceptable to record every time I open a new application, including the time, a string that presumably uniquely identifies me, and the application’s name.

Update (2020-02-14): Malcolm Owen:

Wacom has responded to allegations drivers for its tablet line are collecting data on its users and passing it on to Google, including the names of macOS applications being used, by claiming it has no access to personal data and what data it collects is anonymized before it is seen by the company.

Apple’s Independent Repair Program Contract

Maddie Stone (tweet, Hacker News, MacRumors):

In order to join the program, the contract states independent repair shops must agree to unannounced audits and inspections by Apple, which are intended, at least in part, to search for and identify the use of "prohibited" repair parts, which Apple can impose fines for. If they leave the program, Apple reserves the right to continue inspecting repair shops for up to five years after a repair shop leaves the program. Apple also requires repair shops in the program to share information about their customers at Apple’s request, including names, phone numbers, and home addresses.

The privacy company.

Furthermore, IRPs must obtain “express written acknowledgement” from customers showing they understand they are not receiving repairs from an authorized service provider[…]

This is kind of confusing because the whole point of being an IRP is to get authorized parts. Shops using unauthorized parts will require no such written acknowledgement.

If Apple determines that more than 2 percent of a repair business’s transactions involved “prohibited products,” it can, per the contract, force the business to pay Apple $1,000 for every transaction that occurred during the audit period, in addition to reimbursing Apple for the cost of its investigation.

This seems risky because what’s prohibited is not well defined.

Colin Cornaby:

I think the most anti-competitive thing Apple does is prevent shops from stocking repair parts. It prevents them from getting out to places like eBay, but puts independent repair shops at a speed disadvantage. They can’t order parts until they start the repair.

Previously:

Update (2020-02-07): See also: Hacker News.

Objective-C Quiz

Robert Widmann:

Objective-C is a simpler language than Swift.

The Ontology around Objective-C is a minefield of complexity far outweighing anything Swift could hope to approach.

Before you argue with me, take a short quiz.

David Smith:

I believe I can probably generate a longer list of hard to answer questions in Swift using only the behavior of the “as?” operator, so I’m not sure I agree with your premise.

Regardless, it’s an interesting quiz, though I have quibbles with some of the wording.

macOS 10.15.4 and iOS 13.4 in Beta

It looks like these updates will be about a lot more than bug fixes.

Steve Troughton-Smith:

UIKey! Are we finally getting keyboard key up/down events on iOS and Catalyst?

Steve Troughton-Smith:

UIDatePickerStyleCompact!

Steve Troughton-Smith:

Home in 10.15.4 does indeed do away with the spinning date pickers. They obviously haven’t finished redesigning for the compact picker — but this is what it looks like. You click, you type a number

Sounds like it will still be inconstant with NSDatePicker.

Ryan Christoffel:

iOS 13.4 beta restores iCloud Drive Folder Sharing.

Guilherme Rambo:

New “head pointer” accessibility feature in 10.15.4. Control the cursor with head movements.

Benjamin Mayo:

OS 13.4 has reverted a bad design choice made with the iOS 13 Mail app, namely the actions toolbar the bottom of the screen.

The delete and reply buttons now sit at opposite ends of the toolbar, and Apple has added back the quick actions for flagging and moving folders.

Previously:

Update (2020-02-07): Juli Clover:

Below, we’ve rounded up all of the changes that we’ve found in iOS and iPadOS 13.4 so far.

Joe Rossignol:

Over the last few months, an increasing number of references to AMD processors have been uncovered in macOS Catalina code, starting with the 10.15.2 beta in November and now continuing in the 10.15.4 beta.

Wednesday, February 5, 2020 [Tweets] [Favorites]

Universal Purchase

Apple:

Starting in March 2020, you’ll be able to distribute iOS, iPadOS, macOS, and tvOS versions of your app as a universal purchase, allowing customers to enjoy your app and in‑app purchases across platforms by purchasing only once. You can choose to create a new app for these platforms using a single app record in App Store Connect or add platforms to your existing app record.

Apple:

Xcode 11.4 supports building and distributing macOS apps as a universal purchase. To distribute your macOS app as a universal purchase, specify the same bundle identifier as your iOS app in the Xcode template assistant when creating a new project. If you have an existing project, edit its bundle identifier in the Project Editor.

Universal purchase is enabled by default for new Mac Catalyst apps created in Xcode 11.4. When you create a new Mac Catalyst app, it will use the same bundle identifier as your iOS app.

It’s great to have the option for universal purchases, but tying it to the bundle identifier seems problematic. What if you’ve already shipped an app for multiple platforms? Apple doesn’t let you change the bundle identifier. Do you have to abandon the old app (losing its links and ratings and migrating its files and AppleScripts) or maintain two separate apps?

From the business side, it’s a great user experience for customers who want to pay once and get everything. But what about customers who only want the iPhone version and may not even own a Mac or Apple TV? They have to pay the same price? And, for developers, this is likely to further devalue software. Get all the versions for one low price, with Apple implying that it didn’t take much extra effort.

Steve Troughton-Smith:

if Apple was actually planning shared purchase this year then you’d think they would have launched it alongside Catalyst instead of making us go through all that now for dead-end bundle IDs and store records

Joe Cieplinski:

Universal purchases for Mac/iOS is yet another reason to go subscription.If you don’t offer universal, people will lob crap at you. If you go subscription, they will too. Might as well take the option that makes more money.

Previously:

Update (2020-02-06): Craig Hockenberry:

Before you change a bundle ID for a macOS app, make sure you understand the implications. If you’re never heard of lsregister, you don’t understand the implications.

Then you need to think about receipts and app ID prefixes: @robotspacer asks some good questions - and without answers, I would not go anywhere near this feature.

Business-wise, I feel like it’s going to be as good for the Mac as Universal apps were for the iPad.

More platform-specific work for less overall revenue, and ultimately a bad move for all involved (especially customers).

Update (2020-02-07): Craig Hockenberry:

One hidden surprise with Universal macOS and iOS apps: you can no longer use the exact same name for different SKUs. Names have to be unique across all platforms.

Use this trick if needed: instead of U+002D for a dash, use something like U+2013, which is visually similar.

Update (2020-02-14): See also: Reddit.

Xcode 11.4 Beta

Apple:

Build settings have a new evaluation operator, default, which you can use to specify the default value of a build setting if it evaluates to nil in the context of the evaluation.

[…]

View debugging supports showing layers using the Show Layers menu item in the Editor menu.

[…]

The exception reason now surfaces as an editor annotation. You can inspect the Exception object in Variables View and find the backtrace of the original uncaught exception, if any, in the Debug Navigator.

[…]

Selecting a SwiftUI preview in code now highlights the corresponding preview in the canvas, and vice versa.

[…]

You can call values of types that declare func callAsFunction methods like functions.

[…]

Subscripts can now declare default arguments.

[…]

XCTest now includes throwing variants of the setUp() and tearDown() instance methods, allowing tests to throw errors in Swift during set up or tear down. Override the setUpWithError() or tearDownWithError() methods instead of setUp() or tearDown(), respectively.

[…]

Errors thrown by Swift test methods now record the source location where the error was thrown.

[…]

XCTest now supports dynamically skipping tests based on runtime conditions, such as only executing some tests when running on certain device types or when a remote server is accessible.

Looks like some great improvements (including many for the simulator). Too bad it requires Catalina.

Update (2020-02-06): Paul Hudson (Hacker News):

The first beta of Swift 5.2 just landed with Xcode 11.4 beta, and it includes a handful of language changes alongside reductions in code size and memory usage, plus a new diagnostic architecture architecture that will help you diagnose errors faster.

Update (2020-02-07): Peter Steinberger:

We benchmarked Xcode 11.3.1 and Xcode 11.4b1 after seeing the reported Swift compiler performance improvements. For ObjC/C++ heavy code Clang became around 10% slower, not faster.

Peter Steinberger:

Xcode 11.4b1 is great overall. Similar stability, much nicer Simulator, everything still compiles, way faster UI tests, amazing view inspector upgrades. Gonna use this as main IDE now. Great work, Xcode team!

Update (2020-02-14): Shai Mishali:

Xcode 11.4b1 mentioned it offers Swift compiler improvements, and yet:

On a ~7 years-old project with mixed Objective-C/Swift (60%/40%)

3 clean (nuked Derived Data, etc.) build-time averages:

Xcode 11.3: ~185 seconds
Xcode 11.4b1: ~230 seconds

About 22% slower

Donny Wals:

I’m pretty sure that the ability to test push notifications in the simulator is my favorite new feature in Xcode 11.4

Update (2020-02-17): Donny Wals:

Swift isn’t the only language to allow its users to call instances of certain types as functions. A language that I have used a lot that allows this kind of behavior is Python. The ability to invoke instances as functions is very interesting in certain applications where you want to represent a stateful calculator, parser or computing object. This is very common in complex math operations and machine learning where certain objects might hold on to some state and only implement a single method.

[…]

In many cases, a simple closure wouldn’t do. The object that ends up handling the route would need to have a database connection, a concept of caching, authenticating and possibly a lot of other functionality. Capturing all of that in a closure just doesn’t seem like a great idea. Instead, you’d want some kind of complex object to handle this route. And that’s exactly the kind of freedom we get with callAsFunction.

Tuesday, February 4, 2020 [Tweets] [Favorites]

A New Hash Algorithm for Git

Jonathan Corbet (via Hacker News):

With the hash algorithm abstracted out of the core Git code, the transition is, on the surface, relatively easy. A new version of Git can be made with a different hash algorithm, along with a tool that will convert a repository from the old hash to the new. With a simple command like:

git convert-repo --to-hash=sha-256 --frobnicate-blobs --climb-subtrees \
   	--liability-waiver=none --use-shovels --carbon-offsets

a user can leave SHA‑1 behind (note that the specific command-line options may differ). There is only one problem with this plan, though: most Git repositories do not operate in a vacuum. This sort of flag-day conversion might work for a tiny project, but it’s not going to work well for a project like the kernel. So Git needs to be able to work with both SHA‑1 and SHA‑256 hashes for the foreseeable future. There are a number of implications to this requirement that make themselves felt throughout the system.

One of the transition design goals is that SHA‑256 repositories should be able to interoperate with SHA‑1 repositories managed by older versions of Git. If kernel.org updates to the new format, developers running older versions should still be able to pull from (and push to) that site. That will only happen if Git continues to track the SHA‑1 hashes for each object indefinitely.

Previously:

Alternative Ways to Protect Yourself From Being Spearfished

Ivan Drucker:

We came up with a technique that uses Google Voice text messages as an alternative to authenticator apps—although it requires a bit more setup, we think it’s easier to use and understand, plus it acknowledges some people have to allow trusted assistants or consultants access to their accounts.

[…]

I called my carrier and activated a PIN, and I keep it in my password manager. I strongly advise that you do the same—here are informational links for AT&T, Sprint, T-Mobile, and Verizon. However, I don’t want to rely solely on a carrier transfer lock. I don’t know how well they are implemented, and I assume that some thieves are really good at what they do and may be able to talk their way around it.

[…]

Because the account email address in no way identifies them and is used for nothing other than hosting the Google Voice number, a thief should never come across it. And, even if one did, they wouldn’t know to whom it belongs. (If you do try this Google Voice approach, be sure to remove your real cell phone number from your account, which is added by default during setup. If you don’t, an attacker stealing your cell phone number would still get the Google Voice text message codes. Also disable the default forwarding of text messages to your email address.)

Google Voice accounts are probably more secure than your real phone number, but be careful about your account expiring.