Friday, April 12, 2024

Swift for C++ Practitioners

Doug Gregor:

I’ve started a blog series aimed at C++ programmers who are interested in learning #SwiftLang. It teaches the breadth of the Swift language, but anchored in the features and idioms of C++. So if you know your Rule Of Fives and your SFINAEs and think you might be interested in Swift, I’d love to hear what you think.

Previously:

Effects of the DMA’s Browser Choice Requirement

Ashley Belanger:

Smaller web browsers are gaining traction in the European Union after the Digital Markets Act (DMA) started requiring designated gatekeepers like Google and Apple to make it easier to switch default web browsers on devices.

[…]

Reuters collected data from six companies, confirming that, when presented with a choice screen, many EU users will swap out default browsers like Chrome or Safari for more privacy-focused options. And because iPhones have a larger market share than Google-branded phones in the EU, Apple is emerging as the biggest loser, Reuters reported, noting that under the DMA, “the growth for smaller browsers is currently coming at the cost of Safari.”

Dan Moren:

In some ways, this isn’t surprising: I’m guessing a lot of consumers in the EU weren’t even aware that they could change the default browser on iOS. But it’s also early days and it’s possible that some of this is experimentation for people to see what else is on there—it’s not entirely clear to me from the story (or the Reuters story where the numbers originate) over what time period they’ve logged this. People may try out another browser and then change back—especially if we’re talking about browsers with, say, free trials to a paid subscription.

Nick Heer:

I have seen others suggest people may be picking third-party browsers because they are unclear about what a web browser is, or are unsure which one they want to use. I can see legitimacy in both arguments — but that is just how choice works. A lot of people buy the same brand of a product even when they have other options because it is the one they recognize; others choose based on criteria unrelated to the product itself. This is not a new phenomenon. What is fascinating to me is seeing how its application to web browsers on a smartphone is being treated as exotic.

[…]

It has so far been a little bit like entering a store where they give you a basket of house brand products and you have to decide which third-party options you want to add or exchange to the basket. Someone needs to really care in order to make the effort. Now, because of this ballot screen, the market is a little more levelled, and it seems some users are responding.

Tim Hardwick:

Despite users increasingly choosing alternative options, browser companies have criticized Apple and Google for the slow rollout of the change, and believe it is hampering the migration away from Safari and Chrome. Mozilla, which owns Firefox, estimates that only around a fifth of iPhone users in the EU have received the iOS update, and claims that the rollout is much slower than Apple’s previous software updates.

Some alternative browser makers are also concerned that the design of choice screens is sub-optimal at best. For example, Vivaldi CEO Jon Stephenson von Tetzchner notes that Apple’s choice screen only appears when iPhone users open Safari, while the list of browsers provides no additional information.

[…]

Vivaldi is also unhappy with the design. “The list of browsers does not show additional information and that does not help users to make a meaningful choice,” a company spokesperson told TechCrunch. “If the user has already selected a browser of their own choice, the choice screen can actively try to push them away from it, and may not even include it in the list that it presents to the user.”

Previously:

“Don’t Let Me Go” and iCloud Storage Tiers

John Gruber:

The gist of the commercial is that you shouldn’t worry about deleting photos to free up storage, because modern iPhones have plenty of space.

[…]

But this commercial made me want to yell at my TV each time it came on: “The problem is iCloud storage, not on-device storage!” The free tier of iCloud remains just 5 GB, and the $1/month paid tier offers just 50 GB, which may not be enough to back up even a 64 GB iPhone SE.

[…]

And no amount of cleverness in iOS can protect a user with un-backed-up photos and videos if they lose or break their iPhone.

[…]

It feels like this new commercial is just whistling past the single biggest shortcoming in the Apple ecosystem.

I bet Apple has data showing that millions of iPhone users have precious photos that aren’t backed up because they don’t have enough iCloud storage. iOS will nag about this, and people get used to ignoring it. There’s an aversion to subscriptions, even if it’s only 99 cents per month to back up important data. I don’t know what the answer is, but it seems odd that the free tier hasn’t changed and that purchasing a new $999 phone doesn’t get you more. I guess it’s like how the fancy hotels are the ones that charge for Wi-Fi…

Ryan Jones:

User must choose between (roughly speaking) 5-10GB on device or 100-200GB on device. That’s so binary. There’s no benefit to more device storage until and unless it can fit ALL your photos.

Carlos Ribas:

Plus it doesn’t do a great job. I have to turn it off or else I frequently find myself waiting to download offloaded videos I just took, while the phone sits 75% empty. Doing a good job would mean filling the phone but automatically purging oldest-first as-needed.

John Gruber:

The free tier for Google One offers 15 GB of storage.

[…]

Google used to offer “unlimited storage for photos and videos” to owners of Pixel phones, but they dropped this offer starting with the Pixel 6 in late 2021. That was such an appealing offer — especially considering that much of the appeal of Pixel phones comes from their renowned camera systems. I can only surmise that this proved more expensive to Google than they deemed worthwhile.

You don’t need to pay for iCloud to back up a large amount of iPhone storage — you can still back up to a Mac or PC manually. I don’t know any non-expert users who do this, though, and there are zillions of iPhone owners who don’t even own a Mac or PC. For the masses, iCloud backup is the only backup.

Previously:

Grindr’s Plan to Squeeze Its Users

Zoë Schiffer:

Since its initial public offering in 2022, Grindr has been on a rocky road financially. Its stock has fallen 70 percent since its SPAC. After hitting an IPO-high of $71.51, it currently sits at $10.13. Last summer, employees announced plans to unionize, amid industry layoffs and worries that the company was losing its progressive culture. Two weeks later, CEO George Arrison abruptly ordered his mostly remote workforce of 180 people back to the office. About half the company left and Grindr paid out more than $9 million in severance.

Now, Grindr plans to boost revenue by monetizing the app more aggressively, putting previously free features behind a paywall, and rolling out new in-app purchases, employees say. The company is currently working on an AI chatbot that can engage in sexually explicit conversations with users, Platformer has learned. According to employees with knowledge of the project, the bot may train in part on private chats with other human users, pending their consent.

[…]

During the pandemic. Match Group was riding high, with a market cap well over $40 billion. But when growth started to slow across the tech industry, the company’s stock suffered accordingly. Tinder reported a year-over-year drop in the number of paying users in third-quarter earnings in 2023, sending Match Group’s stock plunging 15 percent – the lowest it had been since the company separated from IAC in 2020. Its market cap today has fallen below $10 billion, compared to $1.76 billion for Grindr.

[…]

But frustration with dating apps’ aggressive monetization efforts is on the rise. And as more of Grindr slips behind the paywall, users may face a disappointing future: one with fewer free users to chat with, and an app that regularly pushes them to romance a chatbot.

Previously:

Thursday, April 11, 2024

Used Genuine Apple Parts and Parts Pairing

Apple (MacRumors):

Today Apple announced an upcoming enhancement to existing repair processes that will enable customers and independent repair providers to utilize used Apple parts in repairs.

[…]

And in order to simplify the repair process, customers and service providers will no longer need to provide a device’s serial number when ordering parts from the Self Service Repair Store for repairs not involving replacement of the logic board.

[…]

Apple will also extend its popular Activation Lock feature to iPhone parts in order to deter stolen iPhones from being disassembled for parts.

Brian Heater (MacRumors):

Components that don’t require configuration (such as volume buttons) were already capable of being harvested from used devices. Today’s news adds all components — including the battery, display and camera — which Apple requires to be configured for full functionality. Face ID will not be available when the feature first rolls out, but it is coming down the road.

At launch, the feature will be available solely for the iPhone 15 line on both the supply and receiving ends of the repair. That caveat is due, in part, to limited interoperability between the models. In many cases, parts from older phones simply won’t fit. The broader limitation that prohibited the use of components from used models comes down to a process commonly known as “parts paring.”

[…]

“‘Parts pairing’ is used a lot outside and has this negative connotation,” Apple senior vice president of hardware engineering, John Ternus, tells TechCrunch. “I think it’s led people to believe that we somehow block third-party parts from working, which we don’t. The way we look at it is, we need to know what part is in the device, for a few reasons. One, we need to authenticate that it’s a real Apple biometric device and that it hasn’t been spoofed or something like that. … Calibration is the other one.”

They don’t block third-party parts from working, but they do make sure they’re real Apple parts. I’m so glad to have that clarified.

“Parts pairing, regardless of what you call it, is not evil,” says Ternus. “We’re basically saying, if we know what module’s in there, we can make sure that when you put our module in a new phone, you’re gonna get the best quality you can. Why’s that a bad thing?”

Jason Koebler (tweet):

Seemingly magically and surely not coincidentally, Apple has announced that it will suddenly ease some of its “parts pairing” iPhone repair restrictions just weeks after Oregon passed a law banning this practice and on the same day that Colorado is considering a bill that would do the same.

[…]

What this means, practically, is that Apple will let you swap the screen of one iPhone with the screen of another iPhone, something that was impossible for a consumer or independent shop to do under the restrictions it has implemented on recent iPhone models. The current announcement will not allow for aftermarket parts to be used, which is a critical distinction. Aftermarket parts are widely used in other electronics, other companies’ smartphones, and they used to be widely used in iPhones prior to the parts pairing restrictions.

Nick Heer:

This all sounds pretty great and, it would seem, entirely triggered by regulatory changes. But it also seems to me that it is designed to challenge the parts pairing section of Oregon’s right-to-repair law (PDF).

Previously:

Update (2024-04-12): Matt Birchler:

I find these to be very “the sky is falling” stories about the dangers of user choice, but what makes the part pairing issue interesting is that we have history here. I believe it wasn’t until the Face ID generation of iPhones that tons of iPhone components had the “part pairing” issue, so we have about a decade of iPhone history where third party parts were able to be used to repair broken iPhones.

John Bumstead:

Parts from needlessly Activation Locked devices are EXACTLY the parts that NEED to be allowed and EXACTLY the parts that exist in abundance. If Apple is banning their reuse, they are making the situation WORSE. This is newspeak at its finest.

Apple Alerts Users to Mercenary Spyware Attacks

Manish Singh (via Hacker News, MacRumors, Reddit):

Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that they may have been targeted by mercenary spyware attacks.

[…]

Apple previously described the attackers as “state-sponsored” but has replaced all such references with “mercenary spyware attacks.”

Apple:

Apple threat notifications are designed to inform and assist users who may have been individually targeted by mercenary spyware attacks, likely because of who they are or what they do. Such attacks are vastly more complex than regular cybercriminal activity and consumer malware, as mercenary spyware attackers apply exceptional resources to target a very small number of specific individuals and their devices. Mercenary spyware attacks cost millions of dollars and often have a short shelf life, making them much harder to detect and prevent. The vast majority of users will never be targeted by such attacks.

According to public reporting and research by civil society organizations, technology firms, and journalists, individually targeted attacks of such exceptional cost and complexity have historically been associated with state actors, including private companies developing mercenary spyware on their behalf, such as Pegasus from the NSO Group. Though deployed against a very small number of individuals — often journalists, activists, politicians, and diplomats — mercenary spyware attacks are ongoing and global. Since 2021, we have sent Apple threat notifications multiple times a year as we have detected these attacks, and to date we have notified users in over 150 countries in total.

[…]

Although our investigations can never achieve absolute certainty, Apple threat notifications are high-confidence alerts that a user has been individually targeted by a mercenary spyware attack, and should be taken very seriously. We are unable to provide information about what causes us to issue threat notifications, as that may help mercenary spyware attackers adapt their behavior to evade detection in the future.

Previously:

Update (2024-04-12): Howard Oakley:

The majority of emails and almost all messages purporting to be from Apple are scams.

[…]

With one notable exception, Apple doesn’t know whether your Mac or devices have any malware, and can’t tell you if they do. Any message that tries to tell you otherwise is phishing or scam.

[…]

Instead, if you think you have received a threat notification from Apple, sign in to iCloud.com, where you should see confirmation that those messages are genuine.

Humane Ai Pin Reviews

David Pierce (Hacker News):

The AI Pin is an interesting idea that is so thoroughly unfinished and so totally broken in so many unacceptable ways that I can’t think of anyone to whom I’d recommend spending the $699 for the device and the $24 monthly subscription.

AI Pin and its AI OS, Cosmos, are about beginning the story of ambient computing,” Humane’s co-founders, Imran Chaudhri and Bethany Bongiorno, told me in a statement after I described some of the issues I’ve had with the AI Pin. “Today marks not the first chapter, but the first page. We have an ambitious roadmap with software refinements, new features, additional partnerships, and our SDK. All of this will enable your AI Pin to become smarter and more powerful over time. Our vision is for Cosmos to eventually exist in many different devices and form factors, to unlock new ways to interact with all of your devices.”

As the overall state of AI improves, the AI Pin will probably get better, and I’m bullish on AI’s long-term ability to do a lot of fiddly things on our behalf. But there are too many basic things it can’t do, too many things it doesn’t do well enough, and too many things it does well but only sometimes that I’m hard-pressed to name a single thing it’s genuinely good at. None of this — not the hardware, not the software, not even GPT-4 — is ready yet.

Clarko:

Dunking on the Humane Ai Pin is too easy.

I’d sooner dunk on the Apple Watch because we should be able to point at that, and ask why you’d ever want a lapel pin to do its job.

We should be able to say it’s the perfect device for people who want to live a phone-free life.

Steve Troughton-Smith:

Neither Vision Pro nor Humane’s Ai Pin are ‘the future’, but they’re both showcasing aspects that will become the future. A pair of glasses, running an OS like visionOS, with advanced multimodal AI smarts. That’s the next product that can truly change the world, something anybody and everybody can wear all day every day, and give the smartphone a run for its money; what we have now are science projects — really cool science projects — but science projects nonetheless.

See also: Ken Kocienda, Imran Chaudhri, Bethany Bongiorno.

Previously:

Update (2024-04-12): Julian Chokkattu:

Not being able to fully trust the results from the Ai Pin’s Ai Mic and Vision features (the latter is still in beta) is just one problem with this wearable computer. Unfortunately, there’s not much else to do with it as it’s missing a great many features. The Humane Ai Pin could be an interesting gadget a year from now after promised software updates, but at the moment it’s a party trick.

Cherlynn Low:

Not only is the Humane AI Pin slow, finicky and barely even smart, using it made me look pretty dumb. As it stands, the device doesn’t do enough to justify its $700 and $24-a-month price.

[…]

If only voice interactions were the worst thing about the Humane AI Pin, but the list of problems only starts there. I was most intrigued by the company’s “pioneering Laser Ink display” that projects green rays onto your palm, as well as the gestures that enabled interaction with “onscreen” elements. But my initial wonder quickly gave way to frustration and a dull ache in my shoulder. It might be tiring to hold up your phone to scroll through Instagram, but at least you can set that down on a table and continue browsing. With the AI Pin, if your arm is not up, you’re not seeing anything.

[…]

It’s not just those of us afflicted with tiny palms that will find the AI Pin tricky to see. Step outside and you’ll have a hard time reading the faint projection. Even on a cloudy, rainy day in New York City, I could barely make out the words on my hands.

Dare Obasanjo:

I continue to believe that the problems that products like the Humane AI Pin and Rabbit R1 are trying to solve are best solved using AirPods and an app on your phone.

The only issue is Apple’s closed ecosystem prevents companies from doing this so they’re inventing superfluous devices nobody asked for.

Louie Mantia:

A team with this collective pedigree is smart enough to thoroughly test their own product, so I can’t imagine a reality in which the people at Humane didn’t know about these issues before shipping it. However, if we assume they did know, the story becomes somehow more troubling.

Ben Sandofsky:

It fits my theory that the product was a late stage pivot…

Founders pitch investors on a hand laser thing when it’s a napkin sketch. They raise too much money, hire too many people.

They build a prototype, but too late. Turns out the laser UI sucks and eats too much battery.

“Hmm. Investors are shopping for AI companies now… voice uses less power… pivot to AI!”

Suddenly tech has a downturn. Can’t raise another round of funding. They launch an alpha.

Automattic Acquires Beeper

Eric Migicovsky (tweet, Hacker News, MacRumors):

I’m excited to announce that Beeper has been acquired by Automattic. This acquisition marks the beginning of an exciting new chapter as we continue our mission to create the best chat app on earth.

[…]

Given the state of the messaging landscape today, we believe there is a huge opportunity for us to push boundaries and create new experiences in chat. The majority of other chat apps have stagnated, entrenched in their positions, with no significant new players emerging since Discord’s launch in 2015. Given the state of the messaging world, we’ve long felt the need for a strong ally with the resources to support us on our quest. Automattic has a long history of putting user control and privacy first with open source, and great bilateral relationships with Meta, Apple, Microsoft, Google, Matrix and others that we hope can usher in a new era of collaboration.

[…]

Matt, Automattic’s CEO, and I have known each other for years. He was an early user, supporter and investor in Beeper. We’re very well aligned on our goal (build the best chat app on earth), approach (open source where possible), and independence (Beeper will operate independently as part of Automattic’s Other Bets division).

Matt Mullenweg:

We’re going to use the Beeper brand, because it’s fun. This is not unlike how browsers have evolved, where solid tech and encryption on top of an open ecosystem has created untold value for humanity.

[…]

A lot of people are asking about iMessage on Android… I have zero interest in fighting with Apple, I think instead it’s best to focus on messaging networks that want more engagement from power-user clients.

Sarah Perez:

The deal, which was for $125 million according to sources close to the matter, is Automattic’s second acquisition of a cross-platform messaging solution after buying Texts.com last October.

[…]

Automattic had previously made a strategic investment of $4.6 million in Element (previously New Vector), another company building on Matrix, and it contributes annually to Matrix.org, as does Beeper.

Dare Obasanjo:

$125M for a 25 person team whose claim to fame is getting blocked by Apple for trying to interop with iMessage is a sweet exit.

Automattic’s bet on Tumblr didn’t work out and so it’s looking at messaging as its next growth vehicle. Telegram is valued at $30B and claims to make hundreds of millions in revenue so it makes sense for Automattic to try this. Either that or short form video 😁

Nick Heer:

Seems like a smart way for Beeper to become better resourced, and a bet by Automattic on more legislation like the Digital Markets Act enabling further interoperable messaging.

Previously:

Update (2024-04-12): John Gruber:

While the Beeper Mini/iMessage thing is where Beeper garnered, by far, the most publicity, it was always a sideshow from their primary goal of building a universal messaging app for multiple (14!) platforms. Think of it like a modern-day Adium.

[…]

Now that I’ve tried Beeper for Mac (connecting Twitter/X, WhatsApp, Signal, Instagram, and Slack accounts) — it’s remarkable how similar it is to Texts. They’re both Electron/React apps, and both suffer from a lot of Electron-isms. (What in the world is going on with the keyboard shortcuts in the contextual menu for the text editing field?) Both are just big bloated Electron web apps pretending, by appearance, to be Mac apps.

Wednesday, April 10, 2024

Run-time Polymorphism in Swift

Jordan Rose (Mastodon):

There are only three ways to get run-time polymorphism in Swift. Well, three and a half.

[…]

[…]

Generics are a powerful and flexible tool, but in general they don’t result in any more run-time polymorphism than any types (formerly “protocol composition types”). This often throws people who are used to C++ templates, where overload resolution is done on the concrete type that satisfies the generic constraints rather than on the generic type. Swift didn’t choose that option for two main reasons: it makes it much harder to diagnose issues at compile time, and it means that the entire body of the generic has to be visible to callers (so they can substitute in the concrete type). This is good for optimization, but bad for library evolution. You can think of Swift’s model as “the decision of which overload to call is made based on the knowledge where the call is written, which in this case is inside a generic function with certain constraints”.

Previously:

Universal macappstore: Links

Jeff Johnson:

The App Store app on macOS is the default handler of URLs with the macappstore: scheme. App Store preview web pages automatically open the App Store app by setting the location of an HTML <iframe> element to a macappstore: URL. My free open source app Stop The Mac App Store registers itself as the default macOS handler for the macappstore: scheme, thereby preventing Safari and Safari Technology Preview from automatically opening those URLs in App Store. If you click Cancel or press the escape key, the App Store app won’t open.

[…]

I’ve discovered that macOS Ventura and Sonoma changed how Safari handles App Store links, bypassing Stop The Mac App Store in some cases. Fortunately, I’ve also discovered a solution to the problem. In this blog post I’ll discuss both the problem and the solution. As a bit of a spoiler, let me first deflate the conspiracy theories: Apple wasn’t specifically targeting Stop The Mac App Store, which is too obscure to be noticed by the corporate giant. My app never lost the ability to become the default handler of the macappstore: URL scheme. Rather, it seems that macOS Ventura started treating App Store URLs as universal links[…]

It continues to be infuriating that macOS doesn’t offer a way to opt out of Universal Links. I’ve had to uninstall the Twitter and Mastodon apps because otherwise URLs for those services become unusable in my Web browser. I guess an alternative would be to switch from Safari to Chrome, which offers more control here.

As for macappstore: links, I generally prefer to view them on the Web because:

Unfortunately, you need to use the App Store app to access all of the reviews.

Previously:

Facebook Blocking Links to Kansas Reflector

Nick Heer:

Earlier this week, Dave Kendall of documentary production company Prairie Hollow and formerly of a Topeka, Kansas PBS station, wrote in the Kansas Reflector an article criticizing Meta. Kendall says he tried to promote posts on Facebook for a screening of “Hot Times in the Heartland” but was prevented from doing so. A presumably automated message said it was not compliant with its political ads policy.

[…]

While this interpretation of a deliberate effort by Facebook to silence critical reporting is kind of understandable, given its poor communication and the lack of adequate followup, it hardly strikes me as realistic. In what world would Meta care so much about tepid criticism published by a small news operation that it would take deliberate manual actions to censor it?

[…]

If some system at Meta erroneously flagged as a threat Kendall’s original attempt to boost a post, it makes sense that related stories and domains would also be flagged.

[…]

Unfortunately, the coverage of this non-story has been wildly disproportionate and misses the actual problems. […] What is true and deeply frustrating is the weak approach of companies like Meta and Google toward customer service. Both have offloaded the administrative work of approving or rejecting ads to largely automated systems, with often vague and unhelpful responses, because they have prioritized scale above quality from their earliest days.

Previously:

Google Search Changes Hurt Independent Sites

Brandon Saltalamacchia (Hacker News, Dennis):

The main source of our traffic was through Google Search. Whenever you searched for something retro gaming-related, our hope was that you would stumble across our website for advice, as we have invested hundreds of thousands of dollars into expert journalists to provide you with answers to your retro gaming queries. It worked incredibly well; Google’s search engine did what it entailed, showing users informative content created by human experts.

[…]

Since September 2023, Google has hidden our site from millions of retro gamers, reducing our organic traffic and revenue by 85% and causing our business to be on the edge of going under.

[…]

Google’s algorithms now favor a handful of results BEFORE “normal” websites, results that rarely show independent websites.

[…]

Reddit is the single biggest winner in recent algorithm changes, seeing millions of more clicks every single day thanks to recent updates.

[…]

My real issue is that Google isn’t telling us and other creators what we are doing wrong; they are replying with vague answers or sharing advice that goes completely against what’s showing up in the search results.

Spivak:

I left the article being like “oh it can’t be that bad” and left my little Kagi oasis to try out some Google searches similar to the article and I’ve completely changed my tune. What in the hell happened? There’s nary an organic result to be found, 80% of the page is shopping garbage and sponsored links, the few organic results are blogspam, and there’s banner ads in the middle of results now?

The folks here in the comments are missing the forest for the trees here, sure algo tweaks reshuffle winners and losers but there’s almost no results that aren’t Google’s own scraped content and ad spots. No amount of “make better content” can push you above the fold.

Barry Schwartz:

While we have still not seen any sites recover from the September 2023 helpful content update, we have seen sites recover from previous core updates. We were hoping by now to see sites recover from that September 2023 helpful content update with this March 2024 core update (since it incorporated the helpful content system in part), but no, not yet.

Previously:

Tuesday, April 9, 2024

OmniFocus 4.2

Ainsley Bourque Olson:

For anyone running the Pro edition of OmniFocus, this release also introduces some very exciting new custom perspective rules that support filtering based on dates, repeats, and more:

  • New “Has date in range” rule type enables filtering a perspective by assigned date range.
  • New “Is repeating” rule enables filtering repeating tasks.
  • New “Is project, group, or neither” rule type enables filtering for projects or groups.
  • New “Is in single actions list” rule type enables filtering for items in single action lists.

[…]

Also for anyone running the Pro edition of OmniFocus, Omni Automation now supports “Install Links” for simplified Omni Automation plug-in installation.

Release notes:

In direct downloads of the app, the icon chosen in Appearance Settings will continue to be used in the dock when the app isn’t running.

Ken Case:

After some heroic spelunking, debugging, and tuning of our SwiftUI outline view, we’re now testing a performance improvement for OmniFocus 4.2 which makes adding an item to an inbox with 100+ items 20x faster.

The outline performance on iOS is indeed much better.

The watch experience continues to be frustrating, with slow syncing that doesn’t trigger automatically nor always complete. After the update, the complication was stuck showing a count of actions that didn’t match the app, and the digits were truncated. I eventually fixed it by removing and re-adding the complication. I assume there’s some sort of OS issue here because I see similar problems with Lock Screen widgets on iOS, e.g. Weathergraph stuck showing a temperature from a week ago.

I’m going to try removing OmniFocus from my iPad, because even leaving it as the frontmost app doesn’t seem to get it enough background time for it to stay in sync when I don’t touch the iPad for a few weeks. My hope is that, with the iPad out of the mix, syncing will be faster everywhere and therefore more reliable on the watch.

Previously:

Copyright Takedown Against Hundreds of Wordle Clones

Jason Koebler:

The New York Times has filed a series of copyright takedown requests against Wordle clones and variations in which it asserts not just ownership over the Wordle name but over the broad concepts and mechanics of the word game, which includes its “5x6 grid” and “green tiles to indicate correct guesses.”

The Times filed at least three DMCA takedown requests with coders who have made clones of Wordle on GitHub. These include two in January and, crucially, a new DMCA filed this week against Chase Wackerfuss, the coder of a repository called “Reactle,” which cloned Wordle in React JS (JavaScript).

Craig Grannell:

I find it curious that this is even possible, given that Wordle itself was a straight rip of Lingo, which itself was in part based on existing mechanics. Games build on other games. The NYT denying that stops others from having the success Wordle itself enjoys.

Nick Heer:

The Times’ two most recent ideas for games were blatantly ripped from “Only Connect” but, sure, some random people on GitHub are irrevocably diluting Wordle’s reputation.

Timothy Geigner:

For this discussion, you really do need to recall that Wordle began as a free to play, simple daily game that became a quick craze nationally. It was created by one person, Josh Wardle, who made absolutely clear at the time that he had no interest in wrapping anything like intellectual property around the game. And when others did create spinoffs or clones of the game, he handled it in roughly as congenial a manner possible.

But then he sold the game to the New York Times. And the Times promptly began to strongarm these spinoffs and clones into shutting down, wielding IP threats to do so.

Nick Lockwood:

A lot of folks replying to this with “you can’t copyright gameplay” and of course that is correct, in legal terms. But with IP (as with so much in our society) it doesn’t actually matter what the law says, it only matters how much money you have.

A free software author cannot defend themselves against a billion dollar corporation in court unless they are willing to risk ending up homeless on the street.

Previously:

AirTag Firmware Rollout Date

iSoftware Updates (via Sebastiaan de With):

Looks like Apple accidentally set the deployment dates for the 2.0.73 AirTag firmware to “m/d/24” instead of “m/d/2024” that has used in previous versions and which the AirTag update system uses as date format.

As a result, AirTags think the deployment dates are in the year 24 and they just skip to the 100% rollout batch 😅

Why is the goLiveDate even stored as a string when plists have a date type?

Previously:

Daylight Saving Time UI Design Test

Nikita Prokopov (Hacker News):

I have five clocks in my house. All of them I have to change manually twice a year: one hour back in the Autumn and one hour forward in the Spring. Today was one of these days.

Each clock presents a unique puzzle. Three out of five have no direct controls for changing time, and manuals have long been lost, so I have to figure it out every time.

Previously:

Monday, April 8, 2024

Coordinated Lunar Time (LTC)

Aimee Picchi:

The moon could soon get its own time zone.

The White House is directing NASA to work with other government agencies to develop a lunar-based time system called Coordinated Lunar Time, abbreviated as LTC. The Biden administration has given the space agency until the end of 2026 to hammer out the new system.

According to a Tuesday memo from the White House’s Office of Science and Technology Policy, the goal is to create a standard time measurement that will help coordinate efforts as humanity returns to the moon for exploration and economic development. The reality of such developments is not far off, with Intuitive Machines’ Odysseus lander touching down on the moon earlier this year and NASA planning a manned landing in 2026.

Debbie Goldsmith:

I keep seeing the news about lunar time presented as “the Moon is getting its own time zone.” What’s actually happening is the Moon is getting its own time standard. The problem being solved is that time passes slightly more quickly on the Moon compared to Earth (due to General Relativity) and so the Moon needs its own time standard for precise measurements and navigation. UTC is the time standard for measuring time on Earth, and LTC is being created for the Moon.

Voice Dream Reader Switches to Subscriptions

Jonathan Mosen:

Unfortunately, the relationship between Voice Dream Reader’s new owners and its engaged user base got off to a rocky start. Members of the online blind community did not find out about the sale of Voice Dream Reader last year from either the buyer or the seller. Instead, they found out because an indie developer who offers a product that competes in some ways with Voice Dream Reader discovered a new subscription option in a just-released build of Voice Dream Reader. He, not anyone associated with the app, broke the news to the blind community that subscriptions were on the way.

When a developer moves from a one-off purchase model to a subscription-based model, it is always controversial, even if said company makes great efforts to communicate it thoroughly. When you add an unpopular change, the departure of a popular indie developer, and nonexistent communication together, those ingredients add up to an inevitable firestorm. In the absence of information to the contrary, existing customers were concerned that they were about to be charged.

[…]

When a developer publishes an app in the App Store, they must comply with Apple’s App Review Guidelines. […] There is no wiggle room here. By taking away primary functionality users already paid for, such as adding new material to the Library, Voice Dream Reader does not comply with the Guidelines. […] Voice Dream Reader’s release notes make no mention of the subscription being forced on people who paid for the app already if they want to retain the functionality they paid for, and I suspect this has simply flown under Apple’s radar.

Via Shelly Brisbin:

The move comes from the app’s new owner, Applause Group, which bought the app in 2023 from original developer Winston Chen. Part of the backlash results from the planned $79 per year price tag (discounted to $59 until at least May 1, when the subscription becomes mandatory), but a bigger issue for longtime users is that Applause Group will effectively disable the older version of the app.

Applause Group:

Your feedback, along with the impactful stories shared about Voice Dream being a pivotal part of your daily lives, has led us to reverse this change.

[…]

We will continue to provide access to the app’s existing features at no additional cost.

Previously:

Music App Links in EU

Apple (Hacker News):

3.1.1(a): Updated to include Music Streaming Services Entitlements.

The new guideline reads:

3.1.1(a) Link to Other Purchase Methods: Developers may apply for entitlements to provide a link in their app to a website the developer owns or maintains responsibility for in order to purchase digital content or services. Please see additional details below.

[…]

Music Streaming Services Entitlements: music streaming apps in specific regions can use Music Streaming Services Entitlements to include a link (which may take the form of a buy button) to the developer’s website that informs users of other ways to purchase digital music content or services. These entitlements also permit music streaming app developers to invite users to provide their email address for the express purpose of sending them a link to the developer’s website to purchase digital music content or services. Learn more about these entitlements.

Innovation!

Juli Clover:

The European Commission in March fined Apple $2 billion for anti-competitive conduct against rival music streaming services. The fine also came with a requirement that Apple “remove the anti-steering provisions” from its App Store rules, which Apple has now done. Apple is restricted from repeating the infringement or adopting similar practices in the future, though it is worth noting that Apple plans to appeal the decision.

Previously:

Allowing iOS Game Emulators and Mini Apps

Apple (Hacker News):

4.7: Added games from retro game console emulator apps to the list of permitted software, and clarifies that mini apps and mini games must be HTML5.

Sweet! The new guideline reads:

4.7 Mini apps, mini games, streaming games, chatbots, plug-ins, and game emulators

Apps may offer certain software that is not embedded in the binary, specifically HTML5 mini apps and mini games, streaming games, chatbots, and plug-ins. Additionally, retro game console emulator apps can offer to download games. You are responsible for all such software offered in your app, including ensuring that such software complies with these Guidelines and all applicable laws. Software that does not comply with one or more guidelines will lead to the rejection of your app. You must also ensure that the software adheres to the additional rules that follow in 4.7.1 and 4.7.5. These additional rules are important to preserve the experience that App Store customers expect, and to help ensure user safety.

[…]

Your app may not extend or expose native platform APIs to the software without prior permission from Apple.

Juli Clover:

Game emulators have managed to sneak onto the App Store several times over the years by using hidden functionality, but Apple has not explicitly permitted them until now. The rule change that allows for game emulators is worldwide, as is support for apps that offer mini apps and mini games.

Ben Sandofsky:

From day one, Apple banned emulation from the App Store for no legal reason, just vibes, even though users want it.

After @altstore announces their own third-party App Store, which will be a haven for emulators, Apple changes their rules to allow it.

Riley Testut:

10 years too late Apple 🙃

Emma Roth (via Tom Warren):

Apple says those games must comply with “all applicable laws,” though — an indication it will ban apps that provide pirated titles.

[…]

The change seems to come in response to the antitrust lawsuit filed by the United States, which accuses Apple of attempting to stomp out both cloud game streaming apps and super apps. Apple recently started letting cloud streaming services, like Xbox Cloud Gaming and GeForce Now, onto the App Store.

Samuel Axon (Hacker News):

It’s a little fuzzy how this will play out, but it may not allow the kind of emulators you see on Android and desktop, which let you play retro games from any outside source.

jeff_tyrrill:

The emulator change is a minor rule change about bundling and is not what many of the reactions to the change think.

What people seem to think this means: Open-ended retro game emulators like Snes9x and Dolphin are now allowed. (I don’t think this is correct.)

What the change is actually doing: If you are the licensed publisher of a retro game collection, you can now offer them in one app (including perhaps downloading additional games added to the collection later) instead of splitting them into individual apps. Each game must be individually vouched for.

What is not changing: “Emulators” have long been allowed if the emulated code is bundled with the app and it is officially licensed.

Mike Rockwell:

I suppose it’s still possible that emulators like RetroArch and PPSSPP would be allowed, but it seems like the rule could imply that this is just for retro game collections that allow for downloading of more games within the app. More like Sega releasing a Sonic the Hedgehog collection that utilizes emulation or a game developer that wants their homebrew NES game available on iOS.

I suspect someone will test the rule and see exactly where the line is drawn, but I get the feeling we’ll still need sideloading to have what we think of as “emulation” on iOS.

Colin Cornaby:

Actually - this reading makes it sound like my DOS emulator dream is still dead. You could actually ship emulators to the store before - but they had to include the ROMs in the bundle. This just makes it sound like games are allowed to download ROMs from an external server that is still under developer control.

[…]

Basically if Sega wanted to launch an “Every Genesis game ever” service it would have been difficult before because they would have been forced to include every game in the app bundle.

This just makes it so they can download those ROMs on the fly.

OatmealDome:

Notably, Apple still does not allow non web browsing apps to use JIT recompilers. This precludes emulators for 6th generation and newer consoles (GameCube, etc) from running on the platform even with this guideline change.

I submitted a DMA interoperability request for JIT recompilers, but Apple denied it on the grounds that it doesn’t fall under Article 6(7) for “multiple reasons”, including that JIT is only used by web browsers on iOS.

Steve Troughton-Smith:

An App Store with game streaming services and support for emulators is a better App Store.

Apple is using this opportunity to find out why people might ever want to sideload or jailbreak, and head them off at the pass.

Now do virtualization and JIT, since those are easy, low hanging fruit

Nick Lockwood:

also, with retro games the developers don’t keep remotely tweaking a game that you liked after you bought it and removing content you already paid for until it’s no longer a game you like

Craig Grannell:

“You can load your own ROMs? That’s piracy!” now appears to be the default take on emulators and the App Store.

And, yes, it may well be. But places do also sell ROMs for old systems, or provide them as a digital backup/alternative when you purchase a cartridge or disk. It’s not 100% yo-ho-ho.

Also, the other growing consensus – Apple will only allow emulators where you can add games via IAP – makes no sense to me because that’s existed for YEARS in the App Store anyway.

Another example of raising App Store fees without raising the percentage.

Previously:

Friday, April 5, 2024

Embedding a Privacy Manifest Into an XCFramework

Joe Heck (Mastodon):

I expected documentation at least, and was hoping for an update in Xcode – specifically the xcodebuild command – to add an option that accepted a path to a manifest and included it appropriately. So far, nothing from Apple on that front. […] I hope that something is planned to make this easier, or at the minimum document a process, since it now appears to be an active requirement for new apps presented to the App Store.

[…]

In the meantime, if you’re Creating an XCFramework and trying to figure out how to comply with Apple’s requests for embedded privacy manifests, hopefully this article helps you get there. As I mentioned at the top of this post, this is based on my open source work in Automerge-swift. I’m including the library and XCFramework (and show it off) in a demo application. I just finished working through the process of getting the archives validated and pushed to App Store Connect (with macOS and iOS deliverables). To be very clear, the person I worked with at DTS was both critical and super-helpful. Without this information I would have been wandering blindly for months trying to get this sorted.

Previously:

Macs Targeted by Infostealer Malware

Jamf Threat Labs:

While searching for “Arc Browser” on Google, it was brought to our attention that following the sponsored result for what seems to be the legitimate Arc web browser, actually brings you to a malicious site aricl[.]net that imitates the legitimate arc.net.

[…]

The DMG is signed ad-hoc and provides directions to right-click the app and select open thus overriding any Gatekeeper warnings.

[…]

Dumping plain text passwords out of the keychain requires the user’s macOS password. Infostealer developers have long caught on to the fact that the easiest way to get this password is to simply ask the user for it. We see a prompt generated via a call to AppleScript.

Recalling Apple v. Qualcomm

Reed Albergotti (via Eric Migicovsky):

One of the first stories I covered then was Apple’s lawsuit against Qualcomm, which was accused of having a wireless modem monopoly and overcharging companies for the device. Apple paid Qualcomm about $7 per phone.

The opening arguments in that trial were riveting. Apple’s slide presentation included a photo of Radar O’Reilly, the comic relief radio operator from M.A.S.H. That was Qualcomm, Apple’s lawyers argued, the company that simply operated the radio on Apple’s otherwise sophisticated device.

Then it was Qualcomm’s lawyers’ turn. They revealed bombshell documents that had not been publicly seen before; Apple’s lawyers had accidentally sent them to Qualcomm.

[…]

Apple had tried to replace some of Qualcomm modems with a different model made by Intel. But Qualcomm chips were so much faster that Apple had to secretly throttle them so that all of its phones would operate at the same level.

Qualcomm only sought a percentage of the cost of the iPhone, not of all the software and services that used the modem.

Previously:

Trying to Bring Apple Watch to Android

Chance Miller (Hacker News):

As part of its response to the United States DOJ lawsuit today, Apple confirmed that it at one point considered creating an Apple Watch for Android. The company tells me that it spent three years working on bringing Apple Watch to Android before ultimately scrapping the idea.

Mark Gurman:

This was Project Fennel, which I wrote about last year.

I’d love to know more about this because it doesn’t seem to make much sense given the way apps work. Would it have been just be the built-in apps and some health features? If there’s an antitrust issue here, I would think it’s with lack of support for third-party watches on iOS rather than not supporting Apple Watch on Android.

Previously:

Thursday, April 4, 2024

Google Podcasts Is Gone

David Pierce:

Google Podcasts is dead. It has been dying for months, since Google announced last fall that it was killing its dedicated podcast app in order to focus all its podcasting efforts on YouTube Music. This is a bad idea and a big downgrade, and I’d be more mad if only I were more surprised.

The Podcasts app is just the latest product to go through a process I’ve come to call The Google Cycle. It always goes the same way: the company launches a new service with grandiose language about how this fits its mission of organizing and making accessible the world’s information, quickly updates it with a couple of neat features, immediately seems to forget it exists, eventually launches a competitor out of some other part of the company, obviously begins to deprecate it and shift focus to the new competitor, and then, years later, finally shuts it down for real. The Google Graveyard is full of apps like Reader, Duo, Inbox, Allo, Wallet, and countless others that have been through The Google Cycle, and it feels just as bad every time.

Via John Gruber:

I haven’t been bitten by Google killing an app or service since Google Reader, because I never again trusted them. I suppose this might be a lot more difficult for Android users, but I honestly don’t even remember the last time I added a new Google app or service to the set of tools I rely upon.

YouTube is irreplaceable. I wouldn’t want to be without Google Maps. Other than that, I use Google Search, Google News, Google Cloud Storage (with Arq), and Google Wi-Fi, all of which have decent alternatives. AdSense doesn’t, but it seems to have gotten a lot worse and isn’t doing much for me these days. I stopped using AdWords a while ago because it seemed untrustworthy. I also have a Nest Cam, which Google hasn’t supported very well.

See also: Sunset.

Update (2024-04-12): Tim Hardwick:

Google One VPN will be discontinued later this year, according to a customer email seen by Android Authority. The service was rolled out for Android in October 2020, before coming to iOS devices and Macs in 2022.

AV1 Integer Overflow

Paul Ducklin (tweet):

The security vulnerablities themselves turn out to be a single bug, or at least to be covered by a single bug identifier, CVE-2024-1580, which was found and reported by Nick Galloway, a researcher in Google’s Project Zero bug-hunting team[…]

[…]

We’re guessing, from Apple’s purposeful silence when the first fixes came out last week, that the CVE-2024-1580 bug was considered dangerous to document before the patches for other platforms, notably macOS, were published.

We’re further guessing that this implies that even with just basic information on what to look for and where to start, cybercriminals will be able to work backwards from the patches to construct a working exploit.

However, it seems that the details had already been made public in February.

CVE-2024-1580:

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder.

Previously:

New FileVault Recovery Keys and GoFetch

Howard Oakley:

macOS Sonoma 14.4 and 14.4.1 updates have been prompting some users to create a new FileVault Recovery Key. If you see this as your Mac completes an update, here’s what you should next.

[…]

If your Mac has FileVault turned on, and you opt to use a Recovery Key, check using fdesetup validaterecovery that the Recovery Key is correct whenever it’s changed. Otherwise you could be in for a big disappointment if you ever need to use it.

It’s not clear why some users are being prompted.

Howard Oakley:

The internal SSD in T2 and Apple silicon Macs is connected directly to its Secure Enclave, which performs its encryption and decryption using keys generated and stored within the Secure Enclave.

[…]

All volumes on the internal SSD that are encrypted have a Volume Encryption Key (VEK), protected by two internal keys, one the unique hardware UID from the Secure Enclave, the other from xART and intended to protect from replay attacks. The VEK isn’t exposed outside the Secure Enclave, nor is it handled by CPU cores.

[…]

When a user enables FileVault, a third key becomes involved in protecting the VEK, the Key Encryption Key (KEK), protected by the User Password and the hardware UID. This explains how no decryption and re-encryption is required when changing the User Password, or when enabling or disabling FileVault. Changes to the KEK affect access to the VEK, but don’t change the VEK at all.

[…]

Software encryption, including FileVault, for external storage of Apple silicon Macs may be vulnerable to GoFetch, but there’s no evidence that could affect FileVault encryption performed in the Secure Enclave.

Previously:

GoFetch

GoFetch (PDF, Hacker News):

GoFetch is a microarchitectural side-channel attack that can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs).

We show that DMPs are present in many Apple CPUs and pose a real threat to multiple cryptographic implementations, allowing us to extract keys from OpenSSL Diffie-Hellman, Go RSA, as well as CRYSTALS Kyber and Dilithium.

Dan Goodin (via Kim Zetter, Hacker News, MacRumors):

The flaw—a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols—can’t be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.

[…]

The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years.

[…]

The breakthrough of the new research is that it exposes a previously overlooked behavior of DMPs in Apple silicon: Sometimes they confuse memory content, such as key material, with the pointer value that is used to load other data. As a result, the DMP often reads the data and attempts to treat it as an address to perform memory access. This “dereferencing” of “pointers”—meaning the reading of data and leaking it through a side channel—is a flagrant violation of the constant-time paradigm.

Bruce Schneier:

Note that exploiting the vulnerability requires running a malicious app on the target computer. So it could be worse. On the other hand, like many of these hardware side-channel attacks, it’s not possible to patch.

Casey Muratori (tweet):

I recorded this video where I walk through what a “DMP” is, what the researchers figured out about Apple M-Series DMP behavior via microbenchmarking, and how a “GoFetch” DMP-enabled attack works in practice.

If you are already familiar with microarchitecture analysis, and would like some deeper reading on the subject, I would suggest reading the original GoFetch paper and three of its references in particular[…]

Paul Ducklin:

Intel, perhaps confusingly, gives the setting that turns this feature off the name DOIT, short for data operand independent timing, which actually tells the CPU, “Don’t do data memory-dependent prefetching.”

[…]

Very simply put, the researchers figured out how to feed in decryption keys that they knew wouldn’t work, but that might trigger DMP if they had guessed one of the bits in the key correctly, because they would have tricked the CPU into thinking it was looking at a pointer of interest.

By testing how quickly they could access the ‘memory address of interest’ immediately afterwards, they could determine whether it had been prefetched by the CPU (fast access) or not (slightly slower access), and therefore decide whether they had guessed correctly at one of the bits in the key.

With enough trials, they could gradually recover more and more bits of the key, to the point that they could then use other, existing attacks, albeit involving additional work based on data collected during the GoFetch stage, to figure out the entire key.

Previously:

Update (2024-04-08): Damien Petrilli:

Still not a word from Apple since this issue was disclosed publicly.

Wednesday, April 3, 2024

Seven Years of APFS

Howard Oakley:

Although APFS has certainly had its moments over the last seven years, Apple’s gambles have paid off, and proved key to the success of Apple silicon Macs. Had there been no APFS, many of the fundamental technologies like Secure Boot and the Signed System Volume (SSV) would have been far tougher if not impossible to implement.

[…]

What has attracted almost no attention, though, is how APFS is designed to prolong the working life of SSDs by minimising the number of write/erase cycles. Although the user may be unable to realise the space efficiency achieved with the use of sparse and clone files, for instance, by reducing the number of storage blocks actually written in order to store files, with APFS each write/erase cycle should store unique data rather than needless copies or null data.

This is of little or no comfort to those condemned to use hard disks for storage, even if only for Time Machine backups. Although the great majority of APFS users’ devices will never be connected to a hard disk, for the small minority running it in macOS, they remain the medium of choice for backups and other bulk storage, and vulnerable to performance degradation resulting from fragmentation by the file system.

[…]

Although Apple dropped early hints that APFS might be released as open source, after seven years information about its internals released by Apple still appears to be insufficient to allow third-party developers to create maintenance tools independent of those bundled in macOS. This isn’t just about the potential for someone outside Apple to improve on the performance of fsck or Disk Utility, but also concerns features that Apple shows no sign of supporting.

For me, the biggest issues are:

Previously:

A Disk So Full, It Couldn’t Be Restored

Glenn Fleishman (Mastodon):

Turned out, my kid had managed a neat trick, though they were not alone: they had filled macOS’s startup volume storage so full that the operating system was incapable of deleting files in any fashion. Instead of halting the massive Steam download when the drive became disastrously full, macOS continued to write files until there was just 41K free on the drive.

[…]

Due to our gigabit Internet connection and the size of the Steam file, macOS outstripped its ability to throttle filling storage because it was also making a local Time Machine snapshot.

[…]

It was time to restart to see if it would clear caches. Unfortunately, restarting left the Mac unable to start up at all. No matter what I tried, it would reach about halfway through the progress bar before failing.

[…]

I shifted to recoveryOS, Apple’s somewhat new name for the special disk partition in macOS that lets you run operations on the main startup volume while it’s not mounted, including Disk Utility repairs and reinstallation. From there, I hit the wall as well, as Terminal commands continued to fail with the same error.

He had to erase the Mac and ran into a Sonoma bug trying to restore from a network Time Machine backup.

Previously:

Checking Bootable Systems Using bputil

Howard Oakley:

Apple gives the user control over the level of security to be used, in Startup Security Utility, in Recovery. For this to work with boot volume groups (BVGs), each must have its own set of boot security policies, determined by its LocalPolicy.

Without a valid LocalPolicy, Apple silicon Macs will refuse to boot from what would otherwise be a bootable BVG. This article extends my previous account of what makes a disk bootable by explaining more about LocalPolicy, and how you can use the command tool bputil to check it.

[…]

LocalPolicy is created when installing macOS to an external disk, when the boot volume group on that disk is assigned its Owner. It can also be created when selecting the boot volume group on a bootable external disk to be the startup disk, if it doesn’t already have a valid LocalPolicy, for example when you want to boot from an external disk previously created using another Mac. This is commonly the point at which failure occurs.

Previously:

Apple’s Problem With Lina Khan

Matt Stoller (ArsTechnica):

As part of the claim outside of the smartphone, the Antitrust Division asserted that “Apple’s conduct extends beyond just monopoly profits and even affects the flow of speech. For example, Apple is rapidly expanding its role as a TV and movie producer and has exercised that role to control content.” Some economists mocked the suit, suggesting, among other things, that political power should have no role in analysis of how monopolies function.

A recent incident should have disabused us all of that naive illusion. Last night, Jon Stewart interviewed Federal Trade Commission Chair Lina Khan on the Daily Show. Stewart, after a long hiatus, which included a stint doing a podcast for Apple TV+, resumed hosting the show he made famous, even if only one night a week. During the interview with Khan, he said that Apple had blocked him from interviewing her while he was at Apple. “They literally said, please don’t talk to her,” he offered. Stewart also noted that Apple had told him not to do segments on artificial intelligence, adding to his earlier complaints about Apple’s refusal to sanction discussions of China.

Note that Stewart was trying to interview Khan for his podcast, not for his actual Apple TV+ show.

Previously:

Tuesday, April 2, 2024

Switching From Xcode to Neovim

Wojciech Kulik:

To give you an idea what it means, here is a simple example. Let’s say you want to delete the current line in Xcode. You would probably use the mouse to select the line, then press cmd + x to cut it or backspace to delete it. In Neovim, you can do the same thing with just one command: dd.

Another example is let’s say deleting everything within the nearest brackets. In Xcode, you would have to manually select the text, while in Neovim you can do it with dib or cib if you want to start typing right away.

These are both pretty easy to do in Xcode. You can use Control-A, Control-K to delete the current line. And I assign Command-Shift-B to Xcode’s Balance command to select everything within the nearest brackets. It does not have editor macros, though.

You could have thought: “ok, but what’s the difference between Neovim and VSCode? It also offers thousands of plugins.”

The difference is that Neovim allows you to extend the environment without creating the whole plugin and the knowledge on how to do that. You just need to know the basics of Lua language (which is very easy to learn) and you can right away customize whatever you want directly in your config.

Previously:

Update (2024-04-03): Timothy Perfitt:

i just discovered recently that xcode has a VIM mode as well. so you literally can do dd in xcode as well.

Where iPad Fits In

Matt Birchler:

Well, nearly 2 months later and it turns out the Vision Pro replaced precisely zero of my iPad use cases, and every day I find myself thinking, “sure would be nice if I had an iPad right now.”

[…]

The iPad is not a good replacement for a Mac or an iPhone for me, but damn it all if I didn’t enjoy having it around for some situations where neither of those devices were perfect. It’s cliche, but the iPad was the G.O.A.T. for doing stuff on the couch.

[…]

A Mac that could run on iPad hardware would be a dream for me, but that product doesn’t exist today.

Rowan Johnson:

It’s on these occasions that — like Matt — I miss my iPad. In fact, I would be incredibly reluctant to live without one in my life. Yet, the iPad still feels like it’s finding a place as far as work and productivity goes. So which is it? Is it an indispensable tool or is it a toy?

[…]

In theory, everything I’ve described above is possible to accomplish on an iPad. But MacOS is simply more reliable and capable. From obvious things, like the variety of software available on the Mac, to less visible things like the way MacOS handles app multitasking, I know that if I take my Mac on a job it will handle whatever gets thrown at it. I simply can’t say that same about my iPad.

iPadOS has a “death by a thousand cuts” issue, where all of the little things it can’t do results in the iPad being unreliable for anything particularly mission critical. On my iPad, if I start uploading a big video file to WeTransfer or Frame.io in Safari, the system will almost certainly boot it from memory before it’s finished the upload unless I keep that Safari tab open in front of me the whole time.

[…]

But my iPad can be used as a teleprompter with the right accessory for my camera. It can be used for drawing sketches of my tech plans for live streams with an Apple Pencil. It can act as a monitor to allow a presenter to get Q&A questions from Slido, Zoom or Teams during a live stream; far more discretely than a laptop or computer monitor could.

[…]

In short, my iPad is a big iPhone, but with more room to breathe.

Via Eric Schwarz:

Despite my M2 MacBook Air being an excellent piece of hardware, I don’t love macOS in its current state as much as the earlier OS X days. It feels colder, unfriendlier, and in some ways like a bad iOS skin on top of older versions of Mac OS X—it does get used for all the heavy-lifting that is just too cumbersome on iPadOS.

Previously:

Oregon Passes Right-to-Repair Law

Karl Bode (Hacker News, MacRumors):

Oregon has officially become the seventh state (behind New York, California, Massachusetts, Colorado, Maine, and Minnesota) to pass “right to repair” legislation, making it easier and more affordable for consumers to independently repair their own electronics.

[…]

But it also takes aim at “parts pairing,” or the practice of preventing you from replacing device parts without the approval of a company or its restrictive software. Apple, which routinely uses this practice to try and monopolize repair, lobbied extensively against the Oregon bill. As usual, under the (false) claim that eliminating parts pairing would put public safety and security at risk[…]

Nick Heer:

Quick note: the bill (PDF) specifically exempts restrictions on parts pairing related to battery safety in paragraph 3(f). Of course, Apple has made the same dire warnings for years in protest of right-to-repair legislation, and it is hard to know how seriously to take these claims. Oregon’s law does impose some new rules about the ways parts pairing can be used which appear to address some gaps in Apple’s repair policies.

Previously:

AI and the Web Developer Job Market

Baldur Bjarnason:

We have the worst job environment for tech in over two decades and that’s with the “AI” bubble in full force. If that bubble pops hard before the job market recovers, the repercussions to the tech industry will likely eclipse the dot-com crash.

[…]

Not every CEO is predicting the end of programming as a profession. GitHub’s CEO instead thinks that programmers will be the primary beneficiaries of the introduction and improvement of LLM tools for coding.

[…]

This world-view assumes that the purpose of software development is the productive creation of successful, defect-free, software projects. LLMs would increase productivity.

The alternate world-view, one that I think is much more common among modern management, is that the purpose of software development is churn.

Via Kyle Hughes:

The overwhelming thing I agree with is: the observable disconnect between software quality and business outcomes is what is ripe for exploitation in the short-to-mid-term with LLMs. We don’t need to agree on the efficacy of LLMs to agree on this. If management could reduce quality and cost by an order of magnitude while maintaining or slightly sinking outcomes, wouldn’t they?

I think Apple platform developers are more likely to be caught off-guard by the viability of business success on top of bad software. I think we assume the success of iOS in particular is due to software quality but I have always suspected it was a secondary factor, if relevant at all. We could all collectively uphold that illusion because we were the self-selected people that cared and did the work. It’s hard to tell if it’s just our pet concern.

Previously:

Monday, April 1, 2024

XPC Resources

Quinn:

XPC is the preferred inter-process communication (IPC) mechanism on Apple platforms. XPC has three APIs:

  • The high-level NSXPCConnection API, for Objective-C and Swift

  • The low-level Swift API, introduced with macOS 14

  • The low-level C API, which, while callable from all languages, works best with C-based languages

A great collection of links.

App Store Subscriptions and Family Sharing

Craig Hockenberry:

Your code and the App Store don’t agree about when a subscription expired. The cause of this is Apple’s StoreKit sample code. It’s likely that you have some code similar to line 246 of Store.swift:

subscriptionGroupStatus = try? await subscriptions.first?.subscription?.status.first?.state

That code will work fine until you encounter a customer that has Family Sharing enabled, as most do. The issue is that the Product.SubscriptionInfo can contain multiple items, and the code above only checks the first one.

How can that happen? With Family Sharing, the people who are using the subscription act independently: one may subscribe for a year and then cancel. Then another could subscribe at a later date for only a month. You have to check all of the subscriptions, not just the first one.

As he notes, it’s not documented that the sample code doesn’t support Family Sharing. And, even if you’re aware of this issue, there’s no reasonable way to test your code in Xcode, TestFlight, or even production.

Previously:

Apple’s Immersive Video Problem

Jason Snell:

On Thursday Apple debuted its first immersive video since the Vision Pro launched, a five-minute-long compilation of highlights from the MLS Cup playoffs late last year.

Without even seeing the video, I had many questions. Why did it take more than three months to produce a highlight package? And why, when it finally arrived, was it only five minutes long? And what do those two facts suggest about how difficult it is for Apple to produce immersive video content on an ongoing basis?

[…]

Most of Apple’s initial immersive videos, launched with the Vision Pro, linger with long shots. Cuts happen, but only occasionally. The pace is such that when a cut occurs, there’s time to re-orient. You need time to immerse. Quick cuts in a regular video help speed up the action; in immersive video, they’re like hitting a speed bump.

Previously:

xz Backdoor

Thomas Claburn:

Red Hat on Friday warned that a malicious backdoor found in the widely used data compression software library xz may be present in instances of Fedora Linux 40 and in the Fedora Rawhide developer distribution.

The IT giant said the malicious code, which appears to provide remote backdoor access via OpenSSH and systemd at least, is present in xz 5.6.0 and 5.6.1. The vulnerability has been designated CVE-2024-3094. It is rated 10 out of 10 in CVSS severity.

Dan Goodin (Hacker News):

xz Utils is nearly ubiquitous in Linux. It provides lossless data compression on virtually all Unix-like operating systems, including Linux. xz Utils provides critical functions for compressing and decompressing data during all kinds of operations. xz Utils also supports the legacy .lzma format, making this component even more crucial.

Andres Freund, a developer and engineer working on Microsoft’s PostgreSQL offerings, was recently troubleshooting performance problems a Debian system was experiencing with SSH, the most widely used protocol for remotely logging in to devices over the Internet. Specifically, SSH logins were consuming too many CPU cycles and were generating errors with valgrind, a utility for monitoring computer memory.

Through sheer luck and Freund’s careful eye, he eventually discovered the problems were the result of updates that had been made to xz Utils. On Friday, Freund took to the Open Source Security List to disclose the updates were the result of someone intentionally planting a backdoor in the compression software.

[…]

This code allowed someone in possession of a predetermined encryption key to log in to the backdoored system over SSH. From then on, that person would have the same level of control as any authorized administrator.

See also:

HaxRob:

Plans to literally “hack the planet” foiled due to 500ms of latency that Andres instinctually investigated.

The latency was due how the malicious code parsed symbol tables in memory.

Amjad Masad:

You know that annoying person on your team who insists every bit of perf regression needs to be investigated. One day they will save the world.

Perry E. Metzger:

I’ve always thought that your CI and monitoring systems absolutely have to flag performance regressions and that you have to investigate them quickly, but I never thought of it as a security issue until now.

Rob Mensching:

Lots of analysis of the xz/liblzma vulnerability. Most skip over the first step of the attack:

0. The original maintainer burns out, and only the attacker offers to help (so the attacker inherits the trust of the project built by the maintainer).

Gynvael Coldwind (Hacker News):

Someone put a lot of effort for this to be pretty innocent looking and decently hidden. From binary test files used to store payload, to file carving, substitution ciphers, and an RC4 variant implemented in AWK all done with just standard command line tools. And all this in 3 stages of execution, and with an “extension” system to future-proof things and not have to change the binary test files again. I can’t help but wonder (as I’m sure is the rest of our security community) – if this was found by accident, how many things still remain undiscovered.

Rob Mensching (Hacker News):

This thread is a microcosm of the interactions in Open Source projects. Consumers make demands (some polite, some not-so-polite) of one maintainer (rarely two) that does everything.

Make no mistake. This is the way it works.

Glyph Lefkowitz:

For most maintainers, Tidelift pays a sub-hobbyist amount of money, and even setting it up (and GitHub Sponsors, etc) is a huge hassle. So even making the transition from “no income” to “a little bit of side-hustle income” may be prohibitively bureaucratic.

[…]

Specifically, every employer of software engineers should immediately institute the following benefits program: each software engineer should have a monthly discretionary budget of $50 to distribute to whatever open source dependency developers they want, in whatever way they see fit.

[…]

This sub-1% overhead to your staffing costs will massively de-risk the open source projects you use. By leaving the discretion up to your engineers, you will end up supporting those projects which are really struggling and which your executives won’t even hear about until they end up on the news.

thegrugq:

The xz backdoor was the final part of a campaign that spanned two years of operations. These operations were predominantly HUMINT style agent operations. There was an approach that lasted months before the Jia Tan persona was well positioned to be given a trusted role.

[…]

Every intelligence agency in the world could run this campaign, design and execute these operations. There is a serious level of technical acumen on display as well, the Jia Tan persona has to be able to do the work and talk the talk, but the core of this campaign is HUMINT.

[…]

It is important to remember that Lasse is blameless in this. There is no individual, and very very few organisations, able to detect, let alone resist!, the directed interest of an intelligence agency.

Lukasz Olejnik:

We should… maybe… resist the temptation of portraying XZ as alleged evidence of underfunded OS. Could it rather be THE evidence that resisting orchestrated and well-organised and funded campaign is hard?

Saagar Jha:

The problem is that nobody can read all this code. That’s it. You can make the code 50% clearer or reduce the number of libraries loaded or increase auditing but there is so many orders of magnitude more code being written than is properly reviewed that this can’t be fixed

It makes me so sad because I want this to be fixed and I want to go “oh if we paid maintainers some money the problem would go away” but, like, it just doesn’t seem to work. There is just so much code. We are drowning in it. The complexity of our stacks is insane

Juliano Rizzo:

Jia Tan’s git commit to turn off Landlock sandboxing one week after Lasse Collin improved it.

Note the extra period.

Simple Nomad (Hacker News):

This xz backdoor thing reminds me of a story I heard from friends that worked at a tech company that made cell phones. They had a great coder that worked on the project, he had put in work as a contractor for a few months, and due to the quality of his work he was hired in full time. After two months he simply stopped showing up to the office.

An investigation turned up the following interesting items. His account had accessed all files including source code to all cellular projects - in that he had apparently downloaded a copy of everything. He had committed a large amount of contributions to the project he was assigned to. None of his paychecks were ever cashed. A wellness check to the house he had rented was performed and the house was completely empty.

Isaiah Carew:

xz is an inflection point. people are going to lose their collective shit.

the idea that instead of breaking 4096-bit keys with gigawats of compute, or infiltrating hardened machines with 1337 haxors…

just shotgun backdoors into 1000 libraries that everyone uses.

Feross Aboukhadijeh:

The xz package backdoor is just the tip of the iceberg.

There’s a CONSTANT low-level stream of malware and spyware being uploaded to npm, PyPI, and Go registries.

I want to share a few examples from the 20,000+ malicious packages we detected so far[…]

Previously:

Update (2024-04-02): Russ Cox (via Hacker News):

This post is a detailed timeline that I have constructed of the social engineering aspect of the attack, which appears to date back to late 2021.

Mark Atwood:

The xz attack was not because it was open source. The attack failed because it was open source. The way this attack works for non-open source is the attacker spends 2 years getting an agent hired by contract software development vendor, they sneak it in, nobody finds out.

FFmpeg:

The xz fiasco has shown how a dependence on unpaid volunteers can cause major problems. Trillion dollar corporations expect free and urgent support from volunteers.

@Microsoft @MicrosoftTeams posted on a bug tracker full of volunteers that their issue is “high priority”

Update (2024-04-03): Russ Cox (Hacker News):

At a high level, the attack is split in two pieces: a shell script and an object file. There is an injection of shell code during configure, which injects the shell code into make. The shell code during make adds the object file to the build. This post examines the shell script.

See also:

Update (2024-04-08): blasty (via Hacker News):

the xz sshd backdoor rabbithole goes quite a bit deeper. I was just able to trigger some harder to reach functionality of the backdoor. there's still more to explore.

John Gruber:

Another is that it was very subtle: the ultimate goal was a back door in OpenSSH but the attacker(s) put their code in a compression library that was sometimes a dependency for another library that was itself only sometimes a dependency of OpenSSH.

See also: Jordan Rose.

Update (2024-04-11): Oxide Computer Company (via Adam Leventhal):

Andres Freund joined Bryan and Adam to talk about his discovery of the xz backdoor. It’s an incredible story… so great to get into the details with Andres. We started by ranting about the coverage in the New York Times… coverage that explicitly refused to dig into the details! It’s all the more shocking because the big story here is how Andres’ penchant for digging into the details is what saved us all from what would have been a pervasive and damaging attack!

Bruce Schneier:

It’s impossible to count how many of these single points of failure are in our computer systems. And there’s no way to know how many of the unpaid and unappreciated maintainers of critical software libraries are vulnerable to pressure. (Again, don’t blame them. Blame the industry that is happy to exploit their unpaid labor.) Or how many more have accidentally created exploitable vulnerabilities. How many other coercion attempts are ongoing? A dozen? A hundred? It seems impossible that the XZ Utils operation was a unique instance.

Solutions are hard. Banning open source won’t work; it’s precisely because XZ Utils is open source that an engineer discovered the problem in time. Banning software libraries won’t work, either; modern software can’t function without them.

Friday, March 29, 2024

The Journal App’s “Discoverable by Others” Setting

Joanna Stern:

When you go into Settings > Privacy & Security > Journaling Suggestions, you’ll see that Discoverable by Others is enabled by default—even if you never turned on suggestions. Under the setting it says, “Allow others to detect you are nearby to help prioritize their suggestions.”

Uh. Why is this on by default when the suggestions setting is off by default? Is the iPhone automatically reminding my nearby contacts that I am around? And encouraging them to journal about what we are doing together?

[…]

The phone can use Bluetooth to detect the number of devices nearby that are in your contacts. It doesn’t store which of these specific contacts were around but instead may use this as context to improve and prioritize journaling suggestions, the spokeswoman said.

[…]

Basically, Apple knows this new app isn’t likely to be used by the masses right away, so it turned on this service to give its earliest users a journaling boost.

John Gruber (Mastodon):

This is a fine feature, and I think it’s fine that it’s on by default. But the description of the feature in Settings is just atrocious. It sounds creepy as hell.

Magnus Ahltorp:

Also, it’s not clear from Joanna’s article what exactly has what information. Does your phone have information on who is there, just that it doesn’t present it to you? Or is it truly some advanced cryptographic trick where the phone can only deduce how many of a certain set of people are there?

But even if we could imagine a protocol that achieves that, what if your contact list contains one person? Then it’s not very private, is it?

Previously:

Those Obnoxious “Sign in With Google” Prompts

Marco Arment:

If I ran a website that supported Google-account login, I’d be pretty pissed at how they’re suddenly putting up an obnoxious overlay over my site’s layout.

Why is this not bothering more people? Does anyone give a shit about their websites anymore?

You can log in to prevent Google from blocking part of the page content, but then they’ll probably track you more. This has apparently been going on for almost a year now, but for some reason I rarely saw them. Lately, though, the overlays have been getting in my way multiple times per day.

Via Nick Heer:

I blocked these universally with my user stylesheet in Safari, and you can use a similar rule to mine in an ad blocker. StopTheMadness also hides this gross dialog.

user 1249812398:

I found the switch to disable the google pop-up sign-in prompt here:

  1. Go to “My Account” : “Security”
  2. Click on “See all connections” link in “Your connections to third party apps & services”
  3. Click on the gear at the top of the “Third party apps & services” page
  4. Disable the “Signing in with Google” prompt

This is surprisingly hard to find, and it didn’t work for me, maybe because I missed one of my accounts.

Previously:

StopTheMadness Pro

There have been a bunch of neat updates to this browser extension in the last year or so.

April:

[It’s] difficult to edit a long URL in the Safari address bar, especially on iPhone.

[…]

Select StopTheMadness from the menu. […] Tap the Edit Tab URL button. […] You can put the insertion point anywhere in the URL without having to struggle or scroll.

StopTheMadness Pro:

StopTheMadness Pro is a Universal Purchase: a single purchase in the App Store for iPhone, iPad, and Mac.

[…]

Automatic iCloud sync of StopTheMadness Pro settings between all of your devices

[…]

Presets: Easily assign the same specific website options to multiple websites

[…]

Hide Page Elements: New global list separate from the custom CSS option, so you can hide web page elements without creating new website options

Contextual menu item to Hide Page Elements (macOS)

It’s a big update, and I like the new icon.

December 15:

There are several reasons why StopTheMadness Pro was released without Chrome and Firefox extensions. First, StopTheMadness Pro now depends on extension native messaging for essential features such as settings and iCloud sync. (The use of native messaging for settings avoids some strict and unfortunate limitations on extension storage.) Safari extensions have built-in support for native messaging, because Safari extensions are distributed as part of native Mac and iOS apps. On the one hand, the native app requirement can be a burden on Safari extension developers, but on the other hand, automatic support for native messaging is a truly wonderful, powerful, game-changing feature. For Chrome and Firefox extensions, the developer must implement native messaging entirely from scratch, which is a lot of work, and it also requires an additional file installation in a location not accessible by sandboxed App Store apps.

StopTheMadness Pro 2:

URL redirect rules can now be made platform-specific. This is helpful if you sync your StopTheMadness settings via iCloud to all of your devices.

[…]

“Force link into a new tab” has been split into two options: “Force link into a new active tab” and “Force link into a new inactive tab”. This allows you to choose whether tabs will open in the foreground or the background.

December 27:

Since the App Store doesn’t support paid upgrades either, I decided to create app bundles so that previous customers could upgrade for a discount. There’s one bundle for the iOS App Store and one bundle for the Mac App Store. Ironically, you can bundle a Universal app with an iOS app in the iOS App Store, and you can bundle a Universal app with a Mac app in the Mac App Store, but you can’t bundle an iOS app with a Mac app[…]

[…]

I created two app bundles and submitted them for review before 7am. The reason I waited until Tuesday to create the upgrade app bundles is that App Store Connect doesn’t allow you to create an app bundle for an app that hasn’t yet been published to the App Store, not even if the app is Pending Developer Release […] Unfortunately, it turns out that you can’t request an expedited review for an app bundle. The list of app names doesn’t include the app bundles, and if you try to manually enter the app bundle name, the form doesn’t accept it. […] During those two days when StopTheMadness Pro was live in the App Store but the upgrade bundles were not, customers were already starting to notice StopTheMadness Pro, despite the fact that I hadn’t announced it yet. And those customers were very confused, because the approved App Store description of the app mentioned the upgrade bundles, yet the bundles were nowhere to be found in the App Store.

[…]

As far as purchases are concerned, the upgrade bundles have not gone as smoothly as I would have liked. My customers generally appreciate the existence of the bundles, but a number of them have contacted me, and continue to contact me, with technical issues regarding the bundle purchases. For example, the full price is shown rather than the upgrade price. The app is not available for download after the bundle is purchased. The App Store gives an error, “This item is temporarily unavailable.”

StopTheMadness Pro 3:

First, the website option “Show native media controls” has been split into two options, “Show native audio controls” and “Show native video controls”, so that you can set them separately. Second, there’s a new website option, “Protect history”. This option stops websites from using the History.pushState and History.replaceState API to manipulate the browser history and address bar. Did you know that websites can literally rewrite history? If going back a page has ever taken you somewhere that you’ve never been and never wanted to be, you were likely experiencing a (mis)use of the History API.

StopTheMadness Pro 5:

Before I talk about the new Chrome and Firefox extensions, I want to mention that StopTheMadness Pro 5.0 includes a bunch of other improvements and fixes. The extension popup window in Mobile Safari finally supports Dynamic Type! In both Mobile and Desktop Safari there’s a new website option, Protect text replacements, which prevents text fields from disabling text replacements.

[…]

There were two major downsides to migrating the StopTheMadness Chrome extension away from Manifest Version 2. The first downside is that Manifest V3 removes the ability of Chrome extensions to add custom HTML <script> elements to the web page. […] The second major downside of Manifest V3 is that it’s still very buggy.

StopTheMadness Pro 5.1:

This update includes a number of fixes and improvements, especially related to web video, as well as a new website option, Protect control-key shortcuts, parallel to the website options Protect command-key shortcuts and Protect option-key shortcuts.

[…]

StopTheMadness Pro settings are stored separately for each Chromium browser.

Previously:

Thursday, March 28, 2024

Facebook’s Project Ghostbusters

Lorenzo Franceschi-Bicchierai (tweet, via Nick Heer):

In 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers. The goal was to understand users’ behavior and help Facebook compete with Snapchat, according to newly unsealed court documents. Facebook called this “Project Ghostbusters,” in a clear reference to Snapchat’s ghost-like logo.

[…]

The document includes internal Facebook emails discussing the project.

“Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them,” Meta chief executive Mark Zuckerberg wrote in an email dated June 9, 2016, which was published as part of the lawsuit. “Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them. Perhaps we need to do panels or write custom software. You should figure out how to do this.”

Facebook’s engineers solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. In 2019, Facebook shut down Onavo after a TechCrunch investigation revealed that Facebook had been secretly paying teenagers to use Onavo so the company could access all of their web activity.

[…]

Later, according to the court documents, Facebook expanded the program to Amazon and YouTube.

Jason Kint (PDF):

Yellow highlight indicates redactions just lifted in nine unsealed plaintiffs briefs in private antitrust lawsuit. Wild stuff.

[…]

You can read the press back in Jan 2019 spoon fed by Facebook PR to friendlies with no mentions of decrypting SSL then compare to this internal email below sent to Facebook’s most senior executives - “currently includes SSL decryption”…

[…]

court also unsealed (in yellow) a brief re: Netflix whose CEO sat on Facebook’s board. The lawsuit allegations are Netflix was one of the companies where Facebook backed off competing in exchange for data to boost its ad targeting signals.

Jesse Squires:

When I worked at Instagram/FB, I routinely saw presentations with data harvested from the Onavo “VPN”.

I remember asking “how do we know this user data about YouTube and SnapChat?”

The answer: “Onavo.”

I still don’t know how this wasn’t illegal and anti-competitive. Surely it was.

Previously:

Update (2024-03-29): Karl Bode:

Fast forward to 2020, when Facebook users Sarah Grabert and Maximilian Klein filed a class action lawsuit against Facebook for spying on users and lying about it. And here we are; maybe Facebook will see accountability, maybe not. It’s a dice roll in a country that doesn’t take consumer privacy seriously.

Scharon Harding (Hacker News):

As spotted via Gizmodo, a letter was filed on April 14 in relation to a class-action antitrust suit that was filed by Meta customers, accusing Meta of anti-competitive practices that harm social media competition and consumers. The letter, made public Saturday, asks a court to have Reed Hastings, Netflix’s founder and former CEO, respond to a subpoena for documents that plaintiffs claim are relevant to the case. The original complaint filed in December 2020 [PDF] doesn’t mention Netflix beyond stating that Facebook “secretly signed Whitelist and Data sharing agreements” with Netflix, along with “dozens” of other third-party app developers. The case is still ongoing.

The letter alleges that Netflix’s relationship with Facebook was remarkably strong due to the former’s ad spend with the latter and that Hastings directed “negotiations to end competition in streaming video” from Facebook.

One of the first questions that may come to mind is why a company like Facebook would allow Netflix to influence such a major business decision. The litigation claims the companies formed a lucrative business relationship that included Facebook allegedly giving Netflix access to Facebook users’ private messages[…]

Update (2024-04-01): Matthew Green:

This thing Facebook did — running an MITM on Snapchat and other competitors’ TLS connections via their Onavo VPN — is so deeply messed up and evil that it completely changes my perspective on what that company is willing to do to its users.

John Gruber:

In 2018 Apple removed Onavo from the App Store, but the fact that Facebook was using Onavo in this way was known a year earlier.

See also: Internal Tech Emails, Hacker News.

Giving Up on Siri and HomePod

Jim Dalrymple:

Siri has done what no person could for 30 years: Make me stop using an Apple product.

I am giving up on my 8 HomePods/minis out of the sheer frustration of trying to use Siri.

I’ve been in tech for 30 years and this is one of the worst technologies ever and only getting worse

The Dalrymple Report:

We also talk about my continued frustration with Siri and why I’m so upset with Apple.

Storm Garelli:

When the HomePods were first launched, Apple said the onboard Siri had deep knowledge of music.

5 years later it still pronounces live albums as if “live” rhymes with “give”. And it still thinks Rush had an album called “Two Thousand, One Hundred, and Twelve”.

Most basically, it just doesn’t work very well for requesting music, even for purchases that it actually has access to.

Christian Selig:

While I’m complaining about Siri devices, it still blows my mind that HomePod, a product that has existed for over half a decade and is marketed as a speaker for your Mac, cannot pause audio in Apple’s own apps without a 5 second delay

Josh Johnson:

I honestly think Apple should kill the Siri brand. I’m not sure it can recover from the universal understanding that it’s just not good. Launch an LLM-powered assistant that actually does things, call it something else. Let Siri die.

Ty Belisle:

Man, you’re right. I’ve thought they should make a very bold “Siri 2.0” announcement, but it’s true the name Siri is so spoiled that they should ditch it. Would also allow them to come up with a new 3-syllable name (like “Alexa” - less accidental triggers, but still one word).

Previously:

Update (2024-03-29): Craig Grannell:

You know Apple has a tech problem when your 9yo is complaining about the HomePod you bought to replace a first gen Echo. (She’s unhappy how Siri “isn’t fun”, “doesn’t give you good answers” and that it is triggered far too often when you’re just talking. I’m also deeply unimpressed with it from a playback standpoint. Takes far too long to respond to devices.

Nick Heer:

Of course, that is not what Siri is tripped-up by — it transcribes me perfectly most of the time. But it delivers utter nonsense.

Sometimes, after I ask Siri to reply to a message, it will ask which contact details to use instead of just sending the message to the phone number or email address from which it came. Just now, I asked Siri how much three tablespoons of butter weighs, and it responded in litres. This is basic shit.

[…]

Something I cannot help but wonder is whether Siri would still be so bad if users could pick something else. That goes for any platform and any product, by the way — what if you could pick Google’s assistant on an Amazon device, or Siri on a Google device? I am not suggesting this is how it ought to be. But what if these voice assistants actually had to compete with each other directly instead of in the context of the products in which they are sold? Would that inspire more rapid development, higher quality, and more confidence from users?

John Gruber:

First impressions really matter, but in Siri’s case, it’s over a decade of lived experience. If I were at Apple and believed the company finally had a good voice assistant experience, I’d push for a new brand.

See also: The iPhoneography Podcast and The Dalrymple Report.

Update (2024-04-01): Mike Rockwell:

To add my two cents, I’ve disabled “Hey Siri” on every device in the house. I didn’t really find myself triggering it accidentally often, but any number of false positives is enough to be annoying.

Update (2024-04-11): Jim Dalrymple:

So I was one of the morons that bought into the “you can use HomePods for your home theater” bullshit. Now I’m stuck with HomePods in my home theater.

Siri Regressions in iOS 17

For many years, I’ve been saying “Hey Siri, remember to x” to create reminders on my iPhone (to be transferred to OmniFocus). Sometimes it would have trouble with the “x,” but it would always create a reminder. Now, this only works some of the time: sometimes it creates a reminder, but sometimes it creates a note. I have not seen any other documentation of this change, and what’s especially strange is that the behavior is not consistent. I can say the exact same thing twice in a row and end up with one reminder and one note. I tried to look up how Apple intends it to work and found only this:

You can ask Siri to schedule a reminder for you on your iOS device or your Apple Watch. Here are a few examples:

  • “Remind me to feed the dog every day at 7:30 a.m.”
  • “Remind me when I get home to check the mail.”
  • “Remind me when I leave here to stop by the grocery store.”
  • “Remind me tomorrow at 3:00 p.m. to call Tara.”

Indeed, “remind me” seems to always create a reminder. I’m trying to switch, but it’s taking a while for me to get used to saying that. But what happened to “remember to”? I don’t see any documentation from Apple about that. The notes documentation only mentions “Start a new note”. There are lots of third-party sites confirming my memory that “Remember to” used to create reminders.

I don’t like “Remind me” because, for many short reminders, “Remind me x” or “Remind me to x” sounds ungrammatical.

“Remember” is also problematic in that sometimes if I tell it to remember a podcast (meaning that I want a reminder to listen to that podcast) it will tell me that it has subscribed me to the podcast—only it did not actually do so in either Overcast or in Apple Podcasts.

Even with “Remind me,” Siri has the same old problems:

Alan Jacobs:

A significant change in Siri dictation over the past few months: commas. Commas that I don’t ask for. Lots and lots of commas. This has made dictation effectively unusable for me, and I wonder whether it’s time for me to start looking for a different phone.

meowkoteeq:

for years i used to say “balcony” or “dining table light” to Siri, and it would just toggle the lights.

a few weeks ago it forgot how to do that. now it always confirms “do i turn it on or off?”. it’s literally getting more and more stupid

Joseph Bella:

It is astounding how bad it is. Even things that used to work fine like asking Siri to send a text message now don’t seem to work consistently anymore. Sometimes she asks me if I want to use the phone number or email, and other times it just tries to call the person. Sigh.

Previously:

Update (2024-03-29): Dave B.:

I encountered a weird bug with Siri the other day that I couldn’t help but wonder if it was the result of LLM testing.

[…]

How would it get 555 Easy Street? That’s conflating the data from two separate fields in the contact. That is not a normal Siri screw-up, as all the info is coded into the contact and I’ve never had an issue.

With this, it almost felt like Siri’s mapping directions tried to use an LLM to read the contact and comprehend the destination (and mess up in the process), rather than simply pulling the data from the relevant field.

Damien Petrilli:

Siri is one of the obvious case of Apple monopoly abuse. No way they would have been able to keep it in that state for so long if you could change the assistant system wise.

Wednesday, March 27, 2024

“MFA Bombing” Attacks Targeting Apple Users

Brian Krebs (MacRumors, Hacker News):

Several Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple’s password reset feature. In this scenario, a target’s Apple devices are forced to display dozens of system-level prompts that prevent the devices from being used until the recipient responds “Allow” or “Don’t Allow” to each prompt. Assuming the user manages not to fat-finger the wrong button on the umpteenth password reset request, the scammers will then call the victim while spoofing Apple support in the caller ID, saying the user’s account is under attack and that Apple support needs to “verify” a one-time code.

[…]

Some people confronted with such a deluge may eventually click “Allow” to the incessant password reset prompts — just so they can use their phone again. Others may inadvertently approve one of these prompts, which will also appear on a user’s Apple watch if they have one.

[…]

“I pick up the phone and I’m super suspicious,” Patel recalled. “So I ask them if they can verify some information about me, and after hearing some aggressive typing on his end he gives me all this information about me and it’s totally accurate.”

[…]

KrebsOnSecurity tested Ken’s experience, and can confirm that enabling a recovery key does nothing to stop a password reset prompt from being sent to associated Apple devices.

I wonder why this isn’t rate limited.

Previously:

1Password.co Tracking Links

Cabel Sasser:

PSA: 1Password uses “1Password.co” for email links — instead of their usual “1Password.com” domain.

Craig Hockenberry:

So the “phishing link” with the .co domain was a valid link and documented as such.

But I still find it inexcusable.

That link caused 30 minutes of complete panic. I know enough about how phishing works to know how absolutely fucked I’d be if that link hadn’t just been to track my click in the email.

Which brings up another question: why is a company I pay to protect my private information using tracking links in the emails it sends me?

Cabel Sasser:

Craig isn’t an idiot; it 100% feels like phishing. If you ask me, tracking link clicks and opens in emails is simply not worth the potential freak-out when you think you’ve been phished[…]

Sam Schmitt:

Another way of looking at this: [it’s] best practice to use a different domain for stuff like this. If the marketing tool gets compromised, you don’t want it to have the ability to send actual phishing domains on the real domain. You’ll see it with other stuff, like Microsoft logins being on “microsoftonline.com”. I agree it does mean you do some double takes.

Hex Batch:

best practice is using subdomains and not cousin domains.

Troy Hunt:

What makes this situation so ridiculous is that while we’re all watching for scammers attempting to imitate legitimate organisations, FedEx is out there imitating scammers! Here we are in the era of burgeoning AI-driven scams that are becoming increasingly hard for humans to identify, and FedEx is like “here, hold my beer” as they one-up the scammers at their own game and do a perfect job of being completely indistinguishable from them.

Previously:

Noncopyable Generics Walkthrough

Ben Cohen:

Non-copyable generics aren’t for every-day code – but we’ve put a lot of care into making them stay out of your way until you need them, and then keeping them usable once you do. They will allow libraries to unlock more performance and safety for end users.

[…]

To help tie all these pieces together, I wrote up some code that uses all these proposals in order to build a basic singly-linked list type.

[…]

This is a struct that opts out of the default Copyable conformance via : ~Copyable. This allows it to have a deinit, like a class. This type uses no reference counting to know when to destroy the box. The type cannot be copied, so when it goes out of scope, the deinit is called by the compiler.

[…]

The generic placeholder Wrapped, which can stand in for the type of anything you want to put in the box, is also marked ~Copyable. This means that the Box type cannot make any copies of its wrapped type. […] What this ~Copyable annotation means is just that the Box type doesn’t know if the type it holds is copyable, which means it can safely hold both copyable and non-copyable types.

[…]

Sequence, and therefore for…in, does not yet support non-copyable types. Sequence could be made to support it today by marking the protocol up as ~Copyable and having makeIterator() be consuming. However this is probably not desirable. Mostly, you want iteration to be a borrowing operation. Accomplishing this needs more language features.

Previously:

Tuesday, March 26, 2024

Canva Acquires Affinity/Serif

Jess Weatherbed (Hacker News, MacRumors, Mac Power Users):

Web-based design platform Canva has acquired the Affinity creative software suite, positioning itself as a challenger to Adobe’s grip over the digital design industry. Canva announced the deal on Tuesday, which gives the company ownership over Affinity Designer, Photo, and Publisher — three popular creative applications for Windows, Mac, and iPad that provide similar features to Adobe’s Illustrator, Photoshop, and InDesign software, respectively.

Official figures for the deal have not been revealed, but Bloomberg reports that it’s valued at “several hundred million [British] pounds.” Nevertheless, the acquisition makes sense as the Australian-based company tries to attract more creative professionals. As of January this year, Canva’s design platform attracted around 170 million monthly global users. That’s a lot of people who probably aren’t using equivalent Adobe software like Express, but unlike Adobe, Canva doesn’t have its own design applications that target creative professionals like illustrators, photographers, and video editors.

Olivia Poh (via Hacker News):

It’s the biggest outlay yet by Australia’s most valuable startup, priced at $26 billion in its latest share sale, and marks a milestone in the expansion of its range of professional tools.

Affinity (Mastodon, PR, forum, 2):

None of that changes today.

In Canva, we’ve found a kindred spirit who can help us take Affinity to new levels. Their extra resources will mean we can deliver much more, much faster. Beyond that, we can forge new horizons for Affinity products, opening up a world of possibilities which previously would never have been achievable.

[…]

There are no changes to our current pricing model planned at this time, with all our apps still available as a one-off purchase. Existing Affinity users will be able to continue to use your apps in perpetuity as they were originally purchased – with plenty of free updates to V2 still to look forward to!

Canva:

Trusted by more than three million creative professionals across the globe, Affinity’s award-winning suite of professional design software has become a sought-after solution for everything from photo editing to complex graphic and vector design. Together, we’re setting our sights on empowering every kind of team and organization to achieve their goals.

[…]

While our last decade at Canva has focused heavily on the 99% of knowledge workers without design training, truly empowering the world to design includes empowering professional designers too. By joining forces with Affinity, we’re excited to unlock the full spectrum of designers at every level and stage of the design journey.

Nick Bonyhady:

Canva has made its largest acquisition to date, likely spending more than $1 billion to buy professional design software company Serif to compete directly with Adobe as its prepares a long run at going public.

Craig Grannell (Mastodon):

Although the press has in recent years often positioned Serif as a kind of scrappy underdog newcomer, the company has a long history. It was founded in 1987, which makes it only five years younger than Adobe. Most of its recent history has been tied up in becoming a direct competitor to Adobe – and also a direct competitor to Adobe’s business model. Through its Affinity suite, Serif offered an alternative: buy-once apps rather than subscriptions. And although I can’t imagine Serif makes anything other than a minority of its sales on iPad, the company’s superb Affinity apps for Apple’s tablet – compared to Adobe’s comparatively stumbling efforts – haven’t hurt the company’s reputation any.

[…]

Version 3 of the Affinity suite will probably be the moment we’ll know. You can already picture a press release stating that Canva has made the “difficult decision” to move Affinity apps to subscriptions, and a “hard choice” to move development from Nottingham to Canva HQ in Australia. I hope this won’t be the case, but we’ve seen this scenario play out so many times before.

Rui Carmo:

The Affinity suite is (for the moment) good quality native Mac software that does not rely on cloud features nor has a subscription model.

As much as their FAQ claims that will not change, I think we’ve all seen this before–in short, I don’t trust Canva one whit and fully expect to revisit this post in a year when Serif/Affinity breaks one of those three tenets above and forces me to move away from their software.

Christina Warren:

I’m selfishly sad to see Canva acquire Affinity b/c I know it will the end to our cheap perpetually-licensed design tools for Mac/Windows/iOS, however, this is a really smart move from Canva who makes an excellent web-based design tool for normies.

Previously:

Affinity (2022, via John Gruber):

Ain’t nobody acquiring us 😎

Update (2024-03-27): See also: TidBITS-Talk.

Update (2024-03-28): Scharon Harding (via Craig Grannell):

“Perpetual licenses will always be offered, and we will always price Affinity fairly and affordably,” an announcement today from Canva and Affinity said.

If Canva ever decides to sell Affinity as a subscription, perpetual licensing will remain available, Canva said, adding: “This fits with enabling Canva users to start adopting Affinity. It could also allow us to offer Affinity users a way to scale their workflows using Canva as a platform to share and collaborate on their Affinity assets, if they choose to.”

Rui Carmo:

Wow, Affinity and canva are really trying to do damage control here, but the reality is nobody believes that existing customers won’t be coaxed into a subscription service or cloud features they don’t need. We can blame Adobe for poisoning the well, I guess.

Update (2024-04-02): Adam Engst:

The match is a good one. The Affinity suite provides significantly more layout power than Canva’s browser-based tools, but Canva offers cloud and collaboration capabilities that are missing from the Affinity apps. I have long maintained that collaboration tools will win out over other features in the mass market because most modern projects involve multiple people. That’s why I do all my writing in Google Docs instead of the more powerful Nisus Writer Pro or BBEdit.

[…]

With luck, Canva will make good on all these promises and provide designers of all levels with an even more compelling alternative to Adobe’s Creative Cloud. Perhaps that, in turn, will spur Adobe to develop innovative new features and offer solutions to those for whom Creative Cloud is overkill.

Previously:

DMA Non-Compliance Investigations

European Commission (via Hacker News, MacRumors):

Today, the Commission has opened non-compliance investigations under the Digital Markets Act (DMA) into Alphabet’s rules on steering in Google Play and self-preferencing on Google Search, Apple’s rules on steering in the App Store and the choice screen for Safari and Meta’s “pay or consent model”.

The Commission suspects that the measures put in place by these gatekeepers fall short of effective compliance of their obligations under the DMA.

[…]

The Commission has opened proceedings against Apple regarding their measures to comply with obligations to (i) enable end users to easily uninstall any software applications on iOS, (ii) easily change default settings on iOS and (iii) prompt users with choice screens which must effectively and easily allow them to select an alternative default service, such as a browser or search engine on their iPhones.

The Commission is concerned that Apple’s measures, including the design of the web browser choice screen, may be preventing users from truly exercising their choice of services within the Apple ecosystem, in contravention of Article 6(3) of the DMA.

[…]

Apple’s new fee structure and other terms and conditions for alternative app stores and distribution of apps from the web (sideloading) may be defeating the purpose of its obligations under Article 6(4) of the DMA.

John Gruber:

You could have set your watch by this announcement dropping the week after the EC held compliance “workshops”. There was no way any of these companies weren’t going to be “investigated” and I doubt there’s any way they won’t eventually get fined. Whether any of them will ever need to pay those fines, that I wouldn’t bet on.

[…]

But most of the built-in apps in iOS can be removed from your iPhone the exact same way you delete apps from the App Store. There’s a handful that can’t, among them: Settings, Camera, Photos, App Store, Phone, Messages, and Safari. You can remove those apps from your Home Screen, but they remain in your App Library. If the EC is really going to investigate Apple over removing default apps, I presume they’re thinking that Safari, in particular, needs to be deletable, because making it un-deletable is a form of preferencing? It’s all guess work. I further suppose they might want the App Store app to be deletable, but that’s a problem because it’s through the App Store that a user can re-install built-in apps they’ve previously deleted.

[…]

There’s no mechanism for a new browser that was never in the App Store to be included in the choice screen until a year after it becomes popular enough — via sideloading or distribution through alternative app marketplaces — to make the list. But DMA article 6(3) doesn’t actually say that.

Ben Lovejoy:

If that investigation confirms that Apple failed to comply with the antitrust law, then the iPhone maker could be fined up to 10% of its worldwide turnover – increasing to 20% for repeat infringements …

[…]

Such investigations take time, but in this case the stated goal is to complete it in less than a year – which is lightning speed by the usual standard.

That won’t be the end of matters, however. If the EU does find Apple non-compliant, the Cupertino company will appeal the ruling, and we will then be set for literally years of court battles as the case works its way up the court hierarchy.

John Gruber:

A few readers have asked about my speculation that Apple, along with the other DMA-designated gatekeepers (none of which are European companies of course), might reasonably pull out of the relatively small EU market rather than risk facing disproportionately large fines from the European Commission.

[…]

So EU member states account for only 25–30 percent of Apple’s revenue from “Europe”, and just 7 percent globally. 7 percent is significant, to be sure, and in addition to users, there are of course many iOS and Mac developers in EU countries. I really don’t know what Apple pulling out of the EU would even look like, but it would be ugly.

Previously:

Update (2024-03-28): John Gruber:

Kara Swisher Interviews Margrethe Vestager

Update (2024-04-01): John Gruber (Mastodon):

The word absolute was a transcription error, however. Listen to the published recording of the call, and it’s clear that what Maestri actually said was specifically in answer to the question: “Just to keep it in context, the changes apply to the EU market, which represents roughly 7% of our global App Store revenue.”

[…]

I struggle to come up with any explanation for why the EU might account for only 7 percent of App Store revenue but significantly more (or less) of Apple’s overall revenue.

Movie Piracy App Tops App Store Charts

Joshua Long:

On Tuesday, [March] 12, a researcher named Kedsayahm noticed that an app that featured pirated TV shows and movies was quickly climbing the charts in the App Store. The app was already #1 in the Entertainment category in Egypt at the time, and in the top 10 for Entertainment in at least three other countries: Saudi Arabia, Italy, and Germany. It was also #21 in the Entertainment category in the United States, and #170 in the Top Free in the U.S. as well.

[…]

By [March] 14, the app had reached astounding highs: #2 in the Entertainment category in the U.S., and #18 in the overall Top Free list in the U.S., in the iOS App Store. This is especially surprising considering that the app’s name, tagline, icon, and screenshots were all in Arabic—even in the English-language U.S. App Store.

[…]

But another concerning aspect of the story is that the app included in-app purchases: $5.99 to supposedly remove ads (no ads were visible in the researcher’s screen recording), and 99¢ to “tip” the developer.

[…]

Also last week, there was yet another fake cryptocurrency app in the App Store. It seems to have first been reported on publicly on May 11, a day before the piracy app was called out. This app used the logo and name of PancakeSwap, a decentralized finance (DeFi) site that doesn’t have an official app.

Luc Vandal:

In today’s “App Review is Clearly Fucked Up” news, it is now considered manipulating reviews to ask for them in the What’s new section? 🤦‍♂️

And no, Screens doesn’t manipulate reviews; it follows the approved method of requesting reviews from users.

I also don’t like that they imply that we manipulate reviews. Please concentrate on actual scammers, Apple, not legit developers that have been on the App Store since its inception.

skarh:

Got a notice two weeks ago that my app would be removed due to some screenshots that weren’t in compliance with the guidelines. Have since then uploaded a new version with screenshots that are in compliance with the guidelines, but the reviewer still decided to reject based on the same guideline.

Wrote a reply to the reviewer 24 hours ago (10 min after the rejection), explaining that the screenshots are in compliance, but still has not gotten a reply. And today the app was removed from sale. How long should one have to wait for a reply from the reviewer?

Have filed an appeal. but that usually takes days, and even weeks. So my app will lose all momentum on the charts!

Previously:

Update (2024-03-29): BenedictC:

I recently had a free app rejected for falling foul of clause 5.1.1. 5.1.1 has 10 subclauses. There was a lot of back and forth and a trip to the review panel. I plead numerous times for them to give more details and every time they just restated it was a problem with clause 5.1.1. Utter waste of my time and shows the lack of respect Apple have towards developers.

Khaos Tian:

The reviewer is insisting something is not allowed when the prior submission was explicitly approved by review board 🫠 There is really no punishment for reviewer rejecting for the wrong reason I guess…

How to Recover macOS Recovery

Howard Oakley:

Rarely, the Recovery volume becomes deleted, or the secure disk image it should contain gets removed. Unfortunately the only means of restoring it is to perform a macOS update, and even then some Macs seem unable to recover Recovery without the boot volume group being deleted and installed from scratch, best performed when booted from an external disk. Unfortunately, on Intel Macs with T2 chips, you might need to enable that using Startup Security Utility, which is, of course, only available in Recovery. You may now scream if you like.

[…]

When the Paired Recovery system on an Apple silicon Mac is updated in a macOS update, the Recovery system from that should be copied to the Recovery volume on one of its two hidden containers, named Apple_APFS_Recovery. In the past, that process has been unreliable, but Apple has improved that, and your Mac should now have a good chance that Fallback Recovery is available. Apart from Fallback Recovery being older than your current version of macOS, it also doesn’t offer the Startup Security Utility, so can’t be used to change Secure Boot settings, its major disadvantage.

[…]

If neither Paired nor Fallback Recovery are available, the best way to restore them for an Apple silicon Mac is to put that Mac into DFU mode, connect it to another recent Mac using a USB-C charging cable (not a Thunderbolt cable, which won’t work), then run Apple Configurator 2 on the other Mac. In that, download the current IPSW image and use that to refresh the ailing Mac’s firmware.

Previously:

Monday, March 25, 2024

Digital Wallets and the “Only Apple Pay Does This” Mythology

Matt Birchler:

The FPAN is the “funding primary account number” and it’s the 15-18 digit number printed on your physical card. The DPAN is your “device primary account number”.

[…]

It’s notable that it’s called a DPAN and not “the Apple Pay number” – it’s a generic term, and that’s because this is a standard feature of digital wallets everywhere, not just Apple Pay. Google Pay and Samsung Pay are the biggest other digital wallets in the U.S. and they both do exactly the same thing. While it’s not technically using a DPAN since the payment runs through different companies, Amazon Pay and Shop Pay buttons also obscure the actual FPAN (full card number) from merchants.

[…]

The DPAN is always the same for subsequent transactions at the same merchant. So yes, while this can hinder data brokers from easily buying transaction data from a bunch of different merchants and figuring out shopping trends across those merchants, it does nothing to stop a single merchant from seeing your transaction history with just the DPAN provided by Apple Pay.

[…]

There’s also an idea I see sometimes […] that Apple Pay obscures your personal information. That’s simply not true.

Previously:

Update (2024-03-28): See also: Hacker News.

iPulse for iOS

Craig Hockenberry (Mastodon):

An app that can monitor your device is a great thing to have when you need it, but can get in the way when you don’t. On iOS we solved this problem by using Picture in Picture technology.

[…]

iPulse for iOS/iPadOS literally creates a movie of what’s going on inside your device and updates it every second. You can resize the display to fit well on your screen, or slide it out of the way completely.

[…]

iPulse also provides an alternate view of your storage: the display you’re used to seeing in Settings > General > Storage does not include cached data used by iCloud and other apps. iPulse shows how much actual space is being used.

Craig Hockenberry:

We show actual bytes used on the media, Apple only shows stuff that can’t be jettisoned. And everyone asks about the discrepancy because they have no idea why it would be different. Neither did I at first!

But knowing the true status can be important because reclaiming space can be a bottleneck for all kinds of things.

Craig Hockenberry:

Here we have devices that are equal in power to their Mac counterparts and they have to make noise in order to run in the background. What. The. Actual. Fuck.

Previously:

macOS 13.6.6

Apple (full installer):

This document describes the security content of macOS Ventura 13.6.6.

There does not seem to be an update for Monterey.

Previously:

Update (2024-04-01): Lloyd Chambers:

macOS Ventura update 13.6.6 update destroyedremoved all (but one) of my Favorites in the [Finder] sidebar.

This has been happening to me for years, but it doesn’t seem to be related to installing an update.

macOS 14.4.1

Juli Clover (release notes, security, developer, enterprise, full installer, IPSW):

According to Apple’s release notes, the macOS Sonoma 14.4.1 update fixes an issue that could cause USB hubs connected to external displays not to be recognized. It also addresses an issue that could cause apps with Java to quit unexpectedly, and it fixes an issue that could cause Audio Unit plug-ins for professional music apps not to open.

macOS 14.4 was an unusually bad update that perhaps should have been pulled, but it’s good to see reasonably quick fixes. The release notes do not mention a fix for the iCloud Drive versions data loss bug. It does include the security fixes from last week’s iOS 17.4.1 and iPadOS 17.4.1, which didn’t have a corresponding macOS update.

Hopefully an Xcode update is on the way, too.

See also: Howard Oakley and Mr. Macintsoh.

Previously:

Update (2024-03-26): Mario Guzmán:

So can they just not be bothered with adding release notes anymore?

Also minimalism/clean UI is just awful. They’ve reduced it so much that this view just looks like its still in development and there is so much duplicate info.

Howard Oakley:

This Sonoma update also fixes the bug that stripped saved versions from files in iCloud Drive that had been evicted. I have now tested this on three different Macs (Intel T2 and Apple silicon) and confirmed that handling of saved versions in 14.4.1 has now returned to that expected.

Barry Collins (via Ric Ford):

Although the patch does appear to have fixed those issues for some customers, others are now complaining of fresh problems.

On Reddit, Mac owners are reporting that the update has effectively bricked their Mac. “I installed 14.4.1 on my M1 Mac mini and the opening screen is all I get. No login. I’ve tried restarting and starting in recovery mode, to no avail.” Another Mac owner reports seeing the same problem in the Reddit thread.

[…]

Others are seeing ongoing problems with hubs, which the patch was designed to fix.

For example, one Mac owner claims that a Thunderbolt 4 dock that was working normally in macOS 14.4 stopped working once the 14.4.1 update was applied.

[…]

Others are discovering fresh problems that seem to have resulted from this update. “I just updated while at work and I was connected to an external monitor,” writes a MacBook Pro owner on MacRumors.com. “Now after the update it no longer recognizes the external monitor.”

Update (2024-04-01): Howard Oakley:

Two of the serious bugs fixed in macOS 14.4.1 last week were completely unexpected, and only discovered by chance. Here I’ll explain how one of them came to light, and what had gone wrong.

Friday, March 22, 2024

_eventFirstResponderChainDescription

Stephan Casas:

AppKit includes a private category on NSApplication that adds _eventFirstResponderChainDescription — a string describing the current responder chain. This can be a really useful debugging tool!

When your views aren’t handling input events in the way you’d expect, consider dropping this extension into your project to see what’s what[…]

Update (2024-03-25): You can also set the _NS_4445425547 user default to see a Cocoa debug menu. I tend to just leave this enabled in my apps.

Update (2024-04-11): Antoine:

Today’s Darwin crazy hidden debugging tool of the day: iOS has a built in HUD for showing performance statistics like FPS, frame duration etc. […] This HUD can be activated by calling the private CARenderServerSetDebugOption function

See also: Marcin Krzyzanowski.

Apple Manuals, Specs, and Downloads

John Voorhees (Mastodon):

Apple has consolidated documentation for its products, including manuals, technical specifications, and downloads on a new webpage that was first discovered by the Japanese-language website Mac Otakara and reported on this morning by MacRumors.

Update (2024-03-25): Ric Ford:

Apple has a completely unrelated web page for information about downloading macOS.

Epic Challenges External Link Rules and Commission

Jon Brodkin (Hacker News):

Epic Games yesterday urged a federal court to sanction Apple for alleged violations of an injunction that imposed restrictions on the iOS App Store. Epic cited a 27 percent commission charged by Apple on purchases completed outside the usual in-app payment system and other limits imposed on developers.

“Apple is in blatant violation of this Court’s injunction,” Epic wrote in a filing in US District Court for the Northern District of California. “Its new App Store policies continue to impose prohibitions on developers that this Court found unlawful and enjoined. Moreover, Apple’s new policies introduce new restrictions and burdens that frustrate and effectively nullify the relief the Court ordered.”

[…]

Apple said the charge “complies with the Injunction’s plain terms” and is “consistent with the Court’s rationale for upholding Apple’s other App Store policies.”

[…]

Epic argues that “Apple’s new scheme so pervasively taxes, regulates, restricts and burdens in-app links directing users to alternative purchasing mechanisms on a developer’s website (‘External Links’ or ‘Links’) as to make them entirely useless. Moreover, Apple continues to completely prohibit the use of ‘buttons… or other calls to action’ in direct contravention of this Court’s Injunction.”

Juli Clover:

Meta, Microsoft, X, and Match today joined Epic Games to protest the way Apple complied with a court ruling requiring it to walk back its anti-steering rules. In an amicus brief in support of Epic Games (via The Wall Street Journal), the four companies said that the fees Apple is charging are too high, and that there are too many restrictions on how developers link to their websites. “The Apple Plan comports with neither the letter nor the spirit of this Court’s mandate,” reads the brief.

Previously: