Thursday, April 18, 2019 [Tweets] [Favorites]

Origins of the Apple Human Interface

Riccardo Mori (tweet):

Recently, the Computer History Museum has uploaded on its YouTube channel a lecture called Origins of the Apple human interface, delivered by Larry Tesler and Chris Espinosa. The lecture was held at the Computer History Museum in Mountain View, California, on October 28, 1997.

Being extremely interested in the subject myself, and seeing how apparently little thought is being given today to the subject, I wanted to quote a few selected excerpts from the talk, just to show what kind of hard work creating a user interface was back in the day when the Apple Lisa was being developed. It turns out that isolating this or that bit was futile, as the whole talk is made up of such cohesive, engrossing discourse. So I chose to transcribe it almost entirely, and add a few personal remarks here and there. I hope this turns out to be as interesting to you as it was to me.

I recommend watching the whole video. Mori’s transcription is a great companion that includes better images of the screen and context from a modern perspective.

A few parts I want to highlight:

[Larry Tesler is saying that at this stage of development of the Lisa interface, when you clicked on, e.g., the upward‐facing arrow, the content would move upwards too, in the same way “Natural scroll direction” works since its introduction in Mac OS X 10.7 Lion.[…]]


So we made a decision that had nothing to do with ease of use, nothing to do with ease of learning, nothing to do with error rates. It wasn’t a human factor’s decision at all in the traditional sense. It was a decision based on what customers liked.


And what I found was that the way we taught it made a lot of difference. You could take the same user interface and teach it in a different way, and people would get confused; or understand it; or make more mistakes; or fewer mistakes. And terminology made a difference also, so we then started a terminology project that Ellen Nold ran, which ended up with the FILE menu, the EDIT menu, etc., as you know today, and all the various commands that were in them. You know, choosing all the words for everything.


I remember very very very clearly that one of the massive controversies around the development for the Macintosh circa 1982–1983 was [that] developers would come up to us and say, You know, if you make the user interface consistent and if you put all that software in ROM that makes it— you know, if you make it hard to write to the screen directly, so that we have to use your user interface software to talk to the user, how are we ever going to make our applications unique and stand out and be different from each other in the marketplace?


[…]and so there’s constantly the dilemma (which you’ve seen historically in Mac system software) that the expert users want to put in the features they want to use, but the people who want to keep this system pure for the novices want to resist those

And if you’re lucky, you get a system that is easy to approach for the novice, and gradually unfolds itself for the expert. And if you’re unlucky, you get a lukewarm mediocrity between the two, where it’s a little too complex for the beginning user to understand, but still not nearly powerful enough for the expert user.

[I think this is a perfect snapshot of the current situation with iOS.]

Google Decides to Monetize Maps

Bloomberg News (via Hacker News):

Schindler’s response showed that Google isn’t waiting anymore. He sliced the opportunity in four areas. Basic directions are a “utility” that can’t be messed with much. Second are requests for things nearby; followed by broader, personalized recommendations; and finally, searching neighborhood business listings.

“If you think about Maps monetization from those four different angles—a little bit more caution obviously on the first one, not disrupting the utility aspect, and all the other three—I think it’s a really, really interesting playground going forward,” Schindler said.


For the last two years, Google has also tested “promoted pins,” waypoints emblazoned with an advertiser’s brand that show up on the map regardless of whether or not the user searched for that business. McDonald’s, Dunkin’ and Michael Kors are among adopters.


Before the changes, Owczarek’s startup got 750,000 free map views a month and then was charged 50 cents for every 1,000 views on top of that. Then Google started charging after 30,000 views and the cost was $7 per 1,000 views. His costs jumped from nothing to $5,000 a month.

When Rules Don’t Apply

Filmmakers Collaborative (via Hacker News):

When Rules Don’t Apply is a multi-media campaign to educate the public about the impact of “no-poach” agreements and how they limit competition and employee wages, a violation of antitrust law.


How to Remove Siri From the Touch Bar


You probably use your backspace [delete] key quite a bit. If you have a Macbook Pro, you probably also hit the Open Siri button quite a bit, as it is (in)conveniently located adjacent to the backspace key.


This short guide will show you how to remove the Siri button from your Macbook Pro’s touch bar, disabling the button without disabling Siri.

The Hard Part in Becoming a Command Line Wizard

John D. Cook:

McIlroy’s script was a real example of the kind of wizardry attributed to Unix adepts. Why can’t more people quickly improvise scripts like that?

The exercise that Bentley posed was the kind of problem that programmers like McIlroy solved routinely at the time. The tools he piped together were developed precisely for such problems. McIlroy didn’t see his solution as extraordinary but said “Old UNIX hands know instinctively how to solve this one in a jiffy.”

The traditional Unix toolbox is full of utilities for text manipulation. Not only are they useful, but they compose well. This composability depends not only on the tools themselves, but also the shell environment they were designed to operate in.


You could memorize McIlroy’s script and be prepared next time you need to report word frequencies, but applying the spirit of his script to your particular problems takes work.

Wednesday, April 17, 2019 [Tweets] [Favorites]

Safari Auto-Submitting AutoFilled Passwords

Steve Troughton-Smith:

Safari’s new ‘submit form as soon as you choose from the autocomplete list’ is the quickest way to get locked out of your bank ever. As a universal default, that seems like such a bad idea


(I think the key part is that it doesn’t consider what happens if the autosaved password is wrong, and so will blind-fire at the site before giving somebody a chance to change it)

This has bitten me several times.


That same sort of ‘presume we are always right’ problem happens with the new password autosuggestion, which covers over the password field and doesn’t let you edit the suggested password anymore.

If it guessed the password requirements wrong you can’t fix it.

Update (2019-04-18): Colin Cornaby:

I hate the way this bypasses the “Remember Me” checkboxes if you didn’t check them before autofill. From Apple’s end I’d guess the lack of cookies and cached logins is probably considered more secure though.

Andrew Abernathy:

As pointed out here, this behavior makes me much more worried about getting locked out of an account.

But beyond that, I dislike the interaction: there’s a “sign in” button on the page, and this preempts me from clicking on that in a way that doesn’t feel “right” to me.

Introducing CalZones

David Smith:

CalZones is a calendaring app built from the ground up to be smart about managing timezones. It starts by letting you choose a list of the zones that are relevant to you and then all aspects of the app tailor themselves into making it easy to coordinate between those timezones.


Tap on any time shown to quickly create an event at the shown time and in the selected timezone.


The event creation view makes working out the time for a call super easy by giving you a time picker that is timezone aware and displays the chosen time across all your selected timezones.

Rosemary Orchard:

Along with specifying your time zones you can also control which calendars you see, your preferred theme and icon, work day times, week start, and how event times should be displayed. The latter is very useful allowing you to see that the event you’re looking at starts at 7pm local time, but 10am in the organisers time.

See also: Under the Radar.

The Time Tim Cook Stood His Ground Against the FBI

Leander Kahney (Hacker News):

Cook was very concerned about how Apple would be perceived throughout this media firestorm. He wanted very much to use it as an opportunity to educate the public about personal security, privacy, and encryption. “I think a lot of reporters saw a new version, a new face of Apple,” said the PR person, who asked to remain anonymous. “And it was Tim’s decision to act in this fashion. Very different from what we have done in the past. We were sometimes sending out emails to reporters three times a day on keeping them updated.”


Privacy advocates celebrated the end of the case and Apple’s apparent victory. “The FBI’s credibility just hit a new low,” said Evan Greer, campaign director for Fight for the Future, an activist group that promotes online privacy. “They repeatedly lied to the court and the public in pursuit of a dangerous precedent that would have made all of us less safe. Fortunately, internet users mobilized quickly and powerfully to educate the public about the dangers of backdoors, and together we forced the government to back down.”

But Cook was personally disappointed that the case didn’t come to trial. Even though Apple had “won” and wouldn’t be forced to create the backdoor, nothing had really been resolved. “Tim was a little disappointed that we didn’t get a resolution,” said Sewell. He “really felt it would have been fair and it would have been appropriate for us to have tested these theories in court. . . . [Though] the situation that was left at the end of that was not a bad one for us, he would have preferred to go ahead and try the case.”

I still think this story has been mostly misreported in that Apple already had a backdoor to access Syed Farook’s iPhone 5c. Commenter lern_too_spel:

What really happened is that Apple loudly proclaimed that they had made it impossible to comply with government data requests and even had a marketing page masquerading as a privacy page explaining that. The FBI asked Apple to put a build on a phone that would allow them to brute force the passcode, leaving the device and the build on Apple’s premises the entire time. This showed that Apple’s claim was false in practice. Apple quickly removed that marketing page in the wake of the news.


At the time Apple made the false marketing claims, no passcode was required to install a signed build. Hence, the FBI’s request.

The FBI was asking for no more than what Apple could already do, and it was letting Apple control the whole process. The problem was that what Apple could already do disagreed with what Apple told its customers that it could do.


Hackers Abused Support Portal to Read Microsoft E-mails

Joseph Cox (via Jason Koebler):

On Saturday, Microsoft confirmed to TechCrunch that some users of the company’s email service had been targeted by hackers. A hacker or group of hackers had first broken into a customer support account for Microsoft, and then used that to gain access to information related to customers’ email accounts such as the subject lines of their emails and who they’ve communicated with.

But the issue is much worse than previously reported, with the hackers able to access email content from a large number of Outlook, MSN, and Hotmail email accounts, according to a source who witnessed the attack in action and described it before Microsoft’s statement, as well as screenshots provided to Motherboard.


Motherboard’s source, however, said that the technique allowed full access to email content.

Tuesday, April 16, 2019 [Tweets] [Favorites]

Qualcomm and Apple Agree to Drop All Litigation

Tripp Mickle and Asa Fitch:

Apple has called Qualcomm a monopoly and said Mr. Mollenkopf has lied about settlement talks between the companies. Qualcomm has accused Apple of deceiving regulators around the world and stealing software to help a rival chip maker.

For two years, the companies have bickered over the royalties Apple pays to Qualcomm for its patents. Discord between the CEOs, who bring different management styles and principles to the table, has deepened the divide. They have dug into their positions as the dispute has escalated.

The feud heads toward a showdown this coming week, when Apple’s patent lawsuit against Qualcomm is set to go to trial—with both CEOs expected to testify in a case where billions of dollars are at stake.

Via Shaun Maguire (and Benjamin Mayo):

The most interesting part to me is that Steve Jobs personally negotiated the QCOM deal and thought it was fair, but then one of the first things Cook did when he took over was rip it up.

Apple (MacRumors):

Qualcomm and Apple today announced an agreement to dismiss all litigation between the two companies worldwide. The settlement includes a payment from Apple to Qualcomm. The companies also have reached a six-year license agreement, effective as of April 1, 2019, including a two-year option to extend, and a multiyear chipset supply agreement.

Ben Bajarin:

At the FTC trial, we discovered Apple never actually had a formal license with QCOM and they just went through their manufactures. So this is a first time license for Apple with Qualcomm.

Previously: Apple Sues Qualcomm.

Sandboxing Makes Quarantine Flags Almost Meaningless

Howard Oakley:

When quarantine xattrs start appearing on files which have only ever been stored locally since their creation, is it time to get worried?

It would appear not.

Thanks to Thomas, who drew my attention to the fact that opening any movie in the QuickTime Player app (the latest ‘X’ version, not the old QuickTime 7) results in a quarantine xattr being attached to it.

A little further exploration revealed that this isn’t the only such case: Preview attaches quarantine xattrs to several of the file types which it opens, including PDF. The high-end PDF editors PDF Expert and PDFPenPro, and Nisus Writer Pro also attach quarantine xattrs to the PDFs which they create.

Erik Schwiebert:

Yep. The OS adds the quarantine xattr to any file created by an app that has been sandboxed. I don’t know why; you’d think they would trust a sandboxed app more, not less.

Rich Siegel:

It’s pretty crazy. We’ve seen a lot of this with customers opening/editing +x files. Simply opening the file causes it to grow quarantine, and then the user can’t run it in Terminal or programmatically with NSTask. (Gatekeeper and Terminal don’t really mix.)

Howard Oakley:

The quarantine flag, an extended attribute (xattr) of type, used to be one of the most meaningful and important of all the xattrs attached to files. It meant that item had been downloaded from the Internet. In the case of apps, it’s used to determine whether that app needs to undergo full first-run checks by Gatekeeper before being allowed free run on your Mac.


Since Apple introduced sandboxing for apps, the quarantine xattr has been used for a quite different purpose: to flag which document files have been opened by sandboxed apps.


This behaviour appears consistent across almost all apps which run in a sandbox, even if they’re not supplied by the App Store. One exception that I have found is the latest version of BBEdit: although sandboxed (and notarized), the non-App Store version doesn’t appear to attach quarantine xattrs to text files which it opens or writes, even when they are PDFs, for example.


For file types like JPEG, PNG, Movies and PDF, which are specific targets of this behaviour, the rules for attaching a quarantine flag by a sandboxed app appear to be[…]

Core Image Filter Reference

Noah Gilmore (via Ryan McLeod): is a project I’ve been working on for the last few months, and today it’s open source. It has two parts:

  1. A website,, which lists all the available CIFilters, their information and examples of applying them
  2. An app which allows you to apply each CIFilter to various inputs, tune their parameters, and apply them to camera and photo library images


Apple has a page listing about 85% of the available filters, but it’s “no longer being updated”, and no new filters which were made available in iOS 10, 11, or 12 are listed there. If you Google CIThermal, for example, most of what you’ll find is iOS header dumps.

For the filters which are listed, many have incomplete documentation - for example, the inputSharpness parameter to CICheckerboardGenerator says[…] but doesn’t tell you what the parameter actually does. The examples on this page are also limited - for example, CISourceOutCompositing takes an inputImage and a backgroundImage. The page shows two images being composited, but doesn’t specify which image is which[…]

Twitter’s Complicated and Messy Verification Process

Nick Heer:

In November 2017 Twitter announced it would be suspending its public verification process[…] However, the company never actually stopped verifying accounts. Cale Guthrie Weissman reported in 2018 for Fast Company that users were still being given a checkmark; and, today, Karissa Bell reports for Mashable that the process has continued[…]


Twitter seems utterly confused about what its verification program ought to be. Should it be just a simple way to communicate that an account is run by a real person or company, rather than an impersonator or a robot? Should it be only for public figures? What is a public figure anyhow, in Twitter’s view?

All the Streaming Video

Mark Hughes:

In which I compare some of the thousands of streaming media services[…]

Ben Thompson:

Look no further than that Disney investor event: while most of the time and subsequent attention was given to the new Disney+ offering, the company also spent time talking about ESPN+ and Hulu. At first glance, it might seem odd that the company has three distinct streaming services; why not put all of the company’s efforts behind a single offering?

In fact, I just explained why: in a world where distribution mattered more than anything else it made sense for Disney to put all of its television properties together; that offered maximum leverage with the cable companies. On the Internet, though, it is best to start with jobs.


Traditional TV will be dominated by news and sports, with ESPN, Fox, and Turner the biggest players. All have very strong assets in sports and/or news, and will remain dependent (and why not!) on the traditional TV mix of advertising and ever-increasing affiliate fees.

The long tail of content, including most information and education, will continue to be dominated by YouTube and its advertising-based model.

That leaves the specialists and the resellers, who will have a symbiotic relationship[…]


Update (2019-04-17): Josh Centers:

The only clear shot Netflix has is to sell. It cannot survive as an independent company.

Let’s examine how screwed Netflix is. They’re 8 billion in debt. Their biggest stars are either plagued by scandal or rapidly outgrowing their cuteness. They have no fallback plan. The largest companies in the world are coming after them.

Monday, April 15, 2019 [Tweets] [Favorites]

iOS Guided Access

Mattt Thompson:

In truth, Guided Access can be many things to many different people. So for your consideration, here are some alternative names that you can keep at the back of your mind to better appreciate when and why you might give it a try:

“Kid-Proof Mode”: Sharing Devices with Children

If you have a toddler and want to facilitate a FaceTime call with a relative, start a Guided Access session before you pass the device off. This will prevent your little one from accidentally hanging up or putting the call on hold by switching to a different app.

“Adult-Proof Mode”: Sharing Devices with Other Adults

The next time you go to hand off your phone to someone else to take a photo, give it a quick triple-tap to enter Guided Access mode first to forego the whole “Oops, I accidentally locked the device” routine.

If you set the passcode in Settings, you won’t have to enter it each time you start a Guided Access session. You can also end a session by double-tapping the side button and authenticating with Face ID, instead of triple-tapping and then entering the passcode.

10 Years of MacStories

Federico Viticci:

I had a different idea for what I wanted MacStories to be in 2009. You see, as a newly-minted Apple aficionado from Viterbo, Italy, who had just discovered the world of Apple blogging, I was fascinated by websites such as MacRumors, TUAW, Daring Fireball, and Engadget. I primarily wanted to use my longtime passion for in-depth videogame reviews (which I used to read on EDGE and other magazines when I was younger) and bring that style to Mac and iPhone app reviews; at the same time, I also wanted to have a website that could cover news, share tutorials, and, why not, maybe in the future even report rumors. I wanted to do it all, even though I was just a 20-year old guy from Italy who’d never blogged in English before.


As MacStories was slowly growing and I was finding an audience for my in-depth app reviews, I increasingly felt lured by the promise of timely news coverage and rumors. I thought that if MacStories could report Apple news and rumors as quickly as other websites, I could accelerate the process of a bigger audience stumbling upon MacStories and then discovering what really made the website unique: in-depth app reviews and opinion pieces. At the time, the most important metric for me was page views (because MacStories was making money off traditional banner ads); therefore, my incentives were directly aligned with attracting the biggest possible audience. At the same time, I didn’t want to give up on the reason I started MacStories in the first place (writing in-depth reviews unlike anyone else), so I decided that I wanted to have my cake and eat it too. I was going to report news and rumors to attract a larger audience, and I was going to continue writing app reviews for a dedicated, loyal niche too.


At some point by the end of 2012, I made the decision that we were going to stop reporting rumors or leaks and that chasing news stories to be “first” was no longer going to be our priority. I decided that I wanted MacStories to go back to its roots by prioritizing original reporting, editorials, and reviews over rehashing information that other websites were covering better than MacStories anyway.

Previously: Congratulations.

Library Evolution for Stable Swift ABIs

Ben Cohen:

One of Swift’s goals is to be a good language for libraries with binary compatibility concerns, such as those shipped as part of Apple’s OSs. This includes giving library authors the flexibility to add to their public interface, and to change implementation details, without breaking binary compatibility. At the same time, it’s important that library authors be able to opt out of this flexibility in favor of performance.

This proposal introduces:

  • a “library evolution” build mode for libraries that are declaring ABI stability, which preserves the ability to make certain changes to types without breaking the library’s ABI; and
  • an attribute for such libraries to opt out of this flexibility on a per-type basis, allowing certain compile-time optimizations.

The mechanisms for this are already in place, and were used to stabilize the ABI of the standard library. This proposal makes them features for use by any 3rd-party library that wishes to declare itself ABI stable.

Greg Parker:

This feature is one of the reasons that Apple created Swift instead of adopting an existing language. We needed at least as much capability to evolve libraries as Objective-C provided.

Previously: Swift ABI Stability and More.

Core Animation Bug in macOS 10.14.4

Ken Case:

In particular, OmniOutliner and OmniPlan customers have been telling us that since upgrading to 10.14.4, they will open some documents and end up seeing… nothing.


We’ve been working with Apple and tested a fix that will be in the next Software Update to macOS Mojave. (I don’t know the timeframe for that update shipping to the general public, but I’m glad this fix is on its way!)

John Gruber:

Bugs happen, but with all the ongoing consternation regarding Apple’s (and particularly the Mac’s) software quality, it’s a little worrisome to see this in a .4 release. A .4 release of the OS should be peak stability.

Friday, April 12, 2019 [Tweets] [Favorites]

App Store Subscription Confirmation Alert

David Barnard:

Whoa! Apple added an additional confirmation step for subscriptions. This new alert comes after you confirm with Touch ID/Face ID. I hope they address this in a more elegant way in iOS 13, but I’m thrilled Apple took a definitive step to curb scam subscriptions. 👏🏻

This probably isn’t needed on Face ID devices where you have to double click the side button to confirm a subscription, but this should cut down on accidental subscriptions on Touch ID.

I’m still baffled it took Apple so long to take action on this, but it still says a lot that they made a change like this mid iOS 12 instead of waiting for iOS 13.

This change is likely to prevent $10M+/mo in accidental subscriptions.

Ryan Jones:

I literally went through your flow 2 hours ago to compare it to apple’s and thought you added that. Until I tried Facetune. Here’s the kicker though.... it’s not on apple Music


Or only Apple gets to do this?

Ryan Jones:

Apple remotely turned off the extra Subscription confirmation modal last night.

(Apps were seeing 20% subscription trial reductions.)


This means a significant profit was being made due to a lack of understanding by the users, which I don’t think is an ethical business model

Ryan Jones:

Now, there may be a reason, like fixing a bug or making it better. But it’s 100% off right now after ~1 week of being on.



Peter Kafka (tweet):

Disney+ will launch in the US on November 12, for $7 a month. It will have a very large library of old Disney movies and TV shows — crucially, including titles from its Marvel, Pixar, and Star Wars catalog — along with new movies and series made exclusively for the streaming service. It won’t have any ads. And it will allow subscribers to download all of that stuff, and watch it offline, whenever they want.

For comparison: A standard Netflix subscription now costs $13 a month.


Disney told investors it expects to have 60 million to 90 million subscribers worldwide for the service by the end of 2024. Netflix currently has 139 million subs.


Disney+ will also feature shows and movies that previously belonged to 21st Century Fox, which Disney mostly absorbed this year. That means the service will also be the place to watch The Simpsons, for starters.

John Gruber:

I know Apple News+ and Apple Music are both $10/month, and Apple Arcade might cost $10/month, but I don’t think Apple expects to charge $10/month just for Apple TV+. I continue to think Apple TV+ will be something they add on for “free” when you pay for some sort of bundle with other Apple subscriptions — or maybe it will cost $10/month if it’s the only thing you subscribe to from Apple, but they know that most people will get it as a “free” bonus.

Damien Petrilli:

Apple forgot that to use any service you need hardware. They could have been the best hardware provider for all services.

They had everything to do it right. Instead they decided to compete (poorly) on services while degrading hardware quality/value proposition.

Imagine if Apple wasn’t doing its shitty anticompetitive behavior to promote their services and instead was THE platform to get all services well integrated together.

Michael Love:

I think Disney’s entry helps basically every other streaming player except Netflix, because it makes it much harder for Netflix to ascend from ‘channel’ to ‘platform’ - they won’t be able to keep increasing prices / volume of programming until they replace the entire bundle.

Joe Cieplinski:

Clearly, Disney’s back catalog is a big plus. But most of what I watch nowadays is new original TV programming. Until they have some can’t miss shows for me, I’m not altogether interested in paying monthly for the occasional re-watch of a Star Wars flick.


US Broadband, OS, and Browser Stats

Devin Coldewey (via Dan Luu):

For instance, the FCC report suggests that broadband, as it is currently defined, is not currently available to around 25 million people. Sounds reasonable. But Microsoft’s data says that some 163 million people “do not use the internet at broadband speeds.”

Those aren’t the same thing, obviously, but you’d think if a person had broadband available they would use it at least now and then, right?

Erie Meyer:

It’s wild to me that

- There were 3.57 billion visits to government websites over the last 90 days
- We know that because it’s public thanks to
- We also have hard data about OS, browser + version, and format data about how Americans are using the web


macOS Hot Corners

Rose Orchard:

A great feature of macOS that we don’t discuss often is Hot Corners — the ability to swipe your mouse into a corner and have something happen. For example, your screensaver starts, notification center appears, launchpad shows you a list of apps, etc. This setting is no longer enabled by default, so many people are missing out on this great feature!


What is more, you can add a modifier key (Command, option/alt, shift, or control) to a Hot Corner, which will only activate if you hold that key while swiping your cursor into the corner. This makes it hard to activate Hot Corners by accident, so it’s ideal for something like locking your screen. You can also use multiple modifier keys at once if you like. Unfortunately, you can’t set multiple commands per corner with different modifier keys.

I use hot corners for Put Display to Sleep, Mission Control, Application Windows, and Notification Center.

First Black Hole Image


At the heart of the Milky Way, there’s a supermassive black hole that feeds off a spinning disk of hot gas, sucking up anything that ventures too close -- even light. We can’t see it, but its event horizon casts a shadow, and an image of that shadow could help answer some important questions about the universe. Scientists used to think that making such an image would require a telescope the size of Earth -- until Katie Bouman and a team of astronomers came up with a clever alternative.

MIT News:

The solution adopted by the Event Horizon Telescope project is to coordinate measurements performed by radio telescopes at widely divergent locations. Currently, six observatories have signed up to join the project, with more likely to follow.

But even twice that many telescopes would leave large gaps in the data as they approximate a 10,000-kilometer-wide antenna. Filling in those gaps is the purpose of algorithms like Bouman’s.


Finally, Bouman used a machine-learning algorithm to identify visual patterns that tend to recur in 64-pixel patches of real-world images, and she used those features to further refine her algorithm’s image reconstructions. In separate experiments, she extracted patches from astronomical images and from snapshots of terrestrial scenes, but the choice of training data had little effect on the final reconstructions.

This particular algorithm was not used in the image reported this week; it sounds like it was a prototype that proved the approach.

Abigail Hess:

On Wednesday, after 10 years of planning and scientific investments totaling over $50 million, researchers released the first-ever image of a black hole. The image is a feat of modern science — experts say it’s the equivalent of taking a photo of an orange on the moon with a smartphone — and international collaboration. Over 200 scientists across the globe contributed to the project.


“The team collected about five petabytes of data, and one petabyte is a thousand terabytes,” explains Bouman. “Your typical computer has maybe one terabyte or so. So that would be like 5,000 typical laptops of data.


“We spent years developing methods, many different types of methods — I don’t think any one method should be highlighted — because most of all, we were afraid of shared human bias,” says Bouman.


For this reason, the computer scientists broke into four teams and did not communicate while they were analyzing the data. After months of the teams working independently, they all converged in Cambridge, Massachusetts, and ran their algorithms in the same room, at the same time.

Michelle Lou and Saeed Ahmed:

Using imaging algorithms like Bouman’s, researchers created three scripted code pipelines to piece together the picture.

They took the “sparse and noisy data” that the telescopes spit out and tried to make an image. For the past few years, Bouman directed the verification of images and selection of imaging parameters.


The result? A groundbreaking image of a lopsided, ring-like structure that Albert Einstein predicted more than a century ago in his theory of general relativity. In fact, the researchers had generated several photos and they all looked the same. The image of the black hole presented on Wednesday was not from any one method, but all the images from different algorithms that were blurred together.

Update (2019-04-16): Akash lists the Python code that was used.

The Astrophysical Journal paper is here (via Matplotlib).

The Physicist has some background information (via Hacker News).

Thursday, April 11, 2019 [Tweets] [Favorites]

Apple Podcasts on the Web Gets a Fresh New Interface

Chance Miller:

The old Apple Podcasts web interface was akin to the iTunes web design that was dropped back in 2017. It was a simple list of podcast episodes, showing you the episode title and description. If you wanted to play an episode, you’d be kicked to iTunes. You also couldn’t view full show notes and other episode details.

With this week’s overhaul, however, Podcasts on the web is a much more usable experience. Episode titles are bolded and feature their full description below. There are also new dedicated pages for individual podcast episodes. Here, you can view full show notes and other details about an episode.

Previously: macOS 10.15 to Break Up iTunes.

Amazon Employees Review “Small Sample” of Alexa Audio

Timothy B. Lee:

Most of the time, when you talk to an Amazon Echo device, only Amazon’s voice-recognition software is listening. But sometimes, Bloomberg reports, a copy of the audio is sent to a human reviewer at one of several Amazon offices around the world. The human listens to the audio clip, transcribes it, and adds annotations to help Amazon’s algorithms get better.

“We take the security and privacy of our customers’ personal information seriously,” an Amazon spokesman said in a statement emailed to Bloomberg. “We only annotate an extremely small sample of Alexa voice recordings in order [to] improve the customer experience.”

Bloomberg hints at a significant workforce doing this kind of work. Bloomberg says Amazon has employees listening to audio clips in offices in Boston, Costa Rica, India, and Romania. Employees interpret as many as 1,000 audio clips in a 9-hour shift.


Bloomberg says that Apple’s Siri “also has human helpers.” The company points to an Apple privacy white paper that describes how Apple uses audio captured from customer devices.

I wonder whether Apple’s standard opt-out covers this.


Google AMP Lowered Our Page Speed, and There’s No Choice But to Use It

Walid Halabi (via Hacker News):

Google puts the onus on publishers to, effectively, rejig large tracts of their websites layout, content, and functionality, in return for preferential treatment. Google promotes AMP as a way to make websites faster. That’s supposed to be the primary benefit, and the reason Google is pushing AMP so forcefully.


We here at unlike kinds decided that we had to implement Google AMP. We have to be in the Top Stories section because otherwise we’re punted down the page and away from potential readers. We didn’t really want to; our site is already fast because we made it fast, largely with a combination of clever caching and minimal code. But hey, maybe AMP would speed things up. Maybe Google’s new future is bright.

It isn’t. According to Google’s own Page Speed Insights audit (which Google recommends to check your performance), the AMP version of articles got a performance score of 80. The non-AMP versions? 86. Mind you, the AMP versions are hobbled - unauthorised javascript interaction is forbidden by Google, so you can’t vote or comment in place - it’ll kick you to the full version of the page. This is the fruit of weeks of labour converting the site: a slower, less interactive, more clunky site.


Update (2019-04-12): Nick Heer:

This power grab is disgusting and should be treated as an attempt at a hostile takeover.

CloudPull Discontinued

John Brayton:

In an effort to tighten security, Google is no longer allowing apps to get permission to write to a user’s account if it cannot provide justification for having write access. Since there is no read-only permission level for OAuth access via IMAP, this means that CloudPull will be unable to access Gmail via IMAP. I appealed Google’s decision, but my appeal was rejected. I carefully considered options for updating CloudPull to keep it working, but every available option will require more time and effort than I can justify. Therefore I have removed CloudPull from sale.

What a crazy situation.

Quantum Computing and APFS: Free and Used Space

Howard Oakley:

In APFS, snapshots are made as part of Time Machine backups, on some occasions such as prior to installing a macOS update, and when the user initiates them. What happens when an APFS snapshot is made is that a complete copy is made of the file system metadata, which is very quick indeed and doesn’t involve the copying of any other file data.

However, to preserve all the files at the moment that the snapshot is made, as those files subsequently change, their original data are retained so long as the snapshot is kept. Let’s say that, in one snapshot, there’s a certain file of 1 GB in size, which then changes completely so the whole 1 GB is rewritten. So long as that snapshot is retained, its original 1 GB of data is retained, as well as its new 1 GB. So although the snapshot itself doesn’t take up much space, it stops a lot of old data from being freed up for reuse.

Time Machine purges old snapshots automatically, but by default retains the last 24 hours of hourly snapshots, which will take a total space similar to the amount of data backed up over that period. In my case, that’s typically around 30 GB at any time, but if you manipulate large media files, or old snapshots aren’t purged properly, it could easily require hundreds of GB.

I find the whole idea of free space confusing with Mojave and APFS. Last week, after updating Xcode, I started getting warnings that my MacBook Air’s SSD was almost full. I deleted about 20 GB of files but saw little improvement in the amount of available space reported by Finder. And I continued to get the warnings. As far as I could tell, based on reports from OmniDiskSweeper and trying to figure out which files had been deleted and added, I should have netted about 14 GB more free space than I started with, yet Finder showed about 6 GB less.

My first thought was that the culprit was snapshots, but Disk Utility showed no purgeable space, and tmutil listlocalsnapshots showed no snapshots. I guess this indicates that the disk really is almost full, but I can’t figure out why.

My current theory is that the problem is due to a 20 GB proxies folder in Photos’s library (which is strangely not included in Manage Storage’s report). I don’t have a measurement of how large this was before, but I suspect it used to be much smaller. It’s not clear how I might compact it or why Photos isn’t automatically deleting old data now that it can tell that the disk is almost full. I will probably end up deleting the Photos library and syncing a new one down from iCloud. But that’s only a potential solution because this Mac doesn’t contain any Photos projects; those are not stored in the cloud and so would be lost if I were to attempt this.


Update (2019-04-11): My iMac does show Time Machine snapshots, yet Disk Utility still says there’s zero purgeable space.

Wednesday, April 10, 2019 [Tweets] [Favorites]

macOS 10.15 to Break Up iTunes

Guilherme Rambo (MacRumors):

The new Music, Podcasts, and TV apps will be made using Marzipan, Apple’s new technology designed to facilitate the porting of iPad apps to the Mac without too many code changes. It’s not clear whether the redesigned Apple Books app will also be made using the technology, but given that the redesign came to iOS first and its usage for the other apps, it’s likely that this new Books app will also be using UIKit.

With the standalone versions of Apple’s media apps coming to the Mac, it’s natural to ask: what about iTunes in macOS 10.15? According to sources, the next major version of macOS will still include the iTunes app. Since Apple doesn’t have a new solution for manually syncing devices such as old iPods and iPhones with the Mac, it’s natural to keep iTunes around a little longer.

I’m not looking forward to this because, while I agree that iTunes needs work, I don’t have confidence that Apple will preserve its functionality (or even its desktop-optimized design) in the new apps. I expect that iTunes will remain the only way to sync music that you didn’t buy from the iTunes Store. Apple’s track record is to remove features from AirPort Utility and QuickTime Player 7 and let the dead versions hang around for years until eventually sunsetting them, without ever reimplementing what was lost.

John Gruber:

Nothing surprising here, but it leaves the $64,000 question unanswered: will these apps be more like dumbed-down iPad apps on the Mac, or more like smartened-up Mac apps on the iPad?

Nick Heer:

The unrequited optimist in me is imagining a next generation of cross-platform app that feels completely platform native no matter where it’s running. But I have also used Music on the iPad and it’s not as good as its iPhone sibling — and those are just different versions of the same app on the same platform.


And, as I have no plans to stop using my local music collection and manually syncing a subset of it to my iPhone, I am wary of what this could mean for my stubborn situation over the long term.

Damien Petrilli:

Some are happy about killing iTunes but it’s the only way to load personal stuff on iOS devices so far, do local backups, manage music, avoid cloud, etc.

If marzipan Apps just replace the Apple services and kill this technical part it’s going to be a mess.

Andrew Pontious:

Really not looking forward to Apple’s cheery full-court press (echoed by many online pundits) about how great their new shitty converted iOS apps are for the Mac.

For me, this is proof of further decline of Mac, not improvement.

Colin Cornaby:

I hope with the amount Apple is relying on Marzipan, they fix issues like Marzipan apps rendering at the wrong resolution for compatibility reasons. It makes the text on non-Retina displays really awful and I can’t imagine it helps with in app graphics.

I’m also not exactly a fan of the possible performance issues of Marzipan apps all being boxed inside of their own runtime-ish thing.

Previously: Apple to Target Combining iPhone, iPad, and Mac Apps by 2021.

Update (2019-04-11): Colin Cornaby:

“The Mac experience won’t be worse because of Marzipan” ”Also now we’re going to ship a bunch of redundant audio players because we can’t get our act together on feature sets.”

If they booted all the video features out of iTunes into the TV app, that would help in straightening out iTunes. But I’m guessing they might be stuck on transitioning that portion of the iTunes library on disk to TV, and what to do for Windows.

Podcasts and Music being separate apps still baffles me on the Mac. They seem like complimentary functions and I’d rather have a single audio player UI, and not have two icons in my dock/applications. And I’m never listening to music and playing a podcast at the same time.


We will never correct from being app-centric to data-centric soon enough. So much damage has been done because we didn’t manage to solve the filesystem UX problems!!

Dan Masters:

Instead of revamping & maintaining the Truck App, they’re taking it all and just throwing it away. iTunes is only terrible because they’ve neglected it.


This week, I’ve been using iTunes to manage my extensive music library. Its performance has become shocking. But it’s still the most powerful, versatile music library app I’ve ever used.

Abandoning iTunes for Apple Music is equivalent to forcing people to use Excel Mobile on Mac


Of course, the most likely scenario is that marzipanOS Music will just be a straight port of the iPad app.

If you need any of this “legacy cruft”, you’ll need to use the neglected iTunes app (which will turn into abandonware).

Josh Marshall:

What if Apple take the same road they have with photos? Provide the solution for the 95% of users in their own apps. Then provide access into the library for 3rd party apps to handle importing, metadata+art editing, and playlist creation.

Update (2019-04-15): Dan Moren:

While Smart Playlists created in iTunes sync to iOS via iCloud, there’s no way to natively create them on iOS devices. And that’s a shame, because although Apple has tried to improve its algorithms in Apple Music to surface new songs you might like, those playlists and stations pull from the whole realm of available music, rather than the music you’ve self-selected into your own library. They’re much more powerful than static playlists and allow users a lot more control over their listening habits. It would be a shame if a new Music app on the Mac did away with them.

Marco Arment:

I’m particularly proud of the iTunes-breakup segment on this week’s @atpfm. If you love computers that empower you to be a power user, give this a listen (start at 30:12, runs about an hour)

Jason Snell:

If you’re expecting the new Mac apps to just be mirrors of their iOS counterparts, you might be pleasantly surprised. Apple has the opportunity to work on the iOS apps to make them a little more functional — and have that work come across to macOS at the same time. The iOS apps lack a lot of the functionality of iTunes, and while replicating every iTunes feature is not in the cards (probably ever), it’s hard to believe that Apple won’t attempt to upgrade the apps as it brings them across to the Mac.


It would also be helpful if Apple lets Music add audio files to the library, a feature that iTunes has had since Day 1 and that has never been available on iOS. If you’ve ever bought an indie album via Bandcamp on an iPad, only to receive a Zip archive in return, you’ve run into this roadblock. While the Music app will always primarily be an interface for Apple Music, letting users import audio files is a necessary addition. (The same should be said for adding video files to the TV app.)

Kirk McElhearn:

Rumors of Apple dismantling iTunes are almost as old as the software itself. I can remember people clamoring for its destruction back when Apple added video management to the app, claiming that since it's called iTunes, it shouldn't manage anything but music.

Update (2019-04-16): Colin Cornaby:

My favorite Marzipan “bug” is how it doesn’t understand mouse drags. Really frustrating to use home.

My guess is it’s still the underlying hold-then-drag gesture recognizer that iOS uses, and they don’t want to break apps by automatically getting rid of the hold.

This has existed since the initial betas and I was thinking about tweeting about it then but I said “Well you’re not supposed to share beta screenshots and I’m sure it will be fixed by final” and guess what jokes on me.

Accessibility Quirk With “Bold Text”

Joe Heck:

When one of my testers ran the app, the toolbar button “disappeared”. It was still there, but rendering white on the white toolbar. It took a while to figure out that the difference between our environments: that Bold Text was enabled in accessibility. Then it took a while longer to find that it wasn’t respecting the local tint, but using the global tint when enabled.

That “Bold Text” being enabled effected the image rendering came as a surprise to me. Some friends indicated they’d seen significant performance issues with Bold Text as well (in cells in a tableview), so they knew that it impacted image rendering – I guess it does something to try and make an image “bolder”, even though it’s not text.

Kindle 9


Meet the all-new Kindle, now with a built-in adjustable front light so you can read indoors and outdoors and at more times of day. Purpose-built for reading, Kindle features a glare-free touchscreen display that reads like real paper, even in direct sunlight.


Designed by Amazon to perfectly fit your Kindle, these slim, form-fitting covers attach securely and fold back for one-handed reading. They automatically put your Kindle to sleep when closed and wake upon opening, making it easy to get back to your story.

I think it’s worth stepping up to the $130 Kindle Paperwhite, which is waterproof and has almost twice the resolution, but it’s cool that you can get a Kindle with a light and the higher contrast screen for only $89.

Update (2019-04-16): Joe Workman:

I bought a like-new Kindle Voyage 2 weeks ago off Amazon for only $80. Replaced my Kindle 3. Very happy with it.


I did the same a few weeks ago. I was upgrading from a Paperwhite 2 and wanted the new waterproof one, but I found out the screen on the Voyage is still superior to everything but the Oasis. I’m so happy with the purchase.

Postmortem: iTunes Affiliate for Apps

Jeff Johnson:

Yesterday, six months later, I finally got paid the remaining balance owed to me as an iTunes Affiliate. Getting paid was an ordeal that took many emails from me to the iTunes Affiliate Program.


I had balances in at least 20 forms of currency. The payments to me are all converted to US dollars, but their payment system is organized by currency, and each currency has a minimum payment threshold. If I recall correctly, the payment threshold was $30, so if your balance in one currency is less than the threshold, you don’t get paid from that balance, and the iTunes Affiliate Program just hoards your money until you reach the threshold.


Be persistent. Mention the $50 manual adjustment. If all else fails, threaten a lawsuit. They’ll want to close your account, but don’t let them close it until after you’ve been paid in full.

I’ve been going back and forth with them for months but didn’t threaten a lawsuit, and they haven’t paid me yet.


Improving the UI of Swift Generics

Joe Groff:

This document tries to provide a foundation for conversations about refining the generics model, not really changing the framework established by the Generics Manifesto, but considering some of its weaknesses, and how we might make it more approachable and easier to use:

  • One of the biggest missing pieces from the original manifesto is generalized existentials. These have been hailed as a panacea for a wide range of problems, but as we’ve explored the idea, we’ve found that there are many use cases that existentials would never be able to address.
  • In particular, although existentials would allow functions to hide their concrete return types behind protocols as implementation details, they would not always be the most desirable tool for this job. We have a gap in the generics model in allowing functions to abstract their concrete return types while still maintaining the underlying type’s identity in client code, and we’ll look at how that gap can be filled.
  • We’ll also look at our existing notation for generics and existentials. Swift follows in the tradition of similar languages like C++, Java, and C# in its generics notation, using explicit type variable declarations in angle brackets, but this notation can be verbose and awkward. We could look at what C++20 is doing with abbreviated templates, and Rust with its impl Trait feature, for ways to make writing generic functions more concise and fluent. Also, protocols currently do double-duty as the spelling for existential types, but this relationship has been a common source of confusion.

Update (2019-04-15): Tim Ekl (Hacker News):

To that end, this post aims to walk through some of the proposals from Joe’s document, explaining the syntax and offering examples of how the changes to generics might look in practice. We’ll pick up a couple technical terms in a practical setting, and wrap up with some details about the open Swift Evolution proposal(s) being considered.

Tuesday, April 9, 2019 [Tweets] [Favorites]

Implementing [NSCell copyWithZone:] in Swift to Avoid Crashes in AppKit

Corbin Dunn (tweet):

It looks like using a baseline constraint with Autolayout will cause it to copy the cell to determine the baseline. So, if you are using AutoLayout, be aware of implicit copies that might happen behind your back!

The trouble with [NSCell copyWithZone:] is that it uses NSCopyObject, which blindly assigns ivars from one instance to another and doesn’t do any proper memory management. I didn’t think this would still be an issue in Swift, but apparently it is! See my solution at the top where I simply retain the value during the copy.

He writes:

let _ = Unmanaged<NSColor>.passRetained(previousTextColor)

Toggle System Grayscale Mode

Daniel Jalkut:

The framework name “UniversalAccess” correlates strongly with the “UA” prefix on the pertinent function names we dug up above. Great, so how do we call these? They’re private system functions which means you should not rely on them for production code, but for a quick hack to make toggling grayscale easier? It’s a reasonable risk in my opinion. Here’s a simple C program that takes advantage of the private methods to simply toggle grayscale mode on or off, depending on the current setting.

This is arguably more reliable than using GUI scripting, and definitely faster and less intrusive. Or, if you don’t want use a compiler:

This script takes advantage of Python’s ability to dynamically load an arbitrary shared library and invoke its exported functions.

Update (2019-04-10): Marco Arment:

I love this kind of power and customization, and it’s the kind of thing we’re losing with the dominance of iOS itself and the invasion of the iOS mindset into macOS

Apple Drops $99 Data Migration Fee for New Macs and Repairs

Adam Engst:

Apple has dropped the $99 fee that it previously charged for migrating data from an old Mac to a newly purchased machine. TidBITS reader and TekBasics consultant David Price wrote to tell us that he has generally advised clients to pay Apple to migrate data to newly purchased Macs, but when he accompanied his brother-in-law to pick up a freshly migrated iMac last week, Apple informed him that there was no charge for the service.

Update (2019-04-10): Thomas Brand:

There was never a charge in 2003. We used to even transfer data from booting Windows PCs.

How to Get Bugs Fixed by Apple

Greg Scown:

For example, I received an email with a fractional street address, and Mail’s data detector chopped off the whole number portion of the address. Rather than report the bug with steps in Mail, I figured that the data detector itself was broken and made a very small Xcode Playground to demonstrate the problem. It’s time-consuming to create reductive cases, but it also reduces the likelihood of confusion. Consider that the person reading and reproducing your bug needs to see it as simply as possible.

If there’s no action on your bug, the next step is to mail and request status. Note that it can take a while to get a reply. Filing and following up on getting bugs fixed with Apple is a process, as with anything else.

Previously: The Sad State of Logging Bugs for Apple.

New WebKit Features in Safari 12.1

Jon Davis (Hacker News):

With users’ ability to choose between light and dark color schemes, websites can start to look out of place, or worse, become a blinding and painful experience. To help websites better integrate with the dark appearance setting in macOS Mojave, WebKit provides the supported-color-schemes property and prefers-color-scheme media query to allow a webpage to support light and dark color schemes.

Web content authors can use the @media(prefers-color-scheme: dark) media query to provide dark mode styles that override a default light theme. Alternatively, @media(prefers-color-scheme: light) can be used to provide light styles that override a default dark theme.


The Payment Request API has been updated with granular errors, support for default addresses and contacts configured in Wallet and Apple Pay settings, and special field support for Japan. These changes now bring the Payment Request API to parity with the Apple Pay JS payment system, but with all of the benefits of web standards compatibility. Payment Request is now the recommended way to pay implement Apple Pay on the web.


The Web Share API adds navigator.share(), a promise-based API developers can use to invoke a native sharing dialog provided the host operating system. This allows users to share text, links, and other content to an arbitrary destination of their choice, such as apps or contacts.


Another newly supported element in WebKit is the <datalist> element. The <datalist> element contains a list of <option> elements that provides suggested values for <input> elements.

Previously: Dark Side of the Mac: Appearance & Materials.

Monday, April 8, 2019 [Tweets] [Favorites]

macOS 10.14.5 Requires New Developers to Notarize


Beginning in macOS 10.14.5, all new or updated kernel extensions and all software from developers new to distributing with Developer ID must be notarized in order to run. In a future version of macOS, notarization will be required by default for all software.

In theory, this shouldn’t be a big deal. It’s like Gatekeeper, but signed by Apple. But, in practice, the notarization service sometimes goes down, or takes an unpredictably long time, or silently adds a requirement that wasn’t there the last time you deployed a build. So you never know how long it will take to get a bug fix out.

Via Rosyna Keller:

There’s also a new section about apps with plug-in SDKs and the hardened runtime.

Other sections of the Notarization docs were updated to address developer feedback.


See also: Howard Oakley, Jeff Johnson.

Update (2019-04-09): Rosyna Keller:

Resolving Common Notarization Issues has also been updated.

Additionally, it includes information regarding the fact devs with apps with plugin SDKs no longer have to separately ship a debuggable version and a notarized version.

Felix Schwarz:

TIL why I can no longer enter a fax number in the #macOS Print Dialog & therefore no longer use my Epson MFP to send faxes in #Mojave.

With 10.15 killing 32bit support, my ScanSnap’s software will stop working next.

I’ll soon need a VM to use my Mac for basic office tasks.

Jeff Johnson:

The reality now for Apple OS updates is that there’s no longer a distinction between major and minor updates.

All updates potentially include major new features. Or breakages.

Apple is now a full-on “Agile” shop, for better or worse.

(Narrator: For worse.)

Paul Haddad:

Apple is getting aggressive with this stuff. Normally any Mac changes are years in the making.


This is awful. I really really hope they add an option to disable this just like SIP. I don’t really understand if this is possible.

Probably I need to move from macOS. Its a great OS but this kind of changes that could break anything...

Calum Hunter:

who would want to develop on this platform or use this platform for IT professional services anymore. I’m 18 year veteran mac says admin/engineer and now considering switching to a linux machine to get my work done. apple have lost the plot.

Paulo Andrade:

My question here is: is it really that hard for a bad actor to pass the notarization checks that makes this worthwhile to impose on all other developers?

Jeff Johnson:

No, the whole thing is a complete joke, because apps can software update themselves outside the App Store and avoid Gatekeeper entirely. Submit a harmless version to Apple, notarize it, then flip the switch server-side to update to a new malware version after install.


The technical term would be “security theater”. :-)

John Daniel thinks it will still be effective against adware:

Because they would have to start writing code instead just running an automated app generation script. It is possible, but gets more and more difficult and costly.

Nikolaus Gebhardt:

About 28% of my users running my apps on macOS switched to the Windows version in the last 2 years. Apple now making it even more difficult for devs to create macOS apps will probably not improve this situation for them.


I haven’t worked on macOS for a year or two, but it seems like notarized apps are non-debuggable, and future versions will keep adding friction for non-notarized apps. Is it just me or is the Mac slowly losing its UNIX roots and leaning towards stripping users of control?

Jim Rea:

I haven’t seen any definition of “new developers” -- who fits into that? Does it mean developers that sign up for a developer app starting from today? And how is this enforced on the user’s computer? Or maybe this is enforced during the signing process? Seems weird.

Jeff Johnson:

My guess: info in the DeveloperID cert. It’s the only thing that makes sense at the OS level & explains why it applies “if you’re new to distributing macOS software, regardless of how long you’ve developed for other Apple platforms”. In other words, on generating new DevID cert.

See also: Hacker News and MacRumors.

Update (2019-04-10): Howard Oakley:

As ever, life isn’t quite as simple as Apple’s announcement might seem. It doesn’t, for example, address problems with command tools, which currently don’t pass through Gatekeeper checks, and are often unsigned, although it is possible to attach signatures to them. Apple still doesn’t have a scheme to provide an equivalent to notarization for command tools which aren’t embedded in an app or other code bundle. If you distribute your command tool as part of an Installer package, it is supposed to be possible to get the whole package notarized, although Apple hasn’t detailed a workflow for doing that, nor said whether all installer packages will be required to be notarized. Hopefully some time before 10.15 is released this will become clearer.


Notarization is only checked when you first run an app which has been downloaded from the Internet and has gained a quarantine flag as a result.

Howard Oakley:

The requirement coming for non-App Store apps is notarization. You said its purpose is malware detection. That may be the purpose of uploading apps to Apple, but there’s more to it than that: you can’t notarize an app unless it’s hardened. So what’s the purpose of that?

Jeff Johnson:

There’s no good reason for the requirement. Notarization is a convenient excuse.

Apple is using the threat of Gatekeeper not allowing your app to launch in order force developers to do something Apple wants, self-impose the hardened runtime on your apps.

It’s a jerk move.

Tom Bridge:

Kerio’s VPN Client was now dead in the water and not functional, no matter what I could do to follow up. An inspection (which requires Xcode 10.2 and not just the command line tools) of the kvnet.kext file in /Library/Extensions indicated I did not have a valid kernel extension any longer[…] Without a valid ticket stapled to the kext, I was going to have a problem running it, as the secureTimestamp value is after 2019-03-11.

Well crap. I need that kernel extension to work for my VPN to client locations to work, so how am I going to get around it? Thanks to #notarization on the Mac Admins Slack, and Allen Golbig at NASA Glenn, Graham Pugh, and the help of others, the answer was already in our hands: User-Accepted Mobile Device Management and Team ID Whitelisting in the Kernel Extensions Whitelisting payload in MDM.

Update (2019-04-11): Apple:

We’re working with developers to create a safer Mac user experience through a process where all software, whether distributed on the App Store or outside of it, is signed or notarized by Apple. With the public release of macOS 10.14.5, we require that all developers creating a Developer ID certificate for the first time notarize their apps, and that all new and updated kernel extensions be notarized as well. This will help give users more confidence that the software they download and run, no matter where they get it from, is not malware by showing a more streamlined Gatekeeper interface.

Howard Oakley:

So if I understand these results:

- declare built with 10.14 SDK, hardening is required for notarization
- lie about that, or use older SDK, and you can notarize unhardened apps.

Rich Trouton:

The part about “notarization will be required by default for all software” made me think, because there are a few apps that I’ve written over the years that are still useful (at least to me). All of them were built using Automator, which meant that the usual Xcode-based ways of notarizing applications wasn’t going to work for me.

Update (2019-04-12): Howard Oakley:

So if you’ve got folders full of your own apps which haven’t gained a quarantine flag because they weren’t downloaded from the Internet, or which have already cleared quarantine following download, they will continue to open and run fine in 10.15. Apple hasn’t announced that it’s changing the way that Gatekeeper works, and if it were even to consider that, the penalties would be seismic.

That does, though, leave many wondering how they’re going to be able to share tools as they have in the past. Unfortunately, the news for them isn’t good at all. If you want to make such apps available to others via download, the only way that this will work in 10.15 and later is for you to go through the whole process of signing them with a developer ID and notarization. Probably.


How on earth can an app be hardened, something only available in recent versions of Xcode, to meet the first requirement, but remain unsigned?

The answer seems to rest in what built the app in the first place. If the app declares that it was built using a recent version of Xcode, which supports hardening and notarization, then the latter will expect it to comply with the new and rigorous rules, including code-signing and hardening. If your app is built with an older version of Xcode, or a different tool, then legacy rules apply, as described later in that article.

Twocanoes Software:

We use Packages for easily creating distribution packages, and DropDMG for making great looking disk images. The notarization process involves uploading a copy of the app to the notarization service at Apple, then polling the service until it is complete, then downloading the ticket and “stapling” it to the app. So our new process looks like this:

Archive Build->Upload->Poll Until Success->Staple->Package->Add to DMG

Codextended: Extension for Swift’s Codable

John Sundell (tweet):

However, once some form of customization is needed — for example to transform parts of the decoded data, or to provide default values for certain keys — the standard Codable API starts to become really verbose. It also doesn’t take advantage of Swift’s robust type inference capabilities, which produces a lot of unnecessary boilerplate.

That’s what Codextended aims to fix.


Codable already comes with support for custom date formats through assigning a DateFormatter to either a JSONEncoder or JSONDecoder. However, requiring each call site to be aware of the specific date formats used for each type isn’t always great — so with Codextended, it’s easy for a type itself to pick what date format it needs to use.

Previously: Even More About Swift’s Codable.