Tuesday, November 29, 2022 [Tweets] [Favorites]

Masto-Redirect

Federico Viticci:

At this point, you may be wondering: if someone has an account on a different instance, or posted something I want to reply to, how can I do this from my account on a separate Mastodon instance?

This is where my friend Jason Snell comes in: a few days ago, he shared a post in which he noted that the default method for redirecting a post or profile from another Mastodon instance back to yours is, well, somewhat convoluted. If you come across a profile or post from a different Mastodon server, you have to copy its original URL, go to your instance, manually paste it into the search box, find the result you’re looking for, and only then you can interact with it. That works, but it’s not intuitive, and I figured I could improve this aspect of the Mastodon experience with a shortcut.

Swift Mutating Functions and Property Observers

Christian Tietze:

I was under the (wrong) assumption that the mutating func needed to, well, somehow mutate the receiver of that method call, like change a property value. And that this in turn would be noted “somewhere”. Conversely, I was under the (wrong) assumption that a mutating func without any mutations inside would behave 100% like a regular, non-mutating function.

[…]

A pretty nice consequence is that you can use mutating func to change a reference type property inside a value type, and have references to the value type still know that it has changed:

Introduction to Move-Only Types in Swift

Tim Kientzle:

I thought it would help to have an informal sketch to help outline why move-only types are interesting, clarify a few subtle points (like what “move” really means), and briefly explain some of the issues we’ll need to tackle in order to bring this to Swift.

[…]

So the first step in bringing move-only support to Swift is to add operations with different lifetime-management behaviors. This will include constructs such as for borrow x in collection that let you iterate over the items in a collection without requiring an implicit copy and f(take x) that explicitly invalidates the local value as part of passing it into a function. We’re also exploring variations of these that would allow you to temporarily gain mutable access to a value. These would allow you to efficiently mutate an element “in place” in various scenarios, which is a useful optimization tool for copyable values and an essential prerequisite for move-only values.

[…]

By making Any a synonym for any Copyable, we can ensure that Any is itself always copyable at the cost of limiting it to only store copyable values. This redefinition would preserve the behavior of current code that uses Any. Of course, this means we need to introduce a new type that can hold any value whether it is copyable or not.

Previously:

Why Rosetta 2 Is Fast

Dougall Johnson (Hacker News):

Generally translating each instruction only once has significant instruction-cache benefits – other emulators typically cannot reuse code when branching to a new target.

[…]

Given these constraints, the goal is generally to get as close to one-ARM-instruction-per-x86-instruction as possible, and the tricks described in the following sections allow Rosetta to achieve this surprisingly often. This keeps the expansion-factor as low as possible. For example, the instruction size expansion factor for an sqlite3 binary is ~1.64x (1.05MB of x86 instructions vs 1.72MB of ARM instructions).

[…]

All performant processors have a return-address-stack to allow branch prediction to correctly predict return instructions.

Rosetta 2 takes advantage of this by rewriting x86 CALL and RET instructions to ARM BL and RET instructions (as well as the architectural loads/stores and stack-pointer adjustments). This also requires some extra book-keeping, saving the expected x86 return-address and the corresponding translated jump target on a special stack when calling, and validating them when returning, but it allows for correct return prediction.

[…]

The Apple M1 has an undocumented extension that, when enabled, ensures instructions like ADDS, SUBS and CMP compute PF and AF and store them as bits 26 and 27 of NZCV respectively, providing accurate emulation with no performance penalty.

Previously:

Rosetta 2 Won’t Let the Undead Die

Howard Oakley:

You might think that apps are either running or they’re not, but there are actually four different states a macOS ap can be in (in addition to those a user shouldn’t directly encounter, such as suspended).

[…]

Intel apps running with Rosetta translation […] appear to persist far longer in an undead state than on Intel systems. I’m unsure whether this is deliberate, to minimise the cost of loading them again should the user decide to open that app once more, or a passing phase. But if you run many apps in Rosetta which join the ranks of the undead, it could get inconvenient.

[…]

When napping apps are restored after a restart, they aren’t fully loaded and put into App Nap. Instead, macOS starts to load them and then stops at _dyld_start, so they only take around 8 KB of memory and don’t open any of their other files, such as frameworks. […] This can cause strange problems with some apps which you may leave running in App Nap. When in App Nap, they can be awoken by different events as well as the user bringing them to the front. When they’re in this stopped state, they have insufficient code loaded to respond to events which would normally wake them from App Nap, unless you manually wake them up after starting up.

See also: Felix Schwarz.

Previously:

Monday, November 28, 2022 [Tweets] [Favorites]

Palm Pilot Emulator

Sean Hollister (Hacker News):

Yes, I am playing Dope Wars on a Palm Pilot inside my iPhone. It’s thanks to The Internet Archive, which is once again launching a giant collection of software you can instantly play on any web browser, up to and including your touchscreen-equipped phone. There are currently 565 classic Palm apps in all, including games, widgets, and even free trials from both the greyscale and color eras.

And it’s more than just the individual apps, too: the entire Palm OS is loaded with each launch, including its full selection of default apps (like the calculator and memo pad) and a working Graffiti touchscreen writing system. I cannot emphasize this enough: you can reach out and touch a 1996 pocket computer with your 2022 pocket computer and it works like a charm. It’s a tiny interactive window into the pre-iPhone era, and what lived in the proto-App Store.

Previously:

TextKit Custom Truncation

Amy Worrall:

TextKit has the option to truncate the last line of text if there’s more text than will fit in the container. It does this by displaying an ellipsis. But what if you wanted to display something else to indicate truncation? (In my case, the string “See More”, which will function like a button.)

I tried and discounted a bunch of different approaches before coming up with something that worked. Let me take you on the journey.

Friday, November 25, 2022 [Tweets] [Favorites]

clipped() Doesn’t Affect Hit Testing

Ole Begemann:

The clipped() modifier in SwiftUI clips a view to its bounds, hiding any out-of-bounds content.

[…]

When you run this code, you’ll discover that the button isn’t tappable at all. This is because the (unclipped) square, despite not being fully visible, obscures the button and “steals” all taps.

[…]

The clipped() modifier doesn’t affect the clipped view’s hit testing region. The same is true for clipShape(_:). It’s often a good idea to combine these modifiers with .contentShape(Rectangle()) to bring the hit testing logic in sync with the UI.

Tumblr to Add Support for ActivityPub

Sarah Perez (via Hacker News):

Tumblr will add support for ActivityPub, the open, decentralized social networking protocol that today is powering social networking software like Twitter alternative Mastodon, the Instagram-like Pixelfed, video streaming service PeerTube, and others. The news was revealed in response to a Twitter user’s complaint about Mastodon’s complexities. Automattic CEO Matt Mullenweg — whose company acquired Tumblr from Verizon in 2019suggested the user “come to Tumblr” as the site would soon “add activitypub for interconnect.”

[…]

If Tumblr were to add ActivityPub support, it means users on Mastodon could follow Tumblr users’ posts from their own Mastodon instance — without having to use the Tumblr app. It could also provide Tumblr users with an entry point into the so-called fediverse without having to face some of the complexities that are involved with signing up for Mastodon for the first time.

Previously:

Outlining and Documents

Dr. Drang:

I’ve always had this silly belief that I should be able to convert an outline into the skeleton of a report (or a blog post or whatever, but it’s usually a report) more or less automatically and then flesh it out into a final product. This doesn’t work because, except for the items at the top-level, the various items and subitems in outlines don’t correspond perfectly to sections and subsections of a report. Some outline items are subsections, but most are paragraphs or lists within a subsection. There’s no general way of knowing what an outline item is; its level doesn’t offer enough information to slot it into the proper place in the report.

This has been an issue for me, too. I find outliners to be great for taking notes and for working on and rearranging ideas. But then there’s an inevitable break to get from there to get from there to the final output, if it is to be a document.

I confess this way of working still nags at me. Surely, the back of my brain says, there must be a way to avoid the repetition. But the front of my brain argues back that years of trying have never led to that magical solution. There’s no way to avoid the actual work of writing.

Aside from the repetition, it’s a one-way transformation. Once you’re in the document format, you lose the ability to do certain outliner things. Fortunately, most of my writing these days is in Markdown, reStructuredText, or HTML, and BBEdit has some tools for navigating and collapsing those structures.

You may be wondering how I can show Example.html on my iPad as I’m writing a report. Unlike Safari on the Mac, Safari on the iPad cannot open local files. There are two ways to get around this[…]

Previously:

Gitea Ltd. Takes Over Open Source Project

techknowlogick (Hacker News):

With Gitea reaching 6 years old, it is time to reflect on the past, and to look forward to the future. With over 14k+ commits, 1k+ contributors, 40+ maintainers, and 300M+ Docker Hub pulls, Gitea has come a long way.

Our most important goal is ensuring the long term success of the project. Over the years we have tried various ways to support maintainers and the project. Some ways we have tried include bounties, direct donations, grants, and a few others. We have found that while there have been many wonderful individuals, and a few corporations who have been incredibly generous, and we are so thankful for their support, there are a few corporations (with revenues that are greater than some countries GDP) are building on Gitea for core products without even contributing back enhancements. This is of course within the scope of the license, however prevents others from the community from also benefitting.

We’d like to announce that we have formed a company, Gitea Limited, to ensure the goals are met. Some companies are unable to contribute back to open source via sponsorship or code contribution. Many more cannot contract individuals due to internal policies. In creating this new company, we are now able to offer support to those companies who do want to give back.

Open Letter to Gitea (Hacker News):

With that in mind, you can understand our surprise when we learned on October 25th, 2022 that both the domains and the trademark were transferred to a for-profit company without our knowledge or approval.

Lunny Xiao:

In 2015, I created Gitea along with its domain, gitea.io and acquired gitea.com at the same time. Throughout the life of the project, I have always personally owned both domains. As it continued to grow, I additionally trademarked the name “Gitea” in order to protect the project’s brand.

[…]

To help ensure the operation and community decision-making of the Gitea project remains transparent and public, we’re exploring the use of different management models. One of the options we have been considering includes a decentralized autonomous organization (DAO). This method would allow us to have continued voting within our community (including votes from non-code contributors), help keep track of topics being voted upon and provides contributors with greater participation to have more votes. The DAO management model would also not mean the creation of a gitcoin or crypto token.

[…]

We want to be clear that Gitea will always be a community-built project that is open.

Christian Tietze:

So a company is formed to offer services as a means to fund maintenance; then the community of contributors and fans pushes back because the proprietary ownership doesn’t sit right with them.

[…]

The name, the domain, the trademark, that’s truly the powerful piece of an open source project. In short, it’s the brand. And even though every contributor can pack up and move to Forgejo, the brand is not moving with them.

Previously:

Wednesday, November 23, 2022 [Tweets] [Favorites]

Amazon Alexa to Lose $10 Billion This Year

Ron Amadeo (Hacker News):

Amazon is going through the biggest layoffs in the company’s history right now, with a plan to eliminate some 10,000 jobs. One of the areas hit hardest is the Amazon Alexa voice assistant unit, which is apparently falling out of favor at the e-commerce giant. That’s according to a report from Business Insider, which details “the swift downfall of the voice assistant and Amazon’s larger hardware division.”

Alexa has been around for 10 years and has been a trailblazing voice assistant that was copied quite a bit by Google and Apple. Alexa never managed to create an ongoing revenue stream, though, so Alexa doesn’t really make any money. The Alexa division is part of the “Worldwide Digital” group along with Amazon Prime video, and Business Insider says that division lost $3 billion in just the first quarter of 2022, with “the vast majority” of the losses blamed on Alexa.

[…]

Just about every plan to monetize Alexa has failed, with one former employee calling Alexa “a colossal failure of imagination,” and “a wasted opportunity.”

[…]

The report says that while Alexa’s Echo line is among the “best-selling items on Amazon, most of the devices sold at cost.”

It’s not clear to me how it’s losing so much money if they’re selling the hardware at cost. Are they spending that much on the associated employees and server resources?

Via John Gruber:

What is (was?) Alexa about, strategically? I’ve often heard that the vague idea was that people would buy Alexa devices for obvious stuff (playing music, setting timers) but that eventually they’d starting using Alexa to buy stuff from Amazon — and thus wind up buying more stuff from Amazon than they would if they didn’t have an Alexa device in their house.

I find Alexa kind of annoying because it’s always trying to sell us stuff. The product recommendations are unhelpful, and we don’t want to subscribe to anything beyond Prime. But we keep using it because for basic questions, kitchen timers, and free music it works so much better than Siri.

Eugene Kim:

Internally, the team worried about the quality of user engagements. By then Alexa was getting a billion interactions per week, but most of those conversations were trivial, commands to play music or ask about the weather. That meant less opportunities to monetize. Amazon can’t make money from Alexa telling you the weather — and playing music through the Echo only gives Amazon a small piece of the proceeds.

Nick Heer (Hacker News):

We are often told technology companies are reinventing the way many of us will purchase products, but I do not buy that narrative.

Previously:

Android Contact Tracing App Installed Without Consent

Hiawatha Bray (Hacker News):

A nonprofit law firm has filed a class action lawsuit against the Massachusetts Department of Public Health for allegedly working with Google to secretly install COVID-tracing software onto as many as a million smartphones.

[…]

Dozens of states issued such apps, including Massachusetts. But few people voluntarily used the Massachusetts version. According to the lawsuit, the state health department worked with Google to develop a version that was installed on all Android phones, without permission from the phone owner.

[…]

Android owners are given the choice of whether to activate the Massachusetts app. But the suit alleges that the app transmits and receives data through its Bluetooth radio even when it’s not activated. This data can be accessed by Google and by a variety of apps installed on Android phones, the suit claims. If enough data is collected from enough phones, data scientists can “de-anonymize” the information and figure out the identities of the phone users.

Jessica Lyons Hardcastle:

The Massachusetts app, according to the legal complaint, gave the public health department, Google, application developers, and others access to the device owners’ media access control addresses, wireless network IP addresses, phone numbers, contacts and emails, thus making these parties privy to the owners’ personal information, location and movement. If Android users discovered and deleted the COVID-19 tracer, the state’s health agency would reinstall it on their devices, the lawsuit alleges.

[…]

“In sum, DPH installed spyware that deliberately tracks and records movement and personal contacts onto over a million mobile devices without their owners’ permission and awareness,” the lawsuit claims [PDF]. “On knowledge and belief, that spyware still exists on the overwhelming majority of the devices on which it was installed.”

Previously:

Apple’s Device Analytics Can Identify iCloud Users

Tommy Mysk (Hacker News):

Apple’s analytics data include an ID called “dsId”. We were able to verify that “dsId” is the “Directory Services Identifier”, an ID that uniquely identifies an iCloud account. Meaning, Apple’s analytics can personally identify you[…]

Apple states in their Device Analytics & Privacy statement that the collected data does not identify you personally. This is inaccurate. We also showed earlier that the #AppStore keeps sending detailed analytics to Apple even when sharing analytics is switched off.

Sami Fathi:

On Apple’s device analytics and privacy legal page, the company says no information collected from a device for analytics purposes is traceable back to a specific user. “iPhone Analytics may include details about hardware and operating system specifications, performance statistics, and data about how you use your devices and applications. None of the collected information identifies you personally,” the company claims.

[…]

Apple has historically taken a hard stance on user privacy, repeatedly claiming it believes privacy is a “fundamental human right.” Apple’s privacy claims have been under increasing scrutiny in recent months, with the company now facing a class action lawsuit accusing it of tracking users without their consent.

Nick Heer (Hacker News):

Apple also refers to the DSID by other names, such as the “Apple User Account Identifier”, “Apple ID Number”, “Apple ID Reference Number”, and “Original Unique Identifier”. Based on my 2021 data request it is, as described, a proxy for a specific Apple ID. It identifies you with Apple’s services, including for things like marketing and communications efforts. I have a spreadsheet of the nearly nine hundred times me and my DSID ignored Apple’s attempts to upsell me on Apple One, a service which launched just thirteen months before I made this data request. I also have a list of all the times I contacted AppleCare and the same identifier is attached.

[…]

The researchers point to Apple’s Device Analytics & Privacy document where it says in the iOS Device Analytics section that “[n]one of the collected information identifies you personally”. But this does not pertain to Apple’s services which are covered by entirely different policies. Both the App Store and Apple Music say usage information is collected. These are not device analytics, they are services analytics.

[…]

In fairness, perhaps the Device Analytics toggle in Settings should be worded more clearly to indicate that turning it off will not opt out of store and services activity. I am also shocked by the granularity of information in these storefront analytics. It is relevant to Apple’s recommendation engine if I listened to an album or song and whether I finished it, but it is hard to see what value it has in knowing my track playback to the millisecond. I also think the identifier used by Apple’s services should be different than the Apple ID that is correlated with your device purchase history and support requests.

Ruffin Bailey:

That at first seems mostly like fair game info, doesn’t it? But if you say “I don’t want anyone tracking me,” I can understand why you don’t want and, what’s more, wouldn’t expect all of that pushed up into the pipe. As a developer, it’d be nice if Apple had to ask for that info the same as anyone else.

It certainly fails the Steve Jobs test:

Privacy means people know what they’re signing up for, in plain language, and repeatedly.

See also: Bruce Schneier, TidBITS Talk, Florian Mueller.

Previously:

iCloud for Windows Downloading Other People’s Photos

sleeping_ghost (via Hacker News):

iCloud for Windows is corrupting videos recorded from an iPhone 14 pro max resulting in black videos with scan lines. On rare occasions, it is inserting stills into videos from unknown sources, possibly other’s iCloud accounts. I’ve been shown photos of other people’s families I’ve never seen in my life, soccer games, and other random photos.

[…]

I have been able to replicate this bug on 3 different PC’s, 2 of which were running the latest version of Windows 11 pro, and the last running Windows 10 pro. I have tried on multiple other devices including an iPhone 11 Pro and an iPad.

[…]

I reported it to the apple security team and they told me it wasn’t a “security concern”!

extr0pian:

This happened to me during a Google Takeout export when I was degoogling in late 2019. I recall going through some photos from the earlier 2010’s and some random pictures of other people were popping up. About a month or so later I received an email from Google letting me know that some of my files may have been accidentally in other people’s exports. Since then, I stopped using apps like Google Photos and cloud storage in general.

Previously:

Mastodon URIs, Not URLs

Chris Hanson:

One of the annoying things about Mastodon is that it’s tough to share Mastodon links and have them open in your favorite app instead of in a web browser. This is due to the lack of a shared scheme or a shared server—which makes sense for a distributed/federated system, but doesn’t help its usability.

One thing the community should do is use a URI instead of a URL or a Twitter/AOL-style “handle” to refer to an account: A URI is a Uniform Resource Identifier that is resolved to a URL, which makes it easier to have all links to Mastodon accounts go to the user’s preferred app—and also enable the global namespace that ATP cares about so much.

Previously:

Tuesday, November 22, 2022 [Tweets] [Favorites]

Network Locations in Ventura

Rob Griffiths:

Apple, in their infinite wisdom, removed the Locations feature from the Network System Settings panel.

I use locations a lot, as they make it easy to switch between various network configurations. In my case, I have locations created that enable or disable my ad blocker, change my settings for when I’m on my VPN, one I need to use to set up my mesh router, and another for when I’m traveling. All of that seemingly gone.

[…]

But we do still have Terminal, and the locations code itself is still in macOS.

[…]

The key command is networksetup, and here are the relevant options from the man page[…]

Previously:

D2 Diagram Scripting Language

Terrastruct (via Hacker News):

D2 is a modern diagram scripting language that turns text to diagrams.

[…]

D2 is built to be hackable -- the language has an API built on top of it to make edits programmatically.

[…]

D2 is designed with language tooling in mind. D2’s parser can parse multiple errors from a broken program, has an autoformatter, syntax highlighting, and we have plans for LSP’s and more. Good language tooling is necessary for creating and maintaining large diagrams.

Text to Diagram:

Compare the syntax and renders of various languages that produce diagrams from text.

GraphViz has seemed fine to me, but:

This project has only 3 of its founders remaining as volunteer maintainers, and support is limited and may end soon. If you can help fund to a more formal foundation to continue this project, please contact north on graphviz org.

Sapling Source Control

Durham Goode (Hacker News):

Sapling is a new Git-compatible source control client.

Sapling emphasizes usability while also scaling to the largest repositories in the world.

[…]

We’ve spent the past 10 years building Sapling, a scalable, user-friendly source control system, and today we’re open-sourcing the Sapling client. You can now try its various features using Sapling’s built-in Git support to clone any of your existing repositories.

[…]

When used with our Sapling-compatible server and virtual file system (we hope to open-source these in the future), Sapling can serve Meta’s internal repository with tens of millions of files, tens of millions of commits, and tens of millions of branches.

Previously:

Managing Xcode Downloads

Craig Hockenberry:

Now that you know what Xcode is using, you’ll wonder where it’s getting the disk image. It’s located in a sibling directory: /Library/Developer/CoreSimulator/Images. That folder also contains an images.plist file that contains metadata for the disk images. There are only a handful of files there, but on my Mac they use 13 GB of disk space.

And up until a couple of hours ago, that folder contained 7 GB of data that was incompatible with the current version of Xcode. I had to delete these files manually.

[…]

In the end, this short post saved me 32 GB of disk space. If you’re developing for platforms other than the current iOS, you’ll likely see something similar. As time passes, you’ll need to manually keep an eye on this stuff: Xcode can’t clean things up for you because it has no idea what you need.

Black Friday 2022

My apps are on sale for Black Friday and Cyber Monday, and here are some other good app deals that I found:

Accessories:

Books:

Photos and Video:

Stores:

Lists of Deals:

Previously:

Please feel free to post any other deals that you find in the comments below, and I’ll incorporate them above.

Monday, November 21, 2022 [Tweets] [Favorites]

ReadKit 3.1

Balazs Varkonyi:

Smart Folders Are Back

These are folders that automatically update their content according to the search criteria you specify.

It can also send you notifications, and a unique icon can be selected for each one.

[…]

The text size of the feed and entry list can be customized separately.

[…]

In addition to the universal ReadKit Premium, separate lifetime plans are now available for iOS/iPadOS and macOS.

Previously:

Swift Pitch: Reflection

Alejandro Alonso:

I propose adding a new module to the Swift toolchain named Reflection that provides high level APIs for reflection in Swift. This makes use of reflective information that has always been available, but was never exposed as API until now.

[…]

[Mirror] works great, but there is a serious issue here in that it requires an instance of the type you want to introspect over.

[…]

Swift introduces a new module, Reflection, with a whole new suite of high level APIs that make working with reflection easier, more ergonomic, and provides developers with much more information than what they had.

Previously:

Mac Text Editing: Mark, Kill, Yank

Jesse Grosjean:

There isn’t much documentation of the macOS implementation. Much of the following behavior was discovered by experimenting with TextEdit.

[…]

When text is deleted by certain actions it gets added to the kill ring. By default the kill ring contains a single text entry. If you change the NSTextKillRingSize system default the kill ring can contain multiple entries.

[…]

Each app maintains a private kill ring. You can kill text in one view and then yank it into another view within the same app. You can’t kill or yank between apps.

Sunday, November 20, 2022 [Tweets] [Favorites]

Microsoft Brings Back SwiftKey for iOS

Sami Fathi:

In September, Microsoft said SwiftKey for iOS was being shut down and removed from the App Store for no clear reason. SwiftKey has been a popular alternative for iPhone users to Apple’s default iOS keyboard, leaving many disappointed by the decision. Now, a few weeks later, Microsoft says due to customer feedback, it is bringing the app back to the App Store.

Previously:

Viewing man Pages on Ventura

Armin Briegel:

Ventura’s Preview app lost the ability to render postscript or ps files. This breaks the previous, popular shell alias to open a man page in Preview.

[…]

Add this function to your shell configuration file: (bash, zsh)

preman() {
    mandoc -T pdf "$(/usr/bin/man -w $@)" | open -fa Preview
}

[…]

I prefer opening the ‘yellow’ man pages in Terminal app. You can do so by entering a command in the Help menu, or by using the x-man-page URL scheme. In these yellow terminal windows, you can scroll and search in the text with command-F. You can also do a secondary click (right/ctrl/two-finger click) on any word and it will offer to open that man page in the context menu.

Previously:

StopTheMadness Font Substitution

Jeff Johnson:

My web browser extension StopTheMadness is updated today in the iOS App Store and Mac App Store. The biggest change is a new font substitution feature! Thanks to John Gruber of Daring Fireball for inspiring the feature and for linking to my blog post a few weeks ago. The blog post described how the custom style element feature of StopTheMadness can add @font-face rules to web pages in order to substitute one font for another. But that’s all very technical, requiring the user to write CSS. The “Fireballing” generated a lot of feedback requesting a simpler way to substitute fonts on the web, so I started work on that immediately, and now the feature is available! It works in all web browsers supported by StopTheMadness: Safari for iOS, Safari for Mac, Firefox for Mac, and Google Chrome for Mac (as well as all Chromium browsers).

Previously:

FORCEDENTRY Sandbox Escape via NSExpression

Ian Beer and Samuel Groß (back in March):

It’s clearly a serialized NSKeyedArchiver. Definitely not what you’d expect to see in a JBIG2Bitmap object. Running strings we see plenty of interesting things[…]

[…]

NSPredicates using the FUNCTION keyword are effectively Objective-C scripts. With some tricks it’s possible to build nested function calls which can do almost anything you could do in procedural Objective-C. Figuring out some of those tricks was the key to the 2019 Real World CTFDezhouInstrumenz challenge, which would evaluate an attacker supplied NSExpression format string. The writeup by the challenge author is a great introduction to these ideas[…]

[…]

Prior to iOS 14.5 the isa field of an Objective-C object was not protected by Pointer Authentication Codes (PAC), so the JBIG2 machine builds a fake Objective-C object with a fake isa such that the invocation of the dealloc selector causes the deserialization and evaluation of the NSFunctionExpression. This is very similar to the technique used by Samuel in the 2020 SLOP post.

[…]

Perhaps the most striking takeaway is the depth of the attack surface reachable from what would hopefully be a fairly constrained sandbox.

Previously:

Friday, November 18, 2022 [Tweets] [Favorites]

Fred Brooks, RIP

Dag Spicer (Hacker News):

Legendary computer architect Fred Brooks passed away today. Brooks led the team creating the timeless IBM System/360 mainframe architecture as well as development of OS/360.

See also:

Jason Crawford:

His work on operating systems at IBM gave us the 8-bit byte.

Brooks was also the manager who approved Ted Codd’s PhD—which enabled him to invent the relational database.

John Carmack:

I have read The Mythical Man Month three times. Some of the wisdom really is timelessly applicable to creative human effort, but software development did escape much of Brooks’ pessimism with large scale open source component reuse.

Previously:

OmniFocus 3.14.1 for Mac

The Omni Group:

  • Conflict Errors — Navigating between fields via the tab key no longer triggers unnecessary edit conflict alerts.
  • Custom Perspectives — Fixed a bug that could cause unexpected filtering in some upgraded v2 custom perspectives.
  • Keyboard — Fixed a bug that could block tab key field navigation on macOS 13 Ventura.

This fixes some really annoying keyboard issues when running on Ventura, although I’m still seeing some weirdness where Tab sometimes skips over the Project column.

Swift Proposal: Function Back Deployment

SE-0376:

Unfortunately, developers who wish to both distribute an app compatible with toasterOS 1.0 and also adopt makeBatchOfToast(_:) must call the API conditionally to account for its potential unavailability[…]

[…]

Considering that the implementation of makeBatchOfToast(_:) is self contained and could run unmodified on toasterOS 1.0, it would be ideal if the ToastKit authors had the option to back deploy this new API to older OSes and allow clients to adopt it unconditionally.

[…]

Proposed solution: Add a @backDeploy(before: ...) attribute to Swift that can be used to indicate that a copy of the function should be emitted into the client to be used at runtime when executing on an OS prior to a specific version.

Previously:

Redirect Web for Safari

Jason Snell:

It turns out I didn’t need to make my own extension, because Manabu Nakazawa made one. It’s the free ($4 to unlock all features forever) Safari Extension app Redirect Web for Safari.

Nakazawa’s app lets you match URL patterns and redirect them to other patterns. That’s it. You can set your own patterns (using a simple wildcard system or a more powerful but complicated set of regular expressions) and even sync them with your other devices via iCloud. (The app is available for both macOS and iOS.) (If you don’t use Safari, maybe check out the Redirector plug-in instead.)

Previously:

Thursday, November 17, 2022 [Tweets] [Favorites]

Google Paid Blizzard to Stay on Play Store

Florian Mueller:

The world now knows that in January 2020, Google signed a three-year agreement with Activision Blizzard King (“ABK”), “pursuant to which Google agreed to pay ABK approximately $360 million” in order to dissuade Activision Blizzard from creating its own Android app store. Three-hundred and sixty million dollars for not competing.

That number would be staggering under any circumstances, but it couldn’t have been revealed at a more important point in time: as antitrust authorities in the U.S. (Federal Trade Commission (FTC)), EU (Directorate General for Competition (DG COMP) of the European Commission), and the UK (Competition & Markets Authority (CMA)) have to make their next decisions on Microsoft’s acquisition of Activision Blizzard King. While Sony is the only vocal complainant, Google is also known to have been lobbying behind the scenes.

Previously:

Conservation of Tweets

Nick Heer:

The Times article ends on this curious exchange[…]

[…]

It makes absolutely no sense. Or, rather, it made no sense — until a few Twitter users realized that accounts which archive the deleted tweets of notable cryptosphere personalities would not be triggered if a new tweet was posted at the same time another was deleted. Bankman-Fried’s free jazz tweets is more likely an attempt to cover up his removal of over one hundred posts.

I assume the bots work this way because Twitter’s API, like its Web interface, is not very well suited to the sorts of things you’d want to do with older data. But surely there are already people poring over complete archives of his tweets to find the interesting ones, so it won’t make much difference.

Feedle: Blog Search With RSS Feeds

Brent Simmons:

Back in the days of yore, there were search engine services that 1) searched the blogosphere, and 2) let you subscribe to your searches via RSS. Each search query had its own feed.

[…]

[We’ve] just learned about a new one called feedle.

A Vision for Variadic Generics in Swift

Holly Borla:

The design and implementation of variadic generics is well underway. Equipping Swift with a set of features to enable variable-length abstraction will be done incrementally over multiple individual language evolution proposals. The first of these proposals has already been pitched as Value and Type Parameter Packs.

A vision for variadic generics in Swift discusses the overarching design for this set of language proposals. This will give you an idea of the bigger picture, how parameter packs provide the foundation for its future directions, and what sorts of use cases are ultimately supported by this design.

Previously:

Wednesday, November 16, 2022 [Tweets] [Favorites]

Xcode 14 Unintentionally Increases App Size

Max Topolsky and Josh Cohenzadeh (Hacker News):

Shortly after Xcode 14’s release, a number of iOS apps saw significant size increases. We first tweeted about observing a large spike in the Zillow iOS app. Zillow was not an isolated example.

[…]

The simple explanation is that bitcode optimizes production builds, partly by stripping binary symbols. Without bitcode turned on, Xcode build settings have to be changed to strip binary symbols.

So when Xcode 14 removed bitcode, a lot of apps lost that implicit build setting.

Previously:

Entropy of Big Distributed Systems

Gergely Orosz:

Scoop from within Twitter: small things are breaking, not enough engineers to fix them.

[…]

This is exactly what you’d expect when a large part of the workforce is laid off, another chunk quits, and those left are expected to ship new features as the #1 priority.

Hector Martin:

All large services and platforms are “built to be resilient”. But they are also extremely complicated, with countless internal interactions between microservices, configuration systems, load balancing and directing subsystems, networking fabrics, and more.

These systems are built to be reliable in the face of things like machine failures, or entire optional microservices going down. That’s not what will take Twitter down. Twitter will crash and burn when a complex interaction between systems goes wrong and causes a cascade failure.

[…]

People think of servers as things you can just reboot and be fine. That’s not how this works. If you rebooted every single $FAANG server simultaneously right now, all of $FAANG would be down for probably months. Or worse. And that’s with functional teams. This stuff is hard.

Dan Luu:

One thing that’s been interesting about recent events is seeing how people imagine big companies operate, e.g., people saying that Twitter is uniquely bad for not having a good cold boot procedure.

Multiple $1T companies didn’t or don’t have a real cold boot procedure.

Jon Luke:

In a complex system like Twitter or AWS, there is always a trade-off between doing failure automation work up front and incurring operational burden later on. It’s a decreasing ROI, and trying to automatically handle every possible failure case just isn’t worth it.

[…]

Yes, of course you try to threat model all possible failure modes. But then you only handle the 95% or so known/expected cases and don’t bother with the 5% unknown/rare cases. For those, you just throw smart humans at the problem once it arises.

Failures that seem only theoretical in a smaller system, like bit flips from cosmic rays, suddenly become very very real once you’re dealing with millions of servers and millions of rps. At that scale, you have to assume these things will happen.

[…]

The culture at AWS, for example, was hyper-aware from the beginning of circular dependencies and the need to cold boot, and it was always a big topic in any Principal-level design or operational readiness review.

Jaana Dogan:

Many executives fail to understand why tech companies are bloated. They are bloated because everything is held together with duck tape and “task force” teams. And it’s due to gross lack of funding when it comes to removing complexity and technical debt.

Eric Frohnhoefer:

Frankly we should probably prioritize some big rewrites to combat 10+ years of tech debt and make a call on deleting features aggressively.

Joshua Koudys:

Leave something poorly architected, and it can give you a hundred easy-to-fix issues a month. You fix those, you have great velocity, everyone celebrates the 10x engineer. Fix the fundamental problem, you get 1 ticket closed, they fire the low-velocity engineer.

Steve Streza:

Strongly recommend going to see the list of apps you rely on Twitter for single sign-on.

If Twitter burns to the ground, which looks increasingly likely, these are the apps that you used Twitter to log in to. Set up email backups on those accounts ASAP.

Previously:

Command Bars

Maggie Appleton (via Dan Grover):

Command bars are command-line bars that pop up in the middle of the screen when you hit a certain keyboard shortcut.

[…]

Rather than remembering which sub-sub-sub menu a function lives in, users need only remember its name.

They don’t even have to remember its exact name. Fuzzy search can help them find it by simply typing in similar names or related keywords.

I’ve long used LaunchBar as a universal command bar, but now some of the productivity apps that I use daily have their own versions with app-specific commands. In BBEdit, it’s Go ‣ Command… (Command-Shift-U). In Tower, it’s File ‣ Quick Actions (Command-Shift-A). And macOS adds a built-in command searcher to each app’s Help menu (Command-?). Part of the appeal is discovering new commands or quickly locating infrequently used ones, but I also find it useful for commonly used commands in an app where the convenient keyboard shortcuts are already in use.

Weathergraph 1.0.129

Tomas Kafka:

Open the full screen view to see six days at once. Press and hold the chart to read the exact conditions. Swipe down to close.

I like being able to see much farther ahead with the new full screen view. It’s also great that I can enter the mode with a button tap rather than having to toggle Rotation Lock, then rotate my phone, and then toggle Rotation Lock again when I’m done.

Weathergraph:

Weather service response time for Foreca vs. @Apple Weather. Apple seems to occasionally take up to 20 s to respond.

Previously: