Archive for August 2013

Friday, August 30, 2013

How the Dropbox Datastore API Handles Conflicts

Guido van Rossum:

The Dropbox server stores the full list of changes for each datastore, and the state (a.k.a. snapshot) of a datastore can be obtained by executing the entire list of changes, in sequence, starting with an empty datastore.


When the server rejects a delta, it also sends the list of deltas that will take a datastore from the device's current revision to the latest revision seen by the server. In this example that's just the same delta that the server received earlier from device A. It is then up to device B to resolve the conflict and send the server an updated delta representing its resolution of the conflict.


If you’re familiar with the theory of Operational Transformation (OT), you might be surprised that the server doesn’t even attempt to resolve conflicts. We use OT-style conflict resolution on the client, but leave the server to simply serialize requests. This allows conflict resolution to be defined by the client — your app — giving you more freedom than traditional approaches (which usually require that the rules for conflict resolution be fixed).

Part 2:

For field collisions we look at the type of the modifications and the resolution rule set for the field. We also distinguish between local and the remote changes. When resolving a conflict between two changes, one is always designated the local change: this is the one that hasn’t been accepted by the server yet (in the first example above, this is “x:=1”). The change that was received from the server is called the remote change (in the example, “x:=2”). The difference is important because remote changes may already have been observed by other devices. This is also the reason why “remote” is the default rule (see below).

Thursday, August 29, 2013

CoreText Bug Allows Specific String to Crash Apps

Matthew Panzarino:

A bug in Apple’s CoreText rendering engine in iOS 6 and OS X 10.8 causes any apps that try to render a string of Arabic characters to crash on sight. The string of characters which can trigger the bug — which was discovered yesterday and has spread around the hacking and coding community — has made its way to Twitter, where even looking at it in your timeline will crash the app.


The characters were discovered and posted on a Russian site yesterday morning. The site claims that Apple has known about the problem for ‘six months’ and has not reacted. There is some evidence of the string appearing on Twitter back in February. The posting includes a request to click the crash report button on any apps affected and report it to Apple.

Sounds like this bug, though it’s in a different OS subsystem. It’s apparently fixed in Mavericks and iOS 7.

ArsTechnica and Hacker News have additional coverage.

Update (2013-09-08): Chris Williams explains the buffer overrun (via Nicolas Seriot):

If we open libvDSP (located deep within the /System/Library/ filesystem hierarchy of your computer) in the rather handy reverse-engineering tool Hopper, we can look at the compiled machine code that blew up. See the screenshot below: the faulting instruction 117462 bytes in, or 1cad6 in hex, is highlighted.

Update (2013-09-13): This seems to be fixed in Mac OS X 10.8.5.

New YouTube Logo

Armin Vit:

I’ve never been a fan of the YouTube logo. It’s fine and much less annoying than most of the start-ups that went on to dominate the internet (i.e., PayPal, eBay, Google, etc.) so I have no qualms in seeing it go away. In exchange, they are establishing their big play button inside its own recognizable shape as the main identifier for YouTube, which is a perfect strategy since every time you watch a YouTube video it’s the first thing you see. It’s similar to Twitter going with the blue bird.

I don’t like the skinny type, though.


Lukas Mathis:

Nowadays, Mac analysts have a similar obsession with Nintendo. The logic goes a bit like this: Nintendo is doing poorly because Apple and Samsung own the market for portable devices. If only Nintendo stopped making hardware and published their games for iOS instead, surely, it would do much better.

Update (2013-08-30): Federico Viticci:

Saying that Nintendo should shut everything down, go home, and start making games for iOS is an easy but flawed solution that just isn’t supported by the facts.

Update (2013-09-02): John Siracusa:

At the tail end of the GameCube’s life, Sony had sold many times more consoles and games than Nintendo over the course of a decade. Should Nintendo have started writing games for the overwhelmingly dominant Sony platform? Would that have helped Nintendo achieve Wii-like success? I don’t think so; no amount of software alone could have done that.

Update (2013-09-04): John Gruber:

That, to me, is how I wish Nintendo saw iOS gaming. It might not kill Nintendo’s own console platforms any more than The Mickey Mouse Club killed Disney’s feature film business. And if Nintendo’s hardware platforms are doomed, I think they’re doomed no matter what. Nintendo producing iOS games isn’t going to accelerate the demise of DS handhelds. Better to get a foothold in the new world as soon as possible, to do it before it’s too late.

Lukas Mathis:

The criticisms levelled against the DS and the Wii were exactly the same ones Gruber now levels against the current Nintendo consoles. But Nintendo is at its best when it doesn’t try to compete with other devices on the market, and often at its worst when it does. Nintendo is not competing on hardware. It’s competing on entertainment value.


I’m sure Nintendo wants the 3DS to sell better than the DS, and the Wii U to sell better than the Wii. Fortunately, Nintendo doesn’t need every console to sell 120 million units. Nintendo is a small company. It only has 5000 employees. It doesn’t need to be the number one videogame hardware maker to sustain itself.


Most of this whole discussion is based on the expectation that Nintendo will continue (and must continue) being as dominant as it was during the Wii/DS years. But these years were a fluke. Nintendo never did that well before, and possibly won’t do that well again. Fortunately, it doesn’t have to.

Update (2013-09-06): Lukas Mathis:

It’s always seductive to take a single aspect of a company, and view that company’s whole history through that lens. It’s also usually wrong. But it’s surprising how well it works in this particular case. «Lateral Thinking with Withered Technology» seems to correlate quite well with Nintendo’s ups and downs. Whenever Nintendo produced videogame systems that used established technology in surprising ways, it did well. When it tried to compete on specs, it did poorly.

Update (2013-09-08): John Gruber:

Here then, I can put my finger precisely on where Mathis and I disagree. Because I think this is nearly as applicable to video game consoles — portable ones in particular — as it is for BlackBerrys. People do not want to carry extra devices. It’s that simple.

Lukas Mathis:

I don’t think most people buy portable gaming systems with the intention of regularly carrying them in their pockets. I don’t think they ever did. I don’t remember knowing even a single person who routinely carried a portable gaming device in his or her pocket.

Update (2013-09-14): Lukas Mathis:

With historical data, you can’t do this type of experiment. But you can get close. If the Wii’s sales pattern truly is unusual, and mainly caused by the «post-PC era», then the following things should be true[…]

Redesigning Instapaper on the Web

Grant Custer:

When I got the opportunity to redesign the Instapaper website my goal was to do justice to the service Instapaper provides. In the FAQ quoted above, Marco referred to the “information-skimming, speed-overload mode” we often enter while surfing. I think of Instapaper as a place I can go to take a break from that mode, and I wanted the design of the website to signal and support that break.

There’s much to like in the new design, but one problem is that there seems to no longer be a way to quickly send a series of articles to the Archive. The button only appears when you move the cursor, so you can’t just keep clicking in the same place like with the old design. This is a problem because the “Archive All” link in the Kindle edition has been intermittently broken for me for a few months. Instapaper doesn’t keep track of what it’s already sent to the Kindle, so I have to manually clean it out after each mailing.

Update (2013-09-14): I continue to have problems with the “Archive All” link not working, saying that the link is invalid. However, it is now possible to double-click on the Web site to successively archive individual articles.

Wednesday, August 28, 2013

Blind 1.0

Blind is “a 1x Web browser for Retina displays” (via John Gruber). The developer says it’s more accurate than Safari’s “low-resolution mode,” which I guess refers to the awkward setting in the Get Info window. There’s also a bookmarklet to send the current page in another browser to Blind. There’s no trial, but it’s only $3 in the Mac App Store. After purchasing, I discovered that it doesn’t support AppleScript and uses Control-Command-U rather than the standard Command-L to focus the URL text field.

The Man Who Invented Modern Probability

Slava Gerovitch (via Hacker News):

Kolmogorov drew analogies between probability and measure, resulting in five axioms, now usually formulated in six statements, that made probability a respectable part of mathematical analysis. The most basic notion of Kolmogorov’s theory was the “elementary event,” the outcome of a single experiment, like tossing a coin. All elementary events formed a “sample space,” the set of all possible outcomes. For lightning strikes in Massachusetts, for example, the sample space would consist of all the points in the state where lightning could hit. A random event was defined as a “measurable set” in a sample space, and the probability of a random event as the “measure” of this set. For example, the probability that lightning would hit Boston would depend only on the area (“measure”) of this city. Two events occurring simultaneously could be represented by the intersection of their measures; conditional probabilities by dividing measures; and the probability that one of two incompatible events would occur by adding measures (that is, the probability that either Boston or Cambridge would be hit by lightning equals the sum of their areas).

I hadn’t heard of Nautilus Quarterly before. It looks interesting.

The Creation of Missile Command

Alex Rubens:

One of the biggest changes made because of reactions gathered during a standard field test was the removal of a light-filled panel on the Missile Command cabinet above the player’s head. This panel displayed flashing lights that served as status indicators for each of the in-game bases, but during the field test, Theurer found that it distracted players too much. “They kept looking up to check the status lights and stuff, so we just chopped off the whole top of the cabinet and saved ourselves a whole lot of money and it didn’t hurt the gameplay any,” says Theurer.

Cocoa NSError Conventions

Cédric Luthi:

Follow Cocoa conventions for methods without parameters returning errors, i.e. xxxAndReturnError:(NSError **)error instead of just xxx:(NSError **)error.

The Cocoa APIs are inconsistent and use both patterns. Sometimes the error parameter is an NSError, other times an NSDictionary.

I dislike the ambiguity of -save: and the verbosity of -saveAndReturnError: (which, incidentally, returns a BOOL), so in my own code I’ve been using names like -saveError: (which has its own problems…).

Highpoint RocketStor 5212 Thunderbolt Dual Drive Dock


At peak, the drive pair transferred just over a gigabyte per second, much faster than the USB 3.0 version. With the Thunderbolt dock and hard drives, the speed of the transfer will generally be limited to the media, and not the bridge board as is common with lesser devices. The Thunderbolt version of the dock trumps both the USB 3.0 and, surprisingly, edges out the SATA-3 version of the dock, which, in theory, is capable of 12Mbit per second transfers.

Thunderbolt is daisychainable interface, much like Firewire before it. The 5212 dock has a solitary Thunderbolt port, making it either the last device on the chain, or only one.

This sounds good, but it’s $219, compared with $48 for the USB 3 version, though that requires two ports and apparently doesn’t let the drives spin down. I wonder whether the Thunderbolt version shares that problem.

I’ve been using several $38 Newer Technology Voyager S3s. The performance is good, but despite powering them with a Smart UPS and connecting them directly to the MacBooK Pro (no USB hub), I’ve had lots of problems with the drives spontaneously unmounting during backups.

Microsoft’s Build System


The way that Microsoft builds software hasn’t been discussed much, but it’s worth an in-depth look because if you can’t build software effectively then you can’t make it good. You can get fit and polish on a product far more easily if you can turn it around and get rapid feedback, and Microsoft’s process here is broken.

Aligning Zoomed Images in Aperture 3

Joseph Linaschke has an old tip that’s new to me:

If you hover the mouse over any part of one of the images when you tap the Z key, Aperture will zoom into that point—but only for that image. If you are careful to have the mouse not pointing at any part of any image when you tap the Z key, then all images will zoom to the center. Great.


If you shift-click-drag on the white square inside the navigator, alignment will stay as-is. If you shift-click-drag outside the white square, then all images will align to the spot you clicked on. Perfect!

Marissa Mayer: An Unauthorized Biography

Nicholas Carlson:

In the end, it proved to be an advantage for Mayer that empathy doesn’t come naturally to her. It forced her to be intentional about figuring out what users want and how they behave.

She came up with two clever methods of relating.

The first is that she would recreate the technological circumstances of her users in her own life. Mayer went without broadband for years in her home, refusing to install it until it was also installed in the majority of American homes. She carried an iPhone at Google, which makes Android phones, because so did most mobile Web users.

Mayer’s second method was to lean on data. She would track, survey, and measure every user interaction with Google products, and then use that data to design and re-design.



OmniKeyMaster is a simple app that finds App Store copies of Omni apps installed on your Mac, then generates equivalent licenses from our store - for free. This gives Mac App Store customers access to discounted pricing when upgrading from the Standard edition to Professional, or when upgrading from one major version to the next. Another benefit: since they don’t have to wait in an approval queue, our direct releases sometimes get earlier access to new features and bug fixes. OmniKeyMaster lets App Store customers access those builds, as well.

Note: While OmniKeyMaster lets you take advantage of upgrade pricing in the Omni store, it does not entitle to you to an App Store version of the upgraded app. Due to Apple’s App Store rules, the only way to get a Mac App Store copy of an application is to pay full price.

Presumably this is secure because the actual license is generated by their server. I wonder what happens if multiple Macs try to generate licenses for the same Mac App Store purchase.

Update (2013-09-04): Apparently Apple put an end to this customer-friendly idea. Ken Case:

So long as we continue to sell our apps through the Mac App Store, we are not allowed to distribute updates through other channels to apps which were purchased from the App Store.


We certainly thought it would be allowed when we made it available last week! (And when we announced the plan in January.)

Principles of Reactive Programming

Coursera is offering what looks like an interesting course (via Hacker News):

The aim of the second course is to teach the principles of reactive programming. Reactive programming is an emerging discipline which combines concurrency and event-based and asynchronous systems. It is essential for writing any kind of web-service or distributed system and is also at the core of many high-performance concurrent systems. Reactive programming can be seen as a natural extension of higher-order functional programming to concurrent systems that deal with distributed state by coordinating and orchestrating asynchronous data streams exchanged by actors.

One of the instructors is Erik Meijer, creator of the Reactive Extensions (Rx) C# library.

Converting Pointers to C++ References in WebKit

Andreas Kling:

It exposes unnecessary null checks by turning them into compile errors.

C++ doesn’t let you null check references, so you have no choice but to remove them. This is awesome, because it means smaller and faster code, both binary and source wise. The CPU doesn’t have to spend time checking if the object is really there, and you don’t have to spend time worrying about what to do if it isn’t.

CODE Mechanical Keyboard

WASD Keyboards and Jeff Atwood introduce the CODE keyboard:

Ultra-rare Cherry MX Clear mechanical keyswitches are the heart of the CODE keyboard. These switches are unique in the Cherry line because they combine solid actuation force with quiet, non-click activation, and a nice tactile bump on every keystroke. These hard to find switches deliver a superior typing experience over cheap rubber dome keyboards – without deafening your neighbors in the process.


On the CODE keyboard, up to six keys can be pressed at once, which is known as 6-Key USB Rollover. Furthermore, Ctrl, Alt, and Shift do not count towards these six keys, making it possible to to hold up to nine keys simultaneously – sufficient for even the most arcane keyboard shortcuts.


On the CODE keyboard, the Fn key replaces the Menu key (provided you’ve enabled it via the switches on the back of the keyboard), and moves the media shortcuts to the navigation cluster. This configuration allows you to comfortably and logically access multimedia shortcuts with one hand – pressing Page Up to turn up the volume just makes sense.

Notably, it does not support Bluetooth.

I was a longtime fan of the Apple Extended Keyboard II. Then I used the Matias Tactile Pro and Kensington Studioboard Mechanical Keyboard for a time but found problems with both of them. For the last five years or so, I’ve been using the aluminum Apple Keyboard and Apple Wireless Keyboard. I like how the latter has the exact same layout as the internal keyboard on my MacBook Pro. The key action is great, and I no longer miss the mechanical keyswitches. Still, I’m curious what the CODE is like.

Tuesday, August 27, 2013

Purchasing From the Kindle App

Phil Schiller (via Hacker News):

I just watched a new Amazon Kindle app ad on TV. […] While the primary message is that there are Kindle apps on lots of mobile devices, the secondary message that can’t be missed is that it is easy to switch from iPhone to Android.

Steve Jobs:

The first step might be to say they must use our payment system for everything, including books (triggered by the newspapers and magazines).

Which is exactly what they did. This exchange makes it sound as though Apple’s motivation was to limit users’ flexibility rather than making it easier for them to buy content (as some people had suggested at the time). However, I don’t see how this makes actually makes it more difficult to switch to Android. I guess that’s what iBooks is for.

Finder: Paste Item Exactly

Kyle Sluder notes that if you hold down the Option and Shift keys, the Finder’s Edit menu changes Paste to “Paste Item Exactly.” I think this was added in Mac OS X 10.7. It prompts for an administrator password and preserves the original file’s ownership and permissions. Super User says that it does not preserve access control lists (ACLs), though.

Researchers Reverse-Engineer the Dropbox Client

Michael Kassner:

In their paper Looking inside the (Drop) box, Dhiru and Przemyslaw get right to the point:

“We describe a method to bypass Dropbox’s two-factor authentication and hijack Dropbox accounts. Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented.”

Dhiru and Przemyslaw accomplished this by reverse engineering the Dropbox client. That may not seem like much, as reverse engineering is a common practice. What made their effort unique was figuring out how to reverse engineer the client even though it was an obfuscated application written in Python.

Butterick’s Practical Typography

TidBITS on Butterick’s Practical Typography:

Typographer Matthew Butterick, who helped design fonts for Apple, Microsoft, and others, has released an exceptional online book, called “Butterick’s Practical Typography,” that is a must-read for anyone who works with text. The book revolves around a few simple rules that will dramatically improve your understanding and implementation of typography.

Monday, August 26, 2013

Showing Duplicate Messages in Apple Mail

Since Mac OS X 10.6, Apple Mail has hidden duplicate e-mails. It uses a loose definition of “duplicate,” which can consider two messages to be duplicates even if both their headers and body differ.

This has caused problems for me when dealing with mailing lists. For example, if a message is sent both to me and to the list, it’s hard to tell from what Mail shows whether I was sent a private reply or whether everyone on the list saw the message.

It can also cause problems when archiving e-mails or moving them between mail programs. Most people would expect the number of messages in a mailbox to stay constant. However, if you archive e-mails from Mail to EagleFiler, you may end up with what looks like too many messages in EagleFiler. And if you use Mail to import from EagleFiler, it may look like some of your messages were lost. In both cases, the right number of messages are there, but you can’t see that because Mail isn’t showing all of them.

Fortunately, there is a hidden preference to tell Mail not to hide the “duplicate” messages. You can just enter this command in Terminal:

defaults write AlwaysShowDuplicates -bool true

Apple also says that you can adjust Mail’s preferences so that when you click on a message it shows links to the duplicates. However, this does not seem to work reliably for me, and it’s only for individual messages. It won’t help you see how many messages are really in a mailbox.

Update (2020-01-25): On macOS 10.10 and later, the command is:

defaults write _AlwaysShowDuplicates -bool true

NSStatusItem Icon Sizes

Alastair Houghton (via Shane Stanley):

Unless I’m missing something, Apple has remained silent on this topic, and hasn’t provided any guidance at all. Further, the NSStatusBar’s -thickness method, which is supposed to return the height of the status bar, appears to always return 22. Which is a lie.


So, to fill this dearth of information, I thought I’d do some measurements. I’m using the Messages icon, the Time Machine icon, the Bluetooth icon and the Input Menu icon as my references for my measurements; these icons are all provided by the system and they’re all of a consistent size and alignment, so this seems to make sense.

Saturday, August 24, 2013

1Password 4.0 Preview

Dan Moren:

The app’s under-the-hood implementation has seen some updates as well, with a re-architected browser extension that’s written in native Cocoa. AgileBits promises that the extension is identical on every browser, and it includes some new features of its own, like quick access to your favorites.

It’ll be interesting to see how that works. I’m not a fan of the titlebarless window.

Codesign Is Given Bad Designated Requirements When Using Precompiled Info.plist

Chris Liscio (via Craig Hockenberry):

When I use a precompiled Info.plist file with a #ifdef block contained within, codesign is invoked with an incorrect set of designated requirements for the binary.

Wednesday, August 21, 2013

New iTunes Affiliate Program


We’re introducing a new affiliate platform partner, PHG, which will support the Affiliate Program’s expansion to more countries and provide improved reporting tools. If you are currently participating in the Affiliate Program in the United States, Canada, Mexico, Japan, Australia, or New Zealand, you will now be supported by this new platform. To continue earning commissions without interruption, set up a new affiliate account and update all existing links by October 1, 2013. Join now or learn more.

David Smith:

Overall I think this is a massive improvement from the LinkShare system.

I never liked the LinkShare URLs, and I’m not really a fan of the iTunes ones, either. So I’ve been using an Apache .htaccess file to create friendlier links. For example:

RedirectPermanent /store/mac-app-store/eaglefiler

This redirects through LinkShare to the Mac App Store. Fortunately, this means that there’s a central place to update all the links. I also use this approach to create true permalinks in my apps for certain sites that often break their page URLs.


Tomer Shiri’s NanoProfiler let’s you “measure a function’s runtime without adding a single line of code to the original function” (via ManiacDev). It’s implemented using TheWrapper, his library that uses the Objective-C runtime to add pre-run and post-run blocks to a method. I like the idea, though his method of calling the original IMP does not seem correct for methods with different types of arguments and return values. At the moment, I can’t think of a fully reliable way to do that, though.

Long-Term Web Hosting


In his “Suicide Preface,” Manley wrote that he has prepaid Yahoo to host both his sites — “Martin Manley: My Life and Death” and “Sports In Review” — for the next five years, the longest amount of time for which he was allowed to pay in advance. He added, “Whether it gets extended beyond that is up to others.”

After his death, Yahoo took down the sites, citing a clause in the terms of service where the user agrees not to:

a. upload, post, email, transmit, or otherwise make available any Content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another’s privacy, hateful, or racially, ethnically, or otherwise objectionable;…

Leaving aside the controversial topic of suicide, a Slashdot commenter notes that:

The Yahoo terms of service clearly state that their hosting contracts are non-transferable and end upon death. With the contract ends Yahoo’s obligation to keep publishing the content.

It’s worth checking your hosting contract if you’ve written anything online that you would like to remain available after your death. Ideally, Web pages would remain available forever, as part of the historical record, but this does not seem to be simple, even if you’re willing to pre-pay.

Update (2013-08-28): Kirk McElhearn:

Apple’s iCloud Terms and Conditions do state that:

“You agree that your Account is non-transferable and that any rights to your Apple ID or Content within your Account terminate upon your death.”

From C Declarators to Objective-C Blocks Syntax

Nils Hayat:

In this post, I start with the simplest C declarator and build in complexity until we get to Objective-C blocks syntax. It took me a while to get block syntax but once you understand how it is organized and where it comes from, there is no looking in Google every time you need to declare a block anymore.

Update (2013-08-30): See also

Hollow Icons

Aubrey Johnson:

Icons without this empty core are processed as definite and only the outer lines are processed. Depending on the outline of the shape, this happens pretty fast. No matter the shape, though, the hollow icons take more time to process.

I’m not familiar with the science behind this, but it certainly rings true to me.

Update (2014-06-23): Curt Arledge (via Khoi Vinh):

As a graduate student in human-computer interaction and a UX intern at Viget, I saw an interesting opportunity to test Johnson's claim with evidence from real users. To find a definitive answer to the question of whether hollow icons require more cognitive effort for users, I created a web app that measures users’ speed and accuracy in selecting icons with different visual styles. By studying the data from more than a thousand test participants, I found that hollow icons are not necessarily less usable than their solid counterparts. However, the results are actually a bit more complicated.

See also the full paper (PDF).

CheatSheet Is Leaving the Mac App Store

Stefan Fürst (via Bradley Lin):

After one year and over half a million downloads CheatSheet has to be removed from the Mac App Store.

CheatSheet uses the Accessibility API to read the menus of the current application. To make this work the user has to turn on support for Assistive Devices.

The Accessibility API doesn’t work in the sandbox.

The Pumping Lemma, The Pigeonhole Principle, and Differentiating Languages

Robin Houston (via @CompSciFact):

I hate the Pumping Lemma for regular languages. It’s a complicated way to express an idea that is fundamentally very simple, and it isn’t even a very good way to prove that a language is not regular.


It’s easy enough to see that any derivative of a regular language is again regular: taking a derivative just corresponds to changing the start state in a deterministic automaton. By the same argument, any regular language has only a finite number of different derivatives.

Just Delete Me

Robb Lewis introduces

JustDelete.Me is a directory of urls to delete your account from web services. (Yes, I am aware how terrible that description is. If you’ve got a better one, let me know). Services are marked either easy, medium or hard depending on how difficult it is to delete that account. Those marked as hard have additional information on how to completely remove your account, such as Skype which requires you to contact customer services to do so.

Saturday, August 17, 2013

Jekyll on iOS: When Benign Apps Become Evil

Thomas Claburn:

“Jekyll apps do not hinge on specific implementation flaws in iOS,” the paper explains. “They present an incomplete view of their logic (i.e., control flows) to app reviewers, and obtain the signatures on the code gadgets that remote attackers can freely assemble at runtime by exploiting the planted vulnerabilities to carry out new (malicious) logic.”

Assembling malicious logic at runtime avoids detection by reviewers and by automated methods of static analysis, a way to analyze program code without actually executing the instructions.

The full Usenix paper is available here.

An Apple Bibliography

Chris Espinosa recommends some books about the history of Apple.

Static JavaScript Apps

Dave Winer:

I wish that every company that makes a server with an API would read this document, and do the work that Dropbox did to be friendly to static JavaScript apps.

Basically, it should be possible to write a static JavaScript app that talks with your platform without requiring a server app acting as a proxy. That means either having CORS set for it, or using JSONP.

Editorial 1.0

Federico Viticci reviews Editorial for iPad, the new text editor from Pythonista developer Ole Zorn:

Editorial is a text editor that supports Markdown, syncs with Dropbox, and comes with “accessory panels” to access a preview of documents (converted from Markdown to HTML), a Python console and scratchpad, a documentation viewer, and a web browser for quick research.

Editorial supports Dropbox versions, TextExpander snippets as well as its own abbreviation system, it comes with a powerful URL scheme, and – the core aspect of the app – it lets you automate text editing and communication with other apps through a workflow systems that is reminiscent of Automator and combines built-in actions with the possibility of running Python scripts. Editorial can be used to “just take some notes”, but it truly shines when the browser and workflows are put to good use for research purposes and to automate writing and editing in Markdown.

Thursday, August 15, 2013

Lavabit Architecture

Todd Hoff:

With Lavabit shutting down under murky circumstances, it seems fitting to repost an old (2009), yet still very good post by Ladar Levison on Lavabit's architecture. I don't know how much of this information is still current, but it should give you a general idea what Lavabit was all about.

Mining for API Trivia

Andy Lee:

The dsidx file is a Core Data store containing information about API symbols and where they are documented. Each symbol has a token type indicating whether it’s a class name, a macro name, etc.


The same technique applied to the 10.8 docset reveals the function name IOBluetoothOBEXSessionCreateWithIOBluetoothDeviceRefAndChannelNumber. Its length is only 68, so iOS wins with MFMessageComposeViewControllerTextMessageAvailabilityDidChangeNotification (74), assuming there isn’t an error in the database or in my admittedly shaky SQL.

Use Headphones to Snap Shutter on iOS Camera

Kirk McElhearn:

An article on TUAW today pointed out something I didn’t know: you can use Apple earbuds to snap the shutter on an iOS device when taking pictures. The article mistakenly says that you must snap the Volume + button; both volume buttons work for me.

Regular People Have No Idea How to Manage Photos on Their iPhone

Bradley Chambers (via John Gruber):

Also, photo stream needs to be reversed. Apple should store ALL photos/video taken with your iPhone and just store the most recent 1000 (or 30 days) locally on the device.

He then writes:

The kids born 2010 and beyond (when the iPhone camera actually got good), will have a ton of pictures taken of them. Parents largely don’t have a digital workflow that allows for backup, usability, and long term storage. Apple has always prided itself on making technology for regular people. This is a problem that regular people need solved. Photo storage and backup needs to be automatic and so easy that it’s nearly impossible to screw up.

I like the idea in theory. But trust your photos to the company that shut down MobileMe Photo Gallery?

Gumbo: A C library for Parsing HTML

Google (via Jonathan Tang):

Gumbo is an implementation of the HTML5 parsing algorithm implemented as a pure C99 library with no outside dependencies. It’s designed to serve as a building block for other tools and libraries such as linters, validators, templating languages, and refactoring and analysis tools.

Repairing Permissions Is Useless

Rosyna Keller (some years ago):

Repair Permissions won’t touch any files in any of the user’s home folders since can’t target user folders specifically, only any folder or a specific path, and there are no packages in ~/Library/Receipts/. The only way it’d ever touch any files in a user’s folder is if you installed something that let you explicity select a folder to install in (there are very few of those, none are available from Apple publically) and you chose a folder inside your user’s folder. The receipt would still be installed in /Library/Receipts/ and it would only affect the user that installed it. It also won’t fix permissions for any files that were created during the normal (or abnormal) use of OS X. This means it won’t touch any cache files, database files, swap files, or settings files not created by the installer. If a file isn’t listed in a receipt, it doesn’t exist to the repair permissions process. It’s really as simple as that.

In my experience, file and folder permissions get messed up all the time, just not the ones that Repair Permissions can fix.

The cedilla in this blog post’s host name is also a good test for your URL-handling code. My RSS reader app wasn’t able to open it, nor was the Open URL system service.

Update (2013-08-21): Thomas Brand:

Starting Mac OS X v10.6 and later, Disk Utility doesn’t even look in the /Library/Receipts/ directory when you Repair Disk Permissions. All it does is reset the Base Systems disk permissions back to the default as specified by version of Disk Utility you are using.


Philip Langdale (via Edward Loveall):

πfs is a revolutionary new file system that, instead of wasting space storing your data on your hard drive, stores your data in π! You’ll never run out of space again - π holds every file that could possibly exist!

Wednesday, August 14, 2013

Broken Flickr Links

Chuq Von Rospach:

If you link up to Flickr images, and then make a change, even if you re-upload in place. I understand the technological reason behind it, but I also know that they could create permanent redirects and route all of those links through those, just like, oh, does. But they haven’t, and if you’re someone who has a tendency to go in and rework images, well, Flickr can become a bucket of pain. The good news: a good link tester spider wandering your site will find these. The bad news: you have to actually understand the phrase I just wrote.

iPhoto ’11 Deemphasizes Content

Glenn Reid:

The mantra for iPhoto 1.0 was essentially that the user interface should disappear — photos are something you look at, so you want a very visual interface, with more photo, less UI.  This is the balance that is largely missing in iPhoto '11.  There is much more UI, and a lot less Photo.

And apparently the creator of iPhoto is another Snow Leopard fan.

Inside an Amazon Warehouse

Dave Smith (via Jens Alfke):

By storing items randomly instead of categorically, the warehouse has a much better flow of material. Even without robots or automation, Amazon can compile a “picking list” that locates where each item needs to be taken off the shelf and scanned again before it can be shipped.

The real advantage to chaotic storage is that it’s significantly more flexible than conventional storage systems. If there are big changes in a product range, the company doesn’t need to plan for more space, because the products or their sales volumes don’t need to be known or planned in advance if they’re simply being stored at random.

Furthermore, free space is much better utilized in a chaotic storage system. In a conventional system, free space may go unused for quite a while simply because stock is low or there aren’t enough products to begin with. Without any kind of fixed positions, available shelf space is always being used.

WebKit’s srcset Image Attribute

Dean Jackson:

WebKit now supports the srcset attribute on image (img) elements (official specification from the W3C). This allows you, the developer, to specify higher-quality images for your users who have high-resolution displays, without penalizing the users who don’t. Importantly, it also provides a graceful fallback for browsers that don’t yet support the feature.

I’d like to see this (or the CSS equivalent -webkit-image-set) supported in FancyZoom.

Update (2013-08-22): There’s an interesting discussion of this on Hacker News.

AMBER Alert Usability

Craig Hockenberry:

Unlike all other notifications on my iPhone, I couldn’t interact with the alert. There was no way to slide the icon for more information or tap on it in the Notification Center to get additional information. […] But I was also seeing a lot of people on Twitter whose response to the confusion was to ask how to turn the damn thing off. And since AMBER Alerts aren’t affected by the “Do Not Disturb” settings, a lot of people went to Settings > Notification Center so they wouldn’t get woken again in the future.

Update (2013-08-29): Lex Friedman:

The biggest risk is that iPhone owners (and owners of other smartphones with WEA support) will disable Amber Alerts because of the annoyance factor. And yes, you can disable the alerts if you don’t want to see (and hear) them: Go to the Settings app, choose Notifications, and scroll all the way down.

I just turned it off after being woken up at 3 AM by an Amber Alert for a flood warning that didn’t actually affect my area. It was apparently not even significant enough to show up in my weather app.

WebKit Binary Size Speed Boost

Benjamin Poulain:

The memory locality of the instructions affects the CPU caches; the more the code is spread out, the more time the CPU cores are waiting for something to do. Typically, we want to reduce the number of cache misses, being from the instruction-cache, TLB, page faults, etc. Since cache sizes and memory speeds do not increase as fast as our binaries are growing, we cannot count on new hardware to compensate. We need to address the issue in software.

The Pronunciation of European Typefaces

Ralf Herrmann:

So you’re an expert in typography? But do you pronounce Frutiger’s typeface Univers like the English word “universe”? Then you got it wrong. Here are some popular European typefaces and their proper pronunciation in German, French and Italian.

Apple’s Evolving View of “pro”

Ken Segall:

Obviously, the pro market has value for Apple, even if its numbers are relatively small. Pros are opinion leaders, influencers and evangelists. Their love of Apple shows up in the purchase decisions of friends, family and colleagues.

So Steve ultimately renewed his commitment to the pros—but he never said that this commitment wouldn’t evolve. Clearly Apple has changed its thinking about the pro market, and how it can best serve its pro users.

I’m just an amateur photographer, running Aperture on a Mac with 16 GB of RAM and an SSD, and after about half an hour it gets so slow that I have to reboot. I run into bugs nearly every session. I don’t know how the pros deal with this and other issues like dropping support for Final Cut Pro’s data format.


Even today, some Web sites don’t have RSS feeds, so Feed43 is a “free online service converts any web page to an RSS feed on the fly”:

Feed43 engine converts free-form HTML or XML documents to valid RSS feeds by extracting snippets of text or HTML by means of applying search patterns, and then joining these snippets together using output templates to form user-friendly content of feed's items. The principle of extracting specific data from source documents is also known as “HTML scraping”.

Backblaze, Arq, and External Drives


Backblaze works best if you leave the external hard drive attached to your computer all the time. However, Backblaze will backup external USB and Firewire hard drives that are detached and re-attached as long as you remember to re-attach the hard drive at least once every 30 days. If the drive is detached for more than 30 days, Backblaze interprets this as data that has been permanently deleted and securely deletes the copy from the Backblaze datacenter. The 30 day countdown is only for drives that have been unplugged. There is no countdown for local files.

If you are going on vacation for a long time, you can shut down your computer with the external drive attached. Backblaze does not detect that the external drive has been unplugged and won’t start the 30-day countdown. You can then leave your computer off and unplug your external drive for six months, and Backblaze will still keep all your files backed up including those on your external drive. When you come back from vacation, make sure to plug your external drive back in BEFORE you turn your computer on.

When an external drive is plugged back in, it may take Backblaze a minute or two hours to schedule the files on the external drive to be backed up online.


If the drive isn’t mounted, Arq just skips it.

I’m planning to use Arq to back up one of my external archive drives to Amazon Glacier. After considering the trade-offs, it seems to make sense to put this in a different backup set than my primary and auxiliary drives. I discussed this with Arq’s developer, and it sounds like it will be able to handle multiple current backup sets for the same Mac, although only one of them can be active at a time.

Update (2013-11-08): Using multiple Arq backup sets on the same Mac seems to not be as smooth as I’d hoped. For example, it does not always retain the proper S3 budget when switching between them.

Adding More Objective-C Literals to Clang

Stuart Carnie in 2012 (via Ole Begemann):

Truthfully, I’ve wanted an excuse to hack on Clang and this seemed small enough in scope to achieve in a day.  I threw out the idea of NSURL literals being represented by a @@ prefix, so the following line would compile:

NSURL *url = @@""

The Influence of Organizational Structure on Software Quality

Nachiappan Nagappan et al. (via Graham Lee):

In our case study, the organizational metrics when applied to data from Windows Vista were statistically significant predictors of failure-proneness. The precision and recall measures for identifying failure-prone binaries, using the organizational metrics, was significantly higher than using traditional metrics like churn, complexity, coverage, dependencies, and pre-release bug measures that have been used to date to predict failure-proneness. Our results provide empirical evidence that the organizational metrics are related to, and are effective predictors of failure-proneness.

The full paper is available from Microsoft Research.

Update (2019-12-20): August Lilleaas (via Hacker News):

The distance to decision makers and the number of developers working on a project is clearly and unambiguously the issue that is the best predictor of future problems with a code base.


Another shocking discovery for me personally, is that the only one that I've actually used myself - code coverage - has the lowest recall. It has a high precision, so bad code coverage does mean a high chance of bugs, i.e. low amount of false flags. But with a low recall, there are lots of bug that code coverage doesn't actually catch.


In the replicated study the predictive value of organizational structure is not as high. Out of 4 measured models, it gets the 2nd highest precision and the 3rd highest recall. The study itself does conclude that organizational complexity as a bug prediction method is worth investigating further. The study is also based on individual functions in C/C++, and not entire modules like Microsoft Research did, which can be a reason for at least a part of the discrepancy.

How I Created the Iconic iPhone Sound

Kelly Jacklin (via James Thomson):

At some point, Jeff and I were chatting about his disc burning feature, and he said he needed some way to inform the user that the burn was done. DAS being a sound-making app, he wanted a sound to alert the user, something simple. Since I’m a hobbiest musician, and had a recording setup, I told him I’d tinker around and see if I could some up with something.


So imagine my surprise when the iPhone ships, and the default text message tone is… “158-marimba”, now going by the clever (and not actually accurate, from a music theory perspective) name “Tri-Tone”. Time goes by, and this sound becomes iconic, showing up in TV shows and movies, and becoming international short-hand for “you have a text message”…

Restoring Trust in Government and the Internet

Bruce Schneier:

Ronald Reagan once said “trust but verify.” That works only if we can verify. In a world where everyone lies to us all the time, we have no choice but to trust blindly, and we have no reason to believe that anyone is worthy of blind trust. It’s no wonder that most people are ignoring the story; it’s just too much cognitive dissonance to try to cope with it.

SnappyCam 3.0.2

John Papandriopoulos:

Today, we’re excited to introduce a groundbreaking update to SnappyCam: full-sensor capture up to 8 Mpx at an incredible 20 pictures/sec. That’s faster than any other mobile platform, including Android, and 4x faster than any other camera app on iOS.

Josh Constine:

To put the speed in perspective, SnappyCam is about 4X faster than the normal iPhone 5 Camera app, and more than twice as quick as the Samsung Galaxy S4’s 7.5 shots per second. Papandriopoulos claims that other iOS camera apps built for speed like FastCamera, Camera Awesome and Camera+ often degrade photos to 0.3-megapixel postage stamps when they try to get up to 30fps, and can only do around 4fps at full resolution.

On Hacker News, Papandriopoulos describes some of the JPEG work that he did in order to achieve these speeds. It’s a great app: you can essentially shoot full-photo-resolution video and then pick out the one frame where everyone simultaneously has open eyes and a smile.

Update (2014-01-04): Josh Constine (via Jordan Golson):

Apple has acquired the one-man photo technology startup SnappyLabs, maker of SnappyCam, sources tell me. The startup was founded and run solely by John Papandriopoulos, an electrical engineering PhD from the University Of Melbourne who invented a way to make the iPhone’s camera take full-resolution photos at 20 to 30 frames per second — significantly faster than Apple’s native iPhone camera.

Sounds good to me. SnappyCam worked faster than the built-in Camera app, but there was no way to make it replace the built-in app.

Xcode 5’s New XIB Format

Nils Hayat (via Mike Rundle):

It turns out that the xib files generated by Xcode 5 are of a completely new kind. It seems that Apple started from scratch with this and the changes make xib files finally usable in teams of all sizes for the first time.

It now looks more like a “regular” XML file format, rather than the output of an object serializer.

Squarespace and Third-Party Clients

I recently came across this old post from Daniel Jalkut:

It came as a surprise when Squarespace 6 was released earlier this year, that support for 3rd party editors such as MarsEdit was dropped from the service. I had some cordial correspondence with staff at Squarespace, who explained that because of the laudable flexibility of the new version, it’s difficult to provide access to the content with one of the standard blogging APIs that MarsEdit uses to connect to Squarespace 5 and dozens of other services. Of course, as a developer with customers who depend on this support, I was disappointed to learn this.

This came as a surprise to me. I’ve heard countless Squarespace podcast sponsor reads that extol the service’s flexibility without mentioning what a very sweet solution it is.

Xerox Scanners and  Photocopiers Randomly Alter Numbers

Yves Peters (via Mark Jason Dominus):

Apparently Xerox machines use JBIG2 for compression, an algorithm that creates a dictionary of image patches it considers similar. As long as the error generated by these patches is not too high, the machine reuses them instead of using the original image data. This also would explain why the error occurs when letters or numbers are scanned in moderate resolution, yet still readable for the human eye. When the letter size is close to the patch size of JBIG2, complete letters and even blocks of letters that look similar to the machine are replaced.

Type-Safe Scalars With Single-Field Structs

Mike Ash:

An interesting feature of C structs is that structurally-identical structs are still different types. […] This fact gives us the tool we need to create new types rather than simply creating new names for existing types.

And there’s no overhead at runtime.

Remembering the Apple Newton’s Prophetic Failure and Lasting Impact

Mat Honan:

The result of all that work was a completely new category of device running an entirely new architecture housed in a form factor that represented a completely new and bold design language. There was just one problem: handwriting. “We were just way ahead of the technology,” laments Capps. “We barely got it functioning by ’93 when we started shipping it.” Handwriting recognition was supposed to be Newton’s killer feature, and yet it was the feature that probably ultimately killed the product.

Don’t Plug Your Phone Into a Charger You Don’t Own

Neil J. Rubenking (via Hacker News):

It turns out that any device you connect with an iOS via the USB port can obtain your device’s Universal Device ID (UDID), as long as the device isn’t passcode-locked. It just takes a second, so if you plug in your device while it’s unlocked, or unlock it while plugged in, or just don’t have a passcode, Mactans can attack.

Using the UDID, it effectively claims your device as a test device using the team’s Apple developer ID. “The iOS device must pair with any USB host that claims it,” said Jang. “Any USB host that initiates contact, they cannot reject it. It doesn’t ask the user’s permission and gives no visual indication. The only way to prevent a Mactans attack is to lock your device before charging it and keep it locked for the entire time.” Once accomplished, the pairing is permanent.

They can then install invisible apps that bypass the iOS app sandbox.

Growl 2.1 and AppleScript Rules

Growl 2.1 adds a cool new feature (via TidBITS). Your script handler can look at the notification and change the display style, modify the notification, control the network forwarding, or suppress the notification entirely.


OCFWebServer (via Christian Kienle):

OCFWebServer is a lightweight, modern and asynchronous HTTP (version 1.1) server. It was forked from GCDWebServer and modified to fit the needs of and hopefully other people’s needs as well.


In OCFWebServer your request handler does not have to return anything immediately. OCFWebServer will pass the request and a block to your request handler. You call the passed block as soon you have created the response object and pass the block your response object. This can be done synchronously or asynchronously.

Using Dash With BBEdit

BBEdit Hints:

BBEdit lets you customize, on a language by language basis, what tool it uses to look up documentation. You do this in the BBEdit -> Preferences -> Languages panel. Use the + button to add a custom language preference for the language you want.

In the custom language screen, set the Reference Template URL to: dash://jquery:__SYMBOLNAME__.

Apple’s Shell Scripting Primer

Apple (via Jonathan Rentzsch):

You should read this document if you are interested in learning the basics of shell scripting. This document assumes that you already have some basic understanding of at least one procedural programming language such as C. It does not assume that you have very much knowledge of commands executed from the terminal, though, and thus should be readable even if you have never run the Terminal application before.

This looks surprisingly good.

Yojimbo 4.0

Yojimbo 4.0 replaces its MobileMe Mac-to-Mac syncing, not with iCloud, but with Wasabi Sync. Syncing has always been a core feature of Yojimbo, and think it’s a good move for Bare Bones to to control its own destiny here. However, one downside of this approach is that the subscription pricing for the cloud component is incompatible with the Mac App Store. As a result, instead of only being available from Apple’s store, Yojimbo is no longer available there at all.

Thursday, August 1, 2013

Bee Beta’s Bee, now in beta (via Hoà V. Dinh):

Bee is a connected task tracker for the Mac. It currently syncs with GitHub Issues, JIRA and FogBugz.

There’s also a local plugin which makes Bee behave like a traditional GTD or task manager application.

I’m still hoping to find a Mac client that I like better than the FogBugz Web site. This beta is still pretty rough, but it shows promise. It downloaded my cases quickly, and the interface, though non-traditional, feels smoother than some other clients I’ve tried. It also has easy integration with FogBugz’s timesheet, with a “start” button on each case and a menu bar widget that shows the current case and what you’ve worked on recently.

Making Money with In-App Purchases

Riccardo D’Antoni:

Making money with in-app purchases boils down to one question – why do we buy things?

I’ll give you a hint – it’s mostly about satisfying emotional and psychological needs. If you can understand how people think, you’ve got a leg up in your app – and that’s what this article is all about!

Or, if you’re using an app with IAP, you can see how you’re being manipulated.

Twitter and Synchrony

Miguel Rios and my former classmate Jimmy Lin recently published a paper titled “Visualizing the ‘Pulse’ of World Cities on Twitter”:

These examples aren’t new or noteworthy on their own, of course; we already understand these events. What is remarkable is that we can observe these phenomena just by analyzing Tweets from people around the world –– a method that can teach us more over time about humanity, countries and their cultures.