Archive for September 5, 2013

Thursday, September 5, 2013


The New York Times (via Nicolas Seriot):

Beginning in 2000, as encryption tools were gradually blanketing the Web, the N.S.A. invested billions of dollars in a clandestine campaign to preserve its ability to eavesdrop. Having lost a public battle in the 1990s to insert its own “back door” in all encryption, it set out to accomplish the same goal by stealth.

The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.

The N.S.A. hacked into target computers to snare messages before they were encrypted. And the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.

Update (2013-09-06): Nate Anderson:

More practically, it will probably lead to increased spying, as other nation-states and hackers exploit the ways that NSA has degraded Internet encryption. Backdoors create security breaches exploitable by unintended users—remember the Athens Affair? A built-in backdoor meant for law enforcement was accessed by others to spy on some of Greece’s top leaders.

Bruce Schneier:

By subverting the internet at every level to make it a vast, multi-layered and robust surveillance platform, the NSA has undermined a fundamental social contract. The companies that build and manage our internet infrastructure, the companies that create and sell us our hardware and software, or the companies that host our data: we can no longer trust them to be ethical internet stewards.

Matthew Green:

Bruce Schneier, who has seen the documents, says that ‘math is good’, but that ‘code has been subverted’. He also says that the NSA is ‘cheating’. Which, assuming we can trust these documents, is a huge sigh of relief. But it also means we’re seeing a lot of (2) and (3) here.

Bruce Schneier:

With all this in mind, I have five pieces of advice […] My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent to assume that foreign products also have foreign-installed backdoors. Closed-source software is easier for the NSA to backdoor than open-source software.

Even though Mac OS X uses OpenSSL, etc., it counts as closed-source since you aren’t compiling it. And if you were….

The Gatekeeper and the Keymaster

A few more thoughts on Apple shutting down OmniKeyMaster:

  1. I’ve re-read the Mac App Store Review Guidelines, particularly rule 2.21 and section 7, and it seems clear that none of the existing rules forbid what The Omni Group was trying to do.
  2. Omni, one of the highest-profile Mac developers, and a regular on the Mac App Store top-grossing list, announced its plan in January. Yet apparently no one from Apple said anything until a week after OmniKeyMaster shipped, wasting months of development time and confusing customers.
  3. That said, I doubt anyone is really surprised by Apple’s reaction or timing.
  4. It is surprising how many people seem to think that this was all a creative Omni ploy to screw its own customers.
  5. In-App Purchase is not a solution. The people suggesting that don’t understand how it works.
  6. Ken Case writes: “We will continue to ask Apple to support upgrade pricing in the App Store, and I would encourage others to do the same[…].” I don’t think the solution is a Radar. Apple has known all along that developers wanted this. Lacking support for paid upgrades is not an unimplemented feature request; at some point you have to conclude that it’s a deliberate business/design decision, however misguided.
  7. The Mac App Store still makes a lot of sense for games and little apps, but it’s an increasingly bad fit for applications. Sandboxing, the unpredictable review process, Apple’s cut, no trials, and the lack of any kind of support for upgrades (even helping customers migrate to a 2.0 SKU) make purchasing there a second-class experience in many respects. Access to iCloud is looking less like the carrot that I thought it would be.
  8. This is not to say that the Mac App Store is a failure, but it could have been so much better. It’s sad that Apple is botching it unnecessarily.

Matthew Guay:

You’d think that Apple would try its hardest to make developers want to switch to the App Store — and in some ways, they have. They’ve made it relatively simple today for anyone to sell apps on the Mac without having to worry about license keys and payment providers, and regularly give incredibly valuable promotion to apps the App Store team loves. But, at the same time, their policies like sandboxing requirements have made some apps impossible to sell on the App Store, such as the aforementioned TextExpander, and their insistence on either offering upgrades to apps as free updates or full new products have frustrated any number of developers.

Federico Viticci:

This is strange, because a number of similar tools (made by other independent developers) already exist on the Internet and they have been letting customers generate standalone licenses for several months. Perhaps Apple just didn’t like that a name such as The Omni Group had found a way to make the process so easy? Was The Omni Group’s tool built in such a way that it broke some Apple rules? Did The Omni Group think OmniKeyMaster would be okay because other solutions existed? Is Apple going after similar solutions as well?

Update (2013-09-05): Mark Bernstein:

The update is worth a lot because there’s very little risk. You already use the program all the time; the update will improve your environment slightly every day. You load the program three times a day; those saved seconds from the load time and the prevented crashes add up. They’re money in the bank. The value of a modest upgrade to a program you use a lot is actually greater than the expected value of the initial purchase.

Update (2013-09-11): Ken Case:

While depressed software pricing may make the platform more attractive in the short term (and Apple can make up for their own software losses with increased platform sales), over the long term it discourages developers and consumers from ever investing in high-end software solutions. I suspect the lack of this flexibility may be one big reason why we don’t find apps like Modo and Mathematica in the App Store.

Structured PDFs From Microsoft Word

John C. Welch:

Well, with Acrobat XI, there’s FINALLY an improvement there. The feature is back, and the PDFs created from it are so much better than what they were. Best of all, you can do the conversion via drag and drop. Drag a Word file onto Acrobat and a few seconds later, you have a PDF that is a pretty damned good representation of the document. You do have to have Office 2008 or 2011 on your system, because Acrobat XI is using AppleScript for this. (I know, I know, it is a shock. Do sit down for a minute if you need to.)

This was previously only possible with the Windows version of Acrobat.

Yahoo’s New Logo

Marissa Mayer:

I’m not a pro, but I know enough to be dangerous :)

So, one weekend this summer, I rolled up my sleeves and dove into the trenches with our logo design team: Bob Stohrer, Marc DeBartolomeis, Russ Khaydarov, and our intern Max Ma. We spent the majority of Saturday and Sunday designing the logo from start to finish, and we had a ton of fun weighing every minute detail.

Armin Vit:

So, the stunt was mostly just a stunt but it worked in creating expectation and giving Yahoo some momentum into launching its logo. The problem is: the result did not deliver. Showing mildly venturesome graphic approaches throughout the 29 days gave me hope that there would be something radically cool at the end of the process. There wasn’t.

Daniel Jalkut:

This is not how any company, big or small, cherished or unknown should design a company identity. The more I read about Yahoo!’s process for this redesign, the less respect and confidence I have in them. […] It’s that point of gullible disbelief where one starts to look around for hidden cameras. Are we being punked?

The new logo isn’t awful, but it isn’t great, either. The video does show a grid with lots of circles.

Update (2013-09-06): Oliver Reichenstein:

This post is not about the technical quality of the logo. I am not writing about brand design, but about brand management. This is about a simple rule: Brand design follows brand management, not the other way around.


Yes, we could have done a lot of different things besides throwing 29 disparate high school lettering projects on the internets for a month to see if anyone cared. But that would have required adult supervision for design and, honestly, we don’t care that much.

Glenn Fleishman:

Designing for mathematical consistency ignores three related factors: that identical widths and shapes appear differently to the eye in different combinations within a letter or glyph; that identical shapes blend together and are harder to differentiate across words and lines; that letters in a typeface are placed alongside each other, and one must adjust to deal with common juxtapositions.

Update (2013-09-20): Marissa Mayer defends the new logo (via Brand New).

Keyboard Maestro No Longer in the Mac App Store

Peter N. Lewis:

[Given] Apple’s continued stance on refusing apps which cannot be sandboxed (which includes any app that tried to provide better functionality for Apple apps like: Finder, AppleScript Editor, Automator, Xcode, Terminal, Activity Monitor, Dock or Time Machine!), and given their continued stance against paid upgrades (which breaks the feedback loop so that the developer is never working for existing customers, only for other users not currently using a version of the application), it was clearly time to for Keyboard Maestro to exit the Mac App Store, and the latest message from Apple to Omni has confirmed that.


It really is a shame that Apple has chosen this course, excluding or limiting some very powerful applications, and perhaps they will eventually change their minds, but until then we will do our best to continue developing and enhancing Keyboard Maestro outside the Mac App Store, and probably be joined by an ever growing number of quality applications.