Archive for January 16, 2014

Thursday, January 16, 2014 [Tweets] [Favorites]

Restoring the Default Set of Mac Fonts

fontrestore (via Charles Edge):

fontrestore detects fonts in /Library/Fonts, /System/Library/Fonts, and ~/Library/Fonts which are not part of the system install and moves them to /Library/Fonts (Removed), /System/Library/Fonts (Removed), and ~/Library/Fonts/Fonts (Removed) directories. Critical fonts required for operation of the user interface are also restored.

The Net Neutrality Endgame

Matt Drance:

It’s sad that this has come to an issue of courts and regulatory bodies. The real problem here is that there’s nowhere else to turn. There is no tangible consumer choice. The infrastructure is effectively monopolized. It will not be possible to vote on this with your wallets: you can submit, or cancel your service. But nobody’s going to stop using the Internet — certainly not in the kind of volume that would make a dent in policy.

Even a victory for network neutrality would not be an optimal solution. The price of forbidding the bad behavior is locking us into the less efficient common carrier model.

Associated Objects on Value Types

Greg Parker notes that one should not use objc_setAssociatedObject() to attach associated objects to immutable value-like types such as NSNumber, NSDate, and NSString. The reason is that, due to de-duplication and tagged pointers, the objects may be shared and/or immortal.

Git Choose Your Own Adventure

Seth Robertson (via Ned Batchelder):

This document is an attempt to be a fairly comprehensive guide to recovering from what you did not mean to do when using git. It isn't that git is so complicated that you need a large document to take care or your particular problem, it is more that the set of things that you might have done is so large that different techniques are needed depending on exactly what you have done and what you want to have happen.

The Lost Art of C Structure Packing

The Lost Art of C Structure Packing (by Eric Raymond):

There are ways to reduce memory usage significantly in situations like this, by rearranging the order of structure members in careful ways. This can lead to dramatic gains - in my case I was able to cut the working-set size by around 40%, enabling the program to handle much larger repositories without dying.

iOS Needs Frameworks

Landon Fuller:

Nearly six years later, we still don’t have a solution on-par with Mac OS X frameworks for distributing libraries, and in my experience, this has introduced unnecessary cost and complexity across the entire ecosystem of iOS development.

[…]

It’s been nearly 7 years since the introduction of iPhoneOS. iOS needs real frameworks, and moreover, iOS needs multiple-platform frameworks, with support for bundling Simulator, Device, and Mac binaries—along with their resources, headers, and related content—into a single atomic distribution bundle that applications developers can drag and drop into their projects.

Update (2014-01-29): Andrew Pontious:

The Dropbox SDK has a sample project in it which just has a single reference to the Dropbox.framework, both in the Project Navigator and in the “Link Binaries with Libraries” Xcode build phase. And while there is a custom framework search path in the project’s build settings, there’s no custom library search path or header search path. And the headers are available via the usual #import <Framework/Header.h> format.

Starbucks App Stores Passwords in Clear Text

Evan Schuman (via Sean Hollister):

The Starbucks mobile app, the most used mobile-payment app in the U.S., has been storing usernames, email addresses and passwords in clear text, Starbucks executives confirmed late on Tuesday (Jan. 14). The credentials were stored in such a way that anyone with access to the phone can see the passwords and usernames by connecting the phone to a PC. No jailbreaking of the phone is necessary. And that clear text also displays an extensive list of geolocation tracking points (latitude, longitude), a treasure trove of security and privacy gems for anyone who steals the phone.

Update (2014-01-17): Nick Arnott:

The Starbucks iPhone app, like many iOS apps, includes a crash reporting framework: Crashlytics. In addition to crash reports, Crashlytics is also able to provide custom logging and reporting for mobile apps. The issue that Wood uncovered is the Starbucks app is far too liberal in what information gets logged. Developers can choose to have certain events result in corresponding debug information being logged. For instance, if a request made to a server results in an error, the developer could have information pertaining to that error recorded, and then sent back to them in a log by Crashlytics.

In the case of the Starbucks app, the application is logging information that it shouldn't, like users' passwords. When a user signs up for a new account through the Starbucks app, all of the information for creating this account – email address, username, password, birthday, and mailing address – is temporarily logged to a file in the app.

Also, the app has now been updated:

With the update, all of the debug logging appears to have been disabled. While the old session.clslog file still originally appeared for iMore after the update, after restarting the Starbucks app the file was cleared out and left empty. After performing a number of actions in the app, such as signing out, signing in, failed login attempts, and creating a new user account, the session.clslog file remained completely empty.

Movie Code Blog

Rob Marvin on Source Code in TV and Films (via Slashdot):

Source code pops up on screens and in the background of television and movie scenes all the time, but one programmer finally paused a movie to figure out whether the code was accurate.

British programmer and writer John Graham-Cumming started a blog called Source Code in TV and Films on Jan. 3 after noticing that code used to reboot the futuristic space station in “Elysium” was actually taken from an instruction manual for Intel x86 processors.

For example, StarGate SG1:

In StarGate SG1: The Ark of Truth there is JavaScript source code taken from the web site of a Canadian bank.

Jurassic Park:

In Jurassic Park there is unknown but real looking source code (possibly for an SGI UNIX machine)

Strike Back:

In the TV series Strike Back (series 1, episode 5) the scrolling source code is WordPress JavaScript.

Terminator:

In the film Terminator, the HUD shows a listing of 6502 assembly language which appears to have been taken from an Apple II.

Numb3rs:

This code appears to be an example from the Addison Wesley book The iPhone Developer’s Cookbook by Erica Sadun.