Archive for September 2014

Thursday, September 25, 2014

Private API and Open Source

Kevin Walzer:

It’s hard for me to get past the absurdity of Apple’s position here. It’s simply baffling why one of the largest open-source projects they sponsor--WebKit--violates platform protocols by using private API’s, and apps directly bundling such code can’t be deployed on the platform’s major distribution channel, the Mac App Store. Wouldn’t it be better for Apple to open up these private API’s, make them public, and allow third-party developers to use them if necessary? WebKit’s use of these API’s dates back to the earliest days of the project; I found commit messages from 2002 that report their inclusion. Tk would certainly benefit if use of those API’s could be made legal. If a platform vendor’s private API is used in a vendor-sponsored open-source project, how truly private is the API? If Apple is going to be consistent here, shouldn’t WebKit remove these private API calls, and find another way to render browser windows in a smooth, crisp fashion?

In a way, it does make sense. Other core OS projects that Apple has open-sourced also use private API—that probably should stay private. But I agree that it would be nice to be able to ship a customized version of WebKit. And if a Web browser needs private API to get good performance, that’s probably also a code smell.

David’s Swift Dilemma

David Owens:

The v1.0 release of Swift has come and gone, and v1.1 is right around the corner. My thoughts so far can be summed up as this: the hype of Swift is over for me - I want my ObjC 3.0 language. I’ll keep trucking along in Swift for the projects I can, but at the end of the day, I’m, on the whole, fairly disappointed in the language.


I’ve tried many different projects with Swift from algorithms to data structures to solutions for working with structured data like JSON; pretty much everything short of a full-blown app. Around every corner I’ve been met with frustration due to design limitations, bugs, performance issues, poor debugger support, and what ultimately comes down to design choices. It’s this last group that has me the most disheartened.


I don’t just dislike the concept of generics, I hate the extremism that generics forces onto your code. Once you move to generics in your code, you, by definition, give up an extreme amount of flexibility in your code base. In exchange, you are supposed to get back improvements in type safety, code reduction, and performance. What no one talks about though, is the cost to write that code, to debug that code, and to understand that code, especially as generic systems get more and more “feature rich”.

It’s a shame that the introduction of Swift means that we will probably not see much more modernization of Objective-C. I think there is a lot more that could be done there. Plus, the benefits would be available much sooner.

Wednesday, September 24, 2014

Apple Releases 8.0.1, But Don’t Update Yet

Josh Centers:

A number of iPhone users are reporting that the update breaks cellular connectivity and Touch ID.


If you’ve already installed the update and are experiencing these issues, your only recourse until Apple releases a corrective update is to restore your device back to iOS 8.0. iMore has instructions on how to do that.

Jason Snell:

Apple has pulled the 8.0.1 update. An un-updated iPhone 6 Plus is now reporting that iOS 8.0 is up to date.

Objective-C Drops vtable Optimization

Paul Stevenson:

In the last open-sourced objc runtime release, objc4-551, support for vtable dispatch was removed, and the clang options for supporting it have been mostly disabled.

Quinn “The Eskimo!”:

My understanding is that the optimisations that were done as part of the ARC effort eliminated the performance advantages derived from vtables.

Paul Stevenson:

You mean something like that retain/release/autorelease were three of the most important vtable selectors, and they’re mostly now not called via method dispatch since objc_retain()/objc_release()/etc short-circuit to the NSObject implementations for almost all objects?

I would guess that’s what Quinn meant, and this raises some questions:

  1. Does non-ARC code now see performance regressions, since the frequently used reference counting selectors are no longer optimized in this way?
  2. Why aren’t other common selectors worth the seemingly small cost of the vtable?
  3. If regular cached dispatch is fast enough that it isn’t worth using vtables, why is Apple discouraging message passing on performance grounds?

In-App Browsers Considered Harmful

Craig Hockenberry:

How many apps on your iPhone or iPad have a built-in browser?

Would it surprise you to know that every one of those apps could eavesdrop on your typing? Even when it’s in a secure login screen with a password field?


There is always a tradeoff between usability and security. Doing the OAuth token exchange with an in-app browser makes it easier for a user to login, but they’ll have no idea if their personal information was captured. That is why Twitterrific did its token exchange in Safari, even though it’s a more complex user interaction and a more difficult technical implementation. As a user, I know that there’s no way for my login to be compromised when the transaction involves Safari.

Unfortunately, Apple’s current App Review policy does not agree with this recommendation or with Twittterrific’s previous implementation. This is why our update for iOS 8 was delayed—it was the first time since the launch of the App Store that we haven’t had a new version on release day.

Update (2014-10-09): Guy English:

Less tapping around and not leaving the app? Yes. That’d be a good thing. It appears, however, that Apple rejected this application because it strove to do the right thing for users over the long term — establish a level of trust and transparency vetted through Apple’s own web client for the platform.

Just Avoid Sitting in That Way

It’s hard to know how serious a problem this is. Is there really a difference compared with the 5s? How much of it is due to user error: applying unreasonable forces to the phone and not using common sense in how and wear to store it? I never would have been comfortable putting an iPhone in my back pocket, but millions of people have done this for years, so they expect it to keep working. How much of the problem is Apple not designing and testing the phone to stand up to the ways they know people will try to use it? Would a slightly thicker design have prevented these problems? I have seen some reports saying that similar-sized Android phones are less susceptible, but no one seems to have measured yet.

Russell Holly:

You aren’t holding it wrong this time, but there’s a good chance your pocket might be doing terrible things to your iPhone 6 or iPhone 6 Plus. Owners of these new gadgets are reporting serious warping issues after the phones have done little more than sit inside a pair of pants.

Mark Gurman:

According to reports, the iPhone 6 is slightly bending beyond repair while in pockets. Some users say that the bending occurred after normal sitting, while other people have had more active lifestyles. Unfortunately, it does not appear that Apple will replace these more fragile-than-expected units at no cost. Some users are reporting that replacement costs are in the hundreds of dollars range.

Kelly Hodgkins:

As highlighted in a few reports shared in the MacRumors forums, a small but growing number of iPhone 6 Plus owners have reportedly bent their phones after carrying the devices in their pockets just days after launch. In one instance, a new iPhone 6 Plus was bent during a day of dancing, dining, and driving to a wedding.

Andrew Cunningham:

It’s worth noting that many phones, including the older iPhone 5 and 5S, have been known to bend occasionally—Cult of Mac has a nice roundup with plenty of examples. The question at this point is whether these reports of bending and warping iPhone 6 and iPhone 6 Plus units are isolated incidents or if, like the iPhone 4’s antenna problems, the issue is endemic to the new design.

Caitlin McGarry:

The common cause seems to be sitting for hours on end with the phone in your pocket.

Dr. Drang:

Today’s controversy is about the (permanent) bending of some iPhone 6 Pluses. Given that the iPhone 5 and 5S could both bend, it shouldn’t be surprising that the longer and thinner iPhone 6 and 6 Plus would bend, too. Apart from the geometric factors, the property that’s most important in determining the load at which the phone starts to take on a permanent bend is the yield strength of the aluminum frame. The yield strength is the highest stress for which a material will spring back to its original shape when the stress is removed. It is the boundary between elastic and plastic behavior, and is almost always one of the strengths that govern the design of metal structures.

As of today, if you do a Google image search on “iphone bend,” the results will be dominated by photos of the 5 and 5S. I assume that’ll change over the next few days.

Dr. Drang:

Plastic bending strength varies with the square of the thickness, all other things being equal. 7% thicker ⇒ 14% stronger. Still…

… I doubt that’s the reason for more bent phones. More likely that the loads are higher because the phone rides higher, spanning…

… the hip joint as it sits in your front pocket.

John Gruber:

Maybe this is why Samsung makes their big-ass phones out of plastic.

John Gruber:

I cannot believe that this “bent iPhone 6 Plus” thing is becoming a thing.

Update (2014-09-25): Daisuke Wakabayashi (via Serenity Caldwell):

Since going on sale Friday, Apple said only nine customers have contacted the company about a bent iPhone 6 Plus—the larger and more expensive of its two new iPhones.

Update (2014-10-10): Will Smidlein:

The iPhone 5S that has been in my pocket for the past year next to the iPhone 6 that's been there for the past week.

Jeremy Swearingen (via Accidental Tech Podcast):

I thought the stories were bullshit, but just noticed my iPhone 6 is bent. Never kept in back pocket and never felt tight in front.

Marco Arment:

Reports from a few people: Apple is no longer replacing bent phones, even with no obvious mistreatment, by order from above a few days ago.

Update (2015-08-17): Joe Rossignol:

Nevertheless, it appears that Apple engineers have tweaked the design of the so-called “iPhone 6s” by strengthening the weak points of the smartphone’s rear shell. A new YouTube video shared by Unbox Therapy shows that the areas around the Home and volume buttons on the “iPhone 6s” appear to be notably thicker -- 1.9mm versus 1.14mm -- suggesting that Apple’s next iPhones could be less susceptible to bending under normal usage.

The Odyssey of Getting My Data Into Amazon Glacier

Matt Henderson:

After more investigation, I discovered that pretty much the only app for Mac OS X platform that supports multi-part S3 uploads is the unfortunately named, “Cyberduck”.


Turns out, you have to first restore them to S3 using the Amazon AWS Console, and then they’ll be downloadable using something like Transmit. From within the console, after having selected one or more files, you’ll find a “Restore” function in the “Actions” drop-down menu. When you choose to Restore a file (or files) you’re asked how long you want them to remain available in S3, before they are reverted back into Glacier.


That seemed quite nice, but then I discovered a huge problem. What if I wanted to restore an entire folder of files?


So that’s where I am. Happy to have all my data hosted cheaply in Glacier. Unhappy to have spent so much money getting it there. Happy to decommission my old hard drives at home. And hoping when the day comes that I need to do a mass-restore of my data, that a decent Glacier client will have appeared on the Mac platform, or that one of the existing apps like Transmit will have evolved to support that.

iPhone Camera Evolution

Lisa Bettany:

In this follow-up post to my iPhone 4s and iPhone 5 comparisons, I present an 8 iPhone comparison from all iPhone versions taken with Camera+ including, the original iPhone, iPhone 3G, iPhone 3GS, iPhone 4, iPhone 4S, iPhone 5, iPhone 5S, and the new iPhone 6 in a variety of situations to test the camera’s capabilities.

iCloud Security and Privacy Overview


The table below summarizes how your data is secured when using various iCloud features


When you access iCloud services using Apple’s built-in apps (for example, Mail, Contacts, and Calendar apps on iOS or OS X), authentication is handled using a secure token. Using secure tokens eliminates the need to store your iCloud password on devices and computers. Even if you choose to use a third-party application to access your iCloud data, your username and password are sent over an encrypted SSL connection.

Monday, September 22, 2014

Apple Pay Human Interface Guidelines

Apple (PDF) (via John Gruber):

You can add line items to the purchase total to explain additional charges. A line item consists of a label and an associated cost, such as “Gift Wrap $5.00” or “Tax $4.53”. You can also add an item with a negative value, such as “Friday Discount -$2.00”. Use line items for charges that are added to the merchandise being purchased; don’t use them to display an itemized list of products.


Note that the Apple Pay sheet always displays text in all capital letters.

Apple Plans to Shut Down Beats Music

Josh Constine:

Apple will discontinue the streaming music service Beats Music it acquired in May, according to five sources, including several prominent employees at Apple and Beats. Many engineers from Beats Music have already been moved off the product and onto other projects at Apple, including iTunes. It’s not clear when exactly Jimmy Iovine and Dr Dre’s music service will be shut down or what Apple will do with streaming, but every source with knowledge of the situation that we talked to agreed Apple plans to sunset the Beats Music brand.


Considering Apple’s penchant for simple, unified brands, and how it despises fragmentation, shutting down Beats Music makes a lot of sense. Running a second music service in parallel with iTunes that forces people to learn a whole new interface might have confused customers. Beats Music’s CEO Ian Rogers was also put in charge of iTunes Radio, meaning he’s already splitting his time rather than just focusing on Beats Music.

I’m not expecting them to rebrand the headphones as Apple, though.

Update (2014-09-22): Peter Kafka (via Kirk McElhearn):

I can elaborate a bit more, based on conversations with people familiar with Apple’s thinking: Apple won’t shutter the streaming service. It may, however, modify it over time, and one of those changes could involved changing the Beats Music brand.

Why Apple Didn’t Use Sapphire iPhone Screens

Tim Bajarin:

I don’t doubt that over time, there could be some breakthroughs with sapphire and new coating processes that could make it possible to use on a smartphone. However, from the research I did, it does not appear that it could happen anytime soon. Plus, sapphire’s less flexible and more brittle nature suggests, as least to me, that using it in large-screen smartphones would still be difficult — even if it was possible to coat it in a way to keep the screen from splintering. I now at least understand why Apple didn’t use it in the new iPhones — and the more I study this, it seems that it could be problematic for Apple to use sapphire outside of its smartwatch line anytime in the near future.

Update (2014-09-24): Dr. Drang:

The Mohs hardness number is a measure of scratch resistance, and it’s perfectly true that higher is better when it comes to avoiding scratches. It’s certainly a type of strength that needs to be considered, but not to the exclusion of others. If you drop your phone on a concrete sidewalk, scratch resistance isn’t going to save your screen. You need impact resistance, which involves the ability to absorb energy. For a thin sheet, that usually means the ability to flex significantly without breaking—not a property that’s intrinsically allied with scratch resistance.

Tim Bajarin at Time was promoting sapphire in August, but to his credit, he got himself educated after the iPhone 6 introduction and wrote a good explanation of why Apple stayed with Gorilla Glass. I’m not thrilled with his “sheet of ice” analogy, but the rest of the article is worth reading.

Sunday, September 21, 2014

The Lost Art of Software Testing

Dave Winer:

I think all developers go through the initial hatred of the tester, feeling unloved, and depressed because the labor of our love is so awfully buggy, broken and badly designed! Oh. But you eventually come to see that knowledge is power.


We had a great QA team at CE Software. One of the things is that almost everything pushes you to ship as early as you can. The developers want it shipped so they can start work on the next version or the next project. Marketing wants it shipped so they can start selling it and it can turn into real cash. Support wants it shipped so they no longer have to tell people yes, that’s a real bug, yes we’ll be fixing it in the next version, that will be soon. And even the customers want it shipped because they want the bugs they’re dealing with smashed and they want the new features we’ve talked about in their hands. You need a QA team with the desire and the authority to say “this isn’t ready to go”. The authority usually comes after a disastrous release, it did for us.

Saturday, September 20, 2014

Whoosh 2.0

Whoosh (via Gus Mueller):

Whoosh helps you send out lots of emails using the Amazon Simple Email Service. Whoosh will import mailing list in CSV or Tab-Delimited format from a file, or direct from a remote URL.

I’m currently using DreamHost for my announcement mailing lists. I use Amazon SES for all other auto-generated e-mails—e.g. order confirmations and serial number lookups—but I’ve long thought of using SES for announcements as well. It works really well and is orders of magnitude cheaper than MailChimp and similar services.

Update (2014-09-20): Scott Morrison recommends Sendy, a self-hosted PHP/MySQL tool that uses Amazon SES and also helps you manage the subscription list.

The True Cost of a Subsidized iPhone 6

Ed Bott (via John Gruber):

The actual price you will pay for an iPhone 6 in the U.S. varies depending on which carrier you choose. Those advertised numbers accurately reflect the up-front amount that a buyer will pay at the start of a two-year contract. But those apparently low subsidized prices include hidden costs that jack the price up over time. And it is nearly impossible for the average shopper to figure them out without extensive and exhausting research.


If you choose the 2-year contract option for AT&T, Verizon, or Sprint, you get a different set of plans. In the case of Verizon and AT&T, buying a phone outright or paying the full price in 20-24 monthly installments qualifies you for per-line discounts that range from $10 to $25 per month.

If you buy the device at the “low” two-year contract price, those discounts disappear. They are effectively finance charges for the device, which need to be added to the down payment of $200, $300, or $400.

iOS 8 Camera Controls

I really like the new exposure slider in the iOS 8 Camera app. Unfortunately, the HDR control is still broken. I set it to On, and within seconds it’s changed itself back to Auto.

Update (2014-10-30): Apple replied to my bug report with Behaves Correctly. They say that the HDR setting is supposed to revert to Auto after the device has been locked for more than 30 seconds. I think this is a poor design. I don’t ever want to use HDR Auto because it often chooses not to use HDR in situations where it would have really helped. With HDR On I can always choose which photo I like better. With HDR Auto, I may forever miss having a good photo of an important life event.

Friday, September 19, 2014

Minor 10.9.4 OS Update Breaks LabelWriter

Ted Landau:

The end result is that a functioning printer is headed for the garbage heap (or perhaps to a Windows user) because Dymo is unable or unwilling to fix a software incompatibility. And it cost me $100 to replace a printer that ought to still be usable.

My LabelWriter 330 used to Just Work. Now it sort of “works” with 10.9.5. It can indeed still print, but lately it’s been unreliable. Often, the job queue will pause itself right after I print. Manually resuming it causes half the label to be printed, thus ruining the label. Usually it will thereafter work for a bunch of labels in a row.

Update (2016-11-18): It works if I connect it directly to the Mac rather than via a USB hub.

Facts and Thinking

Brent Simmons:

The point of school is to teach us how to think, after all.

But that always sounds to me like people arguing that you could learn the rules of English grammar without learning any of the actual words. The facts — and, especially, the stories — of the world are its words. That’s our vocabulary. That’s what we think with and about.


To “de-emphasize memorization” sounds like a thing everybody can agree on — except that I suspect it really means “we’ve made it so you don’t have to know what actually happened, which makes it easier for you to do well on the test, which makes us look good.”

iOS 8 Removes Camera Roll

Serenity Caldwell:

The Camera Roll has disappeared, and in its place is the Recently Added smart album, which collects images you’ve recently taken or added to your device. It joins app-specific and content-specific albums on the Albums page, along with the new Favorites album (more below). Sadly, Apple continues to decline to make a Screenshots smart album (to my own personal disappointment).

Keith Murphy:

Not a HUGE fan of what they did in getting rid of Camera Roll and Photostream! To save free space in iOS 7, I would take pictures and then delete them from my Camera Roll once they synced into Photostream. With the changes in iOS 8, I can no longer tell what’s been synced and what is still on my phone...

This is really confusing. I used to be able to view the Camera Roll from the Camera app, so it was easy to go access recent shots and then go back to taking photos. Now, the Camera app just lets you open the Photos app, showing the recent photos full-sized. If you want to see thumbnails of the recent photos, you have to tap All Photos. But then you are in the Photos app for real, and there’s no button to get back to the camera.

It’s always been necessary to prune the locally stored photos now and then; otherwise they will consume all the space on your phone. Now, there is seemingly no way to see, from the phone, which photos I should be pruning. And there’s still no way to delete a large number of photos without individually tapping them. The Image Capture app on the Mac is needed now more than ever.

Update (2014-09-19): Allyson Kazmucha:

The bottom line is this — the Camera Roll has been nixed in favor of using the Photos tab. Recently Added on the other hand is simply a collection of all your recently taken photos across all your devices. So just think of Recently Added as replacing your personal Photo Stream.

I find it bizarre that there is no way to tell (a) which photos are only stored on the device, (b) which photos were taken with this device, or (c) which photos are on Apple’s server.

Update (2014-09-20): Lukas Mathis:

While this is incredibly annoying to people who know what they’re doing and want to have the ability to manage photos manually, a lot of iPhone owners — perhaps most of them — do not manually manage the photos on their phones, and would not do so if they had the option.

With the current combination of too-low storage capacities and a cloud solution that isn’t there yet, I think having manual controls is the least bad option.

Update (2014-09-22): Ole Begemann:

When you enable iCloud Photo Library on iOS 8, it is no longer possible to delete images from an iPhone using Image Capture on the Mac.

Thoughts on Music Formats

Marco Arment:

So I can see why people in the music business might think it’s important to make and sell interactive, multimedia music formats (what decade is this?) to compete, but I don’t think they stand a chance. Every trend in music is going in the opposite direction.


In 2007, Steve Jobs wrote an essay called “Thoughts on Music” to attempt to pressure the big record labels into agreeing to DRM-free music sales. […] I’m sure it’s a coincidence, but I’m having a hard time finding “Thoughts on Music” on Apple’s site anymore. Here’s the Internet Archive’s copy — the only live copy I found is in the Korean Hot News archive.

See also: Thoughts on Music.

iOS 8 Encrypts More Data With Passcode


On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode. Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.

Chris Welch:

But has everything changed with iOS 8? This document on iOS 8 security measures suggests that’s the case, showing that Apple has extended deep encryption protections to more of its own apps. “Key system apps, such as Messages, Mail, Calendar, Contacts, and Photos use Data Protection by default, and third-party apps installed on iOS 7 or later receive this protection automatically,” it reads.

Jonathan Zdziarski:

It’s important to take a minute, however, to note that this does not mean that the police can’t get to your data. What Apple has done here is create for themselves plausible deniability in what they will do for law enforcement. If we take this statement at face value, what has likely happened in iOS 8 is that photos, messages, and other sensitive data, which was previously only encrypted with hardware-based keys, is now being encrypted with keys derived from a PIN or passcode. No doubt this does improve security for everyone, by marrying encryption to the PIN (something they ought to have been doing all along). While it’s technically possible to brute force a PIN code, that doesn’t mean it’s technically feasible, and thus lets Apple off the hook in terms of legal obligation. Add a complex passcode into the mix, and it gets even uglier, having to choose any of a number of dictionary style attacks to get into your encrypted data. By redesigning the file system in this fashion (if this is the case), Apple has afforded themselves the ability to say, “the phone’s data is encrypted with a PIN or passphrase, and so we’re not legally required to hack it for you guys, so go pound sand”. I am quite impressed, Mr. Cook! That took courage… but it does not mean that your data is beyond law enforcement’s reach.

For example, if they have access to your Mac:

While your photos and messages might indeed now be encrypted with a key derived from your PIN, the pairing records stored on your desktop have a “backup copy” of your keybag keys (the escrow bag), which can be used to unlock the encryption on your phone – without a PIN. Again, this was added so that iTunes could talk to your phone while it is still locked.


Fortunately, there are some precautions you can take to ensure your privacy. One small trick is to shut down your iPhone whenever you go through airport security or customs. Why? Because Apple has included a kill switch that prevents your pairing records from being able to unlock your iPhone if it’s been shut down. The pairing record vulnerability only works if you’ve used your phone since it was last rebooted. Secondly, make sure you’re using strong encryption on your desktop / laptops, and make sure your computers are all shut down when not in use… especially when going through airport security. There are a number of forensics tools capable of dumping the memory (and therefore, encryption keys) of your encrypted disk if you’ve left your computer asleep or in hibernate mode. Shut it down.

Thursday, September 18, 2014

Xcode 6.0.1 Asynchronous Tests

The documentation only shows one type of XCTestExpectation, but there are actually several different methods for creating them:

@interface XCTestCase (AsynchronousTesting)
- (XCTestExpectation *)expectationWithDescription:(NSString *)description;
- (XCTestExpectation *)keyValueObservingExpectationForObject:(id)objectToObserve 
                                                     keyPath:(NSString *)keyPath 
- (XCTestExpectation *)keyValueObservingExpectationForObject:(id)objectToObserve 
                                                     keyPath:(NSString *)keyPath 
- (XCTestExpectation *)expectationForNotification:(NSString *)notificationName 

These are documented in XCTextCase+AsynchronousTesting.h.

Kindle Voyage

Kirk McElhearn:

Amazon has announced a new Kindle, the Kindle Voyage (odd name…) that is due to ship in November. (, Amazon UK) A bit smaller than the Kindle Paperwhite, this device boasts a higher screen resolution (300 ppi compared to 212 pip for the Paperwhite), and an adaptive light, so the screen light will vary according to your ambient lighting. There are also page-turn buttons in the device’s frame, on either side of the page, which provide haptic feedback.

I’m glad they added the page-turning buttons back.

Update (2014-09-19): Marco Arment:

You know what else is a pressure-based sensor with haptic feedback? A button.

Jason Snell:

Backlit tablets just can’t compete with E-Ink-equipped Kindles when it comes to reading in the bright sun. One of these days, maybe Apple will figure out how to make a glareless iPad with a really bright backlight for outdoor reading, but until that day I’m Kindle all the way.

At night, the inverse applies. My Paperwhite, turned down all the way, is much darker than my iPad’s backlight at the lowest setting. Which means it’s much less likely to disturb my wife while she’s sleeping and I’m reading.

Whether dark or light or in between, I prefer reading on these devices. They never push notifications at me, I’m never tempted to switch over to Twitter or email, and the static black-and-white calm of words on a page evokes the best things about reading a paper book or newspaper.

Update (2014-11-07): Marco Arment:

Rather than approximating buttons, the Voyage’s overly complicated “pressure-based page turn sensors with haptic feedback” are the worst of both worlds: they lack the precision, feedback, and intentionality of buttons, and they take more effort and are smaller than touch targets.

Jason Snell:

The Kindle Voyage is a premium reader at a premium price, targeting people who love their Kindles so much that they won’t hesitate to spend $200 for the best Kindle they can buy. It’s a smart decision, I think, and the Voyage is an excellent product.

That all said, I have to admit that of all the Kindle upgrades I’ve done over the years, this one felt the least significant. The screen is better, but the Paperwhite screen was already quite good. It’s good to have buttons again, but the accidental touches I make on the screen adjacent to the buttons somewhat reduce my enthusiasm for that feature. The typography is unchanged and mediocre.

Update (2014-11-22): Lukas Mathis:

Apart from the screen itself, every single generation of new Kindles was worse than the previous one.

1Password 5: Touch ID and Safari/App Extensions

As I said, I was really excited about this. So far, it has not quite worked out the way I expected.

The Safari extension prompts me for my master password every single time, even though I have set the master password timeout to 30 days.

The app itself sometimes lets me in via Touch ID but usually asks for my master password. I understand that the app needs to be running in order to keep the master password in RAM, but something doesn’t seem right here. It happens even in situations where it seems impossible for the app to have been quit by the OS.

There is an option in the Advanced preferences to store the master password in the iOS keychain. This seems like it would address the problem, but it also seems potentially dangerous. It shouldn’t be necessary unless there is a memory shortage.

In Riposte (which I’m trying since Netbot crashes on iOS 8), there is indeed a button to access 1Password and search for “”. However, there didn’t seem to be a way to get it to enter the username and password; I had to copy and paste them.

Surprisingly, 1Password lets me use third-party keyboards to type usernames and passwords, though not the master password.

Update (2014-09-23): I heard back from AgileBits support. The main issue seems to be that (a) a new instance of the 1Password extension is launched each time it’s used, so it cannot remember anything between invocations, and (b) the extension cannot communicate with the running 1Password app to get the master password. Therefore, the extension will prompt for the master password every time unless you enable the option in the 1Password app to store the master password in the iOS keychain.

Update (2014-10-04): Even when using the option to store the master password in the iOS keychain, I am finding that the 1Password app pretty regularly prompts me to enter the master password instead of offering me Touch ID.

iOS 8 Keyboards

Fleksy (App Store)

What I like about this keyboard is that it lets you swipe left to delete an entire word, swipe right to type a space, and swipe up or down to choose among word predictions. You can add or remove words from its dictionary. You can also adjust the size of the keyboard and even omit the spacebar. Languages and personalization require “Allow Full Access.”

SwiftKey (App Store)

Word predictions and the Flow feature for swiping require “Allow Full Access.” I did not enable that, so it didn’t seem to offer much. They want you to use their cloud service and send them data to get more accurate results.

Swype (App Store)

It’s amazing how accurate this is when you swipe your finger around without lifting it. There are also some interesting gestures for punctuation and capitalization, and you can control its dictionary. This keyboard does not even ask for “Allow Full Access.”

TextExpander touch (App Store)

It’s great to be able to expand abbreviations. Unfortunately, as I said, this means that you have to forego the other keyboards that are better at typing. You do have to enable “Allow Full Access.”

I think the Allow Full Access setting is confusing. It seems to be asking whether I want the keyboard to be able to persist data. That sounds useful and harmless. What I really want is to prevent the keyboard (via the app) from sending my data over the network. There doesn’t seem to be a way to do that except by not allowing full access.

See also: Federico Viticci, Scott Hanselman, Allyson Kazmucha.

Update (2014-09-19): Tim Burks:

It would be nice to be able to offer extended features without scaring consumers and looking shady.

Gabe Weatherhead:

My interpretation of the documentation is that a keyboard extension can enable network access if it is for the purpose of improving the application. What improvements warrant this, is up to the app developer.


But the only gate keeper is the app approval process. While that has kept iOS comfortably safe for me, the additional benefit of a new keyboard does not warrant this added risk.

Update (2014-09-21): By default, Swype backspaces over a whole word; to delete just one character, you can type a space and then backspace twice. I have not found a good way of typing words with apostrophes in them, since the apostrophe is not on the main keyboard.

Update (2014-10-10): Josh Centers:

Apple needs to give developers access to the keyboard selection popover so users can switch between keyboards quickly, and it should specify a location, name, and icon for the key that switches keyboards. Under the current rules, switching keyboards could technically be done via a gesture, leaving users to guess even more than they already have to.

Second, there are many more keyboard resources Apple could open up to developers, like iOS 8’s auto-correction and text-prediction mechanisms. As it stands, developers have to recreate every keyboard feature from scratch, which makes keyboards look and work significantly differently from the standard iOS 8 keyboard and thus hurts the user experience unnecessarily. Ideally, an app could use the standard keyboard as a jumping-off point, and change only the desired functionality, rather than start from scratch.

Third, I’d like to see better privacy controls for keyboards. Perhaps I’m just paranoid because I’m not accustomed to the possibility of my keystrokes being recorded, but right now, you have the choice between letting developers do anything and having a partially functional keyboard. I’d like to see more granular privacy settings for keyboard container apps.

Gatekeeper and Mac OS X 10.9.5

Daniel Jalkut:

Many Mac developers dropped everything to re-sign apps like Apple asked for 10.9.5, only to learn it doesn’t matter. Terrible communication.

Daniel Jalkut:

A bit over a month ago, Apple announced big changes to the way Mac OS X versions 10.9.5 and 10.10 will recognize the code signatures of 3rd party applications, hinting very strongly that consequences would be dire for any developer neglecting to re-sign their apps:


To make matters yet more confusing, a developer who has signed off on the chore of complying with Apple’s requests would not necessarily be able to verify the job was done right, because for example on pre-release builds of 10.9.5 and 10.10, many apps with “old and busted” version 1 signatures unexpectedly passed the system’s Gatekeeper check, contrary to the firm indication from Apple that they shouldn’t.

It’s still not entirely clear to me what happened here. I had an app that failed the Gatekeeper check with pre-release versions of the OS only to pass it with later betas and the release version. Was this because of a bug in the pre-release versions? Or is Apple simply delaying part of the clamp-down?

See also: Major Changes to Gatekeeper in Mac OS X 10.9.5.

Update (2014-09-19): Andrew Cunningham:

This is contrary to a message Apple sent to developers in early August, which indicated that all apps would need to be re-signed to work properly with 10.9.5.

Update (2014-09-24): Jeff Johnson:

What nobody was expecting, and as far as I can tell, what nobody but me has noticed yet, is that the Gatekeeper change, or a significant subset thereof, was included with the 2014-004 Security Update for Mac OS X 10.8.5. There is no mention of this at all by Apple, anywhere, certainly not in the release notes.


It’s shameful that Apple failed to inform anyone, either developers or users, either before or after the fact, that this significant overhaul of Gatekeeper shipped in the security update to 10.8.5. And since it was a security update, we have to wonder, what was the security vulnerability? Why wasn’t it listed in the security content for 10.8.5 or 10.9.5? According to the hype, Apple is supposedly entering into a new era of openness. According to the reality, however, I see the same old lack of communication.

Thoughts on Privacy

Tim Cook:

Our business model is very straightforward: We sell great products. We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you. Our software and services are designed to make our devices better. Plain and simple.

John Gruber:

That Tim Cook and Steve Jobs are very different people has been a common refrain for three years, and it came up again this week in his interview with Charlie Rose. But one trait they share is the ability to write in simple, straightforward words. I say clear writing is a sign of clear thinking.


Below you’ll find information about powerful features that help you make your devices and data secure, along with tips for avoiding phishing scams and keeping your account safe.


Government information requests are a consequence of doing business in the digital age. We believe in being as transparent as the law allows about what information is requested from us. In addition, Apple has never worked with any government agency from any country to create a “back door” in any of our products or services. We have also never allowed any government access to our servers. And we never will.

In the Charlie Rose interview, Cook said they would have to carry him out in a box before he let that happen. Of course, it is entirely possible that it could happen without his knowledge or consent. The systems are designed such that Apple could tap into your messages if it wanted to. There is unfortunately no way to prove that this doesn’t happen.

I also note that Apple has updated its iOS Security whitepaper.

Update (2014-09-18): Jeff John Roberts (via David Heinemeier Hansson):

Now, Apple’s warrant canary has disappeared. A review of the company’s last two Transparency Reports, covering the second half of 2013 and the first six months of 2014, shows that the “canary” language is no longer there.

Update (2014-09-19): Cyrus Farivar:

While Apple won’t confirm it, the company has removed its warrant canary from its latest transparency report, issued this week. While this could mean that the company has received a new secret government order to provide user data, there is still another more likely possibility: it’s not publishing warrant canaries at all.

Apps Using iOS 8 Extensions


Up until that point, iOS apps had very limited reach in terms of access to other apps’ documents, so we struggled to find an answer to our time-honored litmus test of “what would we use this for?” Was an app that simply allowed you to transfer files in and out of itself particularly useful?


By utilizing App Extensions, Transmit could effectively provide standard file transfer protocols for any iOS 8 app. Overnight, this idea that made very little sense suddenly made all the sense in the world.


As of today, you can easily save to Instapaper from any application on your iPhone or iPad that supports the iOS system share sheet. No more copying links & opening Instapaper, emailing yourself articles, or installing bookmarklets. Just tap the system share icon, choose Instapaper, and voila! Saved.

Facebook’s iOS Infrastructure

Adam Ernst and Ari Grant gave a presentation at @Scale 2014 about why Facebook switched away from Core Data and MVC to immutable models and their own layout engine that separates the layout from the process of creating the view hierarchy from recycled immutable views.

Wednesday, September 17, 2014

iPhone 6 Review

Jason Snell:

I’ve been using the iPhone 6 and iPhone 6 Plus for the last week, since Apple’s big event on Sept. 9. You can read my full review on Macworld—it’s my final byline there. You can also listen to episode 1 of my new podcast, Upgrade, in which I discuss the new iPhones and my review with my co-host, Myke Hurley.


I suspect that Apple’s intent here is for Reachability to always go away once you’ve tapped on something. But I could make an argument that the alternate approach — let interactions keep happening until your finger is off the glass for a second — is the better one. Sometimes I do need to make two taps at the top of the screen, and with Apple’s approach I have to reactivate Reachability to make the second tap. And of course, tapping on the black void is always there to dismiss Reachability immediately if I really can’t wait a second.


If an app isn’t written specifically to take advantage of the iPhone 6 or iPhone 6 Plus, the phone will scale the entire user interface up to fill the screen. (There’s no letterbox, because the iPhone 5 and 6 series all use the same 16:9 aspect ratio.)


Apple has added a feature to the iPhone 6 and iPhone 6 Plus called Display Zoom, which lets you choose between using that extra screen space for more stuff, or for bigger stuff. If you turn on Display Zoom on the iPhone 6, the device will scale up the resolution of an iPhone 5 screen. If you turn it on on the iPhone 6 Plus, it’ll scale up the resolution of the iPhone 6.

John Gruber:

One week in and I’m still unsure about the size of the iPhone 6 relative to that of my iPhone 5S, but I’m very sure about the size of the 5.5-inch iPhone 6 Plus: it’s too big for my taste.


Again, they’re more like two different device classes than two variations of the same device. My understanding, talking to people at the event last week, is that Apple’s industrial design team mocked up prototypes of every single size between 4.0 and 6.0 inches, in tenths-of-an-inch increments, and from those 20 sizes selected the two that best hit the sweet spots for “regular iPhone” and “ginormous iPhone”. We might never see new iPhone sizes again — or at least not bigger ones.


No doubt about it, one-handed usability suffers greatly on the iPhone 6 compared to the iPhone 5 series — and the 4.0-inch iPhone 5 displays are themselves less one-hand-able than the classic 3.5-inch iPhone displays. But there are advantages to the larger display of the iPhone 6. I find myself typing much faster and more accurately.


Reachability might make it possible to do everything you want while holding the 6 Plus one-handed, but it’s nothing at all like using a 3.5- or 4.0-inch iPhone in one hand.


Pocketability is going to vary based on your pants and pockets. (I’ve been wearing Levi’s jeans every day I’ve been using both phones.) With the regular iPhone 6, I haven’t had any problems. The fact that it’s so much thinner than the iPhone 5/5S, and now has curved sides, makes it easy to slide into a pocket. The overall volume of the device just doesn’t feel that much bigger in hand or pocket.


Text and fine lines appear sharper on the 6 Plus than on the regular 6 (or any other iPhone with a 326 PPI display, like the 5’s). 401 pixels per inch is high enough that things still look great even if they’re not pixel-perfect. I was deeply skeptical of this on-the-fly downsampling when I heard about it, but having used it for a week, I’m sold.

(When you take a screenshot on the iPhone 6 Plus, you get a 2208 × 1242 image — you get a screenshot of what the app thinks it is displaying, not a screenshot of the actual pixels on screen. If you really do care about pixel-level precision, I’m not sure how you can tell what is being rendered on screen other than to examine the actual iPhone display using an optical loupe.)


The iPhone 6 has a noticeably stronger vibrator to me, and with the iPhone 6 Plus, it’s so powerful it’s actually a bit noisy — the sound made by the 6 Plus vibrator is so strong, I wonder if there are going to be complaints that it’s not “silent” at all.

Bare Feats:

As you can see, the iPhone 6 is 11% to 17% faster than the iPhone 5S. The iPhone Plus is 23% to 24% faster than the iPhone 5S. The iPhone 6 Plus is 6% to 11% faster than the iPhone 6.

Update (2014-09-18): John Gruber:

But I don’t understand why the entry level storage tier remained at a meager 16 GB. That seems downright punitive given how big panoramic photos and slo-mo HD videos are, and it sticks out like a sore thumb when you look at the three storage tiers together: 32/64/128 looks natural; 16/64/128 looks like a mistake. The original iPhone, seven years and eight product generations ago, had an 8 GB storage tier. The entry-level iPhones 6 are 85 times faster than that original iPhone, but have only twice the storage capacity. That’s just wrong. This is the single-most disappointing aspect of the new phones.

Austin Mann tests the iPhone 6 camera in Iceland.

Update (2014-09-21): Nick Heer:

I wrote approximately 15,000 words to review iOS 8. Yet, I inexplicably forgot a couple of things that I wanted to talk about. I have had notes about these things since June, and I intended to include them. I’m just a bit of an idiot.

Update (2014-10-09): John Gruber:

I don’t think I have ever received so much reader feedback on a post in the history of Daring Fireball. Hundreds of emails. Dozens and dozens of replies on Twitter. All of them saying the exact same thing: that either they themselves or people they know want to upgrade to iOS 8 but haven’t yet or can’t because the OTA software update won’t fit on their devices.

Update (2014-10-10): Kirk McElhearn:

I used the iPhone 6 for a week; I went back to the iPhone 5s on Friday, to see if I really liked it better. And I did. This may be because of its familiarity; it’s a comfortable size. I can hold it comfortably in one hand, and do most of what I need with just one hand. The iPhone 6, however, felt alien, as though it was just not the right size for my hand.

Daniel Jalkut:

Since I got my new iPhone 6 (not plus), my biggest concern has been the increased size. There are certainly things to like about the larger screen, but I am one of those people who looks at the phone primarily as something that empowers me to do great things with a minimum of extra weight or bulk. I don’t wear skinny pants, per se, but I don’t wear cargo pants, either. I like to have the phone at easy reach but I also like to travel light, and to move through life with a certain bounce in my step that makes me feel vulnerable with a larger phone.

Hiding the iPhone 6 Camera Bump

Ben Brooks:

I looked through Apple’s site on the iPhone 6 and interestingly the bump isn’t hidden most of the time, but it is always hidden in profile. When you look at the iPhone in profile the honest way to show the phone is with the bump, but take a look (from Apple’s site)[…]

Via John Gruber:

I think this is a mistake on Apple’s part. If the iPhone 6 is going to have a camera bulge (and it does), they should wear it with pride.

iOS 8 Review

Nick Heer:

It is for this reason that I will be writing a review of iOS 8 in two parts. The first part, which is what you’re reading now, is a review of the first-party aspects of iOS. It is truly a review of iOS 8, not apps built for iOS 8. The second part, which will be released in weeks-to-months, is a review of what is possible when third-party developers get ahold of the thousands of new APIs available to them.

This is what I have gleaned from using iOS 8 every day since June 2 on my primary (and only) iPhone 5S and my Retina iPad Mini.


That’s not to say that there aren’t problems with it. I’ve pointed out a number already, and I’m sure we’ll hear more reports as users update. It’s not without its flaws and its bugs. But I think iOS 8 is the biggest iOS release for users and the most exciting opportunity for developers since iOS 2.0. It’s really that big of a deal.

Andrew Cunningham:

Apple still holds the keys to many aspects of the iPhone and iPad user experience, but compared to past versions of the software iOS 8 represents an opening of floodgates. Don’t like Apple’s software keyboard? Replace it. Want sports scores and updates on your eBay auctions in your Notification Center? Here’s a widget, throw ‘em in there. Want to use a social network or a cloud storage service that Apple hasn’t explicitly blessed and baked into the OS? Cool. Here are some APIs for that.


Still no public transit directions in Maps.


Not all of the features advertised at WWDC were actually done in time for release.

Andrew Cunningham:

The iPhone 4S was Apple’s last to use the original 3.5-inch iPhone screen size, which is now the smallest of four different phone screens that Apple supports. iOS 8’s new stuff is all about fitting more information on those larger screens, whether we’re talking about predictive typing, new Mail sorting options, Notification Center widgets, or Spotlight suggestions. The 4S’ screen has always been small, but iOS 8 can make it feel cramped.


The iPhone 4S made the jump to iOS 7 relatively gracefully, though, and it’s fine with rendering all of the fancy transparency and translucency effects. We were expecting speed to stay roughly the same in the jump from iOS 7 to iOS 8, more or less as it did when we moved from iOS 5 to iOS 6 on the 3GS. Testing some application launch times under both operating systems reset those expectations. […] Again, we’re not looking at an iPhone 4-level situation here, but iOS 8 can add as much as 50 percent more time to the same task compared to iOS 7.

Casey Johnston:

Generally [on an iPad 2], iOS 8 is noticeably slower and choppier than iOS 7, in everything from opening apps to typing. Back when we switched from iOS 6, we complained about how we could get 10 characters into typing something before the keyboard realized what was happening. This problem has returned with a force in iOS 8, especially on first opening an app. Screen rotation is stuttery, and any time some part of the OS needs to slide into place (text centering, apps minimizing), it can’t do it smoothly.

Rene Ritchie:

iOS 8 feels like Apple took every wish list item on the web and checked them off one-by-one. Interactive notifications? Done. Widgets? Done. Inter-app communication, custom keyboards, document picker? Done. Done. Done. […] In this case, believe the hype. iOS 8 is in every way the biggest functional release for iPhone and iPad since the App Store.

Update (2014-09-18): Graham Spencer:

Just like we have in the past few years, we like to find those little gems that come with every brand new version of iOS. So in this post, you’ll find dozens and dozens of tips, tricks, and details of iOS 8 that we’ve collected throughout the summer since the first beta release of iOS 8.

Brandon Chester:

Given that the iPad 3 I have for testing falls into both the Apple A5(X) camp and the iPad camp, I won’t be updating it to iOS 8. While the new features like SMS Relay will be nice, the missing features and issues like keyboard lag outweigh the benefits of updating.

Despite my concerns, iOS 8 makes me feel excited for the future more than anything else. Apple’s steps to open up more options for customization by developers and users on iOS marks a significant departure from their previous releases. It’s not Android but it isn’t meant to be. It brings new features and capabilities that are implemented in a very Apple-like manner, for better or for worse. I don’t think it’s going to do much to sway Android fans toward iOS, but it gives a lot of reason for current iOS users to stay with Apple.

Update (2014-11-07): Dan Frakes:

Here are some of my favorite iOS 8 features, in no particular order, with an emphasis on things that haven’t been exhaustively covered elsewhere. I hope you discover something new and useful.

iCloud Adds Support for App-Specific Passwords


If you use iCloud with any third party apps, such as Microsoft Outlook, Mozilla Thunderbird, or BusyCal, you can generate app-specific passwords that allow you to sign in securely, even if the app you’re using doesn’t support two-step verification. Using an app-specific password also ensures that your primary Apple ID password isn’t collected or stored by any third party apps you might use. Starting on October 1, 2014, app-specific passwords will be required to sign in to iCloud using any third party apps.

They’ve also added two-factor authentication for the Web apps and iCloud backup.

Tuesday, September 16, 2014

Full-Text Search on iOS with FMDB

Andrew Goodale (via Gus Mueller):

When I started working on an iPhone app to play music from the phone’s library based on GPS location, I needed a way to index the song metadata and other textual content. SQLite is built into iOS, and I wanted to use its full-text module support (FTS3/4). Apple provides no full-text search index functionality for iOS, and other options, such as Lucene, are focused on Java-based environments.

Since I was working with SQLite, I knew the best approach was to work with the excellent FMDB library, which provides an Objective-C wrapper to the SQLite C API. My effort extends that library with additional Objective-C interfaces and protocols to simplify working with the FTS3 module.

Assigning Relationships Between Tasks and People in OmniFocus

Tyler Hall:

For years I’ve used on-hold “waiting” contexts named after coworkers and family members to denote tasks that I’ve assigned to other people and am waiting on them to finish. But a few weeks ago I had a realization that there are two other types of relationships between tasks and people that I haven’t been tracking. And with a few quick modifications to how I title my tasks, it’s possible to track them in OmniFocus.

PCalc Construction Set

Dr. Drang:

With version 3.3 of PCalc, James Thomson has gone Espinosa one better: he’s not only built a customizable PCalc, he’s given all of us the power of Steve Jobs.


To edit a button, press and hold on it until the display shifts and handles appear at the corners of the button. You can use the handles to resize the button, and you can drag it around to any place you like.

To change what the button does, tap the Edit button along the bottom, and a screen will appear that’ll let you change the name and the behavior of the button. You can have it work like any of the regular commands, run a user function, perform a unit conversion, or insert a constant. You can have the button appear in the normal view, the 2nd view, or both.

This is going to be great. None of layouts were ever quite what I wanted. Now I can tweak them.

Status Magic and iPhone 6/6 Plus Screen Sizes

Dave Verwer:

There is no doubt in my mind that this is the best way to take your App Store screenshots and this is the main reason that we’re discontinuing Status Magic. It’s very sad, but I’m not going to fight against something that provides better results and is integrated into the operating systems.


I loved this app, it wasn’t useful every day but it really made a difference to App Store screenshots and every time I saw a 9:41 on an App Store screenshot I wondered if we had helped create it. Farewell, Status Magic!

iOS 8 and iCloud Drive

Nik Fletcher:

If you upgrade to iCloud Drive, you will only be able to sync with devices running iOS 8 or OS X Yosemite. As OS X Yosemite is still pre-release (and not yet available) upgrading to iCloud Drive will prevent you from syncing with Clear for Mac until both OS X Yosemite is released and you upgrade to OS X Yosemite.

Developers cannot work around the choice made when upgrading to iOS 8, so please make sure you pay close attention to the iCloud Drive screen shown after you update to iOS 8.

If you need to sync with devices that are not (currently) iCloud Drive-compatible, ensure you choose “Not Now”. this will keep iCloud’s “Documents and Data” sync feature enabled on your iOS 8 device so that you can sync with OS X Mavericks (and iOS 7 devices).

Update (2014-09-17): Caitlin McGarry:

You can go back and upgrade at any time, but unless you want a file-syncing nightmare on your hands, you’ll wait for Yosemite’s official release. You don't even have to take our word for it: Developers like Realmac Software and Bloom, which makes Day One have taken to their blogs to warn users about potential syncing problems and the lack of iCloud Drive support for pre-Yosemite versions of OS X.

Adam C. Engst:

Beyond the basic inability to access iCloud-stored documents on the Mac, this limitation also prevents you from working on iCloud-stored documents on both an iOS device and a Mac. So, if you’re a fan of switching back and forth between Pages on your iPad and on your iMac, you really want to postpone upgrading to iCloud Drive until Yosemite ships.

Update (2014-09-19): Apple:

iWork customers who use a Mac with OS X Mavericks or earlier will experience issues keeping their documents up to date if they upgrade to iCloud Drive via iOS 8 or

If you update to iCloud Drive, you lose access from the iWork apps on Mavericks.

Ian Paul:

Mac users are better off waiting for OS X Yosemite to drop before upgrading to iCloud Drive, but iOS 8-toting Windows users are cleared for takeoff. Apple recently released an upgraded version of iCloud for Windows loaded with iCloud Drive.

Update (2014-09-20): Kirk McElhearn:

This belongs in the Department of WTF. How can Apple have allowed iCloud Drive to go live, hijacking the documents of so many people? Michael Cohen offers a matrix in this article, showing which types of devices can share files with other devices. It’s pretty sad that this has happened; Apple needs to release an iCloud Drive update for Mavericks now, so people don’t lose access to essential documents.

Update (2014-10-19): Michael E. Cohen:

Yosemite is now upon us, and if you are an iCloud user and you upgrade to Yosemite, you won’t be able to avoid iCloud Drive. In most cases, your documents should weather the transition intact, but if you also have an iOS device and you discover that iCloud Drive misbehaves on it in any of your iCloud-enabled apps, do the simplest thing first: sign out of iCloud on the device and then sign back in. This simple act might well brighten up an iCloudy day.

Monday, September 15, 2014

Minecraft to Join Microsoft


The Mojang team will join Microsoft Studios, which includes the studios behind global blockbuster franchises “Halo,” “Forza,” “Fable” and more. Microsoft’s investments in cloud and mobile technologies will enable “Minecraft” players to benefit from richer and faster worlds, more powerful development tools, and more opportunities to connect across the “Minecraft” community.

Under the terms of the agreement, Microsoft will acquire Mojang for $2.5 billion.


Minecraft has grown from a simple game to a project of monumental significance. Though we’re massively proud of what Minecraft has become, it was never Notch’s intention for it to get this big.

As you might already know, Notch is the creator of Minecraft and the majority shareholder at Mojang. He’s decided that he doesn’t want the responsibility of owning a company of such global significance. Over the past few years he’s made attempts to work on smaller projects, but the pressure of owning Minecraft became too much for him to handle. The only option was to sell Mojang. He’ll continue to do cool stuff though. Don’t worry about that.

There are only a handful of potential buyers with the resources to grow Minecraft on a scale that it deserves. We’ve worked closely with Microsoft since 2012, and have been impressed by their continued dedication to our game and its development. We’re confident that Minecraft will continue to grow in an awesome way.

Markus “Notch” Persson:

I don’t see myself as a real game developer. I make games because it’s fun, and because I love games and I love to program, but I don’t make games with the intention of them becoming huge hits, and I don’t try to change the world. Minecraft certainly became a huge hit, and people are telling me it’s changed games. I never meant for it to do either. It’s certainly flattering, and to gradually get thrust into some kind of public spotlight is interesting.

I have no idea what to make of this.

Update (2014-09-19): Josh Centers:

Minecraft is the most mind-blowing game I have ever played. It’s part sandbox game, part world-builder, part exploration game, part farming simulator, and part role-playing game. It has a “conclusion” of sorts (that you must discover on your own), but it never truly ends. You can play alone or with others, and you can even run your own Minecraft server and invite just your friends to play on it. It’s all too easy to spend thousands of hours in Minecraft, and millions of people already have.

Navigation Bar Interactions in iOS 8

Natasha Murashev:

Have you noticed how nicely the mobile Safari navigation bar condenses on scroll, and how the tab bar disappears?

In iOS8, Apple has made this type of interaction (and more!) very easily available to us all – well, almost… While Apple demoed the condensing navigation bar at WWDC, they have since changed it to hiding the navigation instead, and the tab bar is not included (I’m guessing they’ll add separate tab bar hiding properties later on…).

Removing U2’s “Songs of Innocence”

Kirk McElhearn and others have shown how to hide the album in your account via the Recent Purchases screen. Apparently, a lot of people want to do this because Apple went to the trouble of creating a special URL to make this even easier:

I don’t have a problem with the U2 promo per-se, but I certainly don’t want unsolicited free albums showing up in my library on a regular basis.

Update (2014-09-15): Andrew Hampp (via Josh Centers):

With lead single “The Miracle (Of Joey Ramone)” set to be featured in a massive media campaign from Apple, valued at $100 million by multiple sources, U2 has already scored arguably the biggest launch in music history. And it’s one that’s already fraught with a little controversy, from angry retailers to Grammy and SoundScan guidelines. Oseary, 41, rang Billboard on Sept. 11 to address the many questions about the launch, and what’s next (another album?) from this landmark deal with Apple.

Nick Heer:

Sure, it’s “historical” for 500 million people to own a single album all at the same time. But there’s a huge difference between 500 million people buying an album and 500 million people being given an album. We buy albums we like or might potentially like, from artists that we already know or look interesting. I wasn’t planning on buying this record, yet I now own it. That’s weird, and not in a “pleasant surprise” kinda way.


Apple knows that music is both powerful and personal, they have highlighted that they think both customization and privacy are important and they have made a big fucking deal about their services to the user being in service of the user and not for some other ulterior motive. Apple could have asked “do you want this?”, but they didn’t, and the reason they didn’t was exactly because then they couldn’t help their friends chase a bogus world record.

Dan Wineman:

We’ve surrendered the physical trappings, but the connotations remain. And I think Apple didn’t see this because — no matter how deeply they insist music runs in their DNA — from the perspective of the iTunes Store, “library” means licensed content the user is currently authorized to stream or download. But due to various design decisions Apple’s made over the years, that’s not what it means to anyone else. I’d wager that to a majority of iTunes users, “library” means my personally curated collection of stuff that I enjoy and feel comfortable associating with my identity. Messing with that is, to be frank, nothing short of a violation.

Marco Arment:

Being angry about an album you were given for free does sound dumb, but due to the way iTunes purchase libraries work, that’s not the whole story. As far as most people can tell, purchases stick around forever. I didn’t even know you could hide purchases from your history until this, and I’m supposed to be an expert in Apple stuff.


The damage here isn’t that a bunch of people need to figure out how to delete a (really quite bad) album that they got for free and are now whining about. It’s that Apple did something inconsiderate, tone-deaf, and kinda creepy for the sake of a relatively unimportant marketing campaign, and they seemingly didn’t think it would be a problem.

Update (2014-09-16): Daniel Jalkut:

I tend to agree with Marco Arment’s take, both about it being a mistake to overlook the nuances of this situation, and that the nut of the problem, the part especially worthy of scrutiny by Apple’s fans, is the extent to which this move, and the threat of more moves like it, erodes our trust that the company has our best interests at heart.

Steven Frank:

It’s that my various document libraries, and especially my iTunes library, are sacred. You DO NOT touch them. If I entrust them to your cloud service, you double-triple especially DO NOT touch them.

This “free gift” could have just as easily been issued as a redemption code, and nobody would have minded. Instead it was pushed into everyone’s library apparently just so the band could brag about having the most widely-“owned” album of all time. It had that layer of marketing slime on it that most Apple promotions do not.

Dave Winer:

For a company that makes products that are supposedly about personal creativity, they seem to focus on elite creativity a bit too much. I suspect in their minds, the people who run Apple, and the people who run U2, our function is to admire them, and accept our own mediocrity.

Chuq von Rospach:

If you bought a Windows-based PC anytime in the last 15 years, it came with a lot of software put there “for your convenience”. It was generically known as crapware, and it was because PC vendors were paid to stuff it down your throat, even though you didn’t ask for it. This is a tactic generally reviled by people who had to try to clean all of that stuff out for their less tech savvy family members.

Apple was a company that even marketed itself as above that kind of activity, because they were.

Update (2014-09-17): John Gruber:

Did anyone among Apple’s leadership raise questions about this promotion? Regarding either the “we’ll just add it to everyone’s purchased music” thing that has so many people upset, or, the way the whole thing was a complete and utter distraction punctuating the otherwise nearly flawless iPhones/Pay/Watch event.


The “free cassette” image was just a digital fabrication, however, an altered version of a vintage Argos catalog as from 1986 (viewable on the Retroash web site).

Update (2014-10-15): Dave Mark quotes Bono:

Oops, um, I’m sorry about that…This beautiful idea. Might’ve gotten carried away with ourselves. Artists are prone to that kind of thing. Drop of megalomania. Touch of generosity. Dash of self promotion. And deep fear that these songs, that we’ve poured our lives into the last few years, mightn’t be heard. There’s a lot of noise out there. I guess we, us, we got a little noisy ourselves to get through it.

Visualizing Garbage Collection Algorithms

Ken Fox (via Ole Begemann):

I’ve built a toy with five different garbage collection algorithms. Small animations were created from the run-time behavior. You can find larger animations and the code to create them at It surprised me how much a simple animation reveals about these important algorithms.

Tim Cook Interview

Charlie Rose interviews Tim Cook, who has some interesting things to say, particularly about Steve Jobs. At this point, I think it would be hard to argue that anyone else would have been a better successor as CEO. Unfortunately, he still doesn’t have a satisfying explanation for the maps situation.

Update (2014-09-17): Serenity Caldwell:

We’ve put together edited highlights from his first hour chatting with the ABC talk show host about Apple’s new products, the Apple TV, Steve Jobs, and the future of the company.

Charlie Rose’s site has part 2 of the interview, as does YouTube.

OmniGraffle Stenciltown

Ken Case:

Stenciltown makes it easy to find free OmniGraffle stencils which have been shared by the community. You can browse and search the collection through its web interface, and once you’ve found a stencil you’d like to use it’s as easy as ever to download and use.

You can also search Stenciltown from within OmniGraffle itself, both on Mac and iPad.

An Introduction to Cocoa Bindings

Amy Worrall:

Most tutorials teach you how to use bindings with Interface Builder. While this is by far the most common way to use bindings, Interface Builder can leave the impression that bindings are a kind of magic, and developers who never dive deeper and gain a full understanding of how they work can often struggle to solve certain problems, especially when trying to debug some unexpected behaviour.


There are benefits if the object being bound to implements NSEditorRegistration. This is one reason why it’s a good idea to bind to controller objects rather than binding directly to the model. NSEditorRegistration lets the binding tell the controller that its content is in the process of being edited. The controller keeps track of which views are currently editing the controller’s content. If the user closes the window, for example, every controller associated with that window can tell all such views to immediately commit their pending edits, and thus the user will not lose any data.


In bindings, the view does all the work. It is responsible for observing the model, pushing its own changes back to the model (using Key Value Coding) at an appropriate point, and keeping track of all the information about the binding. If you’re binding to Apple-supplied views (or Apple-supplied controllers that expose bindings) all this is taken care of, but it becomes important if you are creating your own bindable views.

Saturday, September 13, 2014

Eulogy for the iPod Classic

Josh Centers:

Overshadowed by the excitement of Apple’s latest product announcements was the loss of a long-standing Apple product. On 9 September 2014, Apple took its Web site offline briefly to slip in a redesign, new iPhone models, and the Apple Watch, but when the site returned, there was something missing: the iPod classic, which had been unceremoniously scrubbed from both the site and Apple’s online store. The 160 GB iPod classic is survived by the 2 GB iPod shuffle, the 16 GB iPod nano, and the iOS-based iPod touch.

Update (2014-09-15): Mat Honan:

In all likelihood we’re not just seeing the death of the iPod Classic, but the death of the dedicated portable music player. Now it’s all phones and apps. Everything is a camera. The single-use device is gone—and with it, the very notion of cool that it once carried. The iPhone is about as subversive as a bag of potato chips, and music doesn’t define anyone anymore.

Soon there will be no such thing as your music library. There will be no such thing as your music. We had it all wrong! Information doesn’t want to be free, it wants to be a commodity. It wants to be packaged into apps that differ only in terms of interface and pricing models. It wants to be rented.

Update (2014-10-28): AppleInsider:

Speaking with Wall Street Journal editor Gerry Baker, Cook said Apple was no longer able to source parts for the capacious iPod, which was the last of its kind to integrate a spinning hard drive for storing up to 160GB worth of music.

Kirk McElhearn:

I don’t think the choice of retiring the device was about parts. I think it no longer fits in Apple’s concept of what their devices should be like.

Update (2014-12-13): Ben Lovejoy:

Apple kept making the iPod Classic for much longer than many expected, but when it finally called time over lack of components there were still plenty of people who wanted one. The Guardian reports that some iPod Classics are now selling for up to four times the original price.

A Warm Welcome to Structs and Value Types

Andy Matuschak:

If classes are so much more powerful than structs, why use structs? Well, it’s exactly their limited scope that makes them such flexible building blocks. In this article, you’ll learn how structs and other value types can radically improve your code’s clarity, flexibility, and reliability.

The whole issue about Swift is good.

iPhone 6 Size, Points, and Pixels

Ben Markowitz:

Want to get a feel for the new iPhone 6 Plus? Stack two standard checkbooks. Gets you length, width, and depth.


Like many of you, I’m still having trouble deciding which size to get. I put together these images that display the two models at actual size, keyboards included.

Tim Schmitz:

Both the iPad Air and the iPad mini have a “regular” size class in both dimensions, which implies that Apple is at least leaving room for something larger than the iPad. The likeliest explanation is that they’re keeping their options open for shipping larger devices in the future.


The new iPhone substantially changes the way graphics are rendered on screen. We’ve made an infographic to demystify this.


iPhone 6 Plus - with Retina display HD. Scaling factor is 3 and the image is afterwards downscaled from rendered 2208 × 1242 pixels to 1920 × 1080 pixels.

Marcel Weiher:

The iPhone 6 Plus has a 1920x1080 panel, but the simulator renders at 3x. These two resolutions don’t match and so the pixels will need to be downsampled to the display resolution. Whether that is accomplished by downsampling pixel art (which happens automagically with Quartz and the proper device transform set) or as a separate step that downsamples the entire rendered framebuffer doesn’t matter (much). Either way, there are no more “pixel perfect” pre-rendered designs.

Pablo Bendersky:

3x assets and the scaling is weird. I figure it’s a stop gap measure until we can get screens at 4x resolutions, so we can go back to pixel perfect assets if we wish to. While iOS 7 and 8 have a visual style that do not require pixel perfect mockups, iOS 7 was touted as designed for retina displays, and the recommendation was to use retina assets (like 1px lines) which might not look good on the 6 Plus.

Brent Simmons:

The @3x thing makes me feel like one of those computers in the original Star Trek that Kirk destroys by feeding it bad input. Does. Not. Compute. Can’t. Divide. Three. By. Two. Help. Me.

Update (2014-09-19): Peter Bright:

Apple’s large screen iPhones seem very space inefficient. 4.7" 6 is bigger than the 5" Lumia 930. 5.5" 6+ is almost as big as 6" Lumia 1520.

Update (2014-10-10): Adam Banks and Alan Stonebridge (via Accidental Tech Podcast):

Of course, 1920x1080 happens to be the exact resolution of a Full HD movie such as those you might rent or buy from Apple’s built-in iTunes Store. Hurrah! But wait. Screen-grabbing playback in the Videos app shows that the display is still being rendered at 2208x1242. Yes, the software is actually scaling up your 1080p video (reducing its quality) so that the hardware can scale it back down (reducing its quality) to display it at 1080p. Madness.

Update (2014-10-16): Accidental Tech Podcast says that the iPhone 6 Plus does display video at native 1080p and links to an API and test video.

Swift 1.0 Performance and Compilation Times

Marcel Weiher:

About a month ago, Jesse Squires published a post titled Apples to Apples, documenting benchmark results that he claims show Swift now with a roughly 10x performance advantage over Objective-C. Although completely bogus, the post was retweeted by Chris Lattner (who should know better, and was supposedly mostly interested in highlighting the improvements in the Swift optimizer, rather than the bogus comparison) and has now been referenced a number of times as background knowledge as to the state of Swift. More importantly, though the actual mistake Jesse makes is pretty basic and not that interesting, it does point to some deeper misunderstandings about performance and language that I at least do find interesting.


A second takeaway is that the question “which language is faster” doesn’t really make sense, a more relevant and interesting question is “does this language make it hard/possible/easy to write fast code”. Objective-C lets you write really fast code, if you want to, because it has the low-level chops and an understandable performance model. Swift so far can achieve reasonable performance at times, ludicrously bad at other times (especially with the optimizer turned off, which hardly fazes Objective-C), with as far as I can tell fairly little predictability or control. Having 10% faster (or slower) performance for code I don’t particularly care about is not worth nearly as much as the knowledge that I can get the 1-5% of code that I do care about in shape no matter what. Swift is definitely not there yet, and given the direction it is taking I am not sure whether it will allow that kind of control, at least in comprehensible ways.


A third point is something more general about language. The whole argument that NSNumber and NSArray are “built in” somehow and int is not displays a lack of understanding of Objective-C that to me seems staggering. Even more so, the whole idea that you must only use what comes provided with Cocoa and are not allowed to build your own flies in the face of modern language design, throwing us back to the times of BASIC (Cathy Doser, in the comments).

Christoffer Lernö:

Recently I discovered that our current project is seeing O(n²) compile times. While a small project compiles real fast, compile times for projects with 20.000+ lines of code will easily take a few minutes to compile. This is Swift supposedly at 1.0 with no optimizations turned on.

In other news, using Dictionary instead of NSDictionary when interfacing with ObjC code was able to incur a performance penalty of over 14000%. Yes, that’s Swift being 140 times slower than using NSDictionary.

Furthermore, putting your source code in the same or different files can give you a performance penalty of over 3000% in itself. Again, yes that is Swift being 30 times slower if you call something in a different file.


I’d like to see Swift succeed. It is certainly less bulky than Objective-C. However, when Swift becomes unworkable for projects exceeding 15.000 LOC, then no amount of liking the language is going to help. Nor will you be able to replace it with ObjC/C if you have a performance sensitive application.

Marcel Weiher on the compilation time:

1000x slower? Wow, that’s worse than I would have expected (and I expected bad). Unlikely to change significantly (see C++,Scala etc)

Expensive default semantics, 100% reliance on optimizer to get remotely reasonable perf., unpredictable performance model.

I still like the potential of Swift, but it sounds like it’s currently very easy to paint yourself into a corner. It is troubling that basic features like dictionaries are so slow.

Update (2014-09-14): Christoffer Lernö:

Since Scala is a bit infamous for slow compilation times – partly attributed to type inference – my fear has been that Swift would remain fairly slow at compilation. However, I’ve been assured that Swift’s model is much closer to that of F# and C#. The current O(n²) compiler times are due to bugs and not due to any inherent complexity in the language itself.

BeeLine Reader

BeeLine Reader (via Lukas Mathis):

BeeLine Reader makes reading faster and easier by using a color gradient that guides your eyes from the end of one line to the beginning of the next. This gradient makes you less likely to skip or repeat lines, so you read faster.

It really seems to work.

A Brief Visual History of Apple Home Page Tabs

James Dempsey:

First, we see how the user interface has evolved. The tabs begin with the natty pinstripes and bubblicious tabs of the original Aqua interface, appearing on the home page immediately after Aqua was introduced in January 2000. This was the first production use of Aqua elements by Apple—the release of Mac OS X, 10.0 was over a year away. Through the next fourteen years, we see the designs become simpler as the candy look becomes more subtle before disappearing entirely. With the removal of dividing lines between items, the original tabs have finally morphed into a simple menu bar.

This week’s update also ended the reign of Lucida Grande as the font of choice—the honor now belongs to the Apple variant of Myriad.

Larger Screens, But Not for Macs

Jeff Johnson:

If Apple is willing to give us a bigger screen on the iPhone, will they once again please ship a 17 inch MacBook Pro?

Having a larger screen on my MacBook Pro would make me much more productive. The normal 15-inch resolution just doesn’t show very much content. The 1900×1200 shows a lot, though less than my desktop setup, but it is tiring on the eyes.

When traveling, if the available Wi-Fi doesn’t block the port, I supplement with my iPad mini via Air Display (App Store). Unfortunately, there is (according to Avatron) a bug in the OS that prevents MacBook Pros from outputting at HiDPI resolutions. So Air Display can only run the iPad at full Retina resolution (way too small to read) or at a blurry 1024×768.

Apple Addresses iOS Surveillance and Forensics Vulnerabilities

Jonathan Zdziarski on the changes in iOS that address his reported iOS Backdoors, Attack Points, and Surveillance Mechanisms:

The file relay service is now guarded. While the service still exists, all attempts to extract data from it will fail with a permission denied error (see screenshot at the bottom of this post). Only under certain circumstances, such as beta releases and on managed devices can the file relay be activated.


Connections to a number of other services (house_arrest, afc, and others) on the device, has now finally been restricted and these mechanisms are deemed “usb only” services. Wireless clients are no longer permitted to obtain file handles to application sandboxes (only USB clients), so third party application data can no longer be dumped across WiFi. Additionally, wireless clients are not permitted to access the user’s media folder via AFC (Apple File Connection) or access certain other types of data.


Lastly, wireless access to the built-in packet sniffer ( has been disabled, and the service has been listed with a new “usb only” descriptor, so that lockdownd will refuse to attach to it over WiFi. The packet sniffer can only be accessed while the device is connected over USB, eliminating it as a surveillance risk, while retaining its use for debugging and engineering.


While closing off the file_relay service greatly improves the data security of the device, one mechanism that hasn’t been addressed adequately is the ability to obtain a handle to application sandboxes across a USB connection, even while the device is locked. This capability is used by iTunes to access application data, but also presents a vulnerability: commercial forensics tools can (and presently do) take advantage of this mechanism to dump the third party application data from a seized device, if they have access to (or can generate) a valid pairing record with the device.


While the amount of data that can be scraped from an iOS 8 device has been greatly reduced, there is still some risk, and therefore still some steps you can, and should, take to ensure the data security of your device. When traveling through airports, or if you suspect you may be detained by law enforcement, powering down the device will cause the data-protection authentication (NSFileProtectionCompleteUntilFirstUserAuthentication) to be discarded from memory, rendering this type of attack unsuccessful, even with a valid pairing record from a desktop machine. Secondly, consider pair locking your iOS device using Apple’s Configurator tool. I have outlined instructions to do this. This will prevent an unlocked device from being able to establish a pair record with any device, other than the computer you’ve initially paired with in setting it up.

Update (2014-09-18): Andreas Kurtz:

While the iOS 8 sandbox has been revised to limit the ways in which third-party apps could surveil users, such as monitoring their texting or app usage behavior, some of the issues we reported are still present (e.g., determining installed apps, permantetely monitoring pasteboard content from within background apps, observing phone call metadata).

Wednesday, September 10, 2014

Swift Has Reached 1.0


Today is the GM date for Swift on iOS. We have one more GM date to go for Mac. Swift for OS X currently requires the SDK for OS X Yosemite, and when Yosemite ships later this fall, Swift will also be GM on the Mac.


You’ll notice we’re using the word “GM”, not “final”. That’s because Swift will continue to advance with new features, improved performance, and refined syntax. In fact, you can expect a few improvements to come in Xcode 6.1 in time for the Yosemite launch. Because your apps today embed a version of the Swift GM runtime, they will continue to run well into the future.

How much overhead is there for that runtime?

Airspeed Velocity:

As such, the first beta of Xcode 6.1 saw more changes to the standard library than we saw in the pre-1.0 beta, and here they are […]

Update (2014-09-13): Tim Wood notes a strange bug.

iPhone 6

The iPhone 6 and 6 Plus are pretty much what people expected, except it turns out that the ugly antenna lines are real. Although I welcome the larger form factors, I’m disappointed that there is no longer a 3.5-inch or even 4-inch model. If there’s a smaller watch for people with smaller wrists, why can’t there be a smaller phone? It’s not just a matter of physically fitting in one’s pocket. The larger size will simply not be as comfortable in the pocket when moving around or seated. I find the iPhone 5s to be less comfortable in that way than the previous, smaller models, but it’s still acceptable and the larger screen is nice. It’s not clear to me that the same will be true of the iPhone 6.

And I’m skeptical that the one-handed Reachability mode will work well.

Update (2014-09-10): Clark Goble:

No RAM increase. And no new compelling features at all beyond size. For many of us larger, despite the Anrdroid market, is a big step backwards. I hope that in the future they move to keeping the 4″ form factor as the low end but put the latest chip inside. Because the 4.7″ (the smallest) is just too big for my use. I remember the days when having a small phone was a plus.

Ryan Smith:

From a performance perspective Apple is promising 25% faster CPU performance than A7. As is usually the case with Apple, they aren’t talking about the underlying CPU core – though this is a problem we’re working to rectify – so it remains to be seen how much of this is due to CPU architectural upgrades and how much is from clockspeed improvements afforded by the 20nm process.


Meanwhile Apple is being even less specific about the GPU, but from their published baseline performance comparisons against the iPhone 1, the A8 is said to be 84x faster on graphics. This compares to a published figure of 56x for the A7, which implies that the A8’s GPU is 1.5x faster than the A7’s.

Joshua Ho:

Looking past the size of the iPhone 6, there are a lot of noticeable subtle changes to the device compared to the iPhone 5s. In terms of low-hanging fruit, the side-mounted power button definitely helps with keeping a firm grip while turning on the phone, and I didn’t find any real issues when trying to turn the phone on or off. The slightly curved glass that helps to make for a smooth transition when swiping off the edge of the display is also a nice touch, although I’m concerned about the implications that this has for drop resilience and screen protectors.

Joshua Ho:

However, dual domain pixels are actually not as complicated as they seem. […] Anyone that has tried the HTC One (M7) or One X will probably understand the effect of this change as these phones have had this type of skewed subpixel format to get better viewing angles and less color shifting with changes in viewing angles. This can carry some risk though as black backgrounds may have some color shifting towards purple instead of yellow/blue, which can look strange but is quite subtle in my experience.

Andrew Cunningham:

The back of the phones are made out of aluminum with some clearly visible cutouts made to allow wireless signals in and out. The design as a whole is more reminiscent of the 2012 iPod Touch than current iPhones, an observation that extends to the slightly protruding camera lens. You won’t notice this bulge if you keep your phone in a case or sit it on a soft surface, but if you set the phone on a hard table it definitely will wobble a bit in place.


We’ll need to spend more time with it, but Reachability feels like a compromise right out of the gate. It’s a necessary concession to reality—iOS relies overwhelmingly on navigation buttons kept in the upper-left and upper-right corners of the screen. These were reachable with one hand on 3.5- and 4-inch screens. They are emphatically not reachable on either iPhone 6. Android and Windows Phone both solve the problem by putting a hardware or software Back button at the bottom of the screen, an element that has been criticized for its inconsistency but generally gets the job done.

Reachability solves the problem for iOS, but it does so in a way that doesn’t feel very intuitive. First, it’s an odd gesture that sort of overlaps with an existing one (double tap the Home button without pressing to enter Reachability mode, double press the button to bring up the multitasking switcher). Second, every time you press a button in Reachability mode, the app “window” zooms back up to the top of the screen, and you have to double tap again to re-enable Reachability and press the button again. It’s an OK solution for when you need to press one button, less so when you need to tap several navigation buttons at once.

Dave Klein:

The first and most significant reason is that it shows that Apple is being directed by their competitors and detractors. I know that there are some number of iPhone users who wanted a larger phone, though I’d argue that the 4.7 would have sufficed most of them, but the vast majority of noise about Apple’s lack of a giant phone was coming from the phone manufacturers who currently make them, or from the media pundits who inherently hate Apple. It’s very similar to when you hear political party A saying that party B is doomed unless they do X. Then party B does X, and it backfires on them, just as party A had hoped. In other words, don’t take direction from your enemies. With the iPhone 6 Plus, it appears that Apple is doing just that. And that scares me.

Apple Pay


Gone are the days of searching for your wallet. The wasted moments finding the right card. The swiping and waiting. Now payments happen with a single touch.

Apple Pay will change how you pay with breakthrough contactless payment technology and unique security features built right into the devices you have with you every day. So you can use your iPhone 6 or Apple Watch to pay in an easy, secure, and private way.

As a wallet replacement, I don’t really see the attraction. If it’s not ubiquitous, I’ll still have to carry my cards. I’ll need my driver’s license in any case. Even if everyone accepted Apple Pay, I wouldn’t want to leave home with all my eggs in one breakable basket. I’m not convinced that Passbook and NFC are easier than using a card.

But the potential for purchasing from third-party stores, within an app, is very promising:

Convenient checkout. On iPhone, you can also use Apple Pay to pay with a single touch in apps. Checking out is as easy as selecting “Apple Pay” and placing your finger on Touch ID.

Too bad it isn’t available on Macs or older iPhones.


Apple Pay marks the first time a popular operating system is making payments a platform service for real-world, non-digital-good transactions, in a broad, inclusive manner that is compatible with the mainstream payments processing industry. At Clover we’re particularly excited because we believe it opens up lightweight apps that can interact and transact with small-and-medium brick-and-mortar restaurants. By lightweight, I mean that these apps won’t need to maintain a user database, require user logins, worry about getting cards on file, or being an unwilling payment aggregator. i.e., it will be at least 10x easier. I expect a huge amount of innovation in real-world mobile commerce as a result over the coming years because of the revolution that Apple Pay is starting.

Marko Karppinen:

Apple Pay comes with the key benefits of IAP: frictionless transactions, strong privacy protections for the consumer, and a user base that will soon number in the millions. It is backed, in part, by those same credit cards on file at iTunes.

The big difference is that Apple doesn’t charge anybody anything for the use of Apple Pay. That’s because Apple sees Apple Pay as an end-user feature of iPhone 6, not as an independent revenue source. (Update: According to Bloomberg, Apple is charging banks. But that is coming from the fees paid to banks by merchants, so the thesis about this being free for both merchants and customers still stands.)

The comparison with In-App Purchase is interesting:

A newspaper’s iOS app can sell print subscriptions using Apple Pay, get all the conversion benefits of the one-tap payment, and pay 2.9% (to Stripe or some other credit card processor) for the transaction. But if the paper offers the same content digitally, within the same app, Apple will charge 30% in IAP commission.


Apple’s overall business would be well served by dismantling of the IAP monopoly on iOS and allowing Apple Pay to be used for the payment of in-app goods and services.


So Apple Pay is a payment method management application. It is not a payment protocol. The payment protocol Apple Pay uses to interface with point of sale terminals is the same EMV protocol that is used for other solutions.

Update (2014-09-13): Rich Mogull:

Tokenization is great because it reduces or eliminates the need to update legacy systems that expect a credit card number, without ever exposing the real number. Tokenization is typically handled by the payment network, which (in some implementations) encrypts the credit card number right when you swipe it, sends it back for the token, and then provides that to the merchant to keep for things like refunds or customer tracking. If the merchant’s system is breached, no real numbers are exposed; the tokens can also be merchant-specific for any given credit card, making them useless anywhere else.


Using per-device tokens means that only the bank that issued the card (or its payment network) ever has your card: You don’t have to trust Apple with it. This is different from the Google Wallet system, in which Google holds your cards on their servers.


Apple is in a unique position due to its business model. It doesn’t want or need to track transactions. It doesn’t want or need to be the payment processor. It isn’t restricted by carrier agreements, since it fully controls the hardware.

Macworld Layoffs

Jason Snell:

I’ve been working continuously in what is now called “tech journalism” for 20 years, 8 months, and 7 days. In January 1994 I started at MacUser magazine while I still had a semester of grad school left to go. I haven’t had a day where I wasn’t either a full-time student or a full-time employee of a publishing company since the day I toddled into Kindergarten in the fall of 1975.

Until today, that is.

Roman Loyola:

Pretty much the whole Macworld staff has been let go. Looks like the end. Sad

Dan Frakes:

After 10 years as a Macworld editor, I’m a freelancer again (along with too many of my colleagues). Sad day for me, but also for Macworld.

Philip Michaels:

So, um... anyone hiring?

Best wishes to all of the Macworld folks. Thanks for so many years of great work. I have read, I think, every issue since about 1990. Thank you for the Eddy, which was one of the major factors in getting my business going. Thank you for holding the line with real journalism and lab testing in a world of click-bait headlines. I’m looking forward to seeing what you do next.

Update (2014-09-10): Dan Miller:

Macworld print is going away, but will continue.

David Pogue:

My first writing job was Macworld magazine; 13 wonderful years. Today, nearly the entire staff has been laid off. Breaks my heart.

Adam C. Engst:

Also troubling is the demise of the print edition of Macworld. Since the launch of the Macintosh in 1984, Macworld has been a stalwart of the Mac community, a role that has continued through the 1997 merger with MacUser (see “MacUser and Macworld Merge,” 11 August 1997) and the disappearance of MacWEEK (“MacWEEK to Roll into MacCentral,” 5 March 2001). The print magazine world is tough, but it’s still surprising that Macworld would fold now, with Apple so dominant and Apple products used by so many millions around the world.

The Macalope:

My thanks also to @jsnell who took a chance on a furry mythical creature with a bad attitude. Guy’s like a cat, he’ll land on his feet.

Dan Moren:

If you haven’t heard: Today’s my last day at @macworld along with a lot of other fine folks. Thanks for all your support—you guys are swell.

Brent Simmons:

Is it just that it’s hard to make enough money to run a quality publication?

Update (2014-09-11): Serenity Caldwell:

Took a self-photobombed shot of yesterday’s liveblog crew in action. I’ll miss these jerks.

Tom Negrino:

Losing Macworld Lab is a real blow to the Mac community. Knowing how to do good performance testing on Apple gear requires deep knowledge.

Glenn Fleishman:

Be more pissed about 20 years of inadequate response to digital media through determined executive resistance. Cuz, you know, IDG could have owned the *world with the great staff they had.

Laura Blackwell:

The designers and photographer who made Macworld/PCWorld/TechHive look great have also been laid off. So much talent for hire!

Josh Centers:

RIP Macworld Labs. You will never see this awesomeness again.

Jon Seff:

To those saying Macworld layoffs related to print were inevitable, understand that the bulk of our/their jobs was daily online work.

Marco Arment:

Over the last few years, we’ve all seen Macworld’s website degrade further into reader-hostile designs and lower-rent ads, borrowing against their future goodwill and relevance just to keep the lights on, while hoping for better economic conditions that we all know will never return to that business. Like a beloved relative whose last years were difficult and undignified, I’m going to choose to remember only the good times.

Update (2014-09-13): Serenity Caldwell:

I’ve loved every second working for Macworld’s editorial staff. These are some of the best folks in the business, and they took a 22-year-old Apple-obsessed tech enthusiast who didn’t quite know what she was doing and helped her evolve into a full-fledged reporter. I am so grateful to every one of these people—both for what they’ve meant to me as my friends and as my colleagues. Working in this field is a dream job.

Jason Snell:

I should mention that PCWorld, TechHive, and Greenbot all lost staff yesterday. Macworld was most dramatic change, but far from the only.

Christopher Breen:

It’s easy to blame management because, hey, it’s always The Man, right? But the truth is that Macworld continued as a print publication for as long as it did because the people at the very top had a soft spot for it. They tried every way they could think of to make it work. Regrettably, the realities of economics eventually took hold.


But I’m not here to feed Internet tittle-tattle. Rather, as someone who’s been with Macworld (and MacUser before it) for a very long time, I’d like to provide potential employers (and those who are simply interested in their favorite writers) some details about my departed colleagues.

Dan Moren:

For the last eight years, I’ve devoted most of my waking moments to following Apple coverage. To say that I’ve loved every moment would be an overstatement: like any job, there are plenty of ups and downs; for every triumph, there was an opportunity to learn from mistakes. But I had the privilege of working alongside folks who I’d been a fan of from afar—Jason, Chris Breen, Dan Frakes, Jim Dalrymple, Peter Cohen, Rob Griffiths—folks who worked just as hard, even if their names didn’t always come to the forefront—Scholle Sawyer-McFarland, Philip Michaels, Dan Miller, Jon Seff, Jackie Dove, Jim Galbraith—and folks who I met along the way—Roman Loyola, Serenity Caldwell, Lex Friedman—as well as more freelance contributors than I can name.

Paul Kafasis:

For years, Macworld set the standard for Mac journalism, and the volume of talent that is presently unemployed is simply obscene. There’s little doubt that these talented folks will quickly find new opportunities. I only hope that many of them will remain in the Apple space, so that we can continue to benefit from their work for years to come.

Jon Phillips:

This week, the Macworld family lost many key staffers whose passion, creativity and tech knowledge made this website and our magazine an industry flagship. But amid the loss we’re excited about what the future holds. Please stay tuned for great things ahead.

Update (2014-09-18): Jason Snell:

Over the last decade we all made an enormous effort to transform Macworld editorial from a magazine mentality to a web site mentality. And honestly, it worked: By the end, the magazine was essentially a curated collection of the best stories from the website, cut down and copy edited and with nice photographs. The economics of the business just didn't make it possible to continue.

Apple Watch

Before the event, I was skeptical about a potential iWatch for two reasons:

  1. Competing smart watches are giant, unattractive bricks. Apple may have better taste, but how could they do much better without overturning the laws of physics?
  2. I have been incredibly happy not wearing a watch since I started carrying an iPhone. What could this type of device possibly do that would change my mind?

Apple itself hyped the announcement like crazy. So I thought, “I have no idea how, but maybe they really did crack this thing.” But, in the end, I don’t think Apple Watch (not so fond of WATCH) answers either of my questions.

  1. Maybe it’s different in person, but in the photos it looks big in every dimension, probably more so than a calculator watch. I don’t think it blows away Samsung’s products in appearance, and it’s not that far off from a parody of a mini original iPhone on a band. It will apparently need to be charged nightly. We don’t know yet whether it’s waterproof.
  2. There are lots of impressive features and creative ideas. But, based on the presentation, Apple itself doesn’t seem to have a clear explanation of what it’s for. Even if I somehow got one for free, I doubt I would wear it. The original iPhone announcement was the opposite: I wanted one yesterday, even at $600, even though it didn’t have apps, even though it only supported AT&T.

Right now, I think Apple Watch is an amazing technical achievement, but I just can’t see this one being a mass-market success. It seems like the type of product where you’d really feel burned buying the 1.0. In five to ten years, when it’s much thinner and lighter? And when, I presume, people will have more use cases figured out? That could be really interesting.

Today, though? What I want from Apple today is not new product categories. I would rather they put all those brilliant engineers to work fixing bugs and maintaining the apps that I use. That’s what would really make my life better.

Update (2014-09-10): John Gordon:

This isn’t the usual Apple 1.0 product. The usual 1.0 Apple product is interesting and somewhat useful for early adopters with high pain tolerance and it comes with a clear path to a strong 2.0. This is version 0.5. It’s far too ambitious for its time -- and it’s 6 months behind schedule.

Dave Winer:

The Apple Watch was basically paying a debt, and it’s not a product Steve Jobs would have shipped. The debt is that the new Apple management has to show investors that they can ship something new. It probably indicates that they don’t have anything better in the pipe, and that’s fine. It could be at this point in history there aren’t any new devices that make sense.

Clark Goble:

I just can’t quite figure out how many people would want the watch. I didn’t see that Apple made a compelling need case for it. Say what you will about Jobs. But he always had a killer function — even for the iPad. Exercise seems to be the attempt for the watch, but even that isn’t that compelling given the limits of the watch itself.

Brian Dunagan:

That’s the question for Apple’s iWatch. How does it go beyond a novelty? I use my Mac, my iPhone, and my iPad every day, not for the sake of using them, but to do things. The current assortment of smart watches still seem geared toward early adopters, who are interested in the device itself rather than doing things with the device.

Khoi Vinh:

As first sight, the look of the Apple Watch struck me as boxy and inelegant. Its vaguely space age-y curves seemed like the antithesis of what I personally favor in watch fashion, which is something more conservative.


There aren’t quite as many SKUs for the Apple Watch as there are, say, in the Nixon watches catalog, but there are far more variants on offer than for any Apple product that’s ever come before. And remember, this is a company that, at the onset of its comeback, prided itself on selling fewer things, on an almost flagrantly reductive product matrix.

Ben Thompson:

Then came the introductory video, and we never got an explanation of why the Apple Watch existed, or what need it is supposed to fill. What is the market? Why does Apple believe it can succeed there? What makes the Apple Watch unique?

Benjamin Clymer:

The overall level of design in the Apple Watch simply blows away anything – digital or analog – in the watch space at $350. There is nothing that comes close to the fluidity, attention to detail, or simple build quality found on the Apple Watch in this price bracket.


If I had to criticize the actual form of the Apple Watch, it would be a complaint you’ve heard from me before (most recently with the Habring2 in our latest Three on Three); the Apple Watch doesn’t fit under my shirt cuff without serious effort, if at all. I believe that great design should not disrupt daily life, and a watch that doesn’t fit under a shirt sleeve is missing something. Apple is amazing and building thin, elegant machines, and I was surprised by how bulky this is, especially when the 45 minutes prior to the introduction of the Apple Watch were spent discussing how svelte the new iPhone 6 is. I understand the physical limitations and the required dock on the rear of the watch, but the Apple Watch is bulkier than I would’ve liked.

Update (2014-09-13): Dave Chap shows how the Apple Watch is slightly thinner than two iPhones.

Om Malik has lots of photos.

Rainer Brockerhoff speculates that Apple Watch doesn’t run iOS.

Mark Bernstein:

My guess is that, somewhere around 2017, looking at your phone in company is going to be considered bad manners, but looking at your watch will be OK.

xkcd on smart watches (and thinkpieces).


The Apple Watch will use a unique system to authorize NFC mobile payments, reports say. Normally Apple Pay is authorized via Touch ID, but there's no such sensor on the Watch. Instead, when someone puts on the device for the day, they'll have to enter a PIN to authorize transactions. The sensors on the bottom of the watch can detect skin contact, and once that's lost, a person will have to re-enter their PIN.

Ken Segall:

One could also argue that the i has been hijacked by many other companies, while the Apple-word is un-stealable. So, the naming of Apple Watch could well be the start of a new naming direction, with more importance placed on Apple and less importance placed on the i.


What Samsung did with the Gear is somewhat predictable. It created a wrist-sized version of a phone. Apple took a more unexpected route, based on the realities of the small screen — with the digital crown being a highlight. Apple’s strength is in imagining solutions that feel simple and natural.

Alex Vollmer:

This is going to sound funny, but I think the tactile pulsing feature of the Apple Watch is one of its most intriguing. It got me thinking about how, paired with the right software, it could be a fantastic way to teach a wearer certain timing-related skills.

Update (2014-09-15): Andy Ihnatko:

This has been bothering me since Tuesday. I was at the iPhone and the iPad launch events and though I left with some questions and concerns, I left San Francisco tingling a little bit. I wasn’t unimpressed by Apple Watch, and my thoughts are overall positive. But it concerns me a little that it’s such an important new product for Apple and that they put so much effort into this event … and I’m still not entirely sure what the Apple Watch is or what role Apple thinks it will perform in people’s lives.

Marco Arment:

Apple didn’t find a way around the laws of physics. They didn’t somehow unveil a revolutionary battery or screen technology that the world had never seen before. They punted again. In the absence of any better alternative approaches, they just did what they could with today’s technology.

It’s kinda big, but the touch screen isn’t big enough for good touch input and can’t fit much text or UI. It seems fashionable enough, but it’s unquestionably electronic-looking. It’s about as thick as it could reasonably be, but the battery only lasts a day. And the primary functions still seem to be telling time and showing phone notifications.

This shouldn’t be a big surprise, though. This is what Apple usually does.

Update (2014-09-16): Kyle Baxter:

But that idea of what smartwatches are for, making it more convenient to deal with the flood of notifications and information our phones provide us, is unimaginative. I think what the smartwatch can do is make the phone unnecessary for many purposes, create new purposes altogether, and allow us to benefit from a wrist-sized screen’s limitations.

Benedict Evans:

If you wanted a nine inch touch-screen tablet, the iPad executed that idea pretty well, but did you want one? Was it a good idea? If you want a very small computer on your wrist, both Apple and Motorola (and perhaps Samsung, if that’s your taste) have each made one that’s pretty good, but do you want one?

Update (2014-09-17): Jean-Louis Gassée:

But let’s not get ahead of ourselves — we’re still barely past the demo. We’ll have to wait for the actual product to come to the wrists of real users. Only then will we have the Apple Watch make-or-break moment: Word-of-mouth from non-experts.

John Gruber:

I think Apple Watch prices are going to be shockingly high — gasp-inducingly, get-me-to-the-fainting-couch high — from the perspective of the tech industry. But at the same time, there is room for them to be disruptively low from the perspective of the traditional watch and jewelry world. There’s a massive pricing umbrella in the luxury watch world, and Apple is aiming to take advantage of it.


The most intriguing and notable thing about Apple Watch’s design, to me, is the dedicated communication button below the digital crown. The entire watch is fully operational and navigable using just the digital crown and touchscreen. You can go anywhere and do everything using taps, force presses, or turning and pressing the digital crown. There is no need for that extra button (which, in the unveiling video, Jony Ive described only as “the button below the digital crown”).


I’ve seen some skepticism about Apple Watch’s use of “force presses”. To wit, that this capability is unneeded — anything you can do with a force press could be done on a regular (non-pressure-sensitive) touchscreen using a long press. I disagree. Force pressing means you won’t have to wait. Talking to Apple people behind the scenes last week, they are very keen on the force press thing.

It would be nice to be able to force press to select text in iOS.

Amy Worrall:

thing it was lacking was something telling us “Here’s why you need Apple Watch”. There was a big list of things the watch could do, but nowhere did they tell us how much better our life would be for being able to do those things. I bought the Pebble (which was less than half the price of the lowest end Apple Watch) because I was interested in what the future might bring for smart watches. Do I buy the Apple Watch for the same reason, or do they have a unique selling point yet?

New iCloud Pricing

Like Dropbox, Apple has reduced its cloud pricing:

Customers will continue to get 5GB of storage for free, with 20GB available for $0.99 per month. 200GB of storage costs $3.99 per month, and 500GB is $9.99 per month. Apple’s top tier storage, 1TB, costs just $19.99 per month, slightly more than Dropbox’s new $9.99/month price for 1TB storage.

(Is 2x really “slightly”?)

Apple’s September 9th Live Event Stream

Dan Rayburn (via Amy Worrall):

The bottom line with this event is that the encoding, translation, JavaScript code, the video player, the call to S3 single storage location and the millisecond refreshes all didn’t work properly together and was the root cause of Apple’s failed attempt to make the live stream work without any problems. So while it would be easy to say it was a CDN capacity issue, which was my initial thought considering how many events are taking place today and this week, it does not appear that a lack of capacity played any part in the event not working properly. Apple simply didn’t provision and plan for the event properly.

All the other recent Apple streams have worked really well for me. That said, the refreshing and JSON don’t explain why the stream was also unreliable on Apple TV.

Update (2014-09-13): igrigorik:

Why? No idea. All of them are served via, which is also fronted by Akamai, but once again, a short TTL really doesn’t help with caching, which means there were a lot of requests hitting the Apple origin servers. Those poor Apache servers powering Apple’s site must have been working really, really hard. I’m not surprised the site was experiencing intermittent outages.

Oh, and speaking of load on origin servers… Remember feed.json? Every 10 seconds the page makes a polling request to the server to fetch the latest version. Combine that with a really short maxage TTL and missing gzip compression, and you’ve just created a self-inflicted DDoS.

Simon Fredsted (via John Gruber):

I’m sure that at this point Apple and their streaming partner has done a complete investigation of the causes of the many problems of the stream. Here’s what I think they have found.

Markdown and CommonMark

Jeff Atwood has been repeatedly trying to hijack Markdown rather than fork it. It’s hard to believe that he would think Common Markdown would be acceptable when Standard Markdown was not. Gruber clearly doesn’t want to give him the name, so this reads as Atwood increasingly trying to rationalize just taking it.

Dave Winer:

Whatever his feelings for Gruber are, he’s hurting himself a lot more by taking the name of the project. It isn’t his to take. If he wants to make a contribution, let it stand on its own and accept competition from others.

Gruber did the hard work, had the vision, and used his goodwill to get Markdown to happen. He can’t and shouldn’t stop anyone from building on what he did (and as far as I can tell he doesn’t want to), but they shouldn’t stop him either.

Winer (of course) sees parallels with RSS:

Now it is what it is. A bunch of programmers fighting over who gets to be the Holy Father of Markdown is only going to create confusion, it won’t actually change what Markdown is.

Programmers always underestimate deployment, and think they can wave a magic wand and get everyone to upgrade.

Werner Vogels:

It is a case of “Worse is better” - instead of excellent formalized frameworks we favor tools that work. Help us (in this case writers) do our jobs. My two favorite tools in this case (e.g. Textmate and Byword) seem to be fine with the definition as is and as such I don’t see reason to resort to an standardization effort.

I think it’s great that people have been able to extend Markdown in different ways, for different purposes, even creating domain-specific derivatives. However, the argument that it’s good for the basic features to remain underspecified has never been clear to me. Today, people wouldn’t say that about HTML and the Web, so why should Markdown be different? How is it more user-friendly to the writer to get different output from different tools?

So I think the formalization effort is a good thing, and (given Gruber’s wishes) that it’s also good for it to proceed under a different name, CommonMark:

Because there is no unambiguous spec, implementations have diverged considerably. As a result, users are often surprised to find that a document that renders one way on one system (say, a GitHub wiki) renders differently on another (say, converting to docbook using Pandoc). To make matters worse, because nothing in Markdown counts as a “syntax error,” the divergence often isn’t discovered right away.

Monday, September 8, 2014


Swifter is auto-generated documentation for Swift’s standard library (via Ole Begemann).

Update (2015-01-05): Swifter is now

The change in name is meant to mark the beginning of a process: to give the Swift community a site that is both more useful and one we can all be involved with.

To that end, I’ve put the code for the parser/builder that converts the Swift header file into this site, and the code to the site itself, in repositories on GitHub. Moreover, the site itself is now hosted via GitHub Pages. Plans are in the making for the coming weeks that will involve, you, Gentle Reader, so watch this space.


Mattt Thompson:

When interacting with frameworks like Foundation in Swift, all of those NS_ENUM declarations are automatically converted into an enum—often improving on the original Objective-C declaration by eliminating naming redundancies […] Unfortunately, for NS_OPTIONS, the Swift equivalent is arguably worse.


Compared to the syntactically concise enum declaration, RawOptionsSetType is awkward and cumbersome, requiring over a dozen lines of boilerplate for computed properties.

Phone Sizes

Lukas Mathis:

The interesting thing is that there are a lot of iPhone owners out there for whom — relative to the size of their hands — their iPhone is already bigger than the Galaxy Note was for the men who wrote those articles. It didn’t occur to those authors that their hands were probably larger than most women’s hands, and that the experience they had with the Note wasn’t altogether unlike how many women feel while using their iPhones today.

In that context, it shouldn’t have been a surprise that the Note turned out to sell well — after all, in relative terms, a lot of iPhone owners were already using very large phones.


That’s why phone size is such a difficult topic. It depends on you, and it depends on what you do with it. I’m glad that Apple is about to introduce a larger phone, but I also still believe there are people who would benefit from an additional phone that’s even smaller than the 4S.

John Gruber:

The thing is, I’m not laughing. You wanted Apple to make a 5.5-inch iPhone? This is what you get.

Core Data Batch Updates

Geppy Parziale:

First of all, Apple introduced a new method executeRequest:error: in the NSManagedObjectContext class. It is very similar to the executeFetchRequest:error: method that you can use to perform a fetch request to populate the Managed Object Context. Its first argument is a NSBatchUpdateRequest. This is a new class, subclass of the NSPersistentStoreRequest recently introduced in iOS 7, and provides very similar functionalities to its sibling NSFetchRequest. The batch request is composed of an entity (the entity containing the property or properties you want to update) and a predicate to define a subset of data you want to update. Eventually, you can also define a dictionary containing the properties you want to update and their new values.

Once created, the NSBatchUpdateRequest is passed to the executeRequest:error: method. After its execution, this method returns an NSBatchUpdateResult object (subclass of NSPersistentStoreResult), the result property of which contains the batch updates result value(s). You can define the type of results you want from the executeRequest:error:, when you define the NSBatchUpdateRequest. You choose among three types of results:


The legacy Fetch-Update-Save takes 7.2s to run on the iPhone 5s, while the new batch updates run in only 0.81 s.

Impressive is also the memory usage. As expected, since the batch updates run directly on the Persistent Store, the memory usage is incredibly lower than the old approach.

I’ve been wanting something like this for a long time. (Note that it doesn’t handle deletion.)

Thoughts on ADN and Dropbox

Clark Goble:

For most people ADN is yesterday’s news. It’s considered as dead as the dodo. However there’s actually still a pretty good community going on there. As people have noted the signal to noise ratio has gone up quite a bit. Unfortunately the people who run ADN don’t seem to share the hope that some of the continuing users have. Which makes it a bit of a self-fulfilling prophecy. I know a few people with innovative clients there aren’t finishing because it doesn’t seem worth the effort. 

The best hope for ADN is for some other company like DropBox to make a competitor that uses ADN’s excellent APIs. Even the critics of ADN and its management always acknowledged that in terms of actual engineering it was an amazingly well designed system.

How to Correct Siri’s Pronunciation

Christopher Breen:

When Siri mispronounces a name, reply “That’s not how you say that.” Siri will respond with “OK, how do you pronounce the name (firstname)?” where firstname is that contact’s first name. Say the first name and Siri offers you three pronunciation choices. Tap each sample and then tap Select next to the one closest to the pronunciation you prefer. If none of them are as close as you’d like, you can tap Tell Siri Again and she’ll take another stab at it.

Thursday, September 4, 2014

Faux Pas 1.0.1

Faux Pas:

What the Clang Static Analyzer is to your code, Faux Pas is to your whole Xcode project.

Faux Pas inspects your iOS or Mac app’s Xcode project and warns about possible bugs, as well as about maintainability and style issues.

I downloaded this a while ago but hadn’t gotten a chance to try it out until I was reminded of it by Brent Simmons. I love the idea, but when I ran it on all my projects it didn’t help much. It recommended that I use GCC_PREPROCESSOR_DEFINITIONS rather than OTHER_CFLAGS and -D, which seems like a good suggestion. The other times it flagged were either debatable style issues or just plain wrong (e.g. telling me that my .app and .xctest bundles should be added to version control).

I guess the bottom line is that my projects were in OK shape to begin with. I can see this tool being more useful for people working on teams or with code that they inherited.

Update (2014-09-16): The problem with telling me that I should add my build products to version control is fixed in Faux Pas 1.1.

PlotDevice 0.9.4


PlotDevice is a Macintosh application that lets you write Python scripts to generate 2D graphics using simple drawing commands. Under the hood, your code drives the system’s Quartz imaging engine, giving your scripts the same graphical power as a full-fledged Cocoa app.

Your code can combine basic geometric shapes, typography, freeform Bézier curves, and a panoply of image formats. This omnivorousness makes PlotDevice ideal for both workaday tasks like image-processing as well as more exotic uses ranging from procedural texture generation to data visualization.

Like NodeBox, which it’s based on, it’s open-source. It sounds similar to Schwartz, another app for driving Quartz 2D from Python. But whereas Schwartz is like a Python IDE for the Quartz API, PlotDevice has its own Pythonic drawing API.

Wednesday, September 3, 2014

iOS Console 0.9


iOS Console allows you to view iOS console logs directly from your Mac, and now with built in textual filtering, finding a specific log message has never been easier!

Path Finder 7

Path Finder 7 has an updated interface and some interesting new features such folder comparison.

Update (2014-09-15): Gabe Weatherhead:

If you’re struggling with using the Finder because it feels too limited then the full purchase price of $40 is probably worth it, just like it was with Path Finder 6. I don’t think PF7 is a particularly impressive update but the overall application is terrific.

Writing a CSV Parser

Thomas Burette:

If a supplied CSV is arbitrary, the only real way to make sure the data is correct is for an user to check it and eventually specify the delimiter, quoting rule,... Barring that you may end up with a error or worse silently corrupted data.

Writing CSV code that works with files out there in the real world is a difficult task. The rabbit hole goes deep. Ruby CSV library is 2321 lines.

On the surface, it seems like almost a one-liner.

Craig’s Terminal Tips

Craig Hockenberry:

As much as I love them, these long “trick lists” on Stack Overflow have a problem: they’re poorly organized with little narrative describing why you’d want to use a technique. This long homage to the command line is my attempt to remedy that situation.

A great tip that I tend to forget is that you can type Control-X, Control-E to edit the current command using your EDITOR.

Swift Memory Dumping

Mike Ash:

This is far from normal or sane Swift code, but it works and the results are really useful. It’s also a great example of how Swift lets you interact with all sorts of low-level C calls without much more of a fuss than it takes to call them from C. Although you should probably avoid these shenanigans when you can, the fact that you can do stuff like unsafeBitCast and get pointers to the internal storage of arrays is really handy when you need it.

Common App Rejections


Before you develop your app, it’s important to become familiar with the technical, content, and design criteria that we use to review all apps. We’ve highlighted some of the most common issues that cause apps to get rejected to help you better prepare your apps before submitting them for review.

Most interesting to me is that 6% of the rejections are apparently because Apple doesn’t like the user interface.

Update (2014-09-04): David Smith discusses the changes to the App Review Guidelines.

The Humble Map

Rob Napier:

And again we replace our cut-and-paste for-loop with a reusable function that captures the goal. We save some code, but it’s more than that. We can compose filters and maps to create more interesting things in highly readable ways.


The goal of using map and filter this way is to make your code easier to read, understand, and debug. It gets the boilerplate out of the way and leaves you with the key parts of what you’re trying to do.

This is so much nicer in Swift than Objective-C because of the concise syntax.

Facebook Pages vs. Groups

John Gordon:

For most organizations Groups are much better than Pages. This was not always so, a couple of years ago Facebook seemed to be deprecating Groups. Unfortunately, you can’t convert a Group to Page or vice-versa.

Tuesday, September 2, 2014

“Use Cellular Data For” Switch Doesn’t Work


You can also enable or disable cellular data for certain iOS apps and features from this setting.

Choose Settings > Cellular to view the cellular data usage for each app. Tap to turn off cellular data for an app.

Unfortunately, this feature seems to have stopped working with iOS 7.1.2. I went over my 200 MB bandwidth limit in both July and August—having never done so before. Apps such as OmniFocus and Overcast, which I’ve always set to not use cellular data, used tens of MB of data each month.

Omni seems to have received other reports of this problem and explained how I could turn off automatic syncing in OmniFocus. I think this helped, but the app has still used 5 MB of data in the last four days, when it shouldn’t have used any at all.

Update (2014-09-18): My initial impression is that iOS 8 fixes this bug, although it continually pops up alerts telling me that cellular data is turned off.

Announcing the Textbundle Format

Brett Terpstra:

The Textbundle format is very simple. A folder containing a plain text file, a JSON data file, and an assets sub-folder. An app, such as Ulysses, can write a Textbundle out and pass it to Marked, and all of the necessary components are automatically included. Images, additional text files, and any metadata needed are all there and safe from sandboxing restrictions.

Sandboxing is the primary motivation, and Textbundle solves the major issue of referencing external files in Markdown.

LaunchBar’s New Staging Area

Norbert Heger:

LaunchBar collects items that participate in a multiple selection in a so called staging area. You can add or remove (stage or unstage) items with a few keystrokes.


Once you’ve staged multiple items, you can act on these items pretty much the same way as you do with single items. Press ↩ to open them, press ⇥ to send them to an action, move them to a folder, and so on.


You can quickly show a list with all currently staged items by pressing ⇧→.


While this list of staged items is visible, you can press ⌫ to remove items from the staging area. And you can press ⌥↑ or ⌥↓ to rearrange items in the list. This is useful when the order of items is relevant, e.g. in case of songs (when you wish to play them in a particular order) or contacts (when you want a recipient to be first in the To-field of an email).

Protocols and Assumptions

Airspeed Velocity:

So what’s the solution – should RangeReplaceableCollectionType mandate the kind of index validity behaviour our remove algorithm relies on? Or are the assumptions invalid and we need a better algorithm? (of which more in a later article) The Swift standard library is still evolving rapidly with each beta so it’s possibly a little early to tell. For now, be careful about the assumptions you make – just because all the current implementations of a particular protocol work a certain way doesn’t mean other implementations will.

What “Coder” Means

Dave Winer:

The act of turning the English words into Morse code is coding.

That is what coder means. Someone who encodes things.

There was a time when you’d write your code on big sheets of paper, and then sit down at a machine called a keypunch, and transfer the instructions from paper to 80-column cards with holes, that machines could read. It would be fair to call this coding. But we haven’t done development that way for a very long time!

Developing software involves a lot of thinking, and trial and error, learning, experimenting, listening to users, getting feedback and trying new approaches. The coding part of it, if we still did it, which we don’t, would be a relatively insignificant part of the job.

I doubt that most people think that’s what “coder” means today. They just use it as a shorter word for “programmer.” Leslie Lamport seems to see coding as translating a (perhaps implicit) specification into code. We understand that writing is primarily thinking (or researching, etc.), not typing. So it is for people who write code rather than prose. Do people really not understand this?

A lot of managers think that programming is a menial job, and hire people accordingly. They value subservience. That’s where the word coder comes from, and why it’s so bad.

If there is a problem, I think the solution would be to educate about what coders actually do, not to come up with a fancier title. If “writer” works—and I think it does—I have no problem with “coder.” That said, I tend to describe myself as a “developer” because I do lots of non-coding/code-thinking work such as customer support, documentation, and business and server stuff.

Discourse Reaches 1.0, Without RSS

Jeff Atwood:

Version numbers are arbitrary, yes, but V1 does signify something in public. We believe Discourse is now ready for wide public use.

That’s not to say Discourse can’t be improved – I have a mile-long list of things we still want to do. But products that are in perpetual beta are a cop-out. Eventually you have to ditch the crutch of the word “beta” and be brave enough to say, yes, we’re ready.

Jeff Atwood (via John Gordon):

I am of the belief that RSS is kind of a semi-dead format at the moment.

However if someone submitted a GitHub pull request that added proper RSS support, I wouldn't turn it down!

I loved the idea of Discourse, but I remain unimpressed with it so far. In my view, the current design is user-hostile, to the point where I avoid forums that use it. I prefer to visit sites that use any number of low-tech forums from before Web 2.0. Not including RSS support seems to underscore that their vision for what the product should be is radically different from mine.

TextExpander Snippet Expansion Comes to Every App in iOS 8

Smile Software (via Federico Viticci):

Prior to iOS 8, only apps which implemented the TextExpander touch SDK could expand snippets directly.

Under iOS 8, the TextExpander keyboard will work system-wide and reliably share snippets with the TextExpander app. The keyboard will also include full VoiceOver accessibility support.

Update (2014-09-02): Clark Goble:

The keyboard I’m most looking forward to myself is SwipeSelection. Apple even changed the keyboard API to make keyboards like SwipeSelection possible in iOS 8. If TextExpander including sensical cursor movement in their keyboard ala SwipeSelection I’d probably get it immediately. Although it should be a selectable option.

It’s what’s possible now, but it seems like a custom keyboard is not really the best way to integrate TextExpander into iOS. Why should I have to use their keyboard user interface (and forego other custom keyboards) just to get their code to see what I’m typing?

The Poisoned NUL Byte, 2014 Edition

Chris Evans:

The effect of all these command line arguments is to bloat both the stack (which grows down) and the heap (which grows up) until they crash into each other. In response to this collision, the next heap allocations actually go above the stack, in the small space between the upper address of the stack and the kernel space at 0xc0000000. We use just enough command line arguments so that we hit this collision, and allocate heap space above the stack, but do not quite run out of virtual address space -- this would halt our exploit!


The main point of going to all this effort is to steer industry narrative away from quibbling about whether a given bug might be exploitable or not. In this specific instance, we took a very subtle memory corruption with poor levels of attacker control over the overflow, poor levels of attacker control over the heap state, poor levels of attacker control over important heap content and poor levels of attacker control over program flow.

Yet still we were able to produce a decently reliable exploit! And there’s a long history of this over the evolution of exploitation: proclamations of non-exploitability that end up being neither advisable nor correct. Furthermore, arguments over exploitability burn time and energy that could be better spent protecting users by getting on with shipping fixes.

Swift Default Protocol Implementations

Mattt Thompson:

All of this highlights a significant tension between methods and functions in Swift.

The Object-Oriented paradigm is based around the concept of objects that encapsulate both state and behavior. However, in Swift, it’s simply impossible to implement certain generic functions as methods on the struct or class itself.


Because of the constraint on the element of the sequence generator being Equatable, this cannot be declared on a generic container, without thereby requiring elements in that collection to conform to Equatable.

Relegating behavior like contains, advance, or partition to top-level functions does a disservice to the standard library. Not only does it hide functionality from method autocompletion, but it fragments the API across a Object-Oriented and Functional paradigms.

Photo Security Tips

Christopher Breen:

If you’d disabled photo sharing from your iPhone to your iCloud account those pictures would have remained on your phone. Although the horse has left the barn, here’s what you might have done.

Sriram Krishnan:

First, you deserve an apology from all of us who work in tech. This should be easier and more bullet-proof but it isn’t. We keep working on making it better.

Second, the title of this post is a lie. Nothing is ever completely safe unless you prefer to only use computers in an underground bunker disconnected from any wires. And even that may be insecure. The below are reasonable practices which will hopefully keep you safe while not making your normal usage of technology and gadgets impossible. Sadly, the only way to make sure something never falls into the wrong hands is probably to never have it in a digital form. This is especially true for those of you who get more attention from the bad guys than the rest of us - they’re always going to be trying to find the weakest link in.

I don’t actually want my photos to be in the cloud, with the last 1,000 taking up space on each of my iOS devices. But the alternative is to use a much less efficient workflow. I’d prefer it the photos were automatically transferred directly to my Mac, either over Wi-Fi or USB, without having to open Aperture, pick a project, initiate the import, delete the photos after importing, and then quit Aperture.

Monday, September 1, 2014

Dropbox Cuts Prices, Increases Storage, Adds Pro Features

Casey Newton:

Today Dropbox announced a revamped version of its paid offering for individuals, called Dropbox Pro, that costs $9.99 a month for 1 terabyte of storage. Previously, $9.99 got you just 100 gigabytes; storage maxed out at 500GB, which cost a whopping $500 a year.


Simple collaboration is one of the reasons people choose Dropbox Pro, but we’ve heard you ask for more ways to protect the stuff you share. That’s why we’re bringing new sharing controls to Dropbox Pro.

Adam C. Engst:

Dropbox has also rejiggered its Packrat unlimited version history feature. For free accounts, Dropbox maintains all older versions and deleted files for only 30 days, but in the past, Dropbox Pro users could pay an extra $39 per year for Packrat, which maintained all older versions and deleted files indefinitely. Dropbox has now renamed Packrat to Extended Version History and set it to preserve only 1 year of older versions and deleted files. The price of Extended Version History for Dropbox Pro users remains $39 per year, and existing Dropbox Pro users with Packrat can opt in to keep unlimited version history before 1 November 2014. (Dropbox for Business users continue to have unlimited version history.)

Anand Goes to Apple

Anand Lal Shimpi:

On April 26, 1997, armed with very little actual knowledge, I began to share what I had with the world on a little Geocities site named Anand’s Hardware Tech Page. Most of what I knew was wrong or poorly understood, but I was 14 years old at the time. Little did I know that I had nearly two decades ahead of me to fill in the blanks. I liked the idea of sharing knowledge online and the thought of building a resource where everyone who was interested in tech could find something helpful.


But after 17.5 years of digging, testing, analyzing and writing about the most interesting stuff in tech, it’s time for a change. This will be the last thing I write on AnandTech as I am officially retiring from the tech publishing world.

Enidigm (June 2014):

Benchmarkgate was I think their term to describe the persistent, repeated and deliberate cheating of benchmarks by several smart phone manufacturers, by inserting code that looked for a benchmark and then gave the phone 100% access to the cores, pushing all power savings aside. Only Motorola and Apple seemed to not cheat, Samsung was the worst. One can only speculate how this affected their access to smart phone developers.

John Paczkowski:

An Apple rep confirmed that the company was hiring Shimpi, but wouldn’t provide any other details.

Mike Beasley:

Earlier this year AnandTech’s Brian Klug also left the site for a role at Apple with a focus on building mobile processors for the company’s iOS lineup.

I’m not sure what this will mean for AnandTech, but it’s good that Apple continues to be able to hire top talent.

Vlad Savov:

Shimpi’s departure note on AnandTech states that the site’s editorial staff has been expanded over the course of this year to prepare for his absence.

Ryan Smith:

Having read AnandTech for 15 years and having worked for Anand for almost 10 of those years, it was until recently hard to imagine reading AnandTech and not seeing articles by Anand, or to be writing for AnandTech but not be writing for Anand himself. Anand has been a constant in the tech world both as a source of news an analysis for us all, and as a mentor to me. These days I can happily say I was wrong about not being able to match wits with The Boss, and now I am going to get to put that to the test.

Late to Launch

Dr. Drang:

Earlier this month I learned what I was missing. After building an overly complicated set of scripts for adding common entries to my work diary, I learned how much simpler a set of LCP actions would be. I now have a color-coded group of actions for all my common diary entries.

I was also late to using Launch Center Pro (App Store), and I use it in a similar way, only with OmniFocus instead of Drafts. I started using it when OmniFocus 2 for iPhone initially did not support TextExpander touch. It does now, but I found that I prefer Launch Center Pro’s buttons to typing abbreviations that the iPhone’s keyboard always seems to auto-correct away from what I actually typed.

I really like Launch Center Pro’s functionality, but editing actions is a pain. The URL text field is narrow, you have to manually percent-encode everything, and there is no undo history or version control like if I were editing scripts on my Mac.

BBEdit Codeless Language Module for Swift

Curt Clifton:

Keyword, comment, and string highlighting work. Top-level classes, structs, enums, functions, and extensions are indexed and can be folded. Because of limitations in the matching power of codeless language modules, nested declarations are not indexed and are not fold-able.

The basics seem to work well. It doesn’t handle access control keywords yet. A full language module would probably be necessary to handle overloaded methods well.

Understanding Apple’s Mastery of the Media

Mark Gurman:

Apple’s public relations (PR) department is probably the best in the world — certainly more impressive at shaping and controlling the discussion of its products than any other technology company. Before customers get their first chance to see or touch a new Apple product, the company has carefully orchestrated almost every one of its public appearances: controlled leaks and advance briefings for favored writers, an invite-only media debut, and a special early review process for a group of pre-screened, known-positive writers. Nothing is left to chance, and in the rare case where Apple doesn’t control the initial message, it remedies that by using proxies to deliver carefully crafted, off-the-record responses.


Two months in the making, this article is the product of over a dozen interviews with journalists, bloggers, and PR professionals, including many who have worked at Apple.


Apple’s PR team isn’t above quietly spreading negative press about competitors. For instance, when a publication “has written something negative about Android, [Apple PR] would send those stories around,” telling writers something like “that’s how we feel.” As just one example, Apple PR sent this email to two 9to5Mac reporters earlier this week, attempting to underscore an Android app’s failures.

Apple Patches “Find My iPhone” Exploit

Arik Hesseldahl:

Apple said Monday it was “actively investigating” the violation of several of its iCloud accounts, in which revealing photos and videos of prominent Hollywood actresses were taken and posted all over the Web.

Owen Williams:

Users on Twitter were able to use the tool from GitHub — which was published for two days before being shared to Hacker News — to access their own accounts before it seems Apple patched the hole today. The owner of the tool noticed it was patched at 3:20am PT.

Adrian Kingsley-Hughes:

The code exploited a vulnerability with the Find My iPhone sign in page that allowed hackers to flood the site with password attempts without being locked out. By employing bruteforcing techniques, hackers could use this to guess the password used to protect the account.

James Cook:

So was Apple’s Find My iPhone vulnerability to blame for the iCloud hack? The speech that outlined the vulnerability took place at the Def Con conference in Russia on Aug. 30, leaving potential hackers only a small period of time to exploit the vulnerability, unless they were already aware of the brute force exploit. Evidence suggests that the leaked celebrity photos were gathered over a period of weeks, or even years, instead of a quick one-day attack, meaning that there may be a completely different vulnerability in iCloud that has yet to be discovered.

These days, an Apple ID is the key to a lot more than just photos.

Update (2014-09-02): Apple (via Mark Gurman and Jacob Kastrenakes):

After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find my iPhone.

It sounds like the Find My iPhone bug was real, just not used for this particular incident. It’s not clear whether the passwords were guessed or whether the accounts were compromised via Apple’s support staff through security questions or social engineering.

Nik Cubrilovic:

What we see in the public with these hacking incidents seems to only be scratching the surface. There are entire communities and trading networks where the data that is stolen remains private and is rarely shared with the public. The networks are broken down horizontally with specific people carrying out specific roles, loosely organized across a large number of sites (both clearnet and darknet) with most organization and communication taking place in private (email, IM).


In reviewing months worth of forum posts, image board posts, private emails, replies for requests for services, etc. nowhere was the FindMyPhone API brute force technique (revealed publicly and exploited in iBrute) mentioned. This doesn’t mean that it wasn’t used privately by the hackers – but judging by the skill levels involved, the mentions and tutorials around other techniques and some of the bragged about success rates with social engineering, recovery, resets, rats and phishing – it appears that such techniques were not necessary or never discovered.


Apple accounts seem particularly vulnerable because of the recovery process, password requirements and ability to detect if an email address has an associated iCloud account. […] It would be a good idea for Apple to kill the interface on signup that shows new users if their email account is available to use as an iCloud account or not. It would also be a good idea to make the recovery process one big step where all data is validated at once and the user is not given a specific error message. It would also be wise to attach rate limits and strict lockout on this process on a per-account basis.


Two-factor authentication for iCloud is useless in preventing passwords or authentication tokens being used to extract online backups.

Rich Mogull:

Apple did patch the vulnerability on 1 September, limiting the damage, although we don’t know how long the vulnerability existed and how widespread abuse may have been before the tool was released.

But based on Apple’s statement, the iBrute tool or some other direct attack on iCloud or Find My iPhone was not the source of the celebrity photo theft. That statement, however, was carefully constructed in case conflicting information later emerges in the investigation.

Update (2014-09-03): Russell Ivanovic:

I could write entire blog posts about how that level of blame deflection is beyond patronising.


Strong passwords and two-step verification. Makes perfect sense right? Except Apple forgets to mention that there’s no such thing as two-step authentication for your iCloud photos, or even access to your iCloud account.

Update (2014-09-05): Christina Warren:

For just $200, and a little bit of luck, I was able to successfully crack my own iCloud password and use EPPB to download my entire iCloud backup from my iPhone. For $400, I could have successfully pulled in my iCloud data without a password and with less than 60 seconds of access to a Mac or Windows computer where I was logged into iCloud.


Apple’s two-factor implementation does not protect your data, it only protects your payment information.


What makes this even worse is that Apple is encouraging users to use “strong passwords and two-step verification.” That’s all well and good, but in this case, two-step verification wouldn’t have mattered. If someone can get physical or remote access to a computer that uses iCloud or successfully convince a user to click on a phishing email for iTunes and get a password, an iCloud backup can be downloaded remotely, two-factor verification or not.


If Apple won’t encrypt iCloud backups (which it should), at the very least, it should make the authentication token stored on Windows or OS X encrypted — or at least not stored in plaintext. I can give Apple a pass on a lot of aspects of security, but this is just amateur hour.

It looks like that’s not correct; the authentication token is stored in the keychain.

Update (2014-09-06): Daisuke Wakabayashi:

In his first interview on the subject, Apple Chief Executive Tim Cook said celebrities’ iCloud accounts were compromised when hackers correctly answered security questions to obtain their passwords, or when they were victimized by a phishing scam to obtain user IDs and passwords.

Update (2014-09-08): Eric Slivka:

As noted by Letem světem Applem and confirmed by MacRumors, Apple has already begun sending out alert emails when iCloud accounts are accessed via web browsers. The alerts are being sent out even if the specific browser has been used previously to access iCloud, but this is presumably a one-time measure that will not be repeated for future logins with that combination of browser and machine.

Update (2016-03-16): Mariella Moon:

In his plea deal, Collins admitted to executing a phishing scheme to obtain celebs’ usernames and passwords from November 2012 to September 2014. Once he got access to their accounts, he searched for and stole explicit images. In some cases, he even downloaded people’s entire iCloud backups.

Update (2018-10-24): Mikey Campbell:

According to court documents, Brannan, a former teacher at Lee-Davis High School, gained unauthorized access to iCloud backups, personal photographs and other data by answering email account security questions using information gleaned from Facebook.

Brannan also used typical phishing schemes to obtain username and password information for target accounts. Specifically, email messages resembling legitimate correspondence from Apple security personnel were sent to victims in a bid to gain access to their internet accounts.

Unlike previous “Celebgate” hackers who relied mainly on first-party tools and internet clients to access target iCloud accounts, Brannan also utilized third-party products from Elcomsoft. The specialized forensics software was employed to download entire iCloud accounts from Apple servers, which were subsequently combed through for private photographs and video, including nude photos.