Archive for October 2014

Thursday, October 30, 2014

CMDevice​Motion

Nate Cook:

Each packet of CMAccelerometerData includes an x, y, and z value -- each of these shows the amount of acceleration in Gs (where G is one unit of gravity) for that axis. That is, if your device were stationary and straight up in portrait orientation, it would have acceleration (0, -1, 0); laying flat on its back on the table would be (0, 0, -1); and tilted forty-five degrees to the right would be something like (0.707, -0.707, 0).

We’re calculating the rotation by computing the arctan2 of the x and y components from the accelerometer data, and then using that rotation in a CGAffineTransform. Our image should stay right-side up no matter how the phone is turned.

The results are not terribly satisfactory -- the image movement is jittery, and moving the device in space affects the accelerometer as much as or even more than rotating. These issues could be mitigated by sampling multiple readings and averaging them together, but instead let’s look at what happens when we involve the gyroscope.

Microsoft Band

Microsoft:

Built-in GPS: Go running without your phone and still get your pace and distance data.

[…]

Battery life: 48 hours of normal use; advanced functionality like GPS use will impact battery performance

I wonder how many of the features work with iOS. It seems like integration would be difficult given what iPhone apps are allowed to do. I like the idea of GPS tracking without carrying a phone (unlike Apple Watch), but it doesn’t look like it can play music or podcasts. Only $199.

David Pierce:

Simply by virtue of being available to Android, iOS, and Windows Phone users all at once, Microsoft believes it can make inroads in an otherwise terribly siloed marketplace. Health will work with Android Wear watches, Android phones, and the iPhone 6’s motion processor, automatically collecting data from all three. Microsoft’s also been working with Jawbone, MapMyFitness, My Fitness Pal, and Runkeeper to import their data, and plans to incorporate many more.

Something only Microsoft can do?

Update (2014-11-07): David Smith:

The Microsoft band does an admirable job at what it tries to do. The data collection it does seems on par with other fitness trackers I’ve used. The physical design is utilitarian but acceptable. Its integration with my iPhone is basic but still useful. But it is a fundamentally restrained device. It sits right at the cusp of being truly transformative for my daily activities.

Capturing Phone Relay Audio

Paul Kafasis:

The combination of Yosemite and iOS 8.1 on the iPhone now offer a function called Phone Relay. Using Phone Relay, you can use your Mac to make and receive phone calls. That’s very handy on its own, but adding Audio Hijack Pro to the mix makes it even better. By setting FaceTime as the source in Audio Hijack Pro, you can record those calls for later reference!

Towards an Ideal OpenType User Interface

John Gruber:

What I find absurd is that you can use many of these features in TextEdit (Apple’s free text editor), but not in Pages (Apple’s purportedly professional word processor). They worked up through Pages ’09, but were sacrificed in the name of iOS and web app compatibility.

Wednesday, October 29, 2014

AppleScript and Yosemite

Ray Robertson:

Apple introduced a great variety of new automation features and updates in Yosemite. I’ve written up a quick summary below with links to more detailed information.

Daniel Jalkut:

Unfortunately the progress feature of AppleScript has not been exposed to 3rd party developers, so far as I can tell.

AppleScript Release Notes:

AppleScript/Objective-C is now available to all scripts, not just library scripts.

I’ve been wanting this feature for years. You no longer have to create a special AppleScriptObjC application; you can use it from any script. This will be useful both for the powerful Cocoa APIs as well as the many basic data structures and operations that were never part of AppleScript.

Here are some examples:

use framework "Foundation"

-- Calling an Objective-C class method:
get current application's NSDate's timeIntervalSinceReferenceDate()

-- Use pipes to avoid conflicts with AppleScript keywords.
get current application's NSDate's |date|'s timeIntervalSinceReferenceDate()

-- Basically, you just use “'s” in place of “.”.
set _array to current application's NSMutableArray's alloc()'s init()

-- “count” is also reserved.
get _array's |count|()

-- AppleScript changes “_array's addObject_(1)” to the interleaved syntax:
_array's addObject:1

-- AppleScript changes “_array's insertObject_atIndex_(0, 0)” to:
_array's insertObject:0 atIndex:0

set _string to _array's |description|()
set _appleScriptString to _string as Unicode text

set _data to _string's dataUsingEncoding:(current application's NSUTF8StringEncoding)
set _tildePath to current application's NSString's stringWithString:"~/Desktop/test"
set _path to _tildePath's stringByExpandingTildeInPath()
set {_ok, _error} to _data's writeToFile:_path options:0 |error|:(reference)
-- Should return “{1, missing value}”.
-- The file will contain “(0, 1)”.

Unfortunately, it looks like the technology is not yet very mature. Script Editor beach balled and had to be force-quit half a dozen times while I was writing this sample.

Update (2014-10-31): Joris Kluivers shows that developers can get at the progress of a script—via NSProgress.

Update (2014-11-29): Mark Aldritt:

What is not explained is how a host application can access this information and display a script’s progress in its own UI. Here’s how you do it.

At intervals the script will call the OSAActiveProc. Within this callback function you can make OSA calls that access the running script’s state. You start by getting a reference to the ‘AppleScript’ object. From there you can read the value of the four progress properties.

Apple Features Then Forbids PCalc Widget

James Thomson:

Apple has told me that Notification Center widgets on iOS cannot perform any calculations, and the current PCalc widget must be removed.

and:

I would be allowed to make a widget that let you to “enter a formula” but it couldn’t perform the calculation in the widget.

and:

And yes, Apple is currently featuring PCalc in the “Great apps for iOS 8” section, under Notification Center widgets.

Jason Snell:

First there’s the maddening inconsistency: This is an app that was accepted into the App Store, and is even being featured in the App Store as I write this. And now, a few weeks in, someone at Apple has decided that the app is too... what? Too useful?

Then there’s the frustration about Apple reducing functionality. Why is doing basic math in a widget not okay, but running billing timers and calculating trip ETAs and any number of other tricky actions are fine? It can’t be the fact that it’s a widget that you interact with, because I’ve seen numerous widgets that allow you to tap and swipe and do all sorts of stuff.

[…]

Also, in the Yosemite version of Notification Center, Apple itself provides a calculator widget! So Notification Center can be used for different things on the Mac and on iOS? How does that make sense?

Federico Viticci:

Rather, what is disappointing is the persistence of contradicting signals from a company that many developers saw as “more open” after WWDC ’14. Developers like Thomson will keep finding themselves in the position of risking to implement a feature or create an app that may be approved, gain users, and be shut down by Apple for a sudden policy change.

Marco Arment:

Like the after-the-fact rejection of Launcher last month, this feels like the worst era of app review returning with a vengeance.

When decisions like this start happening, Apple needs to reevaluate the purpose of app review: to protect itself, its platform, and its customers from spam, fraud, abuse, and malware (and ensuring Apple gets its cut, which is reasonable).

David Barnard:

As I’ve mentioned in previous emails, I fear App Review. And that’s no small thing. So many decisions I make end up being filtered through whether or not I think something might get rejected. Which has a profound impact on my team’s entire development process — from what ideas we explore while brainstorming to how we implement specific features.

Nick Heer:

It’s not the rules themselves that are necessarily a burden on app developers. It’s Apple’s store, so they get to set the rules. But it’s seemingly-arbitrary stuff like this that makes developers lose sleep at night. Thomson clearly spent a great deal of time and care building this extension, and now that’s gone to waste with unfortunately characteristic indifference from Apple. And it’s not like PCalc was rejected outright — Apple allowed it in the store for the past month and a half before pulling it for violating a rule that doesn’t even exist.

Josh Centers:

I thoroughly read the Extensibility developer documentation while researching “iOS 8 Third-Party Keyboards Explained and Reviewed” (2 October 2014) and found nothing that would specifically bar a widget like PCalc’s. In fact, the developer documentation even hints that a graphics-intensive game might be allowable in the Today View, even if it’s not encouraged.

Update (2014-10-30): Sarah Perez:

But now we’re hearing that Apple is changing its course. The PCalc app and widget will remain in the App Store, and all calculator-type widgets will be allowed as well, an Apple spokesperson has confirmed to us.

From our understanding, the calculator use case was not one that Apple had anticipated, which is why an App Store reviewer originally explained to Thomson that he would need to adjust the app, or risk being pulled from the App Store.

It’s odd that Apple didn’t anticipate it considering that Yosemite includes Apple’s very own calculator widget.

Daniel Jalkut:

Incredible that TechCrunch was informed about PCalc’s widget being re-approved by Apple before its developer, @jamesthomson, was.

The core problem remains that App Review doesn’t follow the letter of its own written rules.

Gus Mueller:

I don’t have inside information, but I’m willing to bet that someone with veto power in Apple got a little upset or jealous about PCalc’s widget, and said “kill it”. James is lucky that he has lots of friends and folks who love PCalc, and also have a soapbox to stand on. So with the outcry and bad publicity, Apple changed it’s mind.

Tuesday, October 28, 2014

Yosemite’s Switch to Core Storage

Craig Cohen (via Clark Goble):

Yosemite uses a volume format known as Core Storage. It is the enabling technology behind Fusion Drive and FileVault.

Core Storage is a reliable, high-performance volume format. It provides increased crash protection, ditto blocks for metadata, copy-on-write B-tree catalogs, in-place transformations for backgrounding the disk encryption used by FileVault, and intelligent block-level data migration used by Fusion Drive.

Yosemite will auto-convert your drive so long as your Mac has hardware support for encryption. HFS+ is still there; it’s just wrapped in another layer.

1Password mini Shortcuts

AgileBits:

What might seem like one of the smallest new features in 1Password 5 for Mac is actually one of its biggest. We completely redesigned it so you can find what you need more easily, but we also gave it a huge dose of keyboard shortcuts so you can work faster and keep important items at your fingertips.

Sunday, October 26, 2014

Yosemite Uploads Unsaved Documents and Recent Addresses to iCloud

Jeffrey Paul (via Rui Carmo):

Presumably to support Continuity, current document state is no longer only saved locally - those in-progress (not yet explicitly “saved”) documents live in iCloud Drive, so that they can be opened on other devices without ever having to hit “save”. This is useful, however, all of my previous open files have now been synchronized to Apple servers.

[…]

Apple has taken local files on my computer not stored in iCloud and silently and without my permission uploaded them to their servers - across all applications, Apple and otherwise.

I don’t think it’s at all obvious that the system would copy the Saved Application State folder to iCloud. Many of the applications don’t even have iOS counterparts. I have not tested this, but I’m guessing you could prevent this by unchecking “Allow Handoff between this Mac and your iCloud devices” in the General tab of System Preferences.

Also:

Check out ~/Library/Containers/com.apple.corerecents.recentsd/Data/Library/SyncedPreferences/recentsd-com.apple.mail.recents.plist. It would appear that iCloud is synchronizing all of the email addresses of people you correspond with, even for non-iCloud accounts, to their recent addresses service. This means that names and email addresses that are not in iCloud contacts, not synchronized to your device, and only available in an IMAP-accessed inbox are now being sent to Apple, silently.

I’m not sure how to turn that off.

Update (2014-10-26): Landon Fuller has a traffic log.

Thinking about this some more, I’m not sure that Paul is correct about the unsaved data being uploaded because of the new Continuity/Handoff feature in Yosemite. It think this is part of the older Documents in the Cloud feature, as mentioned by Dmitry in the comments. It looks like Handoff, as expected, uses a more direct method of transferring the files.

If that’s the case, the preference mentioned above is the wrong one. To turn off auto-uploading of unsaved data, you would need to uncheck the particular application in the iCloud Drive section of the iCloud tab of System Preferences. This would prevent you from using that application’s container (rather than the global iCloud Drive) with iCloud. In other words, I don’t think there’s a way to explicitly upload saved documents without having the system implicitly upload unsaved documents. Pre-Yosemite, there is no application-level control, so you would need to turn off Documents & Data entirely.

Regarding the e-mail address list, I found a disclosure on Mail’s help page:

If you use iCloud Contacts, your Previous Recipients list is available on your other Mac computers (with OS X v10.8 or later) and iOS devices (with iOS 6 or later) that have iCloud Contacts turned on.

So there does not seem to be a way to opt out of storing all your addresses unless you also opt out of syncing your address book with iCloud.

Update (2014-10-28): It looks like there is a way to save certain documents to iCloud without having new documents automatically auto-saved there. As Philippe notes in the comments, you can use the Lion-era NSDocumentSaveNewDocumentsToCloud hidden preference, which changes the default location for new documents:

defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false

In conclusion, I don’t think there’s anything new here with Yosemite. Apple seems to be providing the options that they should, although I would argue that the default behavior should be not to upload user data without asking. I think the main problem is that the OS doesn’t explain what it’s doing and, as a result, few people seem to understand how the iCloud features work and interact. The vast majority of users don’t know that when you click the box to enable iCloud—which you pretty much have to do these days—that this is one of the results.

Update (2014-11-06): Some readers coming from Macworld asked for a summary, i.e. which settings give which results. My advice:

  1. If you want every document to be saved (and auto-saved) to iCloud, use the default settings.
  2. If you never want any documents saved to iCloud, turn off iCloud Drive in System Preferences.
  3. If you want to use iCloud Drive, but only for those documents that you specifically choose to save there, to enter this command in Terminal:
    defaults write NSGlobalDomain NSDocumentSaveNewDocumentsToCloud -bool false

Saturday, October 25, 2014

Trust No One, Not Even Performance Counters

Paul Khuong (via David Smith):

I can guess why we observe this effect; it’s not like Intel is intentionally messing with us. mfence is a full pipeline flush: it slows code down because it waits for all in-flight instructions to complete their execution. Thus, while it’s flushing that slows us down, the profiling machinery will assign these cycles to any of the instructions that are being flushed. Locked instructions instead affect stores that are still queued. By forcing such stores to retire, locked instructions become responsible for the extra cycles and end up “paying” for writes that would have taken up time anyway.

Yosemite’s Mail Drop Considered Harmful

Dan Wood:

If Apple Mail detects a giant attachment, it will offer to send it via Mail Drop, which means that the file is uploaded separately to a temporary iCloud URL. It will stick around for 30 days.

The problem is that if you use this technique, it’s possible that any actual textual message might not be seen by the receiver of the email message.

If you send your email message as plain text — you might not even realize that you are sending a plain text message or a rich text message —or if the receiver’s email client shows them plain text instead of rich text — then ONLY the Mail Drop URL will be seen by the receiver. Not your important message.

Friday, October 24, 2014

Repurposing the Titanic

Justin Williams:

Building products with a bootstrapped mentality is completely different than a startup mentality. When bootstrapped, every decision you make affects the bottom line, and that is a bottom line you care about from day one. Trying to convert a platform that wasn’t designed with that in mind proved to be too great of a challenge for me as the sole proprietor of Glassboard. Rather than focusing on improving the core Glassboard product, I spent most of my time trying to cut costs where possible to curb our losses.

Alias Files and Bookmark Files

Daniel Jalkut:

The long and short of it is Apple has moved away from “alias files” in recent years, and now favors a format they call “bookmarks.” To users, the files behave the same way, and Apple continues to call them “aliases” e.g. in the Finder when it offers to make an alias to a file. However, the older system service for “resolving an alias file” does not work on bookmarks.

[…]

The problem was compounded at some point, maybe as recently as OS X Yosemite, when Apple started aggressively converting old alias files into bookmarks. So even if you had an old, functional alias to a folder in your script tree, it may have recently stopped working in FastScripts because Apple converted it … helpfully … to a bookmark.

The Race to Archive TwitPic

Pierre Chauvin (via Nick Heer):

Right now, a collective of Internet archivists and programmers is trying to do the impossible: save more than 800 million pictures uploaded to the Twitter photo-sharing service Twitpic before they disappear down the memory hole after the company’s scheduled shutdown on October 25.

Update (2014-10-29): Twitpic:

We weren’t able to find a way to keep Twitpic independent. However, I’m happy to announce that we have reached an agreement with Twitter to give them the Twitpic domain and photo archive, thus keeping the photos and links alive for the time being. Twitter shares our goal of protecting our users and this data. Also, since Twitpic’s user base consists of Twitter users, it makes sense to keep this data with Twitter.

Via Manton Reece:

This is much better than all those photos becoming broken links, but it’s still a sad statement on the Twitter ecosystem. Twitter threatened Twitpic, then Twitpic decided to shutdown, and in the end Twitter gets all the Twitpic assets anyway for cheap or no money at all. It’s a bizarre end to what only a couple years ago was a $3 million business.

Apple Maps Connect

Greg Sterling (comments):

This afternoon, Apple notified us of a new self-service portal to add or edit local business listings: Apple Maps Connect. It’s intended for small business owners or their authorized representatives (though not agencies) to be able to quickly and easily add content directly into Apple Maps.

The service is free and the listings (or corrected listings) appear on Apple Maps on the PC and in mobile. All users sign in with their Apple IDs and passwords.

I thought we’d see something like this about two years ago, but it’s good that it finally exists.

Update (2015-04-10): Mitchel Broussard:

With the introduction of iOS 8.3 on Appleā€™s mobile devices yesterday, business owners now have the opportunity to claim a point of interest in Apple Maps as their own, thanks to a few additions to the Report a Problem prompt that can be found on each point of interest in Maps (via AppleMapsMarketing).

iTunes 12 MiniPlayer

Chris Johnson (via John Siracusa):

At first, I had no idea how you were supposed to invoke the Mini Player in Yosemite. The first thing I tried was green zoom icon, but that just made iTunes take up the full screen. After clicking on various things in the title bar area, I eventually tried and succeeded with the album artwork. I had mistakenly assumed that clicking the album artwork would give me a larger view of the album artwork.

In the Mini Player, I was similarly confused. Clicking the album artwork made the artwork bigger. Clicking the little double arrow icon was no help, it also makes the album artwork bigger. I’m not sure why Apple decided we needed two ways to see the larger album artwork. The × icon did the trick, but I was afraid to try it, thinking it would quit iTunes.

Update (2014-10-26): Kirk McElhearn:

When you click the close button, the behavior now depends on how you displayed the MiniPlayer. If you displayed it in a way that hid the main iTunes window, closing the MiniPlayer will bring back the iTunes window. If you displayed it and the iTunes window is still visible, then the MiniPlayer window will close, and nothing else will change. In other words, when you close the MiniPlayer, no matter what you do, the main iTunes window will show up again.

Thursday, October 23, 2014

Peak Google

Ben Thompson:

IBM didn’t capitalize on PCs because their skills lay on the hardware side, not software. Microsoft didn’t capitalize on mobile because they emphasized compatibility, not the user experience. And now Google is dominant when it comes to the algorithm, but lacks the human touch needed for social or viral content. And so, when all of that brand advertising finally begins to move from TV to the Internet – and that migration is a lot closer than it was even a year ago – I suspect that Google is not going to capture nearly as much of it as many observers might expect.

[…]

This is the primary basis of my thesis that Google may very well be in a similar situation to early-eighties IBM or early-oughts Microsoft: a hugely profitable company bestride the tech industry that at the moment seems infallible, but that history will show to have peaked in dominance and relevancy.

I don’t know enough about advertising to really have an opinion on this, but it’s an interesting thesis.

Yosemite and Default URL Handlers

Luc Vandal:

Unfortunately, Apple is now blocking sandboxed apps to change the default handler for a particular URL scheme. This is why Screens is not able to set Screen Sharing as the handler.

[…]

We’re always sad to remove functionalities from our apps but sandboxing gets more restrictive every OS X release.

Update (2014-10-27): Kevin Walzer ran into this issue as well.

Playgrounds for Objective-C

Krzysztof Zabłocki introduces KZPlayground.

Update (2014-10-28): Edge Cases and Mike Ash discuss this.

Yosemite Wi-Fi Enhancements

Glenn Fleishman:

Taken together, this information can help you sort out network difficulties. If you always see 20 MHz in the Channel line, but the PHY (physical protocol mode) is 802.11ac, you have other networks in the vicinity on the same or adjacent channels that are forcing the base station and client to negotiate a slower rate; moving the base station or forcing a different channel could help.

If your noise value is very high (like -30 dBm instead of -90 dBm), there’s interference from other devices, Wi-Fi or otherwise, in the same band, and you again may need to move the base station or pick a different channel.

Wednesday, October 22, 2014

BBEdit 11

BBEdit 11 is a great update with lots of good changes. Some of my favorites:

Yosemite Phone Home

The fix macosx folks have a Git repository showing all the data that Yosemite sends to Apple, with different preferences settings:

When the user selects ‘About this Mac’ from the Apple menu, Yosemite phones home and s_vi, a unique analytics identifier, is included in the request. (s_vi is used by Adobe/Omniture’s analytics software).

Speculation is that it is looking up the marketing name of the Mac model. The cookie was first set when visiting Apple’s Web site.

The logs show that a copy of your Safari searches are still sent to Apple, even when selecting DuckDuckGo as your search provider, and ‘Spotlight Suggestions’ are disabled in System Preferences > Spotlight.

This is because Safari has a separate preference (under Search, not Privacy) to turn off Spotlight Suggestions.

When setting up a new Mail.app account for the address admin@fix-macosx.com, which is hosted locally, searching the logs for “fix-macosx.com” shows that Mail quietly sends the domain entered by the user to Apple, too.

My guess is that Apple has a database of mail server configuration information to help make the setup process smoother for users.

I don’t think Apple is doing any nefarious here, but it is a good exercise to make this sort of list. I hope that Apple is doing so internally and that one day they will be more transparent about it the way they are about iOS security. The current privacy policy is a good start.

An open question is the extent to which Tim Cook’s vision is possible:

A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product. But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy.

Cook frames it as Apple not needing your information because it isn’t monetizing it, but there are definitely cases where having more information would help Apple improve the user experience—at the expense of privacy. It is not always possible to maximize both.

16 GB

John Gruber:

There’s no doubt in my mind it’s good short-term business sense to go with a 16/64/128 lineup instead of 32/64/128. But Apple is not a short-term business. They’re a long-term business, built on a relationship of trust with repeat customers. 16 GB iPads work against the foundation of Apple’s brand, which is that they only make good products.

Apple has long used three-tier pricing structures within individual product categories. They often used to label them “Good”, “Better”, and “Best”. Now, with these 16 GB entry-level devices, it’s more like “Are you sure?”, “Better”, and “Best”. Fine, keep the 16 GB models around for expert business and education buyers who know that they really don’t need more storage space. But don’t put devices on the tables in Apple retail stores that you wouldn’t recommend as a good product and good value to typical customers.

Lebeaupin on Swift

Pierre Lebeaupin:

Nested block comments do not work. They cannot be made to work (for those who care, I filed this as rdar://problem/18138958/, visible on Open Radar; it was closed with status “Behaves correctly”). That is why the inside of an #if 0 / #endif pair in C must still be composed of valid preprocessing tokens.

[…]

Little did I know that not only Swift method calls are not more dynamic than Objective-C method calls, but in fact don’t use objc_msgSend() at all by default! Look, objc_msgSend() (and friends) is the whole point of the Objective-C runtime. Period. Everything else is bookkeeping in support of objc_msgSend(). […] Apple is trying to convince us of the Objective-C-minus-the-C-part lineage of Swift, but the truth is that Swift has very little to do with that, and much more to do, semantically, with C++. This would never have happened had Avie Tevanian still been alive working at Apple.

[…]

I find it very odd that there is no description or documentation of threading in Swift. And yes, I know you can spawn threads using the Objective-C APIs and then try and run Swift code inside that thread; that’s not the point. The point is: as soon as I share any object between two threads running Swift code, what happens?

[…]

I don’t like: the lacks of a narrative, or at least of a progression, in the book. Where is the rationale for some of the less obvious features? Where is the equivalent of Object-Oriented Programming with Objective-C (formerly the first half of “Object-Oriented Programming and the Objective-C Programming Language”)? This matters, we can’t just expect to give developers a bunch of tools and expect them to figure out which tool is for which purpose, or at least not in a consistent way. Providing a rationale for the features is part of a programming language as well.

[…]

Swift seems to go counter to all historical programming language trends: it is statically typed when most of the language work seems to trend towards more loosely typed semantics and even duck typing, it compiles down to machine code and has a design optimized for that purpose when most new languages these days run in virtual machines, it goes for total safety when most new languages have abandoned it. I wonder if Swift won’t end up in the wrong side of history eventually.

[…]

Swift, with its type safety, safe semantics and the possibility to tie variables as part of control flow constructs (if let, etc.), promises to capture programmer intent better than any language that I know of, which ought to ease maintenance and merge operations; this should also help observability, at least in principle (I haven’t investigated Swift’s support for DTrace), and might eventually lead to an old dream of mine: formally defined semantics for the language, which would allow writing proofs (that the compiler could verify) that for instance the code I just wrote could not possibly crash.

CloudKit

John Siracusa:

CloudKit isn’t just the network data storage API that developers have always wanted from Apple; apparently it’s also the API that Apple has always wanted for itself. Both iCloud Drive and Apple’s new iCloud photo library service (upon which the upcoming replacement for iPhoto is being built) were written from scratch on top of CloudKit. Looking at it another way, if CloudKit doesn’t work well, third-party developers won’t be the only ones suffering.

Apple’s ability to make sure its servers are always available and that they answer requests in a timely manner is still an open question. As anyone who’s ever gotten an inscrutable error or interminable spinner from an Apple TV while trying to watch a video from the iTunes Store knows, Apple’s use of a network service does not necessarily ensure its reliability or speed.

The most reassuring thing about CloudKit is its design. It looks a lot more like a well-executed client library for a traditional Web service than a Cocoa API that just happens to have a network component. It’s still far from the cross-platform, multi-language ideal presented by Microsoft’s Azure Mobile Services, but Azure can’t hope to compete with the platform integration of CloudKit on OS X and iOS.

Roustem Karimov:

We don’t have to guess when something goes wrong anymore, and we no longer have to tell our users to perform a set of magic steps hoping that some of them would trigger iCloud to work. CloudKit solved the problems we had with the old iCloud.

It’s a great sign that Apple is eating its own dog food and no longer trying to abstract away the network. I think it’s a mistake to only make CloudKit available to App Store apps.

Code Signing Is Flaky and Unreliable

Tom Harrington:

For whatever it’s worth, I’ve been developing iOS apps since early 2008 and I regard the code signing process as conceptually straightforward. In practice though, it’s flaky and unreliable. More than six years in and I still routinely lose a day to trying to get code signing working again.

[…]

Code signing works or doesn’t work for incomprehensible reasons. Getting signing working again does not result in learning any useful skills that can be applied to future attempts.

The bug’s original title was more colorful.

Passenger Privacy in the NYC Taxicab Dataset

Neustar (via Landon Fuller):

In my previous post, Differential Privacy: The Basics, I provided an introduction to differential privacy by exploring its definition and discussing its relevance in the broader context of public data release. In this post, I shall demonstrate how easily privacy can be breached and then counter this by showing how differential privacy can protect against this attack. I will also present a few other examples of differentially private queries.

There has been a lot of online comment recently about a dataset released by the New York City Taxi and Limousine Commission. It contains details about every taxi ride (yellow cabs) in New York in 2013, including the pickup and drop off times, locations, fare and tip amounts, as well as anonymized (hashed) versions of the taxi’s license and medallion numbers. It was obtained via a FOIL (Freedom of Information Law) request earlier this year and has been making waves in the hacker community ever since.

The release of this data in this unalloyed format raises several privacy concerns. The most well-documented of these deals with the hash function used to “anonymize” the license and medallion numbers. A bit of lateral thinking from one civic hacker and the data was completely de-anonymized. This data can now be used to calculate, for example, any driver’s annual income. More disquieting, though, in my opinion, is the privacy risk to passengers. With only a small amount of auxiliary knowledge, using this dataset an attacker could identify where an individual went, how much they paid, weekly habits, etc. I will demonstrate how easy this is to do in the following section.

cjbprime:

Amazing. If you said to someone “Hey, I wanted to know where you went after the cab picked you up last year, so I called up the cab company and asked them where they dropped you off and they told me”, they would be outraged at (your behavior and) the breach of privacy shown by the cab company. But the city released a dataset that allows exactly this query. What were they thinking?

Something else that could be mentioned in the linked article: if someone you were with got in a cab in 2013, and they told you where they were going, and you remember the approximate time and location, you can tell whether it was their true destination regardless of how many other people were being picked up at the time, because you don’t have to find the exact ride they took, you only have to see whether any rides went to the place they told you.

This search is even extremely resistant to the differential privacy suggested by the post’s authors. I’d be much happier simply stating that location data is not de-identifiable, and no-one should use a cab in a city that logs location data if they aren’t happy with an adversary knowing where they went.

Tuesday, October 21, 2014

Yosemite Developer Documentation

Monday, October 20, 2014

The Gentleman Who Made Scholar

Steven Levy:

Some people have never heard of this service, which treats publications from scholarly and professional journals as a separate corpus and makes it easy to find otherwise elusive information. Others have seen it occasionally when a result pops up on their search activity, and may even know enough to use it for a specific task, like digging into medical journals to gather information on a specific ailment. But for a significant and extremely impactful slice of the population: researchers, scientists, academics, lawyers, and students training in those fields — Scholar is a vital part of online existence, a lifeline to critical information, and an indispensable means of getting their work exposed to those who most need it.

The iPad’s Future

Ben Thompson:

This is certainly a big comedown from the sky-high expectations that followed the iPad’s explosive growth in 2010 and especially in 2011, when many conjectured that the iPad business would ultimately be bigger than the iPhone. The question, though, is if the decline in the iPad’s fortunes is simply the natural order of things, Apple cannibalizing itself before others have the chance, or a missed opportunity.

I think that it’s all three.

[…]

The problem is that must-have apps are exactly what the iPad needs to become indispensable. And sadly, while Apple seemed to shrug off much of that 1997 paranoia at this year’s WWDC, they didn’t make any real changes to the App Store policies around trials and upgrades that would truly make a difference. Truth be told, though, this year’s WWDC was likely already too late. By then iPad sales had already started to decline on an annual basis, giving developers even less incentive to focus on the iPad.

Jean-Louis Gassée:

Indeed, after growing faster than anything in tech history, tablets have stalled. For the past three quarters unit sales have plummeted: iPad sales fell by 2.29% in the first (calendar) quarter of 2014 versus the same quarter in 2013, and they fell by 9% in Q2.

[…]

I once thought the mini was the “real” iPad because I could carry it everywhere in a jacket pocket. But about two weeks ago I bought an iPhone 6 Plus, and I haven’t touched my mini since. (As punishment for my sin, I found 52 apps awaiting an update when I finally turned on the mini this morning…) Now I have an “iPad micro” in my (front) jeans pocket…and it makes phone calls.

Update (2014-10-22): John Gruber:

Everything Apple is promoting about the Air 2 is true, both in terms of what you can objectively measure, and in terms of how it feels to use it. It’s thinner, lighter, faster, and has a better display and better camera. And, yes, Touch ID is great, especially if you’ve been using it for the last year on your iPhone.

I don’t think I’m going to buy one, though.

For the last two years, my day-to-day iPad has been a Mini. I like the Mini form factor so much that I switched to the original non-retina model in late 2012 even after having used the retina iPad 3 for six months or so. In terms of visual acuity, that was painful. In terms of hold-ability, though, it was a huge win. Last year I didn’t hesitate to stick with the Mini form factor once it went retina.

Update (2014-10-27): Lukas Mathis

Apple’s behavior severely limits the types of apps that are available on iOS. Whether it is due to actual restrictions, or just due to fear on the part of developers, there are a lot of «safe» apps on iOS, but very few apps that try to break the mold of what people expect from their devices. You get a lot of games, podcast clients, todo lists, camera apps, text editors, things like these — but not a lot of stuff that colors outside of these lines.

None of these app types work substantially better on larger screens.

[…]

The iPad isn’t selling better because Apple’s rules prevent it from being the truly compelling device that it could be.

Update (2014-10-30): Khoi Vinh:

What will it take to get there? The short answer is a new commitment from Apple to this product line, and a willingness to reexamine the company’s entire approach to date. For instance, I’m not entirely sure it’s in the best interest of the iPad to be tied so closely to the iPhone. Ultimately, a more aggressive branching of the iPad’s operating system away from the iPhone’s operating system may be necessary. Doing so may be the only way that Apple starts to answer the critical questions at the heart of the line: “What, exactly, is unique about the iPad? What can it do better than any other device? And why can’t customers live without it?”

Rui Carmo:

Apple is constantly shirking away from letting the iPad become a productivity tool, and it’s going to cost them in the long run.

Trusting iCloud

Nate Boateng:

Signing out and back into iCloud deleted the last 3 years of vacation shared photo streams I had…

To be clear, signing out and back into iCloud today broke nearly every piece of it. Photo Stream, Family Sharing, iCloud Drive. All of it.

Via Joe Rosensteel:

The truly disturbing thing about what happened to Nate was that he didn’t trust Apple, and had a backup of everything. I don’t trust Apple, and I have a backup of everything. At what point is distrust a sign of a problem, and not just paranoia? Even Dan Moren, doing some Color Commentary™ on Thurday’s Apple Event seemed a little scared of the “Public Beta” moniker on iCloud Photo Library.

Andreas Zeitler (via John Gordon):

On iOS 8, the previous fix still works, but now this “fix” has to be applied for each app individually. One app stops syncing? Reboot the device!

I reboot my device about three times a day now, just to get iCloud syncing back, just for one specific app. If that doesn’t fix it, well, users report that you can delete the app and install it again, then sometimes iCloud does seem to come back. If not, well, try installing the app again. If that doesn’t fix it, you can always restore the device, which usually fixes the problem.

Sunday, October 19, 2014

1pass

1pass is an open-source Python library for reading 1Password’s .agilekeychain file format (via Jonathan Wight).

Spotlight Suggestions and Privacy

fix macosx (via Landon Fuller):

If you’ve upgraded to Mac OS X Yosemite (10.10) and you’re using the default settings, each time you start typing in Spotlight (to open an application or search for a file on your computer), your local search terms and location are sent to Apple and third parties (including Microsoft).

Mac OS X has always respected user privacy by default, and Mac OS X Yosemite should too. Since it doesn’t, you can use the code to the left to disable the parts of Mac OS X which are invasive to your privacy.

I think previous versions of Mac OS X did have Safari send partial searches to Google by default. However, Spotlight searches have not previously left your Mac.

Update (2014-10-19): To be clear, you don’t need this script to improve your privacy. The Spotlight Suggestions and Bing Web Searches boxes are readily uncheckable in System Preferences. Rather:

There’s no single “local search only” toggle, and you have to cross-reference the documentation provided in System Preferences against the list of “Search Results” to figure out which of the options actually sends your queries to Apple.

I wanted something simple, that I knew worked, and I could just tell family to run themselves, so I put this together. It’s a convenient way to apply the settings, a jumping-off point for a more involved effort to resolve some of the other remaining privacy issues on Yosemite, and a handy way to get the privacy message across.

Since Apple hasn’t provided a single switch, it makes sense to have a single script that can be kept up-to-date.

Update (2014-10-19): There is also another checkbox called “Include Spotlight Suggestions” in Safari’s preferences.

Update (2014-10-20): Ashkan Soltani and Craig Timberg:

Apple officials said Monday that the data collection is intended only to improve the quality of searches conducted through Spotlight, a standard feature on both Mac computers and Apple’s mobile devices, such as the iPhone and iPad. The user identification number rotates after 15 minutes to a new identifier, they said, and the location and search query information is not used to create profiles of users or to deliver targeted advertising.

[…]

Testing by The Washington Post found that the locations revealed in Spotlight searches can be strikingly precise, placing a user within a particular building in Washington, D.C., even though the disclosure box on Spotlight refers to collecting “your approximate location.”

Update (2014-10-21): John Gruber:

The only thing Apple could do differently is make this another one of the you-have-to-explicitly-opt-in stages when you first upgrade to Yosemite or create an account on a new Mac.

Update (2014-10-22): Rich Mogull:

To manage your session, Apple uses a one-time session ID that lasts for 15 minutes. Neither the session ID nor the search query use your IP address or any other device identifier. Session IDs also aren’t coordinated or correlated, so there is no way for Apple to track historical usage by chaining session IDs together. In short, your query exists within a 15-minute bubble that isn’t tied to you directly. This is different, for example, than Siri, which uses a more persistent device identifier since it requires more context over time (due in large part to the overhead of voice recognition).

Apple:

Information on the three most recently used apps on the device is included as additional search context. To protect the privacy of users, only apps that are in an Apple-maintained whitelist of popular apps and have been accessed within the last three hours are included.

Search feedback sent to Apple provides Apple with: i) timings between user actions such as key-presses and result selections; ii) Spotlight Suggestions result selected, if any; and iii) type of local result selected (e.g., “Bookmark” or “Contact”). Just as with search context, the search feedback is not tied to any individual person or device.

Apple retains Spotlight Suggestions logs with queries, context, and feedback for up to 18 months. Reduced logs including only query, country, language, date (to the hour), and device-type are retained up to two years. IP addresses are not retained with query logs.

In some cases, Spotlight Suggestions may forward queries for common words and phrases to a qualified partner in order to receive and display the partner’s search results. These queries are not stored by the qualified partner and partners do not receive search feedback. Partners also do not receive user IP addresses. Communication with the partner is encrypted via HTTPS.

Update (2014-11-21): Mac OS X 10.10.1 (via Ashkan Soltani):

The initial connection made by Spotlight or Safari to the Spotlight Suggestions servers included a user’s approximate location before a user entered a query. This issue was addressed by removing this information from the initial connection and only sending the user’s approximate location as part of queries.

New iWork File Formats

The new versions of the iWork apps change the file formats again, but it’s not as drastic a change as last year. Numbers 3.2.2 created a package folder with some metadata and a ZIP archive containing the .iwa files. Numbers 3.5 seems to use the same structure except that the .numbers file itself is the ZIP archive.

I repeated my CSV file import test from last year, and I don’t see any speed or size changes between the two versions of Numbers.

Aperture Import Plug-in for Lightroom

Adobe:

As promised in a blog post here, we are proud to introduce the Aperture and iPhoto import plugin for Lightroom 5. The plugin allows Aperture and iPhoto customers to migrate their images and key metadata (such as keywords, events, project structure) into Lightroom catalogs in a seamless way.

The problem remains that I don’t really want to use Lightroom. Also, it is significant that image adjustments and stacks don’t import.

It’s About the Encryption Keys

Stefan Reitshamer:

There’s a lot of talk on the interwebs about encryption. Encryption is a necessary but not sufficient condition for maintaining control of your data. Controlling access to the encryption key is just as important.

Lots of articles that reference encryption fail to mention this, and that’s confusing for people who are not crypto experts.

The iPad Zombie

Allen Pike (via John Gruber):

Apple still sells the original iPad mini. Today, they announced that not only would they continue to sell it, but cut the price to $249, making it the cheapest iPad ever. If they follow their usual pattern of leaving the iPad line as-is until next fall, the iPad 2’s internals will live on for 4.5 years.

[…]

We already see this pain on the App Store, especially with games. There is no mechanism to specify on the App Store which CPU is required for your app.

Yosemite’s Speakable Scripts

Christopher Breen:

In Yosemite, Speakable Items are gone. Their functionality has been merged with the Dictation architecture of the OS and morphed into a new feature called Dictation Commands. But unlike Speakable Items, Dictation Commands are not separate from the rest of the speech architecture. Turn on Dictation and you automatically gain access to Dictation Commands. At any time—even during a dictation session—you can speak the title of a command to have it recognized and executed.

[…]

When you launch the Automator application in Yosemite, the workflow template chooser offers a new option: Dictation Command. Using this new workflow template you can create a system Dictation Command that automates any process or task that Automator is capable of performing.

Daniel Jalkut:

It seems the scripts are run not as the streamlined items that they are but are instead sort of wrapped in an automator action and run. It’s nice that you don’t have to go out of your way to translate a script into an Automator Workflow, but unfortunately this means that “Speakable Scripts” do put up the little Automator gear icon in the menu bar, and are probably ultimately slowed down at least a bit by being run as a full-on workflow.

I wonder if saving a script as an application would work any better.

Update (2014-10-19): Daniel Jalkut:

Wait a minute, maybe it is running them as native scripts. There’s just a change on OS X Yosemite with how the system runs scripts, such that they always show an Automator-style progress indicator in the menu bar. I find this pretty irksome as a default behavior because for example short-lived scripts don’t need progress to be indicated at all.

Mutable Collections in Swift

Mike R. Manzano:

How do you create an var that holds an immutable Array? As in a var that you can assign different immutable Arrays to?

BJ Homer:

Because Swift arrays and dictionaries can never be shared, there is no distinction between mutating an existing collection and re-assigning a new collection. The behavior of the code is exactly the same. In either case, the owner’s setter method is called whenever the array is modified.

So to answer the original question, there is no syntax to specify a variable that holds an immutable array because there is nothing that such syntax would add. Swift addresses the issues that made NSArray and NSMutableArray necessary in the first place. If you need a shared array, you can still use the Cocoa types. In every other case, Swift’s solution is safer, simpler, and more concise.

On the whole, I think this is probably a good direction. The downsides would seem to be that the performance model is less clear and that it’s more work to write your own data types as struct-class pairs.

One somewhat common pattern in my Objective-C code is a (often recursive) method that takes a mutable array or dictionary as a parameter and builds it up. You can’t do this with var in Swift because that only lets you modify the collection within the method. However, you can use inout to have Swift “return” the last value to the caller.

This is not the same as passing around an NSMutableArray, though. For example, consider what would happen if there were multiple threads involved. Also, inout only lasts for the duration of the method; the collection cannot (as far as I know) be stashed in another object and then mutated (back in the caller) later.

Update (2014-10-19): Christoffer Lernö responds via Twitter.

Friday, October 17, 2014

AVFoundation in Yosemite

Philip Hodgetts:

There is a lot of new audio functions. A lot, as in heaps.

[…]

We’ve had AVAssets and AVCompositions in AVFoundation up until now, which do not support reference movies. It seems a reasonable inference that an AVFragmentedMovie is what we’d have called a QT Reference movie in the past.

Update (2014-10-18): Mike Ash:

I was excited to try AVAudioEngine now that 10.10 is here. But it’s just sadness and silent failures and mysterious crashes. Sigh.

Yosemite Observations

Trying not to repeat the work of the reviewers, here is a running list of my personal observations after using pre-release versions all summer but only updating my main Mac this morning:

Update (2014-10-18):

Update (2014-10-19):

Update (2014-10-20):

Update (2014-10-21):

Update (2014-10-22):

Update (2014-10-23):

Update (2014-10-31):

Yosemite Reviews

Update (2014-10-19):

Update (2014-10-24):

Update (2014-10-25):

Update (2014-10-27):

Wednesday, October 15, 2014

POODLE

Daniel Fox Franke (via Hacker News):

This post is meant to be a “simple as possible, but no simpler” explanation of POODLE. I’ve tried to make it accessible to as many readers as possible and yet still go into full and accurate technical detail and provide complete citations. However, as the title implies, I have a second goal, which is to explain not merely how POODLE works, but the historical mistakes which allow it to work: mistakes that are still with us even though we’ve known better for over a decade.

[…]

The problem stems from browser vendors’ desire to be able to cope with buggy servers and middleboxes which advertise a protocol version that they can’t actually support. To work around such broken behavior, when an SSL handshake fails most browsers (all but Opera[5]) will fall back to an earlier protocol version and retry. This browser behavior, called the “downgrade dance”, makes it trivially vulnerable to downgrade attacks.

[…]

This is the basis of the Vaudenay padding-oracle attack. An attacker who can get the server to reveal whether a ciphertext decrypts to something with valid padding or not, can then guess the contents of any block of plaintext one character at a time, and get confirmation when the guess is correct.

[…]

Vaudenay also originally believed that the fact that TLS treats all padding errors as fatal, shutting the connection and discarding the session key, meant that the full attack wasn’t possible: that the attacker got to take one guess at one byte and nothing more. POODLE, using ideas already foreshadowed by BEAST, shows that in the browser context, this isn’t necessarily so.

[…]

Within the confines of SSL v3.0, POODLE cannot be fixed. However, the downgrade dance which enables it can be.

[…]

Now, though, I am going to step onto my soapbox and say: disabling SSL v3.0 does not go far enough. It is time to aggressively deprecate as many old versions of TLS as possible.

Matthew Green:

The rough summary of POODLE is this: it allows a clever attacker who can (a) control the Internet connection between your browser and the server, and (b) run some code (e.g., script) in your browser to potentially decrypt authentication cookies for sites such as Google, Yahoo and your bank. This is obviously not a good thing, and unfortunately the attack is more practical than you might think. You should probably disable SSLv3 everywhere you can. Sadly, that’s not so easy for the average end user.

Update (2014-10-15): Poodlebleed:

The below form can be used to test if your server is running with SSL 3.0 enabled. Although disabling SSL 3.0 may cause failed connections to your ssl service for small portion of users running older browsers, this action prevents the large portion of modern browsers from being eavesdropped while attempting to access your services in a secure manner.

Update (2014-10-19): Glenn Fleischman:

Poodle may finally put IE6 to death, because IE6 can’t use modern web security protocols. […] Despite the introduction of TLS in 1999 and the fact that the last version of SSL (SSLv3) was released in 1996, web servers generally have continued to support SSLv3 to this day because it’s the latest version that IE6 supports.

Remembering Macworld Expo

Christopher Breen:

In its early and middle years, Macworld Expo was, in some ways, the world’s greatest Mac user group gathering. As the World Wide Web had yet to become the source of the globe’s information, Mac users depended on books; publications such as Macworld, MacUser, and MacWEEK; and, importantly, face-to-face interaction with other enthusiasts for their Apple fix. While users groups served this latter need on a local level, if you wanted to be surrounded by others of your ilk from across the country (and world), you went to Expo.

Adam C. Engst:

With this announcement coming on the heels of Macworld putting its print edition to rest, it has never been more clear that the massive changes engendered by the Internet have reshaped the world we live in. While at the Çingleton conference last weekend, I was reminiscing about my first Boston Macworld Expo in 1989 and the many pounds of paper I collected. Picking up brochures and handouts from every vendor was an essential task back then, since it was the only way to create a reference database of product information. When Tonya and I moved to Seattle in 1991, we brought four file drawers full of paper with us; when we returned to Ithaca in 2001, we didn’t even bring the empty filing cabinets back.

[…]

The other sea change that hurt Macworld Expo is one that I still don’t fully understand. In the early days of the show, money flowed like water. Big companies paid tens of thousands of dollars for spacious booths and flashy parties, and while products cost significantly more back then, the overall market was far smaller. Now, even with Apple posting record profits every quarter and hundreds of millions of people using Apple devices, few Apple developers approach the size of the firms that filled multiple exhibition halls during the biannual Macworld Expos. The parties dried up even earlier, and while I can’t say that a party or even a booth was a worthwhile marketing expense, clearly people thought so back in the day.

I attended the East Coast ones from (I think) 1993 through 1999. Here are some old ATPM reports from Macworld Expo:

Invisible iOS Home Screen Icons

David Smith:

Since getting my iPhone 6 a few weeks ago I’ve been continuously trying to optimize the configuration of my home screen. The larger screen means that I now have an extra row of icons to fit onto the screen, but the physical size of device means that I can’t actually comfortably reach them.

Since you can’t arbitrarily place icons on your home screen this means the situation is actually worse. I now have to fill in the top row of icons with ‘stuff’ just so that I can easily reach my main icons without stretching.

Begemann’s Backblaze Review

Ole Begemann (Twitter comments):

There is this saying that a backup system that requires manual work is not a reliable backup. That’s Backblaze if you have to deal with external drives.

[…]

The Backblaze client has no restore functionality. All restores (be it a single file or your entire archive) start on the website and require you to send your private passphrase to Backblaze’s servers where the data will be decrypted before you can download it. Needless to say, this is not at all ideal from a security perspective.

[…]

This may sound like an obscure limitation that is largely irrelevant in real life, but it means you won’t be able to move data between drives without risking the loss of your backup state for weeks or potentially months (until the initial backup is complete).

Also, it sounds like moving a file causes its backup history to be lost, which is not the case with CrashPlan or Arq.

Tuesday, October 14, 2014

Patterns to Avoid Massive View Controllers

Soroush Khanlou:

Historically, Apple’s SDKs only contain the bare minimum of components, and those APIs push you towards Massive View Controller. By tracking down the responsibilities of your view controllers, separating the abstractions out, and creating true single-responsibility objects, we can begin to reign those gnarly classes in and make them managable again.

iOS App Postmortem

Nat!:

The project started out on iOS 5, which was quickly succeeded by iOS 6. I would have been extremely surprised at the beginning, if someone had told me, that at the time of iOS 8s release our app still wouldn’t be done yet. But here is a recollection of all my faults: why it took way too long.

[…]

I bought AppCode solely to run “Inspect Code…”. The results returned are quite a bit more helpful than what Xcode Analyzer returns.

[…]

I probably wrote a hundred little apps, that tested out some feature, or started coding a subview with it. When the code was complete I moved it into the main app, deleted the original files and then symlinked the files from the main app in the test app. This way, I could go back to the test app to tweak something, when it didn’t work out in the main app. Needless to say being able to focus on just a small piece of code in a controlled environment is much more convenient.

[…]

This unfortunately means, that I am almost invariably are going to hit a brick wall at some point in time. For example, I spent way, way more time dicking around with UIScrollView than I eventually needed to code my own custom UIScrollView. The opacity of the iOS libraries means, that I always have to guess, how it’s really implemented, guess how it could break in the next iOS version and also guess beforehand, if everything is exposed like I will eventually need it.

[…]

Subclassing CoreData classes or overriding CoreData accessors is a path to misery, where I am unfortunately still traveling on. I am not 100% sure, but I would probably have been better off, either just going sqlite-direct or to use a stripped down MulleEOF for Dienstag.

[…]

It was interesting, because “naive code” only suffered a factor 2 ARC penalty, whereas “clever code” suffered a factor 10 ARC penalty. So ARC seems to be a great programmer equalizer in that respect. I didn’t investigate other “patterns”, but I also continued not using ARC. Less magic, less pain.

Hypothetical Objective-C 3.0

Christoffer Lernö:

Many had expected Swift to be more an Objective-C 3.0 than it turned out to be. But what could we have expected such a hypothetical language to look like?

Christoffer Lernö (comments):

This list is actually just a sample to get the ideas flowing, and to illustrate how some of the hurdles with ObjC 2.0 can be overcome by a successor that breaks syntax with the past, but still retains full backward compatibility.

David Owens:

I think the biggest disservice we can do to the Cocoa developer community is remove the underpinnings of the ObjC runtime. It is the language’s, and I truly believe, the platforms’ greatest strength.

I believe if we hide the complexities of C from our source code and focus on letting the power of the ObjC runtime shine through in our code, we can create a new language that provides of the great flexibility of the ObjC runtime while still accomplishing many of the goals that Swift is attempting to solve - namely safer code by default.

Consider how much progress could have been made with Objective-C had the resources from the Swift project been applied to it instead. Swift is an immensely complicated language that still needs a long time to mature. Objective-C is a much smaller language with a solid core and seemingly a lot of low-hanging fruit (syntax improvements, increased safety).

For example, a better blocks syntax and support for Python-style comprehensions in Objective-C would do a lot for me today, making my code more concise and readable. Swift’s generics feature was likely more difficult to implement, and it arguably makes the code less readable and for dubious benefits.

Additionally, an improved Objective-C could in many cases compile down to binaries that work smoothly with existing code and older OS versions. It could still use the same runtime. With Swift, Apple is instead dropping some of the benefits of the Objective-C runtime and creating migration issues because some Swift elements don’t interoperate with Objective-C, and others bridge but with performance penalties. We’ve only seen the tip of the interoperability iceberg because so far all of Apple’s APIs are native Objective-C.

Apple seems to be betting that the benefits for making a whole new language will be worth the migration costs and the stagnation of the language that most of us are actually using. I’m not convinced because most of my favorite Swift features seem like they could have fit into an Objective-C 3.0.

Mac Vibrancy Tips

Brent Simmons:

For one of my projects I’m working with NSVisualEffectView and behind-window blending.

[…]

There may be other gotchas, of course, but these are what I’ve found so far.

The State of iOS 8 on the iPad

Mikhail Madnani:

I assumed iOS 8 would offer a good experience on the iPad Air, but after playing with it as well as the iPad mini with Retina display, it’s clear that iOS 8 on iPads is clearly far from ready. Although there are loads of bugs and performance issues that currently exist on iOS 8, this post is not for those. Instead, let’s talk about some of the interface issues, design oddities that are seen on iOS 8 and how the iPad’s potential is being wasted by not taking advantage of the larger canvas.

iOS 8 Accessibility Regressions

Chris Hofstader:

For the past few years, based on what I’ve written in this blog and elsewhere, blind enthusiasts of the Android platform have labeled me as an Apple fanboy. It is true that I use Apple devices and that I applaud Apple for its outstanding out-of-the-box accessibility in iOS/7 and the pretty good version of the same on OS X.

[…]

So, it remains that iOS/7 is the all time out-of-the-box accessibility champion. As iOS/7 can no longer be purchased from Apple, this also means that the most accessible solution for mobile computing is now a thing of the past. We’ve regressed in iOS/8 and Apple must be taken to task for such.

[…]

Apple is doing something different and dangerous with their accessibility strategy. By choosing to release iOS/8 with so many glaringly obvious bugs, they have allowed accessibility regressions to vastly overshadow any improvements in such in iOS/8. My personal conclusion is that this is the result of a failure by the Apple competitors, most notably Google and Microsoft, to actually compete in this space. Apple released iOS/7 with a 100% accessibility API compatibility rating, the only out-of-the-box solution that has even tried to achieve such. Apple is still the clear leader in accessibility in the mobile computing arena but has proven that they can disappoint as well as surprise this community with their accessibility efforts.

AppleVis:

Detailed in this post are possible accessibility bugs which members of the AppleVis Editorial Team have identified during their testing of iOS 8. If you have not already updated your iDevice to iOS 8, we strongly recommend that you read through this post and any comments before doing so, as we believe that there are a number of bugs in this release which might have a significant impact on the user experience for some blind and low vision users.

Update (2014-10-20): AppleVis:

Based upon what we have typically come to expect from a full point release of iOS, it is likely that some will be disappointed to see that this update does not include more fixes for the accessibility-related bugs that were introduced in iOS 8.0. However, it is worth noting that iOS 8.1 comes just a month after iOS 8.0, and that Apple appears to be working on a very different version schedule to what we have typically seen in the past.

[…]

Here are the fixes and improvements that we have found in our initial testing of iOS 8.1.

Backtrace Album Released

James Dempsey and the Breakpoints (iTunes):

Backtrace steps through fourteen years of Mac and iOS development tunes, taking you on a musical journey into the biggest album release in iOS and Mac programming history.

From the driving beat of Goto Fail to the memory management oldie Hold Me, Use Me, Release Me every song is here. From crowd favorites to deep cuts, each track melds music with humor-filled tech lyrics, welcoming you to a sonic wonderland of geektastic amusement.

Update (2014-11-24): Dempsey is posting the lyrics.

Monday, October 13, 2014

SQLite.swift

Stephen Celis’s SQLite.swift is a pure Swift wrapper for SQLite. There are also several other projects that do this, listed at the bottom of the page. As with JSON, I think database access is a fertile area for case studies about Swift’s type system.

NSCoder, NSArchiver, and NSKeyedArchiver

Nat!:

If I chain 40000 Foo objects together, all NSCoders crash on archiving, keyed or unkeyed, because of stack exhaustion. Surprising!

[…]

There are likely very few applications, where it pays off to use NSKeyedArchiver to cache an object graph. It’s neither a compact format, nor a fast coding method. You might be better off just reparsing the source. I parse my templates just about as fast as NSArchiver can unarchive. I can see where the added compression and the lack of need for extra I/O to read included files may give NSArchiver an advantage. NSKeyedArchiver though, just makes everything worse for me.

It looks like FastCoding is subject to the same stack limitation.

Sunday, October 12, 2014

BBEdit Leaving the Mac App Store

Jason Snell:

On Saturday Rich Siegel of Bare Bones Software gave a presentation in which he announced that the next version of BBEdit would not be sold in the Mac App Store. (The existing version will remain, and existing Mac App Store customers can upgrade to the next version directly with Bare Bones.)

Siegel’s talk was notable for its restraint and care. This was not a scorched-earth denouncement of the Mac App Store. […] But, of course, all of these frustrations were cumulative. And, Siegel said, many of those frustrations occur at the very end of the development cycle, when the final code is being shipped and the marketing plan is being executed. He likened it to Max Q, the aeronautical term for the period of maximum atmospheric stress on a flying vehicle.

See also: Mark Pavlidis, Scott Morrison, Jason Snell, Marko Karppinen, Paul Haddad.

Update (2014-10-13): Federico Viticci:

The departure of BBEdit from the Mac App Store is yet another example of the platform’s limitations and it’s sad, but it’s probably for the best and everything will be okay. The Mac App Store isn’t meant for apps like TextExpander or BBEdit, and Apple doesn’t seem to be willing to change its underlying nature.

Joe Rosensteel:

The decay of the Mac App Store over the last few years is pretty subtle. Developers are not leaving en masse, all at once. One by one, as new updates are being developed, they weigh the pros and cons for them, and their customers, and they pull out.

Just look at the main page of the store’s app and you’ll see bric-á-brac. of apps. They’re showcasing the Twitter Mac app right now. Yes, hey everyone, drop everything and check out this crazy thing called Twitter! The best part is the little bit of text. “New Features Added” — A.K.A. We totally don’t care about marketing at this point.

Update (2014-10-14): Milen Dzhumerov (comments):

The Mac App Store was released in January 2011 and it marked the beginning of a great new distribution channel. Even though it lacked some bells and whistles, the developer community was hopeful the problems would be addressed in due course. Unfortunately, it has been years and there’s no evidence that the core issues would be addressed in the future, at all. When notable developers are abandoning your platform, cannot do the right thing for their customers and are delaying their MAS submission, something is very, very broken. I believe that the inaction is harmful to the whole Mac community, affecting consumers and developers alike.

Let me make it absolutely clear why I’m writing this. First and foremost, it’s because I deeply care about the Mac platform and its future, it pains me to see developers abandoning it. The Mac App Store can be so much better, it can sustain businesses and foster an ecosystem that values and rewards innovation and high quality software. But if you talk to developers behind the scenes or explore the Mac App Store, you’ll find something completely different.

Kirk McElhearn:

I’ve heard similar stories from lots of other developers. The entire process – from submission to approval – is fraught with difficulties, with seemingly arbitrary rules that are applied at random. […] This is especially problematic for small developers, who only have one or two people to do all the work, and end up wasting far too much time on problems that shouldn’t exist.

Update (2014-10-15): John Gruber:

The one that gets me, and which seems under-remarked-upon, is how Apple’s own apps in the App Store are exempt from sandbox restrictions. Third-party apps are never on equal footing with Apple’s, but with sandboxing, it’s almost absurd.

Update (2014-10-16): Myke Hurley and Jason Snell discuss BBEdit and the Mac App Store.

Update (2014-10-17): Drew McCormack offers a contrary take. I’ve never understood his aversion to trials, using words such as “ransom” and “blackmail”; why he is so concerned that upgrades couldn’t “inject” releases when that isn’t possible now, anyway; or why he thinks Apple is providing sandbox exceptions, when the abandoned and withdrawn apps tell a different story. Of course, it would be nice if Apple dropped its cut to 15%, but I doubt that would make most developer’s top five list of changes they want to see.

Update (2014-10-30): Michael Grothaus:

Eliminating a popular distribution channel seems like an odd move for any developer, but Realmac is just the latest Mac dev to hold off releasing their apps on the Mac App Store. Bare Bones Software recently decided not to release BBEdit 11 on the MAS and Panic Software has opted not to sell its popular Coda app on the MAS any longer.

Just what is going on? Many major Mac developers say the Mac App Store is in need of changes to make it truly worthwhile for developers to sell their apps there. Here’s what three of them told me what Apple needs to do to fix things.

Update (2014-11-21): Jared Newman interviewed myself, Milen Dzhumerov, and James Thomson for an article in Fast Company.

Update (2014-11-24): Luc Vandal:

There are so many reliability and stability issues with both OSes that at some point we cannot trust them anymore and that’s a shame because these new features are truly great.

Update (2015-01-06): The video of Siegelā€™s talk is now available.

A Guide to NSButton Styles

Jakub Suder [Update (2022-01-07): archive] (via Jonathan Willing):

I figured I could prepare a kind of cheat sheet that collects all this information in one place. The list below describes the button styles in the same order as in the Xcode panel, and for each button it includes: the Xcode name, the constant name, screenshots of how it looks on Yosemite (on the left) and on Mavericks (on the right), and some guidelines I found about how it’s supposed to be used, or how it’s actually used by Apple in their apps. (I’ve even checked the system apps with Interface Inspector to see what controls are actually used where.)

Implementing Re-entrant Parsers in Bison and Flex

Eric Raymond:

That rebarbative old interface generally broke a lot of rules about program structure and information hiding that we now accept as givens (to be fair, most of those had barely been invented at the time it was written in 1970 and were still pretty novel). It becomes a particular problem if you want to run multiple instances of your generated parser (or, heaven forfend, multiple parsers with different grammars) in the same binary without having them interfere with each other.

But it can be done. I’m going to describe how because (a) it’s difficult to extract from the documentation, and (b) right now (that is, using Bison 3.0.2 and Flex 2.5.35) the interface is in fact slightly broken and there’s a workaround you need to know.

Xcode’s built-in support breaks every few versions, so I recommend creating a Makefile to run your parser generator and adding the generated files to your project. Another advantage to this approach is that you can specify per-file flags such as -Wno-conversion to the compiler to silence warnings that you can’t do anything about.

Saturday, October 11, 2014

Belkin Thunderbolt 2 Express Dock HD

Susie Ochs:

Connecting to your Mac’s Thunderbolt or Thunderbolt 2 port, it puts two Thunderbolt 2 ports in easy reach, as well as three USB 3.0 ports, one HDMI 1.4b, one Gigabit Ethernet, an audio output in the back for speakers, and a headphone jack in the front.

Why can’t someone make a dock with a lot more ports? If you connect the Belkin to a MacBook Air, a display, and a single drive dock, you’re already out of Thunderbolt ports. And three USB ports is barely any. I’m currently using a 9-port Anker USB 3.0 hub (Amazon) and a 7-port USB 2.0 hub. This sort of product would be a lot more interesting if it could cut down on the number of hubs, power adapters, and daisy-chained cables in my office. Otherwise, it is essentially $300 to add a single Thunderbolt port.

Update (2014-10-11): After chatting with Belkin’s support person (see comments below), I learned that there are in fact only two Thunderbolt ports total. So this product does not add any Thunderbolt ports; it only offers a passthrough.

Sunsetting

Geoffrey Goetz:

In November of 2010 .Mac HomePages gave way to MobileMe Web Galleries. Then in June of 2012, MobileMe Web Galleries ceased to exist as iCloud came online. Now the most recent successor, iPhoto Web journals, is being shut down, or at least that is how it appears. With each transition, users of the previous online journaling feature really had little to no options available when it came to migration to a new or replacement feature.

[…]

The problem this time around is that there was very little notice and there really is no recourse or action that can be taken to preserve your iPhoto projects. And unfortunately there is no easy fix for this. According to Apple’s own support page concerning the migration, “Photo Books, Web Journals, and Slideshows are converted into regular albums in Photos. Text and layouts are not preserved.” And thats it, no more iCloud scrapbooking per Apple.

John Gordon:

I expect Apple to screw up anything related to long term data management, but this is extreme even by their standards. GigaOm, in language restrained by fear of Apple, tells us of another Apple datacide and botched product transition.

[…]

Apple is a bit of a serial data killer -- usually with no public response. I still miss the comments I'd attached to iPhoto albums that were lost in the transition to Aperture.

David Sobatta:

Part of the problem is that Apple introduces software and kills it off. The list goes back many years and includes software from Apple's application company Claris. Claris emailer was a good program as was Claris Works. Aperture was well thought of by some users and I was a fan of iDVD. All those programs are gone.

Then there is the iWork series that languished until recently when Apple brought out Pages 5 which creates all sorts of formatting problems when moving back and forth between it and Pages 09. People would not have to move back and forth if Apple had maintained feature parity with the old version.

Word might be bloated and not much fun to use, but it does a much better job moving between platforms and versions. Apple just does not seem to care.

Brent Simmons:

The beauty of indie software is that many apps don’t make financial sense for a larger company, but they make great sense for a small shop. So you can have sustainable apps such as Capo, Acorn, and MarsEdit that you wouldn’t get without indies. And you can also be sure those apps won’t get shut down on some manager’s whim.

[…]

But relying on any software or service, from anybody, is a risk. Always.

Update (2014-10-14): Nick Heer:

Apple is also dropping support for their printed products with Photos for OS X. My dad is a goldsmith, and he uses iPhoto photo books for his portfolio — they’re well-printed, nicely-bound hardcover books that he can lay out himself and order on demand for a reasonable price. I told him that these products would no longer be available; he’s gutted.

What’s Really Happening With iOS 8 MAC Address Randomization

Nick Arnott:

Initially it looked as if MAC randomization didn’t work at all, which was confusing because Apple has made a point to publicize this feature.

After a lot of digging and a lot of late nights monitoring Wireshark captures, it looks like Apple has shipped this feature as advertised, but not quite as expected. In the WWDC session on user privacy, the slide said “The MAC address used for Wi-Fi scans may not always be the device’s real (universal) address”. They didn’t say it would never be a device’s real MAC, only that it may not always be.

[…]

Unfortunately, the requirement of the phone being asleep makes this feature nearly useless, albeit within the description of what Apple advertised at WWDC. In order to get random MACs to be used I had to turn off notifications for multiple apps, turn off push email, and stay up late at night when there was a greater chance of my phone getting to sleep, uninterrupted, for more than a minute or two. Even under these circumstances, I would only encounter one or two rounds of probe beacons (which seem go to out every couple of minutes) with a random MAC before seeing my phone blast a bunch of probes with my real MAC.

Previously: iOS 8 MAC Address Randomization.

Adobe Spying on Users, Collecting Data on Their Libraries

Nate Hoffelder:

Adobe is gathering data on the ebooks that have been opened, which pages were read, and in what order. All of this data, including the title, publisher, and other metadata for the book is being sent to Adobe’s server in clear text.

[…]

The first file proves that Adobe is tracking users in the app, while the second one shows that Adobe is indexing my ebook collection.

The above two files were generated using data collected by an app called Wireshark. This nifty little app can be used to log all of the information that is sent or received by your computer over a network.

Apple’s Software Quality Decline

Russell Ivanovic:

I just wish that Apple would slow down their breakneck pace and spend the time required to build stable software that their hardware so desperately needs. The yearly release cycles of OS X, iOS, iPhone & iPad are resulting in too many things seeing the light of day that aren’t finished yet. Perhaps the world wouldn’t let them, perhaps the expectations are now too high, but I’d kill for Snow iOS 8 and Snow Yosemite next year. I’m fairly confident I’m not alone in that feeling.

John Gruber:

From the outside, it seems like Apple’s software teams can’t keep up with the pace of the hardware teams. Major new versions of iOS aren’t released “when they’re ready”, they’re released when the new iPhone hardware ships. […] Just today: My iPhone 6 rebooted after I changed the home screen wallpaper. Tapped a new image in the wallpaper settings, and poof, it rebooted. Worse, it never stopped rebooting. Endless reboot cycle.

Tim Schmitz:

One thing that’s striking is how many of Apple’s troubles are self-inflicted. Gone are the days when Apple planned product announcements around conferences like Macworld Expo. That the company controls its whole ecosystem, from hardware to software to services, is supposed to be a strength. Controlling everything should mean that you can get all your ducks in a row before pulling back the curtain. The only thing that Apple is truly constrained by are its own self-imposed deadlines. The problem is, Apple keeps shooting itself in the foot. Rather than waiting until a new version of iOS is fully finished, for example, they rush an update out the door to coincide with the release of new iPhones.

Kirk McElhearn:

I recently wrote about Apple’s string of bad luck, with bad press, a bad keynote stream, the U2 album spamming fiasco, and, above all, the iOS 8.0.1 update that bricked a lot of users’ iPhones. If I were to go back in the archives of this website, I’d find other, similar articles about blunders when a new OS was released requiring an update quickly for some embarrassing problems, or when hardware issues that shouldn’t have happened plagued many users. […] I’ve increasingly had the feeling that Apple is finding it difficult to keep up with all these releases, and that quality is slipping.

Matthias Plappert:

Apple: “We cannot keep up with developing stable software for OS X and iOS, so let’s have a new programming language and create a watch OS.”

Caitlin McGarry:

Apple’s having a tough time. Its annual one-two punch of an iPhone launch plus an iOS upgrade—usually a time for celebration—has been followed this year by a compounding series of embarrassments.

Daniel Jalkut:

The biggest/richest company in the world, already staffed with many of the smartest and most creative people, shouldn’t get so many passes.

Tim Burks:

The Swift language project has been a major distraction for the development community and much more importantly for Apple’s internal focus on providing quality developer tools.

Justin Duke:

The review process and walled garden model, which was specifically designed to prevent bad customer experiences like upgrading to an app that breaks immediately, failed to keep out apps that literally cannot make it past the launch screen.

Fraser Speirs:

The iOS 7 and now iOS 8 rollouts have simply not been up to the quality of earlier releases. […] We have seen issues with crashing, devices rebooting, rotation glitches, keyboards playing up, touch screens not responding. Indeed I’m typing this while babysitting the full restore of an iPad that one pupil “broke” - through no fault of their own - while updating to iOS 8.

Gus Mueller:

There’s been a bit more grumbling than usual about the quality of Apple’s software recently. And I can’t help but feel like things have changed for the worse. Random crashes, system instability, background processes crashing and having to reboot to fix things. I’m sure I’ve said it before, but I really think Apple is trying to move too fast.

Mark Crump:

In hindsight, the trouble began in 2012. That’s when Apple moved OS X to the same yearly release cycle as iOS. Since OS X has always been the Peter that Apple robbed to pay Paul (the iOS release cycle), I was concerned Apple would be writing checks it couldn’t cash. […] All of these show systemic failure in Apple’s beta testing. It’s inexcusable for a major new feature like HealthKit to be pulled right after launch due to missed bugs. It’s even worse when an update makes your phone unable to make calls.

Clark Goble:

Apple’s been at a breakneck pace to compete with Google. However the time really has come to slow down a bit. The OS is mature. Yet the apis have been changing so fast it’s hard to keep up with what one is supposed to do.

Brent Simmons:

These days, programmers spend hours and days and weeks working very hard, and usually unsatisfactorily, on getting around bugs in their platform.

Michael Yacavone:

The hard edge of the watch image is an homage to the state of modern software development tools, exemplified by the typical developer experience of everything working fine, and then one day looking up to find a new language, 1,500 new APIs, yet another beta version of the IDE, your old code not working properly in the new SDK, a supposed “GM” release that is more buggy than the last beta, an end-user release recalled in hours, an update for a shell exploit dormant since the ’90s, as well as a wide variety of application interaction WTF, all marching toward a ship schedule so disconnected from quality, stability, and reliability it’s like walking off a cliff.

Kristopher Johnson:

Apple’s operating systems, applications, services, and development tools are all pretty janky. I hope someone at Apple worries about that.

I didn’t think yearly OS releases would be good for quality, and I continue to believe that Apple is trying to move too fast.

Update (2014-10-11): John Gruber and Guy English discuss this issue on The Talk Show.

Update (2014-10-12): Collin Allen:

There are so many bugs in iOS 8. How did this ever get through testing? Frustrating.

Landon Fuller:

For Apple to fix quality, it seems like they’d have to step back from deeply embedded process/cultural changes that arose with iOS’ success.

There are lots of comments on Reddit.

Update (2014-10-14): There are more comments at MacRumors.

Update (2014-10-15): Rob Griffiths writes what he would like Tim Cook to say about all this.

Update (2014-10-16): TUAW (comments):

With engineers at Apple working at full throttle to keep new updates coming down the pipeline, some have started to wonder if Apple’s resources are being stretched too thin. Especially for a company like Apple which tends to have leaner teams, some have voiced the opinion that Apple needs to take its foot off of the gas just a bit to help ensure that future software releases have the level of polish longtime Mac and iOS users are accustomed to.

Update (2014-10-18): Brice Pollack (via Dave Verwer):

Unfortunately, despite the awareness of these daily challenges, it is unclear what is being done to improve upon them. This brings me to my next point. Although Apple has nearly limitless financial resources, I found the company to be incredibly reactive. Eagerly throwing resources into addressing the current biggest user facing issue rather than building the necessary tooling and testing needed to prevent those in the future.

[…]

When project managers start tracking bug numbers upon nearing release dates, tactics or tricks are often used to hide or kill bugs in order to meet milestones. One common tactic was to simply make further investigation so onerous on the person who filed it that they give up and kill the bug, marking it as “not enough information to resolve”.

Update (2014-10-19): Nick Heer:

Apple’s been busy this year. But, as Michael Tsai’s quote roundup reveals, it hasn’t been smooth sailing — the buggy yearly iOS and OS X releases, in particular, have revealed a very rushed schedule. […] That Apple is working on yet another OS — Watch OS — isn’t a free pass for their declining software quality, however. While they were never perfect, the company has long been revered for its consistently-high quality bar. Now? Certainly not as much.

Update (2014-11-22): Peter Cohen:

Yosemite and iOS 8 are fraught with enough difficulties for enough users that I feel like neither of them are fully baked.

Update (2014-12-27): Lloyd Chambers:

Apple Core Rot is accelerating. I deal with it every single day many times over. Stuff that worked for years breaks, while new visual crapware is piled on endlessly. Apple Mail deletes my VIP list every day, file open dialogs are sluggish in most programs, to 4-8 second delays in DreamWeaver and with display glitches. APIs are removed breaking apps some users depend upon. In 10.10.1, Apple broke display scaling APIs in 10.10.1 leading to all sorts of issues with Photoshop and dual and 4K displays, so much so that I cannot use a large 4K display as the main screen and still with problems as a 2nd.

Update (2014-12-29): Marco Arment:

I hope Apple realizes how deeply their reputation has been damaged, in an alarmingly short time, by their rapid decline in software quality.

I’m not excited about the Watch — I’m afraid of the toll it will take on Apple’s greatly strained engineering resources.

Chris Adamson:

What the hell has happened? Remember two years ago when there was such an uproar over Core Data in iCloud not working? It was a hot-button issue, but very limited in scope: Core Data was still a trusted tool when used locally, and even iCloud behaved for most developers using it for documents or simple plists. It was a problem that didn’t involve a lot of collateral damage.

By comparison, what we’ve seen in the last six months is pervasive, if not ubiquitous. It’s in the developer tools, it’s in the operating system, it’s in iLife and iWork. It’s like the floor has utterly dropped out from beneath all Apple software, across the board.

Update (2015-01-06): Iā€™ve posted a new series of links at Appleā€™s Software Quality, Continued.

Update (2016-02-16): Iā€™ve posted a new series of links at Mossberg Discovers the Functional High Ground. See also the Apple Software Quality tag.

An Aging Collection of Unix Tools

Rob Griffiths:

So while Apple has patched bash, this version of the shell is simply ancient. Just how old is it? bash 3.2.53(1) is roughly seven years behind the current version, 4.3.25. Seven years is like, well, forever, in Internet time!

With that bash age gap in mind, I took at look at a number of common Unix apps—in both Mavericks and Yosemite—to see which versions were in use. Then I checked the same apps in MacPorts, a tool that makes it simple to install many Unix apps.

[…]

The results were interesting, to say the least—many of the core Unix utilities in OS X are years and multiple versions behind their open source, er, sources. You can thank GPL v3 for that, as noted above (and covered in more detail below).

Move Fast and Break Nothing

Zach Holman:

What happens is this: a request will come in as usual and run the existing (old) code. At the same time (or just right after it executes), we’ll also run the new code that we think will be better/faster/harder/stronger (pick one). Once all that’s done, return whatever the existing (old) code returns. So, from the user’s perspective, nothing has changed. They don’t see the effects of the new code at all.

[…]

Science (and its sister library, github/dat-analysis) can generate a graph of the number of times the code was run (the top blue bar to the left) and compare it to the number of mismatches between the control and the candidate (in red, on the bottom). In this case you see a downward trend: the developer saw that their initial deploy might have missed a couple use cases, and over subsequent deploys and fixes the mismatches decreased to near-zero, meaning that the new code is matching production’s behavior in almost all cases.

[…]

All of this gives you evidence to prove the safety of your code before you deploy it to your entire userbase. Sometimes we’ll run these experiments for weeks or months as we widdle down all the — sometimes tricky — edge cases. All the while, we can deploy quickly and iteratively with a pace we’ve grown accustomed to, even on dicey code. It’s a really nice balance of speed and safety.

This is the sort of thing that’s easier to do with hosted software. But it can be applied to apps as well: for example, a debug version of SpamSieve that runs both the old and new e-mail parsers and logs any differences in output.

Shellshock Security Bug in Bash

Huzaifa Sidhpurwala:

[…] the vulnerability arises from the fact that you can create environment variables with specially-crafted values before calling the Bash shell. These variables can contain code, which gets executed as soon as the shell is invoked. The name of these crafted variables does not matter, only their contents.

[…]

Bash has functions, though in a somewhat limited implementation, and it is possible to put these Bash functions into environment variables. This flaw is triggered when extra code is added to the end of these function definitions (inside the environment variable).

Troy Hunt:

Imagine an HTTP request like this:

target = 0.0.0.0/0
port = 80
banners = true
http-user-agent = shellshock-scan (http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)
http-header = Cookie:() { :; }; ping -c 3 209.126.230.74
http-header = Host:() { :; }; ping -c 3 209.126.230.74
http-header = Referer:() { :; }; ping -c 3 209.126.230.74

[…]

Put succinctly, Robert has just orchestrated a bunch of external machines to ping him simply by issuing a carefully crafted request over the web. What’s really worrying is that he has effectively caused these machines to issue an arbitrary command (albeit a rather benign ping) and that opens up a whole world of very serious possibilities.

[…]

The headlines state everything through 4.3 or in other words, about 25 years’ worth of Bash versions. Given everyone keeps comparing this to Heartbleed, consider that the impacted versions of OpenSSL spanned a mere two years which is a drop in the ocean compared to Shellshock.

Alastair Houghton:

Put another way, unless you have very old code running on your web servers, and unless you are doing something like running a public SSH server that allows restricted log-ins (e.g. to run Git or Subversion via SSH, but nothing else), the chances are that you aren’t vulnerable to remote exploits based on this. You should check, but you should not panic.

Future South Technologies (via Mike Rundle):

While watching their activities, I noticed something very odd. All of the hosts that appeared to be running their perl script were pretty high profile. Not just random web servers around the web, though they do have a separate channel for that. But this channel had a lot of domains sitting in it that would have most you your jaws dropped. The most prevalent of the two being lycos.com and – wait for it – yahoo.com.

Robert Graham:

The theory is the claim promoted by open-source advocates that “many eyes makes bugs shallow”, the theory that open-source will have fewer bugs (and fewer security problems) since anyone can look at the code.

What we’ve seen is that, in fact, very few people ever read code, even when it’s open-source.

Rich Mogull:

Not only is nearly every version of Unix vulnerable, including Linux and OS X, but most of the initial patches are not completely effective at blocking the hole. It’s a near-worst-case scenario where we have a piece of software on nearly every non-Windows server on the Internet — and plenty of personal computers thanks to Apple’s market growth — that is vulnerable to multiple kinds of remote attacks, all capable of completely taking over the system, with no way to stop it completely.

Apple’s OS X bash Update 1.0:

This update fixes a security flaw in the bash UNIX shell.

Straight to Windows 10

The Economist:

The replacement for its widely disparaged Windows 8 operating system turned out to be not Windows 9, as expected, but Windows 10. No explanation, other than marketing waffle, was given as to why the company should skip a release number.

[…]

Or was it, as several software developers tweeted, because so many legacy applications first check whether the computer being used is running a version of Windows beginning with number nine (as in Windows 95 or Windows 98). Had Microsoft’s new operating system been called Windows 9, it was argued, serious compatibility issues could have arisen.

Code such as OpenJDK 1.7 (via @newsoft):

if (osName.startsWith("Windows")) {
    isWindows = true;
    if (osName.startsWith("Windows 9") ||
        osName.startsWith("Windows Me"))
    return; // win9x/Me cannot handle long paths
}

Similar version number comparison problems also show up with Java for Mac.

Update (2014-10-12): Jason Snell:

This sounds ridiculous enough to be an Internet hoax, yet it appears to be real. And it led to a pretty funny joke from Ray Ozzie, developer of the ancient Windows program Lotus Notes.

Friday, October 10, 2014

iOS 8’s Health App

Chuq Von Rospach:

The first thing I really like: it implements an ICE (In Case of Emergency) contact area on the phone available even if you’ve put in a PIN lock. […] Everyone should set this up. You do so by firing up the Health app and going into the Medical ID area.

[…]

The first problem is the app has no way to back up data — I’ve already heard of someone who reset and restored a device and lost the data collected. There’s no way to export the data, there’s no way for me to import my existing data — and I have years of it accumulated. There’s no web version on iCloud so there’s no way I can look at or share the data, and it doesn’t sync the data to the cloud. The app isn’t available on the iPad, either, so the data can’t be views/manipulated there.

In other words, it’s a write-only data hole, and if you have to restore your device or lose it, the data’s gone. So using this “in production” is a non-starter. The app has a feel of a working demo, not a final app.

[…]

There is no way for a woman to track her period, and there’s no capability for fertility monitoring.

[…]

There is no “notes” section. One thing I do in my spreadsheet is keep notes about various things that happen on specific days, like when I change dosage on a prescription or switch drugs. I can go back three years and see what I was taking and what dosages. there’s no way to do that in this app. I also keep key events documented that give context to the readings at that time, like “Norovirus” or “Visited the Emergency room”. To me, unless I can annotate notes onto a given day, this app is a lot less useful than it could be.

I was surprised that it doesn’t track blood cholesterol (LDL and HDL) or triglycerides. I presume that there will be third-party apps to export and import the data.

Secure Golden Key

Jonathan Zdziarski:

So Apple fixed their security – so what? Well, they fixed it right… and that means that they fixed it so they, themselves, couldn’t break into it… which is the only way to do encryption right. They can’t break into their own phones, at least without using a password breaking tool. That is significant. So in fixing their security, Apple has now said to law enforcement, “we’re sorry, but we’d have to perform sophisticated attacks against our own products in order to even have a chance at dumping data for you.” What they haven’t said, but is very much also the truth, is “we’ve made our products secure enough so that we can’t even hack them … and can keep you safe from criminals, keep our public officials safe from spy agencies, and can keep our military safe from foreign governments – all looking to spy on, eavesdrop on, steal data from, and learn crucial intelligence to harm America (insert any other country here)”.

Bruce Schneier:

FBI Director James Comey claimed that Apple’s move allows people to “place themselves beyond the law” and also invoked that now overworked “child kidnapper.” John J. Escalante, chief of detectives for the Chicago police department now holds the title of most hysterical: “Apple will become the phone of choice for the pedophile.”

Matthew Green:

Since only the device itself knows UID -- and the UID can’t be removed from the Secure Enclave -- this means all password cracking attempts have to run on the device itself. That rules out the use of FPGA or ASICs to crack passwords. Of course Apple could write a custom firmware that attempts to crack the keys on the device but even in the best case such cracking could be pretty time consuming, thanks to the 80ms PBKDF2 timing.

(Apple pegs such cracking attempts at 5 1/2 years for a random 6-character password consisting of lowercase letters and numbers. PINs will obviously take much less time, sometimes as little as half an hour. Choose a good passphrase!)

The Washington Post:

How to resolve this? A police “back door” for all smartphones is undesirable — a back door can and will be exploited by bad guys, too. However, with all their wizardry, perhaps Apple and Google could invent a kind of secure golden key they would retain and use only when a court has approved a search warrant.

Chris Coyne:

A “golden key” is just another, more pleasant, word for a backdoor—something that allows people access to your data without going through you directly. This backdoor would, by design, allow Apple and Google to view your password-protected files if they received a subpoena or some other government directive.

[…]

Apple’s anti-backdoor policy aims to protect everyone. The following is a list of real threats their policy would thwart. Not threats to terrorists or kidnappers, but to 300 million Americans and 7 billion humans who are moving their intimate documents into the cloud. Make no mistake, what Apple and Google are proposing protects you.

Whether you’re a regular, honest person, or a US legislator trying to understand this issue, understand this list.

Update (2014-10-14): Rich Mogull:

Law enforcement, especially federal law enforcement, has a history of desiring and imposing backdoors into technology. The Communications Assistance for Law Enforcement Act (CALEA) of 1994 requires all telecommunications equipment manufacturers to enable remote wiretapping for law enforcement in the hardware. But CALEA backdoors have also been abused by criminals and intelligence agencies.

Update (2018-06-02): Devlin Barrett (via Hacker News):

The FBI has repeatedly provided grossly inflated statistics to Congress and the public about the extent of problems posed by encrypted cellphones, claiming investigators were locked out of nearly 7,800 devices connected to crimes last year when the correct number was much smaller, probably between 1,000 and 2,000, The Washington Post has learned.

Over a period of seven months, FBI Director Christopher A. Wray cited the inflated figure as the most compelling evidence for the need to address what the FBI calls “Going Dark” — the spread of encrypted software that can block investigators’ access to digital data even with a court order.

iOS 8 Family Sharing

Geoffrey Goetz:

In the old style of sharing an iTunes account, computers and devices could switch between different accounts every ninety days. With the new iTunes Family Share, each iCloud account can only be associated with one Family Share at a time, and can switch only twice in a calendar year.

[…]

What makes it worth switching is the fact that the children on the account can start building up their own account with their own apps. This may not be important for any child under the age of thirteen, but will become important once your child grows up and wants to manage their own purchases. With the old style of sharing an iTunes account across multiple devices within a family, there was no way to break away from the family and start of with a library of your own apps, music, books and movies. Now there is, family members can start building up their library before moving out of the family.

Update (2014-10-24): Dave Stachowiak:

Family sharing doesn’t seem to be all it was cracked up to be. It’s not making sense to have to pay for iTunes Match multiple times or in app purchases again for different IDs in the same house.

iPhone Bend Testing

Previously, on Bendgate: Just Avoid Sitting in That Way.

Josh Lowensohn:

Apple’s answer today, both in a statement and now in these testing facilities, is that the iPhone 6 is tough. It’s made with steel / titanium inserts designed to reinforce potential stress points, a special blend of aluminum Apple formulated itself, and ion-strengthened glass. But more important, Apple says, is that the iPhone 6 has been put through hundreds of tests, as well as tested in the pockets of thousands of Apple employees before consumers ever get their hands on it.

[…]

Apple was mum on how much the new iPhones can actually take, something it considers a trade secret. It pointed only to 25 kilograms, the amount of weight Apple puts on top of the iPhone’s screen to test it for the bends. Next to a machine that does this thousands of times is a small set of weights: this isn’t actually the full amount of weight the phone can take Riccio says, just what it can handle while being capable of “bouncing back” to its original form. Even so, there are limits.

[…]

Along with that three-point test, there’s what’s known as a “sit test,” which simulates the stresses iPhones undergo while in pockets. And not just any pockets, either. There’s a test for when people sit on a soft surface, when the iPhone is sat on, as well as what Apple considers the “worst-case scenario,” which is when it goes into the rear pocket of skinny jeans and sits on a hard surface — at an angle.

Consumer Reports (see also the criticisms at Hacker News):

All the phones we tested showed themselves to be pretty tough. The iPhone 6 Plus, the more robust of the new iPhones in our testing, started to deform when we reached 90 pounds of force, and came apart with 110 pounds of force. With those numbers, it slightly outperformed the HTC One (which is largely regarded as a sturdy, solid phone), as well as the smaller iPhone 6, yet underperformed some other smart phones.

John Gruber:

Consumer Reports is the outfit that made Antennagate a thing. If anything, their reputation is such that you’d expect them to fan the flames on this, not extinguish them. They’re saying the iPhone 6 Plus is even more bend-resistant than the regular 6. This should put an end to Bendgate — but it won’t, because in the minds of the deranged, the new iPhones bend like a chocolate bar left out in the sun.

This reminds me a lot of Antennagate. Here, as there, independent tests show that Apple’s new phone performs worse than the previous generation model, as well as some popular models from other companies. Yet people generally conclude that there is no story there. To me, the takeaway from the Consumer Reports test is that the iPhone 5 is almost twice as resistant to deformation as the iPhone 6, withstanding 130 lbs. vs. 70 lbs.

The question I would like answered is: What is Apple’s policy on replacing bent phones that were put in a front pocket but not otherwise mistreated? That should tell us whether they intend the iPhone 6 to be as durable as the previous models that we have all been using. The answer seems to be that you are out of luck.

Update (2014-10-11): Brad W. Allen bent his iPhone in his front pocket and returned it without issue.

Update (2014-10-16): Accidental Tech Podcast has follow-up about iPhones bending and Apple not replacing them.

Update (2015-08-27): Dr. Drang:

Despite these deficiencies, Lew’s basic conclusion holds: the new shell is far stronger than the current one. I wouldn’t trust any of the numbers, but there’s no question that his qualitative result is correct.

Why is the new shell so much stronger? The possibilities are stronger material, better structural geometry, or a combination of both.

[…]

In the video, Lew finesses this unknown by calling the new material “7000 series,” which is certainly true, but it’s not the whole truth. To me, the fact that the aluminum in the new shell doesn’t meet a standard specification is one of the most interesting findings. It suggests that Apple has developed its own proprietary aluminum alloy.

On iPods, iTunes, DRM, and Lock-in

Nick Heer:

If the songs did not have DRM, they could be played on iPods without any hiccups. Therefore, the claim in the suit that Apple actively prevented the playback of music acquired from non-iTunes sources is completely ridiculous. Should all companies be required to license all DRM formats? I’m surprised this suit has been going on for ten years, and that it has not yet been dismissed.

Quicken 2015: Close, But Not Yet Acceptable

Glenn Fleishman:

Quicken 2015 isn’t awful. That’s great praise given how bad Quicken Essentials was and Intuit’s long-running inability to update its flagship financial software for a platform of customers who desperately wanted a new version. At $74.99, Quicken 2015 is also not cheap, but given the small amount I’ve paid for minor updates to 2007 over the years, I was willing to plop my money down.

But for my purposes, Quicken 2015 still isn’t fully baked.

I’ve never liked Quicken, so I’ve also tried most of the alternatives. The only one I was happy with was MoneyWell, though I completely ignore the way it wants me to handle budgeting. Unfortunately, MoneyWell now needs a new home.

Recovering From a Failed Drive With Apple’s Software RAID

Wolf Rentzsch:

Disk Utility is happy to assist you a creating a new RAID, but if you try to do that with an existing slice I can speak from experience it will make good on its threat to delete all existing data before creating recreating the RAID. Which kinda misses the point of rebuilding the RAID from the slice that’s still standing.

No way, Disk Utility will let me create a RAID Mirror, but can’t actually rebuild it?

Way.

Sigh, OK, so what app do I use to rebuild? This “RAID Utility.app” looks promising.

Sorry. RAID Utility.app, available on OS X Server only, is for Apple’s hardware RAID.

As a software RAID pauper, you don’t get an app.

You’re about to tell me I need to drop down to the Unix layer, aren’t you?

Sadly, yes.

Running the Run Loop Until a Predicate Succeeds

Nicolas Bouilleaud:

By observing kCFRunLoopBeforeWaiting, we can test for completion on every loop of the RunLoop. Before sleeping (i.e. waiting for an event), the RunLoop has called everything there was to call. That’s the right time to test for completion. This variant also solves the “active polling” scenarios: if the polling_ flag is set, the RunLoop actually never sleeps and run continuously; fulfilled_ is checked on every pass. And of course, contrary to most implementations, including my own, there’s no “minimal delay”, and no additional code to handle the loop or the timeout. That should do the trick.

I’ve seen lots of implementations of this idea. I’m not sure what the Right Way is, but this seems like a good one. It uses CFRunLoopObserver.

Thursday, October 9, 2014

To Swift and Back Again

Christoffer Lernö:

This article could have been about how we converted our current project to Swift, then eventually had to convert 15k lines of Swift back to Objective-C again. But it’s not going tell that story. – The main reasons are outlined in this article anyway: by Swift 1.0, compile times for a project like ours was exceeding a minute and for editing, Xcode 6.0 was thoroughly broken. With no known date when this would be fixed there wasn’t really much of a choice.

No, this article is going to talk the experience of taking the project to Swift and then back to Objective-C – what was better in Swift and what improved going back to Objective-C.

[…]

The worst part was working with dynamic data structures. This was simply not practical to do in Swift. The best way here turned out to be converting all the dynamic data to classes and structs.

[…]

Aside from that issue, Swift has traditionally been very inconsistent in how and when to inline code. Tiny changes can sometimes grant magnitudes of faster code in a quite unpredictable manner. Swift runtime performance is really a mixed bag. From C performance to something speeds that even Java 1.0.2 would be deeply ashamed of.

It’s not the speed itself that’s the problem, but rather the unpredictability. And yes, this will improve – but when will it be solid enough to rely on? Objective-C is not fastest, but it’s guaranteed to perform exactly the same no matter how the other library is linked.

iOS 8 “Reset All Settings” Bug Erases iCloud Drive Documents

Juli Clover:

The “Reset All Settings” option explicitly says that “No data or media will be deleted,” and it is meant to reset all user preferences to the default out-of-the-box settings. That the option is deleting iCloud Drive documents appears to be a serious bug, though it may be limited to Apple’s own iWork apps like Pages, Keynote, and Numbers. One user had all of his iWork documents wiped by using “Reset All Settings,” while other app information remained in iCloud.

In our own testing, using “Reset All Settings” deleted all iWork documents stored in iCloud Drive on the iPhone and on iCloud.com. After allowing time for syncing to a Mac running OS X Yosemite, all of the documents disappeared from that machine as well. Preview and TextEdit documents, which cannot be accessed on the iPhone, remained untouched on the Mac.

iOS 8 Location Permissions and Notifications

Tim Schmitz:

Apps can only ask for one level of access, and can only ask once. Developers have to choose how much access to request. Once you’ve asked for “when in use” authorization, for example, you can’t ask again for “always” permissions. You also can’t display a dialog asking the user to choose between “Always,” “When in use,” or “Never.”

[…]

Apple’s solution to this problem is to let developers send users to the Settings app so that they can change the location permissions for your app. This feels like a classic “sweet solution.” It’s not a good experience to boot users out into the Settings app, even if it’s directly to the settings for your app’s location permissions. It breaks the user out of your UI, and there’s no obvious way to get back to your app after they’ve changed settings.

John Gales:

By far the most annoying change is a giant blue banner on the top of the screen when an app is using your location in the background. This banner can’t be dismissed and there isn’t a setting to have it not show. This sounds OK on paper (we want to prevent apps from tracking you without your knowledge), but in practice is insane. I know perfectly well that Google Maps is using my location, if it were not using my location I would be very interested as I will get lost as a result. It’s fine if you want to let me know this, but please give me a way to dismiss it.

[…]

The final sin is that this turd also appears when you’re not actually using another app at the same time as navigating. Simply closing Google Maps is enough to have the blue banner show up for about half a second. Even if you hadn’t navigated anywhere. This flash is enough to infuriate me.

Schrödinger’s Shift Key

Allen Pike:

When the shift key is on, it blends in with the letter keys. When it’s off, it blends in with the function keys. Neither state sticks out enough to read as active, especially in a split second.

This would only be moderately annoying, except that iOS suddenly engages the shift key in certain circumstances. It’s usually convenient, but if you need to type apike is my username, I am from B.C. and live in Vancouver it’s crazy-making and requires good feedback about what’s happening.

John Gruber:

Single most surprising thing about iOS 8 to me is that Apple didn’t fix this.

I concur.

Wednesday, October 8, 2014

The Source of Technote #2034

Former Apple Evangelist Tim Holmes started a huge Twitter reply chain referring to this podcast episode:

I admit responsibility for Technote 2034. An act of civil disobedience.

It’s Avie’s 10 commandments. I felt devs should know. Some engineers felt they were losing Mac OS.

As a non-coder, I was less personally offended than some, but paths sure did feel like the beginning of the end.

I had an agenda… impart a reality check. It was ’01… no way devs could comply.

Still have 2001 emails as to why & from outraged devs asking if I’d seen it & if I could help fix it

Fragility is the real issue. Remove a few letters and it breaks w/no easy fix.

Avi Drissman:

Back in 2002, Apple published a technote, Technote 2034, which was one of the most pro-Next, anti-classic-Apple things that was seen in a long while. It was met with immediate, violent reaction, and Apple withdrew it.

Of course, I wrote a reply which I emailed to Apple and filed as a bug in Radar (closed as duplicate). But that didn’t seem to be enough, so for WWDC 2002, I made up a batch of No To TN2034 buttons that I handed out.

John Gruber (2003):

Tevanian’s legacy is marred, however, by Mac OS X’s usability flaws, most of which are attributable to Tevanian’s nearly unyielding obsession with promoting old Next technology over old Apple technology. His technical acumen may be undisputed, but neither is his tin ear for usability.

Epitomizing this flaw was the infamous Technical Note #2034, entitled “Mac OS X Programming Guidelines”, which as reported by MDJ was written by Tevanian personally. Technote #2034 was so inflammatory, and in places so ludicrous, that Apple withdrew it afters howls of derision from professional Mac developers.

1Password 5.1 and Touch ID Changes

The 1Password 5.1 update seems to improve the situation with Touch ID. Most significantly, storing the master password in the iOS keychain seems to work now, whereas before I was often prompted to type the password.

The settings have been simplified. If you enable Touch ID, 1Password will always store the master password in the keychain; there is no longer an option to turn this off. If your iPhone supports Touch ID, you are no longer allowed to set a PIN code. There’s also one timeout instead of two, and there’s a new option to allow the use of third-party keyboards.

Gatekeeper’s CDHash Whitelist

Daniel Jalkut has solved the “accepted cdhash” mystery with Mac OS X 10.9.5’s Gatekeeper:

My suspicion is that in the run-up to the major changes Apple has made to Gatekeeper, they painstakingly accumulated a list of 36215 “trusted” hashes and deposited them on everybody’s Mac so that the effect of 10.9.5’s stricter code signing checks would be mitigated.

[…]

This whitelist offers a significant amount of explanation as to why some apps are allowed to launch without issue on 10.9.5 and 10.10.

Edward Marczak:

10.9.4 ran an agent that uploaded these to Apple. That’s where they get the mass hash list from.

Daniel Jalkut:

Everybody has to start signing with the modern code-signing infrastructure. In the interim, there’s a good chance your app has been whitelisted to operate as usual during the transition, but that courtesy will probably not extend to your next release.

Really poor communication from Apple here, but probably the right technical solution.

iOS 8 Photo Stream Confusion

I previously noted that iOS 8 removed the Camera Roll. The files from the camera are still stored on the iPhone, but they now appear under Recently Added.

Recently, I’ve found that the situation is even more confusing than I had thought. I used Image Capture on the Mac to delete lots of photos from my “camera roll” and free up space. With iOS 7, these photos would have been in both the Camera Roll and Photo Stream. The Image Capture clean-out would have removed the duplicate copies, and I would still be able to see my recent photos via Photo Stream in the Photos app.

With iOS 8, I am instead seeing behavior that makes no sense. The photos are still in Photo Stream, as verified in Aperture, but they are no longer visible on the phone. This is the All Photos view in the Photos app:

iOS 8 Photos

There is no more Photo Stream section of the Photos app, but I had expected to see the Photo Stream photos mixed into the above view. Indeed, Apple says:

In iOS 8, there’s no longer a separate My Photo Stream album. Instead, photos that were in the My Photo Stream album are now in the Recently Added album.

But that’s not what happens. In the Photos view, I see just a small number of recent photos (not cleared out with Image Capture) and some photos synced from iTunes. The Recently Added album only shows the former.

Even more confusing, the Settings app shows that Photo Stream is using 1.0 GB of space for photos that it won’t show me:

iOS 8 Photos Usage

Hopefully this is just a temporary hiccup until iCloud Photo Library is ready. The thing is, I don’t want Apple to store all my photos, and I don’t want to devote 1.0 GB of space on my iPhone to recent photos. All I want is to have new photos taken on the iPhone automatically transfer to my Mac without having to plug it in or manually initiate an import.

Monday, October 6, 2014

SQLite 3.8.7 Alpha 50% Faster Than 3.7.17

D. Richard Hipp (via Hacker News):

The 50% faster number above is not about better query plans. This is 50% faster at the low-level grunt work of moving bits on and off disk and search b-trees. We have achieved this by incorporating hundreds of micro-optimizations. Each micro-optimization might improve the performance by as little as 0.05%. If we get one that improves performance by 0.25%, that is considered a huge win. Each of these optimizations is unmeasurable on a real-world system (we have to use cachegrind to get repeatable run-times) but if you do enough of them, they add up.

Mac OS X 10.9.5 includes SQLite 3.7.13.

Brad Cox Interview (2009)

Dave Dribin interviews Objective-C co-creator Brad Cox (via Christoffer Lernö):

When I learned about Smalltalk and object-oriented programming from the Byte article, I think in 1982, I realized I could do something pretty similar in C and that would be a better basis to build on.

[…]

When I was directly involved, its goal was simply to add dynamic typing to C’s static typing. And the static typing you’re referring to was largely added after my time.

The idea was that Objective-C features were to be a fairly lightweight kind of tool: a soldering gun not a silicon fab line. The things you’d use C for, the statically typed stuff would be ways of building the software ICs. And that’d be done in C. That was the idea at least.

Can’t Turn Off Twitter Badges in iOS 8

Since I only use the Twitter app to respond to authentication challenges, I had turned off the option to have it badge its app icon for unread direct messages or replies. Unfortunately, that setting stopped working with iOS 8, and the switch disappeared, as users in Apple’s forum have also found.