Archive for May 2015

Saturday, May 30, 2015

Apple Notes

Erica Sadun:

I have a hate-love-hate-hate relationship with Notes. I love that Notes is built into both iOS and OS X and that it automatically syncs between devices and my home computer. I hate that individual notes constantly clone themselves into a dozen nearly identical versions of the same information. Apple does a terrible job in resolving conflicted edits. It also has a nasty tendency to entirely lose stuff. Life lesson learned: If it’s important, email it, don’t note it.


If Siri supported third party cross-platform note apps, I’d have ditched Notes a long time since. But since I haven’t, I’ve created a body of how-to and workarounds for Notes.


Notes are not normally backed up to Time Machine.

Friday, May 29, 2015

Google Photos

John Gordon:

Google Photos is amazing. I installed it on my iPhone this evening with Google credentials never blighted by Plus. It shows my Google Drive images (in Photos folder), all of my thousands of old Picasa Web images, and photos that are on my iPhone (via sync). The speed of display is amazing.


Now I have a photo sharing solution I like; one I much prefer to Apple’s iCloud/ solution.

John Gruber:

You can use it from the web, and from native apps for Android and iOS. Obviously, it’s a lot like iCloud Photos in terms of functionality and scope, but storing “unlimited, high-quality photos and videos, for free” sure is different. It also sounds like Google is doing more AI-backed / “machine-learning” image analysis for things like face detection and identifying things like snow or a beach.

Steven Levy:

To Bradley Horowitz, Google Photos is not just another product. It’s a culmination of 25 years of his work in processing images. Horowitz — who is Google’s Vice President of Streams, Photos, and Sharing — first studied computer vision in grad school and later dropped out to co-found a company in the field, Virage. In the late 1990s, when Horowitz worked at Yahoo, he was the executive behind the purchase of Flickr. And he has been involved with Google’s previous photo apps at various times in his seven years at the company. But Google Photos is the big one, the strongest push yet for the company that rules search to extend its dominance to the images you shoot incessantly from your phone and camera.


“We aspire to do for photo management what Gmail did for email management.”

Nick Heer:

One big difference between iCPL and Google Photos is that the latter allows unlimited storage for free, with some caveats: photos must be less than 16 megapixels apiece and video is limited to 1080p. Also, all of the stuff you upload with the free plan is compressed; this is in addition to whatever compression your phone or camera already applies.


If they can offer product information based on detecting the contents of your photos, they can serve you ads based on that too. It’s as simple as that.

As we’ve learned from Aran Khanna’s exploration of Facebook Messenger or any of the Snowden leaks, a few disparate points of data gleaned about a person can be associated with one another to build a much more powerful, more comprehensive look at their life.

Serenity Caldwell:

And therein comes the potential dark side of Google’s data usage, where the company pays its debts by leveraging its biggest asset: you. The millions of people who sign up for free Google services agree to terms and conditions that give the company permission to access certain subsets of any information you put online.


An image may be worth 1000 words, but image metadata may spill far more information than that, especially when applied to a Google service. According to this year’s Google I/O keynote, the Photos service will offer a search function that can find people, places, and objects — all without any active tagging on the end user’s part.

Update (2015-05-29): Dave Mark:

If you are going to upload your photos or movies to Google Photo, read these words carefully. The way I read it (and I’m no lawyer, so take this with a grain of salt), at the very least, Google has the right to use your photos in its advertising.

My guess is that this is just intended so that they have the right to show you your own photos. Apple and Flickr have similar clauses in their agreements, although some commenters are saying that there are important differences.

Heather Kelly (via Joe Rosensteel):

No, you won’t see ads in Google Photos: “We have absolutely no plans to do anything from a monetization or ads perspective.”

Ole Begemann:

Google has done a tremendous job in collecting and organizing the common record. Increasingly, it also has become interested in the conversational record.

I’d love a Google that only cared for one half of the web.

Update (2015-05-30): Manton Reece:

I actively try to avoid Google services, but Google Photos is compelling. I’m giving it a try. Photos are probably the most important files my family has, so I think it’s worth it to have an extra backup and new way to search.

Jeremy Horwitz:

On the relationship scale, I didn’t abandon Aperture; Aperture abandoned me (and a lot of other people). […] If Apple’s going to match Google on the photo and video storage front, WWDC is the right time to make that announcement. I’m waiting until then to make my decision. Otherwise, I’m planning to move my photo library over to Google Photos, as there’s nothing on the horizon that will make Apple’s photo software or cloud services more compelling.

Update (2015-06-16): David Pogue:

As automatic, free backup services, Google Photos and Flickr are exactly the same idea. They are, in fact, almost freakishly alike; you have to wonder if one company poached engineers from the other.

The Unofficial Guide to xcconfig Files

Sam Marshall (via iOS Dev Weekly):

One of the least documented aspects of the configuration process are xcconfig files. As of this writing there seem to be no documents provided by Apple that explain how to use xcconfigs or why they exist. A xcconfig file is used as a supplemental file to a specific build configuration. A build configuration can have an associated xcconfig file, this allows for additional changes to the target’s build settings from outside the Xcode project editor.

See also: Xcode Build Settings Reference, Xcode DerivedData Hashes, and Managing Xcode.

Unfortunately, Marshall’s blog doesn’t seem to have RSS.

Update (2019-05-14): See also: Mattt Thompson.

Network Request Templating

Soroush Khanlou:

This way, all the logic tied to a particular endpoint is located in one class, and any class using it gets fully baked objects in their completion block.


One of the big benefits to separating request building and response handling into their own objects is that users can inject whatever request builder they want. If their data comes back in MessagePack format, you can bring your own response handler when needed. The NSURLSession could also easily be injected.

Bugshot Relaunches as Pinpoint

Federico Viticci:

Pinpoint builds on the design and feature set of Bugshot and it adds new editing tools and initial iOS 8 integration. The app launches to a grid of recent screenshots from your device; tap one to start annotating it, choosing from four tools at the top. Pinpoint can add arrows, rectangular selections, blur sensitive information, and also add text on top of screenshots. Every tool is easy to use and requires minimal interaction: even when you want to add text, you just need to tap the image, type your note, and tap the screen again to dismiss the keyboard. This simplicity could never be found in Skitch, which makes Pinpoint the fastest way to have a decent set of annotations for iOS screenshots.

Using Siri to Work Around iMessage Crash

Apple (via Dave Marra):

Apple is aware of an iMessage issue caused by a specific series of unicode characters and we will make a fix available in a software update. Until the update is available, you can use these steps to re-open the Messages app.

Update (2018-01-18): Chance Miller:

We tested the chaiOS bug and had mixed results. In some instances, sending the link would cause both the sender and recipient’s device to respiring or cause the Messages app to instantly freeze and crash. Furthermore, reentering the thread would cause the Messages app to crash again and again, making the only viable solution to regain access to that thread to delete it and start a new one.

Update (2018-01-19): See also: Hacker News.

Thursday, May 28, 2015

TextExpander 5 and Notification Center Privacy

TextExpander 5 looks like a good upgrade to what has belatedly become an essential app for me. I like the new preview pane, and the JavaScript support looks interesting. JavaScript doesn’t particularly interest me on the Mac because TextExpander has long supported AppleScript; the news here is that JavaScript snippets also work on iOS.

The coolest feature is that TextExpander can now suggest snippets based on “phrases you habitually type”:

TextExpander can suggest new snippets based on what you type. After you have typed the same group of characters, letters or words enough times, it will suggest you create a snippet. All the snippet suggestions are collected in a Suggested Snippets group where they remain without abbreviations. You may choose to ignore them, add an abbreviation to complete them, or delete them.

There are obvious privacy concerns here. TextExpander has always observed what you type, but it has not actually saved it to disk. Back in the day, I lauded SpellCatcher’s Ghostwriter key logging feature because it helped me to restore lost text. These days, file corruption and crashes are less common, and privacy is more of an issue, so I doubt that I would use such a feature. TextExpander has a careful design that doesn’t depend on logging your typing to disk, or even storing it in RAM:

TextExpander observes your keystrokes, as well as the contents of the pasteboard, or, what you copy then paste using ⌘V. TextExpander will track how many times you repeat the same group of characters and create a new suggestion after a certain amount of repetition. However, it does not save the tracking of what you type so the tracking is lost with each TextExpander restart. Therefore, frequent restarting of TextExpander won't result in many suggestions. None of what you type is saved by TextExpander except for the snippets listed in the Suggested snippets group “Tracking” does not mean TextExpander keeps a list of the actual characters you type. Instead, it keeps an encoded record (called a “hash”) of that group of characters that cannot be deciphered, similar to the way a password is securely stored so that no one reading it knows what it is. You might type “yourpetsname” but what TextExpander sees and records is “1739405847385.”

That minor tradeoff for more privacy seems like a good one.

There is a slight catch, though. When TextExpander makes a suggestion, it posts it to Notification Center. The system stores a database of notifications, so any repeated phrases that TextExpander notices will end up persisted to disk. This happens even if you’ve chosen not to display the notifications in Notification Center. As far as I know, there is no way for applications to opt out of this persistence.

(Along similar lines, the system has another database that tracks the files you’ve downloaded.)

Until my curiosity was piqued by TextExpander, I had not been aware of this or seen anyone talk about it. Now I’m wondering whether it should be a concern for other apps, too. For example, EagleFiler posts notifications to let you know when an import has completed. If you’re importing into an encrypted library, you might not want a cleartext record of the names of the files that you’ve imported. Should TextExpander use its own private notification system instead of Notification Center? Should EagleFiler not post notifications for encrypted libraries? I’m not sure what the answers are. There are many benefits to using Notification Center, but it isn’t as configurable as I would like.

Update (2015-05-28): Another cool feature is that TextExpander can tell me (via Notification Center) when I already have an abbreviation set up but have forgotten to use it.

Update (2015-06-02): Brett Terpstra:

Nested snippets work quite well, so you can create snippets containing JavaScript libraries and include them in other snippets. Just give them long names that you’ll never type, and then reference them using the %snippet:longJSLibrarySnippetName% format at the top of your JavaScript snippet. I had the best results when setting the snippet type of included snippets to “Plain Text.”

Update (2015-07-22): TextExpander 5.1 “adds new notification preference for snippet suggestions.”

Kindle Typography Improvements

John Brownlee:

But today, Amazon is making a big step towards better typography on the Kindle. Not only are they unveiling Bookerly, the first typeface designed for the Kindle for scratch, but they’re finally solving the Kindle’s typesetting problems with an all-new layout engine that introduces better text justification, kerning, drop caps, image positioning, and more.

In appearance, it looks something like if Baskerville, a 225-year-old typeface that has been shown to shape our perception of truth, and Caecilia made a baby. Both of these parent fonts were previously available on the Kindle, but they had issues. On low-res devices, Baskerville’s thin, elegant lines looked crude, where as Caecilia, a slab serif, was just a bizarre choice for Amazon’s previous default font: although it’s highly readable, it’s a type of font best used for headlines, not body text, because slab serifs often look and feel bolded, even when they’re not.

Marco Arment:

It’s great that Amazon’s putting some effort into Kindle typography for the first time in far too long. But this is a small improvement, not a big one.


The new font and hyphenation are also only available on iOS so far. They’re not coming to Kindles until “later this summer”.

Bookerly looks nice to me, and I haven’t had problems with the justification.

Update (2015-05-28): Kirk McElhearn:

The difference is subtle, but if you pull back and look at them, you can see that the page with Bookerly is a bit lighter, which takes away that bulky feel you get when reading with Cecelia. This will be more noticeable on Kindle eink devices, where Cecelia is a bit weightier.

Applications Constantly Asking Permission to Accept Incoming Connections

Since, I think, installing Yosemite, I’ve been plagued by dialogs asking me whether to allow an application to accept incoming connections. It happens when I launch Messages, run unit tests in Xcode the first time after launch, and certain times when I run xcodebuild.

In the Security & Privacy ‣ Firewall pane of System Preferences, I have the firewall on, but all of these executables are set to Allow incoming connections. Their code signatures check out, so the system should remember what I’ve allowed and not keep prompting. This used to work.

In doing some searching, it seems that for some people this is an old problem, and for others it also started with Yosemite. I have yet to find a solution.

Similar problems with repeated prompts about privacy can be fixed with:

tccutil reset Accessibility


tccutil reset AddressBook

But I do not know of an equivalent for the firewall settings.

Wednesday, May 27, 2015

FogBugz 8.13.104

The Project Groups feature looks great.

There are some fixes to the URL Trigger feature. URL Trigger had some longstanding bugs: it wouldn’t always let you change from GET to POST, and even if your trigger was set to use POST it would still send the request via GET. This was problematic because the parameters would end up in your Web server log. And, even worse, if the parameters had too much data for the query string, the trigger would run into an error, and your server would never get the ping. Now, there should be no length limit because URL Trigger actually uses POST—although, confusingly, the way you tell it which parameters to send is by writing a query string. There is still a bug where every time you edit the URL trigger you have to click the “POST” checkbox again.

The new design is fine in most ways, but unfortunately the main body text color has changed from black to gray, which makes it lower contrast and harder to read. It is not so easy to see this in the example screenshots because the only body text is the two occurrences of “Hodor!”. However, in actual use, there are paragraphs of gray text occupying the bulk of the page.

There’s also a minor bug in that FogBugz’s sort indicator triangles are now upside down. That is, if your list is sorted A-Z the triangle will be shown with the point at the bottom.

There’s a new bug where resolving or closing a case will often bring up a modal alert that says:

Are you sure you want to leave this page?

Your case hasn’t been submitted yet, are you sure you want to leave?

It is not fun to see that many times throughout the day. Since this is hosted software, there’s no way to revert to an earlier version until the bug is fixed. The bug seems to only affect Safari, but I don’t like using other browsers. Turning off the Performance Upgrade also helps but has its own downsides.

Update (2015-07-05): The sort indicator arrows have been fixed.

Mac OS X 10.10.4 Replaces discoveryd With mDNSResponder

Benjamin Mayo:

discoveryd would cause random crashes, duplicate names on the network and many other WiFi-relate bugs. In the latest beta, Apple appears to have applied the same fix as the enthusiasts by axing discoveryd completely.

Looking at Activity Monitor on OS X 10.10.4 seed 4, discoveryd is no longer loaded by the system — instead relying on mDNSResponder. The ‘new’ process is really the one Apple used to use pre-Yosemite and did not have these problems.

John Gruber:

The saga of discoveryd is baffling to me. I would love to hear the backstory on how it shipped. And I still haven’t heard a plausible theory on what Apple was hoping to accomplish with it in the first place. What was the point of it?

Nick Heer:

There are two weeks until WWDC, where Apple will probably introduce OS X 10.11. While that won’t be released to the public until, most likely, autumn, 10.10.4 isn’t publicly available yet either. That means that developers, at least, have been using and complaining about discoveryd for about a year, and it’s still busted for consumers.

Furthermore, I haven’t heard a compelling reason for discoveryd’s existence. It must be “better”, in some way, because I can’t think of another reason why Apple would task their engineers with rewriting the networking stack. I always assumed it was to unify iOS and OS X and to enable Continuity features, but those seem to work just fine under mDNSresponder.

Lloyd Chambers:

I’ve had my own inexplicable and disturbing network failures which require disabling networking, then re-enabling it—even as the same local LAN has no issue at all on a 2nd machine. Maybe it’s discoveryd, maybe not but I’m hoping. And then there is the Pathological Network Performance in Apple OS X issue, but I don’t expect Apple to fix that one.

Hopefully, this will eventually fix the problem where I have to reboot my Apple TV before using it or it won’t have network access.

Previously: discoveryd Is Still Buggy, Why DNS in OS X 10.10 Is Broken.

Tuesday, May 26, 2015

Predictable Date Formatting

Daniel Jalkut:

That “HH” is supposed to reflect the hour as a zero-padded number between 00 and 23. And it does, or at least it has, ever since I started using this formatting string in MarsEdit eight years ago.

Starting very recently, I think with 10.10.3, NSDateFormatter may return a string formatted for the user’s 12-hour clock preference, and with a troubling “am” or “pm” component embedded within.

I don’t think I saw this problem because my date formatters like this were configured to use the “en_US” locale. However, Jalkut points out that even better is to use “en_US_POSIX”.

Update (2015-05-28): Ali Rantakari:

My @fauxpasapp can help find/detect cases like this and suggests `en_US_POSIX`.

10 Days With the Apple Watch

Kirk McElhearn:

There’s one other small feature I had expected to use on the Apple Watch, and that’s the ability to control music playback from either an iPhone, or from the watch itself. I have Bluetooth headphones that I use when walking, and the idea of not needing to take out my iPhone to control music – when I want to skip tracks, or find something else to listen to – seemed like a nice feature.

In theory. In practice, it’s not very usable, and I quickly found myself taking my phone out anyway. The controls are well-designed to skip tracks, to play and pause, and to change the volume (you can use the digital crown for the latter). But the lag is annoying, and the amount of information you see on the display is limited.

On Performance Reviews

Landon Dyer (via John Gordon):

I quit Microsoft over two years ago, and it took a whole year to get some perspective (I wrote a lot of this soon after quitting, and I’m quite happy I never published it; many of the paragraphs simply did a crescendo into incoherent ASCII screams of frustration and anger). I think that many of Microsoft’s technical failures in the last decade can be root caused in a review system that rewarded bad behavior, put the wrong people in positions of power, mis-identified the people that Microsoft should have kicked out, and caused the wrong people to get sick of things and leave. Maybe the new review system does the job; I keep hearing good things.

Many Levels of Rejection

Frank A. Krueger:

Submitting apps to the App Store is filled with many wonderful opportunities to be rejected. Let’s count them!

Monday, May 25, 2015

Camera and Photos on iOS

Daniel Eggert:

On the iPhone, we can only adjust the ISO and the shutter speed. We can hence trade noise (affected by the ISO) against motion blur/sharpness while maintaining the same level of exposure.

That explains why photos at night often look worse than those taken during the day: At night there’s a lot less light. In order to still have an acceptable shutter speed, the auto exposure will bump up the ISO, probably to the maximum of what the camera allows. And even that may not be enough to achieve enough light, so the auto exposure will also lower the shutter speed. This combination results in more noise in the image, and the image being blurred.

Matteo Caldari:

The AVCaptureSessionPresetPhoto selects the best configuration for the capture of a photo, i.e. it enables the maximum ISO and exposure duration ranges; the phase detection autofocus; and a full resolution, JPEG-compressed still image output.

However, if you need more control, the AVCaptureDeviceFormat class describes the parameters applicable to the device, such as still image resolution, video preview resolution, the type of autofocus system, ISO, and exposure duration limits. Every device supports a set of formats, listed in the AVCaptureDevice.formats property, and the proper format can be set as the activeFormat of the AVCaptureDevice (note that you cannot modify a format).


New in iOS 8 is the option to move the lens to a position from 0.0, focusing near objects, to 1.0, focusing far objects (although that doesn’t mean “infinity”).


An interesting feature also introduced in iOS 8 is “bracketed capture,” which means taking several photos in succession with different exposure settings. This can be useful when taking a picture in mixed light, for example, by configuring three different exposures with biases at −1, 0, +1, and then merging them with an HDR algorithm.

Saniul Ahmed:

PHAsset’s representsBurst property is true for assets that are representative of a burst photo sequence (multiple photos taken while the user holds down the shutter). It will also have a burstIdentifier value which can then be used to fetch the rest of the assets in that burst sequence via fetchAssetsWithBurstIdentifier(...).

The user can flag assets within a burst sequence; additionally, the system uses various heuristics to mark potential user picks automatically. This metadata is accessible via PHAsset’s burstSelectionTypes property. This property is a bitmask with three defined constants: .UserPick for assets marked manually by the user, .AutoPick for potential user picks, and .None for unmarked assets.


First, you need to register a change observer (conforming to the PHPhotoLibraryChangeObserver protocol) with the shared PHPhotoLibrary object using the registerChangeObserver(...) method. The change observer’s photoLibraryDidChange(...) method will be called whenever another app or the user makes a change in the photo library that affects any assets or collections that you fetched prior to the change. The method has a single parameter of type PHChange, which you can use to find out if the changes are related to any of the fetched objects that you are interested in.

Sam Davies:

A user can chain incompatible photo edits together — if the adjustment data is not understood by the current extension, the pre-rendered image will be used as input. For example, you can crop an image using the system crop tool before using your custom Photo Editing extension. Once you have saved the edited image, the associated adjustment data will only contain details of the most recent edit. You could store adjustment data from the previous, incompatible edit in your output adjustment data, allowing you to implement a revert function for just your phase of the filter chain. The revert function provided by the Photos app will remove all the edits, returning the photo to its original state.

30 Years of Pac-Man

Chris Kohler (via Dave Dribin):

By creating a cute cast of characters and a design sensibility that appealed to wider audiences than the shoot-em-up Space Invaders, Iwatani broadened the appeal and marketability of games, creating what some call the first “casual game.”


“After that, I became a producer. Namco was a small company, and because the organization expanded, I was promoted to section chief. Someone had to coordinate the younger developers that we’d hired.

“So although I was still capable and wanted to keep developing games, I was told to serve as the supervisor — the manager of the baseball team, instead of a player.”

Corinne Segal (via Dave Dribin):

Today marks 35 years since Pac-Man debuted at a movie theater in the Shibuya area of Tokyo. Since then, the game has become one of the most popular of all time, producing more than eight other versions, a television series and more than 400 products. A few facts to think about the next time you’re playing Pac-Man at your local laundromat or on Google Maps.


Iwatani described his company’s reaction to the game in an interview with VH1 Games in 2007, saying: “I’m not sure if I should mention this or not. Well, um, the truth of the matter is, there were no rewards per se for the success of Pac-Man. I was just an employee. There was no change in my salary, no bonus, no official citation of any kind.”

Sunday, May 24, 2015

Unicode 9.0 Candidate Emoji

Mark Davis (via Dave Addey):

These emoji have been accepted as candidates for Unicode 9.0 for a variety of reasons. They may be needed for compatibility with emoji characters in existing systems. For example, the FACE WITH COWBOY HAT was accepted for compatibility with the emoji used in Yahoo Messenger. Some are chosen based on expected high frequency of use or because they are highly popular requests from online communities. Others fill gaps in the existing set of Unicode emoji, as by completing a gender pair.

On Apple Watch Ergonomics

Craig Hockenberry:

Apple never adds settings without a good reason. The inclusion of a preference for the crown position is a pretty clear indication that someone important knew that this was an ergonomically superior choice. But it’s also one that goes against horologic convention: Apple’s desire for this device to be visually appealing won out over ergonomics. I’ll be the first to admit that the “reverse crown” looks weird. Luckily, Apple has given us a choice between what works best and what looks best. It’s been several weeks since I made the change and have never once considered changing back to the default setting. I encourage you to give it a try, too.

Indeed, it does look funny with the crown in that position. But is that only because it goes against the convention? Where did the convention come from?

Looping Auto-stop for GPS Apps and Devices

Matt Henderson:

Whether it’s my Garmin Forerunner device, or the Strava app on my iPhone, this problem happens so often that it got me wondering about possible solutions. Since the great majority of my routes—whether running, hiking or biking—start and stop at the same location, this particular problem could be solved if GPS device and app makers added a simple “looping auto-stop” setting that automatically stopped the timer whenever I returned to my starting point.

That would be great. I have forgotten to stop the GPS recorder many, many times.

Revisions for Dropbox

Revisions (App Store) (via Brett Terpstra):

The Mac OS X app that displays all your Dropbox edits, shows exactly what changes were made, and provides unlimited undo going back 30 days (or more).

One of the signature features of Revisions is that you can obtain a copy of an entire directory (including any subdirectories) at the state it was in at a user-specified point in time. To do this, first select the folder you are interested in using the folder selector at the top. Then, you will need to wait for Revisions to finish indexing that folder. Finally, move the pointer over the small space between any pair of adjacent edit groups, and click on one of the folder action buttons that appears, to download or restore a folder to that particular point in time.

This is cool, since there’s no automated way to do this using the regular Dropbox interface.

When Revisions first connects to your Dropbox account, it needs to create a list of all file edits. This is accomplished by asking for revision metadata for each and every one of your Dropbox files. The main factor that determines the indexing time is thus the number of files in your Dropbox. If your Dropbox contains many tens of thousands of files (or more) indexing can take several hours even with an excellent internet connection.

My Dropbox has about 2,000 items, and this step only took a minute or two. The Core Data SQLite index is 22.5 MB.

Update (2015-06-16): Michael E. Cohen:

The free version of Revisions can do everything I’ve just described. If, however, you purchase the $9.99 in-app upgrade to the Premium version, you get some additional functionality. Premium provides the capability to filter files shown in the timeline by name; for example, you can choose to show edits involving .html files only, or just edits involving files that contain “TextExpander” as part of their names. If you use shared folders (and, boy, do we use the heck out of shared folders at Take Control Books!), Premium shows you who among the users who share a folder have performed a particular edit.

The Responsibility We Have As Software Engineers

Ben Adida (via Ole Begemann and Eryn Wells):

We, software engineers, have superpowers most people don’t remotely understand. The trust society places in us is growing so rapidly that the only thing that looks even remotely similar is the trust placed in doctors. Except, most people have a pretty good idea of the trust they’re placing in their doctor, while they have almost no idea that every time they install an app, enter some personal data, or share a private thought in a private electronic conversation, they’re trusting a set of software engineers who have very little in the form of ethical guidelines.

Update (2015-05-24): Comments on Hacker News.

Saturday, May 23, 2015

Whose Phone Is This?

Daniel Jalkut:

The problem to my mind is not that Siri shares my name and contact information, but that it goes a step further, showing not only my main telephone number, but my physical address, all my telephone numbers, email addresses, as well as my AIM, Twitter, and Facebook accounts. It also happily provides my birthdate, the names of my wife, mom, dad, brother, heck, the names of any person I have assigned a relationship to.


Of course, you don’t have to share all this information with whatever stranger manages to pick up your phone. Simply disable Siri access from the lock screen, and nobody will be able to access your private information using it. Of course, this means no airline employee who finds your phone tucked between the seats will be able to easily return your phone to you, either.

There’s no great solution here because of the classic privacy vs. convenience trade-off. Another option would be to disable Siri on the lock screen and use the Health app’s “Medical ID” card, which is accessible by swiping right at the lock screen and then tapping Emergency.

The Logjam Attack

How Diffie-Hellman Fails in Practice:

We have uncovered several weaknesses in how Diffie-Hellman key exchange has been deployed:

  1. Logjam attack against the TLS protocol. The Logjam attack allows a man-in-the-middle attacker to downgrade vulnerable TLS connections to 512-bit export-grade cryptography. This allows the attacker to read and modify any data passed over the connection. The attack is reminiscent of the FREAK attack, but is due to a flaw in the TLS protocol rather than an implementation vulnerability, and attacks a Diffie-Hellman key exchange rather than an RSA key exchange. The attack affects any server that supports DHE_EXPORT ciphers, and affects all modern web browsers. 8.4% of the Top 1 Million domains were initially vulnerable.
  2. Threats from state-level adversaries. Millions of HTTPS, SSH, and VPN servers all use the same prime numbers for Diffie-Hellman key exchange. Practitioners believed this was safe as long as new key exchange messages were generated for every connection. However, the first step in the number field sieve—the most efficient algorithm for breaking a Diffie-Hellman connection—is dependent only on this prime. After this first step, an attacker can quickly break individual connections.

The site says that my Safari 8.0.6 is vulnerable.

Their Imperfect Forward Secrecy paper (PDF):

Our calculations suggest that it is plausibly within NSA’s resources to have performed number field sieve precomputations for at least a small number of 1024-bit Diffie-Hellman groups. This would allow them to break any key exchanges made with those groups in close to real time. If true, this would answer one of the major cryptographic questions raised by the Edward Snowden leaks: How is NSA defeating the encryption for widely used VPN protocols?

Scott Aaronson:

The further fact is that in NFS, you can arrange things so that almost all the discrete-logging effort depends only on the prime number p, and not at all on the specific numbers g and h for which you’re trying to take the discrete log. After this initial “precomputation” step, you then have a massive database that you can use to speed up the “descent” step: the step of solving of ga=h (mod p), for any (g,h) pair that you want.

It’s a little like the complexity class P/poly, where a single, hard-to-compute “advice string” unlocks exponentially many inputs once you have it. (Or a bit more precisely, one could say that NFS reveals that exponentiation modulo a prime number is sort of a trapdoor one-way function, except that the trapdoor information is subexponential-size, and given the trapdoor, inverting the function is still subexponential-time, but a milder subexponential than before.)

The kicker is that, in practice, a large percentage of all clients and servers that use Diffie-Hellman key exchange use the same few prime numbers p. This means that, if you wanted to decrypt a large fraction of all the traffic encrypted with Diffie-Hellman, you wouldn’t need to do NFS over and over: you could just do it for a few p’s and cache the results. This fact can singlehandedly change the outlook for breaking Diffie-Hellman.

Matthew Green:

This work is the result of an unusual collaboration between a fantastic group of co-authors spread all around the world, including institutions such as the University of Michigan, INRIA Paris-Rocquencourt, INRIA Paris-Nancy, Microsoft Research, Johns Hopkins and the University Of Pennsylvania. It’s rare to see this level of collaboration between groups with so many different areas of expertise, and I hope to see a lot more like it. (Disclosure: I am one of the authors, but others did all the good bits.)


However, there is a second class of servers that are capable of supporting 512-bit Diffie-Hellman when clients request it, using a special mode called the ‘export DHE’ ciphersuite. Disgustingly, these servers amount to about 8% of the Alexa top million sites (and a whopping 29% of SMTP/STARTLS mail servers).


Here it is in a nutshell: if the server supports DHE-EXPORT, the attacker can ‘edit’ the negotiation messages sent from the a client -- even if the client doesn’t support export DHE -- replacing the client’s list of supported ciphers with only export DHE. The server will in turn send back a signed 512-bit export-grade Diffie-Hellman tuple, which the client will blindly accept -- because it doesn’t realize that the server is negotiating the export version of the ciphersuite. From its perspective this message looks just like ‘standard’ Diffie-Hellman with really crappy parameters.

Bruce Schneier:

One of the problems with patching the vulnerability is that it breaks things:

On the plus side, the vulnerability has largely been patched thanks to consultation with tech companies like Google, and updates are available now or coming soon for Chrome, Firefox and other browsers. The bad news is that the fix rendered many sites unreachable, including the main website at the University of Michigan, which is home to many of the researchers that found the security hole.

This is a common problem with version downgrade attacks; patching them makes you incompatible with anyone who hasn't patched. And it's the vulnerability the media is focusing on.

Update (2015-10-15): Alex Halderman and Nadia Heninger:

However, the documents do not explain how these breakthroughs work, and speculation about possible backdoors or broken algorithms has been rampant in the technical community. Yesterday at ACM CCS, one of the leading security research venues, we and twelve coauthors presented a paper that we think solves this technical mystery.


If a client and server are speaking Diffie-Hellman, they first need to agree on a large prime number with a particular form. There seemed to be no reason why everyone couldn’t just use the same prime, and, in fact, many applications tend to use standardized or hard-coded primes. But there was a very important detail that got lost in translation between the mathematicians and the practitioners: an adversary can perform a single enormous computation to “crack” a particular prime, then easily break any individual connection that uses that prime.

How enormous a computation, you ask? Possibly a technical feat on a scale (relative to the state of computing at the time) not seen since the Enigma cryptanalysis during World War II. Even estimating the difficulty is tricky, due to the complexity of the algorithm involved, but our paper gives some conservative estimates. For the most common strength of Diffie-Hellman (1024 bits), it would cost a few hundred million dollars to build a machine, based on special purpose hardware, that would be able to crack one Diffie-Hellman prime every year.

iOS 9 and Mac OS X 10.11 Rumors

Mark Gurman:

According to sources within Apple’s software development departments, Apple engineers have been pushing executives for a Snow Leopard-style stability focus in 2015, following numerous bugs that clouded the launches of both iOS and OS X. Apple directors reportedly opposed a complete pause on new features, but agreed to focus on quality assurance by holding back some features that were initially planned for the latest operating system launches. One source explained, “I wouldn’t say there’s nothing new for consumers, but the feature lists are more stripped down than the initial plans called for.”


Marquee features aside, Apple has been working on significant enhancements to the security fundamentals of both operating systems, ranging from a major new initiative called “Rootless,” re-architected Apple apps with iCloud Drive file encryption, and a new feature called “Trusted Wi-Fi.”

Landon Fuller is worried about Rootless, as one more step towards locking down the system and restricting what apps can do. I would like to see more details on this.

Moving Notes from an IMAP to iCloud Drive back end makes sense. I’m not sure why Gurman says that Reminders and Calendar are also currently using IMAP (rather than CardDAV and CalDAV).

In what will come as a surprise to many people, our sources note that even A5-based Apple devices, including the original iPad mini and discontinued iPhone 4S, will be able to run iOS 9. In order to avoid the sluggishness and bugginess that was most notably seen in iOS 7 for the iPhone 4, Apple has restructured its software engineering process to better support older hardware.

This certainly sounds good.

Swift is planned to reach what is known as “Application Binary Interface (ABI) stability,” and its code libraries will therefore be pre-installed within the new iOS and Mac operating systems. This means that Swift applications updated for iOS 9 and OS X 10.11 will require less space and consume less data when downloaded over a cellular connection.

However, apps would still need to ship the Swift libraries for compatibility with Mavericks and Yosemite.

GitUp 0.7

GitUp (via iOS Dev Weekly):

Work quickly, safely, and without headaches. The Git interface you’ve been missing all your life has finally arrived.

It’s from Pierre-Olivier Latour, of Quartz Composer, Everpix, and Automatic fame. GitUp has a very different interface, focused on the map. For someone like me with a simple repository structure, this does not see like a helpful approach, but I could see it being useful for others. GitUp seems to make manipulating the commit graph easy. Seeing the code that changed in a particular commit, which other Git clients make easy, takes an extra step.

The most interesting feature to me is that it can optionally build an index (SQLite FTS) at .git/co.gitup.mac/cache.db to make searching the repository by diff content very fast. (My main Git client, Tower, doesn’t even have a slow way of doing this.)

GitUp is currently free, but you need to create an account to enable most of the features. It seems to be in a rough state right now: the commit view’s notion of what’s changed in my working directory is out of sync with what other Git clients show [Update (2015-05-26): This is not a bug in GitUp; see the comments.], and trying to commit a file just gave me a “launch path not accessible” error. But I think this is definitely an app to watch.

Update (2015-05-29): Jonathan Wight:

The Map view and Quicklook views are an interesting take on presenting the structure of a git repository while being able to selectively dive into the details of individual commits. I feel however that the information density of traditional Log views in other git clients is superior to the map view.

Compare the following screenshots of the same repo in Gitx and Gitup (both on 13" MBP): GitUp, GitX.

Optical Adjustment

Luke Jones (via iOS Dev Weekly):

In my early days as a designer, I relied on Photoshop or CSS to tell me whether something was right or wrong. If Photoshop indicated that two shapes were aligned, then they were aligned. If two different shapes were the same size, then that was the case. If two colours had the same hex values, then they looked the same colour.

This approach seemed logical, but it was an incorrect way of working.


Understanding these subtle differences and knowing how to adjust them is what makes a good designer even better — few will notice if it has been considered, but many will notice if it hasn’t.

How Not to Crash #3: NSNotification

Brent Simmons:

I have one simple, hard-and-fast rule: NSNotifications are posted on the main thread only. No exceptions. If some code is running in another thread and it needs to post a notification, it does so on the main thread.


Your notification handlers should be written so that they can deal with getting called twice. And it should be impossible for a given object to register twice for the same notification. Both.

Friday, May 22, 2015

LaunchBar Action Editor and AppleScript List Syntax

LaunchBar 6.4 introduces a new action editor:

  • Easily create new actions from scratch or duplicate existing actions for customization.
  • Configure action properties, runtime behavior, and more. Values are pre-filled where possible.
  • Configure and modify action scripts with various scripting languages.
    • Script templates provided for AppleScript, JavaScript, Python, Ruby, Shell script and Swift.
    • Easily add or remove Suggestions Scripts and Action URL scripts.
    • Configure script properties.
    • Open scripts in default editor for editing.
  • Manage action resources
    • Add, rename or delete resources.
    • Set image as action icon.
  • Manage localization
    • Add or remove localizations.
    • Manage localizable strings.

There is actually quite extensive support and documentation for custom actions now, with more emphasis on sharing actions (and therefore code signing to make that secure). It’s also instructive to look at the built-in actions to see how they work.

I learned, for example, that at some point AppleScript added support for using square brackets for list literals. I do not see this documented anywhere, so I’m not sure how far back scripts with this syntax will work. But it’s nice when you have a mix of lists and records to be able to write:

[{k1:"v1", k2:[1, 2, 3]}, {k1:"v2", k2:[4, 5, 6]}]

instead of using curly brackets for everything:

{{k1:"v1", k2:{1, 2, 3}}, {k1:"v2", k2:{4, 5, 6}}}

Note that you cannot use square brackets and colons for record literals. Except in Swift, where you have to use square brackets for everything.


Arkadiusz Holko’s ReflectableEnum (via Mac Dev Weekly):

A macro and a set of functions introducing reflection for enumerations in Objective-C.


  • get a string value for an enumeration's member (which is a common problem)
  • get all values used in an enumeration (also a prevalent issue)
  • get a minimum value in an enumeration
  • get a maximum value in an enumeration

You replace NS_ENUM with REFLECTABLE_ENUM, which parses the text of the definition and generates a family of helper functions.

See also: JREnum, which seems to be more flexible about the values it supports, but uses typedef enum instead of NS_ENUM.

Update (2015-05-26): Arkadiusz Holko now has a blog post about ReflectableEnum.

Thursday, May 21, 2015

Safari URL-spoofing Bug

Lucian Constantin:

The issue was discovered by security researcher David Leo, who published a proof-of-concept exploit for it. Leo’s demonstration consists of a Web page hosted on his domain that, when opened in Safari, causes the browser to display in the address bar.

The ability to control the URL shown by the browser can, for example, be used to easily convince users that they are on a bank’s website when they are actually on a phishing page designed to steal their financial information.


That’s because the attack code is designed to redirect the browser to the spoofed URL, but before the content is loaded, the code reloads the current page.

Hard Drive Icons Through the Ages

Eli Schiff:

Nevertheless, ever since the original OS X hard drive icons were designed, this category of icons has been a touchstone for icon design practitioners. Whether designing a custom application icon, a commercial disk image or making a custom icon to distinguish one's personal drives, hard drive icons have been a prime area for designers to display their skill in both technical execution and creativity.

This post is hardly exhaustive. I have selected only a fraction of the incredible icons that community members have designed over the years.

First-Class “Statements”

Justin Le (via Andy Matuschak):

One thing I’ve really always appreciated about Haskell is that all “statements” in Haskell (or at least, what would be statements in other languages) are first-class members of the language. That is, (imperative) statements are literally just normal objects (no different from numbers, or lists, or booleans) — they can be saved to variables, passed to functions, transformed using normal functions, copied, etc. Haskell doesn’t have statements — everything is an expression, representing normal data! This really opens up a whole world of possibilities for not only reasoning about your code, but also for new ways to frame ideas in contexts of parallelism, concurrency, exceptions, DSLs, and more.


In many other languages, sequencing actions is a special part of the syntax — a semicolon, usually. In Haskell, sequencing is not special — it’s just a normal function on normal data structures.

You can even make your own “first class” control flow!

Which Features Overcomplicate Swift?

Rob Rix (tweet):

It’s even harder to separate out the opportunity cost—how many of the language’s other complexities and inconsistencies would have been reconciled if they hadn’t had to focus on interoperability with a fundamentally unsafe language and runtime with which they share an address space?

While this overwhelms the language’s design, it’s hardly the only example of complexity.


Crucially, the vast majority of this is incidental complexity, not essential complexity. Swift is a crescendo of special cases stopping just short of the general; the result is complexity in the semantics, complexity in the behaviour (i.e. bugs), and complexity in use (i.e. workarounds).

Update (2015-05-23): Marcel Weiher (Hacker News, Reddit):

Or the whole idea of having every arithmetic operation be a potential crash point, despite the fact that proper numeric towers have been around for many decades and decently optimized (certainly no slower than unoptimized Swift).

And yet, Rob for example writes that the main culprit for Swift’s complexity is Objective-C, which I find somewhat mind-boggling. After all, the requirement for Objective-C interoperability couldn’t exactly have come as a last minute surprise foisted on an existing language. Folks: if we’re designing a replacement language for Apple’s Cocoa frameworks, Objective-C compatibility needs to be designed in from the beginning and not added in as an afterthought. And if you don’t design your language to be at odds with the frameworks you will be supporting, you will discover that you can get a much cleaner design.


The situation is even more bizarre when it comes to performance. For example, here’s a talk titled How Swift is Swift. The opening paragraph declares that “Swift is designed to be fast, very fast”, yet a few paragraphs (or slides) down, we learn that debug builds are often 100 times slower than optimized builds (which themselves don’t really rival C).


I like Swift because constantly challenges my skills as engineer, I have to find workarounds to apply all the concepts I know about functional programming, but... this is the current feeling, I don’t know if in a long run this would persist, I can’t image to fight against the language like I have to do sometimes, would make me still happy in 2-3 years, maybe some day I would get tired.

Update (2015-06-11): Marcel Weiher (comments):

Apple used to be very much about going that distance, and I don’t think Swift lives up to that standard. That doesn’t mean it’s all bad or that it’s completely irredeemable, there are good elements. But they stopped at sophisticated complexity. And “well, it’s not all bad” is not exactly what Apple stands for or what we as Apple customers expect and, quite frankly, deserve. And had there been a Steve in Dev Tools, he would have said: do it again, this is not good enough.

Update (2015-06-12): Adam Knight:

Swift is kind of like when you’re a kid and you fill the bag of jelly beans with all your favorite flavors and then reach in and have a handful all at once. Each was a good idea, but together it lacks anything that made any single piece good.

Wednesday, May 20, 2015

Mistake One

Marco Arment (tweet):

I hate typing on it, I hate the trackpad, it’s slower than I expected, the screen is noticeably blurry from non-native scaling to get reasonable screen space, and I don’t even find it very comfortable to use in my lap because it’s too small.


The 11-inch MacBook Air shows that the MacBook’s compromises have nothing to do with going Retina — the One has roughly the same GPU, less horsepower, less space, less weight, and a smaller battery, yet still drives a Retina screen perfectly well. Apple could have made a Retina MacBook Air instead of (or in addition to) this new MacBook, but chose not to.


This concerns me more than you probably think it should. Not only does it represent compromised standards in areas I believe are important, but it suggests that they don’t have many better ideas to advance the products beyond making them thinner, and they’re willing to sacrifice anything to keep that going.

He hates the new trackpad so much that he just bought a discontinued MacBook Pro with the old one. I think everyone else I’ve read has liked it, though. I remain happy with my new Air.

Update (2015-06-23): Matt Gemmell:

It did take a day to adjust, and maybe two days to learn to trust myself again without glancing over.


Otherwise, I was fluent and back up to speed with the new keyboard within an hour of switching over. It’s just not as different in use as it at first seems.

San Francisco as the Mac System Font

Mark Gurman (via Mike Rundle):

Apple is currently planning to use the new system font developed for the Apple Watch to refresh the looks of iPads, iPhones, and Macs running iOS 9 “Monarch” and OS X 10.11 “Gala,” according to sources with knowledge of the preparations. Current plans call for the Apple-designed San Francisco font to replace Helvetica Neue, which came to iOS 7 in 2013 and OS X Yosemite just last year, beginning with a June debut at WWDC.


Ever since switching to particularly thin weights of Helvetica Neue in iOS 7, Apple has been chastised for using a font that emphasizes clean lines over readability, and San Francisco is intended to solve this. According to the sources familiar with the decision to move to the San Francisco type face on iOS and OS X, Apple higher-ups also believe that the new look will serve to refresh its familiar operating systems, helping iOS and OS X to avoid becoming stale. However, some Apple engineers have told us that they are not fans of the new font, which may look particularly rough on non-Retina screens.

John Gruber:

Note too, that Apple is also using San Francisco for the keycaps on the new MacBook keyboard — Apple seems to moving toward using it for the “user interface” both in software and hardware.

Marco Arment:

If Mark Gurman is right, and he has a pretty good track record, I’m looking forward to seeing this. I don’t dislike Helvetica Neue, but it feels bland and overused, and it wasn’t designed for screen legibility.

The concern I have is that Helvetica Neue is bad on non-Retina displays, and it seems like San Francisco would be even worse there.

Update (2015-05-20): Nick Heer:

When it was released with WatchKit, I tried San Francisco as my OS X system font and found it even harder to read than Helvetica Neue. I suspect this is because the version I used was optimized for the Watch; I have hope that the version used on OS X will be optimized for that system, including for non-Retina displays. I’m very excited to see how this works.

Joe Cieplinski:

Helvetica Neue looks pretty crappy with its custom kerning in OS X, especially on non-Retina screens. (Which a majority of Mac users use and will use for years to come.) I don’t know how San Francisco will look on a non-Retina screen, but it would very likely be no worse.

New iPhone Lightning Dock

At first Apple had no Lightening dock. The next year it finally had two. Unlike with the 30-pin iPhones, I needed two hands to remove the iPhone 5s from the Lightning dock. And the dock itself stopped working after a short time. Since it never was that great, I decided not to replace it. I’ve since found that, if I’m going to use two hands anyway, I might as well keep the iPhone flat on my desk, underneath my MacBook Pro (which is on an iCurve). That gives me back some desk space.

John Gruber:

Truly curious about the timing on this — why not unveil it back when the iPhones 6 came out last year? I like using docks for my phone, and for years I used Apple’s. Ever since I switched to the iPhone 6 last year, though, I’ve used two third-party docks, both of which I like very much.


One thing both the HiRise and Spool Dock have in common with the new dock from Apple: they’re designed to work with iPhones of any width and thickness — past, current, or future.

Eric Slivka:

There are definitely some downsides, however, with the most obvious being stability. With the Lightning connector being the sole means of support for the iPhone, the device does tend to rock side to side if bumped.


For those who aren’t terribly concerned about the potential for accidental damage, the dock works well. It’s easy to mount the iPhone on the dock, and removal is also simple and possible to do one-handed by pressing down on the base with the side of your hand as you lift the iPhone off the dock.

That doesn’t sound as good as the old Dock Connector docks, which trivially worked one-handed.

The dock is officially compatible with all iPhone and iPod touch models with Lightning connectors, but yes, it will work with iPads as well. It might not be a great idea, however, as the much larger iPads are considerably less stable on the dock and the potential for damage to the Lightning connector or port is significantly higher with the possibility of greater torque on that single point of contact.

Update (2015-05-26): Iljitsch van Beijnum:

So the iPhone is only supported through its lightning port. As a result, it wobbles a bit side-to-side when touched. Fortunately, that doesn’t seem to affect the electronic connection between the phone and the dock. The iPhone sits fairly stable in the front/back direction. Still, I’m glad I get to use the dock with an iPhone 6 that’s still under warranty. The great thing about this design, apart from being both future- and past-proof (a rarity in Cupertino!), is that it lets the iPhone dock while it’s in Apple’s silicone case. There’s actually room for slightly bigger cases.

Update (2015-07-08): Julio Ojeda-Zapata:

In the end, though, Apple’s own iPhone Lightning Dock has the cleanest and simplest design, and that makes it my favorite of the bunch.

Tuesday, May 19, 2015

NSFileCoordinator Improvement in iOS 8.2

Tom Harrington (tweet):

However last week the tech note was updated, and the above section now reads:

When you create a shared container for use by an app extension and its containing app in iOS 8.0 or later, you are obliged to write to that container in a coordinated manner to avoid data corruption. However, you must not use file coordination APIs directly for this in iOS 8.1.x and earlier. [emphasis mine]

That’s great! In iOS 8.2 or higher, the obvious approach should now be safe.

Previously: iOS IPC via NSFileCoordinator and NSFilePresenter.

Update (2015-07-28): Richard Turton:

This dictionary can then be written to a specified location in the shared folder. The write has to be atomic, to ensure that the other processes don’t start reading the file before it is written. NSDictionary has a writeToURL: atomically: method that can be used for this.

Interested members of the app group can then detect the writing of this file by monitoring a folder using GCD. The details of this can be seen in the FolderWatcher class in the linked project.


The limitations of the Darwin Notification Centre and the complexities of writing to and reading from a file make the above solution suitable for only a small number of cases.

Firing Well

Jean-Louis Gassée:

Of course, there is a second type of review, or, more accurately, there isn’t one. If the individual’s performance fails to meet requirements, the message should be succinct and clear: We need to part company. There’s no need to drag the victim through a painful and pointless Performance Improvement Process. (I will briefly address the in-between pass/fail configuration below.)

The termination of a work relationship can be just as clean and respectful as a positive review… and Firing Well starts with a sane and honest hiring process.

Apple Watch User-Experience Appraisal

Raluca Budiu:

That’s why perhaps the most striking feature of the Apple watch is how much it seems to have embraced teeny-tiny targets. To unlock the screen you have to type your pin on a minuscule numerical pad. And the application screen uses a plethora of tiny circles (representing apps) organized in a focus-plus-context visualization — the center of the screen is the focus and has the largest circles, and as you get further out, the icons get smaller. Launching an app is an adventure — not only because the icons (in-focus ones included) are too small even for the tiniest pinkies, but also because deciphering them requires good eyes, or at least diligence and the will to scroll around and bring them in focus.


The deck of cards (a full-page relative of the carousel) is a presentation model that goes back at least 20 years. Cards provide sequential instead of direct access and usually should be reserved for content that has a clearly sequential nature (e.g., books) or for lists with just a few elements. Yet, on the watch, the deck of cards is preferable to the the alternative list interface, which often requires going back and forth between a list view and an item-detail view (a form of pogo sticking), and thus involves multistep navigation. Plus, with the deck of cards, users can easily trigger the contextual menu (to save the story for later reading on the phone, for example) for each item right away, whereas in the list view users must navigate to the detail to invoke the contextual menu corresponding to that item.


The average interaction with an app on the phone is about 70 seconds and about half the duration of a web session on a computer. On the watch, we can expect the average session size to be substantially shorter. Think of the information that people care for and that they can access easily in just a few seconds. That’s what you should offer on the watch.

Thanks, Ted Landau

Ted Landau:

The first time I was paid for writing about the Mac was in 1985 when A+ magazine published a reader’s tip I submitted. It detailed how to use ResEdit to modify the Welcome to Macintosh message. For 300 words, I got paid $50. It was far from a momentous event. At the time, I didn’t expect it to lead anywhere. My day job was still as a professor of psychology. But, as it turned out, the reader’s tip was the spark that ignited a flame.


The result has been three decades of doing things I thoroughly enjoyed and getting paid for doing them. Who could ask for more?

Which brings me to today. I’ve decided to call it quits and hang up my virtual pen. What I expect to be the last article I get paid to write was posted to Macworld last December.

Previously: MacFixIt Is Gone.

Monday, May 18, 2015

Hacking Airplanes

Kim Zetter (via Bill Bumgarner):

Chris Roberts, a security researcher with One World Labs, told the FBI agent during an interview in February that he had hacked the in-flight entertainment system, or IFE, on an airplane and overwrote code on the plane’s Thrust Management Computer while aboard the flight. He was able to issue a climb command and make the plane briefly change course, the document states.


He obtained physical access to the networks through the Seat Electronic Box, or SEB. These are installed two to a row, on each side of the aisle under passenger seats, on certain planes. After removing the cover to the SEB by “wiggling and Squeezing the box,” Roberts told agents he attached a Cat6 ethernet cable, with a modified connector, to the box and to his laptop and then used default IDs and passwords to gain access to the inflight entertainment system. Once on that network, he was able to gain access to other systems on the planes.

Bruce Schneier (via Bill Bumgarner):

The problem the GAO identifies is one computer security experts have talked about for years. Newer planes such as the Boeing 787 Dreamliner and the Airbus A350 and A380 have a single network that is used both by pilots to fly the plane and passengers for their Wi-Fi connections. The risk is that a hacker sitting in the back of the plane, or even one on the ground, could use the Wi-Fi connection to hack into the avionics and then remotely fly the plane. […] Previous planes had separate networks, which is much more secure.


What this all means is that we have to start thinking about the security of the Internet of Things--whether the issue in question is today’s airplanes or tomorrow’s smart clothing. We can’t repeat the mistakes of the early days of the PC and then the Internet, where we initially ignored security and then spent years playing catch-up. We have to build security into everything that is going to be connected to the Internet.

Intermittent But Frequent Pauses May Be From iCloud Syncing

Topher Kessler (via Pierre Igot):

When using your Mac running OS X Yosemite, you may find that at certain times during the day your Mac will begin to pause, showing the spinning color wheel repeatedly and quite frequently. When this happens, it interrupts all ability to type and interact with other applications, leaving you with the only options of waiting or attempting to restart your system to clear the problem.


While there is no mention of it in the system console, the problem at hand does coincide with Apple’s handling of its documents in iCloud. This is apparent through the use of the tool “fseventer” which monitors what files on your hard drive are being accessed. Through this tool you can see the massive repeated creation and deletion of a temporary file called “etilqs_NUMBER” that correlates to the pauses, along with a large level of activity for CloudKit and other iCloud resources. The etilqs file is created by the “nsurlstoraged” background process, which is responsible for managing web storage.

Updating iPhoto for Mac OS X 10.10.3

Brian Webster (tweet):

Certain versions of OS X enforce a minimum version of iPhoto that must be installed, and will refuse to run older versions. If this is the case, then trying to open libraries or perform other operations with iPhoto Library Manager will likely result in an error message saying that the installed version of iPhoto is not compatible.

Normally, it would be a simple matter of updating your version of iPhoto via the Mac App Store, but since Apple’s release of their new Photos app, iPhoto is now no longer available on the app store, which makes it impossible to directly update older versions of iPhoto. It is still possible for most Macs to get the latest version of iPhoto, but it now requires jumping through some hoops.

Sunday, May 17, 2015

How Not to Crash #2: Mutation Exceptions

Brent Simmons:

You get a collection from somewhere and enumerate it — and then you get an error about the collection being mutated as it was being enumerated. The app crashes.


You might push back, citing performance or memory use issues or both — but I’ll admit something: I’m a performance junkie, and I spend an inappropriate amount of time in Instruments making sure things are fast and use a non-weird amount of memory. And I’ve never, ever found this to be a problem. If your app has performance or memory use issues, the problem is something else, not these copies.


There’s a general point: if you’re getting a collection from code that isn’t yours, it doesn’t hurt to be defensive and enumerate a copy.

Swift does something similar automatically, although it probably doesn’t work when enumerating an NSArray that you receive.

The Rush to “Deprecate” HTTP

Dave Winer:

Google and Mozilla and others want force all non-HTTPS sites to become HTTPS.

And while the name HTTPS sounds a lot like HTTP, it’s actually a lot more complex and fraught with problems. If what they want to do ever happens, much of the independent web will disappear.


Given that a vast amount of content likely won’t move, Google and Mozilla are contemplating far more vandalism to the web than any of the ISPs they’re trying to short-circuit.


[The tech industry is] run by people who shoot first and ask questions later. This is an awful way to be having this discussion, after the decision is made, without any recourse?

Update (2015-06-16): Dave Winer:

In the tweet, people thought I was writing about protecting whistleblowers, or circumventing the control of the entertainment industry, both worthy causes. But what I am protecting is much more fundamental -- the right of the people to use the web as a space to speak their mind without interference from government and corporations. It’s as fundamental as the First Amendment of the US Constitution. I’ve created dozens of websites over the 20-plus years I’ve been writing on the web that don’t support HTTPS and never will. It would be too much work, and too expensive, and would cede control of the content to yet another administrative body. I refuse. You should too.

Brent Simmons:

The problem is the other two apps. They all rely on the open web rather than servers controlled by the app writer. And it would be unacceptable to limit those apps to https only.

Let’s also consider my two secret-project Mac apps. Both of them need http access — they’re not limited to servers that I (or some corporation) control.

Since neither app will be sandboxed, I’ll be able to do this without Apple’s approval. My concern, of course, is that this situation won’t last.

Phantom iPhone “Photo Library” Storage Usage

My iPhone has been nearly full for a while now, and I’m in the process of switching away from Apple’s photo ecosystem, so I have been deactivating various features to free up space. I stopped syncing photos from iTunes to the phone. I deleted shared iCloud photo albums. I turned off Photo Stream. I emptied the Camera Roll using Image Capture. I deleted the contents of the Recently Deleted album. I deleted the contents of Photo Stream from Aperture.

At this point, I expected Settings ‣ General ‣ Usage ‣ Manage Storage to show very little spaced used by Photos & Camera. In fact, it was still using lots of space, second only to Overcast. Shared Photo Stream and Synced from iTunes Library were close to zero, but Photo Library was using lots of space, even though there were no photos shown in the Photos app.

Rebooting the phone did not help. For a third-party app, I could have cleared the data by uninstalling and reinstalling the app, but there doesn’t seem to be any way to do this for the built-in apps. Resetting the entire phone and restoring from a backup did not help.

I found several threads in Apple’s forums about this issue. An intriguing suggestion was to set the phone’s date to the past in order to make old photos reappear in the Recently Deleted album and thus be available for deletion. This didn’t help either.

I ended up looking around using PhoneView (which still works for photo data) and found two major consumers of space:

Since I no longer needed any photo data on the phone or in iCloud, it seemed safe to delete these files. Indeed, that seems to have gotten rid of the phantom Photo Library usage. My phone now has a comfortable amount of free space.

Debugging launchd (via Hacker News):

The reason I had an interest in debugging launchd is because I had been able to trigger some crashes. launchd is like init for linux; the kernel spawns it as PID 1 and every process is executed under it. When launchd crashes, the kernel panics, and your machine reboots with the “there was a problem, press any key to continue” screen. User-land triggering kernel bugs is obviously interested due to the trust boundary crossed.


From everything I had read about other launchd crashes, there should be a crashdump file like any other process, however from the launchd re-write, I can only assume Apple had disabled that feature. In turn, you get a semi-useful /usr/bin/sample output located in the /var/log/ directory. Although this gives a bit more information than the kernel panic, I still am leaps and bounds away from finding the root cause of these crashes.


My next thought was to move to kernel debugging, and try and catch the crash before it jumped into the kernel. […] When dealing with kernel crashes, having to reboot and re-attach every time became quite annoying, so I found myself using the flags that waited for the debugger upon panic.


I ran a simple dtrace script to perform a stacktrace on launchd upon it crashing, redirecting the output to a file (this can be done as a one-liner) […] And voila! I now had a specific location, within launchd, of where this crash is occurring. That being said, it was still quite hard backtracing to understand exactly why the crash occurred.

Friday, May 15, 2015

Testing the 12-inch MacBook’s Performance with Windows 10

Alex King:

Here’s the real kicker: it’s fast. It’s smooth. It renders at 60FPS unless you have a lot going on. It’s unequivocally better than performance on OS X, further leading me to believe that Apple really needs to overhaul how animations are done. Even when I turn Transparency off in OS X, Mission Control isn’t completely smooth. Here, even after some Aero Glass transparency has been added in, everything is smooth. It’s remarkable, and it makes me believe in the 12-inch MacBook more than ever before.

So maybe it’s ironic that in some regards, the new MacBook runs Windows 10 (a prerelease version, at that) better than it runs OS X. But it’s a testament to two things: Apple’s fantastic MacBook hardware, which is forward-thinking yet surprisingly agile; and Microsoft’s excellent Windows software, which entices and excites with its beautiful interface, useful new features, and rock-solid UI transitions. I’m excited to keep Windows 10 installed on this machine, both now as a preview, and later once the final version is installed. Even hardened OS X diehards owe it to themselves to give it a try.

Update (2015-05-17): Nick Heer:

It’s worth noting that Exposé never seemed to suffer from a similar problem on any Mac excluding the lowest-end products, and that was running on far worse hardware than what we have today. In fact, a fair amount of OS X’s animations are significantly slower than the Tiger days. I’m not sure what’s causing such a substantial performance degradation, but I hope remedying it is a focus of iOS and OS X this year.

How Not to Crash #1: KVO and Manual Bindings

Brent Simmons:

Here’s the problem: the binding retains the toObject object. Which means that the button effectively retains the controller. If the controller retains its button (it should), then there’s a retain cycle. Neither will become zombies, but they could become abandoned.


The solution we came up with fixes the retain cycle without your having to remember to call an invalidate method and call it at the exact right time. It’s safer code.


In theory, bindings and KVO are there to promote loose coupling, but in practice the coupling is often just as tight — if not tighter, in a sense — and harder to debug and get right.

Like Brian Webster, I don’t recall this being a problem for me, perhaps because I tend to use a different structure. Simmons has a controller binding a button to one of the controller’s own properties. I tend to have controllers that bind widgets to key paths of a separate object controller that holds the model object. The outer controller then owns this object controller. I don’t claim that this is necessarily the best way to do it—I have not used bindings much.

Register Your Own IRS Account

Daniel Jalkut recommends that you sign up for your own account with the Internal Revenue Service to help prevent fraud:

You filing by mail will not supersede a criminal having already filed online in your stead.

I already had an EFTPS account for tax payments, but this is separate. I am a little spooked that the answers to all my identity verification questions were “none of the above.” In order to actually download your records, you have to turn off Safari’s pop-up blocker.

Nathaniel Irons:

One unexpected consequence of signing up for an IRS account: “Note: All future correspondence will be via email.” Yikes.

Facebook Instant Articles

Michael Reckhow:

As more people get their news on mobile devices, we want to make the experience faster and richer on Facebook. People share a lot of articles on Facebook, particularly on our mobile app. To date, however, these stories take an average of eight seconds to load, by far the slowest single content type on Facebook. Instant Articles makes the reading experience as much as ten times faster than standard mobile web articles.

Josh Constine (comments):

Instant Articles won’t receive preferential treatment from Facebook’s News Feed sorting algorithm just because of their format. But if users click, like, comment, and share Instant Articles more often than others, they may show up higher and more frequently in feed like any piece of popular content. That could incentivize, or implicitly force, more publishers to adopt the new hosted format.

Beyond just loading faster, Facebook will parse HTML and RSS to display articles with fonts, layouts, and formats that make Instant Articles feel like a publisher’s website. But Facebook is also providing vivid media options like embedding zoomable photos, videos, and maps with audio captions, plus contextual ‘Ambient Videos’.

Danny Sullivan:

We’ve known this would be coming, and there’s been some debate over whether it’s good or bad. But I haven’t seen that extended to what would happen if Google follows Facebook’s lead. It could, potentially causing the web to be swallowed up by two gatekeeping giants.

John Gruber:

I’m intrigued by the emphasis on speed. Not only is native mobile code winning for app development, but with things like Instant Articles, native is making the browser-based web look like a relic even just for publishing articles.

Marko Karppinen (in 2013, tweet):

To cater for a single iMac user, you need to make sure your content works with 2.5 million possible browser sizes. To cater for 150 million iPad users, you need to support just two.

To me, this fundamentally changes the math on whether complex, responsive HTML layouts make sense. Mobile browsers are slow and that’s not changing any time soon. A complicated responsive layout can take seconds to render on an iPad. Seconds!

In a world where 100ms of latency cost Amazon 1% in sales, where half a second of delay caused Google a 20% drop in traffic, we are happily spending seconds, on each and every page view, just figuring out, dynamically and in real time, the size of an iPad’s screen—a constant that’s almost literally set in stone.

Update (2015-05-15): Jason Brennan:

What makes the web the web is the open connections between documents or “apps,” the fact that anybody can participate on a mostly-agreed-upon playing field. Things like Facebook Instant Articles or even Apple’s App Store are closed up, do not allow participation by every person or every idea, and don’t really act like a “web” at all. And they could have easily been built on FTP or somesuch and it wouldn’t make a lick of difference.

Update (2015-05-17): Peter-Paul Koch:

The web definitely has a speed problem due to over-design and the junkyard of tools people feel they have to include on every single web page. However, I don’t agree that the web has an inherent slowness. The articles for the new Facebook feature will be sent over exactly the same connection as web pages. However, the web versions of the articles have an extra layer of cruft attached to them, and that’s what makes the web slow to load. The speed problem is not inherent to the web; it’s a consequence of what passes for modern web development. Remove the cruft and we can compete again.

Nick Heer:

This happens on the client side from the inclusion of Javascript frameworks, external plugins, analytics scripts, giant images, and so forth; each of these requires a DNS query, a download, and potentially rendering. This cruft also exists on the server side from related content and similar extraneous database lookups. It gets worse: the creeping of this cruft coincided with the rise of the responsive web, which means that all this crap gets served over your metered cellular connection.

Marco Arment:

The entire culture dominant among web developers today is bizarrely framework-heavy, with seemingly no thought given to minimizing dependencies and page weight. Most times I land on a Stack Overflow page with a simple Javascript question, the highest-voted answer is “Just include [framework X] and then call this function,” even though a few posts beneath it is a perfectly suitable, standalone 10-line function.

Update (2015-05-18): Accidental Tech Podcast discusses Instant Articles.

Om Malik:

But as I pointed out on Twitter, “If you need Facebook to solve the page load problem, then as media entity you need to be darwined.” My Darwin reference was prompted by all the talk about media companies ceding control of their brands and audience to Facebook. In a way it is shocking that publishing companies have not spent more energy and time shoring up their technology stacks — something web pioneer Dave Winer has been recommending for years.

I won’t argue about the merits or demerits of giants ceding control to Facebook — they will have to live with the dire consequences — but for me it highlights a bigger problem. It seems as if these giants don’t understand that the underlying network performance and “content” are two separate things. And it is not just large publishers. Design is not only a pretty face but also the entire experience, and that experience is highly dependent on the network, network conditions and people’s feelings about it.

John Gruber:

Business development deals have created problems that no web developer can solve. There’s no way to make a web page with a full-screen content-obscuring ad anything other than a shitty experience.

Thursday, May 14, 2015

Validate Project Settings: Never

Jeff Johnson:

Xcode likes to “helpfully” suggest changes to your project’s build settings. And this doesn’t happen just once. New versions of Xcode come up with even more “helpful” suggestions. So, get used to seeing the warning icon when you open your project. I mean projects. My company’s main source repository contains almost 90 Xcode projects. Each of which will show a warning icon when you open it with a new version of Xcode.


My genius idea, if I may say so myself, thank you, was to manually edit the project file and replace the LastUpgradeCheck value with 9999.

Unfortunately, this was not a complete solution. I discovered that Xcode checks not only the project but also the schemes. So you also have to manually edit the .xcscheme files for your project(s). The relevant key in those files is LastUpgradeVersion, which can also be set to 9999.

Daniel Jalkut (tweet):

The problem is a well-managed project might include settings that match Apple’s recommendations but rather than being set explicitly on a project or target node, are instead inherited from a project or target base .xcconfig file. In this scenario, Xcode repeatedly nags about updating the project or target even though the desired setting already shines through.

The problem with allowing Xcode to simply set the desired settings on the project or target is it shuts down the ability to accurately control build settings from the centralized location in the .xcconfig file.

Indeed, I’ve found Xcode’s suggestions to be more hindrance than help. They’ve broken my projects by overwriting settings with incorrect values and also, like Jalkut says, messed up inheritance, which led to problems later. But I do like to see what Xcode is suggesting, and, unlike Johnson, I don’t have very many projects. So these days I let Xcode change what it wants to and then (usually) Git-revert all the changed lines in the project file except for the LastUpgradeCheck.

Update (2015-05-14): Daniel Jalkut:

I also added a test for unwanted build settings to my integration tests, and am thinking of adding a commit hook to reject them.

I made an effort to codify settings by whether they should or shouldn’t, or “not sure.”

Dropbox’s Firefly Full-Text Search Engine

Samir Goel et al.:

As a result, we chose a sharding function based on “namespace”. A namespace is a widely used concept in our production systems. Internally, we represent a user’s Dropbox as a collection of namespaces. Each namespace consists of files and directories, along with a directory structure, and is mounted at a certain directory path within a user’s Dropbox. In the simplest case, a user’s Dropbox consists of just one namespace mounted at “/”, which is called the “Root” namespace.


This is still inefficient, as a shard typically contains a large number of namespaces (in the millions), while a user typically has access to a handful of namespaces. To make the query processing even faster, we prefix each token in the search index with the ID of its namespace: {namespace-id:token => list of document IDs}. This corresponding list of documents contains only those that contain the token and are also present in the namespace. This allows us to focus our processing on the subset of the search index that is relevant to the set of namespaces that belong to the user. For example, if a user with access to the namespace with id ns1 issues the query “san francisco”, we process it by intersecting the list of document IDs for tokens: "ns1:san" and "ns1:francisco".

An @import-ant Change in Xcode

Craig Hockenberry:

Buried deep within the Xcode 6.3 release notes there is a true gem that can relieve this daily frustration.

LLDB’s parser for Objective-C can now go through any module used in your app and determine the types used for all functions and methods it defines. If you’re using UIKit in your app, you can do this:

(lldb) expr @import UIKit


Ben Thompson:

Verizon, meanwhile, knows a lot about its users:

  • By virtue of being a paid service, Verizon knows users’ names, addresses, and even social security numbers (gotta run those credit checks!)
  • Because they are a phone carrier, Verizon knows your location, something that is useful not just for serving ads but also for ascertaining whether or not they were effective (seeing a McDonald’s ad and visiting the Golden Arches soon after is a powerful signal)
  • Because they are the ISP for your mobile phone (and for many customers, their home as well), Verizon doesn’t need a cookie or device identifier: they can set a “super-cookie” on their servers to track everything you do on the Internet, and that’s exactly what they’ve done

This is why the deal makes so much sense: AOL provides the technology to target individuals instead of content, and Verizon the ability to track those individuals — at least the over 100 million customers they already have — at arguably a deeper level than anyone else in digital advertising (for non-Verizon customers, AOL’s ad platform is still useful, albeit not as targeted; rates would be commensurately lower). The talk of this mashup joining Facebook and Google to form a “Big 3” of digital advertising is not unrealistic.

Jason Karaian (via John Gruber):

With its stock inflated by dot-com mania, AOL was worth $224 billion in today’s money back in 2000, just before it launched an audacious, expensive, and ill-fated bid to combine with Time Warner.

Nothing about AOL today is on the same scale as back then. In a neat bit of symmetry, the $4.4 billion price tag that Verizon is paying to buy the whole of AOL today is the exact same amount as the company’s dial-up subscription revenue in the year 2000.

William Zinsser, RIP

Douglas Martin:

William Zinsser, a writer, editor and teacher whose book “On Writing Well” sold more than 1.5 million copies by employing his own literary craftsmanship to urge clarity, simplicity, brevity and humanity, died on Tuesday at his home in Manhattan. He was 92.


Mr. Zinsser went beyond [Strunk and White’s] admonitions on writerly dos and don’ts; he used his professional experience to immerse readers in the tribulations of authorship, even subconscious ones.

Zinsser’s book is one of my two favorites about writing. I’d recommend On Writing Well for the bigger picture and Style: Toward Clarity and Grace for the more nitty gritty.

Update (2015-05-17): On Writing Well is available at the Internet Archive (via Hacker News).

John Gruber:

I could not recommend that book any more highly. Everyone could benefit from reading it — and, every few years, re-reading it. A classic for the ages.

Wednesday, May 13, 2015

Mac Firmware Passwords

Apple (via Vivian):

Setting a firmware password in OS X prevents your Mac from starting up from any device other than the built in hard drive. Locking your Mac from Find My Mac also sets a firmware password that you’ll then need to enter in order to use your Mac.

If you don’t set a firmware password, someone can boot the Mac into Recovery Mode and reset the password on your main partition. This would allow access to all unencrypted (i.e. non-Keychain) data. However, the firmware password isn’t that secure because Apple can bypass it. Plus, the drive could be physically removed from your Mac and attached to a different Mac. So, if you want to prevent access to your data, it’s better to use FileVault. The firmware password only prevents your Mac from being booted without access to your data, which probably doesn’t matter much.

Maybe, Just, and None in Objective-C

Graham Lee:

OK, if everything succeeds you can use the Maybe result (which will be Just the value) as if it is the value itself.


The other case is that your operation failed, so we need to represent that. We need to know what type of object you don’t have(!), which will be useful because we can then treat the lack of value as if it is an instance of the value. How will this work? In None, the no-value version of a Maybe, we’ll just absorb every message you send.


The NSError-star-star convention lets you compose possibly-failing messages and find out either that it succeeded, or where it went wrong. But it doesn’t encapsulate what would have happened had it gone right, so you can’t just rewind time to where things failed and try again. It is possible to do so, simply by encapsulating the idea that something might work…maybe.

Swift: the Unused Optional Value Problem

Natasha Murashev:

Here is a scenario – you need to do something in your code based on whether an optional value exists or not, but the thing you need to do does not need to actually use the optional value.


This immediately stood out as “wrong” to me. By now, I’m very well trained to unwrap optionals all the time, so having a != nil just feels wrong in Swift. Also, I don’t like the != here – I had to do a double take to realize that this code executes if something is actually there, so to me, it’s also not as readable. Of course, this code works and is completely “correct” for the situation, if that’s what you prefer.

David Owens II:

It just doesn’t feel semantically correct. The optional is not nil, it specifically has a value of None. I’ve never liked this syntax; I’ve talked about it before - thankfully the bool comparison has been lost, but the nil check still sits wrong with me.

Google Hangouts Don’t Use End-to-End Encryption

Lorenzo Franceschi-Bicchierai (via Nick Heer):

Apple has long maintained that conversations over iMessage and FaceTime use end-to-end encryption, meaning “no one but the sender and receiver can see or read them,” as the company said after the PRISM revelations. That claim has turned out to be partly true: normally, Apple can’t read your iMessages, but they can if they really want to.


We asked Google to clarify, or elaborate, on Monday, and a spokesperson confirmed that Hangouts doesn’t use end-to-end encryption. That makes it technically possible for Google to wiretap conversations at the request of law enforcement agents, even when you turn on the “off the record” feature, which actually only prevents the chat conversations from appearing in your history—it doesn’t provide extra encryption or security.

Tuesday, May 12, 2015

Using Atomics to Get Rid of @synchronized

Bruno de Carvalho (tweet, comments):

This post talks about the use of OS low level atomic functions (compare-and-swap, fetch-and-increment) to achieve both wait and lock free, thread-safe concurrent algorithms in your iOS/OSX apps.

It introduces a few classes that abstract away the gory details of some of the atomic functions made available by libkern/OSAtomic.h into conceptually simpler components that use Foundation types.


While I’ve found plenty of use cases for atomic integers and booleans, references are something that I’ve rarely ever needed. I did come across one interesting usage for it recently.


If you’re looking to extract that extra bit of performance, instead of using AtomicInteger or AtomicBoolean go straight for std::atomic<> since objc_msgSend() — calling methods on classes — has a non-neglectable impact. Just make sure that when you do so, your code remains readable and self-explanatory.

BitTorrent Sync vs. Dropbox

Matt Henderson:

Dropbox costs me about $120 per year. To share data with my wife, without having to purchase a second subscription, required installing Dropbox on her Mac, but logged into my Dropbox account. Sharing data with my kids, however, would have required purchasing paid Dropbox accounts for them, as our shared “Family” data exceeds the Dropbox free account level.

For $40 per year, a single BTS license can be used on multiple computers. And if you can get by syncing up to 10 folders, it’s free!


BitTorrent Sync also supports selective sync, but dramatically improves on the Dropbox implementation by allowing you to continue to see the contents of excluded folders locally, and—here’s the killer feature—also allowing you to access that data on demand!

Storing SSDs Without Power

Jared Newman:

A new research presentation shows that solid state drives can lose data over time if they aren’t powered on, especially in warmer environments. A powered-off drive in 104 degrees Fahrenheit may start seeing data loss after a couple of weeks.

The information comes from Seagate’s Alvin Cox, who was part of a presentation to the Joint Electron Device Engineering Council (JEDEC). Though the presentation is a couple of months old, it was recently picked up by ZDNet, Slashdot and other sites.


The statements are actually completely accurate, but a bit misleading. First, this is about what JEDEC requires, not what actual SSDs deliver. Second, this is when SSDs are stored in idle at 55C.


That said, anybody conversant with SSD technology knows that SSDs are unsuitable for offline data storage as data obviously has potentially far shorter lifetimes than on magnetic disks, which in turn again have far shorter data lifetime than archival-grade tape. These is absolutely no surprise here for anybody that bothered to find out what the facts are. Of course, there are always those that expect every storage tech to keep data forever, and those dumb enough to have no or unverified backups and those often on media not suitable for long-term storage.

Mai Zheng et al. (PDF):

In this paper, we propose a new methodology to expose reliability issues in block devices under power faults. Our framework includes specially-designed hardware to inject power faults directly to devices, workloads to stress storage components, and techniques to detect various types of failures. Applying our testing framework, we test fifteen commodity SSDs from five different vendors using more than three thousand fault injection cycles in total. Our experimental results reveal that thirteen out of the fifteen tested SSD devices exhibit surprising failure behaviors under power faults, including bit corruption, shorn writes, unserializable writes, metadata corruption, and total device failure.

Update (2015-05-15): Kristian Vättö:

As always, there is a technical explanation to the data retention scaling. The conductivity of a semiconductor scales with temperature, which is bad news for NAND because when it’s unpowered the electrons are not supposed to move as that would change the charge of the cell. In other words, as the temperature increases, the electrons escape the floating gate faster that ultimately changes the voltage state of the cell and renders data unreadable (i.e. the drive no longer retains data).


All in all, there is absolutely zero reason to worry about SSD data retention in typical client environment. Remember that the figures presented here are for a drive that has already passed its endurance rating, so for new drives the data retention is considerably higher, typically over ten years for MLC NAND based SSDs. If you buy a drive today and stash it away, the drive itself will become totally obsolete quicker than it will lose its data. Besides, given the cost of SSDs, it’s not cost efficient to use them for cold storage anyway, so if you’re looking to archive data I would recommend going with hard drives for cost reasons alone.

Sunday, May 10, 2015

Flickr Update

Tim A. Miller:

Tap into what feels like unlimited storage with our new Uploadr for Mac and Windows. You can finally upload as many as half a million photos that would otherwise be scattered across your laptop, desktop, an external hard drive, iPhoto and more. Then, turn on Auto-Uploadr on your mobile device and free up valuable space on your phone.


View your photos, videos and albums from anywhere - web or mobile - then browse through thousands of photos in seconds, easily navigating your entire catalog by date or by using the dynamic Magic View. Built with our advanced image recognition technology, the new Magic View will identify the content of your photos and organize them across more than 60 categories, such as landscapes, animals, screenshots, panoramas, black and white, symmetrical, and more.


We’ve made the new Flickr consistent across devices and platforms so that you can enjoy the same amazing experience whether you’re looking at a lifetime of images or videos on iPhone, iPad, iPod, Apple TV, Android, or on the web.

Don’t count them out yet.

Update (2015-05-10): Unfortunately, the Flickr Apple TV app doesn’t seem to be able to display albums with more than a few hundred photos.

Update (2015-05-12): adstads:

Starting this morning, in addition to any tags that you add to your photos, you’ll notice that Flickr may also add tags to help make them more discoverable in search. This is thanks to Flickr’s image recognition technology, which recognizes patterns in photos. For instance, when our technology recognizes patterns commonly found in car photos, it will label the image “car” and when it finds patterns commonly found in cat photos, it will label the image “cat.”

You’ll notice that tags added by Flickr will appear in an outlined box to make them visually distinct from the ones you add (which appear in a gray box). As the photo’s owner, you can delete any tags you don’t want or tags that are inaccurate.


We see your feedback and we’re sorry to hear that some of you are frustrated by this update.

(1) As promised above, we will be adding batch editing capabilities. If you want to change or remove lots of tags, this will get easier.

Update (2015-05-26): Matt Henderson:

After uploading some 30,000 images, however, I discovered a huge problem: The Flickr uploader created a new Flickr Album for every single folder of photos I’ve ever created in the above-listed Step 2.

So now, instead of a carefully curated set of perhaps 100 albums at Flickr, I now have over 1,400!


There’s no way to auto-arrange albums alphabetically in Flickr. So I now have albums with names like “1998 Nepal” listed ahead of albums like “2010 Trip to San Francisco”, and the only way to correct this is to manually drag the album around within the “Organizr” interface.

Programming Advice

David Smith (tweet):

Your goals are to reduce the number of things that you have to keep in your head at any given moment, and to rely as little as possible on your own ability to consistently do things right.

Failable Initializers, Revisited

Jesse Squires:

In a previous post, I discussed how Swift’s failable initializers could be problematic. Specifically, I argued that their ease of use could persuade or encourage us to revert to old (bad) Objective-C habits of returning nil from init. Initialization is usually not the right place to fail. We should aim to avoid optionals as much as possible to reduce having to handle this absence of values.


The issues above can be addressed by removing the model’s dependency on JSON (or XML) and creating single-purpose objects for each step of the process: (1) validating the JSON, (2) parsing the JSON, and (3) constructing the model.


The combination of a phantom type and a closure property enable us to construct many unique validators, while maintaining a single generic interface through which validation occurs. In other words, we do not have to create many different concrete validators (or validator subclasses) for many different models. Additionally, in this example you can see how this brings type-safety and readability to the validator. We know that this validator is for MyModel instances.


We have divided the problem into smaller subproblems and addressed each one individually. Even better, we can now unit test each component in isolation.

Under the Hood of Xcode Server

Honza Dvorsky (via Ole Begemann, comments):

As part of building a project called Buildasaur, I had a chance to explore the ins and outs of Xcode Server. Xcode Server is a combination of two of Apple’s apps, OS X Server and Xcode. Together, they can provide a continuous integration server for your repository.


Well, luckily, the engineers in Cupertino are indeed using the same open source tools as we do, like Node.js, Express, Redis and CouchDB, among others. And all of that lives inside of Xcode’s bundle, specifically in /Applications/

This is a goldmine of the source code of all the important parts of Xcode Server, in addition to /Applications/, where the closed source binaries live, e.g. xcscontrol, xcsbuildd, xcsbridge, xcssecurity and others.

Saturday, May 9, 2015

Why Lisp?

Ron Garret:

The reason that Lisp is so cool and powerful is that the intuition that leads people to try to represent code as data is actually correct. It is an incredibly powerful lever. Among other things, it makes writing interpreters and compilers really easy, and so inventing new languages and writing interpreters and compilers for them becomes as much a part of day-to-day Lisp programming as writing parsers is business as usual in the C world. But to make it work you must start with the right syntax for representing code and data, which means you must start with a minimal syntax for representing code and data, because anything else will drown you in a sea of commas, quotes and angle brackets.

Which means you have to start with S-expressions, because they are the minimal syntax for representing hierarchical data. Think about it: to represent hierarchical data you need two syntactic elements: a token separator and a block delimiter. In S expressions, whitespace is the token separator and parens are the block delimiters. That's it. You can't get more minimal than that.

Redesigning Overcast’s Apple Watch App

Marco Arment:

WatchKit load times are inconsistent and problematic.

Every time the interface loads or changes, the Watch and iPhone communicate round-trip over Bluetooth. Whether due to wireless flakiness, 1.0 OS bugs, or (most likely) both, WatchKit is frustratingly unreliable. Apps or glances will sometimes just spin forever instead of loading, and even when everything’s working perfectly, apps still take so long to load and navigate that the watch’s screen often turns off before you’ve accomplished anything.


After using my initial app on a real Apple Watch for just one day, I set out to completely rethink and restructure it.


Trying to match the structure of the iOS app was a mistake. For most types of apps, the Apple Watch today is best thought of not as a platform to port your app to, but a simple remote control or viewport into your iPhone app.

Safari Reading List

Ben Brooks:

There are three major problems with Safari Reading List:

  • It didn’t always save the links that I wanted it to save. So I had no confidence in the system, which lead to constant checking just to see if things were saved.
  • As any Reading List user knows, there are many times when you cannot remove a saved link because ‘Safari Reading List is Syncing’ or some shit like that.
  • Syncing is painfully slow across devices.

Chat Wars

David Auerbach (via Nitesh Dhanjani and Nicolas Seriot):

Our client just ignored it, but the AOL client responded to this gobbledygook with a shorter version of the same gobbledygook. I didn’t know what it was. It was maddening. After staring at it for half a day, I went over to Jonathan, a brilliant server engineer on our team, and asked what he thought. He looked at it for a few minutes and said, “This is code.” As in, actual x86 assembly code. The repeated 90s were what tipped him off: they signify an empty instruction in x86 Assembler.

The pieces then came together. Normally, these protocol messages sent from the server to the client are read and understood as data, not as code. But AOL’s client had a security bug in it, called a buffer overflow. The buffer is a place where a program temporarily stores data while running some operation. However, it’s all too easy in lower-level languages to allow in more input than the buffer can actually accommodate. In this case, very large protocol messages could flood it, overwriting the client code and arbitrarily controlling the functioning of the client program—this is why it’s called a buffer overflow, and it’s a huge security hole, since it gives the server control of the client PC. In the wrong hands, the server can choose to shut down or corrupt or do other terrible things to your computer. AOL knew about this bug in their program and now they were exploiting it! That was what all those double zeros were for—they were just filling up space in the program’s buffer until they hit the end of the AOL client’s buffer and started overwriting executable code with the remainder of the protocol message. AOL was causing the client to look up a particular address in memory and send it back to the server. This was tricky, vastly trickier than anything they’d done so far. It was also a bit outside the realm of fair play: exploiting a security hole in their own client that our client didn’t have!


Someone had the bright idea of telling the press about the buffer overflow, figuring that if people knew that AOL’s client could and in fact was executing whatever a server sent to it, AOL would be forced to patch their client and could no longer use it to determine that Messenger was an impostor.

No iOS Privacy Controls for Accessing Purchase History

Tim Burks:

Maybe you already knew that [MPMediaQuery playlistsQuery] gives arbitrary app developers full visibility of your iTunes purchase history.

For my account that’s at least songs, podcasts, movies, and iBooks.


Friday, May 8, 2015

Redacted for Mac Launch

Mitchel Broussard:

After launching the app earlier this week, the $4.99 Redacted app quickly broke into the top paid app lists on the U.S. Mac App Store. Specifically, by the end of its launch day on May 5, Redacted was eighth in overall paid apps and first in top paid graphics apps. After some friends began questioning him about his expected profit, Soffes realized he hadn’t really even begun to think about the possible profit the photo-obscuring app would rake in for him.

Sam Soffes:

For launch, the price was $4.99. I may play with that some over time. I was originally thinking $2.99 and a bunch of folks on Twitter said $4.99 was better. Anyway, Redacted was #8 top paid in the US and #1 top paid in Graphics at the end of launch day. It was also at the top of Product Hunt with 538 up votes! Wow!


It’s pretty nuts that 59 sales is top paid on the Mac App Store in the US.

Daniel Jalkut:

“Top Paid” is a terrible name for that leaderboard, because it implies being paid more money than … everybody. “Trending Paid” is fairer.

Stephen Hackett:

The Mac App Store has seen a lot of top-tier developers leave over the years, but this number is just pathetic. Clearly consumers aren’t using the Store in any meaningful way either.

The whole thing is a damn shame. Redacted is a great little Mac app, and Soffes clearly can’t make it into a business on its own. I think it may be time for Apple to take a long, hard look at the Mac App Store and either invest in it and woo back developers (and customers) or just shutter the thing.

Todd Ditchendorf:

Some of us are making a nice living as Mac devs, & MAS is an important part of that. Do us a solid & don’t tell  to shut it down

The Mac App Store has problems, but as a marketing vehicle, it’s well worth the 30% revenue share. Indie devs would be worse off without it

Brian Webster:

I would definitely side strongly with the “invest in it” direction over the “shut it down” one.

Dan Counsell:

There’s been a fair amount of talk lately about whether it’s still sustainable to be an indie developer. The short answer is yes, but that doesn’t mean it’s easy. I think most developers will agree it’s now harder than ever to make a living on the App Store.


Redacted got to #8 in the paid charts on launch day, yet it made just $302 after Apples 30%. Judging by the reaction on Twitter a lot of people were shocked by this. Redacted appeared high up in the charts because of the surge in downloads, it’s chart position was not sustained so sales were lower than they should have been.


I don’t think it’s a good idea to rely solely on App Store revenue to run your business. The App Store is amazing, but you don’t want to put all your eggs in one basket. For example, Realmac Software has a number of other revenue streams that help keep the company running. These include ads, subscriptions, crowdfunding, and affiliate schemes.

Redacted seems like a good app, but even with a better Mac App Store I wouldn’t expect it to immediately support an indie business. The takeaways are things that we already knew: Mac App Store sales are lower than people probably assume, and Top Paid is not what it sounds like.

Update (2015-05-08): Gabriel Hauber:

Rather than dampen my enthusiasm for getting my feet wet in publishing apps for the Mac sometime down the track, I am actually energised after reading Sam Soffe’s story and Dan Counsell’s follow-up.


I believe that with a small number of core apps running across both iOS and OS X I, as an indie developer, should be able to do quite well for myself. The market is there, it is just up to me to build the apps and market them.

Brad W. Allen:

I would also add to your post about Redacted, Sam did almost zero marketing.

Update (2015-05-14): Joe Rosensteel:

LOL, they totes didn’t release any update to the store, it’s exactly the same, and we’re having exactly the same conversations. Yaaaay!


Why would an app that focuses on obscuring part of an image reach the very heights of the MAS — in the graphics category, and overall — and be a featured app? Where are the usual, profitable software companies that are prolific in the graphics field, or in any field?


Autodesk isn’t absent from the store either, they just have total garbage in the store. Their high end software, like Adobe and Microsoft, lives elsewhere.

Todd Ditchendorf:

Point of Information: I make only 1/3 of my indie revenue from the MAS. But it drives some direct sales traffic too.

Claris History

Steven Sande:

Poor Claris. The company was a 1987 software spinoff from Apple tasked with developing apps for Mac. At first it took over control of MacWrite, MacPaint, MacDraw and MacProject from the parent company, then started stretching its wings by upgrading the former Apple apps to a “pro series” and purchasing FileMaker from developer Nashoba Systems.


Claris disappeared in 1998 after the core ClarisWorks team defected to form a company to write apps for the ill-fated BeOS and sales of its other products plummeted as the Mac -- and Apple -- nearly faded away. The company was eventually renamed “FileMaker Inc.” and currently offers the FileMaker Pro relational database application for Mac as well as the companion FileMaker Go app for iPhone and iPad.


Clang’s New -Wpartial-availability

Clang (via Matt Stevens):

This warns when using decls that are not available on all deployment targets. For example, a call to

- (void)ppartialMethod __attribute__((availability(macosx,introduced=10.8)));

will warn if -mmacosx-version-min is set to less than 10.8.

To silence the warning, one has to explicitly redeclare the method like so:

@interface Whatever(MountainLionAPI)
- (void)ppartialMethod;

This way, one cannot accidentally call a function that isn't available everywhere. Having to add the redeclaration will hopefully remind the user to add an explicit respondsToSelector: call as well.

I’m not sure why this wasn’t added years ago, when Apple stopped supporting older SDKs, but it’s good to finally have it.

Previously: Deploymate 1.0.

Update (2016-11-11): My strategy is to add -Wpartial-availability to the WARNING_CFLAGS, and then wherever I have a runtime test for the OS version I bracket the code with:

#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wpartial-availability"
// Code that uses partially available APIs.
#pragma clang diagnostic pop

Any warnings that this does not suppress represent code that needs to have a runtime check added. This seems to be more reliable than Deploymate and has the advantage of being checked every time I compile.

Due to problems inside XCTest, it is necessary to not use -Wpartial-availability in test-related code. Now Silently Inserts Affiliate Codes/Cookies

Carolyn Kmet (via Ole Begemann):

In early February, Bitly, the popular URL-shortening service, partnered with affiliate tool Viglink to auto-monetize every shortlink generated by Bitly’s millions of users. To understand the impact of this partnership, consider that Bitly encodes more than 600 million links per month. Those links generate approximately eight billion clicks monthly. Today, every one of those eight billion clicks potentially sets a Viglink affiliate cookie on the end-user’s machine. And every time Viglink earns commission, it shares it with Bitly.


The partnership most certainly interferes with attribution within the affiliate channel. Say a blogger, who is one of your approved affiliates, promotes your brand across her social media channels. To keep her posts short and pithy, the blogger uses Bitly to shorten the affiliate link. Now that Bitly is in partnership with Viglink, if the blogger’s post drives a sale, that sale is attributed to Viglink, not to the blogger.

Thursday, May 7, 2015

iOS 9 Wishes

Federico Viticci:

Seven years into the App Store, I struggle to find a reasonable motivation for not allowing users to set different default apps on iOS. I believe Apple should accept that they can’t make the perfect email client or web browser for all kinds of users, and, just like custom keyboards, they should let users choose their favorite app for a specific set of core tasks. If personalization of a user’s iOS device has truly become a priority at Apple, then it should be extended to activities that users frequently perform on an iPhone or iPad.


Currently, you can’t pin specific iCloud Drive folders to other apps and browse their contents without going through the full iCloud Drive UI. Let’s say I’m a designer and I keep all my assets in Documents and I want to do my work in Pixelmator. I can’t create a Documents folder bookmark in Pixelmator for quick access to my files – I need to tap the iCloud Drive button, browse all app folders, find the Documents one, and load a file. This process, each time, for any file I want.


Currently, if you need to attach a file to a new message, all you can do is bring up the copy & paste menu in the body text and pick a photo or video from your library. That’s convenient and straightforward, but it’s fundamentally useless if you need to send any other document. Sure, you can send files using the Mail extension from third-party apps, but that only works for new messages and it doesn’t let you attach multiple files to the same message. Mail itself needs a file picker.


Like Siri, I believe Spotlight should turn into a universal utility capable of deep interactions with all apps on a user’s device. I want to see Spotlight grow from a simple launcher and search app to a global search tool that can look into any app that offers content I’m looking for.


On the iPhone 6 Plus, the landscape keyboard comes with special buttons to manage text selection and cursor placement, copy & paste, and even formatting. I’d argue that these shortcuts would make more sense on an iPad, which is where most iOS users tend to write long documents and emails that involve text editing. The iPad’s original keyboard was envisioned as a laptop-like, full-size keyboard, but it’s time for some customization, inspired by the 6 Plus.

Twitter Island

Manton Reece:

Justin Williams joked that Brent and I are now the sole inhabitants of “Manton Island”. That’s funny but it’s actually backwards; it’s Twitter that is the island. Everyone is there, though, in an overpopulated mess, so they don’t realize they’re cut off from the rest of the world — the open web, designed 25 years ago as an interconnected system of countless islands.

Customer Service and Security

Dr. Drang:

The automated system asked me to punch in my account number, so I did and was put in the queue to “speak with a representative.” The wait was only a minute or so, and the first thing the representative asked me was my account number. This happens with almost every telephone support system I deal with, so I no longer give the poor rep grief about it, but it still bothers me. This is one of those dumbass pseudo-security features that make a manager somewhere feel like he’s doing something valuable.

Wednesday, May 6, 2015

Problems With Multiple Apps

Ken Case (April 2):

OmniFocus for iPhone was our first iOS (or rather, iPhone OS) app back in 2008. With OmniFocus for iPad in 2010, we added features like Forecast and a dedicated Review mode to take full advantage of the form factor. Both apps have seen major updates since then, and most of their features have spread across the OmniFocus family, but now that Apple has blurred the line between tablet and phone devices with the iPhone 6 Plus it seems like the right time to combine the iPhone and iPad feature sets.


Also, please note that this isn’t a forced upgrade! If you’re not sure you need to move from OmniFocus for iPhone yet, that’s just fine: starting with version 2.5, we’ll be updating the iPhone app in lockstep with the universal app so that they both get improvements at the same time.

Ken Case:

Really sad that OmniFocus 2 for iPhone has so many one-star reviews from customers who aren’t finding the Complete My Bundle option.

Ken Case:

We’ve tried very hard to preserve our customers’ existing investment in OmniFocus for iPhone (and added major new features like landscape).

Ken Case:

We would remove the iPhone-only app from sale, but then those customers wouldn’t be able to Complete My Bundle anymore. Or get free updates.

Ken Case:

No plans to remove old app from sale, since we don’t want to orphan customers still using it. Just want to discourage new sales.

Ken Case:

When we’ve posted updates to removed apps, customers didn’t get them unless they deleted and reinstalled.

Beyond Open Source

Drew Crawford:

Rather, this is an essay about what, as a practical matter, open source can and cannot do. The study of where the rubber meets the road, effectively. There are features and patches and entire open source projects that cannot exist, structurally, under our current system. The ingredients aren’t right. The incentives aren’t right. Let’s poke at that.


The Type 3 “institutional investment” is obviously strategic; you invest in an open source project for strategic reasons. It’s hard to imagine now, but in Apple’s case, they were down for the count; they were a major OS vendor without their own web browser, with no ability to influence the future of the web. 15 years later they now control the most important browser technology in the world. By uniting all the second-place players onto one team, they were able to defeat the leading player. But an open web was always a collateral benefit of their strategy.


Docker, however, is wise to the plan. Since they control the underlying open source project, they think they are better positioned, from a brand and strategy perspective, to grow into CoreOS’s space, than CoreOS is positioned to keep it. The result is that issues with hundreds of comments remain open for years because they’re not strategically compatible with Docker’s vision of being a 1-click end-to-end VM management system. Docker doesn’t want to be just a VM killer. They want to be a VM killer plus swallow up a lot of the market for value-added platforms and services.


The battle over stuff as mundane as what command-line arguments are accepted for the software are part of some larger war that enterprises are waging using OSS contributions as a proxy.

Michael Larabel (via Slashdot):

Richard Stallman has come out against support for basic LLVM debugger (LLDB) support within Emacs’ Gud.el as he equates it to an attack on GNU packages.

Chris Lattner (in 2005):

The patch I’m working on is GPL licensed and copyright will be assigned to the FSF under the standard Apple copyright assignment. Initially, I intend to link the LLVM libraries in from the existing LLVM distribution, mainly to simplify my work. This code is licensed under a BSD-like license [8], and LLVM itself will not initially be assigned to the FSF. If people are seriously in favor of LLVM being a long-term part of GCC, I personally believe that the LLVM community would agree to assign the copyright of LLVM itself to the FSF and we can work through these details.

David Kastrup:

Why would people be interested in a fork whose primary purpose would be to make the compiler less modular and stop it from interoperating with modules they might want to write?

Because non-modularity is exactly what GCC is supposed to provide in order not to create module boundaries where the reach of the GPL ends.


[Lattner] did all of the integration work and offered completed patches. These patches were rejected. Partly because bootstrapping from C++ was undesired (GCC now bootstraps from C++), partly because the modularity was undesired in GCC.

Modularity is the main point of LLVM. Chopping it away in order to slap on a GPL that actually stings is pretty much the same as ritual suicide.

Richard Stallman:

I am stunned to see that we had this offer. Now, based on hindsight, I wish we had accepted it.

Richard Stallman:

The license of LLVM is free. We can use that code if we want to.

The problem that LLVM causes for the GNU Project is that, when used, it replaces GCC with a non-copylefted program.

Richard Stallman:

It is good for the parts of GCC to be modular. And it is fine for these modules to be able to link with other programs, too.

What I am worried about is for these modules to be used with nonfree programs by NOT linking them together. That that would lead to proprietary use which ultimately is bad for users’ freedom.

I prioritize users’ freedom above technical merit, and that’s why I wrote GCC. If not for that, I wouldn’t have had to write a C compiler at all -- I could have used one of the proprietary ones.

Richard Stallman:

[GCC] has aided users’ freedom tremendously by leading many companies to release free compilers for their hardware. LLVM has cut off our ability to do that, and that will be a big loss to users’ freedom.

Whatever advantages LLVM may have, they don’t compensate for this big harm.

Richard Stallman:

It’s very simple. Anything that relates to LLVM is a strategic issue, so maintainers should talk with me privately about what to do.

Richard Stallman:

Installing that change would be favorable for Emacs, probably just a little. It would probably be bad for GDB, but I have no idea how much. […] We should do what is best for the GNU system’s goal of giving the users freedom. This means considering what is good for Emacs and what is good for GDB, to make a decision. Then the whole GNU Project should do what is best. That is the responsibility of each GNU package maintainer.

discoveryd Is Still Buggy

Craig Hockenberry (tweet):

I started reporting these issues early in the Yosemite beta release and provided tons of documentation to Apple engineering. It was frustrating to have a Mac that lost its network connection every few days because the network interfaces were disabled while waking from sleep (and there was no way to disable this new “feature”.)

Regardless of the many issues people were reporting with discoveryd, Apple went ahead and released it anyway. As a result, this piece of software is responsible for a large portion of the thousand cuts. Personally, I’ve wasted many hours just trying to keep my devices talking to each other. Macs that used to go months between restarts were being rebooted weekly. The situation is so bad that I actually feel good when I can just kill discoveryd and toggle the network interface to get back to work.


[This] code is all over the place. It’s in use by iOS, OS X and presumably whatever is running on the Apple Watch. As such, any one of those devices can poison Bonjour for everything else on your network.


You also can’t rely on software updates to fix everything: I have both an Airport Express and Apple TV that are no longer receiving fixes. Having to buy new hardware because of crappy software adds insult to injury.

Marco Arment (tweet):

Yosemite is now 6 months old, these bugs still aren’t fixed, and it feels like they probably won’t be fixed anytime soon. Yosemite is probably in minimal-maintenance mode as primary resources have likely moved on to headlining features for 10.11. This is what’s so frustrating about today’s Apple: if a bug persists past the early beta stages of its introduction, it rarely ever gets fixed. They’re too busy working on the new to fix the old.

Russ Bishop:

I used to be proud to show off what the Apple ecosystem could do, throwing photos and videos to my AppleTV. Dragging and dropping files between computers with zero configuration. Friends and family were always amazed that it just worked. Now it’s just an embarrassment.

Nick Heer:

I haven’t had any networking issues since 10.10.3, and I know that update fixed WiFi bugs for a lot of people that I know. But this is still happening for an alarming number of people. In an era where Apple is rapidly pushing for a cable-free experience, this is, frankly, unacceptable.

Marcus Müller (via Nat!):

While I’m still using Apple’s OSX 10.9.x as my workstation OS of choice, this is mostly due to the fact that it’s (still) better suited for my needs than the alternatives. I didn’t upgrade to OSX 10.10, however. OSX 10.10 IMO looks horrible and doesn’t offer anything I’d really need or want as a user, but instead breaks compatibility with hardware I own and use everyday.

Previously: Why DNS in OS X 10.10 Is Broken, Apple’s Software Quality, Continued.

Tuesday, May 5, 2015


Soroush Khanlou:

This move from method to object is sometimes awkward, since we’re translating from a verb to a noun. It’s necessary, though. This technique is a great one to hide complexity, and it can reveal abstractions that weren’t apparent before.


We can keep extracting like this until we’re satisfied. The class gets continually flattened and methods get continually shortened until it’s sufficiently elegant. Any method inside here that’s still too long and complex is subject to the same treatment of being hoisted from a method to a bona fide object.

Integer Overflow Bug in Boeing 787

Edgar Alvarez (comments):

“A Model 787 airplane that has been powered continuously for 248 days can lose all alternating current electrical power due to the generator control units simultaneously going into failsafe mode,” the FAA said in a statement warning of the flaw. “We are issuing this AD to prevent loss of all AC electrical power, which could result in loss of control of the airplane.” Boeing, for its part, is aware of the problem and has reset the power on 787 Dreamliners currently in service.

Matt McGuire:

It all has to do with Integer math overflow. It could potentially happen on any hardware/software platform. It’s usually a call to something like GetElaspedTime() that will return the amount of milliseconds since the device powered on. If it returns a 32 bit integer (most embedded processors) the maximum is 248 days and some change.

Monday, May 4, 2015

Ex-Microsoft Designer Explains the Move Away From Metro

Paul Thurrott:

Windows Phone fans pining for the days of Metro panoramas and integrated experiences have had a tough couple of years, with Microsoft steadily removing many of the platform’s user experience differentiators. But as I’ve argued, there’s reason behind this madness. And now an ex-Microsoft design lead who actually worked on Windows Phone has gone public and agreed with this assessment. You may have loved Windows Phone and Metro, but it had to change.


Now, you can see a more internal view of what happened. And you can read the entire discussion—and some occasionally silly responses to it—in a Reddit AMA called I designed the new version of Office for Windows Phone, AMA.


You don’t use the hamburger very often … You have to design for the 80% case, no matter how much that annoys the other (vocal) 20% :) … Here’s the distinction. Holding with your right hand in the average way makes it super easy to tap the bottom left but actually a bit of a context switch to hit the bottom right. So you put super common things on the bottom left, and important but less common things on the bottom right … Reach isn’t actually the biggest problem though. The issue is ‘why the hell is your app so complicated you need a junk drawer to stuff everything into?’ That’s why Apple doesn’t like it, and I agree. But you try designing Office for Mobile, supporting every feature, without a junk drawer :) It’s hard!”


“The interaction patterns in Android and iOS are better designed (at least compared to [Windows Phone] 7). Get into the labs and watch people use all three platforms. There’s data here that not everyone is privy to, but that doesn’t make it less true. There are some real weaknesses in the old Metro patterns … Maybe iOS and Android forced everyone to two handed use with shitty design … [But] big screens exploded in popularity. You’re going two handed.”

App Business Tips

Dan Counsell:

Listen carefully to your customers, pick out the feature requests that keep coming up and implement those. Don’t spend all your time building fancy features no one has requested.


Consistency is the key here, keep delivering timely updates. Somewhere between every 3-6 weeks is perfect. It can be hard to keep this up constantly, especially for smaller teams or those working on multiple products. Even if you don’t achieve it, having this goal gives you something to aim for. If you do manage to update anywhere near as often as I suggest, your users will love you for it. In turn they’ll talk about your app more, and those regular updates you keep pushing out will translate into an increase in revenue each month.


More widely known as App Store Optimisation. I always feel slightly dirty even mentioning this phrase, but ASO works - it’s not a magic bullet, but it does help.


There are plenty of services out there that offer translations. Over the years, I’ve used two different companies and have been very happy with both. If you’re looking for a personal service go with Applingua, for something more automated use OneSky.

Dan Counsell:

Realmac is still guilty of having different product lines that don’t benefit the same type of customer. I’m slowly changing things so all of our products fall into one major category. This change will take some time, it’s not going to happen overnight but we’ll get there. I just wish I’d figured it out earlier.


In the first few years of hiring people I honestly never once thought that these people might one day leave. It just never crossed my mind. […] I got over it, you have too. The business adapted and changed, and things worked out. When someone decides to leave a business, it’s a waste of time trying to convince them to stay. They’ve made up their mind and if they stay they’ll end up being unhappy and resent you and the business.

Saturday, May 2, 2015

Video Interview With Mark Alldritt

Ray Robertson (via Brent Simmons):

“Why on earth would anyone want to script a drawing program?” I’ll admit that was my first thought when years ago I heard about a plug-in to add AppleScript support to Adobe Illustrator. I could understand how scripting support was essential for page layout programs. But Illustrator was a program for creating art, involving many design decisions that only a graphic artist could make.

I wasn’t alone in that thinking. In this interview, Mark Alldritt of Late Night Software recounts the story behind adding scripting support to Illustrator and getting people interested[…]


Most of my Illustrator projects have been developed under non-disclosure agreements since my clients consider Illustrator scripting to be such an important competitive advantage.


Besides the money, work on the plug-in led Mark to develop the basis of one of Script Debugger’s best features: The Dictionary Explorer. Because he was “too lazy” to write scripts to test all functions, he needed a live way to look at an AppleScript dictionary.

Friday, May 1, 2015

Moving Averages and the iPad

Dr. Drang:

I think this way of presenting the data makes the iPad’s situation much clearer. Sales are not “flattening”, nor are they “flat.” They were flat in 2013, but now they’re going down, and they have been for a year. What’s most interesting to me is how the upward trend, still very strong in 2012, just stopped dead in 2013. This is something you can’t see—or at least I can’t see it—in the graphs of raw data.


The sales decline can’t be explained by cannibalization from the iPhone. The problem with the iPad started when iPhone sales were one of its slowest growth periods.


The real questions are when will iPad sales level off again—this time coming down from above instead of up from below—and what are Apple’s plans to reverse the trend. There’s no reason to get hysterical and start thinking the iPad will turn into the iPod, but iPad sales have been in this state for two years, and there are no outward signs of any change from Cupertino. I do wonder if the iPad has been starved of attention because of the iPhone (which must be tended to because it’s 70% of revenue) and the march to bring out the Apple Watch.

Spicing up Xcode

Zev Eisenberg (via Hoà V. DINH):

But remember, I wanted the xib. I could press the down arrow key twice, or use the mouse to double click the third result, but there’s an easier way. Since the file extension is taken into account in this dialog box, I can just add an additional “x” to my search in order to highlight the correct file, and then press Return to open it.


Most menus in Xcode are fully searchable. Just start typing, and a search field will appear, filtering the menu down by the characters you’ve typed. And the best part is that searchable menus employ the same fuzzy matching as the Open Quickly dialog.


I feel like I can sometimes get a “back” navigation action to go back to where I was editing, but I just tried and couldn’t get it to work. Here’s what I do as a workaround: if I’m somewhere in a file and I know I need to jump to the top for an import, I write some garbage or leave a line unfinished, so that I get an inline compiler error. After I make my edit at the top of the file, I use ⌘’ (Command-apostrophe) to Jump to Next Issue, which brings me back to the line of code that I broke.


You can also use ^@ to set a mark and then ^X^X to go back to it when needed (only moves cursor, cmd-shift-L to scroll to cursor).

Still a far cry from BBEdit’s Jump Points feature, and you have to Jump to Selection afterwards, but it does work.


Ken Ferry:

pass -NSShowUnalignedViews YES to get colored drawing around non-px-integral views

LLVM’s New libFuzzer

Kostya Serebryany:

Fuzzing (or fuzz testing) is becoming increasingly popular. Fuzzing Clang and fuzzing with Clang is not new: Clang-based AddressSanitizer has been used for fuzz-testing the Chrome browser for several years and Clang itself has been extensively fuzzed using csmithand, more recently, using AFL. Now we’ve closed the loop and started to fuzz parts of LLVM (including Clang) using LLVM itself.

LibFuzzer, recently added to the LLVM tree, is a library for in-process fuzzing that uses Sanitizer Coverage instrumentation to guide test generation. With LibFuzzer one can implement a guided fuzzer for some library by writing one simple function:

extern "C" void TestOneInput(const uint8_t *Data, size_t Size);

Update (2015-05-02): Mike Ash:

With computer security high on everyone’s minds these days, tools that help assess and improve the security of our code are extremely useful. Today I’m going to talk about one such tool, afl-fuzz, which has seen a lot of attention lately and produces some interesting results. I’ll discuss how it works and how to use it on your own code.

Update (2015-05-04): John Regehr:

American fuzzy lop is a polished and effective fuzzing tool. It has found tons of bugs and there are any number of blog posts talking about that. Here we’re going to take a quick look at what it isn’t good at. For example, here’s a program that’s trivial to crash by hand, that afl-fuzz isn’t likely to crash in an amount of time you’re prepared to wait[…]