Thursday, May 28, 2015

TextExpander 5 and Notification Center Privacy

TextExpander 5 looks like a good upgrade to what has belatedly become an essential app for me. I like the new preview pane, and the JavaScript support looks interesting. JavaScript doesn’t particularly interest me on the Mac because TextExpander has long supported AppleScript; the news here is that JavaScript snippets also work on iOS.

The coolest feature is that TextExpander can now suggest snippets based on “phrases you habitually type”:

TextExpander can suggest new snippets based on what you type. After you have typed the same group of characters, letters or words enough times, it will suggest you create a snippet. All the snippet suggestions are collected in a Suggested Snippets group where they remain without abbreviations. You may choose to ignore them, add an abbreviation to complete them, or delete them.

There are obvious privacy concerns here. TextExpander has always observed what you type, but it has not actually saved it to disk. Back in the day, I lauded SpellCatcher’s Ghostwriter key logging feature because it helped me to restore lost text. These days, file corruption and crashes are less common, and privacy is more of an issue, so I doubt that I would use such a feature. TextExpander has a careful design that doesn’t depend on logging your typing to disk, or even storing it in RAM:

TextExpander observes your keystrokes, as well as the contents of the pasteboard, or, what you copy then paste using ⌘V. TextExpander will track how many times you repeat the same group of characters and create a new suggestion after a certain amount of repetition. However, it does not save the tracking of what you type so the tracking is lost with each TextExpander restart. Therefore, frequent restarting of TextExpander won't result in many suggestions. None of what you type is saved by TextExpander except for the snippets listed in the Suggested snippets group “Tracking” does not mean TextExpander keeps a list of the actual characters you type. Instead, it keeps an encoded record (called a “hash”) of that group of characters that cannot be deciphered, similar to the way a password is securely stored so that no one reading it knows what it is. You might type “yourpetsname” but what TextExpander sees and records is “1739405847385.”

That minor tradeoff for more privacy seems like a good one.

There is a slight catch, though. When TextExpander makes a suggestion, it posts it to Notification Center. The system stores a database of notifications, so any repeated phrases that TextExpander notices will end up persisted to disk. This happens even if you’ve chosen not to display the notifications in Notification Center. As far as I know, there is no way for applications to opt out of this persistence.

(Along similar lines, the system has another database that tracks the files you’ve downloaded.)

Until my curiosity was piqued by TextExpander, I had not been aware of this or seen anyone talk about it. Now I’m wondering whether it should be a concern for other apps, too. For example, EagleFiler posts notifications to let you know when an import has completed. If you’re importing into an encrypted library, you might not want a cleartext record of the names of the files that you’ve imported. Should TextExpander use its own private notification system instead of Notification Center? Should EagleFiler not post notifications for encrypted libraries? I’m not sure what the answers are. There are many benefits to using Notification Center, but it isn’t as configurable as I would like.

Update (2015-05-28): Another cool feature is that TextExpander can tell me (via Notification Center) when I already have an abbreviation set up but have forgotten to use it.

Update (2015-06-02): Brett Terpstra:

Nested snippets work quite well, so you can create snippets containing JavaScript libraries and include them in other snippets. Just give them long names that you’ll never type, and then reference them using the %snippet:longJSLibrarySnippetName% format at the top of your JavaScript snippet. I had the best results when setting the snippet type of included snippets to “Plain Text.”

Update (2015-07-22): TextExpander 5.1 “adds new notification preference for snippet suggestions.”

1 Comment RSS · Twitter

[…] However, you may still want your own preference for privacy. […]

Leave a Comment