Archive for June 12, 2017

Monday, June 12, 2017

AppleCare+ Comes to the Mac

Andrew Cunningham:

For the last few years, the “AppleCare” plans that have protected the Mac have differed from the “AppleCare+” plans for iPhones and iPads in a couple of ways. Standard AppleCare boosted Mac warranties from one to three years, while AppleCare+ only extended warranties from one to two years but also included up to two flat-rate repairs for accidental damage (the price varies by device and by damage type, but typically doesn’t exceed $99). AppleCare could also be purchased and added to your Mac as long as it was within its one-year standard warranty period, while AppleCare+ could only be purchased within the first 60 days of ownership.

Now, there’s also a version of AppleCare+ for the Mac that brings both good and bad changes. On the good side, you still get three years of coverage, and you now get accidental damage coverage, too (a $99 flat fee covers “screen or external enclosure damage,” while $299 takes care of “other damage”). On the bad side, you now have to decide if you want the extra coverage within 60 days of your purchase.

Safari’s Intelligent Tracking Prevention

Natasha Lomas (via Hacker News):

The feature will use machine learning technology to power tracker blocking in a bid to outwit the digital stalkers, according to Federighi.

“Safari uses machine learning to identify trackers, segregate the cross-site scripting data, put it away so now your privacy — your browsing history — is your own,” he explained.

“It’s not about blocking ads, the web behaves as it always did, but your privacy is protected,” he added.

John Wilander:

A machine learning model is used to classify which top privately-controlled domains have the ability to track the user cross-site, based on the collected statistics. Out of the various statistics collected, three vectors turned out to have strong signal for classification based on current tracking practices: subresource under number of unique domains, sub frame under number of unique domains, and number of unique domains redirected to. All data collection and classification happens on-device.


If the user has not interacted with in the last 30 days, website data and cookies are immediately purged and continue to be purged if new data is added.

However, if the user interacts with as the top domain, often referred to as a first-party domain, Intelligent Tracking Prevention considers it a signal that the user is interested in the website and temporarily adjusts its behavior as depicted in this timeline[…]


If you run a single sign-on system with a centralized session, the user needs to interact with the domain that controls the session. Otherwise you run the risk of Intelligent Tracking Prevention treating your session controller domain as a tracker.

Update (2017-06-28): See also: Hacker News.

Update (2018-04-17): John Wilander:

The biggest update to ITP so far is the introduction of the Storage Access API which provides a mechanism for embedded third-party content to get out of cookie partitioning through user interaction. In addition to the Storage Access API, ITP 1.1 includes two behavior changes described below.

Amazon Cloud Drive No Longer Unlimited

Amazon (Hacker News):

Amazon is now providing options for customers to choose the storage plan that is right for them. Amazon will no longer offer an unlimited storage plan. Instead, we’ll offer annual storage plans of 100 GB for $11.99 and 1 TB for $59.99, up to 30 TB for an additional $59.99 per TB.


When your paid storage subscription expires, your account will be considered in an over-quota status if your content stored is greater than the free storage quota on your account. If your account is in an over-quota status, you will not be able to upload additional files, and can only view, download, and delete content.

You have a 180-day grace period to either delete content to bring your total content within the free quota, or to sign up for a paid storage plan. After 180 days in an over-quota status, content will be deleted (starting with the most recent uploads first) until your account is no longer over quota.

I guess it was too good to be true.

Backchannel Is Moving to Wired

Jessi Hempel:

The short answer is that we love the platform and the thoughtful community that has coalesced around our publication because of Medium. But in the time since Backchannel launched, Medium has shifted its business strategy, and it’s no longer as focused on helping publications like ours profit. To bring you the tech reporting that matters most, we must fund it. Under new editor Nick Thompson, Wired is committed to figuring out how to make a robust business off of thoughtful, meaty journalism. We share this vision and believe that by bringing our publications even closer together, we’ll be doubling down on Backchannel’s original mission.

Previously: Renewing Medium’s Focus.

Update (2017-06-13): See also: John Gruber.

Update (2017-06-20): John Gruber:

I don’t expect to break through to the SEO shitheads running the asylums at most of these publications, but Medium is supposed to be good. When people click a URL and see that it’s a Medium site, their reaction should be “Oh, good, a Medium site — this will be nice to read.” Right now it’s gotten to the point where when people realize an article is on Medium, they think, “Oh, crap, it’s on Medium.”

Update (2017-06-28): John Gruber:

If you hate dickbars like I do, you should install this bookmarklet.

In-App Purchase Scams in the App Store

Johnny Lin (Hacker News, MacRumors):

I scrolled down the list in the Productivity category and saw apps from well-known companies like Dropbox, Evernote, and Microsoft. That was to be expected. But what’s this? The #10 Top Grossing Productivity app (as of June 7th, 2017) was an app called “Mobile protection :Clean & Security VPN”.


Buried on the third line in a paragraph of text in small font, iOS casually tells me that laying my finger on the home button means I agree to start a $100 subscription. And not only that, but it’s $100 PER WEEK? I was one Touch ID away from a $400 A MONTH subscription to reroute all my internet traffic to a scammer?


Later, I dug deeper to find that unfortunately, these aren’t isolated incidents — they’re fairly common in the app store’s top grossing lists. And this isn’t just happening with security related keywords. It seems like scammers are bidding on many other keywords.

John Gruber:

There should be no “virus and malware” scanners in the App Store. None. iOS does not need anti-virus software. The App Store sandboxing rules mean that anti-virus software couldn’t really do anything useful anyway. And by allowing them to be listed on the store, it creates the false impression that Apple thinks you might need anti-virus software.

But do-nothing anti-virus utilities that are scamming people into $100/week subscriptions? That’s downright criminal.


Given how many legitimate developers are still having problems getting their apps approved due to seemingly capricious App Store reviewer decisions, it’s doubly outrageous that these apps have made their way onto the store in the first place. These are the exact sort of apps that the App Store review process should be primarily looking to block.

The scams wouldn’t be possible on this scale without App Store search ads.

See also: Vienna, Icon Factory, PCalc.