Archive for November 27, 2017

Monday, November 27, 2017 [Tweets] [Favorites]

Strings in Swift 4

Ole Begemann:

Encountering a function that only accepts a Substring when you want to pass a String is less common — most functions should either take a String or any StringProtocol-conforming type. But if you do need to pass a String, the quickest way is to subscript the string with the range operator ... without specifying any bounds[…]

[…]

You may be tempted to take full advantage of the existence of StringProtocol and convert all your APIs to take StringProtocol instances rather than plain Strings. But the advice of the Swift team is not to do that[…]

[…]

Keep in mind, though, that as of Swift 4, StringProtocol is not yet intended as a conformance target for your own custom string types. The documentation explicitly warns against it[…]

The Mystery of the Phantom App Updates

Jeff Johnson:

Starting on November 17, many iOS and tvOS apps that had not been updated for a year or two years suddenly received phantom updates in the App Store, without any action by the developers of those apps. The version numbers of the apps did not change. For some of the updates, the release notes were the same as the previous update. For others, the release notes said, “This update is signed with Apple’s latest signing certificate. No new features are included.”

[…]

It’s conceivable that recompiling the Bitcode would result in the same assembly size as before, but in my opinion that’s unlikely. It’s even more unlikely that this would result in some kind of significant runtime performance gain, which would be the only good reason I can think of for shipping a new Bitcode compile, absent a new processor architecture. Most likely, the matching __text sizes indicate that the same machine instructions as before were simply encrypted with a new key.

Mystery unsolved. Mission unaccomplished. I’m still quite puzzled why Apple shipped all of these phantom app updates.

Update (2017-11-27): Timo Hetzel:

My tvOS app got the certificate update note, as it doesn’t have a previous update and lacks any release notes. That’s my guess.

The Cost of JavaScript

Addy Osmani (via Hacker News):

On the high-end iPhone 8 it takes just ~4s to parse/compile CNN’s JS compared to ~13s for an average phone (Moto G4). This can significantly impact how quickly a user can fully interact with this site.

“Just?”

Using HTTP Archive (top ~500K sites) to analyze the state of JavaScript on mobile, we can see that 50% of sites take over 14 seconds to get interactive. These sites spend up to 4 seconds just parsing & compiling JS.

20 Years of Adobe Photoshop

Sue Chastain (via Hacker News):

On February 19, 2010, Adobe Photoshop turned 20 years old. Take a look at the evolution of Photoshop over its first 20 years with this image gallery. Browse product packaging, splash screens, and screen shots while learning about the history of Photoshop and its features.

Previously: Congratulations.

Uber Customer Data Breach and Cover-up

Eric Newcomer (via MacRumors):

Hackers stole the personal data of 57 million customers and drivers from Uber Technologies Inc., a massive breach that the company concealed for more than a year. This week, the ride-hailing firm ousted its chief security officer and one of his deputies for their roles in keeping the hack under wraps, which included a $100,000 payment to the attackers.

Compromised data from the October 2016 attack included names, email addresses and phone numbers of 50 million Uber riders around the world, the company told Bloomberg on Tuesday. The personal information of about 7 million drivers was accessed as well, including some 600,000 U.S. driver’s license numbers. No Social Security numbers, credit card information, trip location details or other data were taken, Uber said.

[…]

Two attackers accessed a private GitHub coding site used by Uber software engineers and then used login credentials they obtained there to access data stored on an Amazon Web Services account that handled computing tasks for the company. From there, the hackers discovered an archive of rider and driver information.

Previously: Yahoo Says Hackers Stole Data on 500 Million Users in 2014.