Archive for February 5, 2018

Monday, February 5, 2018

How CloudKit Works

Apple (PDF, via Russ Bishop):

CloudKit is Apple’s cloud backend service and application development framework that provides strongly-consistent storage for structured data and makes it easy to synchronize data across user devices or share it among multiple users. Launched more than 3 years ago, CloudKit forms the foundation for more than 50 Apple apps, including many of our most important and popular applications such as Photos, iCloud Drive, Notes, Keynote, and News, as well as many third-party apps. To deliver this at large scale, CloudKit explicitly leverages multi-tenancy at the application level as well as at the user level to guide efficient data placement and distribution. By using CloudKit application developers are free to focus on delivering the application front-end and logic while relying on CloudKit for scale, consistency, durability and security. CloudKit manages petabytes of data and handles hundreds of millions of users around the world on a daily basis.

Russ Bishop:

Fun fact: development logs across CloudKit are on the order of 100TiB per day.

See also: Dynamo: Amazon’s Highly Available Key-value Store.

The Apple Music and HomePod Strategy

Joe Rossignol (Hacker News):

Apple Music now has 36 million paying subscribers around the world, an increase from well over 30 million reported last September.

Apple confirmed the updated total to The Wall Street Journal, which today reported that Apple Music is growing at a faster pace than Spotify in the United States, and could soon eclipse the service in popularity in the country.

Kirk McElhearn:

Also note that Apple Music is available in many more countries than Spotify. Spotify has a presence in 62 countries, and Apple Music is present in 117 countries, notably including India and China, where Spotify is absent.

Ben Thompson:

What HomePod shows, though, is that Apple Music is part of the strategy story. Remember, strategically speaking, the point of services is to differentiate hardware. To that end, HomePod is not exclusive to Apple devices to prop up Apple Music; rather, Apple Music is exclusive to HomePod to sell speakers. Most commentary has assumed that:

  1. Customer wants HomePod
  2. Therefore, customer subscribe to Apple Music
  3. Apple profits

Again, this doesn’t make sense because Apple Music isn’t profitable!

Instead, I think the order goes like this:

  1. Customer owns an iPhone
  2. Customer subscribes to Apple Music because it is installed by default on their iPhone
  3. As an Apple Music subscriber, customer only has one choice in smart speakers: HomePod (and to make the decision to spend more money palatable, Apple pushes sound quality), from which Apple makes a profit

If the goal is to sell speakers, why does HomePod lack an aux input and support for Bluetooth audio? You can’t use it from Android even if you subscribe to Apple Music there. You can’t even reliably play audio from third-party iOS apps.

Previously: HomePod to Arrive February 9.

Update (2018-02-05): Nick Heer:

More than anything, I think Simon falls into the same trap many others do: Apple isn’t setting out to build the biggest user base, but a large paying user base. A free trial accomplished that goal; a free tier does not.

Update (2018-02-06): Third-party app support may get better when AirPlay 2 is released and apps are rewritten to use it.

Update (2018-03-02): See also: Exponent.

Sandbox Limitation on Number of Files That Can Be Opened

Matteo Rattotti:

After loading a seemingly magic random number (around 3000/3200) of images the Sandbox will stop loading any more images. Any other operation that tries to load files from outside the container will fail.

The NSOpenPanel behave in a different way, it just won’t return more than the “magic random number” of images, and after that any attempt to use it will return zero files.

If the files are loaded from inside the container, they will all load as expected, but after reaching the “magic random number” files from outside the container can’t be loaded anymore.

I don’t think I’ve blogged about this before, but I’ve heard many reports of it, and as far as I’m aware it’s a longstanding issue that dates to the introduction of the entitlement in macOS 10.7.3. Note that this is not about the number of files that can be open simultaneously. The undocumented limit applies even if you close your file descriptors.

A related issue is that I’ve been using OmniOutliner a lot more recently, and after a while it will complain that it doesn’t have permission to save my document. Indeed, it doesn’t think the file even exists. I can neither save nor close the document without force quitting. The Console log makes it look like this is related to security-scoped bookmarks, which are used to access files that are saved in the Documents folder rather than in the application’s container. The problem dates to at least 2014 and also affects OmniPlan and Numbers, adding to the likelihood that the bug is in the OS rather than apps. None of the workarounds described in the preceding forum links worked for me.

Update (2018-02-05): Peter Steinberger:

Security scoped URLs have many gotchas.

Update (2018-02-13): I also ran into a problem where Downcast couldn’t access any of the files in its sandbox container because of problems with security-scoped bookmarks. I had to delete everything and reset it.

Update (2021-08-04): Sindre Sorhus (via Christian Tietze):

It’s just ridiculous how they could leave this broken for so many years. I have gotten many 1 star reviews because of this issue. I even have an alert in the app to inform the user about it. (Half the number of files, since it’s both open and save)

Update (2021-08-10): Michael Buckley (Hacker News):

There has recently been some renewed discussion on Twitter about the limitation that the macOS sandbox places on the number of open files an app can access at once. Apps are still running into problems because of this limitation, and there is not a lot of technical detail available on it outside of Apple, so I’d like to share my understanding of it.

macOS only allows sandboxed apps to access a limited number of files at a time, but there is no way for an app to query how many files it can open, or if it’s close to the limit. In fact, this limit is dependent on the amount of RAM installed in the computer and the number of files open by other apps.

I’ve heard others say that it’s not an “at a time” limit, but rather a total limit for the lifetime of the process, despite what the documentation for NSURL.stopAccessingSecurityScopedResource() says.

The engineer stayed late to help me file radars on the issue for both the security team and the fonts team, but cautioned that the underlying problem would probably not get fixed any time soon. It would be up to app developers and other teams within Apple to work around the problems the limitation created. It was foundational to how the macOS app sandbox was designed, and could only be fixed if they found a safe and performant way to store this mapping in userspace, which was unlikely. Apple was not going to throw out the sandbox or compromise its security to remove this limitation. Considering that it remains a problem to this day, he was right.


Considering that this limitation still affects high-profile apps like Microsoft Office, I don’t think Apple is unmotivated to fix this, but considering how long it has remained a problem, until Apple announces otherwise, we can’t assume it’s going away any time soon.


There are two ways to deal with the issue. The first is to relinquish security-scoped bookmarks as quickly as possible, and the second is to prompt users to open folders, not files.

If you go the folder route:

However, you may need to limit yourself to APIs that access those files using string paths, rather than NSURLs.

Gus Mueller:

This is the primary reason Retrobatch isn’t sandboxed (and thus, not on the App Store). I’ve considered just dealing with the likely support emails (and suggesting folks give it full disk access, or only add folder), but I just can’t bring myself to do it. What a pain this bug has been for years.

The Experts Have Taken Over

The Menu Bar (tweet, Zac Cichy):

Bob Burrough drops by the bar to discuss his history as a software engineer, the seven years he spent at Apple, his reasons for leaving, and we ponder why we care so much about this company.

I really enjoyed this episode. Burrough has some good stories about the creation of iPhone. The title refers to how he thinks Apple has changed since those days, particularly after Tim Cook became CEO.

Ryan Jones:

Cool episode Bob. Just wanted to drop by and say that my experiences with product feature timing was different. You suggested all decisions were made years in advance. I know for a fact it’s not that black and white, and had experiences with shorter fuse decisions.

Just goes to show how both can be true. And that Apple does what it takes to ship the right product.

Also how there can be such external debate - because both are true.

Renaud Lienhart:

I can corroborate @bob_burrough’s story on the latest The Menu Bar podcast: when Scott Forstall got fired & iOS 7 really kicked off, the engineering feedback loop broke; HI took over, engineering input stopped being welcome.

I always assumed this was because they had such a humongous mountain of work to deal with, they didn’t have time to consider other opinions.

But the Jobs / Forstall ways never came back.

I used to file many Radars, some of them ending having an impact that I could feel proud of.

In my last 2-3 years of employment? I barely bothered anymore, I knew they’d likely be ignored.

Previously: The State of Apple.

Update (2018-02-05): Josh Centers:

Burrough says that under Jobs, employees were allowed to call out faults anywhere they saw them, regardless of whether it was in their wheelhouse or not, but under Cook, Apple employees are very much encouraged to stay in their own lanes.

Update (2018-02-13): Marco Arment:

I’ve heard a few times that Tim’s management style is, basically, “Don’t bring me problems.”

That doesn’t make the problems go away, of course — it just suppresses and siloes them.

Bob Burrough:

It actually exacerbates problems. When disputes occur -- as they inevitably do in any human endeavor -- instead of being quickly escalated and decisively resolved, they're left to fester. Unresolved issues become institutional baggage.

Update (2018-04-18): See also: Unco.

Apple’s Q1 2018 Results

Jason Snell:

Today Apple reported its results for the holiday quarter of last year, traditionally the biggest quarter of the year. Three months ago Apple said it expected between $84 and $87 billion in revenue, which would have been a record. They beat their estimates, with $88.3B in revenue, on strong iPhone revenue.

Below, find many charts!

Jason Snell:

If you see a story that says iPhone sales in the holiday quarter were disappointing, check to see if they mention the number of weeks in the quarter, or if they cite overheated analyst estimates. Because the numbers make it clear that this is a strong validation of Apple’s somewhat risky strategy to restructure the contents of its most popular product line.


In terms of sheer numbers, Apple sold 850,000 iPhones per day on average during 91 days in late 2017, compared to 798,000 iPhones per day during 98 days in late 2016, meaning that unit sales went “down” by increasing by 6.5 percent.

But look a little deeper: In terms of revenue, the iPhone generated $61.6 billion, compared to $54.4 billion in the year-ago quarter. […] The average selling price of a holiday-quarter iPhone jumped by $100.

Jeff Johnson:

Here’s a chart showing the year-year weekly averages[…]

Ben Thompson (Hacker News):

Cook — who repeated the sentiment later in the call — couldn’t have given a more strident example of how every company is best viewed according to the dictates of their business model. If companies are what they measure, then what matters to Apple is the number of devices sold, not the number of users. Indeed, the user is a means to the end of selling a device — and ideally more than one at a time!

Christopher Mims:

Apple’s non-hardware revenue is its own Fortune 100 company, and it makes as much on every one of its 1.3 billion users as Facebook does

Joe Rossignol:

iPad remains the world’s most popular tablet by a significant margin, having outsold competing devices from rivals Samsung and Amazon combined last year, according to data shared by research firm IDC today.

Previously: Apple’s Q1 2017 Results.

Update (2018-02-16): Kirk Burgess has a chart that compares Apple’s numbers, ex-iPhone, with Facebook, Microsoft, and Google.