Archive for March 2018

Thursday, March 15, 2018 [Tweets] [Favorites]

What Went Wrong With Siri

Aaron Tilley and Kevin McLaughlin (9to5Mac, MacRumors, Mashable, Hacker News, iMore):

Many of the former employees acknowledged for the first time that Apple rushed Siri into the iPhone 4s before the technology was fully baked, setting up an internal debate that has raged since Siri’s inception over whether to continue patching up a flawed build or to rip it up and start from scratch.


Several former employees said Mr. Williamson made a number of decisions that the rest of the team disagreed with, including a plan to improve Siri’s capabilities only once a year.


Mr. Williamson wrote that he tried to get the team to implement SiriKit and allow for outside developers to improve Siri’s functionality, but the team resisted because Siri’s “original software was so brittle and inflexible.”


The Siri Data Services team was eventually lumped into the Topsy team under Mr. Prakash with the plan to integrate all of the tech into a single stack. But they’re based on two different programming languages and are tricky to reconcile. […] Users could get completely different responses to the same question based on whether they were using Siri or Spotlight[…]


Several members on the Siri team took an immediate disliking to Mr. Sinha, who had no background in the natural language processing world. One former employee said Mr. Sinha’s decisions seemed to be driven by office politics instead of science.


In a sign of how unprepared Apple was to deal with a rivalry, two Siri team members told The Information that their team didn’t even learn about Apple’s HomePod project until 2015—after Amazon unveiled the Echo in late 2014.

None of this is surprising based on what we’ve seen from the outside. Unfortunately, I do not see any evidence that Siri is about to turn the corner.

John Gruber:

If you’re not a subscriber and want to read the full article — and I encourage you to, there’s a lot in it — you can do so with this shared link if you’re willing to give The Information your email address.


The gist of The Information’s story is that Siri has existed for seven years without cohesive leadership or product vision, and the underlying technology is a mishmash of various systems that don’t work well together.

Jessica Lessin:

“After launch, Siri was a disaster,” Mr. Williamson wrote. “It was slow, when it worked at all. The software was riddled with serious bugs. Those problems lie entirely with the original Siri team, certainly not me.”

Dag Kittlaus (who left Apple for Viv):

This statement, wholly false, was made by the architect and head of the biggest launch disaster in Apple history, Apple Maps. In reality Siri worked great at launch but, like any new platform under unexpectedly massive load, required scaling adjustments and 24 hour workdays.

This matches my experience that Siri was more responsive initially. But I don’t understand why the load was unexpectedly massive. It required an iPhone 4S, and Apple must have known how many of those it could make.

John Bafford:

@AppleSupport @tim_cook Can you guys please make Siri responses A) consistent; B) straight and to the point, not cutesy. It is really irritating to hear meaningless filler like “the suspense is killing me” when setting a timer. Thanks.

Previously: The Original Siri App Compared to Siri Today.

YouTube to Outsource Truth to Wikipedia


YouTube will accompany conspiracy theory videos with links to Wikipedia to better inform viewers, YouTube CEO Susan Wojcicki announced at the South by Southwest (SXSW) conference on Tuesday in Austin, Texas.


Wikipedia is a crowdsourced digital encyclopedia — anyone can edit it — and editors sometimes engage in fierce partisan battles over divisive topics. It remains unclear how YouTube will ensure factual accuracy of suggested pages. The reliability of Wikipedia’s information has been disputed over the years, as detailed on the encyclopedia’s page about its own reliability and its catalogue of hoaxes that have appeared there.

Similarly unclear is how “informational cues” might work for breaking news events, where subjects involved may not have a complete or even partial Wikipedia presence.

Melanie Ehrenkranz (Hacker News):

It’s unclear why YouTube didn’t feel the need to ask or inform Wikimedia about its plans ahead of this week’s announcement. That’s a pretty crucial piece of information not to share. And given that YouTube has failed at efficiently moderating conspiracy theories on its platform, it might have been smart to consult with Wikimedia about how to best use its resources to fight misinformation. Of course, maybe YouTube would’ve learned that showing users a Wikipedia link isn’t the best way to fight hoaxes.

See also: Ryan Mac.

Overcast 4.1 and Smart Resume

Marco Arment (tweet):

Smart Resume is actually two features:

  1. It jumps back by up to a few seconds after having been paused to help remind you of the conversation.
  2. It slightly adjusts resumes and seeks to fall in the silences between spoken words when reasonably possible.


I was using an NSNumberFormatter to read the total [time saved] value from Overcast’s server as a double. My server always sends values with U.S.-style number formatting, using a period as the decimal separator (e.g. “1234.5”). But by default, NSNumberFormatter uses the device’s locale, so in countries that use a comma as the decimal separator (e.g. “1234,5”), it was interpreting the server’s numbers with periods as invalid and returning zero. So the Settings screen thought they hadn’t saved any time, and hid the time-saved label.

Fortunately, it was an easy fix: setting that NSNumberFormatter locale to en_US to match what the server was sending.

Macro Arment:

My first instincts were all surface-level UI issues: string localization, nil strings, and UILabel sizeToFit problems.

Ryan Jones:

Overcast’s new Smart Resume feature has allowed me to turn voice turn-by-turn directions back on in Google Maps. Driving is easier (and safer – I don’t look down for next turn). I swear I’m not just saying this either. Honest truth.

Very small wins make products.

It’s amazing how much better Overcast—from a solo developer—still is than Apple’s Podcasts app. If anything, its lead seems to be increasing.

Marco Arment:

Thanks for all of the Smart Resume praise and press coverage!

To be clear, skipping back a bit after being paused isn’t a new idea. I think Instacast was first to it, years ago.

I think adjusting those (and other) seeks to fall on silences is new, though.

Jake Achée:

Overcast feature idea:

SmartStop. When enabled, wait for a silence that would normally be SmartSpeed optimized THEN stop.

Marco Arment:

I actually tried this during the beta, but it’s much more complex to implement than seek adjustments, and I couldn’t get it stable enough to ship in time.

France to Take Legal Action Against App Stores

Bloomberg (MacRumors):

Finance Minister Bruno Le Maire said Wednesday France will take legal action against Google and Apple and fines could be in the “million of euros”. Fines are likely to be about 2 million euros ($2.5 million) per company, accused of taking advantage of local developers. This comes after a two-year investigation by the ministry’s fraud repression unit, according to an official in Le Maire’s office.

“I learned that when developers develop their applications, and sell to Google and Apple, their prices are imposed, Google and Apple take all their data, Google and Apple can unilaterally rewrite their contracts,” Le Maire said in an interview with RTL radio. “All that is unacceptable and it’s not the economy that we want. They can’t treat our startups and developers the way they do.”

The Apple TV 4K’s HDR Nightmare

Josh Centers (tweet):

As much as it pains me to say this, Gene Munster was right. For years the former Piper Jaffray analyst was routinely mocked because at every Apple investor call, he would ask Apple leadership if they were planning to make an Apple-branded smart TV set. But after weeks of fighting to get HDR working with my Apple TV 4K, I’m convinced that if Apple intends to succeed in the TV business, the best thing to do would be to ship a television set that just worked. I’ve been writing and updating “Take Control of Apple TV” for four years now, so I know that if I’m flummoxed, the average user has little hope.


Imagine: no calibration, no special settings, nothing to twiddle with! Just sit down and watch TV in the best possible quality. Sure, it wouldn’t be Apple’s most profitable business, but neither is the current Apple TV.

Until that day comes, I’ve seen my family relying more and more on my Chromecast Ultra. It has no interface, and no settings as such — it just works.

Matt Birchler:

I would have paid $10 more to get The Last Jedi in 4K, but the option just isn’t there. This is a Disney thing more than an Apple thing though, as this is the case on all major storefronts.

Previously: Apple TV 4K, Still a Hobby, Cultural Insularity and Apple TV, No 4K iTunes Videos on iPad Pro or Mac.

iPhone Wireless Phone Charging Comes at a Cost: Your Battery

Sasha Lekach:

Kingsley-Hughes determined — based on Apple’s claim that an iPhone battery is “designed to retain up to 80 percent of its original capacity at 500 complete charge cycles” — that his phone would hit 500 charges in about a year and a half. Most phones are expected to keep a charge at 80 percent for two or three years of use.

In about six months, he’s already hit 135 charging cycles. He looked at his charging behavior and realized that since switching over to a wireless charging plate about six months ago, he was eating up his charges at an alarming rate. Now instead of the cord bearing the brunt of power duties, his battery is constantly working to charge. It’s a losing battle.

Other phone users on Android devices have their suspicions about heavy battery wear on the devices with inductive charging.

Dan Masters:

Fantastic. Basically, if you don’t want your phone throttled in less than a year, don’t use wireless charging.

iPhone wireless phone charging comes at a cost: battery health

My iPhone SE does not have wireless charging, but according to coconutBattery it has already dropped to less than 80% capacity after less than a year.

Previously: iPhone Charging Speeds Compared, iPhone 8, Qi Wireless Charging, and the Challenge of Open, Apple’s Message to Customers About iPhone Batteries and Performance.

Tuesday, March 13, 2018 [Tweets] [Favorites]

Time for a Complete Home App Makeover

John Voorhees:

I’d like to say I got the setup right the third time, but I didn’t, though I think it helped me understand better why groups are so deeply buried in Home’s UI. I had forgotten that after a group is set up, its component accessories are no longer available in Home’s UI. This makes sense if you have a lamp with two bulbs in it that you always want to come on at the same time and behave in the same way, but it’s a limitation that greatly reduces the utility of groups because it means the individual accessories that make up a group cannot be added separately to scenes. I backed out of the partially built scene realizing that I had to reconfigure my group.

The solution was to ungroup my desk lamp from the rest of my lights in the studio and set up a scene that turns the desk lamp red and a workflow that triggers that scene when the back door opens. The trouble is, scenes have a very limited concept of state so my lamp can’t be toggled back to its prior color using an automation workflow or by toggling the scene manually. I could add a timer to the automation to turn the desk lamp off after a certain amount of time, but I don’t want to turn off the light, I want to turn off the scene, and you cannot attach timers to scenes. Instead, I needed another scene to return the desk lamp to its original settings.

You probably get the point by now. Home is both too complex because of the way it splits things into rooms, zones, groups, scenes, and automations and too simple because it lacks features like robust state awareness and, in some places, timers. However, the problems with the Home app run even deeper. They are compounded by a generic UI and complex navigation.

Calendar 2 App Could Mine Crypto-Currency in Lieu of IAP

Dan Goodin (MacRumors):

The app is Calendar 2, a scheduling app that aims to include more features than the Calendar app that Apple bundles with macOS. In recent days, Calendar 2 developer Qbix endowed it with code that mines the digital coin known as Monero. The xmr-stack miner isn’t supposed to run unless users specifically approve it in a dialog that says the mining will be in exchange for turning on a set of premium features. If users approve the arrangement, the miner will then run. Users can bypass this default action by selecting an option to keep the premium features turned off or to pay a fee to turn on the premium features.


“On the one hand, using the user’s CPU for cryptomining has become extremely unpopular,” Thomas Reed, director of Mac offerings at antimalware provider Malwarebytes, told Ars. “The fact that this is the default is something I don’t like. I would want to see a legit app informing the user in advance or making it an option that can be turned on but is off by default. On the other hand, they [the developers] do disclose that they are doing it and give other options for people who don’t like it. My personal feeling on this is that, given the disclosure, I think the user should be allowed to make their own choice. Some people might be perfectly willing to let an app like this mine cryptocurrency so that they can use it for free.”


In an e-mail sent about 90 minutes after this post went live, Magarshak said he has decided to remove the miner from future versions of Calandar 2.

Patrick Wardle (tweet):

Hooray for honestly I guess!? And is getting “all advanced features for free” in return for allowing the app to turn your box into a cryptocurrency miner a fair deal? Maybe? But users clearly are not stoked about this[…]

Patrick Wardle:

Apple’s App Store guidelines seem rather clear RE: cryptocurrency mining in Apps: “monetizing built-in capabilities provided by the hardware or operating system” is “Unacceptable”-section 3.2.2 (ii)

I don’t think this is the type of thing the guideline is talking about, but who knows how Apple would interpret it.

Update (2018-03-15): Dani Deahl (MacRumors):

Apple pulled Calendar 2 from the Mac App Store yesterday, and today, Qbix CEO Greg Magarshak tells 9to5Mac that it was because it violated App Store guideline 2.4.2, which states: “Design your app to use power efficiently. Apps should not rapidly drain battery, generate excessive heat, or put unnecessary strain on device resources.”

Magarshak says that within an hour Qbix had removed all mining features and worked with Apple to expedite putting the app back on the App Store. It is now offering both new and preexisting users a free year of premium features. He also says that in the three days the app was mining, it earned about $2,000 worth of Monero[…]

Via Marcin Krzyzanowski:

Best AppStore business model, or what?

Smart Debugging

Peter Steinberger (tweet):

Debugging can be exciting, but often also very, very frustrating. In this talk, I’ll show you some lesser-known tools and techniques to find problems faster and make the compiler show you issues, before they become a crash for your users. Of course we also look at some real world examples.

The Origins of QuickTime

Computer History Museum (via Stephen Hackett):

In 1991, Apple released QuickTime, the first mass-market digital video software for personal computers. QuickTime is a multimedia platform for developers to add audiovisual recording, editing, and playback to their applications. Because it was built into the Macintosh operating system, users did not need to buy more hardware or software to play video. QuickTime became the most widespread media format on PCs after Apple brought it to Windows, and its incorporation into the MPEG-4 standard, used in every cell phone, computer, and set top video player today, cemented Apple’s position as a leading provider of media creation technology. How was QuickTime created? What role did it play in Apple’s history? And what impact does it have today?

Center for Software History curator Hansen Hsu leads a conversation with members of the original QuickTime team about the creation of QuickTime, its evolution, and its impact on the computer and media industries.

Update (2018-03-13): Ilja A. Iwas:

‘Pencil Test’ was the first QuickTime movie I saw. Got it on a dozen floppy disks, needed to wipe out almost my entire hard drive to make room. Took hours. Today, it’s just a link to YouTube.

Swift 4.1 Conditional Conformance Is Amazing

Stephen Celis:

Here’s a non-empty collection type that works with any collection.

Wrapping a MutableCollection type gives the non-empty type all those methods for free!

Previously: Conditional Conformance in the Standard Library.

Monday, March 12, 2018 [Tweets] [Favorites]

Better Strategies Through Types

Joshua Emmons:

We have to limit our delegate to class implementations because delegates are assumed to hold mutable state.


So rather than holding our strategy’s implementation in instance methods that need to be instantiated, we’re going to move it all up into type methods on the type.


If all this .Type and .self stuff feels a little awkward, it’s probably because Swift already supports this kind of thing as a language feature. It has a specific syntax just for passing around types that are used to specialize implementations. We know it as “generics”.

However, a key difference is that, unlike delegates, the type cannot change at runtime.

The Original Siri App Compared to Siri Today

Mitchel Broussard:

In 2008 Siri began as spin-off of SRI International, where Winarsky was the President, and eventually launched as an app for iOS in February 2010. Two months later Apple acquired Siri, and just over a year after that introduced it within the iPhone 4s, shutting down the standalone app shortly thereafter. Seven years later, Winarsky said that Siri’s capabilities have fallen short of his earlier predictions for where he thought the assistant, and Apple’s development, would end up.

Specifically, Winarsky’s comments focus on what Siri’s intention was “pre-Apple” versus where the assistant is today. According to the co-founder, Siri was originally meant to be incredibly intelligent in just a few key areas -- travel and entertainment -- and then “gradually extend to related areas” once it mastered each. Apple’s acquisition pivoted Siri to an all-encompassing life assistant, and Winarsky said that this decision has likely led Apple to search “for a level of perfection they can’t get.”

Kevin Clark:

It’s fascinating that the original Siri demo is still better than today’s Siri in a few aspects.

Nick Heer:

For fun and frustration, I tried all of the original commands featured in that eight year old video on my iPhone[…]


What’s clear to me is that the Siri of eight years ago was, in some circumstances, more capable than the Siri of today. That could simply be because the demo video was created in Silicon Valley, and things tend to perform better there than almost anywhere else. But it’s been eight years since that was created, and over seven since Siri was integrated into the iPhone. One would think that it should be at least as capable as it was when Apple bought it.

John Voorhees:

Eight years is an eternity in the tech world.

Wojtek Pietrusiewicz:

Examples attached: 1, 2, 3, 4, 5, 6. Basically, I expect so much more of her today, that she feels stupider than back in 2011, when she launched on the iPhone 4S.

HyperCard Zine

Jae Kaplan (via Hacker News):

Now accepting submissions!


On the 20th anniversary of HyperCard’s discontinuation, I want to pay tribute to the programming tool that started it all.


Please make your stack using the Classic size template so that it is playable on older machines and in Mini vMac. While you’re free to use color, I’d recommend against it so that you can guarantee how your stack will look on all machines.

Once you’ve finished your stack, please compress it in StuffIt to preserve any resource forks or other extended attributes.

This last part is not really necessary except for notalgia. Other formats such as disk images and .zip and .tar archives also support resource forks, and HyperCard does not need any extended attributes.

Mark Hughes:

There's a few modern variants, but nothing I know of that works[…] So everyone just gives up and uses emulation, because making a new Hypercard is impossible. If you're going to do that, do it the easy way: Hypercard in the Browser

Previously: HyperCard on the Internet Archive.

Can U.S. States Hang on to Net Neutrality?

Geoff Duncan:

States aren’t pinning all their hopes on successfully suing the FCC: several are working to enact their own net neutrality laws, and this week Washington became the first state to put such a law in the books.


Going for the purse strings is a nice idea — and very likely ducks under the FCC’s preemption authority — but broadband operators are already used to dealing with innumerable state and local utility commissions. It’s the sort of thing that can be sidestepped with shell companies and finagling — and in markets like New York, Texas, and California, there’s more than enough money at stake for broadband operators to do just that. In smaller markets, broadband operators may simply choose not to comply, effectively holding improved Internet service hostage until regulators relent. That too would hurt users — and, of course, state services like schools and educational institutions.


Notice who isn’t participating in this debate? Major Internet companies like Google, Facebook, Amazon, and Apple. All these firms took public stances in favor of net neutrality — because it helps their businesses — but have been remarkably silent on state efforts to preserve some semblance of net neutrality.

Previously: Network Neutrality, Ajit Pai, and Title II.

Update (2018-03-15): Jon Brodkin:

Some states are trying to evade the federal preemption with indirect measures that apply only to ISPs that accept state contracts. No one knows for sure how a court would rule on state bills that regulate net neutrality directly. Even legal analysts who support net neutrality laws disagree on whether such laws would survive lawsuits filed by ISPs.

Van Schewick argues that the FCC’s preemption claims are invalid.

“While the FCC’s 2017 Order explicitly bans states from adopting their own net neutrality laws, that preemption is invalid,” she wrote. “According to case law, an agency that does not have the power to regulate does not have the power to preempt. That means the FCC can only prevent the states from adopting net neutrality protections if the FCC has authority to adopt net neutrality protections itself.”

Via Karl Bode:

In other words, when the FCC rushed to neuter its authority over ISPs it also neutered its authority to stop states from filling the void and protecting consumers.

Friday, March 9, 2018 [Tweets] [Favorites]

Solving a Mysterious Heap Corruption Crash

Agnes Vasarhelyi (tweet, via Alexis Gallagher):

I removed every third-party dependency, to exclude the possibility that the problem is not in our code.


Move suspicious pieces to an empty project


The code was fairly slim at this point - a few thousand lines of parsing 3D models into all kinds of data structures. Nothing concurrent, everything running synchronously. I wanted to try and look at the crash site again. Even though I knew the cause of the heap corruption could be elsewhere, seeing the stack trace in the same piece of code every time made me want to look closer there.

The pattern I started to see was that there was always a Dictionary involved, and there was always a simd type such as double3 in the dictionary.


But what if.. what if it’s really a Swift bug? 🙀


When their elements had unusually wide alignments, storage for the standard library’s collection types was not guaranteed to be always allocated with correct alignment. If the start of the storage did not fall on a suitable address, Dictionary rounded it up to the closest alignment boundary. This offset ensured correct alignment, but it also meant that the last Dictionary element may have ended up partially outside of the allocated buffer — leading to a form of buffer overflow. Some innocuous combination of OS/language/device parameters probably caused this issue to trigger more frequently — which is probably why it became noticeable on particular devices running iOS 11.

Faster Swift String Concatenation

Nick Lockwood:

I’m sure I heard somewhere that "\(foo)\(bar)" is the recommended way to do string concatenation in Swift, but I benchmarked it and it’s almost 100x slower than using + or String.append().

I know I’ve heard that as well. I assumed it was taken as a hint to figure out the proper allocation size up front. But currently it’s slower because the interpolated elements are not assumed to be strings.

Joe Groff:

Yeah, \(x) goes through the print-anything path for x, which hasn’t really been optimized

Steve Barnegren:

I thought that the recommendation to use "\(foo)\(bar)" over + was more for compilation performance than runtime performance, as the compiler has to work to understand which + operator to use.

Joey Devilla:

Running on the phone, the + method is almost 70 times faster, which is a significant difference when concatenating a large number — 100 million — strings. If you’re concatenating far fewer strings, your better bet is to go with the option that gives you the more readable, editable code.

Marcel Weiher:

A factor 100 here, a factor 100 there, soon enough… ¯\_(ツ)_/¯

Nick Lockwood:

A lot of people have jumped on this to criticise Swift’s maturity as a language.

To put it in context, even at 100x slower, you can still comfortably perform 500,000 string concatenations per second. In most apps this would be a complete non-issue.

Update (2018-03-10): Nick Lockwood:

Deleted this, since it was due to a misconception on my part.

His original test measured foo = "\(foo)bar" vs. foo += "bar", which is not what I would have expected from the tweet’s description. The latter is 100x faster because Swift is able to mutate the string rather than create a new one. The benchmark code is here.

I measured baz = "\(foo)\(bar)" vs. baz = foo + bar, which is what I thought he was originally talking about (i.e not building up a giant string), and found the latter to be about twice as fast, perhaps because of the overhead that Groff mentioned.

Devilla measured newString = "\(string1) \(string2)" vs. newString = string1 + " " + string2 and found the latter to be 70x faster. I tried to reproduce this but found less than 10% difference in the opposite direction. In other words, interpolation was slightly faster. However, I am using Swift 4, and he was using Swift 2.

Your Nose Isn’t Really As Big As It Looks in Selfies

Rachel Becker:

Last year, more than half of plastic surgeons were approached by patients who wanted to look better in selfies, according to a survey by the American Academy of Facial Plastic and Reconstructive Surgery.


Most smartphone cameras have wide-angle lenses, says The Verge’s creative director James Bareham, and close-ups with wide-angle lenses cause distortion that makes objects closer to the camera — like, say, a nose — look larger. “It’s kind of one of the basics of photography: don’t shoot portraits on a wide-angle lens because you will look terrible,” Bareham says.

Old Steve Jobs Videos

MIT (via Thomas Brand):

Steve Jobs, one of the computer industry’s foremost entrepreneurs, gives a wide-ranging talk to a group of MIT Sloan School of Management students in the spring of 1992. Jobs shares his professional vision and personal anecdotes, from his role at the time as president and CEO of NeXT Computer Corporation, to the thrilling challenges of co-creating Apple Computer, and subsequent disappointments at his ousting. In conversational exchanges with audience members Jobs underscores the value of direct experience in the field, and “developing scar tissue.”

ABC (via Farhad Manjoo):

Ted Koppel, Bettina Gregory, and Ken Kashiwahara present news stories from 1981 on the relevancy of computers in every day life and how they will affect our future. Included are interviews with Apple Computer Chairman Steve Jobs and writer David Burnham.

Photoshop CC Easter Eggs

Michael Zhang (via John Nack):

Did you know that hidden within Photoshop CC are a number of “easter eggs” that customize the photo editing app in wacky ways? Three that you can activate in the latest version of Photoshop CC are “Layer Monkey,” the “Banana Toolbar,” and “Coffee & Toast.”

Here’s a quick look at how you find each one (keep in mind that these are entirely for fun, i.e. completely useless)[…]

Wednesday, March 7, 2018 [Tweets] [Favorites]

Apple to Discontinue iTunes LP

Zac Hall:

Apple appears to be finally pulling the plug on its iTunes LP format this year. For music sold in the iTunes Store, iTunes LP has served as a useful but not popular digital solution for including a rich multimedia experience with digital music.

Like physical records and CDs, iTunes LP content can include lyrics, photos, and liner notes as well as access to video — but the format has never been optimized for iPhone and iPad. The special iTunes format has been around for almost ten years but only around 400 albums have used it.

I’m not quite sure whether iTunes LP was a bad idea or simply one that neither Apple (aside from Steve Jobs?) nor the music producers actually had much interest in. How else to explain that Apple never brought it to iPad?

Nick Heer:

But, these days, those extras don’t require a specific packaged format. Videos are streamed for the one or two times most people watch them, and lyrics are just a scroll away for many Apple Music tracks. The world moved beyond iTunes LP. And the remaining things it offered — like exquisite artwork on gorgeous poet, and that sense of a packaged product — simply can’t be replicated effectively on a screen.

Previously: Eliminating iTunes Store Music Downloads, No iTunes Extras on Apple TV or iOS.

Update (2018-03-08): Author:

I think this signals less “whether iTunes LP was a bad idea” (though the skeuomorphism Jobs loved is slowly dying our from the `OSes) than “someone’s paying attention to scaling down iTunes”. I think they’re slowly moving towards killing music sales, no matter what Sellers at AWT thinks. ;^D


Cesium’s author points out that playing music on your own phone is increasingly difficult via Apple Music in iOS 11.

Deckset Leaves the Mac App Store

Unsigned Integer (via Ilja A. Iwas, 9to5Mac):

The main reason for us to leave the App Store is greater flexibility in pricing. For example, we are now able to offer a 50% discount to students, teachers and other members of educational institutions. That is something we simply couldn’t do before, and we feel it’s essential to reflect the realities of how and why people use Deckset.

There also is a 20% discount for teams buying either 5 or 10 copies of Deckset in bulk.


Since Deckset will now live independently of the Mac App Store (and hence, its tedious submission and review process) we will also be able to release updates much more frequently.

Brett Terpstra:

I first wrote about Deckset back in 2014. Since then I’ve continued to love it as an alternative to Keynote, using it whenever I can for presentations.

Getting the Current NSBundle

Nicolas Bouilleaud:

  1. Use backtrace() to find the function pointer of the caller;
  2. Use dladdr() to find the executable image path containing this function;
  3. Find the loaded bundle with this executable path.


With this, I can finally write Bundle.current everywhere, instead of Bundle.main or Bundle(for: AnyClass).

Update (2018-03-12): Leo Natan:

Very cool, but this is an error prone approach due to inlining and optimizations.

For performance, __builtin_frame_address()/__builtin_return_address() either directly in Swift if possible or in a C shim function would work quite well. Same risks as original approach.

A Lot Can Happen in a Decade

Craig Hockenberry:

It’s the ten year anniversary of the original iPhone SDK.


Discoveries happened quickly. It took just a matter of weeks before the filesystem was exposed. A couple of months later, the entire native app experience was unlocked. Development toolchains were available and folks were writing installers for native apps.


There were a lot of surprises in that early version of UIKit. It took forever to find the XML parser because it was buried in the OfficeImport framework. And some important stuff was completely missing: there was no way to return a floating point value with Objective-C.

There were also strange engineering decisions. You could put arbitrary HTML into a text view, which worked fine with simple tags like <b>, but crashed with more complex ones. Views also used LKLayer for compositing, which was kinda like the new Core Animation in Mac OS Leopard, but not the same.

Craig Hockenberry:

Still, it’s easy to see why today’s apps are much more sophisticated. They run code hundreds of times faster.

They also have screens that are a bit larger than 320 × 480 :-)

Guilherme Rambo:

I decided to compare SpringBoard from iPhoneOS 1 to SpringBoard on iOS 11.3 (b4). Binary size back then: 691KB. Now: 11,5MB. Classes back then: 145. Classes now: 1418. The only thing I could find that’s not changed are two instance variables on the SpringBoard class.

Constructing Human-grade Parsers

Joe Groff (tweet):

Parsing is one of the most thoroughly explored topics in computer science, but building parsers that give high-quality diagnostics and user feedback is still largely folk art. Here are some observations on how parsers can be constructed in a way that makes it easier to recover from parse errors, produce multiple diagnostics in one pass, and provide partial results for further analysis even in the face of errors, providing a better experience for user-driven command line tools and interactive environments.


Thinking about it a different way, we want parsing to always succeed at producing some kind of structured result. The result can contain error nodes inside it, but the error nodes don’t have to replace the entire result. How do we make a parser that always succeeds, and how exactly do we recover when we find a parse error? We can look at both problems from the perspective of designing the grammar. Effectively, we want to take a grammar and extend it to make it total, so that every string matches a rule, by adding rules for erroneous inputs.


If you’re designing a grammar from scratch, it’s also good to think about how your grammar can be parsed in a recoverable way, by considering what kinds of errors or incomplete edits users may make, and what kinds of synchronization points you can design into the grammar so that a parser can recover from malformed input.

Joe Groff:

Yeah, even though whitespace isn’t formally significant most people well-indent their code in practice. I think recent GCC uses indentation as a hint to match up imbalanced { } pairs; Clang and Swift should do the same

Andy Gocke:

My first rule: don’t use a generated parser. The effort in making a hand-written recursive descent parser will pay itself off many times over in maintenance.

Parser combinators are awesome for getting something working, but tend to produce a lot of allocations. For a production compiler, I think the amortized cost of rolling your own is so low I wouldn’t look for a library to help.

Tuesday, March 6, 2018 [Tweets] [Favorites]

Keeping Your Safari Data Private

Apple (via Bob Burrough):

Apple products are designed to do amazing things. And designed to protect your privacy.

At Apple, we believe privacy is a fundamental human right.

And so much of your personal information — information you have a right to keep private — lives on your Apple devices.

Your heart rate after a run. Which news stories you read first. Where you bought your last coffee. What websites you visit. Who you call, email, or message.

Every Apple product is designed from the ground up to protect that information. And to empower you to choose what you share and with whom.

I don’t find Safari’s privacy options very empowering. There are lots of features to protect your from the sites you visit, but that’s only half the story. Safari’s user interface doesn’t mention which user data is sent to Apple’s servers. In fact, iCloud stores your bookmarks and Reading List, open tabs, and even your full browsing history (excluding private windows).

There is no granular control. If you want to sync your bookmarks or use Reading List to move the occasional link from your iPhone to your Mac, you also have to enable history syncing.

The history data is only secured by your Apple ID password, which means that Apple has full access to it. And there have been bugs where deleted history was not actually deleted.

With Chrome, your data syncs to Google if you create an account and log in. With Safari, you never really get a chance to opt in. macOS strongly encourages you to sign into iCloud during installation, and many apps won’t work without having it enabled in some fashion. You can opt out of iCloud’s Safari features, if you know to look for the checkbox tucked away in System Preferences.

Update (2018-03-06): Jason:

I appreciate the granularity Chrome enables with their syncing, even amongst individual instances. I can sync my themes and extensions on my work computer without syncing my browse history, for example.

It confounds me that Safari still doesn’t sync extensions between Macs.

Streaming Your Own Music

Amazon Echo used to let you upload 250 of your own music files to the cloud, or up to 250,000 if you paid $25/year.

HomePod lets you upload 100,000 songs to iTunes Match for $25/year. It cannot initiate streaming from your Mac, even if you use Home Sharing.

Google Home Max lets you upload 50,000 songs for free.

I still use iTunes to sync music to my iPhone, like an animal, and stream from the phone to a Logitech Bluetooth speaker. So I can use Siri to play my own music for free. Right now, I use my own phone for this, but the downside is that as I move around there can be interference or I can get totally out of range. Also, my iPhone SE is full, so much of my music doesn’t fit on it. It might be better to dedicate an old iOS device as a stationary music controller, but that would make controlling it less convenient.

The other option, which I’ve used in the past, is to stream from iTunes on my Mac to the Bluetooth speaker. This can be controlled from the Remote app on my phone, but that is slower and less nice than Cesium and doesn’t work with Siri.

The Mystery of the Slow Downloads

Cabel Sasser:

Our downloads really were slow — but seemingly only to Comcast users, and only during peak internet usage times. Something was up. At first we thought, maybe Comcast bandwidth is just naturally more congested in the evening as people come home from work and begin streaming Netflix, etc. But that didn’t explain why the connections to our Linode control server from Comcast, during the exact same time windows for each tester, were downloading with good speeds. We wondered, is Comcast intentionally “throttling” Cogent customers? And if so, why?


It felt like there was no way this should have worked. If I had to guess, I’d say it’s simple: in the middle of a serious ongoing debate over net neutrality, the last thing Comcast wanted to look like was a network-throttling bad guy in this blog post. But then again, maybe I’m still being too cynical — maybe they just saw a problem they hadn’t noticed and fixed it. (But really, did they really not notice that pipe was full until I asked? Surely there are network monitoring tools?) Frankly, I have to stop thinking about it, because I’ll never know. But no matter the reason, I’m very grateful: thanks for listening to us, Comcast.)

A Year Away From macOS

Wesley Moore (via Hacker News):

At this point I can’t see myself switching back to Mac OS. There is only one task (MoneyWell) that I haven’t been able to achieve with my new Linux or FreeBSD systems.


Over the year I think what I value in an operating system has shifted. I went in valuing design, consistency, and attention to detail. I definitely still value those things but I think I’ve softened on them. I’m willing to settle for a few rough edges. In return I get:

  • Systems that are always up to date
  • More hardware options
  • Upgradeable hardware
  • The ability to build an environment that works for me
  • “The freedom to study how the program works, and change it so it does your computing as you wish”.

That last one has come as a bit of a surprise. I’ve always been a fan of open source but was happy to use well-made proprietary software. It turns out that when a huge portion of your system is open source your perspective changes. Jumping through hoops to install proprietary software (that’s not in the system package repos) is kind of a drag, and feels sort of wrong for the system.

There’s also something wonderful about public bug trackers. You can search and track the progress of an issue instead of just submitting it into the void.

Previously: Finding an Alternative to Mac OS X.

GitHub Survived the Biggest DDoS Attack Ever Recorded

Lily Hay Newman (via Dave Mark):

Akamai defended against the attack in a number of ways. In addition to Prolexic’s general DDoS defense infrastructure, the firm had also recently implemented specific mitigations for a type of DDoS attack stemming from so-called memcached servers. These database caching systems work to speed networks and websites, but they aren’t meant to be exposed on the public internet; anyone can query them, and they’ll likewise respond to anyone. About 100,000 memcached servers, mostly owned by businesses and other institutions, currently sit exposed online with no authentication protection, meaning an attacker can access them and send them a special command packet that the server will respond to with a much larger reply.

Unlike the formal botnet attacks used in large DDoS efforts, like against Dyn and the French telecom OVH, memcached DDoS attacks don’t require a malware-driven botnet. Attackers simply spoof the IP address of their victim and send small queries to multiple memcached servers—about 10 per second per server—that are designed to elicit a much larger response. The memcached systems then return 50 times the data of the requests back to the victim.

Monday, March 5, 2018 [Tweets] [Favorites]

First-Class Swift API for Objective-C Frameworks

Marcin Krzyżanowski:

In Objective-C, it’s possible to store a block as an id type, e.g. in a collection like NSDictionary<String *, id>. However, that’s a trap. If we store a Swift closure in the imported dictionary type, it will crash at the time we access the value.

There is a workaround, but it has to be done on the Swift side. Declare the closure type with the @convention(block) and use it as a type[…]


The non-system framework Objective-C NSUInteger is imported as UInt. That’s not very consistent with the Swift concept of having an Int as the ultimate integer type. The conversation about if NSUInteger should be automatically imported as an Int is already older than a year, and we’re still looking for a better solution in this area.


API Notes is a textual file with a set of metadata interpreted by Swift’s Clang Importer without the need to rebuild the binary.


@_exported will make an imported module re-exported as if the imported symbols were part of the intermediate module. The intermediate module is logically placed between two other modules, which is why it’s called an overlay framework: It overlays the @_exported modules.

Script Debugger 7

Late Night Software (press release):

The biggest change in Script Developer 7 is the release of our new “lite” mode, which offers all the basic editing, debugging and dictionary functions that you need to write your code. Even without Script Debugger’s advanced features, it represents a significant improvement over the Script Editor which comes with your Macintosh.


Script Debugger 7 offers a new way of deploying AppleScripts as standalone applications with an improved interface for your users, support for automatic software updates via Sparkle and much more.


Script Debugger 7’s Dictionary Explorer lets you move, copy or delete objects. Script Debugger 7’s lets you explore much more of an application’s scripting abilities without writing a single line of AppleScript code.


Script Debugger 7 offers an entirely new way of generating AppleScript code: Explorer recording. Start recording a script, and then begin exploring an application using Script Debugger’s Dictionary Explorer. As you alter property values or move, copy or delete objects, the corresponding AppleScript code is added to your script.

More changes are listed here. I also really like the redesigned Web site and the new application and document icons. This is a great app.

Update (2018-03-15): Mark Alldritt:

The standard applet shell provided by Apple has been with us since AppleScript’s inception. It is a minimal means of deploying a script as a stand alone application. Our objective with the Enhanced Applet shell is to provide additional functionality for scripters and to improve the user experience, especially when developing droplets (scripts that open files).

See also: The Talk Show.

Risks of In-App Browsers

Felix Krause (tweet):

Many larger iOS apps re-implemented their own in-app web browser. While this was necessary many years ago, nowadays it’s not only not required any more, it actually adds a major risk to the end-user.


Using a custom in-app browser, allows the app developer to inject ANY JavaScript code into the website the user visits. This means, any content, any data and any input that is shown or stored on the website is accessible to the app.


It allows the app maintainer to inject additional analytics code, without telling the user.


Any app with an in-app browser can easily steal the user’s email address, passwords and two-factor authentication codes.


Once the user is logged in, you also get access to the full HTML DOM + JavaScript data & events, which means you have full access to whatever the user sees. This includes things like your emails, your Amazon order history, your friend list, or whatever other data/website you access from an in-app web view.

This is partially a consequence of iOS’s full screen interface. On the Mac, it’s no big deal to open a separate Safari browser window, and entering credentials or doing general browsing in an in-app browser would seem weird.

I’m not sure what Apple can do about this on iOS. Even if the user knows what the safer SFSafariViewController looks like, that appearance could be spoofed. And there are plenty of legitimate uses for a regular embedded Web view.

Previously: iCloud Passwords in Mail, Device Passwords, and Safari Passwords.

Update (2018-03-06): Bad Uncle Leo:

w-w-where’s App Review??

Bob Burrough:

That’s how the house of cards comes crumbling down. App Review certainly should boot apps that steal credentials and do other nefarious things. However, if their responsibilities cover the behavior of apps (they do), then they also have to consider apps like Facebook.

Facebook’s business is built on exploiting user data in some way. Hell, Google’s is, too. However, I don’t think anyone is under any misconception that Apple’s App Review team is giving a serious, critical look at the behavior of those companies. They’re not.

This line of thinking forces us to ask what is the role of app review, and ultimately what is the role Apple’s moral policies? Are they really running their business as if they’re fighting the good fight, or is that all just marketing?

This is an area where App Review could help but won’t. App Review continues to look the other way, even for blatant push notification spam. And when there is enforcement, the rules are different for the big players.

Update (2018-03-07): Sean Hussey:

My son’s school isn’t supposed to allow outside recess if it’s below 32 degrees, so my son went to , opened up the web inspector, changed the temperature from 28 to 36, and showed the teacher.

Amazon Will Stop Selling Nest Smart Home Devices

Steve Kovach (via Hacker News):

After weeks of silence, Amazon's retail team informed Nest employees on a conference call late last year that it would not list any of the newer Nest products recently announced by the company, according to a person familiar with the call. The products in question include the latest Nest thermostat and the Nest Secure home security system, among others.

On that call, says the person, Amazon told Nest that the decision came from the top — and that it had nothing to do with the quality of Nest products, which had great reviews on Amazon.


As a result of Amazon's decision, Nest decided to stop selling any of its products through Amazon, meaning the limited number of Nest devices listed on Amazon today are expected to disappear from the site once current inventory is sold out, according to a person familiar with the matter.

Amazon still doesn’t sell current iPhones or iPads, but it has changed its mind and now sells Apple TVs.

I find these decisions fascinating. Amazon could already promote its own line of home products all over its site, even on listings for Nest products. Is it that much better to have Nest products not show up in searches at all? Is it really worth the lost revenue and analytics to send those purchasers elsewhere? And to tarnish Amazon’s image as the “everything store”? iPad and Kindle are not even really in the same market, and Amazon does sell tablets from other companies.

Update (2018-03-06): Amazon doesn’t sell Google Chromecast, either.

Apple Networking Feedback

Quinn the Eskimo:

I’m soliciting feedback about the networking APIs on Apple’s various platforms.  The focus here is on commonly-used user-space networking APIs; think NSURLSession, NSStream and BSD Sockets, not VPN, NKEs, Wi-Fi management, and so on.

Dave DeLong:

Here are his questions and my answers[…]

It’s great to see Apple asking for API feedback.

Update (2018-03-06): Riccardo Mori:

Part of a survey at the end of the “Apple IIGS Owner’s Reference” manual. Lovely, effective layout.

Friday, March 2, 2018 [Tweets] [Favorites]

Amazon Is Complicit With Counterfeiting

Casey Hopkins:

This is exactly what has happened to us. Our popular product The Anchor, the first under desk headphone mount, with 1500+ reviews, has been getting flooded with counterfeits. The current counterfeit seller, suiningdonghanjiaju Co Ltd (yeah they sound legit), has been on there for the past 5 days and taken all the sales.

They literally reverse engineered it, made steel compression molds, made the logo wrong, used fake 3M adhesive that’s very thin and was diecut smaller than the top (measure once, cut twice), they use a lower durometer silicone so it flexes more, its has huge mold parting lines, and the packaging is literally photocopied then reprinted (you can tell by the lack of image contrast). And they had to apply a big sticker to cover our SKU with theirs. But to the untrained eye, it would pass. Can’t wait for the negative reviews to come…

This is not a cloned product with its own listing on Amazon. Rather, the counterfeiter is listed as a seller on Elevation Lab’s own product page.

There is something extremely simple Amazon could do about it. If you have a registered brand in the Brand Registry and don’t sell the product wholesale - there could be one box to check for that. And anyone else would have to get approval or high vetting to sell the product, especially if they are sending large quantities to FBA. I imagine there are some algorithmic solutions that could catch most of it too. And it wouldn’t hurt to increase the size of the Brand Registry team so they can do their work faster.

Previously: Sellers Printing Counterfeit Books and Selling Under Amazon’s Brand, Amazon Selling Fake Apple Chargers and Cables, Amazon’s Chinese Counterfeit Problem Is Getting Worse.

Update (2018-03-05): See also: 9to5Mac, BuzzFeed.

iOS Uses CFBundleName to Differentiate Apps

Kasuist (via Peter Steinberger):

To keep this service affordable to small businesses, we have a white label application that can be themed to their specifications. So everything is built from a single project.

Recently it got to the point where some customers would have a few of our apps installed.

We started getting tickets from users telling us that an app of ours was only working on WiFi. It took us a while to figure out what was actually going on.


Rather than using an apps unique BundleID to differentiate between applications, Apple is using BundleName instead. You can install any number of apps with the same BundleName on the same device as you like.

This means that should you turn mobile data off for one of these apps, the others will also be affected.

Felix Krause:

I’m gonna use the same CFBundleName as Safari, always have mobile data access

Ignacio Enriquez G:

Same problem with TouchID, install app 1 and app2 with same name and touch ID will always fail for app1. I don’t know who had this brilliant idea of using the bundle name instead of the bundle id.

Previously: Apple Narrows Ban on Templated Apps.

Working at Google

Michael Lynch (via Stephanie Hurlburt, Hacker News):

The pipeline didn’t record many metrics. The ones it did have made it look like things had gotten worse. My bug discoveries caused the overall bug count to increase. The pipeline’s failures increased because I made it fail fast on anomalies instead of silently passing along bad data. I drastically reduced the time developers spent repairing those failures, but there were no metrics that tracked developer time.

My other work didn’t look so good on paper either. On several occasions, I put my projects on hold for weeks or even months at a time to help a teammate whose launch was at risk. It was the right decision for the team, but it looked unimpressive in a promo packet. To the promotion committee, my teammate’s project was the big, important work that demanded coordination from multiple developers. If they hornswoggled me into helping them, it’s evidence of their strong leadership qualities. I was just the mindless peon whose work was so irrelevant that it could be pre-empted at a moment’s notice.


I adopted a new strategy. Before starting any task, I asked myself whether it would help my case for promotion. If the answer was no, I didn’t do it.

My quality bar for code dropped from, “Will we be able to maintain this for the next 5 years?” to, “Can this last until I’m promoted?” I didn’t file or fix any bugs unless they risked my project’s launch. I wriggled out of all responsibilities for maintenance work.

See also: The Econ 101 Management Method, Sins of Commissions.

Searching for Paid Apps

Andrew Abernathy:

I hate that when searching on the iOS App Store I can filter out the paid apps, but I can’t filter out the free options. For lots of searches, the free results are crap. Show me the apps that are actually worth some money.

C String Functions in Swift: a malloc’y Story

Helge Heß (tweet):

The pointer you get back points into a buffer, which doesn’t exist anymore. That is why you need to be super careful when accessing C APIs.


Why does this [Objective-C] rarely result in an allocation? In the case above the NSString is an NSConstantString which is already backed by an UTF-8 string, and as mentioned above, a lot of NSString’s are backed by UTF-8.


I was incorrectly assuming that Swift would create the static String in a way that is backed by an UTF-8 buffer, including the terminating 0 (because that byte is negligable). And more importantly, that the compiler would directly pass over the pointer to that cString buffer. […] When using C API with Swift Strings (be it a simple puts or maybe libxml2), be aware that such calls are really expensive (a malloc+free per call).

Thursday, March 1, 2018 [Tweets] [Favorites]



SwiftNIO is a cross-platform asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients.

It’s like Netty, but written for Swift.

Update (2018-03-02): Ben Cohen:

Two strengths of Swift that worked really well for SwiftNIO:

- tight, deterministic memory management

- easy transition between C/Unsafe and higher-level APIs

There are still some places in the code that are a little bit, uh, Java-y. PRs welcome!

Update (2018-03-05): Vapor:

We have branches of Vapor and Fluent 3.0 built on #swiftnio successfully running and passing tests. Integration went very smoothly with few breaking changes. With close to 15k LOC deleted so far, we think this is definitely the right choice going forward and we’re excited!

Twitter Launches Bookmarks for Saving Tweets

Jesar Shah (MacRumors):

To bookmark a Tweet, tap the share icon under the Tweet and select, “Add Tweet to Bookmarks”. To find it later, tap “Bookmarks” from your profile icon menu. You can remove Tweets from your Bookmarks at any time. Also, only you can see what you’ve bookmarked.

Nick Heer:

Unfortunately, there’s nothing in this announcement nor anything in Twitter’s documentation that suggests they’re making this available to third-party developers; I hope they do.

Respecting Privacy at Basecamp

Noah Lorang:

Many companies, especially startups, review every signup manually and reach out to interesting looking customers. I get lots of these emails, and every one leaves me unsettled.

Tons of companies will also use the fact that you signed up as permission to identify you as a customer for marketing purposes. Over the years, I’ve had to ask no fewer than a dozen companies to remove Basecamp from their marketing material.

I find both of these practices to be distasteful.

I don’t think companies should promote you as a customer without asking.

Cellebrite Can Now Unlock Recent iPhones

Thomas Fox-Brewster:

Cellebrite, a Petah Tikva, Israel-based vendor that’s become the U.S. government’s company of choice when it comes to unlocking mobile devices, is this month telling customers its engineers currently have the ability to get around the security of devices running iOS 11 (right up to 11.2.6). That includes the iPhone X, a model that Forbes has learned was successfully raided for data by the Department for Homeland Security back in November 2017, most likely with Cellebrite technology.

Jeff Atwood:

“The story I hear is that Cellebrite hires ex-Apple engineers and moves them to countries where Apple can’t prosecute them under the DMCA or its equivalents”

I’m not sure where this quote comes from, as it’s not in the current version of the article.

Ray [REDACTED] (via Nick Heer):

If you are concerned by this then one thing you can due to mitigate it is to change your iPhone PIN from a six digit number to an alphanumeric passphrase. The cellebrite exploit involves a brute force PIN trick that allows unlimited attempts without wiping.

Previously: iOS 9 Source Code Leak, FBI Asks Apple for Secure Golden Key.

Update (2018-03-05): Thomas Fox-Brewster:

Just a week after Forbes reported on the claim of Israeli U.S. government manufacturer Cellebrite that it could unlock the latest Apple iPhone models, another service has emerged promising much the same. Except this time it comes from an unknown entity, an obscure American startup named Grayshift, which appears to be run by long-time U.S. intelligence agency contractors and an ex-Apple security engineer.

In recent weeks, its marketing materials have been disseminated around private online police and forensics groups, offering a $15,000 iPhone unlock tool named GrayKey, which permits 300 uses. That's for the online mode that requires constant connectivity at the customer end, whilst an offline version costs $30,000. The latter comes with unlimited uses.

The Rise of China As a Digital Totalitarian State

Xiao Qiang:

Zhou’s story is the latest example of how much stricter state control has become across the Chinese Internet, especially social media platforms. In China, censorship and propaganda go hand in hand, backed by the use of physical force, including police visits, arrests and attacks by state media on people who have expressed controversial political opinions online.

Ever since he came to power in 2012, President Xi Jinping has attempted to bolster the authority of the Communist Party in part by imposing wide-ranging policies to gain ideological and informational control over the media and Internet. In 2017, the country’s first cybersecurity law came into effect; it requires Internet companies to allow even more surveillance of their networks, submit to mandated security reviews of their equipment and provide data to government investigators when requested, among other regulations.

The University of Toronto-based Citizen Lab has identified various surveillance mechanisms used to monitor social media platforms such as WeChat, which can leave people with the sense that they have a surveillance weapon in their pockets. What’s more, these mechanisms remain in effect when individuals leave the country, as do large number of Chinese students who study abroad.

Previously: iCloud in China and on Google’s Cloud.