Archive for April 9, 2018

Monday, April 9, 2018

If iPads Were Meant for Kids

Dave DeLong (Hacker News):

If iPads were meant for kids, then there would be a way for apps to know what the allowed content ratings are. An app should be able to know that I’ve only allowed G and PG media on the device. The Youtube app wouldn’t need its own rating system, and youtube.com would have some WebKit api to call to know to only allow kid-appropriate videos.

[…]

If iPads were meant for kids, then there would be a way to disable iMessage and FaceTime entirely except for a couple of allowed addresses. They can text daddy, mommy, grandma, and maybe some of their favorite aunts/uncles/cousins.

If iPads were meant for kids, then I, as a parent, would be able to set a parent passcode on a device in order to unlock it, even when the kids have forgotten their passcodes for the 17th time, so I don’t have to spend another hour or two getting the device in to DFU mode, re-installing the OS, and then re-downloading all of the apps they had that have now lost all of their local-stored data.

Previously: iPad Erased By Too Many Failed Passcode Entries.

Update (2018-04-10): Khoi Vinh:

The company’s challenge here is nontrivial in that they will need to prioritize among several different kinds of highly valuable users in the short term—but ultimately success may lie in building deep experiences for all of them. It’s actually pretty exciting to think about; good iPad software—apps that strike that special balance between ease of use, portability and raw power—is for me the true sweet spot for what computing can be.

Update (2018-04-11): Federico Viticci:

I don’t have kids, but I’ve long heard from MacStories readers that this kind of model – a ’Family’ app on the Home screen with lots of stats and easy-to-access controls for parents – would be fantastic to have on iOS. Given Apple’s commitment to families, I’m surprised iOS’ parental controls seem so lackluster when compared to what Nintendo has done with a game console.

Update (2018-04-12): See also: TidBITS Talk.

The Dots Do Matter

Jim Fisher:

I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account. Here I show that this is a new kind of phishing scam which is enabled by an obscure feature of Gmail called “the dots don’t matter”. I then argue that the dots do matter, and that this Gmail feature is in fact a misfeature. Finally I’ll suggest some ways the Gmail team can combat such scams in future.

[…]

I finally realized that this email is to james.hfisher@gmail.com. I normally use jameshfisher@gmail.com, with no dots. You might think this email should have bounced, but instead it reached my inbox, because “dots don’t matter in Gmail addresses”:

Bruce Schneier:

James Fisher, who wrote the post, argues that it’s Google’s fault. Ignoring dots might give people an enormous number of different email addresses, but it’s not a feature that people actually want. And as long as other sites don’t follow Google’s lead, these sorts of problems are possible.

I think the problem is more subtle. It’s an example of two systems without a security vulnerability coming together to create a security vulnerability. As we connect more systems directly to each other, we’re going to see a lot more of these. And like this Google/Netflix interaction, it’s going to be hard to figure out who to blame and who -- if anyone -- has the responsibility of fixing it.

I see this as a Netflix bug. Shouldn’t they have verified that the account owner actually has access to the entered e-mail address?

Stay Away From Advanced Mac Cleaner

Lloyd Chambers:

Shown below, once tricked into installing Advanced Mac Cleaner (which does nothing useful as far as I can tell), you’ll be harassed many times daily to pay up. This is done via a LaunchAgent whose purpose is to harass you until you pay up.

Indeed, the mode of installation is to trick and annoy users into installing it by scare tactics (“your mac has 383 serious problems, click here to fix it up real nice”, or similar fear tactics).

[…]

But here is the real shocker (well, maybe not): Google promotes Advanced Mac Cleaner, and Apple allows it into the iTunes store! Shame on both companies.

As far as I can tell, the product in the Google ad and the Mac App Store is actually a different app called Dr. Cleaner. However, its reviews do not look encouraging, and its claims about optimizing memory sound suspicious.

CleanMyMac is a non-scammy app in this genre, but even there I think you need to be careful. The premise is that the app helps you delete files that you don’t understand, but then how can you be sure the app knows what it’s doing? In practice, I’ve seen lots of breakage caused by using these apps.

Previously: MacKeeper.

Update (2018-05-03): Dave Nanian:

If you’re using CleanMyMac, please note that it disables our scheduled copies when it runs. You should set it to not delete the “com.shirtpocket…” Launch Daemons.

Update (2018-05-04): Roustem Karimov:

I remember when CleanMyMac used to delete 1Password folders along with all user data in them. Not sure if it still does it

“FIXME” Doesn’t Always Mean “Fix Me”

Jordan Rose (tweet):

And you might be wondering if anyone is tracking all of these things that supposedly need fixing. Is there a JIRA for each one? No, doesn’t seem to be…

The answer is that “FIXME” doesn’t really mean “this code needs fixing”, at least not in Swift and LLVM. It means “this code isn’t as good as it should be”.

  • Maybe it’s using a slow algorithm, like a linear search through thousands of elements instead of a hashtable or binary search.
  • Maybe it doesn’t handle some inputs that are unusual but not impossible.
  • Maybe the code’s behavior is fine, but it’s really hard to understand and could benefit from some refactoring.

This is how I use it as well. A “FIXME” in the code is more like a note about known limitations or ideas for future improvement. Something that actually needs to be fixed soon goes into the bug tracker.

Native Apps in China

Luming Yin:

In America, mainstream native desktop (macOS or Windows) are in decline, and developers increasingly opt for building web apps or Electron apps. However, web apps vs. native desktop apps is a completely different story in companies such as China.

Music streaming: In the U.S., apart from AM/iTunes, no major music app is native. Spotify is Electron, Tidal is Electron, Amazon Prime and YT Music are web only. In China, all 4 major providers (QQ, Netease, Kugou, Kuwo) have native Mac apps, and they're all surprisingly good.

Social apps: Facebook Messenger has no Mac app, but both WeChat and QQ do. Slack is Electron-based, but WeChat Work is native, even supporting screen broadcasting. Twitter pulled its Mac app, but Weibo continues its support. So, native app for every mainstream Chinese platform.

Jim Reekes Discusses Apple Sound History

Jeniece Pettitt:

Apple users may notice that their computers and phones are filled with well-designed sounds that effortlessly blend into the experience — from the gentle keyboard clicks to the pings that alert you when something is wrong.

But what they may not know, is that three of the most famous Apple sounds — the boot up chord, the camera click and the “Sosumi” beep, all were created by one man, mostly from his San Jose living room.

His name is Jim Reekes. He started working at Apple in the late 1980s as a sound designer.

Via Mitchel Broussard:

Reekes also looked back on the Mac’s original startup tone, which annoyed him “immensely” because the Mac crashed so many times that it was easy to equate the tone with a frustrating situation. Although he didn’t have permission to change it, he recorded a new c-major chord in his living room and used The Beatles song “A Day in the Life” as inspiration.

Eventually, Reekes managed to sneak the sound into the original Macintosh Quadra computer.

Apple:

Mac computers introduced before late 2016 make a chime sound when they start up. Mac computers introduced after late 2016 don’t have a startup chime, with the exception of MacBook Air (13-inch, 2017).

Update (2018-04-09): There’s also a video interview (via nubero).