Archive for November 21, 2018

Wednesday, November 21, 2018

Black Friday 2018

My apps are on sale for Black Friday and Cyber Monday, and here are some other good deals that I found:

See also: Vector, MacRumors, 9To5Mac, iMore, Thrifter, TechRadar, MDM Deals, The Wirecutter, Marius Landwehr, Lisa Dziuba (via Dave Verwer), Jason Kottke.

Modern Localization With Xcode

Eric Blair:

What makes XLIFF support so interesting to me as a developer is how the files are generated. While Xcode will happily process your base language’s .strings file, it can also directly scan your project for NSLocalizedString calls and generate the XLIFF files straight from code. Once you cross that bridge, you no longer have to worry about things like mismatched string identifiers or tediously updating your .strings files because your latest updated added 12 strings and edited 3 more across 7 different languages. Since XLIFF is a variant of XML, you can also use your favorite XML processing techniques to automate any changes to the file. For instance, I will sometimes tag dummy strings with a known comment and use a XSL transformations to remove them before sending them off to my translators.

That’s not to say the XLIFF workflow was painless from the get-go. In fact, the XLIFF round-trip process didn’t gain support for stringsdict files until Xcode 9. Furthermore, that stringsdict support was initially limited to the language pluralization rules. It’s only as of Xcode 10.1 that the export and import workflow gained support for round-tripping variable-width strings. Previous version of Xcode not only ignored variable-width strings when exporting, they also failed to honor the width variants on import and would overwrite any existing width translations.

With the addition of improved variable-width string support, the stringsdict support in the XLIFF workflow now feels complete. The generation process is aware of the language-specific pluralization rules and the exported files includes the appropriate translation requests instead of just mirroring the items in your development language’s stringsdict file… and yes, you do need to provide a stringsdict file in your base language. Unlike .strings’s 1:1 relationship between the identifier and the display string, the NSLocalizedString() call site doesn’t contain enough information to synthesize a stringsdict entry.

I’ve long liked generating keys for NSLocalizedString() calls in code. Blair mentions two tools that go the other way and generate code from the strings files.

Previously: How to Use Adaptive Width Strings for Localization.

Secure Boot in the Era of the T2

Mikhail Davidov:

Enabled by the T2 chipset, new generations of the Macbook Pro and the iMac Pro aim to mitigate many software and hardware-based attacks against the very first pieces of code executed during the initial boot process. By ditching the flash memory chip containing Unified Extensible Firmware Interface (UEFI) firmware and using chipset functionality typically reserved for server architectures, the T2 is able to dynamically provide and validate UEFI payload contents at runtime.

We have spent considerable time looking at the T2 and have written a paper that outlines the technical details of what actually happens when the power button is pressed. The T2 is a great first step in the right direction, but there is still room for improvement when it comes to the secure boot process on an Apple T2-enabled device.

The full report is here.

Paul Haddad:

If you clone your OS disk from another machine your user won’t have a Secure Token, which means no FileVault. Also, there’s no way to add a Token to a user if no user has one.

Howard Oakley:

On many Macs with T2 chips, entering Recovery mode is much slower. Unless you’re using the built-in keyboard of a laptop model, you’ll almost certainly have to connect your wireless keyboard to your Mac using its charging lead, so that it is available via USB rather than Bluetooth. Then you’ll probably be holding Command-R forever before your Mac finally displays the standard options for Recovery.

The newest option, the T2-specific Startup Security Utility, isn’t shown in those options, but is opened from the menubar.


This may seem strange, but it doesn’t seem possible to get a Mac with a T2 chip to start up from an unencrypted internal drive: that disk will always be encrypted, no matter whether you turn FileVault ‘off’ or on. The difference it makes is that if you opt for FileVault to be ‘off’, the encryption will unlock using only its internal hardware UID (kept in the T2’s Secure Enclave), and won’t use your password in addition.

Previously: MacBook’s T2 Will Prevent Eavesdropping on Your Microphone.

Update (2018-11-27): See also: Hacker News.

“Hacked Account” Blackmail Spam on the Rise

Adam Engst:

What has caused concern for lots of people is that the blackmail spam “proves” that it’s legitimate by showing you a password that you’ve used in the past. (This is often the case, but not universally so. Most copies of this spam that I’ve received include passwords I never used.) Hopefully, the revealed password is not one that you’re still using, since it was extracted from one of the many large password breaches that have occurred over the last decade. To see which breaches might include one of your passwords, check your address at Have I Been Pwned.


To make this painfully clear, everything in the message other than your email address and breached password is fabricated. Your computer has not been hacked, there is no malware spying on your browsing, no pictures of you have been uploaded to a remote server, and so on. You have nothing to worry about, and you should feel free to mark the message as spam and get on with your life.

Previously: Yahoo Says Hackers Stole Data on 500 Million Users in 2014, eBay Security Breach, LinkedIn Password Breach.

Amazement at iOS Cursor Movement Shortcut Says a Lot About Discoverability

Dan Moren:

It is a handy tip, for sure, but not one that I, or probably most people who read this site, would consider particularly obscure. But there’s a confluence of reasons why this is making waves at this particular moment, and I thought it might be interesting to break down why as well as what it might mean for Apple and iOS.


So, complicating the discoverability of this feature is that Apple has three separate mechanics for the same cursor movement feature on 3D Touch iPhones, non-3D Touch iPhones, and iPads. That is a little bit bananas, and has led to confusion and more than a few inane arguments on social media.

But at the root of this issue is that this feature is not necessarily well known, not because it hasn’t been written about or discussed, but because it’s not discoverable—which is to say, if you were not aware that such a feature existed, how would you ever know to go looking for it in the first place?

Even less discoverable is the shortcut to extend the selection. Without 3D Touch, you tap the keyboard with another finger while holding down the first finger that initiated cursor mode, then swipe with the first finger. I’ve read about this many times and still forget how it works. I always think I’m supposed to swipe both fingers on the screen, perhaps because I remember the older two-finger iPad shortcut.

Previously: Six iPad Gestures You Should Know.