Archive for February 2019

Thursday, February 28, 2019

Spectre Camera 1.0

Sebastiaan de With (MacRumors):

Spectre is a computational shutter for iPhone that allows everyone to take brilliant long exposures.


By default, Spectre uses AI to analyze the scene and automatically pick the appropriate mode. If you’re shooting a beach scene, it will blend shots for great smooth water. A lively cityscape triggers light trails blending.


Long exposures typically requires setting up a tripod and meticulously stabilizing your camera: but don’t fret, Spectre requires no extra equipment. Spectre’s AI stabilizes your shot for you, allowing up to 9-second long handheld long exposures.

Previously: Halide: One Year Later.

Update (2019-03-05): Nick Heer:

The thing I like most about this app is how easy it makes long exposure photography. It has never been particularly difficult — I think it’s one of the first things people try their hand at when they discover how to change their camera’s shutter speed — but Spectre makes it far simpler. You can even do long exposures in bright daylight without mucking around with shutter speed and ISO.

This is one of those apps that, I think, is worth having around even if you use it rarely.

Ryan Jones:

Spectre is still cruuuuuising at #1 Paid App. I did not expect that, it’s very niche. Due to design?

Based on the little I know and correct me if I wrong but #1 Paid is ~$20k/day?

= $100k over 5 days

Update (2019-03-06): Ryan Jones:

Spectre went from $1.99 → $2.99 and probably ~doubled their revenue.

Went from Top Grossing #1,000 to #500. That kinda stings, should have been $2.99 all along probably.

Previously: Raising Prices Lifted App Revenue.

Update (2019-04-02): Ben Sandofsky:

People use Halide for manual control, but once the shutter switches from hardware to software, you lose that control. For example, RAW no longer works. (We’ll go into this and other issues in part 3 of this series).

Even if users would make those concessions, dialing in the right settings requires a lot of trial and error. We’d need a new mode with extra buttons and dials. We were on a path that would compromise Halide’s streamlined experience. There’s a fine line between generosity and bloat.

This got us thinking, “What if we build another app?”

Update (2019-04-12): Sebastiaan de With:

I love this aspect of long exposures on cameras, so I really wanted maintain the delight of selecting an exposure time and the corresponding satisfaction of the tactile camera controls. Having an unlimited or huge amount of exposure times would add incredible complexity to the app, though.

In early tests, we simply limited it to three options. We even named them Short, Medium, and Long (S, M, L) — but eventually decided to maintain the camera metaphor by showing the actual exposure times of 3, 5 and 9 seconds.


Unfortunately, making you choose between modes greatly complicates the experience. Most people — including me, a ‘serious’ photographer — would be happier if the camera simply did the right thing and made the choice for them. Until very recently, that notion was a laughable fiction.

Enter Machine Learning. We trained a neural network to recognize situations that generate beautiful light trails, such as such as fireworks, light painting and city streets — just to see how feasible it would be as a method to greatly simplify the user experience.

EFF Calls on Apple to Let Users Encrypt iCloud Backups

Electronic Frontier Foundation (via MacRumors):

Today we are announcing Fix It Already, a new way to show companies we’re serious about the big security and privacy issues they need to fix. We are demanding fixes for different issues from nine tech companies and platforms, targeting social media companies, operating systems, and enterprise platforms on issues ranging from encryption design to retention policies.

Electronic Frontier Foundation:

Data on your Apple device is encrypted so that no one but you can access it, and that’s great for user privacy. But when data is backed up to iCloud, it’s encrypted so that Apple, and not just the user, can access it. That makes those backups vulnerable to government requests, third-party hacking, and disclosure by Apple employees. Apple should let users protect themselves and choose truly encrypted iCloud backups.


Safari’s Unified Address/Search Bar

Steve Troughton-Smith:

Safari’s unified address/search bar still infuriates me, years later. So many times a day I get incorrect autocompletes because it performs the wrong function, and not just once, but two or three times as I go to correct it. Hate this interaction so much

Eli Block:

Then you try to copy the URL and get the last search text you used 😂

James Thomson:

By default, I always type a space after something I want to search for, to stop Safari trying to guess what I actually want to do...

Gabe Salkin:

Worse yet is when it arbitrarily decides to parse a complete URL as a search query!


wait, so its not just me? I end up prefixing with a . or g because it either jumps my search term to a Siri suggestions website or decides the search term is a malformed web address and throws an error

We Need Chrome No More

Reda Lemeden:

Within two years, Chrome accounted for 15% of all Web traffic on desktop—for comparison, it took Firefox 6 years to get there. Google managed to deliver a fast, thoughtfully designed browser that was an instant hit among users and Web developers alike. Their product innovation and engineering prowess was a breath of fresh air, and their commitment to open-source was the cherry on top. Over the years, Google‘s adoption of Web standards continued to set the example.


The dominance of Chrome has a major detrimental effect on the Web as an open platform: developers are increasingly shunning other browsers in their testing and bug-fixing routines. If it works as intended on Chrome, it’s ready to ship. This in turn results in more users flocking to the browser as their favorite Web sites and apps no longer work elsewhere, making developers less likely to spend time testing on other browsers. A vicious cycle that, if not broken, will result in most other browsers disappearing in the oblivion of irrelevance. And that’s exactly how you suffocate the open Web.

Previously: Microsoft EdgeHTML Replaced by Chromium.

Wednesday, February 27, 2019

Run Your Own Omni Sync Server With Docker

Bytemark (via Ken Case):

If you organize your life with OmniFocus or OmniOutliner (or anything else from The Omni Group), you can take control of your data by syncing to your own WebDAV server.

Docker makes it easy and we’ll be done in about 5 minutes! You’ll have Traefik (a reverse proxy) sorting out SSL certificates for you, and Watchtower running every night to update your containers.


Confusing USB 3.2 Branding

Juli Clover (via Marco Arment):

Going forward, USB 3.1 Gen 1 (transfer speeds up to 5Gb/s), which used to be USB 3.0 prior to a separate rebranding, will be called USB 3.2 Gen 1, while USB 3.1 Gen 2 (transfer speeds up to 10Gb/s) will now be known as USB 3.2 Gen 2.

What used to be considered USB 3.2 will now be USB 3.2 Gen 2x2 because if offers twice the throughput speeds of USB 3.1 Gen 2, now USB 3.2 Gen 2. If that sounds confusing to you, you’re not alone.

Peter Bright (Hacker News):

What this branding meant is that many manufacturers say that a device supports “USB 3.1" even if it’s only a “USB 3.1 Gen 1" device running at 5Gb/s. Meanwhile, other manufacturers do the sensible thing: they use “USB 3.0" to denote 5Gb/s devices and reserve “USB 3.1" for 10Gb/s parts.


The good part of all this is that USB 3.2 could mean 5, 10, or 20Gbps. You can bet that there will be manufacturers who are going to exploit that confusion wherever and whenever they can.



Jeff Nadeau:

Hi, please preflight URLs with UIApplicationOpenURLOptionUniversalLinksOnly before jamming them in a SFSafariViewController, thanks in advance


As per apple docs “When you include this key in the options dictionary of the openURL:options:completionHandler: method, the method opens the URL only if the URL is a valid universal link and there is an installed app capable of opening that URL”

Robin Kunde shows how to do it in code.

See also: Allowing Apps and Websites to Link to Your Content.

As a user, I find Universal Links confusing because I don’t always know what’s going to happen when I tap a link, and I can’t seem override it to do what I want in a given situation.

BBEdit 12.6 to Return to the Mac App Store

Bare Bones Software (tweet, MacRumors):

BBEdit is now a sandboxed application.


Without unrestricted access to your files and folders, many of BBEdit’s most useful features, from the basic to the most powerful, won’t work at all; or they may misbehave in unexpected ways. At the very least, this hinders your ability to work done.

In order to resolve this fundamental conflict between security and usability, we have devised a solution in which BBEdit requests that you permit it the same sort of access to your files and folders that would be available to a non-sandboxed version.

For this reason, the first time you start BBEdit, it will prompt you to allow this access. The prompt will not be repeated; so if you decline to allow this access and later reconsider, go to the Application preferences, and click on the “Allow” button in the “Sandbox Access” section.

It saves a security-scoped bookmark that allows access to every volume on your Mac.

BBEdit being able to return to the Mac App Store is great news for customers (modulo bugs) and for Bare Bones, but I’m not sure what it means for the store in general. Although there has finally been some progress, this feels like Apple giving up. They can’t or don’t want to really fix the sandbox to work well with pro apps, but they do want them to be in the store, so they’ll just let them ask for blanket permissions. BBEdit gets to be in the store, and Apple gets to say that everything (except Xcode) is sandboxed, even though it’s kind of security theater.

This doesn’t bother me with respect to BBEdit. I’ve been running it unsandboxed for almost 25 years, so I trust the app, and this is not a decrease in security.

But what about other apps? Is any app now allowed to request persistent access to the entire file system? Technically, this has been possible since OS X 10.7, but few if any apps did it. I think everyone assumed it would lead to rejection. Has the policy changed? Or does App Review decide this on a case-by-case basis? How intrusive do the folder access prompts have to be before you can just get access to everything at once?

I don’t think users really understand that this is what clicking the button in an open panel is doing. And there’s no way to see which applications are maintaining access to which folders. It’s just not very clear what’s going on. Apple is kind of shifting the blame if anything bad happens. It can’t be their fault because the user “consented.”

More security-related changes:

When running on macOS 10.14.1 or later, BBEdit now uses built-in OS support for performing operations which require privilege escalation, namely authenticated saves and (if escalation is necessary) installation of the command-line tools.


AppleScripts are now run in a separate process, which means that any previous differences in scripting behavior as the result of running a script within BBEdit or from the Script Editor should be a thing of the past.


If BBEdit can’t send save or close notifications because you previously denied it permission to send Apple Events to the application which needs them (usually a file transfer client from which you used “Edit in BBEdit”), you’ll now get an alert to this effect; the help button in the alert takes you to a page which explains how to fix things.

My understanding is that “Edit in BBEdit” can no longer work with arbitrary apps, only those that have been pre-listed in BBEdit’s entitlement. Those are the only apps that it can send Apple events to. It’s kind of a drag. I once added “Edit in BBEdit” support to an app and didn’t need to get permission from anyone. (The app was Apple Mail, and said support has long since been broken by Mail’s sandboxing blocking Apple events.)

At first, I thought, I guess this does need to be clamped down. BBEdit has extensive AppleScript support, so if you give it full file access, then any FTP client or blog editor would also be able to get full access, just by asking BBEdit to do its bidding. But BBEdit’s sandboxing and entitlement aren’t actually protecting against that because any app can send events to BBEdit. That hasn’t changed. The real issue is that any sandboxed app that lists BBEdit in its can get full access. (I think; I haven’t tested this.) It’s obvious why you might not want to allow an app to script Finder or Terminal, but less so for a text editor. Is this an actual problem? I don’t know. These days I see a lot of people talking about theoretical Mac malware but not about problems it’s causing in the wild. And it’s no less secure than before, just more surpising because this can happen with two sandboxed apps from the store.


Update (2019-03-07): Tom Bridge:

Rich Siegel of Bare Bones software joins the pod this week to talk about BBEdit, TextWrangler’s departure, and life in the App Store World.

Update (2019-03-21): Bare Bones Software:

Non-App Store builds of BBEdit will no longer prompt for sandbox access at startup. However, it is still possible that sandbox access is required in order for certain behaviors to work correctly.

In particular, the OS will unilaterally decide to “quarantine” certain files when you ask BBEdit to open them from the command line; and there are likely to be other misbehaviors caused by assumptions that the OS makes when running a sandboxed application.

Tuesday, February 26, 2019

When to Adopt Swift

Marco Arment:

Add up all of the time you’ve spent learning Swift from scratch, accommodating its strictness, fighting its buggy tools, migrating your code through language changes, and re-learning APIs and conventions as they’ve changed over the last 5 years.

I’ve spent zero time doing that.

I’ll jump in when it’s so old, boring, and slow-moving that nobody bothers to tell people to move to Swift because they’re all busy geeking out and fussing over a newer language.


I know the basics. I’ve written a few thousand lines of Swift, including an entire simple app. I just choose not to write it the vast majority of the time.

I think migration is no longer much of an issue. The tooling is still buggy but getting much better. However, there is absolutely a time cost, and you have to think about what you’re trying to do. Is it worth switching if you’re going to write Objective-C-style code in Swift? One could argue that’s the worst of both worlds. Learning to really take advantage of Swift is rewarding but takes time. And you’re limited in how Swifty you can be if you have an existing Objective-C codebase. For a new app or a major rewrite, I think most developers should bite the bullet. In other situations, it’s less clear. We don’t know yet whether Apple is going to redesign its APIs for Swift, although Mojave’s Network framework is an interesting example of functionality that’s available in both languages but second-class in Objective-C.

Craig Hockenberry:

Another thing I’ve noticed: type safety slows down the prototyping stage where you just want it to work, not be perfect. Quick and dirty leads to great experiences.

(I’ve switched back to Obj-C, too.)

I think it really depends on the type of code. In some cases, particularly at the model and with algorithms, I feel like I’m going much faster with Swift. There’s less boilerplate, the standard library offers a lot that Foundation doesn’t, and the strong typing helps with both thinking and refactoring. But other times, particularly when interacting a lot with Cocoa, it can feel like it gets in the way. There are impedance mismatches and blind alleys. Some of this can be smoothed over with more code.

Ken Kocienda:

💯. I think the most underrated productivity metric in programming is the time it takes to make one iteration. I work hard to keep this cycle time short and cheap. More iterations produces better results.

Craig Hockenberry:

I had high hopes that playgrounds would speed up iteration. That’s been a bust: either inexplicable errors or slower than just compiling some test code.

Unfortunately, this has been my experience as well.

Ken Kocienda:

Learning Swift didn’t teach me anything new about how to think about my programs. It didn’t expand my mind. What’s more, its type safety hinders some of the ad-hoc flexibility that helps when writing the kinds of UI programs I typically write.

Over other languages, Swift doesn’t help me with what’s actually hard about writing code: thinking through exactly what I want to happen. Once I know that, writing the code is mostly a matter of idioms, conventions, tooling, and richness and availability of good libraries.

I didn’t find Swift mind expanding in a theoretical sense, as it mostly brings together ideas that had already appeared in other languages. But it absolutely is in a practical sense because it makes these tools available for real-world code, written in a platform-blessed language. It also refines them in ways that make them more approachable.

Jeff Johnson:

It feels like a cult. Swifters can’t leave well enough alone. They’re morally repulsed if you’re not using Swift, and they have to knock on your door and convert you to the faith.

Rory Prior:

Marco’s reasons are perfectly valid for him, but they really only apply to indie developers or people who get to make the call about the language used for projects, being a Swift refusenik is career suicide otherwise.

Colin Cornaby:

Still confused by the amount of fuss over Marco’s tweet about Swift. No one is cancelling Swift just because Marco isn’t using it. Him holding off on adopting Swift doesn’t threaten anyone else. He’s just doing what he thinks is most responsible for his product.



“Swift is super easy to learn way easier than Obj-C so easy kids are learning it on their iPads”

“But if you don’t learn it now you’re going to be forever behind and never useful as a developer again”

It’s relatively easy to learn the basics, but it takes a long time to master. In a sense, everyone is always behind those who started learning any language before them. But learning is not linear, and also there are any number of other things to learn besides a particular language. No one is ahead at everything. The question is what it’s most important for you to learn now.

Brian Webster:


(lldb) expr -l Swift -- import PowerPhotos
(lldb) expr -l Swift -- let $view = unsafeBitCast(0x600003b132c0, PowerPhotos.IPPhotoSelectionView.self)
(lldb) expr -l Swift -- print($view.description)


(Lldb) po [0x600003b132c0 description]

Dave DeLong:

Add this to your ~/.lldbinit:

command regex objc 's/^(.+)$/expr -O -l objc++ -- %1/'

Now you can do:

(lldb) objc [0x600003b132c0 description]

Dave Lee:

Another option is overloading po to provide custom behavior for memory addresses:

command regex po
s/(0x[[:xdigit:]]+)$/expr -lobjc -O -- %1/
s/(.+)/expr -O -- %1/

This makes po’ing 0x76543210 treat it as objc. Any other expression gets default po behavior.

Previously: On My Misalignment With Apple’s Love Affair With Swift.

Update (2019-02-27): Vadim Shpakovski:

Open-source libraries written in Obj-C are slowly dying. They’re not maintained or authors rewrite them in Swift. This trend is probably unstoppable. And if your code uses third-party components, you literally have no choice.

App Store Subscription Notifications and Promotional Offers

Apple (via Ryan Jones):

When written thoughtfully, notifications can help users want to keep their subscriptions. To create a positive experience that subscribers engage with, make sure your notifications serve a clear purpose and deliver meaningful information. For example, when you update your app, consider letting subscribers know about new content that they may be interested in. Or, you might send encouraging notifications that remind subscribers to perform a task in your app that they have committed to doing. Notifications should not be used as a reason to launch the app or for advertising, promotional, or direct marketing purposes.


Apps with auto-renewable subscriptions will soon be able to offer a discounted price for a specific duration for existing or previously subscribed customers. These offers provide the flexibility to create unique promotions to grow and retain your customer base. They can help win back subscribers who have canceled their subscriptions or promote an upgrade to another subscription at a special price. Once the promotional period ends, the subscription auto-renews at the standard price.


Update (2019-02-27): Samuel Axon:

In the past few days, Apple has informed developers that they will now be able to target current and recent subscribers with promotional rates on subscriptions. That means subscribers will be able to offer discounts to try to get you back if you lapse, or they might try to entice you to stay if you're considering leaving.

Developers could previously offer limited-time subscription discounts but only to new users. The new model is available in recent beta releases known as iOS 12.2, macOS Mojave 10.14.4, and tvOS 12.2, and it is likely to emerge as the final public release for each. Apple will facilitate three different types of offer for developers who want to retain or regain subscribers.

Update (2019-03-28): Apple:

Using receipt validation, you’ll be able to identify subscribers who have turned off auto-renewal so that you can act quickly with the right offer and win them back before the end of their current subscription period. You can also start thinking about win-back and upgrade campaigns that make sense for your business, and what each user journey looks like.

Apple Music for Google Home

Joe Maring:

Google Home/Assistant speakers already have access to a solid selection of integrated music streaming services, including the likes of Spotify, Pandora, YouTube Music, Google Play Music, and Deezer.

Now, it looks like Apple Music will soon be joining the ranks.

Initially spotted by MacRumors and later confirmed by myself and Phil Nickinson, there’s now an option for Apple Music in the Music section of the Google Home app.


Update (2019-02-27): Stephen Darlington:

People outside the US are still waiting for Apple Music on Amazon Echo…

Friday, February 22, 2019

Intelligent Tracking Prevention 2.1

Apple (Hacker News, MacRumors):

As of ITP 2.1, partitioned cookies are no longer supported and third-parties classified with cross-site tracking capabilities now have to use the Storage Access API to get any cookie access.


Cookies can either be set in HTTP responses or through the document.cookie API, the latter sometimes referred to as client-side cookies. With ITP 2.1, all persistent client-side cookies, i.e. persistent cookies created through document.cookie, are capped to a seven day expiry.


WebKit implemented partitioned caches more than five years ago. A partitioned cache means cache entries for third-party resources are double-keyed to their origin and the first-party eTLD+1. This prohibits cross-site trackers from using the cache to track users. Even so, our research has shown that trackers, in order to keep their practices alive under ITP, have resorted to partitioned cache abuse. Therefore, we have developed the verified partitioned cache.

This all sounds good, but in practice ITP seems to get in the way of sites that I do want to remember me. There are some that I visit just once or twice a month (e.g. to pay a bill) that now treat my Mac as a brand new device (requiring extra authentication via security questions or SMS) every single time. As far as I know, there is no way to tell Safari to trust a particular site and always remember its cookies. So it’s either put up with a worse user experience or use a different browser.

Previously: Apple Is Removing “Do Not Track” From Safari.

Apple Closing Stores Because of Patent Trolls

Joe Rossignol:

Apple plans to close both of its retail stores within the Eastern District of Texas in a few months from now in an effort to protect itself from patent trolls, according to five sources familiar with the matter.


The plans are significant, as U.S. law states that patent infringement lawsuits may be filed “where the defendant has committed acts of infringement and has a regular and established place of business.” By closing its stores in Eastern Texas, Apple is ending its established place of business in the district.


The Eastern District of Texas has been a hotbed for patent litigation over the past few decades[…]

Is this a brilliant legal hack? A sign of a system so broken that even a company with Apple’s resources would rather inconvenience customers than try to defend itself? Note that at the country level, Apple has chosen to play ball in legal environments that it doesn’t like, but those have threatened its customers rather than Apple itself.

Update (2019-02-26): See also: Hacker News.

Swift Subclass of NSTextStorage Is Slow Because of Swift Bridging

Darren Mo (via Marcin Krzyzanowski):

Calling -[NSTextStorage attributesAtIndex:effectiveRange:] is nearly 3 times as slow for TextStorageSwiftSubclass compared to NSTextStorage. Time profiling shows that this is caused by the bridging of the Objective-C dictionary return value to Swift. Effectively, this means we cannot use Swift if we want to subclass NSTextStorage.

There are ways to get around bridging overhead at method call sites. I think the issue here is that these techniques can’t be applied because the subclass is being called by the frameworks. Perhaps there’s a way to work around it by implementing certain methods in Objective-C and others in a Swift extension, but interoperability can be messy depending on how much you are taking advantage of Swift’s features.

Jonas Boberg:

Note that this is not just an issue with subclasses, but also delegate methods, such as NSLayoutManagerDelegate shouldUseTemporaryAttributes.


Update (2019-02-26): Paul Goracke:

Fortuitously just watched WWDC18 Session 229 (“Using Collections Effectively”) this morning, which raised this concern (and example using NSAttributedString) starting at 28:16.

Finder Shows Incorrect Folder Sizes

Lloyd Chambers:

Generally if I see a zero byte folder, I just delete it out of habit. That’s a habit I have to unlearn: what if it was just one folder among many and Get Info also shows zero bytes... hard to not want to just trash the thing.

This bug is particularly severe on hard drives (because they are slow) and when there is disk I/O going on. You might wait a looooooooooong time to see any display of the size. Why can’t it just say “calculating...”? Because it eventually seems to get it right (though I’m not sure of that).

I haven’t seen zero-byte folders, but I have seen lots of incorrect folder sizes since updating to macOS 10.14. For example, a folder of photos was showing as about 10 GB instead of 100 GB. All of its child folders had underestimated sizes, too. Yet they added up to more than the size shown for the parent folder. This persisted for days. It happens on my iMac’s built-in Apple SSD, so there shouldn’t be any third-party software or hardware to blame.

Raising Prices Lifted App Revenue

Stuart Hall (via Michael Love):

Then I received an app review suggesting I should bump my price. I’d never really considered it. I haven’t given the app a lot of thought since I launched it. It functioned exactly how I needed and the value felt right to me at $1.99.


The results were pretty interesting. Moving to $4.99 immediately gave a big boost in revenue. The conversion rate only dropped 2%. Which means only 1 in 10 people had an objection in paying 2.5x the price!

$7.99 also gave a good bump on revenue with only a slight drop in conversion rate.


Possibly the most interesting future experiment is subscriptions. Based on the feedback I received users are starting to expect subscriptions.

Update (2019-02-26): Ken Case:

We try not to do this very often, but it's time to update our app prices.

Ejector 1.0

Dave DeLong:

I’m pleased to announce Ejector, an app that gives new purpose to your ⏏️ key. Without a CD drive, this key does nothing; now it shows all your mounted drives and volumes and helps you eject them.

The app has a 7 day trial, and costs $10

I’ve been using LaunchBar to do this, but it’s cool that it can be invoked with the actual Eject key.

Dave DeLong:

Hold down the option/alt key when ejecting to force eject volumes


Apple, please sherlock this: rdar://problem/43736317

It’s not clear to me whether there are technical factors (disk access, private Touch Bar APIs) keeping it out of the Mac App Store, as it’s the sort of utility one would hope to find there. It’s not sandboxed, at present.

Update (2019-02-26): Dave DeLong:

Ejector isn’t sandboxed, it uses private Touch Bar APIs, and technically the eject key detection is undocumented and unsupported. It’d be possible to make it MAS-acceptable, but I think it would degrade the user experience.

Thursday, February 21, 2019

Galaxy Unpacked 2019

John Gruber:

Samsung introduced five new phones today at a big show at the Bill Graham Civic Auditorium in San Francisco (in addition to the gimmicky Galaxy Fold): the S10 (6.1"), S10 Plus (6.4"), S10E (5.8"), and S10 5G (a whopping 6.7") — and the Galaxy Fold.


Samsung is sticking to its guns on a couple of fronts: fingerprints instead of facial recognition, and good old-fashioned headphone jacks on every model. And while they didn’t spend much time showing the system software, it looked to me like their interaction model is still home button-based, rather than gesture-based.


I’m not sure about the S10E, but the bigger S10 models not only support wireless charging for input, but they also can serve as charging pads for other devices, like wireless headphones, a Samsung watch, or even another phone.


Second, Samsung has built Instagram into the system Camera app as its own shooting mode.

Mark Gurman:

In using the new Galaxy phones (briefly), Samsung is beating Apple to triple camera by 7 months, 5G and rear 3D by ~ 1.5 years, and screen design by ~1.5 - 2.5 years. But their software/services feels 1-2 years behind.

Nick Heer:

During the unveiling, Samsung emphasized the Fold’s versatility in being able to transform from an ordinary smartphone into a tablet just by opening it up. But this device — and others like it — are bad phones, and worse tablets. Every shot of the closed phone looks like it’s begging to be unfolded; its display looks narrow, uncomfortable, and cramped. It seems far better in its tablet-like configuration, but it is at best a diet version of a tablet.

Josh Centers:

People aren’t seeing the big picture here: Samsung is proving that a device with a folding screen can be mass produced. Yes, it’s clunky. No, it won’t be a huge product at first. But this is a big step forward.

Nilay Patel:

Are we all just taking it for granted that an actual folding phone exists and will ship next month? It might be a medium-good product, but holy shit this was absolutely the stuff of dreams when I was a kid. There wasn’t even CGI to fake it properly.

Update (2019-02-26): Steve Troughton-Smith:

Apple is the only company with a viable ecosystem of phone apps that can transform into amazing tablet apps at runtime. It’s gonna take a lot of restraint to not ship a foldable iOS device too early, because even a token implementation would have way more compelling sw than these

Matt Birchler:

But all that said, I’m very excited about this tech getting into real products people can actually pay money for and use. These are not concept devices, they’re consumer products that will sell very poorly, but will at least be in the world.

John Gruber:

Way more compelling design [for the Huawei Mate X] than Samsung’s Galaxy Fold. Because it folds outward rather than inward, you don’t need an extra display. It sounds like a better design and it looks like a better design. But at €2,299 (that’s $2,600) it’s clearly not priced to sell in serious quantities, and the crease doesn’t seem to exactly disappear.

Update (2019-03-04): See also: Accidental Tech Podcast and The Talk Show.

Update (2019-04-17): Dieter Bohn:

Look closely at the picture above, and you can see a small bulge right on the crease of my Galaxy Fold review unit. It’s just enough to slightly distort the screen, and I can feel it under my finger. There’s something pressing up against the screen at the hinge, right there in the crease. My best guess is that it’s a piece of debris, something harder than lint for sure. It’s possible that it’s something else, though, like the hinge itself on a defective unit pressing up on the screen.

It’s a distressing thing to discover just two days after receiving my review unit. More distressing is that the bulge eventually pressed sharply enough into the screen to break it. You can see the telltale lines of a broken OLED converging on the spot where the bulge is.

Update (2019-04-18): Walt Mossberg:

This is incredible. Three separate specimens of a $2000 product breaks within days of being sent to three different reviewers - in three different ways. No matter what happens with replacement units, nor what the explanation, why would you have confidence in the product?

Four reviewers! Not three! I love big tech advances, like the idea of a foldable phone. But, ideas and everyday usable products are different things.

See also: Marques Brownlee’s impressions of the Galaxy Fold.

How Apple’s Enterprise App Program Became the New Wild West of Mobile Apps

Nick Statt:

But, as previous reports have found and according to multiple employees of large tech companies who spoke to The Verge, Apple’s enterprise program contains few oversight protections that would prevent developers from abusing their certificates. It’s not just Facebook and Google’s egregious VPN apps or the occasional flagrant TV and movie torrent software, either. A trail of virtual breadcrumbs has since led reporters to unearth thousands of prohibited iOS apps, from gambling and porn software to pirated games and ad-free versions of Spotify. And it now looks as if an entire underground world of secretly sideloaded apps that violate Apple’s terms are available direct to consumers — if you know where to look.

Via Patrick Balestra:

How Apple didn’t yet shut down @TutuApp_vip literally blows my mind. They have 170K followers, a public website that with a single button installs an app signed with an enterprise certificate which includes a marketplace to install other apps? 🤯

Previously: Facebook Pays Teens to Install VPN That Spies on Them.

If Dave Winer Were CEO of the NYT

Dave Winer:

I would start a blog hosting service, with NYT branding, it would be carefully designed so that people knew this was blog space and not editorial space. The Times editorial people do not control what’s said here. These are our sources. Maybe the site would be called

I would offer a blog to every person who was quoted in a NYT story. This would give people an extra reason to work with our reporters. It would also serve as vetting. If their ideas or experiences are valuable enough to be quoted in our news flow, we want to stay in touch, and this is a great way to do that.


News will be made on this system. That's good. After all, that's the business we're in -- news. More news? Make my day. 😄

Inverted XCTestExpectations

Paulo Andrade:

But what about asserting a notification isn’t sent? Waiting for an expectation that’s not fulfilled will always result in an error… So I started browsing the headers of XCTest and I came across isInverted property on XCTestExpectation.

Update (2019-02-26): Heath Borders:

I created an extension with that as an initializer because property-based injection means that you don’t get warnings about unused local variables.

Popular Note-taking Apps Share These Security Flaws


Of course, all apps now use TLS to send network requests to the backend server. However, TLS is not enough if someone wants to read your notes. In my talks, I describe in more details why sometimes and in some countries, we can’t rely on TLS itself.

During my testing, I could easily intercept and change network requests — which allows me to not only read notes content, investigate API, send not-allowed network requests, but also to unlock some app features available after subscription only.


One application, that I tried, encrypted my notes, but at the same time it generated preview image with note content, that was stored as file next to the encrypted note. Totally visible, a picture, in plaintext.


It’s better to separate user password from encryption key: app should generate a long random encryption key, and store it in the Keychain (or iCloud Keychain). Before encryption/decryption app asks user password / Touch ID / Face ID to make sure that user is really a note-owner, unlocks Keychain, reads encryption key and decrypts the note.

Wednesday, February 20, 2019

Apple to Target Combining iPhone, iPad, and Mac Apps by 2021

Mark Gurman (Hacker News, ArsTechnica, MacRumors):

The aim of the multistep initiative, code-named “Marzipan,” is that by 2021, developers will be able to build an app once and have it work on the iPhone, iPad and Mac computers, people familiar with the effort said.


In 2020, Apple plans to expand the kit so iPhone applications can be converted into Mac apps in the same way. Apple engineers have found this challenging because iPhone screens are so much smaller than Mac computer displays.


By 2021, developers will be able to merge iPhone, iPad, and Mac applications into one app or what is known as a “single binary.” This means developers won’t have to submit their work to different Apple App Stores, allowing iOS apps to be downloaded directly from Mac computers -- effectively combining the stores.

Sounds like the toaster fridge that Tim Cook made fun of, only in software rather than hardware.


This is weird. It’s the sort of thing that management dreams of but which companies like Apple should realize is a bad idea. They definitely need to provide tools for making app families work smoothly across each platform, but even more importantly they need to be segmenting their devices more, not less. The latest iPads are a great example of a device that has enormous potential which is being hamstrung by an OS and dev platform that doesn’t really provide a tablet-focused experience.

And then the Mac is losing what should be its primary audience through unwanted innovations and otherwise stagnant hardware, and a failure to recognize the importance of catering to the power users who might want an actual escape key, multiple types of ports, and a keyboard that doesn’t feel like it came off a rejected tablet accessory.

Update (2019-02-21): Steve Troughton-Smith:

The Marzipan strategy seems pretty clear at this point: hybrid AppKit/UIKit apps are not happening. You don’t get to a universal app by having a vastly different codebase and framework dependencies on macOS. You also need to preserve iOS’ sandbox & perhaps even distribution model

Steve Troughton-Smith:

I get the feeling that if Marzipan’s primary purpose was to benefit the *Mac*, it would be taking a very different tack at how it integrates with macOS. Marzipan, as I see it, is going to benefit iPad, Apple, customers & developers, at the expense of what makes a Mac a Mac

Dan Masters:

Who’s switching away from macOS because it doesn’t run the Instagram app or because Messages sucks? I switched away because the deprioritisation was hampering my productivity due to bugs (and unreliable hardware)!

What’s wrong with keeping it as the truck of the lineup?

Apple is taking the consumer needs & expectations of iOS users & forcing them onto macOS users, even though the two shall never meet, resulting in fully satisfying neither user base.

If iPad users are already happily using iOS, as Steve repeatedly says, then why change the Mac?

John Gruber:

In some ways this makes sense — iPad apps are closer in scope to Mac apps. But for iPhone apps that don’t have iPad counterparts, why would developers target the Mac if they haven’t even bothered with iPad yet?


The only upside I can see to this entire endeavor is that some media consumption apps (Netflix, HBO, Hulu) might come to the Mac and be better than what we have now (using their websites, which have no offline access). Anything else I dread.

Jason Terhorst:

It sounds like Apple is willing to sacrifice “what makes a Mac a Mac” for the sake of getting a bunch of new apps for “free”. It’s a focus on quick growth.


In 2025, what’s going to differentiate macOS from iOS? Why come this close to merging them while denying the Mac its own style and personality?

Addison Webb:

This looks a lot like Microsoft’s strategy with Windows. I’m happy Microsoft is trying it because I want people to try new things, and I don’t use Microsoft products. I’ve long argued that the unified app binary is a misguided goal and thought Apple shared that vision.

Patrick Goley:

Totally agree. We can already share business logic between iOS and macOS just fine. Also, the problem of, if you ship a universal ipa with iPad support, you can never drop support and go back to iPhone only. Imagine adding a macOS app into the mix, maintenance nightmare

Benjamin Mayo:

In an attempt to decipher the Chinese whispers here, I think what this actually means is that this year’s Marzipan system will not let you shrink windows into single-column designs. At a technical level, apps running under Marzipan on macOS 10.15 will not transition to compact width size classes.

Update (2019-02-26): See also: The Talk Show and Steven Sinofsky.

Update (2019-03-05): Jean-Louis Gassée:

We have our skeptics, of course, and they have a valid point as they remind us of the vast amount of time, money, and reputation that other companies have wasted on previous WORA (Write Once Run Anywhere) campaigns. But the doubters overlook the advantages of Apple’s carefully tended Walled Garden. Past WORA adventures foundered because the hardware targets suddenly changed their behavior, thus defeating existing code translations.

Update (2019-03-07): Jeff Johnson:

The Mac App Store has put price pressure on Mac apps, but not as bad as in the iOS App Store. Mac app prices are still generally much higher on average than iOS app prices. Marzipan could change that though.

iOS devs want low-effort Mac ports of their apps. But how much are they going to charge for those ports? Surely they won’t charge more $ for a low-effort “half-native” Mac port than for their fully native iOS app. Who would even pay that much for a low-effort port?

It seems unlikely that Marzipan developers would be able or willing to take advantage of higher Mac app prices. Instead, the Mac suddenly gets a flood of low-price, low-effort ports of iOS app. Accelerating the race to the bottom on the Mac.

“We welcome the competition”, some AppKit devs might say. But do you welcome the prices? You can’t make it up in volume on the Mac. The only reason the Mac has been worth developing for all these years is the relatively high app prices.

Update (2019-03-08): Brent Simmons:

I’m thinking in advance about the things I’d like to know about Marzipan.

My questions, in no particular order[…]

Update (2019-04-05): Curtis Herbert:

From the Bloomberg report, and from Craig and Kristen’s own mouths, this is an ambitious multi-year project to get it to where they want it to be. We’re seeing it, and even going to be able to use it, well before it is Classic-Apple “done.” I fully expect this year’s release to be similar to Swift 1.0: enough to start working with and maybe even ship some stuff with, useful to some but by far not all of us, and those using it will encounter tons of rough edges and tons of things subject to change.

Steve Troughton-Smith:

Great post, but games are the least likely app type to benefit from Marzipan. They’re the only native app type on iOS that can just be recompiled for macOS as-is, today, without a Marzipan. All of the underlying frameworks for games in iOS are already unified with macOS

I totally understand that many Mac users are desperate for Marzipan to mean anything other than iOS apps taking over macOS. If Marzipan were prioritizing games, then you wouldn’t have to worry about your Mac-like apps going away, etc. But Apple Arcade is not here to save you

Previously: Apple Arcade.

Update (2019-04-23): Guilherme Rambo:

Developers porting their iOS apps to the Mac will have access to new APIs that allow their UIKit apps to integrate with Mac-specific features such as the Touch Bar and menu bar (including keyboard shortcuts). UIKit apps on the Mac will also be able to open multiple windows.

Split View apps ported from iOS will have the ability to be resized by dragging the divider and its position reset by double clicking the divider, just like native Mac apps.

Enabling Mac support for an existing iOS app is as easy as checking a checkbox in the target settings in Xcode, much as you would to add iPad support to an iPhone-only app.

Benjamin Mayo:

Don’t worry I’m sure Apple’s Marzipan apps will take full advantage of the platform they run on. Just like their iPad apps right?

The Curiously Recursive Inlinable Switch Pattern (CRISP)

Jordan Rose (via tweet):

When inlinable code switches over a non-frozen enum, it has to handle possible future cases (since it will be inlined into a module outside the standard library). You can see this in action with the implementation of round(_:) in FloatingPointTypes.swift.gyb, which takes a FloatingPointRoundingRule. It looks something like this:


Making round(_:) inlinable but still have a default case is an attempt to get the best of both worlds: if the rounding rule is known at compile time, the call will compile down to a single instruction in optimized builds; and if it dynamically turns out to be a new kind of rounding rule added in Swift 25 (e.g. .towardFortyTwo), there’s a fallback function, _roundSlowPath(_:), that can handle it.

It looks like the function is calling itself, but it’s actually calling a future version of itself that is guaranteed not to recurse.

Previously: Swift Proposal: Non-Exhaustive Enums.

Waiting for a New iMac

William Gallagher:

The last update was in June 2017 which is long enough ago that the smart money would’ve bet on at least a speed-bumped iMac being released at October 2018’s Apple event. It didn’t come then and current rumors most strongly suggest that neither it nor any Mac hardware at all is coming with the expected March 25 event.


So while Apple didn’t mind treading on the iMac’s time in the spotlight with a sneak peek of the iMac Pro, it has avoided doing the opposite. Which means that this year, Apple may also avoid sharing that spotlight between a hypothetical new iMac and the guaranteed new Mac Pro.


For instance, not long after the iMac’s last update, Intel announced eighth-generation Core i7, i5 processors which were pitched as being for Apple portables but versions of them ended up in the 2018 Mac mini.


Implementing NetNewsWire Search

Brent Simmons:

When a search starts, swap in a separate timeline and detail view, do the search, and then show the results in these swapped-in views. When the user ends searching, swap those views out, and swap back in the regular timeline and detail views.


If you look at other apps — Mail, for example — it appears they use solution #1, and state restoration is not always instant. I want it to be instant.


In the case of the search feature, I spent more time just thinking about how I want to do the UI than on the actual search-in-the-database implementation. And then there’s the UI work itself, which absolutely dwarfs the database work.

Tuesday, February 19, 2019

Lessons From 6 Software Rewrite Stories

Herb Caudill (via David Heinemeier Hansson):

Netscape’s disastrous 5.0/6.0 rewrite is the original poster child for “never rewrite”, thanks to Joel. […] Mozilla, the open-source community that Netscape had created, would go on to release the Firefox browser in 2004 — after yet another ground-up rewrite. Firefox did manage to gain back some market share from Microsoft.


They rewrote Basecamp from scratch and it turned out great. It took around a year, and new signups doubled immediately following the release of Basecamp 2. […] So they presented Basecamp 2 as a completely new product, with no guarantees that it would be backwards compatible with Basecamp Classic. […] That brings us to the second interesting thing they did, which was that they didn’t sunset their existing product.


Visual Studio is a heavyweight product in every sense: It can take upwards of half an hour to install. It has to support a wide variety of complex use cases relied on by enterprise customers. So it wouldn’t have made sense to use Visual Studio itself as a starting point, for Microsoft to try to appeal to other platforms by adding features. And presumably the idea of making Mac or Linux versions of Visual Studio was a non-starter. So Microsoft started from scratch with no guarantees of backwards compatibility.


Inbox gave the Gmail team a way to experiment with features without disrupting workflows for the vast majority of users who didn’t choose to switch over. By committing to having both versions use the same back end, though, Gmail put hard limits on their own ability to innovate.


One response, of course, would have been to do as Basecamp did: Take everything Fog Creek had learned about bug tracking, and reinvent FogBugz, starting from a clean slate. Presumably this was a nonstarter, you know, because of all the “things you should never do” and “worst strategic mistake” stuff. […] In the meantime, FogBugz languished in obscurity.


Shortly afterwards they lifted the veil of secrecy: They let BillSpring customers know that the product was now FreshBooks, and let existing FreshBooks customers know that a new version would soon be available. Little by little, “FreshBooks Classic” customers were invited to try the new upgrade — but they didn’t have to, and they could always migrate back to the more familiar version if they wanted.


Update (2019-02-20): FogBugz:

As the new owner, we are rewriting Fogbugz on a modern cloud stack. We expect to ship in Q2. (and LOC to drop from 1.6m to 5,000).

That seems like far too few, unless they are removing a lot of functionality.

See also: Hacker News.

Update (2019-02-21): FogBugz:

We have seen the tweets of disbelief in the 5k LOC for the “new cloud stack Fogbugz”. We are documenting our journey and will publish how we leveraged cloud services to replace so much code in the rewrite.

T2 Macs Have a Serious Audio Glitching Bug

Peter Kirn (via Hacker News):

The problem is, it appears that this new chip has introduced glitches on a wide variety of external audio hardware from across the pro audio industry, thanks to a bug in Apple’s software. Issues with the way the new chip synchronizes timing causes dropouts and glitches in the audio stream. (It seems basically all USB 2.0 audio interfaces will be impacted. This of course unfortunately leads users to blame their interface manufacturer, but the fault lies with Apple.)

Switching off “Set date and time automatically” in System Preferences will reduce, but not resolve the issue.


To clarify: all T2-based Macs, that is all Mac models from the 2018 generation, are evidently unusable with USB 2.0 audio interfaces, irrespective of vendor. Audio interfaces using FireWire or Thunderbolt are reportedly unaffected by this particular bug, but USB 2.0 is for the moment the most popular bus for audio devices, so nearly all owners of the new machines are encountering the issue.

Update (2019-02-20): See also: Stephen Hackett and Jason Snell.

Marco Arment:

I haven’t, but I’ve heard about it from enough people that it’s probably a significant issue.


I’m curious to know whether dropouts were occurring on older models when bandwidth heavy devices were in use - were the internal cameras on older macs connected over USB? Is that something anyone you know can try?


The problem is that USB was never a “real time” bus - usually, traffic on it can be kept to a minimum when you only have the built-in keyboard / mouse being the only consumers, and so the audio chips would get their way the vast majority of the time…

Stephen Nellis:

These reports are all the more interesting because, in the days of very powerful phones and tablets, one of the few really good reasons for buying a full-on laptop is processor-intensive work like pro audio.

Ricci Adams:

Note: switching off “Set... automatically” doesn’t eliminate the issue because timed appears to still sync on occasion, even when off. There are likely other issues at play too. Unloading timed entirely fixed it for me, but not everybody.

Update (2019-02-21): Ricci Adams:

Follow-up: The issue still occurs for me after running sudo pmset nopoll when timed is loaded. There may be different issues at play, however.

Also, in case it helps anybody else, the best way I’ve found to test is to rapidly check/uncheck “Set date and time automatically” during playback while searching Console for “pauseAudioEngine”. If the engine is pausing, you will glitch at some point.

Update (2019-02-22): See also: Accidental Tech Podcast.

Update (2019-02-26): See also: Joel Hruska.

Update (2019-04-08): Geoff Duncan:

Since the introduction of the iMac Pro—and continuing with newer T2-equipped Macs—users have reported occasional audio glitches: little clicks, pops, or bursts of noise that seem to happen at irregular intervals. They occur with both audio playback and audio recording, and can happen using any app, whether listening to Apple Music, watching a video on YouTube, playing a game, or—uh oh!—playing a hot DJ set at a party or recording a live symphony orchestra.

The problem seems most common with USB-connected audio devices—whether consumer-grade headsets, podcaster-level microphones, or professional audio gear—but the glitches also happen with built-in speakers and microphones as well as audio devices connected via Thunderbolt. How often do they happen? Hard to say. Some users see a few every hour, others maybe only one per day.


However, for others, these glitches are literally showstoppers.


All that said, if you rely on your Mac for audio—whether recording podcasts, DJing parties, or as a professional engineer or musician—I recommend avoiding T2-equipped Macs until audio issues have been verifiably resolved for quite some time.

Update (2019-05-27): Peter Kirn:

The T2 security chip continues to wreak havoc with audio performance – and the 2019 MacBook Pro, like all Macs since a 2018 revision, continues to use it and inherit its audio stability issues.

Even after a recent OS update that “addressed” performance, we are still hearing widespread reports that the new Macs exhibit this issue. And normally when I say I’m “hearing” them, I mean people are writing to tell me about it. In the case of the T2 issues, I actually keep literally hearing it. You’ll go to a concert or festival, and listen to one MacBook Pro after another glitching with the issue. You’ll sit for a meeting and hear it going on in the background.

See also: MacBook Pro 2019.

Monday, February 18, 2019

Explaining Code Using ASCII Art

John Regehr:

People tend to be visual: we use pictures to understand problems. Mainstream programming languages, on the other hand, operate in an almost completely different kind of abstract space, leaving a big gap between programs and pictures. This piece is about pictures drawn using a text character set and then embedded in source code. I love these! The other day I asked around on Twitter for more examples and the responses far exceeded expectations (thanks everyone!). There are a ton of great examples in the thread; here I’ve categorized a few of them.


Inline Types and Functions in Swift

John Sundell:

Inlining can be a great tool for situations when we need an additional type or function, but we don’t want to expose it outside of the scope that it’s being used in. By placing that kind of simpler, more narrowly scoped, types and functions right next to the code that uses them — we can also make our code a bit easier to navigate and work with, by reducing context switching.

The fact that we can choose to define types and functions not only at the top level of a program, but also inline within other types or functions, is another example of just how flexible Swift is in terms of structure and syntax. However, just like with other features of the same nature, it’s important not to take things too far.

I really like using nested declarations and access control modifiers to make code more readable. A downside is that this can make stack traces less readable because the mangled names end up longer than if you had picked a globally unique name yourself.

Ten Years Ago, Apple Said Goodbye to Macworld

Stephen Hackett:

After giving the cursory update on Apple retail and the business on a whole, the news of the keynote started with updates to both the iLife and iWork suites, which at the time were still sold on DVD for $79 each.


Schiller moved onto hardware, showing off the unibody 17-inch MacBook Pro. These big notebooks were in Apple’s lineup for some time, and this marked the last major revision to the family.


Macworld ended with “one last thing,” which was a set of updates to iTunes.

First, Schiller announced an update to song pricing. Songs would now be available at $0.69, the classic $0.99 and a new $1.29. He assured the audience that more songs would be moving down in price than increasing.

It seems like everything is $1.29 now.

Daring Fireball 2018 Apple Report Card

John Gruber (Hacker News):

The MacBook keyboards, lack of iMac updates, and still-missing Mac Pro would’ve led me to give Apple a “C” for the Mac. I took off a whole grade for how embarrassingly bad the “Marzipan” apps are.


iOS 12 is one of my favorite iOS updates for iPhone in years. Apple promised back at WWDC that they were focusing on performance and they delivered.


iCloud Photos is now one of the best sync services I’ve ever used. It’s fast and reliable, and it handles data that I consider invaluable — my family’s photos and videos. iCloud overall has gotten very good.

I continue to have problems with iCloud Photo Library (new photos not showing up, slow syncing, mysterious failures downloading/exporting) and iMessage (messages arriving minutes late or not at all, spontaneous signouts, huge numbers of messages temporarily disappearing). iCloud calendar e-mail notifications still don’t work. It seems like iCloud Drive has been improving, though.

But for me, personally, I don’t care about huge new flagship stores in Dubai or Paris, and I don’t partake in the “Today at Apple” classes. I care about two things: buying stuff and getting service at my local Apple Store here in Philadelphia.


I just want to get in line, wait my turn, pay, and leave. Instead, the way to check out at an Apple Store is to wander around until you get the attention of an employee who has one of the handheld checkout iPod Touches.


But inevitable or not, the result is that getting support at an Apple Store now stinks. And frankly, the technical acumen of the Genius Bar staffers is now hit-or-miss.

I think Apple needs a lot more stores just to maintain the quality of experience that they used to have. Given that they’re currently stretched so thin, I wish they would focus on service and sales.


Update (2019-02-20): Josh Centers:

We decided to ask for your thoughts on what the Apple Stores have been like under Ahrendts, and we were surprised to see that your opinions were split fairly evenly between improvement, no change, and decline.

Friday, February 15, 2019

Using Tuples As Lightweight Types in Swift

John Sundell:

Even though a tuple can have labels, you are always free to ignore those when creating an instance. This can help make call sites look really nice and clean, for example when dealing with vector types, like coordinates.


Tuples can also be super useful when checking if multiple values are equal. Even though they don’t conform to the Equatable protocol (or any protocol for that matter), the Swift standard library defines == overloads for tuples that contain values that themselves are equatable.


It turns out that the argument list of any closure can in fact be described using a tuple, and since - thanks to first class functions - all functions are also closures, we can actually use a tuple to pass arguments to a function. All we have to do is to make Swift treat a function as a closure. To do that we could define a call function that takes any function and applies its required arguments to it[…]

John Sundell:

Tuples can not only be super useful in order to group multiple related local variables into one, but can also be a great way to combine throwing expressions

Pixelmator Pro vs. Photoshop CC

Victor Agreda:

If you do heavy print work, you rely on other Creative Cloud apps, or if you’re plugged into a workflow reliant upon some of the connected features available in Creative Cloud, I can save you some time: forget it. Adobe offers a decent deal for subscribers: between online storage, fonts, and other workflow niceties; you won’t easily replicate that with a single application. However, if you simply need to work with photos and manipulate them for the Web—which is likely a big chunk of Photoshop users out there—then Pixelmator Pro offers some advantages for a lot less money.


That said, Pixelmator Pro takes advantage of numerous macOS features, including Versions, which lets you move among previous saves with ease. In fact, as I alluded to earlier, the macOS features in Pixelmator Pro give it somewhat of an edge over Photoshop. By relying on macOS features like Metal 2, Wide Color, and CoreML (which powers its machine learning features), Pixelmator Pro moves like a speedboat to Photoshop’s battleship. I wound up launching Pixelmator Pro to do a lot of my photo work simply because (on a 2017 27-inch iMac, anyway) it launched instantly and ran like a cheetah.

I recently used Photoshop for the first time in many years and was surprised at how it feels less like a regular Mac app than I remember.

Color Spaces

Bartosz Ciechanowski:

A color space can specify how the numeric values of the red, green, and blue components map to intensity of the corresponding light source. In other words, the position of a slider may not be equal to intensity of the light the slider controls.


This may seem all like a pointless transformation, but there is a good reason for doing all this nonlinear mapping. The human eye is not a simple detector of the power of the incoming light – its response is nonlinear. A two-fold increase in emitted number of photons per second will not be perceived as twice as bright light.

If we were to encode the colors using floating point numbers the need for a nonlinear encoding function would be diminished. However, the numeric values of color are often encoded using the familiar 8 bits per component, e.g. in the most common configurations of JPEG and PNG files. Using a nonlinear tone response curve, or TRC for short, lets us maintain more or less perceptual uniformity and use the chunky, quantized range to keep the detail in the darker parts.


Accessing the Log and Utilities From the macOS Installer


Check out the video to see how to use the keyboard shortcut command-option-control-w to switch back to the standard macOS installer. Also, get access to a grayed out menu for accessing the Terminal and Disk Utility by holding down command-option-control when selecting the menu items.

Your Apps Know Where You Were Last Night

The New York Times (tweet, Hacker News):

At least 75 companies receive anonymous, precise location data from apps whose users enable location services to get local news and weather or other information, The Times found. Several of those businesses claim to track up to 200 million mobile devices in the United States — about half those in use last year. The database reviewed by The Times — a sample of information gathered in 2017 and held by one company — reveals people’s travels in startling detail, accurate to within a few yards and in some cases updated more than 14,000 times a day.

These companies sell, use or analyze the data to cater to advertisers, retail outlets and even hedge funds seeking insights into consumer behavior. It’s a hot market, with sales of location-targeted advertising reaching an estimated $21 billion this year.


Many location companies say that when phone users enable location services, their data is fair game. But, The Times found, the explanations people see when prompted to give permission are often incomplete or misleading. An app may tell users that granting access to their location will help them get traffic information, but not mention that the data will be shared and sold. That disclosure is often buried in a vague privacy policy.

Jason Koebler:

Along with the investigation, the New York Times published a guide to managing and restricting location data on specific apps. This is easier on iOS than it is Android, and is something everyone should be periodically doing. But the main takeaway, I think, is not just that we need to be more scrupulous about our location data settings. It’s that we need to be much, much more restrictive about the apps that we install on our phones.


What this means is that the dominant business model on our smartphones is one that’s predicated on monetizing you, and only through paying obsessive attention to your app permissions and seeking paid alternatives can you hope to minimize these impacts on yourself.

Jason Koebler:

Don’t think Apple or Google get enough shit for incentivizing an app economy that relies on free apps that make money by monetizing the data collected by your phone. Allowing the “app is free but we sell your data” as a business model for flashlights and games was disastrous

This is another reason why I think Apple’s Walled Garden is so terrible. For years, it was completely fine to make sketchy apps that monetized data. Why wasn’t Apple protecting its users from that business model?

I suspect Apple would argue this is why you need a walled garden, but Apple has not done a great job of policing it, anyway, so it seems more like protectionism and an obsession with control than anything.

Will Strafach:

I see some are speaking about this as if apps keep their own location databases, but that is not the case. it is so much worse. the location data is sent directly from your phone to big centralized tracking databases owned by one or more of the 75 tracking firms.

Nick Heer:

App developers should, at the very least, be required to be completely forthright in their permissions request dialogs. If a developer is scooping and selling user data, they should be able to defend that practice to users in language that they can understand; if they cannot, then perhaps that’s a practice they should cease.


Thursday, February 14, 2019

Developer Apple ID’s to Require Two-Factor Authentication

Apple (via e-mail):

In an effort to keep your account more secure, two-factor authentication will be required to sign in to your Apple Developer account and Certificates, Identifiers & Profiles starting February 27, 2019. This extra layer of security for your Apple ID helps ensure that you’re the only person who can access your account. If you haven’t already enabled two-factor authentication for your Apple ID, please learn more and update your security settings.

Brent Simmons:

I have two accounts — one for personal use, one for development use — and so do lots of developers.

I don’t know how to make this work. None of my devices are ever signed in to my developer account. That account exists purely for building and distributing apps.

It is possible, but Apple has not done a good job of explaining it.

Nick Heer:

To register an iOS device with two-factor authentication, you must sign out of your personal Apple ID at the system level, which means you’re signing out of iCloud. This is a highly disruptive action. On a Mac, it’s much easier, because you can associate different MacOS users with their own Apple ID. So, the best recourse to set up two-factor authentication is probably to create a separate user account on your Mac, set it up with your developer Apple ID, and then follow Apple’s directions.

James Thompson:

So, if my developer Apple ID is going to require 2FA in two weeks, how is that going to work mixed with my personal Apple ID? Am I right that a device like a phone can only be the trusted device for one Apple ID?

Ryan Booker:

It’s a great example of Apple not thinking things through. Custom system that doesn’t work with every other TFA system, no ability to get the prompts from multiple accounts, and no ability to merge accounts.

Dave Wood:

To put into perspective how much of a PITA Apple’s bad 2FA will be, I rec’d 14 of the “Teams and roles have been unified.” emails. I have a lot of developer accounts, tied to specific clients. I also often need to log in as the client because they have no clue how ASC works.

Kyle Seth Gray (tweet):

Here’s how you can add your developer account to your device to get authentication codes.


Despite the account being labeled as ‘inactive’ on that account screen, you have added your device as a “trusted” device capable of receiving two-factor authentication codes.


The one problem is enabling it in the first place - the easiest way is to create a temporary user on your Mac and enable it there, but damn if that isn’t a clunky solution.

I have not, as far as I recall, ever made a separate Mac account or used a dedicated device for my developer account, but somehow I was able, long ago, to enable 2FA using SMS. Some people are worried that Apple will stop allowing this and require an actual iOS device, but I haven’t seen any official indication of that. SMS is more convenient in a lot of situations but less secure.

Maxwell Swadling:

Never use consumer phone numbers, they are easily stolen. Most telcos only require a name and DOB to port. Get a number that doesn’t have a sim allocated and can’t be ported, such as twilio or google voice.

Maxwell Swadling:

1. get a dedicated google voice number on a dedicated google account
2. Disable text message forwarding
3. Put THAT account under U2F
4. Create a Mac VM
5. Sign in and activate with that number

I think this is the only decent approach

Tanner Bennett:

Lol what about company developer accounts that aren’t attached to any particular device, and thus, not tied to a phone number that can receive SMS?

See also: Cabel Sasser.

Update (2019-02-15): Simone Manganelli:

The SMS thing is “two-step” verification (as opposed to “two-factor”), and though it’s still supported, I dunno if you can activate it on newer devices.

Marco Arment:

This sudden requirement for 2FA on dev accounts feels rushed and ill-considered.

iCloud device-based 2FA doesn’t fit the way most iOS devs, big and small, use Apple IDs.

Apple should add support for TOTP (Authy, Authenticator, 1Password, etc.) before requiring 2FA.

Andrew Mayers:

I called dev support about it two days ago. They completely understood the problem and said they would look at my accounts and let me know the next day how to handle it. No response yet so I think they don’t have an answer yet.

Matthew Dicembrino:

Indie devs are now going to feel the pain us contractors have felt in last year. New dev accounts have been 2FA required for months. I use a google voice number to receive sms codes. Also reverse engineered the 2FA api calls to automate the process for my fastlane builds.

Gardner von Holt:

Marco, not publicized is that if you have no device to use for two factor auth, dev support can authorize your dev account to continue using Two Step auth, the 4 digit old method. Call dev support and explain the situation, you will get escalated to a sr. tech who has a process.

Nate Petersen:

Dev support got back to me: “At this time, two-factor authentication is only a requirement for the account holder role”. So you could have a separate account just to be the “account holder”. Still a huge pain though.

Konstantinos Kontos:

Since,I’m the senior iOS dev, but not the account owner, and since there are tasks that only the account owner can do, I know need to go ordinate with the US west time zone (10 hours difference to me) to perform tasks that I would otherwise do in a couple of minutes.

Craig Hockenberry:

Just removed an Apple ID from an old Mac mini and got a barrage of alerts on phones, watches, Macs about FaceTime being used on a new device that’s not new. Also signed out of the iTunes Store.

If anyone at Apple is wondering why developers are worried about 2FA, see above.


So let’s recap: I decided (stupidly) to do a little cleanup on my Apple ID. Now I can’t buy anything from Apple. I can’t renew my developer account, get a WWDC ticket, or buy some hardware.

We see fragility in Apple’s backend service a lot more than most customers. And worry.

My fear at this point is that all of these declines is going to trigger something that locks my account and really screws my business up.

See also: Scripting OS X.

Update (2019-02-18): See also: Reddit.

Dave Wood:

Apple’s forced 2FA is going to go really well. Here’s one of my dev accounts, now completely locked out (unrelated to 2FA). One site says I need to update the country associated with the account, the other says I can’t update it. Now what?…

Update (2019-02-20): Apple:

If your personal Apple ID is different from the Apple ID associated with your Apple Developer account, you can configure your device to allow verification codes to be received for both Apple IDs.


If your Apple ID has two-step verification enabled and two-factor authentication is available in your country or region, you will need to update to two-factor authentication for increased security.


You can assign the same trusted phone number to multiple Apple IDs that you use.


If you previously enabled two-step verification with a recovery key on your account and you sign in on a device running iOS 11 or macOS High Sierra, your Apple ID is automatically updated to two-factor authentication. After your account is updated, you have the option to generate a new recovery key. This option is only available if you are updating an account from two-step verification to two-factor authentication.

Eric Slivka:

But their suggestion to set it up by signing out of iCloud on your phone is pretty nuts. That’s a painful process to go through when your phone starts trying to delete all of your synced iCloud content.

Update (2019-02-26): See also: Accidental Tech Podcast.

Update (2019-03-05): It turns out that my Apple ID did not have 2FA enabled, so today I was forced to choose between logging out of iCloud on my phone and creating a new dummy user.

Stealing High-Value Instagram Accounts

Joseph Cox (tweet):

Usually when you think of someone taking over an Instagram account, you probably imagine a hacker breaking in with an unearthed password, or tricking the victim into giving up their credentials. But Instagram scammers have another, sometimes more effective method too: just asking Instagram to hand over the account.

Scammers do this by creating fake companies and trademarks to convince Instagram they should be the legitimate owner of a username in question, with fraudsters using “trademarking,” as the technique is known, to get ahold of sought-after, valuable handles, according to posts and evidence of the process in action obtained by Motherboard. The scammers can then keep these handles as digital mementos, brag about their acquisition, or resell them at a profit in a thriving underground community.

Update (2019-02-15): Isaiah Carew:

i’ve had my instagram account “isaiah” stolen 3 times. they used “sim flipping”, social engineering, and a loophole in 2-factor.

iTunes U and iBooks Author Are Suffering From Software Rot

Bradley Chambers:

Google has been ridiculed over creating and shutting down various applications over the years, but when it comes to enterprise software applications, I would prefer that over letting things die a slow agonizing death. Apple, on the other hand, has done the latter with two of its K–12 focused software applications: iBooks Author and iTunes U.


[iBooks Author is] largely the same application that it was when it was released in 2012. Is iBooks Author an app that schools are supposed to build around? If so, what promise do they have that it will be compatible with anything in the future?


The last major [iTunes U] feature was released in 2015. […] Sadly, iTunes U doesn’t even support split screen on the iPad yet. The Apple Pencil support is bare bones. It would be hard for me to recommend iTunes U as a platform for anyone at this point.


Most Security Bugs Are Memory Safety Issues

Catalin Cimpanu (via Hacker News):

Speaking at the BlueHat security conference in Israel last week, Microsoft security engineer Matt Miller said that over the last 12 years, around 70 percent of all Microsoft patches were fixes for memory safety bugs.

The reason for this high percentage is because Windows has been written mostly in C and C++, two “memory-unsafe” programming languages that allow developers fine-grained control of the memory addresses where their code can be executed. One slip-up in the developers’ memory management code can lead to a slew of memory safety errors that attackers can exploit with dangerous and intrusive consequences --such as remote code execution or elevation of privilege flaws.

Kara Swisher Interview of Jack Dorsey

Dan Luu (tweet, Hacker News):

This is a transcript of the Kara Swisher / Jack Dorsey interview from 2/12/2019, made by parsing the original Tweets because I wanted to be able to read this linearly. There’s a “moment” that tries to track this, but since it doesn’t distinguish between sub-threads in any way, you can’t tell the difference between end of a thread and a normal reply.

Mostly, I think this demonstrates how hard it is to read collections of tweets on Twitter itself.

Wednesday, February 13, 2019

Flickr Moving Away From Yahoo Logins

Don MacAskill:

I am SO happy to announce that @Flickr login without Yahoo is rolling out! Thanks for your patience and support as we worked hard to build & debug. New login page is up, and members will get to update their logins over the coming weeks.


In preparation for launching our new login system, we’re beginning the rollout today of the new Flickr login page. This will take some time, so hang tight if you don’t see it immediately -- it’s coming!

For now, the login page will still forward you over to Yahoo, where you’ll continue to use the same credentials as always to sign into your Flickr account. The next step in the process will take a few weeks -- we’ll let each member know when it’s time to choose the email address and password you’ll use to log in to Flickr.

I think that’s the only time I use my Yahoo ID these days.

The Future of Blogger and MarsEdit

Daniel Jalkut:

Google is shutting down the Picasa Web Albums API, and MarsEdit will no longer be able to upload images to Blogger/Blogspot blogs.


This is a very disappointing development, but it sort of comes with the territory for an app such as MarsEdit that supports a variety of services, none of which is under my control. Over the past 12 years, I’ve witnessed the disappearance of services such as Vox and Posterous, and the elimination of support for 3rd party apps by services such as Squarespace.

AR Will Spark the Next Big Tech Platform

Kevin Kelly (tweet):

Someday soon, every place and thing in the real world—every street, lamppost, building, and room—will have its full-size digital twin in the mirrorworld. For now, only tiny patches of the mirrorworld are visible through AR headsets. Piece by piece, these virtual fragments are being stitched together to form a shared, persistent place that will parallel the real world. The author Jorge Luis Borges imagined a map exactly the same size as the territory it represented. “In time,” Borges wrote, “the Cartographers Guilds struck a Map of the Empire whose size was that of the Empire, and which coincided point for point with it.” We are now building such a 1:1 map of almost unimaginable scope, and this world will become the next great digital platform.


The mirrorworld—a term first popularized by Yale computer scientist David Gelernter—will reflect not just what something looks like but its context, meaning, and function. We will interact with it, manipulate it, and experience it like we do the real world.


The mirrorworld will raise major privacy concerns. It will, after all, contain a billion eyes glancing at every point, converging into one continuous view. The mirrorworld will create so much data, big data, from its legions of eyes and other sensors, that we can’t imagine its scale right now. To make this spatial realm work—to synchronize the virtual twins of all places and all things with the real places and things, while rendering it visible to millions—will require tracking people and things to a degree that can only be called a total surveillance state.

I still don’t really understand how this will work or what Apple thinks its role is going to be.


Update (2019-03-08): Antti Oulasvirta:

Rant: Nine reasons why I don’t believe in current VR/AR technology.

HoloLens, Magic Leap, and Oculus: Mind-blowing videos, and the market is estimated to explode to $200 billion by 2025 (Statista). So what’s wrong?

HCI research tells why we haven’t seen a killer app yet[…]

Update (2019-03-22): Lauren Goode:

Almost every single time I get a demo of a phone or tablet that supports AR apps the product manager says look you can use it to place virtual furniture before you buy and I am thinking, my dude, how many sofas per year do you think we all buy

Cell Carriers Sold Location Data to Bounty Hunters

Jason Koebler (tweet):

Around 250 bounty hunters and related businesses had access to AT&T, T-Mobile, and Sprint customer location data, according to documents obtained by Motherboard. The documents also show that telecom companies sold data intended to be used by 911 operators and first responders to data aggregators, who sold it to bounty hunters. The data was in some cases so accurate that a user could be tracked to specific spots inside a building.


A list of a particular customer’s use of the phone location service obtained by Motherboard stretches on for around 450 pages, with more than 18,000 individual phone location requests in just over a year of activity. The bail bonds firm that initiated the requests—known in the industry as phone pings—did not respond to questions asking whether they obtained consent for locating the phones, or what the pings were for.

Joseph Cox:

Some of these bounty hunters then resold location data to those unauthorized to handle it, according to two independent sources familiar with CerCareOne’s operations.


“This scandal keeps getting worse. Carriers assured customers location tracking abuses were isolated incidents. Now it appears that hundreds of people could track our phones, and they were doing it for years before anyone at the wireless companies took action,” Oregon Senator Ron Wyden said in an emailed statement after presented with Motherboard’s findings.


“With AT&T, Sprint and T-Mobile phones, utilizes GPS technology to track registered cell phones to within a few feet of their location,” the article reads. “With Verizon, they use less-precise cellular triangulation technology.”


Tuesday, February 12, 2019

Amazon Acquires Eero

Chris Welch (MacRumors, Hacker News):

Amazon has announced that it’s acquiring Eero, the maker of mesh home routers. Amazon says buying Eero will allow the company to “help customers better connect smart home devices.” It will certainly make Alexa-compatible gadgets easier to set up if Amazon also controls the router technology. Financial terms of the deal are not being disclosed.

Nilay Patel:

Eero was one of the few major (and necessary) tech products you could buy that was 1. terrific 2. made by a well-run, personable company 3. not made by one of the giants

Dieter Bohn:

Maybe Eero’s mesh network could be built-in to future Echoes. Maybe future Eeros could get microphones built into them. Maybe Amazon will hug Eero so tightly it will die or maybe Amazon will let it live as an independent unit, much like Ring. Maybe Eero Plus — which includes a VPN and anti-malware and even a subscription to a password manager — would get bundled for free into an Amazon Prime subscription.


But this time, the surprise might be on Amazon. The first reaction from people who know and love Eero wasn’t speculating on any of those possibilities. Instead, the overwhelming reactions were consternation, concern, and exhaustion.

Dan Masters:

I remember when I thought Apple would integrate the AirPort Express into the Apple TV. #waste


I thought the same thing.

Before the ‘reinvented’ 4th gen Apple TV came out, it was supposed to be a console/Steam competitor, a cable TV killer, home Siri, and Wi-Fi - all in one.

It got basically none of that right.

Instead, we go an awful remote and apps no one uses.

Jon Gales:

I still find it really weird that Apple got out of the wireless networking game. Amazon and Google clearly see value in it.

Joe Cieplinski:

At some point, Apple is going to have to ask itself: If we care about privacy, should we be providing our customers with a means to protect themselves at all points of their internet connections?

See also: Rene Ritchie.


Update (2019-02-13): John Gruber:

I know Amazon wants to keep its options open and isn’t going to commit to anything today, but that “at this time” is painful to read.

Rene Ritchie:

Google, Amazon, Facebook are massive data harvesting companies with service/device front ends critical to facilitate that harvesting. It makes any/unlimited numbers categories business-necessities.

Apple doesn’t need to make routers. We need them to because of the above. :(

Spencer Callaghan:

right but as a market strategy, would keeping that data from competitors not be a good move? Also, they are clearly interested in the smart home space, embedded routers in HomeKit devices just makes so much sense, particularly from a company that values minimalism.


The only companies that feel like there’s a market in routers are the ones that do it for data collection. If Apple really wants to walk the walk they’d be making routers. I hope that if they aren’t already that this is a wake up call.

Robert Walter:

I know Apple believes in security but if they were really serious about it, they’d offer 1. Safe router, 2. VPN and 3. upgrade iCloud Keych/Apple Wallet to a full function p/w mgr..

Apple originally sold Airports because so few good routers. Should do now because few safe ones


The iDevice could have played the role of the HomeKit bridge and respond to Siri requests from the wireless speakers (just like the Siri Remote is able to send requests wirelessly to the Apple TV). The combinaison of all these features could have become an ecosystem by itself, a new platform. Configuration would have been done via the (or a seperate app for more advanced feature configuration like firewall rules or internet content filtering.

What name could Apple give to this fabulous new product? The HomePod. Now that would have made sense. Boom.

See also: Accidental Tech Podcast.

Update (2019-02-14): Rosyna Keller:

I’m personally mode terrified Amazon will start requiring an Amazon account to do anything with an eero.

Google Wi-Fi already requires a Google account.

Update (2019-04-09): Rachel Kraus (via Hacker News):

It revealed that the final sale price was $97 million. Crunchbase reports that Eero took $90 million in venture capital (the Wall Street Journal put the number at $100 million). PitchBook, a highly accurate source of VC information, claimed a final $40 million Series D fundraising round from December 2017 brought that number up to $138 million. Eero declined to comment, instead pointing to a March 12 blog post confirming the sale.

An additional $10 million debt line Eero took out brings the total money put into the company at $148 million — 150 percent of the Amazon sale price.


The documents state that after transaction costs and debt, the actual price will be closer to $54.6 million. That means that Amazon is covering around $40 million of the debt that Eero owes. Ex-employees believe the debt to be from hardware manufacturing costs, since they said that Eero took on corporate financing to actually manufacture the products.

Transparency in macOS 10.14

Dr. Drang:

Why should the Dock appear as if it’s transparent? It’s not as if there’s anything interesting behind the Dock. That space can’t be used for icons, and I wouldn’t put any there even if it could be. So there’s no value is seeing through the Dock, but there is value in distinguishing the icons in the Dock from those that may be next to it on the Desktop. The distinction between the icons in the Dock and those on the Desktop is unnecessarily reduced by the excessive transparency of the Mojave Dock.


This is ludicrous. This menu isn’t directly in front of the Desktop, it’s in front of the browser window (which is white because I was on Google’s home page when I took the screenshot). There is no reason for it to look like you’re seeing through it to the Desktop. That it looks that way screws up the sense of layering, especially since it still has that shadow around its border.

This absurd fake transparency isn’t confined to Safari. The little popup boxes that appear in Maps have the same muted Desktop coloring even though their conceptual position is floating on top of the map, not on top of the Desktop.

“Reduce transparency” is less effective than before. I usually run with “Increase contrast,” which further reduces the transparency and makes text more readable. But it also exposes a variety of bugs with standard controls and with built-in apps (e.g. the top of the main table view in Mail and the Show Desktop pop-up menu in the Mission Control preferences).

Nick Heer:

For what it’s worth, I don’t necessarily share Drang’s complaints with transparency more generally on the Mac; I think it’s more decorative than helpful, but it’s fine. But I keep the “Reduce Transparency” setting switched on mostly because I prefer a solid background for the menu bar. The resulting layering and compositing doesn’t make any spatial sense and, especially with a saturated desktop picture, is often jarring.


Update (2019-02-13): Tony Arnold:

I have to be honest, recent changes to macOS’ design have me scratching my head, too. How and when things show through seems like a massive mess. The content of vibrant sidebars is less emphasised, and harder to read when the window is focused.

Update (2019-03-26): macOS 10.14.4 fixes the bug with the Dock and Reduce Transparency.

Apple Retail Employees Aggressively Pushing iPhone Upgrades

Chance Miller:

A source tells 9to5Mac that this is a new policy at all Apple retail locations. Employees are being instructed to push for an upgrade instead of repairing an existing device. In some stores, the source says, an employee is tasked with pitching iPhone upgrades to Genius Bar customers as they wait for appointments. Other stores have the Geniuses themselves to pitch an upgrade.


First and foremost, pitching users of the iPhone X to upgrade comes across as a desperate move. The device is barely over a year old, and many iPhone X users haven’t even had it for more than a year. Trying to get someone who spent $1,000+ on their iPhone less than a year ago to spend another $1,000+ is a bold move.

Further, many people dread the task of going to Apple stores and many have to drive several hours to do so. The last thing those people want is for an employee to immediately up-sell instead of helping them repair their existing phone. An employee’s first response to my problem shouldn’t have been, “Have you considered upgrading to a new iPhone recently?” It should have been promising to resolve my problem as quickly as possible.

Benjamin Mayo:

The Apple Store is a store. It’s a place to buy something, and a place for Apple to sell something. However, the Apple Store has never been defined by the hard sell. In fact, it boldly fought against it. Apple retail employees have never earned commission because the goal was to give shoppers the right advice, and match person to product based on need and wants, not which one gives the biggest kickback.

These new initiatives to juice iPhone XS and iPhone XR fly in the face of the principled stance Apple has established in the past. Staff advice is distorted by upper management marketing pressure, rather than monetary incentives, but the result is the same for the customer. The advice is currently biased towards hitting Apple’s targets, not what the person walking in the shop really wants.

As he notes, Apple’s rhetoric is increasingly at odds with how the company actually behaves.

Previously: 2018 iPhone Sales.

Update (2019-02-13): Justin Miller:

I have seen this daily for months when I check It used to be an inspiring place to see what Apple’s stance on tech is. Now it’s a blaring ad to trade in your phone or to act on a limited time pricing offer. Everything above the fold is about selling.

Apple Storing Russian Users’ Data on Local Servers

Amy MacKinnon:

Roskomnadzor, the Russian government agency that oversees media and telecommunications, has confirmed for the first time that Apple Russia is to adhere to a 2014 law that requires any company handling the digital data of Russian citizens to process and store it on servers physically located in Russia. Under Russian counterterrorism laws, Apple could be compelled to decrypt and hand over user data to security services on request.


Russian law takes a broad interpretation of personal data and applies it to anything that could be used to identify individuals or their behavior. Photos, music, and e-book downloads would all indirectly be defined as personal data, said Medvedev, who specializes in internet and e-commerce law.

Via Nick Heer:

It isn’t clear to me how Russia could expect to decrypt any user data with the exception of email, as it’s end-to-end encrypted in Russia the same way as it is anywhere else.

So far, it seems that Apple has been happy to move data to local servers so long as they get to maintain control over encryption and privacy practices. But what happens when a country passes a law that requires them to relinquish their ability to secure user data?

However, I disagree about most user data being end-to-end encrypted.

Previously: iCloud in China and on Google’s Cloud.

Monday, February 11, 2019

Spotify’s Podcast Aggregation Play


That’s why we announced today the strategic acquisitions of two podcasting companies, Gimlet and Anchor. These companies serve two different, distinct roles in the industry. Gimlet is one of the best content creators in the world, with unique, celebrated podcast shows like Homecoming, which was recently adapted into a critically acclaimed show on Amazon Prime, and the internet culture hit Reply All. And Anchor has completely reimagined the path to audio creation, enabling creation for the next generation of podcasters worldwide — 15 billion hours of content on the platform during Q4. These companies are best-in-class and together we will offer differentiated and original content. Gimlet and Anchor will position us to become the leading platform for podcast creators around the world and the leading producer of podcasts.

Ben Thompson (Hacker News):

The shift in purpose from “music” to “audio” is, for now anyways, about podcasts. And, at least from a user perspective, it is a natural extension: playing music and playing podcasts entail downloading or streaming some sort of digital file, decoding it on a device, and playing it back through some sort of speaker. That one involved melodies and harmonies and the other primarily the spoken word (although there are plenty of music podcasts) is, from a technical perspective, a distinction without meaning.

From a value chain perspective, though, music and podcasts could not be more different[…]


This importance of centralization to an advertising business model is best seen by the fact that Spotify drove €542 million ($616 million) in advertising revenue last year, far outpacing all of podcasting, even though half of the company’s users didn’t hear any ads at all.


To that end, it is worth considering if this is good for the podcasting industry generally. After all, to return to the web analogy, the price of the Internet finally monetizing effectively was the shift of content to centralized platforms like Facebook.

See also: Accidental Tech Podcast, Core Intuition, Download, Exponent, Recode.

Update (2021-10-19): Marco Arment:

Gimlet, after the Spotify acquisition in 2019: “The shows that are out there now are going to continue to be available everywhere.”

Heavyweight, which was “out there” then, is now a Spotify exclusive.

Is anyone surprised?

Jeff Bezos and the National Enquirer

Jeff Bezos:

In the AMI letters I’m making public, you will see the precise details of their extortionate proposal: They will publish the personal photos unless Gavin de Becker and I make the specific false public statement to the press that we “have no knowledge or basis for suggesting that AMI’s coverage was politically motivated or influenced by political forces.”

Rather than publishing this as a JPEG of text, he used Medium.

Jaclyn Peiser:

Medium, the online open platform and publisher, is one bloglike platform that has persisted and innovated in the social media era. With 90 million unique monthly visitors, it has maintained relevance as a destination for open letters, petitions and personal essays. But it scarcely sparks such frenetic reactions as it did Thursday night.

The post went viral, and Medium soon found itself in the middle of a major news story.

In a statement, a Medium spokeswoman said the site hadn’t known that Mr. Bezos was going to publish the post.

Vlad Savov (tweet):

But what stood out to me, precisely by virtue of it not being noticed or widely recognized, was the role that Twitter played in that explosive news moment. If Bezos dropped a bomb, it was Twitter that sparked and catalyzed the explosion.


The anatomy of the Bezos disclosure was simple. He chose Medium as the receptacle of his thoughts — perhaps as a neutral alternative to writing in The Washington Post, which he owns — but the path that everyone followed to get to Medium was via his tweet. No journalist was casually browsing Medium’s “Combative Blog Posts from Multibillionaires” section and accidentally stumbled upon it. No one could even have been sure it was Bezos just by looking at the blog post in isolation. Twitter was both the trigger of awareness for the post’s existence and the first step of verification for its legitimacy.

John Gruber:

Here’s a detail I would like to see everyone reporting on this story identify: what type of text messages was Bezos exchanging with Lauren Sanchez? […] This matters because SMS is not encrypted. iMessage is not just encrypted but end-to-end encrypted. If, as Bezos’s investigator apparently believes, Bezos’s phone was not compromised, that means either Sanchez’s phone was compromised, or the messages were intercepted in transit. But if they were iMessages, they couldn’t be intercepted in transit.

I’m not sure whether Bezos uses an iPhone (and thus has access to iMessage).

Lachlan Markay:

The brother of Jeff Bezos’ mistress, Lauren Sanchez, supplied the couple’s racy texts to the National Enquirer, multiple sources inside AMI, the tabloid’s parent company, told The Daily Beast.

Of course, he denies this. But, if true, he could have gotten them via physical access to Sanchez’s phone, or directly from her, without having to intercept anything. So perhaps there’s a messaging tech angle to this story, but perhaps not.


Update (2020-01-30): John Gruber:

Bezos had a personal relationship with MBS and MBS personally sent Bezos the payload to exploit his phone. The evidence is strong enough and the allegations serious enough that the United Nations has issued a report on the matter, considers it part of a pattern of human rights violations from the Saudi regime, and is calling for the United States to further investigate.

But — but! — two days ago, The Wall Street Journal reported that federal prosecutors in Manhattan have evidence that The National Enquirer obtained the photos from Lauren Sanchez’s brother, who in turn was sent them from his sister’s phone.

See also: Hacker News.

On Covering Webcams

John Gruber (tweet):

I have never understand the mass paranoia over laptop webcams — which have in-use indicator lights, which I’ve seen no evidence can be circumvented on Macs from the last decade — and the complete lack of similar paranoia over microphones, which cannot be blocked by a piece of tape and which have no in-use indicator lights. And I don’t see anyone taping over the cameras on their phones. This story is only going to feed that paranoia, because the takeaway is going to be “The Wall Street Journal says you should cover up your webcam.”


The problem isn’t your camera, it’s malware. Don’t install any software from unknown or sketchy sources, keep your OS up to date, and you should be fine. And if you do have malware on your Mac, the webcam is likely the least of your problems.

I cover my Mac’s camera with a piece of tape, not because I’m terribly worried about it, but because it’s easy to do, so why not? But I think something like Little Snitch is probably better protection. I don’t really care whether an app is using the camera or microphone so long as it isn’t sending data anywhere.

Phone cameras and microphones should probably be of greater concern, but there’s not much you can do about them. It’s not practical to cover sensors that you use throughout the day. Third-party phone apps are harder to audit. And intelligence agencies can allegedly activate the microphone and camera, anyway.


Sandboxed macOS X Login Item With XPC

Uli Kusterer:

I’m currently working on updating the Talking Moose to modern macOS, with an eye on a Mac App Store release. This differs from your stock XPC setup, as the Talking Moose consists of a GUI application for configuring it, and a background process for the animated character, the latter of which should be launched at login and stay running, instead of only being launched on-demand when someone makes explicit requests to the service.

Here are the things I had to do differently from Xcode’s standard XPC Service target template[…]

Friday, February 8, 2019


Adam Engst:

Over at the New York Times, Brian X. Chen penned a thoroughly reasonable column explaining why advertisers use auto-play videos and some of the technical solutions for reducing their impact. Google Chrome tries to prevent them from playing based on your behavior, and Safari on the Mac, which Chen doesn’t mention, can also block them, either for a particular site or for all sites. And Firefox 66, due in March 2019, will mute all auto-playing videos.

The auto-play offense that has pushed me over the edge is Netflix’s Apple TV app, which auto-plays previews for movies and TV shows as you browse through Netflix’s library. Within 3 seconds of when you navigate to a show’s icon, it starts playing a preview for the show, complete with audio. It’s difficult even to read the show’s description in that amount of time, much less reflect on whether you might want to watch the show. As soon as the audio starts, it interrupts whatever thoughts might be going through your head (Josh Centers made this example video; it shows what he hears as his 5-year-old browses).

Update (2019-02-11): Nick Heer:

And here’s the thing: Netflix knows it drives people nuts. Last year, Dan Jackson of Thrillist cited several pieces pointing out just how awful and irritating and downright shitty this feature is. There’s a Twitter account dedicated to the terribleness of Netflix autoplay.

Update (2019-09-27): Tim Hardwick:

Now, [Apple TV] plays video trailers advertising content available on the iTunes Store.

This is similar to what you’d expect to see on Netflix, which routinely auto-plays trailers in the hope that it will help you discover content more easily. Not everyone wants to see the same behavior on their Apple TV though, and the good news is that you can turn it off with an option buried in the device’s settings.

Update (2020-02-07): Juli Clover:

Netflix today announced the launch of a new toggle that will let Netflix users turn off autoplay previews, which has been a controversial Netflix feature for years now.

The Definitive Guide to iCloud Photos in 2019

Mike Peterson:

Optimize Storage only affects images stored on your device. More than that, your iPhone will only optimize storage when you’re running low. It also starts optimization with the images and photos that you access the least.

So it can be hard to proactively free up more space that you know you will need for something else.

Unfortunately, no matter which platform you’re in, you’ll need to tap or click on each image to select it individually. If you’re on an iOS device, you can speed this process along by tapping and dragging across multiple photos very quickly. […] The one workaround that folks use on their iPhone to select Multiple photos to delete is to use a Third party app on your iPhone that facilitates selection of multiple photos.


But, of course, you may run into some issues when using the platform. Here’s how to troubleshoot some of the more common iCloud Photos problems.

Previously: Quickly Emptying the iPhone Camera Roll.

Update (2019-02-11): Tanner Bennett:

iCloud Photos on Mac does not sync over hotspot connections, and there is no indication of this, it just says “Updating” as if it were actually trying to sync.

Google Should Force Better Security on Nest Users

Patrick Howell O’Neill:

It took a growing mountain of home hacking horror stories going viral, but Google on Wednesday finally took action by telling their customers to stop messing everything up.

In the last few weeks, multiple stories have emerged about owners of Nest security cameras—at least some of which have speakers through which users can talk—seeing their devices hijacked so that hackers can not only look into their homes but also terrorize unsuspecting families by issuing fake bomb threats and threatening to kidnap children.


Why is something as important as a live video stream from inside your home secured as weakly as a video game by default?

Previously: Nest Cam Waking in the Night.

Update (2019-02-11): Simone Manganelli:

This is quite rich coming from a company that doesn’t support 2-factor auth by app, only by horribly insecure SMS. :rolleyes:

How Hackers and Scammers Break into iCloud-Locked iPhones

Joseph Cox and Jason Koebler:

The iCloud security feature has likely cut down on the number of iPhones that have been stolen, but enterprising criminals have found ways to remove iCloud in order to resell devices. To do this, they phish the phone’s original owners, or scam employees at Apple Stores, which have the ability to override iCloud locks. Thieves, coders, and hackers participate in an underground industry designed to remove a user’s iCloud account from a phone so that they can then be resold.


In practice, “iCloud unlock” as it’s often called, is a scheme that involves a complex supply chain of different scams and cybercriminals. These include using fake receipts and invoices to trick Apple into believing they’re the legitimate owner of the phone, using databases that look up information on iPhones, and social engineering at Apple Stores. There are even custom phishing kits for sale online designed to steal iCloud passwords from a phone’s original owner.


“I wish that they would just use iCloud lock for devices that are reported lost or stolen,” Justin Carroll, owner of FruitFixed, an independent smartphone repair shop in Virginia, told Motherboard. “We’ve seen it hundreds of times—people bring in perfectly working and capable phones that have nothing wrong with them and we can’t do anything for them. We’ve even had it happen to us, where we give a loaner phone to a customer, they don’t remove iCloud, they leave the store, and we have an expensive paperweight. That’s incredibly frustrating.”

Thursday, February 7, 2019

Swift ABI Stability and More

Jordan Rose:

This post describes what binary compatibility means in Swift 5 and how it will evolve in future releases of Swift.


To remove this restriction, the library author needs a feature currently being implemented called module stability. This involves augmenting the opaque [swiftmodule] format with a textual summary of a module, similar to what you see in Xcodeʼs “Generated Interface” view, so that clients can use a module without having to care what compiler it was built with. You can read more about that on the Swift forums.


Swift already has an implementation of support for library evolution, informally termed “resilience”. It’s an opt-in feature for libraries that need it, and it uses not-yet-finalized annotations to strike a balance between performance and future flexibility, which you can see in the source code for the standard library. The first of these to go through the Swift Evolution Process was @inlinable, added in Swift 4.2 (SE-0193). Look for more proposals about library evolution support in the future.

Previously: Swift 5 Release Notes for Xcode 10.2 Beta.

Update (2019-02-11): Joe Groff:

However, as a result of this, the Swift runtime is now a component of the user’s target operating system rather than part of the developer’s toolchain. As a consequence, in the future, for a Swift project to adopt new Swift runtime and standard library functionality, it may also have to require new OS versions that include an updated Swift runtime supporting the added features. This tradeoff between adopting new language features and frameworks or maintaining compatibility with older OS versions has always existed for Objective-C and Apple system frameworks, and will now be a factor for Swift as well.


The language compatibility setting is a purely compile-time feature that is used to control source compatibility. It does not affect ABI. You do not need to migrate Swift 4 code to Swift 5 mode in order to use Swift 5’s stable ABI, and going forward, new language modes can be adopted without imposing a newer OS requirement if language features that require new runtime features are not used.

It will not be possible to update the shared Swift runtime from a copy bundled with an app. But apps can continue to ship newer versions that are self-contained, as this is the only way Swift apps can run prior to macOS 10.14.4 and iOS 12.2.

Popular iPhone Apps Secretly Record Your Screen for Analytics

Juli Clover:

Multiple popular iPhone apps from major companies are using intrusive analytics services that capture detailed data like taps, swipes, and even screen recordings without customer knowledge, reports TechCrunch.

Apps that include Abercrombie & Fitch,, Air Canada, Hollister, Expedia, and Singapore Airlines are using Glassbox, a customer experience analytics firm that lets developers use “session replay” screen recording technology within their apps.


Some apps, such as Air Canada, don’t properly mask data that’s recorded, exposing information like passport numbers and credit card information. Air Canada employees with access to the screenshot database can readily see this data.

Previously: Apple Granted Uber a Background Screen Recording Entitlement.

Apple is telling app developers to remove or properly disclose their use of analytics code that allows them to record how a user interacts with their iPhone apps — or face removal from the app store, TechCrunch can confirm.


TechCrunch began hearing on Thursday that app developers had already been notified that their apps had fallen afoul of Apple’s rules. One app developer was told by Apple to remove code that recorded app activities, citing the company’s app store guidelines.

“Your app uses analytics software to collect and send user or device data to a third party without the user’s consent. Apps must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity,” Apple said in the email.

Apple gave the developer less than a day to remove the code and resubmit their app or the app would be removed from the app store, the email said.

Dave Verwer:

I’ve never talked about this before, but the only relevant sponsor who I’ve ever turned down for iOS Dev Weekly was a company focused on in-app screen recording analytics. It was a few years ago now and I had no idea this was even a thing at the time. I just couldn’t believe that they were doing it and they were incredulous that I had a problem with it. It made me really angry. Looking at the client list on their site was shocking too. Your screen is almost certainly being recorded by some of the apps on your phone. I didn’t want to support that, and I didn’t take their money.

The irony is that in a past job I had, the company I worked for used one of these screen recording analytics tools and I was asked to look at the results as part of my job. I protested and made a case they they should remove it from their app, but I failed and as far as I know they continue to do it. The irony? To my annoyance, the data collected from that tool was incredibly useful, and I found at least one really hard to reproduce bug because I could watch it happen for a user. Even so, I never felt comfortable with it and was happy to put it behind me.

In an email, an Apple spokesperson said: “Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.”

“We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary,” the spokesperson added.

John Gruber:

I think Apple’s doing the right thing here, and it’s an impressive display of what the App Store review team can analyze, but given that this has been going on for years, I think 24 hours notice over a weekend is a bit drastic.

KeySteal Mac Keychain Exploit

Benjamin Mayo:

Security researcher Linuz Henze has shared a video demonstration of what is claimed to be a macOS Mojave exploit to access passwords stored in the Keychain. However, he has said he is not sharing his findings with Apple out of protest.

Henze has publicly shared legitimate iOS vulnerabilities in the past, so he has a track record of credibility.

However, Henze is frustrated that Apple’s bug bounty program only applies to iOS, not macOS, and has decided not to release more information about his latest Keychain invasion.

Why doesn’t Apple have a bug bounty program for macOS?

Rene Ritchie:

Garbage. Disclose to Apple to help protect users then use the follow up to push for when (not if) the bounty program is launching.

There absolutely should be one and yesterday but don’t hold users hostage for your entitlement.

(Especially if you’ve previously dropped 0days…)

Dave DeLong:

Eh, mixed feelings. Civil disobedience is a well-established form of protest, and @apple tends to gloss over Mac stuff publicly, because it’s minuscule compared to iOS

And until he releases the exploit, there are no “hostages”. This isn’t blackmail.

Patrick Wardle:

Got to play with @LinusHenze’s ‘KeySteal’. It’s a lovely bug & exploit

✅ works on macOS 10.14.3
✅ his payload dumps passwords, private keys, & tokens

Protect yourself by:

🔐manually locking your keychain
🔐or setting a keychain-specific password

Lorenzo Franceschi-Bicchierai (Hacker News):

On Wednesday, after a talk at the Black Hat security conference in Las Vegas, Beer tweeted a message to Apple’s CEO Tim Cook, challenging him to pay for each bug he has reported since 2016, and asking him to donate $2.45 million to to human rights group Amnesty International.


Apple’s bug bounty program had a lackluster start last year. As Motherboard reported at the time, the majority of independent iOS security researchers had not submitted any bugs to Apple as part of the bug bounty, mostly because doing so would hinder future research and was just not worth the trouble, given that those exploits can be sold for much more money in the gray market of exploit brokers.

Previously: Apple Security.

Update (2019-02-08): Benjamin Mayo:

It is pretty twisted that Apple will bend the rules of their own bug bounty program so much for the Thompson family because of the press coverage. Meanwhile, ‘real’ security researchers are upset that Apple won’t even offer a program — of any kind — for macOS.

Previously: Major FaceTime Privacy Bug.

Jeff Johnson:

I could continue to pester Apple Product Security by email, but I don’t feel like it. I shouldn’t have to. I shouldn’t have to do anything except report the bug, which I did. I can accept that a mistake was made when my bug was not credited along with all of the others on October 30. What I cannot accept is that it takes more than 3 months to fix the mistake and simply update a web page on their site.

On a tangentially related note, the scam apps in the App Store that I blogged about previously are still in the App Store today. I also reported these apps to Apple Product Feedback. I’m not sure if that’s where you’re supposed to report App Store scams. Should you email Apple Product Security? Who knows. Why isn’t there a clearly identified place to report App Store scams to Apple?

Update (2019-02-11): Linus Henze:

On Tuesday @Apple contacted me and asked me if I would send them the details about my exploit. I told them that I would if they accept my offer. However, I’ve got no response from them. Today I wrote them again. Attached is an image of what I wrote.

John Gruber:

Why in the world Apple only offers security bounties for iOS is beyond my comprehension. Of course iOS has the most users, but the potential for truly critical bugs exists on all of Apple’s platforms.


as much as the FaceTime kid deserves the money he got, it’s very sad to see that Apple will only do things under the threat of bad PR. The bounty program has pissed off so many researchers that it seems very tone deaf of Apple to bend rules like that.

I’m not supposed to share details, but at this point I don’t even care about being disqualified from the bounty program. I submitted two sandbox escapes, for a $25k payout each. Additionally I wanted to donate my payout to charity, which made me elegible for a match.

It’s been now 2 years of silence from them, but I did recently hear that supposedly they took my decision to donate to @MAPS as a “joke” and seemingly they’re unwilling to donate to them. I think it’s despicable and the bounty program can die in a fire as far as I’m concerned.

Jeff Johnson:

Yesterday I wrote a blog post about how Apple Product Security has failed to credit me for my previous discovery of another hole in Mojave’s privacy protections. Later that day, Apple updated their support article online. The article now credits me, but unfortunately it credits me for the wrong bug. Perhaps the update was a rush job in response to my blog post, who knows.

Update (2019-02-18): Jeff Johnson:

I finally got proper credit from Apple Product Security for the Mojave privacy protections bypass that was fixed in macOS 10.14.1 back on October 30, 2018.

Update (2019-03-04): Linus Henze:

I’ve decided to submit my keychain exploit to @Apple, even though they did not react, as it is very critical and because the security of macOS users is important to me. I’ve sent them the full details including a patch. For free of course.

Update (2019-06-03): Linus Henze:

Hopefully you all updated your Macs to the latest macOS version, because as promised in my talk at #OBTS, KeySteal is now available on Github.

Please, only use this exploit for educational purposes. Don’t be evil!

Apple Is Removing “Do Not Track” From Safari

Juli Clover (Hacker News):

In the release notes for Safari 12.1, the new version of Apple’s browser installed in iOS 12.2, Apple says that it is removing support for the “Do Not Track” feature, which is now outdated.


The same feature was also removed from Safari Technology Preview today, Apple’s experimental macOS browser, and it is not present in the macOS 10.14.4 betas. According to Apple, Do Not Track is “expired” and support is being eliminated to prevent its use as, ironically, a fingerprinting variable for tracking purposes.

Kaelan the Tired:

The problem with it was that it all hinged on the option being disabled by default, so that only the rare unicorns who actually knew about it and wanted it would turn it on. Microsoft made the infuriating decision to blatantly violate this delicate contract by making Do Not Track enabled by default in Internet Explorer. So all that could happen from there was for the whole thing to come tumbling down. I vaguely remember some website trying to create a compromise where they would still honor the header if it came from a non-Microsoft browser, but I guess that kind of duct tape over the mess wasn’t sustainable. Advertisers were spooked and it all ended sadly-ever-after.

Previously: Intelligent Tracking Prevention 2.0.

Update (2019-02-11): Marco Arment:

The Do Not Track header trusted ad-tech to follow users’ preferences, getting less data and making less money.

But ad-tech can NEVER be trusted. It fundamentally violates trust for profit.

Our only option is to constantly fight it with countermeasures.

Fast Safe Mutable State in Swift 5

Ben Cohen:

My talk from Functional Swift Conf about some of the performance challenges with Collections of Copy-on-Write types, and how we’ve fixed this in the standard library in Swift 5.

Ben Cohen:

Here’s the code for Dictionary’s subscript _modify

What Dictionary does is find the key, then move the corresponding value out of its buffer temporarily into an optional it then yields. This leaves an uninitialized hole in the buffer memory – but that’s fine, because subscript call keeps exclusive access to that memory.

The caller can then modify that optional in-place, and the value inside it remains uniquely referenced. Then the caller returns from the yield, and dictionary can move the element back into its storage before returning.

This is using unsafe operations under the hood (to move the memory out of the buffer) but only the bottom layer needs to do this. You can then layer more yielding subscripts on top of it (as Dictionary does here – the unsafe stuff is isolated in _NativeDictionary).

And the unsafe ops are all regular std lib operations using UnsafeMutablePointer. No scary builtins involving pinning memory in place.


Wednesday, February 6, 2019

Why Swift’s Copy-on-Write Is Safe

Drew McCormack:

I’ve been applying the Copy-on-Write pattern for structs in Swift for quite a while, but is it actually thread safe? Is there not a risk of a race condition between checking that the object is uniquely referenced, and returning the reference?

Joe Groff:

It’s thread safe to read and copy but not write (modulo bugs). It should be as thread safe as an int variable

Joe Groff:

The difference from an ObjC object would be that two threads can both copy from a common value and modify their local copy with a guarantee that the writes don’t race, so this is valid:

let x = [1, 2, 3]

q.async { var y = x; y[0] = 4 }
q.async { var y = x; y[0] = 4 }


If you implement your cow buffer the same way the standard library does, using isUniquelyReferenced to check whether copying is necessary before any modification, then you should get the same guarantee. The isUniquelyReferenced is itself threadsafe

Drew McCormack:

I wasn’t even particularly thinking of Apple’s types, but more just the way we are told to do it in our own. If I understand, it is possible for a CoW struct to change value unexpectedly without you doing anything. Seems like would be pretty serious violation of value semantics.

Joe Groff:

Retain, release, and isUnique are all atomic, and ARC ensures that the read will ensure an independent retain for each thread. There should be no “between”

Daniel Jalkut:

I think Drew is not concerned with isUnique’s atomicity, but with the atomicity of the return/copy code that follows.

Joe Groff:

isUnique takes its argument inout intentionally to ensure this isn't a problem. Swift's inout requires exclusive access to the memory passed in, so by the time you have a local copy, it must be in a separate memory location with its own strong reference

In other words, because of the inout exclusivity guarantee, isUnique returning true also implies that your thread is the only thread that can see the one outstanding reference

See also: ManagedBuffer.swift.

Helge Heß:

I guess they key thing to understand is that this is not thread safe and needs synchronization:

var x = [ 1, 2, 3 ]
q.async( x.append(4) )
q.async( x.append(5) )

Drew McCormack:

I’m afraid I am still not completely convinced. Contested writes are always a risk, but I can live with that. I am more worried that there could be violations of value semantics. Here is a sample which creates a let constant, which subsequently mutates.

Raphael Sebbe:

makes sense. From this code (image), unless I miss sth, the second reference can be created (2nd thread) after the atomic test (1st thread) but before the update. This would mean that the copied value would be changed too.

I think part of the confusion is that people are not talking about the same thing. The way I think about it, Swift’s CoW protects variables that are declared as let. Other code can take the value, put it in a var, and mutate it, and the original variable will be unchanged, even if it’s not protected by a lock or queue. The reason this works is that a mutating method can only be called if the value is already in a var. By the time that happens, the reference count will be at least 2 (the original let, plus the var). ARC-itself is thread-safe. So, at the time of the mutation, isKnownUniquelyReferenced() will return false, and it will have to make a copy.

In McCormack’s example, the original value is in a var, and then it goes into a let, and the object inside the struct changes after the struct has been copied in the let. This is unfortunate, but—as with primitive types—you aren’t supposed to be writing without synchronization. It’s not a goal of CoW to protect against this.


Update (2019-02-07): Drew McCormack:

Thanks for summarizing the CoW discussion. I think we are in agreement. I will say, first, that it did surprise me that a ‘let’ constant can mutate, although I accept the explanation. Second, on the question of whether CoW has a race condition, the answer is clearly “Yes”

If I had to summarize that whole exchange, it would be… Me: “Does CoW have a potential race condition?”. Swift Folk: “You shouldn’t be asking that question.” Effectively the question is irrelevant, because you shouldn’t share mutable value types. That is the lesson.

Update (2019-04-16): See also: Ole Begemann’s thread in the Swift forums.

Secure Erase and Mojave’s Disk Utility

Howard Oakley:

The snag is that Disk Utility won’t overwrite an SSD’s free space in the way that it does with hard disks. It pretends to offer the same three secure erase options, but in fact none of them does what the dialog says. Indeed, in Sierra they aren’t even available, which is perhaps a little more honest.

In Mojave, all three secure erase options offer is that the original APFS volume is completely deleted, with any Preboot and Recovery directories, and it is then added back as a new volume. This will destroy all APFS data about the original volume, but the file data for that volume will remain on the SSD. Although at present there appear to be no macOS utilities which can reconstruct such a removed volume, that situation will change in the future.

Howard Oakley:

To perform the secure erase which it describes, you have to use the diskutil command in Terminal instead, using a command of the form

diskutil secureErase freespace 2 /Volumes/volumeName

which is an even slower process.

Before using diskutil secureErase, you should read man diskutil, where Apple cautions:

This kind of secure erase is no longer considered safe. Modern devices have wear-leveling, block-sparing, and possibly-persistent cache hardware, which cannot be completely erased by these commands. The modern solution for quickly and securely erasing your data is encryption. Strongly-encrypted data can be instantly “erased” by destroying (or losing) the key (password), because this renders your data irretrievable in practical terms. Consider using APFS encryption (FileVault).


It isn’t possible to encrypt an existing APFS volume non-destructively using Disk Utility, and in some cases when attempting to erase and reformat a volume, Disk Utility returns “an internal state error” and fails to perform the operation.


Considering Pulling Google News From Europe

Natalia Drozdiak:

The European Union’s Copyright Directive will give publishers the right to demand money from the Alphabet Inc. unit, Facebook Inc. and other web platforms when fragments of their articles show up in news search results, or are shared by users.


Lawmakers are still hashing out how to define small excerpts of stories and whether individual words should be covered by the copyright rules, according to an EU official who asked not to be identified.


The impact of a Google News withdrawal on publishers who rely on the search giant for traffic to their sites is unclear. Google shut its news service in Spain in 2014 after the country passed a law requiring Spanish publications to charge aggregators for displaying excerpts of stories. Publishers must claim compensation for the reuse of fragments of text whether they want to or not.

The Spanish law led to small publishers losing about 13 percent of their web traffic, according to a 2017 study released by the Spanish Association of Publishers of Periodical Publications.

Via Nick Heer:

An alternative could be to display search results without excerpts, photos, or titles.

Previously: EU Approves Controversial Copyright Directive.

eBay’s Changing Strategy

Spencer Soper (Hacker News):

Wall Street bought the story for a while, but with Amazon gaining and EBay atrophying, investors have been losing patience with Wenig’s slow-and-steady approach. That impatience came to a head on Tuesday, when Billionaire Paul Singer’s Elliott Management Corp. -- which owns more than 4 percent of the company -- published a letter outlining “urgently needed” steps that included assets sales and share buy-backs.

EBay’s growth was languishing even before Wenig took over in 2015 after the company split from faster-growing PayPal Holdings Inc. Many shoppers still think of EBay as the online rummage sale of yesteryear, where you could snag a deal on someone’s baseball card collection or video game console by bidding in an auction. In fact, EBay is much like any e-commerce site these days, replacing a trip to the mall by offering deals on new iPhones, Under Armour shirts and cordless drills from DeWalt.


As a shopper I hate a lot of the recent shifts in their strategy. The only thing interesting enough to make me want to deal with all the hassles of eBay are the interesting vintage or collectible one-of-a-kind items: coins, camera gear, art, etc. These things are more work to list and describe but make for an always entertaining browsing experience. I loved eBay back in the day when it was like one big never-ending garage sale.

The catalogization of eBay, moving toward SKU-based product pages with sellers providing fulfillment, ends up feeling like a weird me-too version of the Amazon FBA race to the bottom. Small sellers with interesting inventory have been bled to death with ever-increasing fees and seem ready to pack up the wagon and move on to greener pastures.

The featured products on the homepage have the same bland sameness as every other e-com site and as a shopper I don’t feel like I have much reason to ever go there these days. Right now I’m seeing a Patriots ballcap, some men’s sneakers, and a small grill. Might as well be shopping at Target.

Kirk McElhearn:

For many years, I have bought new iPhones and sold the previous models. As a tech journalist, it’s useful for me to have the latest technology – even though I don’t do this every year – and I don’t want to accumulate old devices, like many of my friends who have “boxes of phones.”

I used to do this on eBay, but, when I tried to sell my iPhone 8+ recently, the experience was so bad that I will never do it again.

Previously: eBay Is for Suckers.

Amazon and Fake Books and Filtered Reviews

Dave Mark (tweet):

The book had the same title, same author, and a similar cover. But it was not printed by No Starch Press and, presumably, none of the money will make its way to No Starch or the author.


Once they had the fake book in hand, they could print a fake and sell it, or add the fake PDF to a torrent web site. Happened to me with every book I ever wrote.

But this particular fake appears to be surfaced by Amazon, the number one bookseller in the world.

John Gordon:

Amazon reviews have long been helpful to me, and were once a big part of Amazon’s value proposition.

That is no longer true. Amazon is filtering out negative reviews.

See also: Reddit.


Update (2019-02-20): Sean Gallagher (Hacker News):

Bill Pollock, the founder of the tech how-to book publisher No Starch Press, called out Amazon on February 13 for selling what he says are counterfeit copies of his company’s book, The Art of Assembly Language—copies that Amazon apparently printed.

Tuesday, February 5, 2019

Swift 5 Exclusivity Enforcement

Andrew Trick:

The Swift 5 release enables runtime checking of “Exclusive Access to Memory” by default in Release builds, further enhancing Swift’s capabilities as a safe language. In Swift 4, these runtime checks were only enabled in Debug builds.


In essence, a variable cannot be accessed via a different name for the duration in which the same variable is being modified as an inout argument or as self within a mutating method.


The overhead of the memory access checks could affect the performance of the Release binary. The impact should be small in most cases; if you see a measurable performance regression, please file a bug so we know what we need to improve. As a general guideline, avoid performing class property access within the most performance critical loops, particularly on different objects in each loop iteration. If that isn’t possible, making the class properties private or internal can help the compiler prove that no other code accesses the same property inside the loop.


The combination of compile-time and run-time exclusivity checks described above are necessary to enforce Swift’s memory safety. Fully enforcing those rules, rather than placing the burden on programmers to follow the rules, helps in at least five ways[…]

Update (2019-02-26): Russ Bishop:

This has some interesting interactions with atomics, especially when running under the Thread Sanitizer (TSAN). If you’ve ever seen a TSAN report on some simple Swift code that looks obviously correct then you’re probably running into this issue[…]


The problem lies in the Law Of Exclusivity. The ampersand operator in Swift is not the same as C’s address of operator. It is the inout operator.


The takeway is this: Under the Swift memory model the UnsafeLock shown above is illegal. The correct strategy is to allocate storage for the lock yourself[…]

He does this using an UnsafeMutablePointer.

Wishing for a Low-End Apple Watch

David Smith:

I increasingly find myself wishing that Apple made a smaller, simpler and cheaper Apple Watch. A device that would compare more closely to a FitBit or similar lightweight fitness tracker. The current direction the Apple Watch is taking seems to leave behind so many users that it seems like a big missed opportunity.


Mojave Privacy Protection Aftermath

Paul Kim:

Months later, the issues stopped (or at least people stopped reporting them). I can’t say whether some sort of bug was fixed or if people are just now more familiar with how all the new privacy protections work. I’m leaning towards a bug of some sort as the reports have stopped altogether; I’d expect the occasional report of confusion if it was just a knowledge thing.


Regarding unit tests, it seems that changing my unit tests to run within an app, and adding the appropriate usage strings to the test app, was enough to get them to run.


At least, there seems to be one way as a dev to be able to make sense of things. Accessing protected directories (for instance, by using access()) will fail with an EPERM error. This differs from accessing a directory protected by UNIX permissions. In those cases, you will get an EACCESS error. While that’s great for differentiating between the two cases what’s unclear to me is if there are other situations, outside of Mojave privacy protections, that would give me an EPERM error.

Howard Oakley:

Imagine playing a team sport, and midway through a match the referee tells you that all the rules have changed, but they’re not telling you how, just that what you have been doing so far has been banned – in part.


For the last five months, I have looked high and low in Apple’s developer and user documentation for an official account of this, and information as to how TCC determines the Attribution Chain, which in turn informs us – developers, sysadmins and users alike – which app or tool we should add to the Full Disk Access list.

You already know the answer: Apple has not even mentioned any of this. Mojave’s privacy protection is undocumented, by Apple at least.

Daniel Martín:

Here’s an interesting Mojave support document. I didn’t know that you can use a configuration profile with the “SystemPolicyAllFiles” key set to automatically grant full disk access to apps. Convenient!

Howard Oakley:

Some of the most intractable problems in Mojave are those arising from its new privacy protection. The Privacy pane in Security & Privacy and the command tool tccutil intentionally give users, sysadmins and developers almost no help. Most of the lists in the Privacy pane aren’t directly controlled by the user, and all tccutil seems able to do is wipe the contents of those lists. When you have a problem, you’re stuffed.


I have now extended my free app Taccy, which already helps you examine entitlements and settings in an app, to provide customised access to the unified log which should make troubleshooting privacy control a great deal easier. If you’re familiar with Cirrus, which does the same for iCloud, then you’ll already be familiar with this new feature.

I’ve had lots of customers try to give an app Automation access or Full Disk Access, but find that it just doesn’t work or doesn’t stick. This page from the SpamSieve manual documents the different levels of resets that you can do to fix the problem: tccutil, manually deleting the TCC database (requires temporarily turning off System Integrity Protection), and reinstalling macOS. These are crude remedies, but fortunately they do work.


Update (2019-02-07): Isaiah Carew:

Mojave includes many more system level protections to keep out malware. But with this security comes some annoying side effects. One that hit me recently is that I can’t attach Instruments to some apps. This has made plugin development difficult, particularly because RapidWeaver is one of those apps.

Update (2019-02-12): Sergiu Gatlan:

In that post, he also mentioned privacy issues present in the implementation of the /usr/bin/tccutil tool, as well as the possibility to piggyback other apps who have been previously granted access by the user to access sensitive data or locations. The Automator issue was fixed by Apple with the release of macOS Mojave 10.14.3 Supplemental Update on February 7, but the other two are still unpatched.

Update (2019-02-27): See also: Bryan Jones (via John Gruber).

Update (2019-06-20): Peter N Lewis:

So I have descended to the point of adding specific assistance for Mojave security setting bugs. “yes, yes, I know you told the system to grant Keyboard Maestro permission, but Mojave does not really think you meant it”. Sigh.

Top 25 Photos on Flickr in 2018 From Around the World


From the billions of photos uploaded to Flickr in 2018, we chose the Top 25 Flickr Photos of 2018. Of all the incredible moments captured, we’ve curated a list of the most inspiring photos, which represent a global community of unique perspectives.

To determine top photos, Flickr staff created an algorithm that took into account a number of social and engagement metrics, like how many times the photo was viewed or faved. We made sure to curate the raw data to avoid the results being a popularity contest; we removed spammers and photos that don’t qualify as high-quality. We also tried to ensure diversity of genre. For photographers whose photos placed in the top list multiple times, we selected their top-scoring photo.


Twitterrific Ad Network

Ged Maheux (tweet):

Now you can advertise your app, website, product or service directly on Twitterrific’s expansive network of tech-savvy users for just $100 a month. For that price we guarantee 1,000 tap-throughs – not impressions but actual visits – to your App Store page or website. What’s more, we take care of creating the ad for you ourselves and even provide App Analytics for iOS or Google Analytics for websites.

Previously: The Deck Shuts Down.

Monday, February 4, 2019

Despair, Thy Name Is App Store

Daniel Kennett:

On Wednesday afternoon, I accidentally shipped the worst bug of my career. On Thursday morning, I fixed it, pushed an update to the App Store, and thankfully it got approved quickly.

Unfortunately, there’s currently a glitch in the App Store, and it’s still serving the broken version of my app to the world alongside the release notes and version metadata of the fixed one. “Fixed the crash!” it gleefully claims, cruelly delivering a very much unfixed binary. I’ve since uploaded a second update in the hopes that it’d get unstuck. No dice. The App Store is now serving a build from two versions ago alongside metadata from the current version.

There’s no way to call in to Developer Support that I can find any more, and the old numbers I have don’t work. The contact site is selling me the EU call centres have closed and won’t let me contact the US ones.

Update (2019-02-05): See also: John Siracusa.

Memories of Facebook Paper

Mike Matas:

5 years ago today Facebook Paper was released. So cool to see this incredibly thorough archive of all the little interactions we worked so hard on


My experience with it was that most of the actual FB posts never fit in. It seemed designed for a different kind of content than what fb actually has.

Vincent Bidaux:

User perspective: I felt I was missing even more of my timeline than with normal fb, which was already #1 struggle. Too much editorial/news/organic content vs. what friends were actually doing/saying.

Felix Krause:

When I first used the Facebook Paper app, I thought this would be how UIs are gonna look like in a few years, it felt like from the future. And look where we are now 🙃

Previously: Design Details: Paper by Facebook.

Margins on AirPods, Apple TV, and HomePod

Juli Clover:

On the latest episode of The Talk Show, Daring Fireball’s John Gruber discusses Apple TV and HomePod pricing and whether Apple is charging too much for some of its products.

According to Gruber, Apple is actually selling the 2017 Apple TV 4K at cost, suggesting the device costs Apple $180 to make. As for the HomePod, Gruber said he believes Apple sells it at a loss.


Gruber said that he also suspects the AirPods are priced close to cost as well, though he’s not sure and can’t prove it.

This doesn’t make a whole lot of sense to me (especially for AirPods), but I take it seriously because Gruber usually has good sources. Maybe it was accidental because the costs ended up being higher than what Apple predicted? I do think he’s right that Apple designed “too good” of a product—“good” in the sense of using high-end components that may not be valued commensurately by customers. If Apple TV 4K actually costs $180 to sell at no profit, Apple really didn’t design the right product.

Mark Gurman:

I’m told Apple is selling HomePods at a profit, not a loss, which wouldn’t make any sense. If it’s losing money, that’s only because it built too many speakers people don’t seem to want, and is now sitting on unsold inventory.

Update (2019-02-05): Joe Rossignol:

Apple’s expensive HomePod speaker accounted for just six percent of the U.S. smart speaker installed base through the fourth quarter of 2018, according to research firm Consumer Intelligence Research Partners.

Via Michael Love:

’Struggling’ implies effort, which I suspect they’re no longer applying to this, particularly if you assume that @gruber’s leak about Apple losing money on HomePod/TV was tactical in advance of March and June announcements that make that retreat official.

Previously: Initial HomePod Sales.

Update (2019-02-26): See also: The Talk Show.

Apple Is Indeed Patenting Swift Features

Thomas Claburn (Hacker News):

Here are two of the patents in question: 9,952,841 and 9,329,844.

John McCall:

By licensing its contributions under the Apache license, Apple has granted you a perpetual, royalty-free license to use all of its patents that are necessary in order to use Swift.

Ted Kremenek:

Any company making a contribution to Swift is intentionally licensing implied patents to the project. This is a business decision. Speaking on Apple’s behalf, that business decision is clear and deliberate: we want Swift to be successful and to be used widely. The Apache 2 license provides a form of IP licensing as well as IP protection for the project, and thus its users.

Chris Lattner:

I agree with much of the sentiment that software patents are often silly and the system is broken in many ways. This patent is a reasonable example of that (patenting syntactic sugar for monads, really?). I have no idea if there is prior art, but I wouldn’t be surprised. For sake of discussion, lets assume the patent is valid.

Even if I and others don’t like it, the software patent system exists. As is pointed out upthread, one of the major reasons that Swift uses the Apache 2 license is to provide more certainty for the community w.r.t. licensing and patents. An additional bonus of the Apache 2 license is that the open source project as a whole benefits from companies having and contributing their patents under the terms of the license: to say more directly, it is good for the Swift project that Apple has this patent and has contributed it to the project.


This basically says that if someone sues someone else over Swift then they lose access to the patents contributed to the project, and are therefore subject to countersuits. This is a significant part of the protection that the Apache license provides (it is a big deterent to lawsuits in general) but it only has teeth if there are actually patents in play!


If Apple genuinely intends to use this only for defensive purposes, or as counter-suits against patent trolls, then they should put it under something like Twitter’s Innovator’s Patent Agreement, something that legally enforces the idea of only using the patent for defensive purposes.

Nathan Gray:

Like most software engineers I’m not qualified to analyze what will or won’t infringe on a specific patent, so I’m not going to make any such claims, but attempting to patent programming language features from Swift is certainly a chilling move by Apple. @Chris_Lattner3, @tkremenek, and other (former/present) Apple people have emphasized how great this is for the Swift community, but that’s a very limited perspective. What about other languages? What about other communities? Is a new, from-scratch language design that uses optional chaining open to legal attack by Apple?

UltraViolet Digital Movie Locker Service Will Close

Mitchel Broussard (Hacker News):

Between January 31 and July 31, 2019, users will be able to keep accessing their UltraViolet Library, purchase new movies, and redeem digital codes. After the shutdown date, all UltraViolet Libraries will automatically close, but the company has detailed a way that users will be able to continue accessing their content.

To do this, UltraViolet is advising users to log into their accounts and verify that they have another retailer linked to their UltraViolet Library, which will allow them to watch their movies and TV shows on another platform after July 31.

Previously: Movies Anywhere.

Friday, February 1, 2019

Clearing the Icon Services Cache in Mojave

Howard Oakley:

After all these 35 years, and numerous bug reports, Apple still doesn’t provide any tool to rebuild the IconServices cache. You might find that restarting in Safe mode (with the Shift key held down), leaving your Mac a couple of minutes, then restarting back in normal mode, might do the trick, if you’re lucky, but as far as I know, that doesn’t force the IconServices cache to be rebuilt. Neither does resetting the SMC or NVRAM, although sometimes they’re recommended.

If all else fails, and you have to force the IconServices cache to be rebuilt, the only way seems to be to delete it at the command line.


The command to remove the main store is

sudo rm -rfv /Library/Caches/

That for the subsidiary data is

sudo find /private/var/folders/ \( -name -or -name \) -exec rm -rfv {} \;

which includes the Dock icon cache too.

Once you have done that, you’ll need to restart and give your Mac plenty of time to rebuild the caches.

Previously: Clearing the Icon Services Cache in Yosemite.

Update (2020-05-18): Picho13:

iconservicesagent basically went crazy and used an astonishing 32GB (yes, GB) of physical RAM on my computer, before running out and continuing to use the SSD space via swap memory to keep using RAM until it ran out of space on the SSD.

Clearing the cache apparently fixed this.

Comparing Xcode Target Build Settings

Paulo Andrade:

Simply shift+click the targets you want to compare and then enable the “Levels” toggle on the top filter bar.

By doing so, Xcode displays each target’s settings side by side for easy comparison. Furthermore, you can/should also enable the “Customized” toggle make it even easier to spot differences.

Not only does this Xcode feature have none of the drawbacks mentioned before, it also allows you to compare more than 2 targets! Simply shift+click another target and another column is displayed!

Blocking the Big 5: Google

Kashmir Hill (Hacker News, via Dare Obasanjo):

I’m saying goodbye to all that this week. As part of an experiment to live without the tech giants, I’m cutting Google from my life both by abandoning its products and by preventing myself, technologically, from interacting with the company in any way. Engineer Dhruv Mehrotra built a virtual private network, or VPN, for me that prevents my phone, computers, and smart devices from communicating with the 8,699,648 IP addresses controlled by Google. This will cause some huge headaches for me: The company has created countless genuinely useful products, some that we use intentionally and some invisibly. The trade-off? Google tracks us everywhere.


This experiment is not just about boycotting Google products. I’m also preventing my devices from interacting with Google in invisible or background ways, and that makes for some big challenges.

Update (2019-02-04): Bogdan Popa:

I spent this past weekend de-Google-ifying my life and, despite my expectations, it wasn’t too hard to do.


Why go through all this trouble? I’ve grown increasingly concerned this past year with how much access Google has to our lives. They are the world’s biggest advertising company and they have access to most of our web browsing via Google Chrome (62.5% market share – although given the amount of broken websites (some explicitly Chrome-only!) I’ve found since switching to Firefox, I believe this number may actually be higher), all our website visitors via Google Analytics and Google Fonts. Much of our communication via GMail and Google Apps and much of the content we consume every day via YouTube. I’m not even going to get into all the information they gather from people who use Android phones.

Passwords and Muscle Memory

Brent Simmons:

What I realized is that — probably for many years — I didn’t actually know my password. I couldn’t have told you what it is. I just relied on my fingers to know it. And since it always worked, I never thought to question it.

And then, one day at random, my fingers failed. And the more I tried to figure it out — trying things that seemed likely — the more I worried I was fuzzing my muscle memory.