Archive for May 14, 2019

Tuesday, May 14, 2019

macOS 10.14.5 Whitelists Kernel Extensions

Howard Oakley:

Until 10.14.5, AppleKextExcludeLList.kext contained one Property List, KnownPanics.plist, which detailed kernel extensions known to Apple to be the cause of kernel panics, thus excluded from loading in Mojave; that hasn’t changed in 10.14.5. That kext now contains a second property list, ExceptionLists.plist, which is a long dictionary of “secure timestamp exceptions”.

Each entry consists of a string of hex digits, which is presumably an identifier or hash, together with the kext ID (such as com.thiscompany.mykext) and its version number. These appear to be an exhaustive list of over 18,000 existing kernel extensions which have been granted exceptions to the notarization requirement.


Update (2019-06-03): Howard Oakley:

The man page for spctl hasn’t been updated for over six years, but in 2017 it gained a set of actions to handle kernel extensions and your consent for them to be installed – what Apple terms User Approved or Secure Kernel Extension loading. You should be able to see these if you call spctl with the -h option. These kext-consent commands only work when you’re booted in Recovery mode: they should return errors if you’re running in regular mode.

This appears to unblock kernel extensions which macOS won’t install because they don’t comply with the new rules on notarization, presumably by adding the kernel extension to the new whitelist which was installed as part of the macOS 10.14.5 update. Kernel extensions which are correctly notarized should result in the display of the consent dialog taking the user to Security & Privacy; those which aren’t and don’t appear in the whitelist are simply blocked and not installed now.

Update (2019-08-13): Tom Bridge:

Whitelisting the Team ID in a Kernel Extensions payload from a User-Accepted MDM does not affect the notarization requirements in the Catalina betas at this time. What I said in the talk was based on my conversations with colleagues and friends, and an conversation I’d had with a member of Apple’s staff, and on my initial results with the first beta of Catalina.

My conclusions were based on the question I asked in that inteview: Will there be a way to whitelist Developer IDs for notarization the same way there is for Kernel Extension loading? The answer was an unequivocal yes.

I assumed that the method for this was the same payload. That has turned out not to be the case in my testing thus far.


Here’s what I do know: merely providing a kernel extensions whitelisting of the Team ID of a Developer is insufficient to prevent warnings for packages and disk images signed with that Developer Certificate.

iOS 12.3’s TV App

Chris Welch:

The redesigned Apple TV app, first announced back at the company’s March event, is being released today on iOS, Apple TV, and Samsung’s latest smart TVs. To make that happen, Apple is rolling out updated versions of iOS and tvOS with a refreshed look and support for a new lineup of paid Apple TV Channels, including HBO, Showtime, Starz, Epix, and other networks. Users can subscribe to Apple TV Channels directly from the Apple TV app, and all content can be watched from right inside the app as well.

Chaim Gartenberg (tweet):

There’s simply no way around it — actually watching video using Apple’s native TV app is just an appalling user experience. Here’s how it works: if you’re watching a video on the TV app — presumably, one that you bought or rented on iTunes, streamed through one of Apple’s native partner channels, like HBO or Showtime, or whatever the method for using Apple TV Plus will be — on an iOS device, it will play in portrait. It also looks terrible.

If your device is set in rotation lock — as most iPhones tend to be in my experience — there is no way to watch video in landscape. The only way is to disable rotation lock, which requires swiping down into the control center (since there’s no way to access it directly on the playback screen), and then rotate the device. There is also no way to lock it in landscape mode once rotated, so better make sure to hold that phone steady.


It was only when Apple released iOS 11 that portrait was made default, and it’s been stuck that way ever since.

Meek Geek:

Failing at the basics.

Video playback isn’t hard: If it is 16:9 or wider, lock the device to landscape and only allow it to be rotated 180°. This should be an OS-level default that developers have to override, so everyone benefits.

Mike Hay:

Hey @tim_cook, the Apple apps are supposed to set the standard right?

The subscription text is so small here that any 3rd party app would have been rejected immediately.

Damien Petrilli:

And still no chapter in movies like the old Movie app did since day 1.

Walt Mossberg:

Got the new AppleTV app on iPhone, iPad & Apple TV. Unlike what every review says, I have no “For You” section on any of them. Also, I have an entire row of what’s playing on @hbogo, & the shows play great. But also a huge offer to subscribe to @hbonow.

Ryan Jones:

What the F is this centering. And tap-down state.

Previously: The Sad State of iOS 11’s TV App.

Update (2019-05-16): Dan Masters:

If anybody has tried playing music videos in Apple Music, they won’t be at all surprised by this.

Warren Buffett’s Paper Wizard

Joe Rossignol:

While the game’s developer is listed as Wildlife Designs, Inc on the App Store, the app is copyrighted, maintained, and operated by Apple according to its terms and conditions, making this the first game Apple has developed for the iPhone since Texas Hold’em back when the App Store launched in 2008.


In an interview with CNBC, Cook said Buffett has made it clear he does not invest in technology companies, meaning he “obviously views Apple as a consumer company.”

A thousand no’s for every yes. And why is Cook proud that Apple is not seen as a technology company? With the services focus, should we view it more like a utility or cable company?

Marco Arment:

Best take on the bizarre Warren Buffet game was on @_connectedfm

I tend to agree with Stephen Hackett. Cook seems to delight in celebrities and goofy stuff like this, much moreso than in product details.

Joe Rossignol:

Given that Warren Buffett’s Paper Wizard only takes minutes to complete, and that Buffett’s high score of 15,350 is seemingly unbreakable, the game appears to be little more than a short-lived novelty. As such, it is not all that surprising that the game has already been pulled internationally.


Adobe Case Study in Why Customers Don’t Like Subscriptions

Juli Clover:

Adobe today quietly debuted new pricing for its Photography bundle, which has long been available for $9.99 per month. Starting today, Adobe’s website is listing a price tag of $19.99 per month, which is double the previous price.


Most users appear to be seeing the updated pricing on the Adobe website, but there is a hidden section of the site where one can still purchase the Photography plan for $9.99 per month.

It looks like it’s still planning to bill me at $9.99. That already seemed steep, given that I don’t use Creative Cloud or Photoshop—only Lightroom CC, which was previously a $149 one-time purchase. However, I still like Lightroom (UI weirdness aside), and post-Aperture I prioritize choosing a product that seems seem unlikely to disappear.

Ashley Lynch (Hacker News):

Adobe is no longer allowing subscribers to download previous versions of Premiere and is even sending notices to people who still have them installed to say they’re no longer allowed to use them.

Matt Roszak (Megan Fox):

I just got an email from @Adobe that I’m no longer allowed to use the software that I’m paying for. Time to cancel my subscription I guess.

William Gallagher (MacRumors):

Users of older versions of Creative Cloud apps, including Photoshop, Premiere Pro and Lightroom Classic, have been told by Adobe that they are no longer licensed to use them, and anyone who continues to use these versions could face “infringement claims” from other companies.


Prior to the creation of the Creative Cloud subscription service, Adobe licensed certain technologies from Dolby with an agreement based on how many discs of certain apps were sold. Now that the software is distributed online, the companies reportedly renegotiated their agreement to be based on how many users are actually running the software.

According to Dolby’s legal filing, this agreement was subject to the figures Adobe reported being examined by a third-party audit. “When Dolby sought to exercise its right to audit Adobe’s books and records to ensure proper reporting and payment, Adobe refused to engage in even basic auditing and information sharing practices; practices that Adobe itself had demanded of its own licensees,” says the filing.


Earlier in May, Adobe announced that that users will no longer be able to stay on just any older version they want.


So Adobe has a licensing issue with Dolby or an “other third party” as they put it - and end users who paid for the software as recently as 3 months ago are supposed to switch versions in the middle of a project, or be “subject to infringement claims”(!?) in some IP proxy war?

It seems like this is Adobe’s problem. I don’t know if throwing their customers under the bus was a sad attempt at fomenting pressure on Dolby to capitulate, but it’s really scummy and a bad look for Adobe.

Shawn King:

I got my “cease and desist” letter. Adobe continues to make decisions that hurt average customers. It’s unlikely individuals would “face potential “infringement claims” from Dolby and Adobe is just using the wording as a scare tactic.


Update (2019-05-16): Wojtek Pietrusiewicz:

I just want Lightroom Classic and I couldn’t care less about the rest, yet I am forced to pay for unused features. Adobe’s Creative Cloud is a very frustrating experience.

How the Apple Store Lost Its Luster

Mark Gurman and Matthew Townsend (Hacker News):

In interviews, current and former Apple employees blame a combination of factors. They say the stores have become mostly an exercise in branding and no longer do a good job serving mission shoppers like Smith. Meanwhile, they say, the quality of staff has slipped during an 18-year expansion that has seen Apple open more than 500 locations and hire 70,000 people.


The overhaul of the Genius Bar has been especially controversial. Customers looking for technical advice or repairs must now check in with an employee, who types their request into an iPad. Then when a Genius is free, he or she must find the customer wherever they happen to be in the store. Ahrendts was determined to get rid of lineups, but now the stores are often crowded with people waiting for their iPhones to be fixed or batteries swapped out.

The Genius service also lost the human touch. In the past, Geniuses could work on a Mac or iPhone right at the counter, chatting and explaining what they were doing.

Nick Heer:

The store I most frequently visit when I need support has a really strange vibe around the Genius Bar. I guess the intent is that, while you’re waiting five to forty-five minutes for your technician, you can look around for stuff to buy. But I don’t see people doing that. I see lots of people sitting awkwardly waiting at tables with lots of other people also sitting awkwardly. All of us just want our products fixed so we can go home.

Mark Gurman:

A former Apple retail exec tonight: “It was a wholesale leadership takeover by fashion industry insiders and agency people who had no idea what they were doing with Apple. Most of the folks who knew better are long since gone. O’Brien has her work cut out for her.”

Mitchel Broussard:

One former Apple executive said that O’Brien is looking to borrow from the past and break up Apple stores into more clearly defined sections. These include areas that promote Apple’s growing services business, like Apple Music and Apple TV+. A few employees speculated that she will also bring back the original Genius Bar.

Alex Johnson:

Did an iPad trade-in: was what I said it was. Changed offer: no ability to speak to a person. Contrast @gazelle : real people. Retail: per Bloomberg story. iCloud billing: where to begin.


Update (2019-05-31): Mark Gurman and Taylor Riggs:

Former Apple Inc. retail head Angela Ahrendts defended her revamp of the company’s stores over the past five years, and called her tenure “mission accomplished.”