Archive for December 9, 2019

Monday, December 9, 2019

The Information’s App Store Ordeal

Jessica Lessin (tweet):

The last two weeks have been a crash course in Apple’s gatekeeper status over consumers’ digital lives. Apple rejected our app four times. Some of the pushback we received was so specific—such as not being allowed to underline the words “free trial”—I was stunned. Other requirements seemed arbitrary, such as the rule that we couldn’t require users to enter their email (while Disney and the New York Times could).


The copy we submitted read “Annual + 7 day free trial, $29.99.” The reviewer told us it wasn’t clear that you would be billed after 7 days.


If we wanted to launch, we had to disable a part of the app that allowed Tech Top 10 users to preview The Information articles and subscribe to read them.


Next, our app reviewer had also determined that some of the news briefs in the app were available for free on our website, which wasn’t allowed.


This time their objections related to our About Page, among other things. It couldn’t mention our website because our website is a link and that link might eventually take someone to a page where they could subscribe to The Information (similar to the article issue).


Our Android app launched Wednesday as well. All that took was a push of the button and a short waiting period. But so far, 86% of our usage is coming from iPhones.

Ryan Jones:

You didn’t hit on the fact that they revealed rejection issues 1-by-1, wasting days and days, instead of listing multiple issues at once.

The issue you’ll see - all their rules exist for a defensible reason, but in aggregate, it’s maddening. Rock and a hard place.


Fetch 5.8

Jim Matthews:

Fetch 5.8, the 64-bit version of Fetch, is now available for download. The primary feature of this release is compatibility with macOS 10.15 Catalina. Fetch 5.7 users should only upgrade to Fetch 5.8 if they have moved, or will soon move, to Catalina.

A number of features of previous Fetch versions — AppleScript and Automator support, non-English localizations, Kerberos and Bonjour support — are not present in Fetch 5.8. We hope to restore some of these features in future updates.


CGImageSource Memory Leak

Gus Mueller (tweet):

This sample shows how CGImageSourceCreateThumbnailAtIndex leaks something akin to the memory behind a CGImageRef when asked to create a thumbnail for a 16bpc TIFF image if one isn’t present.

I wonder whether ImageIO got rewritten in Catalina. I’ve found multiple bugs where basic stuff like setting an image’s metadata doesn’t work reliably (FB7435415).

Sam Rowlands:

I’ve confirmed with other devs that 16-Bit imaging is funky on 10.14 and above. The most common issue I’ve seen is 16-Bit images end up with rainbow colors when drawn into a 16-Bit context.

iPhone 11 Location Data Puzzler

Brian Krebs (tweet, Hacker News):

One of the more curious behaviors of Apple’s new iPhone 11 Pro is that it intermittently seeks the user’s location information even when all applications and system services on the phone are individually set to never request this data. Apple says this is by design, but that response seems at odds with the company’s own privacy policy.

The privacy policy available from the iPhone’s Location Services screen says, “If Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers (where supported by a device) in an anonymous and encrypted form to Apple, to be used for augmenting this crowd-sourced database of Wi-Fi hotspot and cell tower locations.”

Brian Krebs (Hacker News):

Today, Apple disclosed that this behavior is tied to the inclusion of a short-range technology that lets iPhone 11 users share files locally with other nearby phones that support this feature, and that a future version of its mobile operating system will allow users to disable it.


What prompted my initial inquiry to Apple about this on Nov. 13 was that the location services icon on the iPhone 11 would reappear every few minutes even though all of the device’s individual location services had been disabled.

“It is expected behavior that the Location Services icon appears in the status bar when Location Services is enabled,” Apple stated in their initial response. “The icon appears for system services that do not have a switch in Settings”.


It is never my intention to create alarm where none should exist; there are far too many real threats to security and privacy that deserve greater public attention and scrutiny from the news media. However, Apple does itself and its users no favors when it takes weeks to respond (or not, as my colleague Zack Whittaker at TechCrunch discovered) to legitimate privacy concerns, and then does so in a way that only generates more questions.

Nick Heer:

This makes complete sense to me and appears to be nothing more than a mistake in not providing a toggle specifically for UWB. It seems that a risk of marketing a company as uniquely privacy-friendly is that any slip-up is magnified a hundredfold and treated as evidence that every tech company is basically the same.

Jeff Johnson:

I never want any data sent to Apple unless I’m directly, intentionally using an Apple service such as browsing an online store, or manually checking for software updates.


Update (2019-12-17): Dr. Drang:

As with the release notes, the instructions here focus more on connection history than connection maintenance. I suspect Panic doesn’t want to oversell connection maintenance because it’s not entirely under their control; they know Apple could kill it with another point release.

But until that happens, I’m enjoying SSH connections that last as long as I want them to.