Archive for May 2020

Friday, May 29, 2020

Logitech Combo Touch

Josh Centers (tweet):

There aren’t many products that I try and instantly say, “Wow, this is awesome, I can’t wait to tell TidBITS readers about it!” But the Combo Touch, which comes in models appropriate for the seventh-generation iPad, third-generation iPad Air, and 10.5-inch iPad Pro is one of those products.


Strangely, the Combo Touch isn’t available for the 11-inch or 12.9-inch iPad Pro. A little birdie told me that Apple discouraged Logitech from supporting those models so as to not compete with the Magic Keyboard. After just a few hours with the Combo Touch, I see why Apple might have been worried about the competition, and I think a lot of iPad Pro users will be envious of those of us who can use the Combo Touch.


Swift AWS Lambda Runtime

Tom Doron (also: Hacker News):

It is my pleasure to announce a new open source project for the Swift Server ecosystem, Swift AWS Lambda Runtime. Distributed as a Swift package, the Swift AWS Lambda Runtime is designed to help Swift developers build serverless functions for the Amazon Web Services Lambda platform.


When using serverless functions, attention must be given to resource utilization as it directly impacts the costs of the system. This is where Swift shines! With its low memory footprint, deterministic performance, and quick start time, Swift is a fantastic match for the serverless functions architecture.


Modeling Lambda functions as closures is both simple and safe. Swift AWS Lambda Runtime will ensure that the user-provided function is offloaded from the network processing thread to its own thread so that even if the code becomes slow or unresponsive, the underlying Lambda process can continue and interact with the Runtime engine.

Update (2020-06-02): Fabian Fett (tweet):

This tutorial shall help you to get started with our new shiny toy swift-aws-lambda-runtime. It’s a beginners’ tutorial focused primarily on the AWS console, since it is the easiest way to get up and running. Further the Lambda we create here is very simple for the purpose of concentrating on project setup and deployment.

Backing Up Core Data Stores

Tom Harrington:

Once you use this method, the persistent store you migrated is removed from the persistent store coordinator. It also adds the newly-migrated store to the coordinator. So now the store is using the new copy instead of the old one. That’s not good for a backup, since the new copy is the backup you just made that you want to leave alone. It’s also a potential app crasher, since any managed objects you already fetched came from a persistent store that’s no longer available.

He recommends using a second, temporary persistent store coordinator as the source for the migration.

OmniFocus 3.8

Rosemary Orchard (also: release notes):

Omni Automation plugins and automation in OmniFocus Pro offer a level of customized automation previously not available on iOS. While the Mac has had support for AppleScript since it’s earliest days (and was started as a combination of OmniOutliner and AppleScript known as Kinkless GTD), this has left some of the most popular devices out of part of the automation loop. OmniFocus recently added more Shortcuts support, but Shortcuts, like AppleScript, are restricted to one platform—and they can’t offer the unique abilities that come from writing a script. Below are two example plug-ins you can download and use, or look at, to see how this new feature can enhance your OmniFocus workflows—on Mac, iPad, or iPhone. Now, with Omni Automation, plug-ins can be written once and will work the same on Macs, iPhones, and iPads.


All Omni Group applications now support JavaScript plug-ins—so you can transfer your data from one application to the other with ease. You can also turn a project in OmniFocus into a project plan in OmniPlan, a hierarchical diagram in OmniGraffle, or import templates from OmniOutliner.

Federico Viticci:

Here’s the short version of this story: our brand new Perspective Icons offer 400 unique glyphs with two distinct icon shapes available in 25 different colors, for a total of 20,000 icons included in the set. Yes, you read that number right. The icons can be easily installed in OmniFocus Pro for Mac, iPad, and iPhone using Finder or the Files app; all the icons and colors have been optimized for OmniFocus and designed to look like native additions to the app.

Thursday, May 28, 2020

Shrugs 1.0

Helge Heß (tweet):

ZeeZide GmbH is happy to announce the release of, a native macOS Slack client[…]


Shrugs complements the capable official Slack client by providing deep integration with the macOS system: Multiple windows, trackpad gestures, or iPhone & iPod integration using Apple’s Continuity.

Helge Heß:

Apart from a weak IRC gateway that eventually got killed, it unfortunately didn’t (and still doesn’t) use any standard protocols. However, it turned out that Slack quite likely has one of the world’s best documented JSON based HTTP API’s: And part of the official API are user tokens, a.k.a. tokens to act on behalf of the user.


End of August the authentication flow worked really well. Including the API token gateway, a small SwiftNIO (MicroExpress) server running in the cloud. This server component is required to avoid having to embed the Slack API credentials in the app (from which they would be easy to extract).


Camo Beta

Reincubate (tweet, via Joe Cieplinski):

Want to look your best on video calls? The camera on your iPhone or iPad is leagues ahead of any webcam on the market, and Camo makes it easy to use your iPhone as a webcam.

iPhone cameras are getting better whilst webcams get worse. As the Wall Street Journal reported, the 2020 MacBook Air’s camera is worse than the 2010 model. Even the new MacBook Pro only does 720p, which even YouTube doesn’t consider “HD”.

Great idea. I expect it to get Sherlocked soon.

See also: Pretty Much All Laptop Webcams Suck, Laptop Webcams Are Kind of Terrible.


iPhone vs. Pixel Dictation

James Cham:

I don’t think that people appreciate how different the voice to text experience on a Pixel is from an iPhone. So here is a little head to head example. The Pixel is so responsive it feels like it is reading my mind!

Speed has its own quality—the current model for speech is like a command line. You say something and wait for a response. Now that voice to text is fast and uses fewer resources than you would think, there’s a chance for truly interactive voice experiences.

Also look at the latency when asking Siri to pause or adjust the volume of the audio that’s playing.

John Gruber:

What really sticks out about this is that in so many regards, Apple’s accessibility features are both awesome and far ahead of everyone else. Yet voice-to-text transcription is an obvious accessibility feature, and on this front Apple is and long has been woefully behind. If Apple’s voice-to-text transcription were good, it wouldn’t just improve the ways we use (or try to use) it now — truly good voice-to-text would enable all sorts of new Star Trek-level interactions while editing text. Quick fixes in Messages, Mail, or wherever you happen to be typing.

Dave Mark:

So I turned on Airplane Mode and the iPhone [STT] is every bit as fast as the Android [STT].

Turn Airplane Mode off, lag returns. Try it yourself!!

Not at all sure why this lag is necessary.

Kirk McElhearn:

I’ve seen that too. I think it does more processing / checking when you have internet access. I find it more accurate when it does have internet access, in fact.


Mac App Store Review Prompting Bug

Steve Troughton-Smith:

When macOS bugs, completely out of developer control, translate into bad reviews 😭 Anybody on the StoreKit team know why SKStoreReviewController can get stuck in a loop on macOS Catalina and keep presenting incessant ratings dialogs even when the app is not running?

The irony is that the whole point of this API was to prevent third-party code from prompting the user too often.

Will Cosgrove:

Virtually all the bad Transmit reviews are due to this bug. We’ve been trying to get it fixed for years.

Xavi Moll:

I also got a 1 star rating this morning due to that bug


FileMaker 19

Ric Ford (also: MacRumors):

Claris FileMaker Pro 19 was announced today, the latest step in Apple’s many transformations of database management software originally acquired many years ago from Nashoba Systems. Apple now licenses the software almost entirely on a subscription basis under a subsidiary it calls “Claris”, recycling a name from an earlier era with entirely different products.


A FileMaker Pro “individual” (non-cloud) license option has been marginalized but remains available at $540.

Wednesday, May 27, 2020

Catalina Fonts You Didn’t Know You Had Access To

Ralf Herrmann:

Apple has recently licensed fonts from type foundries such as Commercial Type, Klim Type Foundry and Mark Simonson Studio to be used as system fonts on Mac OS Catalina. But since these fonts are an optional download, many users of Mac OS X are not even aware they have access to them for free.

To see and install these optional fonts, open the FontBook application and switch to “All Fonts”.

Some highlights are Founders Grotesk, Produkt, and Proxima Nova. The full list is here.

Update (2020-05-28): David Isaksson:

You may also have a set of Druk by @commercialtype installed by the latest version of Pages/Keynote. Use a new template featuring Druk and it will install in Font Book automatically. Using this method will also unlock many of the other Catalina fonts for Mojave users.

Update (2020-06-02): Philipp Defner:

Not so great: You can’t download all of them at once.

“Why not just select multiple families while holding the Command key?” you might ask. This question is easily answered by giving it a try and observing how the CPU load is going up to 100% while the system grinds to a halt and the interface starts lagging after selecting more than 6 fonts.

The LG UltraFine 5K, kernel_task, and Me

Peter Steinberger:

Since we first purchased the displays, we’ve been having issues with them, starting with delayed shipping, ghosting, and Wi-Fi interference, and moving on to compatibility — there’s no HDMI, DisplayPort, or similar. The only way to use these monitors is with a modern Mac. As for the compatibility issue, that was a known tradeoff, and for me, it was acceptable. After all, the benefit of only having a single cable as a modern docking station and a beautiful panel outweighed the drawbacks. I still remember my innocent excitement.

Since receiving these displays, we’ve had to return most of them to get fixes for various issues, and we’ve patiently updated the firmware multiple times with LG’s crappy Screen Manager software. There are also issues with expanding batteries, and Apple has blamed the LG 5K, saying just don’t use it a lot and you’ll be fine.


The 16-inch MacBook Pro doesn’t seem to suffer from this temperature sensor misplacement and can drive the LG UltraFine without slowdown on both ends. […] The bad news: The LG can provide 87 watts of power, but the notebook comes with a 96-watt adaptor. This means that the battery is constantly compensating. […] I mostly use the separate power plug to fix the “missing 9-watt problem.”

Despite all this, he recommends it. There just aren’t many Retina options.


macOS 10.15.5

Apple (TidBITS, MacRumors, Hacker News, Mr. Macintosh, Howard Oakley):

macOS Catalina 10.15.5 introduces battery health management in the Energy Saver settings for notebooks, an option to control automatic prominence of video tiles on Group FaceTime calls, and controls to fine-tune the built-in calibration of your Pro Display XDR. The update also improves the stability, reliability, and security of your Mac.

The update went smoothly for me on the MacBook Pro. I’m still using Mojave on my iMac. Alas, the update does not fix the remaining data loss issue with Apple Mail. Mail’s version number is unchanged since macOS 10.15.4.

Mr. Macintosh:

NOTE!!! on the softwareupdate --ignore flag change.

Major new releases of macOS are no longer hidden when using the softwareupdate command with the --ignore flag

****This change also affects macOS Mojave and macOS High Sierra after installing Security Update 2020-003.****

Adding a Catalina nag in a security update is not very nice.

Jeff Johnson:

Apple’s support article seems to be not entirely accurate. It’s true that the Software Update preference pane now refuses to ignore the Catalina update on Mojave. Nonetheless, softwareupdate itself does continue to ignore it! Fortunately, then, there’s still a way to make the red badges go away. We don’t need no stinkin’ badges!

The key is to avoid opening the Software Update preference pane. It’s fine to open System Preferences though. If you happened to open the preference pane after installing the Security Update 2020-003, you can just repeat the above steps, and the badge will still go away.


It may be a bummer to have to check and install everything from the command line, but it’s preferable to a permanent red stain on your Dock, isn’t it?

Mr. Macintosh:

I have received 3 different reports that the 10.15.5 Update is still changing the ComputerName & HostName back to default

The last update that I’ve received from Apple said that this issue will NOT be fixed until macOS 10.16

Mike Bombich:

Early last week we discovered an APFS filesystem bug in a beta of macOS 10.15.5. The technical details of the bug are laid out below, but the short version is that we’re no longer able to use our own file copier to establish an initial bootable backup of a macOS Catalina System volume.


The chflags() system call can no longer set the SF_FIRMLINK flag on a folder on an APFS volume. Rather than fail with an error code that we would have detected, it fails silently – it exits with a success exit status, but silently fails to set the special flag. That’s a bug in the APFS filesystem implementation of chflags – if a system call doesn’t do what you ask it to do, it’s supposed to return an error code, not success. That’s a fairly nasty bug too. Apple preaches that you should always check your error codes, and we do – religiously. This bug slipped past us for who knows how long because the system call exits with a success error code.

Tim Schmitz:

Please fix the recurrent kernel panics during sleep on my 16” MBP 🤞🤞🤞


Update (2020-05-28): Eric Slivka (tweet):

Apple is making it more difficult for users to ignore available software updates and remain on their current operating system versions.

Thomas Tempelmann:

Also, it’s pointless that Apple now reminds me even on an old Mac that can’t run Catalina that I should upgrade to 10.15! That’s what the ignore option was meant to solve. When I use Terminal to say “I don’t need this reminder” it should be clear I understand the risk.

Jeff Johnson:

It turns out there’s a simple way to disable the Dock badge for System Preferences.

This doesn’t solve any other problems, however, such as Catalina showing up in the Software Update preference pane.

Tim Hardwick:

An Apple File System bug has been discovered in macOS 10.15.5 Catalina that can prevent users from making a bootable clone of their system drive[…]

Stephen Hackett:

If it’s a bug, I have questions about what sort of change could impact this toward the end of an OS’ active development, and if it’s a change, it should have been documented when it first shipped in the beta.

Dave Nanian:

The new [asr] feature basically didn’t work until Catalina’s final beta. And even when it started working, while fast, it dealt with failures...poorly.


In this case, Apple has broken the ability to make new firmlinks. It’s utterly unclear why they broke this capability, but they did. And that makes new and erased SuperDuper! backups unbootable.

It sounds like the developers of the major Mac cloning utilities both reported the bug during macOS 10.15.5’s beta period, but Apple decided to ship anyway. Just like the Mail data loss bugs that were reported during the macOS 10.15.0 beta.

Update (2020-06-01): See also: Hacker News.

Colin Cornaby:

After 10.15.5, my Ultrafine 5k is not always waking up with my computer. I haven’t had this setup long, but my understanding was this was fixed in 10.15.4, and I didn’t see it in 10.15.4.

Not a great really expensive workstation experience.


Update (2020-06-03): Howard Oakley:

I continue to get frantic messages and comments from many who can’t get Time Machine to make any backups at all, and the latest update doesn’t appear to have brought any relief. For many, upgrading to 10.15 is still too much of a gamble. When they realise how immature the replacement apps for iTunes are, even more users get cold feet.

Update (2020-06-05): Mr. Macintosh:

Initially, users reported the 10.15.5 Beta 3 update fixed the Wake from Sleep KP issue. Now, I’m being flooded by users saying the 10.15.5 update did NOT fix the issue

Bot Twitter Accounts Discussing COVID-19

Karen Hao (via John Gruber):

Kathleen M. Carley and her team at Carnegie Mellon University’s Center for Informed Democracy & Social Cybersecurity have been tracking bots and influence campaigns for a long time. Across US and foreign elections, natural disasters, and other politicized events, the level of bot involvement is normally between 10 and 20%, she says.

But in a new study, the researchers have found that bots may account for between 45 and 60% of Twitter accounts discussing covid-19. Many of those accounts were created in February and have since been spreading and amplifying misinformation, including false medical advice, conspiracy theories about the origin of the virus, and pushes to end stay-at-home orders and reopen America.

Virginia Alvino Young:

To analyze bot activity around the pandemic, CMU researchers since January have collected more than 200 million tweets discussing coronavirus or COVID-19. Of the top 50 influential retweeters, 82% are bots, they found. Of the top 1,000 retweeters, 62% are bots.


Many factors of the online discussions about “reopening America” suggest that bot activity is orchestrated. One indicator is the large number of bots, many of which are accounts that were recently created. Accounts that are possibly humans with bot assistants generate 66% of the tweets. Accounts that are definitely bots generate 34% of the tweets

These are extraordinary claims, both because of the high numbers and because lots of real people are also talking about COVID-19. Some of them are spreading misinformation, and some are in favor of reopening sooner. In my own Twitter feed I have seen very few if any COVID-19 tweets that look like they are bot-related. How did the researches arrive at these counts, with such apparent certainty?

Neither of these articles shows actual examples of bots. I could not find a published paper, data, methodology, or code. Professor Carley did give a seminar on March 31, which has more details than the news release (via Tess Owen). One of the precise claims is:

Overall in the discussion around corona virus about 45% of the users are more than 50% likely to be bots

This is a bit less sensational, and it clarifies that these are not numbers based on humans looking at the tweets and accounts and categorizing them as bot or not-bot. Rather, they are counting accounts that were assigned bot percentages by a machine learning model.

Darius Kazemi:

The short of it is: knowing what we know about the study, which is very little, it seems like these researchers have in the past used a very loose and nearly useless definition of “bot”


Also worth looking at is this informal audit of a few “bots” that were identified by these researchers back in April, some of which are humans with faces and lives who post videos of themselves like, talking and living and stuff


Also if you’re interested in this you can check out my blog post on “The Bot Scare” which is not peer-reviewed but I try to cite lots of sources and make a decent argument that most of this kind of research is pretty flimsy.

Yoel Roth (Twitter Head of Site Integrity):

There’s no right or wrong way to use Twitter — and many “bot” studies wind up dismissing a lot of real activity as inauthentic.

Even if you take “bot” to mean “automated spam,” there’s little evidence that the dramatic conclusions of the #COVID19 study are accurate.

That’s not to say that spam isn’t an issue. We know that discussions about #COVID19 are a prime target for all sorts of platform manipulation. Since March, our proactive systems have challenged millions of spammy accounts Tweeting about COVID.


Why not just suspend accounts immediately, or share information about our other actions in our APIs? Doing so would make it easier for adversaries to know we’ve caught them, and adapt to evade our detections.

Possibly the bot threat is exaggerated, but that’s not exactly comforting, either.

Joey D’Urso:

Bots do exist, and there have been several concerning stories in recent years about foreign bots attempting to influence elections in the UK, US, and elsewhere.

But a lot of the time, what looks like foreign bot activity is nothing of the sort.

The truth is often something even harder to get your head around — people voluntarily choosing to copy and paste identikit slogans on social media to spread a partisan message or simply wind up their opponents.

Tuesday, May 26, 2020

Jailbreaking for iOS Developers

Peter Steinberger:

Jailbreaking has a bad taste because it can be used to pirate apps. But there are many other, much more noble or interesting reasons why it’s worth exploring, like enhancing accessibility[…]

This is a great collection of apps, tweaks, and links.


Update (2020-05-28): Craig Grannell:

Reading this and thinking about the changes in iOS in recent years, Apple still banning emulators from the App Store seems asinine.

Sublime Merge 2

Dylan Johnston (Hacker News):

  • Repository-Level Tabs - use tabs to quickly navigate between multiple repositories
  • Upgraded Commit UI - focus on what’s important with an upgraded commit UI
  • Flexible Layouts - adapt the layout to fit your context and workflow
  • Hardware Acceleration - harness your device's power with OpenGL rendering

I love how fast this app is and the way it shows diffs with intra-line changes, syntax coloring/styles (albeit not for Swift), and the name of the modified function. I use it sometimes for searching and browsing a file’s history. But I haven’t been able to get used to it for regular daily Git use. The keyboard navigation between and within panes is weird. I can’t batch-select uncommitted files. Page Up/Down doesn’t work in the diff pane.


Phantom App Updates, Part 2

Eric Slivka:

Over the past few hours, a number of MacRumors readers have reported seeing dozens or even hundreds of pending app updates showing in the App Store on their iOS devices, including for many apps that were already recently updated by the users. In many cases, the dates listed on these new app updates extend back as far as ten days.

Jeff Johnson (tweet):

These were not new versions of the apps submitted by the developers but rather re-releases of the current versions, modified somehow by Apple. […] It has been speculated that these new releases are to fix a recent issue plaguing iOS users that prevents them from opening their installed apps. Instead, they see an alert that says “This app is no longer shared with you. To use it, you must buy it from the App Store.”


Sure enough, the Apple iPhone OS Application Signing certificate expired on May 20, 2020 at 9:04:15 PM Central Daylight Time. I searched “social media”, and the first reference I found to the current batch of “This app is no longer shared with you” errors was on May 21. What an incredible coincidence!


Public Triplebyte Profiles

Ammon Bartram:

Now, you can use your Triplebyte credentials on and off the platform. Just like LinkedIn, your profile will be publicly accessible with a dedicated URL that you can share anywhere (job applications, LinkedIn, GitHub, etc). When you do well on a Triplebyte assessment, your profile will showcase that achievement (we won’t show your scores publicly). Unlike LinkedIn, we aim to become your digital engineering skills resume — a credential based on actual skills, not pedigree.

The new profiles will be launching publicly in 1 week. This is a great opportunity to update your profile with your latest experience and preferences. You can edit your profile privacy settings to not appear in public search engines at any time.

In other words, you have less than a week to opt out if you don’t want your information to be public. But it apparently takes 30 days for the change to be processed.

Ammon Bartram:

You came to us with the goal of landing a great software engineering job. As part of that, you entrusted us with your personal, sensitive information, including both the fact that you are job searching as well as the results of your assessments with us. Launching a profile feature that would automatically make any of that data public betrayed that trust.


What I will do now is slow down, take a step back, and learn the lessons I need to avoid repeating this.

Netflix Stops Charging Inactive Customers

BBC (via Hacker News):

The company said the notifications would be sent to those people who signed up with a credit card or other payment method, but have not watched anything in the year since signing up.

It will do the same for other users who have been paying for the service, but have not watched anything in the past two years.

Users with dormant accounts will receive a notification asking if they want to continue with their subscription, and those who do not respond will have their account cancelled.

And your data is preserved if you resubscribe later. Bravo.


Years ago, I heard of a dating site doing the opposite of this. They normally sent periodic digests and newsletters to their users to try to increase engagement, but if a user went a certain number of months without logging into their account, but still allowed monthly fees to be charged, they were labeled as a “sleeping giant” in the database. Once in this state, they would not be contacted by the site for any reason until they logged in again by their own initiative. The site had determined that, on average, contacting these users had a net-negative effect on retention — i.e., they would be reminded that they were paying for an unused service and cancel.


Monday, May 25, 2020

Grocery Shopping With Guided Access

Ole Begemann:

Problem: Face ID doesn’t work with face masks. You have to type in your passcode all the time during grocery shopping to check your shopping list.

Solution: Open your shopping list app and activate Guided Access. Tada!


Guided Access limits your device to a single app and lets you control which features are available.


Go to Settings > Accessibility, then turn on Guided Access.


On an iPhone X or later, triple-click the side button.

On the plus side, this keeps the phone unlocked, so you don’t have to type your passcode every time you take it out of your pocket. The downside is that there’s no way to turn off the display to prevent accidental input or battery drain.


Update (2020-05-25): You need to enter your Guided Access passcode to exit Guided Access, and then enter your full passcode to pay with Apple Pay.

unc0ver Jailbreak Tool for iOS 13.5

Frank McShan (Hacker News):

The team behind the “unc0ver” jailbreaking tool for iOS has released version 5.0.0 of its software that claims to have the ability to jailbreak “every signed iOS version on every device” using a zero-day kernel vulnerability by Pwn20wnd, a renowned iOS hacker.


As for security, unc0ver’s website says it utilizes “native system sandbox exceptions” so that “security remains intact while enabling access to jailbreak files.”


Update (2020-07-09): Brandon Azad (tweet, Hacker News):

At 3 PM PDT on May 23, 2020, the unc0ver jailbreak was released for iOS 13.5 (the latest signed version at the time of release) using a zero-day vulnerability and heavy obfuscation. By 7 PM, I had identified the vulnerability and informed Apple. By 1 AM, I had sent Apple a POC and my analysis. This post takes you along that journey.

Solving the “Miracle Sudoku” in Prolog

Jason Kottke:

The solver himself calls it “a work of sublime genius” and “one of the most extraordinary puzzles we’ve ever seen”. It’s fascinating listening to him slowly uncover different aspects of the puzzle — watching him methodically figure out the 3s was genuinely thrilling.

Ben Congdon (via Hacker News):

Since Prolog is a declarative language, writing a Sudoku solver is remarkably concise. In essence, all the programmer needs to do is define the constraints of the game, and Prolog is smart enough to find solutions[…]


The cool thing about this code is that it works both as a Sudoku solver and as a Sudoku generator. You can query it with a partially solved board, and it will find all valid solutions.


Surprisingly, there are only 72 solution boards that meet the Miracle Sudoku constraints.

Friday, May 22, 2020

macOS 10.15: Slow by Design

Allan Odgaard (via Cocoa-Dev, Hacker News):

In episode 379 of ATP both Marco Arment and John Siracusa described noticeable delays and stalls after upgrading to macOS 10.15.


Another way to reduce the delays is by disabling System Integrity Protection. I say reduce, because I still do get some delays even with SIP disabled, but the system does overall feel much faster, and I would strongly recommend anyone who thinks their system is sluggish to do the same.


Apple delays execution while waiting for a reply from their server. This check for me takes close to a second. […] This is not just for files downloaded from the internet, nor is it only when you launch them via Finder, this is everything. So even if you write a one line shell script and run it in a terminal, you will get a delay!


Surprisingly though, just obtaining the display name or icon for one of these folders will trigger Apple’s code to verify that the client is allowed to access the location.


Specifically calling SecKeychainFindGenericPassword can cause noticeable delays, on a bad internet day I had this call stall for 3.3 seconds and this was with System Integrity Protection disabled!


This is the worst issue, sometimes, things will stall for 5-30 seconds [at application launch].


With SIP enabled and on a bad internet day I can have the entire machine freeze for 1-2 seconds every 10th minute, not to mention everything just being sluggish.

It’s worse in Catalina, but I’ve been seeing frequent problems since Mojave:

Marco Arment:

The macOS security team needs to ask themselves hard questions about their implementation choices when very smart people are disabling huge parts of their OS security layer just to get reasonable performance from common tasks.

Sean Heber:

Apple needs to do something about this. The random stalls and slowness are pervasive, infuriating, annoying, and perhaps even approaching demoralizing.

Jeff Johnson:

This is why Apple needs remote workers, not just in the US but worldwide. Any feature that requires phoning home to Cupertino is going to be very fast in Cupertino, but possibly very slow elsewhere.


Update (2020-05-22): nut_bunnies:

I just got a new 13” MBP and sold my 2015 Pro that was on Mojave. It could be a botched backup migration but twice now I’ve had app and service lockups permeate throughout the system and apps that required a reboot to stop

Update (2020-05-25): Greg Hurrell (tweet, Hacker News):

Apple seems bent on locking things down in the name of security (a laudable effort), but at the cost of breaking shit for developers who just want to get along with their work. First came System Integrity Protection which was only a minor annoyance and probably a net win in terms of the security-vs-convenience trade-off. But then it was followed by an increasingly draconian series of cumbersome security measures, culminating with incessant authorization prompts reminiscent of Windows Vista’s infamous User Account Control and, most recently, with the horrible network-gated permission checks to do simple things like, er, running executables.

Jeff Johnson (tweet, Hacker News):

You can verify that there’s an online check by taking packet traces. […] Is Catalina trying to check the notarization of the executable? The evidence strongly indicates yes.


By the way, you can block macOS notarization checks without turning off your internet connection by installing Little Snitch and setting the rules to deny any outgoing connection from syspolicyd.


What about compiled command-line tools that are not scripts but not apps either? I created a simple “Hello World” project in Xcode, and I changed the build settings so that the tool was not code signed at all by Xcode. When I ran the tool for the first time, there was no online notarization check, which was a bit surprising to me. When I looked at the Xcode build transcript, though, I found the explanation. The final phase of the build, after the linking phase, was “Register execution policy exception”. Xcode called builtin-RegisterExecutionPolicyException on my tool. This gave the tool permission to execute on my Mac without getting checked.


One major problem, though, is that this information is not documented anywhere, to my knowledge.


Xcode (the UI) is able to bypass GateKeeper checks for things it builds.

The “Developer Tool” pane in System Prefs, Security, Privacy is the same power. Drag anything into that list you’d like to grant the same privilege (such as xcodebuild). This is inherited by child processes as well.

The point of this is to avoid malware packing bits of Xcode with itself and silently compiling itself on the target machine, thus bypassing system security policy.


Making this about speed is burying the lede. From a privacy and user-freedom perspective, it’s horrifying.

Don’t think so? Apple now theoretically has a centralized database of every Mac user who’s ever used youtube-dl. Or Tor. Or TrueCrypt.

Rui Carmo:

Besides the potential for failure (Apple has historically been mediocre at doing online systems, except for the iTunes/App Store, which is finely honed and cached up the wazoo), the potential for data gathering is serious enough that I can see Macs being banned from use in public sector clients outside the US (development or not).

And even if it can be argued that this caches results and normal users will mostly run things from the App Store and seldom notice any delays, it is something that ought to be surfaced properly for developers and power users alike.

Howard Oakley:

One other strange thing which happens to shell scripts the first time that they are run in Catalina is that a xattr is added to them, containing a UUID which is common across several scripts, at least. That doesn’t appear to contribute to any delay in launching the script, but is further evidence that what is recorded in the unified log is no reflection on the processes which have taken place. It also raises further questions about the purpose of this new type of xattr, which had previously been associated with per-document privacy control by TCC.


Update (2020-06-03): Daniel Jalkut:

macOS 10.15 Catalina has a new “Stand Reminder” mode, just like the Apple Watch. When your mouse and entire screen freezes, just get up and stand for one minute and it will probably be unfrozen when you’re done.

I really thought this problem would get better but it seems to be worse with every update to 10.15. More common than ever and I don’t think it’s a hardware issue. Lots of other people seem to experience it, too. Exactly the kind of thing that wouldn’t show up in quality metrics.

Jonathan Deutsch:

I’m hitting this on my new MBP 16" a lot. For me the entire computer is functional, but there’s probably some sort of graphics card/driver issue. I can quickly resolve with locking the screen (cmd-ctr-q), escape to display sleep, space to login (with watch getting me back in).

Update (2022-09-26): See also: Hacker News.

What Time Is It in London, Siri?

John Gruber:

Nilay Patel asked this of Siri on his Apple Watch. After too long of a wait, he got the correct answer — for London Canada. I tried on my iPhone and got the same result. Stupid and slow is heck of a combination.


Worse, I tried on my HomePod and Siri gave me the correct answer: the time in London England. I say this is worse because it exemplifies how inconsistent Siri is. Why in the world would you get a completely different answer to a very simple question based solely on which device answers your question? At least when most computer systems are wrong they’re consistently wrong.

I would certainly appreciate better smarts from Siri, but the main problems I consistently have are:

After nearly 9 years, I don’t expect a perfect AI, but the basic stuff should be reliable.

Nick Heer:

What bugged me most about this, though, is that searching Maps locations through Siri and by keyboard entry frequently requires an unnecessary amount of precision. For years, getting directions to the Ikea location here in Calgary required typing “Ikea Calgary, Alberta”, otherwise it would consistently get directions to Ikea in Edmonton, about three hours away. Apple has fixed that now, but there are plenty of other times where it has directed me to similarly-named pizza joints and dry cleaners in the southern United States instead of mere blocks away. Why is Siri so eager to prioritize proximity for a query that is about time difference by distance, yet Maps search reliably thinks I want to travel many hours to get furniture or dinner?

Most egregious to me was that time, earlier this year, when Siri suggested an inconceivable day-long road trip instead of a route to my office. It got every possible aspect wrong of something I do with scheduled regularity.

Dr. Drang:

The interesting difference between my 2016 experience and John Gruber’s and Nilay Patel’s 2020 experiences is that I did want the nearest city with the name I gave. It’s fun to see the wide variety of ways in which Siri manages to choose the worthless answer, but we really should have a better assistant by now.


Marking Unused Required Swift Initializers As Unavailable

Jesse Squires:

However, if you do not use Interface Builder, then init(coder:) is irrelevant and will never be called. It is annoying boilerplate. But the real problem is that Xcode (and presumably other editors) will offer init(coder:) as an auto-complete option when initializing your view or view controller. That is not ideal, because it is not a valid way to initialize your custom view or view controller. Luckily, you can use Swift’s @available attribute to prevent this, which also has the benefit of more clearly communicating that you should not use this initializer.

It’s annoying how each of my view and managed object subclasses has to reimplement a required initializer that I never intend to call.

New York Times Phasing Out 3rd-Party Advertising Data

Sara Fischer:

The New York Times will no longer use 3rd-party data to target ads come 2021, executives tell Axios, and it is building out a proprietary first-party data platform.


The Times will begin to offer clients 45 new proprietary first-party audience segments to target ads.


Other publishers like Vox Media and The Washington Post have also begun building out first-party data solutions in response to the growing industry backlash against using third-party data to target ads.

This is being reported as a pro-privacy move, which it is in the sense that the data won’t all end up at Facebook, Google, and Twitter. On the other hand, the large media companies are ramping up data collection and tracking within their sites.

Antonio García Martínez:

Due to GDPR penalizing third-party data, and due to the advantages granted thereby to large first-party repositories of data, the NYT is precisely emulating FB and becoming a data collector (but with worse privacy probably).


You can have better privacy controls, but it’ll result in more entrenched incumbents. Or you can have a competitive data landscape, but no privacy. But not both.


It means there will be a menu of segments (based on your data) for “Young Influencers” and “Suburban Affluents” or whatever BS their PMM cooks up. But since the NYT allows 3rd-party ad serving, it’ll all leak and be used elsewhere too.

Balaji S. Srinivasan:

Folks, when we say NYT is a competitor to tech companies we aren’t kidding.

They’re literally offering ad targeting services.

A direct competitor is not a neutral arbiter.

One could also say that tech—by which he means Silicon Valley unicorns—moved into media. Regardless, hostilities between the two groups have been increasing for the past few years.

Nick Heer:

The personalized advertising model of the last decade or so is toxic to the web. It incentivizes surveillance of users to create highly granular categories of behaviour and interests because there is the assumption that more data points lead to better targeting which, I guess, is supposed to mean a greater likelihood of conversion into ad clicks. In return, users are supposed to be comfortable with their every click and scroll being tracked from website to website — all for only about 4% greater ad revenue than non-tracking ads with relevant context.


I would vastly prefer to revert to a pre-personalized ad world, but I still see this move as a step in the right direction.

Thursday, May 21, 2020

Apple Purchasing Podcasts

Lucas Shaw and Mark Gurman:

Apple Inc. is ramping up its push into original podcasts by seeking an executive to lead the initiative and buying shows that would be exclusive to its services.

The technology giant has begun acquiring two types of original podcasts, according to people familiar with the matter: one category is audio spinoffs of existing movies and programs on its Apple TV+ service, and the other is original programs that could eventually be adapted into future TV+ video content.


Separate from its work on originals, Apple has asked some producers working on podcasts to provide versions of their offerings without advertisements, which fits into TV+’s ad-free approach.


HEIC and the College Board

Monica Chin (via Nilay Patel):

Nick Bryner, a high school senior in Los Angeles, had just completed his AP English Literature and Composition test last week. But when he snapped a photo of a written answer with his iPhone and attempted to upload it to the testing portal, it stopped responding.

The website got stuck on the loading screen until Bryner’s time ran out. Bryner failed the test.


[The] testing portal doesn’t support the default format on iOS devices and some newer Android phones, HEIC files. HEIC files are smaller than JPEGs and other formats, thus allowing you to store a lot more photos on an iPhone.

I like HEIC because overall it saves me lots of storage space on my iPhone and Mac. But it’s a shame it isn’t more widely supported.

Even Lightroom seems to only partially support it. It treats HEIC files like RAW images and maintains a huge Adobe Camera Raw 2 cache folder of the ones that it has recently converted so that it can work with them.


Update (2020-05-22): Josh Centers:

The College Board says that 1 percent of students experienced problems, which means that, if they are representing the failure rate accurately, only tens of thousands will have to retake their tests.


Nonetheless, it would behoove Apple to contribute resources to upgrading open-source image-processing libraries so HEIC could be supported as easily as other, more common image formats.

Remote Code Execution in qmail

Qualys (via Marcel Weiher, Matthew Garrett, Hacker News):

Surprisingly, we re-discovered these vulnerabilities during a recent qmail audit; they have never been fixed because, as stated by qmail’s author Daniel J. Bernstein:

This claim is denied. Nobody gives gigabytes of memory to each qmail-smtpd process, so there is no problem with qmail’s assumption that allocated array lengths fit comfortably into 32 bits.

Indeed, the memory consumption of each qmail-smtpd process is severely limited by default (by qmail-smtpd’s startup script); for example, on Debian 10 (the latest stable release), it is limited to roughly 7MB.

Unfortunately, we discovered that these vulnerabilities also affect qmail-local, which is reachable remotely and is not memory-limited by default[…]

See also: Some thoughts on security after ten years of qmail 1.0 (PDF).

“Lack of Action” on Siri Recordings

Alex Hern (via Julian Mair):

A former Apple contractor who helped blow the whistle on the company’s programme to listen to users’ Siri recordings has decided to go public, in protest at the lack of action taken as a result of the disclosures.

In a letter announcing his decision, sent to all European data protection regulators, Thomas le Bonniec said: “It is worrying that Apple (and undoubtedly not just Apple) keeps ignoring and violating fundamental rights and continues their massive collection of data.

I don’t understand what more he wants Apple to do.

Juli Clover:

Apple resumed Siri quality control practices in the fall with the release of the opt-out option. Siri quality control is no longer handled by third-party contractors and is done in-house, and Apple has made changes to minimize the amount of data that reviewers have access to.


iOS 13.5

Juli Clover:

Apple today released iOS and iPadOS 13.5, major updates that come more than a month after the launch of iOS and iPadOS 13.4.1. iOS 13.5 is a major health-related update that brings many features related to the ongoing public health crisis.


Apple has tweaked Group FaceTime, adding a new toggle to disable the feature that automatically enlarges the tile of the person who is speaking.


Hide UI

Olivia Solon (via John Gruber):

Software called Hide UI, created by Grayshift, a company that makes iPhone-cracking devices for law enforcement, can track a suspect’s passcode when it’s entered into a phone, according to two people in law enforcement, who asked not to be named out of fear of violating non-disclosure agreements.


In order for this feature to work, law enforcement officials must install the covert software and then set up a scenario to put a seized device back into the hands of the suspect[…] For example, a law enforcement official could tell the suspect they can call their lawyer or take some phone numbers off the device. Once the suspect has done this, even if they lock their phone again, Hide UI will have stored the passcode in a text file that can be extracted the next time the phone is plugged into the GrayKey device.

See also: USB Restricted Mode in iOS 13: Apple vs. GrayKey, Round Two.


Wednesday, May 20, 2020

Don’t Bury a Wet Laptop in Rice

Kevin Purdy (via Josh Centers):

Most importantly, don’t try to use rice to “draw out the moisture.” It doesn’t work, at all. You’re giving water more time to corrode your laptop, and you’re probably getting rice inside your laptop or under your keys.


If you can remove the bottom of your laptop, or even just open up a battery/memory/hard drive compartment with a switch on the bottom, do that.


Here’s the trick with most MacBooks out there: the screws on the bottom are pentalobe screws. Specifically, they are P5 screws. They’re intentionally uncommon.

Joe Rogan Moves to Spotify

Joe Rogan:

Starting on September 1 the podcast will be available on Spotify as well as all platforms, and then at the end of the year it will move exclusively to Spotify

The podcast was already hugely financially successful, and it seems like this can only reduce his audience. On the other hand, maybe the fans will follow him and this will open up a new audience of people who don’t understand how podcasts work but already use Spotify (as 286 million people do). If I were a regular listener, I would be annoyed at having to use a separate app for one show.

Ashley Carman (tweet):

Listeners won’t have to pay to access the episodes, but they will have to become Spotify users. Spotify said in a press release that Rogan retains creative control over his show. It didn’t disclose how much it spent on the deal. The company will also work with an ad agency to jointly sell ads against the program. Rogan said last year his show reached about 190 million downloads a month.

Rogan’s YouTube channel will remain live, but it won’t contain full episodes.

Julia Alexander:

Rogan’s YouTube presence has two main avenues; full length eps and clips. Does not having full length episode impact spread of clips?

Peter Kafka (tweet):

Unlike other deals, this isn’t an acquisition, but a “multiyear licensing deal.” So Rogan will end up owning his own work and can eventually hop somewhere else.


This has echoes of Sirius XM’s move to bring Howard Stern’s popular morning show to the satellite radio service in 2004. One big difference: Sirius was a subscription-only service, and Spotify offers a free, ad-supported version; an ad-free version of Spotify costs $10 a month in the U.S.

Todd Spangler:

With Rogan, Spotify has landed one of the podcasting biz’s whales. It currently ranks as the No. 2 most popular show on Apple Podcasts (after Barstool Sports’ “Call Her Daddy,” whose hosts have been the focus of an ongoing controversy), according to Apple. A source familiar with the deal said Rogan became sold on Spotify’s ability to build his audience worldwide, after initially resisting distributing the podcast on the platform because he saw it as primarily a music service and because Spotify wasn’t offering to pay enough in licensing fees.

Via Sara Fischer:

Most Americans only subscribe to one audio service, but that could change if more podcasts begin to be offered exclusively on certain platforms.


Everyone saying it’s a cash grab doesn’t listen closely. Over the last few years Joe has been demonetized and controlled by YouTube. I see a lot of podcasters following.

John Gruber:

It’s interesting to me, as someone with (to put it mildly) rather strong feelings on the advantages of publishing on the open internet, that Rogan sees moving to one exclusive app, with invasive tracking, as not exerting any sort of “creative control over the show”. I’m not trying to be coy, I know what he means — the content of the show will remain as-is, with no influence from Spotify. (So they say.) But I’m a big believer in Marshall McLuhan’s axiom: “The medium is the message.” Open podcasts and Spotify podcasts are similar, for sure, but they are not the same medium.


Update (2020-05-25): See also: Hacker News, MacRumors, M.G. Siegler, The Talk Show.

David Heinemeier Hansson:

[The] difference between $20m/yr and $100m/yr is negligible in terms of lifestyle. The difference between literally RUNNING YOUR OWN SHOW vs being content bait on someone else’s hook is immense.

Nicholas Quah interviews Bill Simmons:

Spotify wants to be the dominant audio platform everywhere. That was the No. 1 reason I wanted to go there. I’m at a point in my life where I really just want to win. I’ve been in situations of all kinds over the last 20, 25 years, but the most fun I had was probably 2009 to 2014 at ESPN when we had the combination of the reach, the right people behind the scenes, the right ambition, and a lot of money. And people who are willing to take chances with it. If you look back at the stuff we attempted during that stretch, it was a cool time for the company. It’s probably something that will not happen again for them because of the way subs went backwards and everything.

Spotify reminded me of that point when I was at ESPN and a lot of the stars had aligned. The big difference is Daniel. The guy is like a genius. He might be Steve Jobs for audio.

Matt Birchler:

We can argue about how bad form it is for shows to go exclusive to one platform, and we can argue about how we distinguish shows that are available in all apps vs those who are available in specific apps, but to refuse to call these shows “podcasts” at all I feel is blatant gatekeeping that sounds very much like Spielberg’s stance, except people taking this stance would probably be calling films on Netflix “long TV shows”.

“I prefer podcasts that are distributed via RSS so I can listen in the app of my choice,” is a totally valid statement, but what I tend to hear is, “it’s not a podcast if I can’t subscribe to it from Overcast/Castro/Pocket Casts,” which is really starting to rub me the wrong way.

We already have a term for audio that’s not distributed via RSS, and it predates “podcast”: Internet radio.

Halide’s Third Birthday

Ben Sandofsky:

Meanwhile, a storm brewed on the horizon: iOS 13. At the start of summer, we tested Halide with the first iOS beta, and found significant issues. We filed tickets with Apple and hoped for the best, but as iOS 13 reached its last few betas in August, it was clear these issues weren’t going to be fixed in time If we didn’t find workarounds, we expected users breaking down our doors with torches and pitchforks.

So we halted work on Spectre to find iOS 13 workarounds for Halide.

Halide 1.13 launched with little fanfare but no complaints, which is all we hoped for.


There’s a million things we want to do, but the lost Spectre update was a warning sign that we’re bumping up against our limits. In the last year it’s felt like we’ve had to weigh the opportunity cost of everything. Does it make sense to spend two weeks building a demo for Apple’s event? (Absolutely.) Should we spend a few days writing this post? A few days doesn’t feel like much until you realize all product work grinds to a halt.

See also: LIDAR: Peek Into The Future With iPad Pro, Halide: Year Two.


Be Careful When Scheduling Events Using Siri

Adam Engst:

When I used Siri to create the calendar event for the call, because I specified Mickie and Gary by name, Siri tried to be smart and invited them to the event without telling me. I didn’t want that to happen—the event was for my reference, not because I wanted to put it on their calendars.


Speaking as someone who doesn’t work in a large organization, calendar invitations make me uncomfortable. I never quite know when they’re being sent, or in what manner, or how the recipient will respond. […] Plus, when I receive invitations, I don’t know what will happen if I accept, reject, or ignore the invitation.


As a result, when I scheduled the call using Siri, it created the associated event on a calendar in Google Calendar. In itself, that wouldn’t have been a problem except that, by default, Google Calendar automatically adds video calls to events I create with other attendees. […] So as soon as Gary said he had been waiting in Google Hangouts, I realized that he had, for whatever reason, seen the event invitation and its associated link, rather than the email I’d sent.

Tuesday, May 19, 2020

Timing in SSH

Dr. Drang:

Apparently, in its neverending quest to save battery, Apple is powering down the wifi system between packets, which means a delay when new packets arrive or need to be sent. This doesn’t materially affect file transfers or streaming because the packets keep coming, but it plays havoc with intermittent communication like a terminal session.

Pistos’s solution was to set up two connections: one that keeps up a constant, albeit low volume, flow of bytes between the Mac and whatever was connected to it; and another for what he really wanted to do. I took his solution and turned it into this short shell script[…]


A better question might be why Apple is trying to save battery life on a Mac that doesn’t run on battery.


Why NetNewsWire Is Fast

Brent Simmons (tweet):

The parsers are fast — but we also do our best to skip parsing entirely when we can. There are two ways we do that.

We use conditional GET, which gives the server the chance to respond with a 304 Not Modified, and no content, when a feed hasn’t changed since the last time we asked for it.

This is wonderful in theory, but it doesn’t seem to work consistently with my blog. I’ve tested it, and the logs show that a few percent of NetNewsWire users are getting 304-cached content, but the vast majority are not. This may be a WordPress issue.

WP Super Cache:

Supercache doesn’t support 304 header checks in Expert mode but does support it in Simple mode.

I think at one point it worked when I hacked WP Super Cache to cache feeds using mod_rewrite, but currently I’m using the unmodified version in Simple mode.

Back to Simmons:

The same API that marks a single article as read is used to mark 10,000 articles as read. This way the database is updated once, the unread counts are updated once, and we push just one action on the undo stack.

The Cocoa frameworks can provide all sorts of notification and undo functionality almost for free, but to get bulk operations right you need to do it by hand.


Update (2020-05-25): See also: Hacker News.

FBI Unlocks Pensacola Phone

Joe Rossignol:

FBI officials have somehow managed to unlock at least one of two passcode-protected iPhones owned by Mohammed Saeed Alshamrani, the perpetrator of a mass shooting at a Naval Air Station in Florida last December, according to CNN.

Apple provided the FBI with iCloud data belonging to Alshamrani, but it refused to assist investigators with gaining access to the iPhones.

Malcolm Owen:

Though the unlock method wasn’t revealed, the fact that the FBI has been able to gain access to evidence would usually be thought to slightly reduce the pressure applied by the US government and law enforcement agencies upon Apple to provide more assistance beyond what is already offered by the iPhone maker. To US Attorney General William Barr, the press conference was an opportunity to try and increase that pressure.


Apple responded to the FBI’s first requests for information just hours after the attack on December 6, 2019 and continued to support law enforcement during their investigation. We provided every piece of information available to us, including iCloud backups, account information and transactional data for multiple accounts, and we lent continuous and ongoing technical and investigative support to FBI offices in Jacksonville, Pensacola and New York over the months since.


It is because we take our responsibility to national security so seriously that we do not believe in the creation of a backdoor — one which will make every device vulnerable to bad actors who threaten our national security and the data security of our customers. There is no such thing as a backdoor just for the good guys, and the American people do not have to choose between weakening encryption and effective investigations.

I’m trying to figure out what the last clause means. It seems like Apple is saying that it’s good that there was a security flaw that the FBI was able to exploit. This seems to let everyone have their cake and eat it, too. We get strong encryption, and the FBI gets the information it wants. But, if Apple ever fixes all the flaws, then there will be a hard choice between weakening encryption for all and impeding investigations. And, in the meantime, the strong encryption carries a huge asterisk because the government seems to be able to get into every high-profile phone, and there are tools for sale that let others do so as well.


Update (2020-05-20): Kevin Collier and Cyrus Farivar:

The FBI was able to eventually access Alshamrani’s phone not by an unprecedented technical feat, but rather by “an automated passcode guesser,” according to a person familiar with the situation who spoke on condition of anonymity because the person was not authorized to speak publicly on the matter.

Via John Gruber:

So you can see why the FBI and DOJ are still pressuring Apple to build backdoors into devices — if the Pensacola shooter had used a decent alphanumeric passphrase it’s very unlikely they’d have been able to get into his iPhone.

On the other hand, law enforcement benefits greatly from the fact that the default iOS passcode remains only 6 numeric digits.

Apple vs. Security Researchers

Lorenzo Franceschi-Bicchierai:

The lawsuit, however, has already produced a tangible outcome: very few people, especially current and former customers and users, want to talk about Corellium, which sells the eponymous software that virtualizes iPhones and Android devices. During the lawsuit’s proceedings, Apple has sought information from companies that have used the tool, which emulates iOS on a computer, allowing researchers to probe potential iPhone vulnerabilities in a forgiving and easy-to-use environment.

“Apple has created a chilling effect,” a security researcher familiar with Corellium’s product, who asked to remain anonymous because he wasn’t allowed to talk to the press, told Motherboard.

“I don’t know if they intended it but when they name individuals at companies that have spoken in favor [of Corellium], I definitely believe retribution is possible,” the researcher added, referring to Apple’s subpoena to the spanish finance giant Santander Bank, which named an employee who had Tweeted about Corellium.

Peter Steinberger:

So we’re back at security through obscurity? That always worked out great in history.

Joe Rossignol:

Zerodium this week announced that it will not be purchasing any iOS exploits for the next two to three months due to a high number of submissions. In other words, the company has so many security vulnerabilities at its disposal that it does not need any more.

Thomas Claburn (Hacker News):

“iOS Security is fucked,” said Zerodium’s founder Chaouki Bekrar via Twitter. “Only [Pointer Authentication Codes] and non-persistence are holding it from going to zero…but we’re seeing many exploits bypassing PAC, and there are a few persistence exploits (0days) working with all iPhones/iPads. Let’s hope iOS 14 will be better.”


The market for iOS vulnerabilities took a hit last September when Zerodium said for the first time that it would pay more for flaws in Android than in iOS.


Asked whether Zerodium’s statement reflects the actual state of iOS security or should be taken as a company just trying to make waves, Patrick Wardle, principal security researcher at Jamf Security and founder of Objective-See, told The Register that it’s probably a bit of both.

Peter Steinberger:

Almost seems like Apple suing the #1 company allowing security research on iOS (Corellium) and not paying out bounties could have a chilling effect on white hats while black hats thrive.


Update (2021-02-05): Joshua Hill:

Apple denied my access to the security developer program because I haven’t done enough work. Almost all my CVE’s are credited to anonymous or my team name.

Csaba Fitzl:

I had to realize as well that reporting vulnerabilities and applying for security entitlements are two unrelated things. The entitlement team doesn’t care at all about the other type of work although it took me 10 months to get the ES one, KEXT is a clear no-go

For example the product-security team supported me in getting a kext signing cert, yet the entitlement team said they don’t care and they also said that it’s not the product-security team’s authority to decide. Sigh.

Update (2021-07-16): Khaos Tian:

lol apparently reporting security issue to Apple product security can lead to termination from Apple Developer Program? Got a notice of termination from the personal account that has no activity recently today 🙃

Standard termination template citing violation of 3.2(f) of the agreement… Typically I think it’s used for people making fraudulent/scam apps? I haven’t submit any apps for years so who knows ¯\_(ツ)_/¯

Monday, May 18, 2020

Magic Lasso Adblock (Sponsor)

My thanks to Magic Lasso for sponsoring the blog this week.

Magic Lasso Adblock is an efficient and high-performance ad blocker for the iPhone, iPad, and Mac.

It allows you to experience a cleaner, faster web—without ads. As a native Safari content blocking extension, Magic Lasso blocks intrusive ads, pop ups, and trackers when browsing the web.

Magic Lasso Adblock

Magic Lasso Adblock provides a 2.0x speed increase on common websites, improves your privacy and security by removing ad trackers, and works with Safari across all Apple devices. It’s as if Apple themselves had designed an ad blocker.

And unlike some other ad blockers, Magic Lasso Adblock respects your privacy, doesn’t accept payment from advertisers, and is 100% supported by its community of over 150,000 users.

Download for free today via the Magic Lasso website, the App Store, and the Mac App Store.

Security Theatre in Safari Download Permissions

Nick Heer:

Twitter’s URL shortener works by creating 301 redirects, but Safari apparently doesn’t follow those to their destination URL. In some cases, that probably makes sense — large file downloads are often hosted on CDNs with inscrutable addresses. It does, however, mean that however this is supposed to benefit security or privacy is easily defeated if downloads are redirected through common URL shorteners.

Update (2020-07-30): jleedev:

It probably doesn’t change Safari’s behavior at all, but Twitter’s URL shortener uses a meta refresh & location.replace call, not a 301 redirect.

Looks like it sniffs the user agent[…]

Edison Mail Bug Allows Access to Other Users’ Data

Eric Slivka:

Several users of popular email app Edison Mail this morning are reporting that they are able to see email accounts of other users within the iOS app. In what appears to be a major privacy breach, users report that after enabling a new sync feature, they have full access to these other email accounts.

Via Cabel Sasser:

All I wanted was a modern email client that downloaded directly from the server — like they have forever — with no risky middleman. The Edison privacy policy said “we store as little of your email on our servers as possible”.


What an interesting butterfly effect

Apple wants to preserve your battery life > email clients can’t check in the background > email clients set up servers to store credentials and check email to push notify you of new email > everyone’s email now exposed to huge security vector

Apple should lift this restriction on checking in the background. This would bring a better user experience and better privacy. Its own Mail app is allowed to do that, with apparently acceptable effects on battery life and RAM use. For many users, iOS devices already offer plenty of battery life, and some are operated while plugged in.

Edison (via John Gruber):

No account credentials were compromised; issue was fully resolved within 30 hours of first report by ‘bricking’ access to potentially impacted Edison iOS app users and any email messages from the app.

Kudos to them for a quick fix and for revealing the exact number of affected accounts.


Facebook to Buy Giphy

Axios (via Hacker News):

Facebook has agreed to buy Giphy, the popular platform of sharable animated images, Axios has learned from multiple sources. The total deal value is around $400 million.


Giphy is a massive video library, with hundreds of millions of daily users that share billions of GIFs, that generates revenue via branded content.

Vishal Shah:

GIPHY, a leader in visual expression and creation, is joining the Facebook company today as part of the Instagram team.


50% of GIPHY’s traffic comes from the Facebook family of apps, half of that from Instagram alone. By bringing Instagram and GIPHY together, we can make it easier for people to find the perfect GIFs and stickers in Stories and Direct.

John Gruber:

Of course Giphy is going to retain its own brand. If they renamed it to “Facebook Tracking Pixels”, usage might drop off.

Owen Williams (via Will Oremus):

GIF search engines like Giphy have become a core part of how we collectively discover and share animated images. Giphy’s tools can be found embedded in apps from Slack to Signal, allowing users to instantly find the right GIF to reflect the moment. All told, Giphy has some 300 million active users every day across those platforms.


What might not be obvious, however, is that each search and GIF you send with Giphy is also a “beacon” that allows the company to track how and where the image is being shared, as well as the sentiment the image expresses. Giphy wraps each of its animated GIFs in a special format that helps the image load faster, and also embeds a tiny piece of Javascript that lets the company know where the image is being loaded, as well as a tracking identifier that helps follow your browsing across the web.

When embedded into third-party apps, Giphy can track each keystroke that’s searched using Giphy tools. Developers who install Giphy tools into their apps are required to give the service access to the device’s tracking ID.

Moxie Marlinspike:

Now that Giphy has been acquired by FB, many have reached out to ask whether we should be concerned about Giphy search in Signal.

Signal already uses a privacy preserving approach to prevent gif search providers from receiving user data[…]

John Gruber:

I believe this is basically how Apple’s Giphy search in Messages on iOS (through the built-in “#images” app) works.

Slack VP Brian Elliott (quoted by John Gruber):

Giphy doesn’t receive any information about users or even companies using the Giphy for Slack integration, and only sees Slack usage of the Giphy API in aggregate.

See also: Nick Heer.

Update (2020-05-19): Matt Haughey:

I was surprised since I participated in their early investing experiment, through Alphaworks, but never got any emails about this. In July of 2014, I invested the minimum, $2,500 in GiPHY. I want to show you investments rarely pan out in this thread[…]

Update (2020-05-22): Josh Constine (tweet):

GIPHY could let it learn about what apps are growing quickly (increased GIPHY searches), what types of content or influencers it might want to add to Watch or its Live streaming deals (what’s searched for), what visual media is most appealing (which GIFs get picked), and possibly tie this interest data to users’ identity (since developers have to send device Tracking IDs to GIPHY).


But then I got a very different perspective from an animation startup founder and GIF maker who’s been waging a campaign against the startup for years, accusing GIPHY of piracy.


For years, multiple sources say GIPHY would scrape Tumblr GIFs, rename the files as giphy.gif, and make them available with no attribution. Later it encouraged artists to claim profiles of their GIFs. But it’s still tough for an end user to find out who made the GIF they just tweeted.

What’s New in Swift 5.3

Tibor Bödecs:

SE-0279 [multiple trailing closures] is one of the most debated new proposal.


Enum types don’t have to explicitly implement the Comparable protocol thanks to SE-0266.


SE-0269 aka. Increase availability of implicit self in @escaping closures when reference cycles are unlikely to occur is a nice addition for those who don’t like to write self. 🧐


SE-0270 adds a RangeSet type for representing multiple, noncontiguous ranges, as well as a variety of collection operations for creating and working with range sets.


SE-0263 adds a new String initializer that allows you to work with an uninitialized buffer.

See also: Paul Hudson.

Ted Kremenek:

The new APIs in SE-0270 (RangeSet) are going to bake a bit longer and likely won’t be part of Swift 5.3. They are still in the Standard Library preview package.

Thursday, May 14, 2020

WWDC 2020 Wish Lists

Becky Hansmeyer (tweet):

Most of my issues with SwiftUI boil down to 1) Missing UI elements and 2) Missing customizations.


I would really like to see an easier way to support the native Apple Pencil mark-up tools in PDFKit.


A system-wide color picker in iOS. It’s bananas that I can’t select some text in Apple Notes on my iPad and change its color.


De. Fault. Apps. Let me change them.


A revamped iPad multitasking system (yep, just do it again until it’s right) that isn’t big ol’ hot mess.

Jordan Merrick:

Shortcuts desperately needs a way to copy and paste actions across shortcuts—it’s almost criminal that it doesn’t have it already. There’s simply no way to reuse a set of actions from one shortcut in another or even just duplicate actions within the composer.


There’s no way to easily back up shortcuts, which feels like a regression and something that was possible with Workflow (i.e., saving workflows as files). iCloud syncing helps keep devices in sync but it’s not a backup tool.


Subroutines could be mini-shortcuts that don’t exist within the standard set of shortcuts, instead they could be accessed like actions. Sharing a shortcut should also include a full copy of the subroutine.


Update (2020-05-18): David Smith:

So now I am turning my attention towards the future and what might be possible for the Apple Watch.

John Gruber:

Fiddling with the home screen on iOS is just awful. Whenever I sit down and try to clean it up — deleting apps I don’t use, moving apps into some semblance of order — it drives me insane. The 1984 Finder was awesome for rearranging icons, right on day one. Yet we’re 13 years into iOS and rearranging apps is still terrible, because the whole thing is based on a home screen design where there’s just one screen and no third-party apps. The concept worked fine when all you could do was rearrange 12 built-in apps on a single screen. It feels like a prank trying to use it today.

Update (2020-05-22): Becky Hansmeyer:

The first is by Steve O’Dell, who helps run a Girls Who Code after-school program at Bacon Elementary School in Colorado. His wishlist stems from a desire for Apple to once again become a major player in the education space.


The next wishlist I wanted to share comes from Daniel Andrews. It’s a great list; some of my favorite things are feature parity for Messages across platforms, the return of the magnification loupe, making better use of the iPad status bar, and improvements to search on iPad. He also mentions some specific improvements to Mail[…]

Stuart Breckenridge:

This WWDC wishlist is focused around the frameworks and functionality that I’ve been working with over the last year or so.


I’d like to see BGAppRefreshTask improved with some form of guaranteed refresh schedule, e.g. three times a day. I spent a not inconsiderable amount of time trying to workaround the refresh schedules for NetNewsWire—including using Location Services—to no avail.


SwiftUI has rough edges and outright missing features.


Make SF Symbols available for Mac app development


Using CloudKit shouldn’t make it impossible to transfer an app


Update (2020-06-22): Howard Oakley:

What I’d really like to see before anyone launches into Keynote addresses later this month is a review of all the fixes and improvements which are coming in 10.16 to address these shortcomings in tools and the fundamental maturity of the last three years of macOS. Without them, 10.16 has weak and flawed foundations, and the more it changes, the greater the risk it will fall flat.

Arek Holko:

My only wish for this year’s WWDC is for the App Store to stop being the only approved way of distributing apps on iOS. This is definitely more significant to the health of the ecosystem than some new features or bug fixes in frameworks.

See also:

Security Flaws in Adobe Acrobat Reader

Yuebin Sun (tweet, MacRumors):

Today, Adobe Acrobat Reader DC for macOS patched three critical vulnerabilities […] I reported. The only requirement needed to trigger the vulnerabilities is that Adobe Acrobat Reader DC has been installed. A normal user on macOS(with SIP enabled) can locally exploit this vulnerabilities chain to elevate privilege to the ROOT without a user being aware.


SMJobBlessHelper is based on NSXPC, its client checking exists in [SMJobBlessHelper listener:shouldAcceptNewConnection:]. The checking logic is as pseudo-code shows below, gets the client’s PID, and then obtains Bundle ID based on the client’s process path, the client will be trusted if its Bundle ID is “com.adobe.ARMDC”.


Yes, the symlink is still valid, it can help us to bypass temp directory protection. I can force /var/folders/zz/xxxxx/T/download/ARMDCHammer to link to anywhere.


So if we can replace the “/tmp/test/hello_root” with our malicious file after validateBinary, launchARMHammer will launch our malicious process.

You may think the race condition window is too narrow to control, I will show the tricks later.

I don’t like it when third-party code uses the name of a system class or function as a prefix.


Dell UltraSharp 49 Review

Ben Lovejoy:

Thin bezels, single-cable connection, and the ultra-wide format I fell in love with a couple of years ago.


If you’re used to an Apple Thunderbolt Display 27, or any other 2560×1440 monitor, you’re going to be perfectly happy with the quality. However, if you’re used to either working directly on the MacBook Pro display or any doubled-pixel one, like the LG UltraFine 5K, then text will definitely seem less sharp.


When viewing photos or video, however, the quality is stunning. As I said last time, it’s not a pro monitor – and doesn’t have a pro monitor price tag – but I think even enthusiastic photographers will be more than happy with this. Photo editing on this size monitor is going to be a dream.


The Dell UltraSharp 49 does offer an alternative setup: you can split the monitor in half and create two virtual 27-inch monitors, each 2560×1440.

That makes a lot of sense because then you could put the menus in the middle, easily snap windows to the middle “edge,” and zoom to half the screen. In most cases, I don’t even want full-width windows on a 27-inch display.


Magic Keyboard for iPad Teardown

Juli Clover:

iFixit last week shared x-rays of the new Magic Keyboard for iPad Pro, giving us a little look at what’s inside Apple’s newest keyboard design, and today, iFixit is back with a mini trackpad teardown.

Kevin Purdy:

There is so much going on here, you might never guess that this is technically an accessory to the actual iPad Pro (until you notice the $330 price tag).


What looks like multiple buttons in the X-ray is actually just one button and a simple, elegant lever system. The single button is at the center of the trackpad, where the mechanism is rigid. When you apply pressure near the center, whether top, middle, or bottom-center, you are directly pressing the button. Press near the top, bottom, or one of the corners, however, and the lever system comes into play, forcing the contact plate in the center upward to make a click happen. You can see it happen in this animation below. Note how the lever mechanism covers not only the diagonal corner areas, but the perimeter of the trackpad, too.


Valve Drops Mac Support for SteamVR

Valve (via Rene Ritchie, MacRumors, tweet, Hacker News):

SteamVR has ended macOS support so our team can focus on Windows and Linux.

Mark Hughes:

Now, that’s just their VR headset, which is an extremely low-volume, 1% of the market gadget; VR’s kind of awful in practice, but it keeps being “useful next year” for the last 40 years, and someday it’ll be right. Steam as it is, >50% of the games I look at have a Mac version; it’s not dead yet, but it definitely smells bad.

I blame Apple and their terrible support for gaming, in fact overtly hostile attitude.


The suggestion to use Windows Boot Camp is just a giant middle finger, but what else are you gonna do?

Quinn Nelson:

I don’t know what else Valve was supposed to do? They ported Steam, they supported SteamVR, and they ported their entire software catalog to Mac. This whole thing just makes me laugh cause Gabe Newell said this about Apple in 2007 and it seems much hasn’t changed.

Oskar Groth:

I called this last year… Which is when Valve effectively ended further development of the Mac port. From my perspective, cooperation with Apple seemed great. It was Valve execs decision to axe the project to focus on PC.

Was that decision a result of poor Mac GPU performance? Sure, the Nvidia-Apple fallout contributed negatively. But it’s not like Valve didn’t know from the beginning that Mac VR was going to be an eGPU venture for the foreseeable future.

John Gruber:

I don’t blame Steam one bit. If anything, it’s surprising Steam “supported” the Mac for VR up until now. No Macs ship with a video card that supports VR gaming, and MacOS doesn’t support the Vulkan or OpenXR APIs that popular VR games are built on. It doesn’t help (to put it mildly) that Nvidia and Apple remain at odds. Apple is doing its own thing with Metal and ARKit — which are both excellent, but not part of the VR gaming world.


Wednesday, May 13, 2020

Taking It Back to the Matte

Rob Griffiths:

Many many years ago, Apple made glorious laptops with matte screens. Sadly (for me, at least), these gave way to brighter, shinier, and much more reflective glossy displays. These same glossy screens are found on iOS devices as well, including my new iPad Air.

But on iOS devices, glossy screens are even more annoying than they are on laptops, because of fingerprints. It sometimes seems I spend almost as much time cleaning my iPad as I do using my iPad. But what if there were a product that could solve both the glossy issue and the fingerprint issue?

A friend of mine clued me in to just such a thing…the Moshi iVisor iPad screen protector.

Profanity-Blocking Font

Scunthorpe Sans (via John Gruber):

Modern fonts can combine letters into a single ligature, usually for things like fi or fl but you can pick anything so we’ve done it for swears. Archive Now Available

Manton Reece:

In the final week before shut down, I whipped up a few scripts to download every post on the platform via the API. After that finished, I also attempted to download small versions of many of the photos, but ran out of time.


I took some time this weekend to make the posts available. It’s the bare minimum to find a list of posts for your username, then download them. There’s no HTML interface; the data is meant for apps or scripts to access.


Nested Property Wrappers in Swift

Noah Gilmore:

The Swift Evolution Proposal details how composition of property wrappers works - the wrappedValue access goes two levels deep.

They work inside out, like Python decorators, but with more ceremony from the type system.

The wrappedValue of the outer property wrapper isn’t String, it’s actually Appending, and therein lies the problem. If we want one level of wrapping, Appending needs to take a String, but for two levels of wrapping it needs to take another Appending.

This might seem like a Catch-22, but we can actually use protocolization to solve this issue. Instead of Appending operating on Strings, we can make it operate on “anything that is appendable” by using a protocol.


Monkey’s Push Notifications

Lester Coleman:

Monkey app is one of the top downloaded and used online video chatting app to make new friends. The app is targeted towards the Gen Z audience and is climbing uphill in terms of concurring and new users.

Monkey app was removed/deleted from Apple App Store recently over child safety complaints. Although the app is available on the Android app store and can be downloaded on Apple devices as well done via direct file download from third party sites, we do not recommend that.


After the app was removed/deleted from the store the company started receiving tons of DMs from Apple users. To respond company released a message on Instagram which read “We know the quarantine has you stuck at home and bored beyond belief. We’re about to announce some exciting news that’ll help keep you socially connected and entertained during these uncertain times. Enable Monkey notifications to be the first to find out⚡️”.

I don’t really understand what the rules are here. Obviously, there are lots of social apps in the store that, like Monkey, have reporting systems that don’t work 100% of the time. Plus, if there’s end-to-end encryption, it’s not even possible for the app to look at the content to police it.

Apps Exposed (via Jeff Johnson):

How to get on #1 Top Charts (Social Networking) after @Apple removes your other app from @AppStore for being used by predators for child p*rnography.


After his successful app called “Monkey” was removed from App Store this guy got to work and made a new one called “Yee - Group Video Chat” which was basically a clone of Monkey. But how could he make it go up on Top Charts so quickly?


A brilliant idea got to him. He send a couple of push notifications (APNs) on a daily basis to his old users on Monkey (mostly kids & predators) by notifying them that if they didn’t download his new app their account would get closed in 24h.

It makes sense to allow push notifications (and other iCloud services) for apps that are no longer for sale, so the installed copies don’t break. I can’t see any reason not to turn them off for apps that are scams, and the like. But it sounds like this was a legit app that just couldn’t control its user-generated content. Perhaps there was no reason to suspect they would be abused.

I wonder whether the call to “enable Monkey notifications” refers to adjusting the Notification Center settings or to opting into marketing notifications within the app.


Tuesday, May 12, 2020

Logic Pro X 10.5

Apple (MacRumors, Hacker News):

Apple today unveiled a major update to Logic Pro X with a professional version of Live Loops, a completely redesigned sampling workflow, and new beat-making tools. With its collection of powerful creative features, Logic Pro X 10.5 will be a massive release for all musicians, including those producing electronic music.

The “biggest update to Logic since the launch of Logic Pro X” seven years ago is a free update that doesn’t bump the version number to 11. Apple hasn’t figured out App Store upgrade pricing yet. It has detailed release notes.


Update (2020-05-28): Jason Snell:

I had to use GarageBand last night for a project and was reminded that seven years ago I wrote about three features Apple could add (that Logic already has!) that would make it perfect for podcast editing.

Seven years later: Nope.

Search in

Manuel Grabowski:

iMessage is eight years old. Never once in its entire existence has search on macOS (it’s such a long time that it wasn’t even called macOS back then!) worked properly. It is so ridiculously bad, there’s actually a third-party app that provides a functioning search.


When I need to find something in my iMessages I just grab my iPhone. And let’s not forget that this option has only become viable since iOS13, before which it was just as bad on there as well.

It doesn’t work very well in iOS 13, either. Many times, I’ll type the exact text that appears in the app, and it won’t find it. So I mostly just scroll and read. A long time ago, I reverse-engineered the transcript file format for EagleFiler, so that’s how I search older messages. Unlike in Messages, the matches are highlighted, and you can select the text.

Update (2020-05-14): Nick Heer:

Second, while transcripts are named and categorized as you might expect — by chat participants and chronologically — attachments have an opaque organizational system. Third, SMS transcripts are not stored here; they only exist locally within a SQLite database. Fourth, you cannot use Quick Look to preview a transcript; and, fifth, when you open the transcript in Messages, it may be comprised of many days of discussion and will default to the most recent message, leaving you to scroll back and manually hunt for the chat in question. And, no, you cannot use ⌘-F in a chat preview window.

The search function within Messages itself is even worse. It is inaccurate, hard to use, and somehow incomplete.

See also: AAPL of Discord.

Update (2020-05-19): Noel Cornell:

The juxtaposition of Apple allowing you to store theoretically infinite amounts of messages and providing no good way whatsoever to access/review/search them will never not be ponderous for me. It’s literally impossible to recognize the value of former due to latter.

Monday, May 11, 2020

Apple Books for Authors

Michael Potuck:

The new Apple Books for Authors website is live now. Here’s how Apple describes it:

Apple Books for Authors guides you through every step of your journey as an author, from structuring your story to packaging your digital book and selling it on our store. Even established authors will find valuable resources on how to grow sales and track performance.

The comprehensive guide walks authors through using Pages and iBooks Author apps as well as other popular options like Microsoft Word and Scrivener for the writing process. But there’s much more than that as Apple takes writers through preparing, publishing, audiobooks, marketing, and sales and reporting.


RSS Readers Rejected From the App Store

Brent Simmons (tweet):

NetNewsWire 5.0.1 for iOS is delayed due to an apparently new, or newly-enforced, issue: if an RSS reader includes default feeds, Apple will ask for documentation that says you have permission to include those default feeds.

The first RSS app that got tagged with this, that I know of, was NewsWave. We submitted NetNewsWire 5.0.1 for iOS for review a couple days ago and had the same issue.

I wonder how they expect you to document this permission. For what it’s worth, I hereby give permission for any RSS reader to include my feed URL.

Daniel Jalkut:

I think this is a really bad precedent. Sharing public information shouldn’t require permission.

Mike Rundle:

[I had this issue], years ago. They also said I couldn’t load URLs from Reddit within the app, I had to link out to open them in Safari. I said that makes no sense and they never got back to me. I stopped developing my news app Interesting after that, I didn’t see the point.


It happened the same to me more or less 3 years ago. If I remember correctly they disallowed me even to open link in Safari


If you publish an RSS feed on the internet, that should imply wide distribution. That’s how the thing works.

Jeff Johnson:

RSS is simply the web in XML format rather than HTML format. An RSS reader is simply a web browser that reads XML rather than HTML. RSS feed subscriptions are simply URL bookmarks.

It’s not quite the same, because some RSS feeds contain the full post content. But it’s not as if the apps are purporting to own the content or are altering and proxying access to it like Luminary (which is in the App Store).

Brent Simmons:

NetNewsWire 5.0.1 for iOS was approved this morning and is now up on the App Store. If you don’t see it there yet, it’s because it’s still propagating.

I did not have the chance to provide permission documentation before this happened.

I will assume that the permission issue I wrote about yesterday was mistakenly applied to NewsWave and to NetNewsWire.

I ended up switching back to NetNewsWire (syncing via Feedbin) sooner than planned. It works great and feels incredibly fast.


Update (2020-05-12): Brent Simmons (tweet):

I heard from Apple that, while this latest version has been approved, the app is now under further review for this issue.


I’m trying to figure out what bothers me. I think there are two things.

One is just that the App Store has always seemed rather arbitrary. The guidelines don’t even have to change for unseen policies to change, and it’s impossible to know in advance if a thing you’re doing will be okay and stay okay.


If a site provides a public feed, it’s reasonable to assume that RSS readers might include that feed in some kind of discovery mechanism — they might even include it as a default. This is the public, open web, after all.

Nick Heer:

I see very little difference between NetNewsWire’s default feeds and web browsers that include default bookmarks. Maybe popular web browsers like Firefox and Brave really have struck agreements with YouTube, Amazon, and Wikipedia to include their sites as bookmarks, but I doubt that, and I don’t think that ought to be a requirement. Likewise for feed readers.

If there is a good, non-arbitrary reason for this, Apple is apparently horrible at communicating it.

The options that Apple suggested for bringing the app into legal compliance make it even more of a mystery what the reason was.

Brent Simmons:

The issue with the default feeds reminds me that, at any time, even for a small bug-fix update, App Store review may decide that an app can’t be published as-is for some reason.

You’d be right to think that, with an issue like this, it would come up the same on both App Stores — solve it in one place and you’ve solved it in both. It’s not like I’d have double the issues.

But sometimes the issue actually is platform-specific. For example: NetNewsWire Lite 4.0 for Mac was held up by Mac App Store review for three weeks due to a bug in WebKit. (Yes, this was nine years ago.)

This is supposed to be fun. It’s work that I love doing for a great cause. And I just keep thinking that dealing with the iOS App Store is enough to ask of me, and there’s no requirement that I go through this with the Mac App Store too. The personal cost is just too high.


[The App Store is] arbitrary in ways that defeat its purpose, demean its constituents and take for itself the crown of only responsible grown-up.


It would take an incredible balancing act to actually run an app store well. Apple has done the best job of it so far, but it's still a tire fire that inhibits applications legitimate developers want to write. These events are not representative of every app review process ever, but they are representative of what happens when you have an app review process and you live in the real world. It doesn't have to happen in most of the cases to be a disgrace and an impediment.

Via Nick Heer:

It has been said before but I will say it again: the biggest problem that the App Store faces is in the communication of shifting expectations. If, for whatever reason, Apple wants to interpret default feeds in a feed reader as a potential copyright issue, they ought to notify developers of the change and give them a chance to make adjustments.

Right now, developers do not find out about a change in App Store rules or the interpretation of existing rules until they submit an app for review.


It is ludicrous that the App Store turns twelve years old in July and this fundamental problem remains unaddressed.

In this case, it sounds like Apple hasn’t even decided what the new policy is yet. NetNewsWire wasn’t just rejected for violating an unwritten rule but for violating a rule that doesn’t exist yet.

Update (2020-05-19): Brent Simmons:

I just heard that the default feeds in NetNewsWire are okay as-is, and I don’t need to collect permissions for Apple.

Brent Simmons:

I like to make a public record in order to make inconsistency more difficult.

Apps That Can’t Be Transferred

Charlie Chapman:

Looking again at implementing CloudKit for syncing and again getting hung up on the whole “I can no longer transfer this app to another account” thing

Is it really worth setting up a separate LLC and dev account for each app for the rare chance I may want to transfer later?


It’s not about iCloud data not transferring, it’s that Apple literally won’t let you transfer the app to a different account at all of you’ve enabled the CloudKit entitlement. So you’d have to give up the entire account

Jurgis Kirsakmens:

iCloud entitlement, Catalyst app, Passbook entitlement, apps with App Group Container, Sign in with Apple - any of this makes app un-transferable

Update (2020-07-29): Steve Troughton-Smith:

App Store Connect protip: never, in a million years, put your app into an app bundle. Holy crap. It locks you into so many restrictions, forever, and there’s no way back out of it; you can never remove your app from a bundle, and you can never delete a bundle completely

It is absolutely insane that bundles, which should be a temporary marketing feature, permanently taint your app record. Who in their right mind designed this system? What developer would ever use it if they knew?


swiftdt (Swift Debug Tool)

Mike Ash (via Joe Groff):

This is a tool which can inspect a Swift process and dump information about the Swift runtime in that process.

It currently supports inspecting two kinds of information:

  1. It can dump the protocol conformance cache.
  2. It can dump all metadata allocations, and print the name and size of the metadata allocated by the generic metadata cache.

It’s meant to grow more functionality over time.

The design of the tool places all of the runtime-related smarts in Remote Mirror. swiftdt is then a small that connects the Remote Mirror functionality with remote process inspection.

Exposure Notification

Christina Farr:

Within a few weeks, the Apple project -- code-named “Bubble” -- had dozens of employees working on it with executive-level support from two sponsors: Craig Federighi, a senior vice president of software engineering, and Jeff Williams, the company’s chief operating officer and de-facto head of healthcare. By the end of the month, Google had officially come on board, and about a week later, the companies’ two CEOs Tim Cook and Sundar Pichai met virtually to give their final vote of approval to the project.


The early team included Ron Huang, who runs Apple’s location services group, and Dr. Guy “Bud” Tribble, a veteran Apple software vice president who is referred to internally as the “privacy czar.” Tribble, who is also a medical doctor, is known outside of Apple for speaking out in favor of federal privacy legislation, noting at a Senate hearing that in 2018 that privacy should be a human right.

Huang agreed to loop in a group of engineers who were willing to volunteer their time to the project. They included some of the company’s in-house cryptography experts, Yannick Sierra and Frederic Jacobs (Jacobs has been credited for helping create the secure messaging app Signal). The team began researching some of the protocols for electronic contact tracing already underway at the Massachusetts Institute of Techology and EPFL, a similarly well-regarded research university in Switzerland.

Cory Doctorow (tweet):

But “contact tracing” apps don’t actually do contact tracing. Real contact tracing, of the sort that has been used to fight previous grave infectious disease outbreaks, is a labor-intensive, hard-to-automate process.

The apps that will be developed atop Google and Apple’s joint API will be “exposure notification” apps, not contact tracing apps. These can be complementary to contact tracing, but do not substitute for the army of human tracers we need to fight the pandemic.

Joe Rossignol:

Apple and Google are now referring to “contact tracing” as “exposure notification,” which the companies believe better describes the functionality of their upcoming API. The system is intended to notify a person of potential exposure, augmenting broader contact tracing efforts that public health authorities are undertaking.

Bruce Schneier:

This is a classic identification problem, and efficacy depends on two things: false positives and false negatives.


Assume you take the app out grocery shopping with you and it subsequently alerts you of a contact. What should you do? It’s not accurate enough for you to quarantine yourself for two weeks. And without ubiquitous, cheap, fast, and accurate testing, you can’t confirm the app’s diagnosis. So the alert is useless.

Similarly, assume you take the app out grocery shopping and it doesn’t alert you of any contact. Are you in the clear? No, you’re not. You actually have no idea if you’ve been infected.

I do think it’s worth working on because the tests will hopefully get better, but there’s the danger of launching too soon:

People will post their bad experiences on social media, and people will read those posts and realize that the app is not to be trusted. That loss of trust is even worse than having no app at all.

Elly Belle:

“Those numbers are just unacceptable,” Scott Hensley, a microbiologist at the University of Pennsylvania, told the New York Times, adding, “The tone of the paper is, ‘Look how good the tests are.’ But I look at these data, and I don’t really see that. If your kit has a 3 percent false-positive, how do you interpret that? It’s basically impossible. If your kit has 14 percent false positive, it’s useless.” So if even the three most accurate tests still only proved to detect antibodies 90 percent of the time in people who have been infected, what does that mean for the overall accuracy of antibody tests?

Experts say that ensuring that tests don’t give false-positives is extremely important to everyone’s overall health — if someone receives a false positive and believes that they’re immune to COVID-19 when they aren’t, they could be putting themselves in danger by abandoning necessary measures like social distancing or isolating.

Richard Harris:

The Food and Drug Administration does not regulate these tests, but White House coronavirus task force coordinator Dr. Deborah Birx has said that she expects manufacturers to achieve a standard of 90% specificity (and 90% sensitivity, another measure of test performance that’s less important in this context).

Here’s what would happen if you used a test with 90% specificity in a population in which only 1% of the people have coronavirus. Nobody knows for sure, but that could be the situation in many parts of the country.

In that instance, more than 90% of the positive results would be false positives, and falsely reassuring.


Update (2020-05-14): OpenCovidTrace (via Hacker News):

This update is a reaction to the criticism (most of which was baseless) as well as several technical changes implemented in versions 1.1 and 1.2 of this protocol.


A primary private Tracing Key that was used before for Daily Tracing Keys generation has been removed. In the new version, each Exposure Key (Daily Tracing Key earlier) is randomly generated, so it is impossible to establish a link between them even in theory.


To improve performance, the encryption was changed to AES from HMAC-SHA-256.


A mistake in timing the temporary key generation was fixed.


The appearance of encrypted metadata is the most enigmatic change in specifications. It is not clarified what it will contain and who will have access to it, so let’s try to guess.

Friday, May 8, 2020

Resilient Decoding in Swift


This package defines mechanisms to partially recover from errors when decoding Decodable types. It also aims to provide an ergonomic API for inspecting decoding errors during development and reporting them in production.


After running this code, foo will be a Foo where foo.array == [1, 3] and foo.value == nil. In DEBUG, foo.$array.results will be [.success(1), .failure(DecodingError.dataCorrupted(…), .success(3)] and foo.$value.error will be DecodingError.dataCorrupted(…). This functionality is DEBUG-only so that we can maintain no overhead in release builds.

Cool use of Swift property wrappers and projected values.

See also:


Stack Overflow Layoffs

Prashanth Chandrasekar (via Hacker News):

Like companies large and small, we have had to make difficult choices in order to reflect the market conditions. This week, we reduced our global workforce by approximately 15%. Most of the affected employees were furloughed, except for employees and contractors in regions where furloughs were unfortunately not an option. These actions primarily affected sales and customer success teams within our Talent business, which is dependent on the hiring environment.


Despite the impact to our Talent business, we are seeing significant growth in our core SaaS business, Stack Overflow for Teams, and our Advertising business.

Talent is their product for helping tech companies to hire. The Web site that we use is not the main focus of the company.


The only certainty with Stack Exchange, is that it’s going to end up in the belly of one of just a few possible tech companies: Microsoft, Oracle, Google, Salesforce, etc.


Knowledge services are not great businesses, they’re almost entirely incompatible with the venture capital model. Those that take VC all eventually get force-liquidated, without exception. Stack Exchange is still pretending to be a knowledge service. As they took on more venture capital they pivoted to being primarily HotJobs 3.0. The only way they were going to avoid that outcome, is to 1) never take major venture capital 2) stay super thin operationally; they did neither, so they get liquidated, it’s only a question of time now.

The Internet will need to replace Stack Exchange with a new platform in the near future, as it’ll combo rot and most of the communities will be killed off after SE is sold. I’d advise someone/s out there to get started on replacing SE right now, as by the time you get a new platform up to speed (assume a few years), SE as it has been thought of over the prior decade will be on its last legs and the new platform will be in prime position to step in.

Stack Overflow is not open source, but all the content is Creative Commons.



Ashley Watkins and Royi Hagigi (via Hacker News):

A complete rewrite is extremely rare, but in this case, since so much has changed on the web over the course of the past decade, we knew it was the only way we’d be able to achieve our goals for performance and sustainable future growth. Today, we’re sharing the lessons we’ve learned while rearchitecting, using React (a declarative JavaScript library for building user interfaces) and Relay (a GraphQL client for React).


On our old site, we were loading more than 400 KB of compressed CSS (2 MB uncompressed) when loading the homepage, but only 10 percent of that was actually used for the initial render. We didn’t start out with that much CSS; it just grew over time and rarely decreased. This happened in part because every new feature meant adding new CSS.


By using rems, we can respect user-specified defaults and are able to provide controls for customizing font size without requiring changes to the stylesheet. Designs, however, are usually created using CSS pixel values. Manually converting to rems adds engineering overhead and the potential for bugs, so we have our build tool do this conversion for us.


To prevent flickering as icons come in after the rest of the content, we inline SVGs into the HTML using React rather than passing SVG files to <img> tags. Because these SVGs are now effectively JavaScript, they can be bundled and delivered together with their surrounding components for a clean one-pass render.


Dithering Podcast

John Gruber:

Dithering is a new podcast from yours truly and Ben Thompson. Three episodes per week, 15 minutes per episode. Not a minute less, not a minute more.

It’s a subscription: $5/month or $50/year.


Dithering is subscription-only but it is entirely built on plain-old wide-open RSS, and is designed to work with any and all podcast players. There is no Dithering app and never will be. […] Episodes exist only in the feed, and thus, from a listener’s perspective, only in their podcast player.

Update (2020-05-12): Ben Thompson:

That time limit is certainly a challenge (that is why we recorded 20 episodes before we launched — the entire back catalog is available to subscribers), but we really wanted to experiment with what a podcast might be. We purposely don’t have show notes or much of a web page, and we have created evocative cover art embedded in each episode’s MP3, because the canonical version of Dithering is in your podcast player. This is as pure a podcast as can be — and that means open, even if it isn’t free.


This, if you squint, looks a lot like email: create something that listeners find valuable on an ongoing basis, and deliver it into a feed they already check, i.e. their existing podcast player. That is Dithering: while you have to pay to get a feed customized to you, that feed can be put in your favorite podcast app, which means Dithering fits in with the existing open ecosystem, instead of trying to supplant it.

Update (2020-05-19): John Gruber:

We’ve had just over 5,000 sign-ups so far and not one single request for a refund. Zero! And for that $5/month price you get access to the whole back catalog of episodes going back to mid-March.


What’s really cool is that if you sign up, listen, and decide to subscribe to Dithering, you can do it right in your podcast app, from the link at the top of the episode’s show notes. It’s really very clever — and completely built on the open web.

Update (2020-05-20): Peter Kamb:

Independent/subscription podcasts need a better experience than this[…]

Flexgate Class Action Lawsuit

Joe Rossignol:

A nationwide class action lawsuit filed against Apple in Northern California court this week accuses the company of knowingly concealing a defect with a display-related flex cable on recent 13-inch and 15-inch MacBook Pro models.


Apple seemingly fixed the issue by extending the length of the flex cable by 2mm in the 2018 MacBook Pro. It also launched a free repair program in May 2019, but the program only applies to 13-inch MacBook Pro models released in 2016.


Update (2021-07-26): Juli Clover:

A class action lawsuit that Apple was facing over “Flexgate” issues affecting MacBook Pro displays has been dismissed by a California federal judge, reports Law360.


The judge overseeing the case said that because the defect appeared after the warranty period, Apple was not required to disclose it because it was not a safety issue.


Thursday, May 7, 2020

Facebook SDK Causes Crashes

Juli Clover (Hacker News):

Multiple iPhone and iPad users are seeing their apps crashing at launch as of this afternoon, and the issue appears to be caused by a faulty Facebook SDK that the apps are using.


Multiple developers on GitHub have attributed the problem to a Facebook software development kit used by the apps for sign-in purposes. Apps are failing to open even when users do not use the Facebook login options included.


Due to a major increase in crashes across the iOS ecosystem caused by an issue with a popular iOS SDK, iOS crash processing in Crashlytics was disabled at 11:00 PM UTC.

So many crashes that it brought down the crash reporter.

Ben Sandofsky:

To stop crashes from the Facebook SDK, some devs tried commenting out any code that calls Facebook. Nothing worked.

It turns out that by just including the SDK with your app, Facebook runs hidden code on launch. (FBSDKApplicationDelegate.m)

Guilherme Rambo (tweet):

The issue was caused by some bad data being sent by Facebook’s server to their SDK, which caused code in the SDK to crash, which in turn brought down the app that was running the SDK. Since this happened during the initialization of the SDK — something that occurs right after launching the app — the apps simply became unusable. You can read more about it here.

I did find a workaround that allowed me to order dinner though. Since the crash was caused by data sent by Facebook’s servers, I blocked the domain (and all of its subdomains) on my network using Pi-Hole.


The other solution would be some form of sandboxing that isolates this type of SDK from the main app code. Apple’s operating systems already have and use XPC extensively — and iOS supports extensions — but it still doesn’t expose such functionality to developers.

Anil Dash:

The flagship mobile apps from Google, Spotify, Apple, NYT, Venmo, Walmart and many other huge companies all broke for about 30 minutes.


Done right, open source is magic. It gives coders super powers to build things they could never do alone. But it can also be a strategy that makes huge parts of our online experience dependent on a few companies, and vulnerable to their choices. The failure that millions of people experience today was just (“just”) some apps crashing for a little while. A few weeks ago, it was Zoom using a Facebook library that sent data in ways they didn’t disclose. We don’t have a cultural fluency in how to talk about the interconnectedness of all the tech around us.

Apple and Google use the Facebook SDK?

John Gruber:

Facebook themselves are no dummies. None of their iOS apps ever break because of a bug from Google or Adobe, because they’re not foolish enough to bake in a dependency they don’t control.


Update (2020-05-14): ethanhuang13:

FacebookAuth is for iOS app developers who need to support Facebook login but don't want to use the official SDK.😒

Single closure API. ~100 loc of implementation.

Steve Jobs, Photographer

Chris Hynes:

It shouldn’t surprise anyone that Steve Jobs liked to take pictures. He was even taking a picture the last time I saw him. However, many people might not know that some of his photos shipped as Desktop Pictures in Mac OS X 10.5 Leopard.

Nick Heer:

But, when Steve Jobs showed it for the first time, the audience did not break into applause. After a couple of seconds of silence, they started laughing — not a typical reaction to a new feature shown at an Apple keynote presentation. One reason for that could be because, at that time, some builds of Microsoft’s glassy-looking Vista had a photo of grass set as the default wallpaper. Apple chose to introduce Leopard — which featured a translucent menu bar and reflective glass dock — with a similar photo of blades of grass.

Wink Abruptly Switches to Subscription

Wink (Hacker News):

Wink has taken many steps in an effort to keep your Hub’s blue light on, however, long term costs and recent economic events have caused additional strain on our business. Unlike companies that sell user data to offset costs associated with offering free services, we do not. Data privacy is one of Wink’s core values, and we believe that user data should never be sold for marketing or any purpose.

We have a lot of great ideas on how to expand on Wink’s capabilities and satisfy the many requests from our user base. In order to provide for development and continued growth, we are transitioning to a $4.99 monthly subscription, starting on May 13, 2020.


Should you choose not to sign up for a subscription you will no longer be able to access your Wink devices from the app, with voice control or through the API, and your automations will be disabled on May 13.

Via Jason Snell:

It’s the deadline of a single week that I find incredible. That’s either a sign of desperation or malevolence; either one would make me hesitant to pay them a dime.


Zapping the PRAM for Catalina Permissions

Erica Sadun:

Ran into trouble this weekend where I was unable to add permissions for a number of apps to allow access to my microphone and camera.


With some help from Bas Broek and this article, which specifically addressed the inability to grant access in Catalina, I discovered that rebooting with a NVRAM/PRAM reset might help. It sounded like sacrificing chicken entrails but it worked. While a regular reboot didn’t help, the Cmd+Option+PR reboot did.


Zoom Security Improvements

Zoom (via David Heinemeier Hansson):

Zoom 5.0 is here!

With robust security enhancements and to prepare you for the upcoming transition to GCM encryption.

Bruce Schneier:

There is nothing in Zoom’s latest announcement about key management. So: while the company has done a really good job improving the security and privacy of their platform, there seems to be just one step remaining to fully encrypt the sessions.

The other thing I want Zoom to do is to make the security options necessary to prevent Zoombombing to be made available to users of the free version of that platform. Forcing users to pay for security isn’t a viable option right now.

Eric S. Yuan (Hacker News):

We are proud to announce the acquisition of Keybase, another milestone in Zoom’s 90-day plan to further strengthen the security of our video communications platform. Since its launch in 2014, Keybase’s team of exceptional engineers has built a secure messaging and file-sharing service leveraging their deep encryption and security expertise. We are excited to integrate Keybase’s team into the Zoom family to help us build end-to-end encryption that can reach current Zoom scalability.

Dan Moren:

There are, as Yuan points out, drawbacks to implementing that end-to-end encryption, which will be an option for paid accounts, but not mandatory. Namely, certain features won’t be compatible, such as phone bridges and cloud recording (because Zoom can’t decrypt the content).


Update (2020-05-25): Alex Stamos:

Zoom has published an initial design and roadmap for deploying end-to-end encryption for hundreds of millions of meeting participants.

Update (2020-06-03): Gennie Gebhart:

I have been pleasantly surprised with Zoom’s quick and decisive responses to security criticism recently, but after a feedback call they hosted this morning about their end-to-end encryption plan I am back to being disappointed.

The plan that I heard is to build out end-to-end encryption, but as a premium feature offered only to paid accounts.

Microsoft Word Now Flags Double Spaces As Errors

Tom Warren (Hacker News):

Microsoft has settled the great space debate, and sided with everyone who believes one space after a period is correct, not two. The software giant has started to update Microsoft Word to highlight two spaces after a period (a full stop for you Brits) as an error, and to offer a correction to one space. Microsoft recently started testing this change with the desktop version of Word, offering suggestions through the Editor capabilities of the app.

Much of the debate around one space or two has been fueled by the halcyon days of the typewriter. Typewriters used monospaced fonts to allocate the same amount of horizontal spacing to every character. Narrow characters like “i” got the same amount of space as “m,” so the extra space after the “.” was needed to make it more apparent that sentences had ended. Word and many other similar apps make fonts proportional, so two spaces is no longer necessary.

I’ve never understood the explanation that the recommendation has changed because of proportional fonts. Why would the widths of the letters matter? A space is still a space. It’s not as if the font knows to make sentence-ending spaces wider. If anything, there is by default more perceived space with a typewriter because the period character is wider, yet mostly empty, so the last letter of one sentence and the first letter of the next are farther apart.

As far as I can tell, what changed is the preference of designers for how much space there should be.


Historical style guides before the 20th century typically indicated that wider spaces were to be used between sentences. Standard word spaces were about one-third of an em space, but sentences were to be divided by a full em-space. With the arrival of the typewriter in the late 19th century, style guides for writers began diverging from printer’s manuals, indicating that writers should double-space between sentences. This held for most of the 20th century until the computer began replacing the typewriter as the primary means of creating text. In the 1990s, style guides reverted to recommending a single-space between sentences. However, instead of a slightly larger sentence space, style guides simply indicated a standard word space. This is now the convention for publishers.

John Gruber:

Go look at a few professionally-typeset books — every single sentence on every page in every book has one space after the period.

I have shelves full of books typeset with LaTeX, which by default puts more than a single space at the end of each sentence. It think this looks much better. But, crucially, LaTeX only makes the space fractionally larger. There’s no easy way to do that with most software, and if it’s a choice between one and two spaces, I think two looks odd.

Single spaces introduce a technical problem, which is that the software can’t tell whether a period is at the end of a sentence or merely following an abbreviation. LaTeX’s solution is that you have to manually mark periods that are not sentence ending. People often forget to do this. It also treats runs of multiple spaces as a single space, like Web browsers do.

Daniel Kehoe:

I was active on the www-talk mailing list in 1993. In July, in the thread “Space after Periods,” Terry Allen (an editor at O’Reilly) wanted rendered HTML documents to follow Tex conventions with extra space after a period.


Terry Allen and I engaged in some snarky backbiting, then Ken Chang of NCSA Publications said he preferred “‘one space fits all’ as writers of HTML really shouldn’t need to know the fineries of typography.” Marc Andreessen (still at NCSA in 1993) pointed out browser developers couldn’t be expected to implement the syntactic analysis required to distinguish the end of sentences from inter-sentence periods. Finally Guido van Rossum (the developer of the Python programming language) complained that, “extra space after a sentence… is mostly propaganda by Knuth and Kernighan (TeX and troff)” and implored, “Let’s keep HTML simple!” You may know that Python is unique among programming languages in treating whitespace as significant. At the time, I hadn’t yet learned to use Python (it was still pre 1.0) and didn’t know that Guido van Rossum had strong feelings about the significance of whitespace.

In the end, we ended up with browsers putting a single uniform space between sentences (as you can see on this page).

Martin Wierschin:

I recently came across a copy of the COVID-19 economic relief explanation letter being sent out by the White House here in the United States[…] What was interesting to me was not the contents of this letter, but rather the spacing after each period.

Update (2020-05-14): Simone Manganelli:

Another reason to prefer more than one space after a period: it is FAR easier to scan long pieces of text and understand some of it, because my eyes can more easily pick out the beginning and ends of sentences.

This is literally the same reason why we have paragraphs.

Wednesday, May 6, 2020

Reviving a 16-year-old Mac App

Jonathan Deutsch (Hacker News):

Today we released Whisk 2.0: a lightweight web page editor with a live preview that updates as you type. The name may be new, but the mac app’s origins are in shareware called HyperEdit that I started while in college over 16 years ago. It is hard to believe I’ve worked on an app old enough to get its driver’s license!


From a developer perspective, distributing software is significantly harder. In 2003, you could switch the config to Release, hit build, zip the app, and then put on a web server. In 2020, distributing requires learning the intricacies of certificates, code signing, provisioning profiles, hardening, notarization, .dmg creation, gatekeeper, and paying a $99 per year fee. From a mac technology perspective, I don’t think it is an exaggeration to say the amount required to learn to distribute software exceeds the amount I needed to know to write the first beta of HyperEdit! I wonder if it would have gotten off the ground if I started today.

Update (2020-05-18): Benedikt Terhechte:

I spend the last 9 months working almost every spare minute on a new iPad / macOS app. It seems I’m almost done, but this affected me really hard. It was so so so much work. Looking back I should never have started this. I’m unbelievable proud, but also totally exhausted 😔


I think there were times when I was close to crying because it was all just too much. This also includes a plethora of UIKit bugs which more than once made things that seem trivial cost me weeks.

There’s just so much complexity going on, and my app doesn’t even use the network, but there’s so much tech you need to know, understand, incorporate, and then manoeuvre around all weird iOS behaviours

SwiftUI, Cursor, UIDocument, iCloud, Spotlight, Unicode (two different strings), Drag and Drop, Splitscreen, Multi-Window, Keyboard, Objc Interop, Sharing, Undo, Dark Mode, Assets, and so on. Building an indie app is a suicide squad

Oluseyi Sonaiya:

This whole thread, amen.

I’ve paused my indie iOS app multiple times, because it’s unclear that the return is worth the effort. I’m finding peace treating it purely as a hobby.

AirPods Pro Firmware Problems

Joseph Curran (via Adam Engst):

Those first two weeks with AirPods Pro were like heaven on earth. Then came the sting in the tale and the start of this ongoing saga: a firmware update.

AirPods firmware updates happen automatically. And unlike with iOS and macOS updates, they can’t be stopped. You’re getting the update whether you like it or not.


2B588 weakened the noise cancellation, and this was quickly picked up on by many users. On Apple’s support forums, a thread was created on November 24th entitled AirPods Pro firmware 2B588 reduce the noise cancelling capability. As of today, it has an astronomical 39,000 views and runs to 37 pages.


To make matters even worse, this month (April 2020) it emerged users were being shipped replacement AirPods running an unreleased firmware version, 2D3, which rendered their product unusable due to a mismatch between the left and right pods.

Juli Clover:

Apple today released a new firmware update for the AirPods Pro, upgrading the previous firmware, version 2C54 or 2B588, to the new firmware, 2D15.


AirPods Pro firmware updates often include performance improvements, bug fixes, and feature tweaks, but we may not find out what’s new as Apple does not provide any kind of release notes for AirPods updates.

Damien Petrilli:

Latest AirPods Pro firmware doesn t fix noise cancelling. It might even be worst esp with high-pitched noises.

At this point we should be able to ask for a refund. This is not the product I purchased and updates are forces upon the user by Apple without choice.

I’m still happy with the noise cancellation on mine, though I don’t think I ever got to experience the “good” firmware.

See also: Pixel Buds versus AirPods and AirPods Pro.


CleanMyMac X in the Mac App Store

Oleksandr Kosovan:

The fact that the Mac App Store became much better and that it supported subscriptions, made us work on building CleanMyMac X for the Mac App Store.


The fact that some CleanMyMac X features aren’t available on the App Store doesn’t mean they’re harmful or illegal. The App Store limits privileges of applications to protect your Mac from malicious software, but this approach also imposes unnecessary restrictions on safe activities, like cleaning system logs or even updating applications. That’s exactly what happened to CleanMyMac X.

There’s a long list of missing features.


Mac Pros Don’t Really Sleep

Colin Cornaby:

One weird thing about the Mac Pro I haven’t seen mentioned… It does not support sleep. It can do display sleep, and the sleep command in the Apple Menu will trigger display sleep. But the machine itself will not support deep sleep and the fans will always run.

I don’t know if it has its own version of sleep that isn’t deep sleep. Power nap is there. But it doesn’t sleep like other Macs where the fan turns off and the machine is on standby. And if you tap the keyboard to wake it feels like only the display is sleeping.

Brendan Shanks:

Wow, power usage in “sleep” is 15W, that’s really high. iMac is 1W, even trashcan Mac Pro was 4W.


Update (2020-05-06): John Siracusa:

You can absolutely get a 2019 Mac Pro to sleep and spin down all its fans. Use the pmset command-line tool to find out what’s keeping your Mac from sleeping.

Colin Cornaby:

Ohhhh interesting. Sharingd and powerd were preventing sleep even though no one was connected? Turned screen/file sharing off and then back on again, and now after about a minute the fans spin down all the way.


Mine turns on the rear blower after about 90 minutes of sleep. It’s barely audible but you can feel the air flow. I wonder if this behavior is normal?!

Advantages of the Arq 6 File Format

Stefan Reitshamer:

The problem [with Arq 5] is, as your backup set gets bigger, the number of “index files” that explain what’s in those pack files grows until it becomes unwieldy. To find an object, Arq had to check every index file, as well, as the list of unpacked blobs, until it found the identifier it was looking for.

Arq 6 doesn’t do that. It stores the actual location in the data. A “snapshot” (backup record/commit) contains the path, offset and length of the trees and blobs it needs. The trees contain the paths, offsets and lengths of the trees and blobs they need. No more looking at all the index files.

Arq 6 also doesn’t store “commits” like git did, where each commit contained the identifier of the parent commit. Deleting a commit from the bottom of that queue was costly. Arq 6 stores “snapshots” (replacement for commits) independently, so one can be deleted without affecting any others.

Also, Arq uses a sqlite database to keep a list of all the blobs, trees and commits and the references among them, so that finding and deleting unreferenced data is very quick. Enforcing a budget is also far faster than in Arq 5.

I’ll be interested to learn more about how this works. It seems like it would still need to do a complete scan to see whether a new file has the same content as one that was already backed up and to locate unreferenced blobs after pruning snapshots.


Apple’s Q2 2020 Results

Jason Snell:

Apple on Thursday announced that it generated $58B in revenue during its second fiscal quarter. Services revenue was up again, wearables revenue was up again, and iPhone, Mac, and iPad were down. The company declined to give guidance on what it thought would happen during the current quarter, given how uncertain the world economy and pandemic situation are.

Charts! We’ve got many of them below.

John Gruber:

Services (23%) now account for quite a bit more of Apple’s revenue than Mac and iPad combined (9% and 7%).

See also: This is Tim.


Tuesday, May 5, 2020

WWDC 2020 Announced

Apple: (MacRumors, Hacker News)

Apple today announced it will host its annual Worldwide Developers Conference virtually, beginning June 22, in the Apple Developer app and on the Apple Developer website for free for all developers.


Developers are encouraged to download the Apple Developer app where additional WWDC20 program information — including keynote and Platforms State of the Union details, session and lab schedules, and more — will be shared in June.

I wonder how they’re going to do labs. The demand will be huge if anyone can go and they’re free.

Craig Hockenberry:

It feels like there’s a lot to read between the lines regarding Apple’s commitment to Mac Catalyst when the app we’ll all be using for WWDC doesn’t run on the platform where we all use Xcode.

Steve Troughton-Smith:

It was surprising that the Apple Developer app wasn’t on macOS for last WWDC, it’s unbelievable that it won’t be by WWDC 2020. Updates for the app don’t go out until nearer WWDC so there’s still time


13-inch MacBook Pro 2020

Apple (Phil Schiller, Hacker News):

Cupertino, CaliforniaApple today updated the 13-inch MacBook Pro with the new Magic Keyboard for the best typing experience ever on a Mac notebook and doubled the storage across all standard configurations, delivering even more value to the most popular MacBook Pro. The new lineup also offers 10th-generation processors for up to 80 percent faster graphics performance and makes 16GB of faster 3733MHz memory standard on select configurations. With powerful quad-core processors, the brilliant 13-inch Retina display, Touch Bar and Touch ID, immersive stereo speakers, all-day battery life, and the power of macOS, all in an incredibly portable design, the new 13-inch MacBook Pro is available to order today, starting at $1,299, and $1,199 for education.

So much for “continuing both keyboard designs.”

For me, this model is neither here nor there. The 13-inch MacBook Air has a better trackpad (smaller and therefore more reliable) and keyboard (no Touch Bar). The 16-inch MacBook Pro has a much better display. Why suffer through the “Pro” input methods on the small display?

Dieter Bohn:

After five years, Apple’s era of bad butterfly MacBook keyboards is finally over (except for everybody who still has one.)

Juli Clover:

10th-generation Intel Core processor options are now available, but only on higher-end configurations starting at $1,799. Lower-end configurations still use Intel’s older 8th-generation processors like the previous 13-inch MacBook Pro.

The high-end configuration can be customized with a 2.3GHz quad-core 10th-generation Core i7 chip with Turbo Boost up to 4.1GHz.

Michael Potuck:

Not sure which MacBook to pick up? Read on for a detailed MacBook Pro vs MacBook Air comparison to make the right decision.


Update (2020-11-27): Jason Snell:

Beyond the new keyboard, these are very modest revisions to the existing 13-inch MacBook Pro designs. The 13-inch model has not gotten the revamp that the 15-inch model did when it transformed into a 16-inch laptop last fall.

John Gruber:

The low-end models are something else altogether. They’re not bad MacBooks by any sense — but I genuinely wonder who they’re for. Most people who want a 13-inch MacBook should definitely get the new Air; those who want or need more performance should get the high-end MacBook Pro. I’m not sure who the people in the middle are, other than those who feel they should buy a MacBook with “Pro” in the name because that sounds better.

Psychic Paper

Siguza (via Steve Troughton-Smith, Hacker News):

Yesterday Apple released iOS 13.5 beta 3 (seemingly renaming iOS 13.4.5 to 13.5 there), and that killed one of my bugs. It wasn’t just any bug though, it was the first 0day I had ever found. And it was probably also the best one. Not necessarily for how much it gives you, but certainly for how much I’ve used it for, and also for how ridiculously simple it is. So simple, in fact, that the PoC I tweeted out looks like an absolute joke. But it’s 100% real.


A very interesting thing about this bug is that I couldn’t point you at any particular piece of code and say “there’s my bug”. The reason for that is that, of course, iOS doesn’t have just one, or two, or even three plist parsers, it has at least four!


Because it’s very hard to parse XML correctly, valid XML makes all parsers return the same data, but slightly invalid XML makes them return just slightly not the same data. :D In other words, any parser difference can be exploited to make different parsers see different things. This is the very heart of this bug, making it not just a logic flaw, but a system-spanning design flaw.


This means that while IOKit considers <!---> as just the start of a comment, CF considers it as both start and end. After that, we feed both parsers the <!--> token, which is now too short to be interpreted as a full comment by either of them. However, the difference in states (in a comment vs. not in a comment) causes a very interesting behaviour: if we’re currently inside a comment, both parsers see the --> ending a comment, otherwise they both just see the <!-- starting one.

John Gruber (tweet):

So Siguza’s exploit — which granted an app full access to the entire file system, and more — uses malformed XML comments constructed in a way that one of iOS’s XML parsers sees its declaration of entitlements one way, and another XML parser sees it another way. The XML parser used to check whether an application should be allowed to launch doesn’t see the fishy entitlements because it thinks they’re inside a comment. The XML parser used to determine whether an already running application has permission to do things that require entitlements sees the fishy entitlements and grants permission.

Rob Hiller:

Implementing 4 different parsers is just asking for trouble, and the ‘fix’ is of the crappiest sort, bolting on more crap to check they’re doing the right thing in this single case. None of this is encouraging.

This reminds me of the time last year when I spent several months going back and forth with App Review and DTS because my app wouldn’t launch in the App Review environment, even though it worked fine for me. It turns out that, after uploading your submission, they post-process the entitlements plist, and that particular XML parser discards everything after the first comment. My app wouldn’t launch because the entitlements needed for the hardened runtime got stripped. This was apparently an old bug that got fixed and then came back.

iPhone SE Haptic Touch and Notifications

Juli Clover:

Customers who have purchased the new 2020 iPhone SE have found a surprising missing feature - Haptic Touch does not work with notifications.

On the 2020 iPhone SE, long pressing on a notification in the Notification Center or on the Lock screen does not appear to bring up rich notification options to allow iPhone SE users to interact with incoming content.

Benjamin Mayo:

Apple should let the SE do long press notification previews, no reason for it not to. FWIW the XR didn’t support it at launch either; it was added in a point update.

John Gruber:

A lot of complaints about this, and rightly so, from folks upgrading to the new SE from older iPhones that supported 3D Touch.


I’m not even entirely sure that that’s the full explanation for why this is, and it’s my job to stay on top of stuff like this. All I know is that there is only one iPhone in Apple’s current lineup that doesn’t support long-pressing notifications and that phone is the SE, the very newest model, and that doesn’t make sense.

Nick Heer:

This is such a bizarre and seemingly arbitrary limitation. There is no reference to it in the iPhone user guide, and it is the only iPhone model with either 3D Touch or Haptic Touch where this specific interaction and no other is not present.

Meek Geek:

Also: No reason why swipe-from-bottom multitasking gestures available on iPads with Touch ID are held back from iPhones, except for upsell & profit.


Monday, May 4, 2020

Arq and Time Machine Exclusions

Manuel Grabowski:

I figured there must be some way to find out what data exactly changed inbetween two TM snapshots. There is. I let that script run (for almost an entire day) and in the resulting output I was quickly able to find the directory that was responsible for almost the entire size of the changes: ~/Library/Arq/.


So for months, my two primary backup strategies have negatively affected each other by slowing down to a grinding halt and consuming ungodly amounts of CPU power and fan spinnage.

The corresponding folder in Arq 6 is /Library/Application Support/ArqAgent. Even though I recently started new Arq backups, and they contain only a small fraction of my files, that folder already contains a cache.noindex folder that’s 11 GB. (Due to its file permissions, that folder is no longer accessible in Finder, so I had to inspect it via Terminal and sudo.)

Because .noindex only applies to Spotlight, Time Machine is wasting time, energy, and space backing up these files. To exclude them from Time Machine, they’d have to be in a .nobackup folder or otherwise marked.

I suppose there’s a reason that some people might want to back up the Arq cache. It could be slow or expensive to redownload the cached data if you do need to restore from a backup. But I decided to add a manual exclusion in the Time Machine preferences.

Sidenote: I’m now using Arq 6.2.11, which seems to work well except that unmounting an unrelated drive still causes other in-progress backups to abort.


Faster Face ID Failing With a Mask

Juli Clover:

In the iOS 13.5 beta, released this morning, Apple has streamlined the speed with which the passcode pops up when a person wearing a mask is detected, making it easier to get into an iPhone with a passcode when Face ID fails.

Speedier access to the passcode interface is noticeable when you swipe upwards on the Home screen when unlocking the iPhone , as this action now immediately brings up the passcode interface if your face is covered by a mask.

John Gruber (tweet):

iOS 13.5 is clearly going to make this better by just skipping right to the passphrase screen, but it turns out you can jump to that screen immediately in the current version of iOS just by tapping the “Face ID” text label in the center of the screen. I had no idea this text acted like a button, and never would have guessed that it did. If only there were some way that on-screen elements that act like buttons could be made to look like buttons…

Willi Kampmann:

Even if that invisible button looked like an actual button, it still wouldn’t be obvious because why would you tap the “FaceID” button to cancel FaceID and go straight to codeID


Update (2020-05-19): Javier Soto:

iOS 13.5 is shipping with an improvement for FaceID with masks (showing the passcode prompt right away), but they still have the same bug where if you start typing it right away, it misses the first key press 🤦‍♂️

It’s the same “iOS calculator can’t do math” bug all over again.


NSProgress Documentation Conflicts

Curtis Herbert:

Wait...what? The new NSProgress stuff on NSOperationQueue says you have to call super.start() to contribute towards progress, but Foundation docs for NSOperation say to never call super.start() O.o


The progress property represents a total progress of the operations executed in the queue. By default NSOperationQueue does not report progress until the totalUnitCount of the progress is set. When the totalUnitCount property of the progress is set the queue then opts into participating in progress reporting. When enabled, each operation will contribute 1 unit of completion to the overall progress of the queue for operations that are finished by the end of main (operations that override start and do not invoke super will not contribute to progress).

NSOperation documentation:

At no time in your start method should you ever call super. When you define a concurrent operation, you take it upon yourself to provide the same behavior that the default start method provides, which includes starting the task and generating the appropriate KVO notifications.

Matej Bukovinski:

Let’s just replace a NSProgress helper with built-in API. Easy. A day later we’re still trying to figure out if we even know how this API is supposed to be used. Spoiler: The header is right. As usual. Never rely just on the generated docs.


-isIndeterminate returns YES when the value of the totalUnitCount or completedUnitCount property is less than zero. Zero values for both of those properties indicates that there turned out to not be any work to do after all; -isIndeterminate returns NO and -fractionCompleted returns 1.0 in that case.

NSProgress documentation:

Progress is indeterminate when the value of both totalUnitCount and completedUnitCount are zero.


Update (2020-05-06): Peter Steinberger:

UIKit folks, there’s a radar from 2017 about wrongly documented NSProgress API.

Update (2020-05-19): Noah Gilmore:

Oh man, this just reminded me of a nasty customer-facing issue we fixed with NSProgress. Turns out that if you set completedUnitCount too many times on a background thread, app’s memory grows uncontrollably and eventually hits the memory limit 😨

NetNewsWire Code Layout

Brent Simmons:

The benefits of components and being careful with dependencies are clear — but why use actual frameworks? After all, a conceptual module doesn’t have to translate to an actual separate library target.

I’ve found that it’s easier, when using a framework, to ensure for a fact that you don’t let an unwanted dependency to slip in. It’s kind of like treat-warnings-as-errors — it makes sure you’re not getting sloppy with dependencies.

The App Coalition

The App Coalition:

The App Coalition is the first organization devoted to developing forward-looking policies to protect consumers in line with their increasing reliance on apps and to ensuring that consumers have unfettered access to the content of their choosing on their devices through those apps. Additionally, the Coalition seeks to educate stakeholders about the app economy to ensure a fair market in line with both consumer laws and consumer expectations.

Naomi Nix and Ben Brody (via 9to5Mac):

The App Coalition’s main trade group competition is ACT-The App Association, which weighs in on policy issues affecting developers, but also counts Apple and Microsoft Corp. as sponsors, according to its website.


Among the other policy issues the group plans to focus on are privacy and content moderation. Gregory Guice, also of McGuireWoods Consulting, said the group would advocate against unnecessary intrusion by platform companies into apps to moderate content. He added that the App Coalition also plans to support laws that would spell out exactly what kind of data can be collected from users and how it can be used.


Although the group said it isn’t focused on competition issues initially, it said its long-term focus is on creating “a market free from control by artificial barriers, such as those created by gatekeepers.”