Archive for August 27, 2020

Thursday, August 27, 2020


Jordan Rose:

What I wanted was for Objective-C’s messaging syntax, or something like it, to be valid anywhere in Rust code. It didn’t have to be exactly Objective-C, but I quickly realized the advantage of Objective-C’s syntax: it’s delimited, i.e. it’s a self-contained expression that can be dropped into something larger without changing how that larger thing parses. (That’s probably why it’s bracketed in C as well.)


If I were just matching that, I could use Rust’s original pattern-matching macros. But to take a whole block of code, and replace everything that looks like a message lock in that block…well, it might be possible with pattern-matching and quite a bit of recursion, but it’s going to be a lot easier to use procedural macros, a Rust macro interface written in Rust and used as a compiler plugin. (Swift folks, basically what SwiftSyntax allows you to do, but invoked on-demand during compilation.)

Update (2020-08-31): See also: Hacker News.

iOS 14 Hidden Features

Juli Clover:

In this guide and accompanying video, we’ve rounded up some of the most useful hidden features you’ll find in the iOS 14 update. Note that some of these features are limited to Apple’s newer iPhones and do not work with older models.


Back Tap is an Accessibility feature that lets users double tap or triple tap on the back of the iPhone to perform various actions.

Juli Clover:

In iOS 14, iPadOS 14, and macOS Big Sur, developers are able to make subscriptions available for all members of a Family Sharing group for the first time, which will let multiple users take advantage of subscription offerings.


Stealing Local Files Using Safari Web Share API

Pawel Wylecial:

In general Web Share API allows users to share links from the browser via 3rd party applications (e.g. mail and messaging apps). The problem is that file: scheme is allowed and when a website points to such URL unexpected behavior occurs. In case such a link is passed to the navigator.share function an actual file from the user file system is included in the shared message which leads to local file disclosure when a user is sharing it unknowingly. The problem is not very serious as user interaction is required, however it is quite easy to make the shared file invisible to the user. The closest comparison that comes to mind is clickjacking as we try to convince the unsuspecting user to perform some action.


The issue exists on both MacOS and iOS, after selecting different methods of sharing we will get different results, some of them are shown below.


Below you can see a video demonstrating stealing user’s browsing history using web share API[…]

Catalin Cimpanu (via Hacker News):

Wylecial initially reported the bug to Apple earlier this spring, in April, but the researcher decided to go public with his findings today after the OS maker delayed patching the bug for almost a year, to the spring of 2021.


Where Did Mac’s Resale Value Go?

Om Malik:

So I wondered, how much can I get for my 8-month old Macbook Pro? I mean if it was not too much, I would be happy to upgrade to new model. Unfortunately, the cost is too much. Apple’s official trade-in says that I could get $1530, which is what you could get on eBay. That is a depreciation of $3000 or about $375-a-month. Ouch! The upgrade is not as automatic as it used to be. Maybe it is the news of the pending launch of ARM-based machines that has depressed the prices. An alternative theory is that Apple and its machines are so commonplace and people don’t buy laptops as often that Mac machines have lost any resale value.

Via Adam Chandler:

Apple product resale has dropped off a cliff! The iPhone has remained mostly resilient if you’re the kind of person who buys a new iPhone top-end model every 12 months full price and unlocked, you can recover about 70% of its value after a year..sometimes more especially if it lived in a case, has the box and AppleCare along with unused earphones. The Apple Watch on the other hand, it’s hard to give these away, particularly the premium models. Aluminum will see a 50% drop YoY but Stainless steel models drop even more. People don’t see the value in the premium Apple Watch models so it actually drops to aluminum pricing after a year.

Finally, there are Macs…these were usually a 25% drop after 12 months, then 15% year two and you’d expect a 50% drop after 3 years of ownership. That has changed and while I used to be able to justify buying the most expensive MacBook and iMac knowing I’d get most of that money back in resale, I don’t anymore.

Why Did Mozilla Remove XUL Add-ons?

David Teller:

Firefox used to have a great extension mechanism based on the XUL and XPCOM. This mechanism served us well for a long time. However, it came at an ever-growing cost in terms of maintenance for both Firefox developers and add-on developers. On one side, this growing cost progressively killed any effort to make Firefox secure, fast or to try new things. On the other side, this growing cost progressively killed the community of add-on developers. Eventually, after spending years trying to protect this old add-on mechanism, Mozilla made the hard choice of removing this extension mechanism and replacing this with the less powerful but much more maintainable WebExtensions API.


XUL was developed at the time of HTML4, when web specifications were stuck in limbo, and was designed largely as a successor of HTML dedicated to applications instead of documents. Almost twenty years ago, Mozilla released a first version of XULRunner, which was basically an earlier version of Electron using XUL instead of HTML (HTML could also be inserted within XUL).


There was a catch, of course: the Servo team didn’t have the resources to also reimplement XUL, especially since Mozilla had decided long ago to stop working on this technology. In order to be able to eventually replace Gecko (or parts thereof) with Servo, Mozilla first needed to migrate the user interface of Firefox to HTML5.

Of course, not all extensions can be written with the newer system.