Archive for September 1, 2020

Tuesday, September 1, 2020 [Tweets] [Favorites]

Setting Default URL Handlers

Brent Simmons:

NetNewsWire lets you set the default RSS reader to itself or any other RSS reader. It’s an important feature.

Now that we’re sandboxing the app, we’re losing that feature, as LSSetDefaultHandlerForURLScheme is apparently disallowed for sandboxed apps[…]

This is a good example of how the sandbox still feels half-baked. 9 years later, it’s not documented that this function doesn’t work in sandboxed apps. There’s no replacement API, e.g. that asks the user whether it’s OK to change the URL handler. The system UI for setting the preferred RSS app has been removed, so the user can’t do it manually.

Was it worth it? Was there an epidemic of URL handler changers that we’re being protected from? Apps in the Mac App Store need to be sandboxed, and if this API were enabled in the sandbox it could in theory be policed by App Review, anyway. Apps outside the Mac App Store don’t need to be sandboxed, and malware certainly isn’t, so the restriction only affects legitimate apps that are trying to do the right thing—which the restriction discourages.

Quinn:

If you’re sandboxing just because it’s the right thing to do, you should be able to move this call to a non-sandboxed XPC Service

However, this would not be allowed in the Mac App Store.

Erik Schwiebert:

Outlook used to have a pref like that to set itself as the default mail reader. We deleted it when we sandboxed the Mac Office apps, and now point admins to tools like duti. Not end-user friendly, but I don’t know a way around it.

Picsew 3.5

TidBITS:

We’ve found the Picsew app for iPhone and iPad invaluable for combining and modifying screenshots, and, most importantly, applying device frames to iPhone, iPad, and Apple Watch screenshots. It’s a free download in the App Store, with a $0.99 in-app-purchase to upgrade to Picsew Standard or $1.99 to upgrade to Picsew Pro. You need Picsew Standard for adding device frames, annotations, high-quality exports, and more, but Picsew Pro is necessary only if you want to make multiple screen screenshots by recording video rather than combining static screenshots.

[…]

One of our favorite features of Picsew is that it can remove scrollbars and clean up the status bar in iOS screenshots.

App Attest

Bruno Rocha:

As (possibly) a response to jailbreaking become popular again in recent times, Apple has released their own measure to this problem. In iOS 14, the new App Attest APIs provide you a way to sign server requests as an attempt to prove to your server that they came from an uncompromised version of your app.

It’s important to know that App Attest is not a “is this device jailbroken?” check, as that has been proven over and over to be impossible to pinpoint. Instead, it aims to protect server requests in order to make it harder for hackers to create compromised versions of your app that unlock premium features or inserts features like cheats.

[…]

As you can’t trust your app to protect itself, App Attest requires work on your backend to be fully implemented.

Thermal Corner for the 16-inch MacBook Pro

Peter Steinberger:

I found out that my MacBook Pro 2019 runs way faster if I close the lid when using an external screen - 2.7GHz (base 2.4+turbo) vs ~1.5 GHz due to thermal throttling. Gonna accept that these things can only drive one screen fast.

I never had this problem with my 2012 MacBook Pro. I’m glad I bought the 16-inch, because Big Sur doesn’t support the original Retina model, but the new one is a regression in this and other basics like trackpad, Touch Bar, and keyboard.

Ian (via Peter Steinberger):

There’s a 222 (so far) pages thread on Apple Forums with more information about this (or related)

Up to 226 now.

Previously: