Archive for January 20, 2021

Wednesday, January 20, 2021 [Tweets] [Favorites]

Porting Firefox to Apple Silicon

Gian-Carlo Pascutto:

Once the compiler was working, a similar exercise needed to be done with all the Rust crates we depend on. The need to update the compiler and the reliance of some crates on the exact compiler version, especially parts dealing with SIMD support, would end up biting us later on as it made it hard to push Apple Silicon support forward to an earlier release of Firefox without potentially affecting other platforms.

[…]

While we can port the open-source parts of Firefox to 64-bit ARM ourselves, Netflix and some other video streaming services such as Hulu, Disney+, or Amazon Prime require their video to be decoded with closed source, proprietary DRM software.

[…]

If we force this decoding process to run under emulation, we would be able to use the existing Intel x64 decoder modules and have them communicate with the main browser that was running natively.

[…]

More of a concern was user reports that some antivirus software was flagging all our Universal Binaries as malware, and corrupting the Firefox installation the moment the update arrived.

The software was using machine learning techniques and presumably observed that our combined Universal Binaries didn’t quite look like any other legitimate software it had ever seen before.

Previously:

Swift AsyncSequence

SE-0298 (via David Smith, forum):

Swift’s async/await feature provides an intuitive, built-in way to write and use functions that return a single value at some future point in time. We propose building on top of this feature to create an intuitive, built-in way to write and use functions that return many values over time.

This proposal is composed of the following pieces:

  1. A standard library definition of a protocol that represents an asynchronous sequence of values
  2. Compiler support to use for...in syntax on an asynchronous sequence of values
  3. A standard library implementation of commonly needed functions that operate on an asynchronous sequence of values

Previously:

Update (2021-02-19): Philippe Hausler:

To facilitate the collecting of values and moving from the asynchronous world into the synchronous world we should add an extension on AsyncSequence of collect to gather up all the values asynchronously and produce an array of those values. This of course means that the function must follow the effects entailed with said asynchronous iteration; that means that when an AsyncSequence that throws is collected it will throw and when it does not throw of course that collecting process should not throw. This means that the act should be rethrows according to the conformance of the type it is called upon. Furthermore collecting all values must also be in it of itself asynchronous.

Data Security on Mobile Devices

Maximilian Zinkus et al.:

In Apple iOS we found a powerful and compelling set of security and privacy controls, backed and empowered by strong encryption. However, we also found a critical lack in coverage due to under-utilization of these tools.

[…]

We observed that a surprising amount of sensitive data maintained by built-in applications is protected using a weak “available after first unlock” (AFU) protection class, which does not evict decryption keys from memory when the phone is locked. The impact is that the vast majority of sensitive user data from Apple’s built-in applications can be accessed from a phone that is captured and logically exploited while it is in a powered-on (but locked) state.

[…]

Use of Apple iCloud (unsurprisingly) transmits an abundance of user data to Apple’s servers, in a form that can be accessed remotely by criminals who gain unauthorized access to a user’s cloud account, as well as authorized law enforcement agencies with subpoena power. More surprisingly, we identify several counter-intuitive features of iCloud that increase the vulnerability of this system.

[…]

More critically, we observe that Apple’s documentation and user settings blur the distinction between “encrypted” (such that Apple has access) and “end-to-end encrypted” in a manner that makes it difficult to understand which data is available to Apple. Finally, we observe a fundamental weakness in the system: Apple can easily cause user data to be re-provisioned to a new (and possibly compromised) HSM simply by presenting a single dialog on a user’s phone.

Via Nick Heer:

Maybe there are only bad options, and this is the best bad option that strikes the least worst balance between individual security and mass security. But the compromises seem real and profound — and are, officially, undocumented.

Previously:

Charger Nerdery

John Gruber:

So the good news is that if you use Apple’s 18W adapter (which Apple provided with iPhones 11 Pro and iPads Pro, including the iPad Pro updates from March of this year) instead of their new 20W adapter (which Apple includes with the new iPad Air and sells for $19), MagSafe will still draw 13W, which is close to the maximum draw of 15W. But it’s kind of nutty that the MagSafe charger will seemingly draw 15W from one and only one adapter, Apple’s own 20W one.

John Gruber:

So these GaN chargers are much smaller, the same price as Apple’s or cheaper, and more energy efficient. There seemingly is no downside or catch. Until I hear otherwise I’d say there’s no reason anyone should buy Apple’s 20W adapter instead of Anker’s or Aukey’s.

[…]

And while Anker does call out GaN on the product pages for some of its chargers, it does not for the 20W Nano. In their FAQ, regarding how the Nano can be both faster and smaller, Anker more or less just attributes it to secret sauce[…]

John Gruber:

So on the one hand, because the HomePod Mini includes the 20W charger, it was fine that it didn’t work with the old 18W charger. But on the other hand, if you ever toss the 20W charger into a bag or drawer along with an Apple 18W charger, you needed an extraordinary amount of knowledge to know which charger the HomePod Mini required. Not sure how much work Apple had to put into the 14.3 software update to make the HomePod Mini work with the 18W charger too, but I’m glad they did. It’s too confusing otherwise.

[…]

My mistake was using Apple’s slightly older 29W USB-C power adapter, which looks exactly like Apple’s more recent 30W USB-C power adapter. We’ve had that adapter plugged into our kitchen island for years, and it’s never before mattered. But with the Magic Keyboard, it did.

Adam Chandler:

For Tim Cook, who so often measures hardware success in units of “customer sat”, this charging situation has gone completely out of hand. Apple needs to do two things. They either make two chargers, one for iOS devices and another for MacOS devices each with a USB-C port as the termination on the back OR they need to very clearly label in some sort of embossed etching on every charger they make the wattage.

Joe Rossignol:

This supply chain news suggests that Apple is planning GaN versions of its USB-C power adapters, allowing them to be smaller and lighter, more power efficient, and less heat conductive compared to its current chargers, which are based on silicon.

Previously:

Network Neutrality Follow-up

Drew Holden:

Three years ago, America was locked in a battle for #NetNeutrality, and, by extension, life as we knew it.

For the lucky few who survived, I invite you to join me on a quick stroll down memory lane to revisit the doom and gloom we were promised.

[…]

It’s worth pausing here to point out that none of this came to pass. The internet remains as free and open as ever, speeds have increased, prices have dropped, you aren’t paying to use Google (I hope!) and there hasn’t been one iota of accountability despite all that.

My Comcast rate increased, but I didn’t personally notice any other negative changes (or benefits).

FairInternetReport (Hacker News):

American internet users have had a very good 2020: according to research performed by FairInternetReport, median US internet speeds in 2020 doubled to 33.16mbps, up from 17.34mbps in 2019. Covering the five years of 2016, 2017, 2018, 2019, and 2020, this is the largest speed increase seen in the US, with speeds staying essentially the same in 2016 and 2017 (8.91mbps and 9.08mbps respectively), and 2018 recording a median speed of 12.83mbps.

The US stills lags behind many European and developed nations worldwide, and its major cities also often lag behind their European equivalents. That said, there is cause for celebration in Dallas, Seattle and Austin, after our analysis has shown that these cities are performing extremely well relative to most European capital cities.

Nick Heer:

It is an unfortunately common myth that the primary issue of net neutrality is internet speed in pure terms. That has been widely promoted — Twitter still has a #NetNeutrality hashflag marked by a buffering indicator — but it lacks key context. The actual concern is that internet service providers are in a position to influence winners and losers by acting less like the utility providers they are and more like an intermediate market gatekeeper.

But let us pretend that pure measurements of internet speed are what net neutrality protects. This report shows a massive spike in average internet speed — a bigger jump than any previous year. Is that because providers have invested in infrastructure? Capital expenditures were the primary reason Ajit Pai cited for eradicating net neutrality regulations enacted by the previous Tom Wheeler-led FCC. Well, no.

[…]

This report does not prove that net neutrality regulations were a waste of time, or that getting rid of them is somehow beneficial. It only shows is that people bought faster internet service when they needed it.

Ashley Carman (via Nilay Patel):

If you’re a Comcast TV and internet user, prepare for price hikes. The company is planning to increase the prices of a variety of services starting January 1st, 2021, according to Ars Technica and a document detailing the various price increases being shared on Reddit.

Previously: