Archive for May 19, 2021

Wednesday, May 19, 2021

Dave Jacobsen:

We know you’ve been using “The Ultimate Guide To iPhone Resolutions” from PaintCode that’s outdated, but trust me this new one is where it’s at.

It has TONS of useful stuff and even supports iPads, Apple Watch, TV, and CarPlay!

See also Adaptivity.


Update (2021-05-19): Josh Calvetti:

@trevormkay is the dev and designer behind that, though he’s too humble to make a big deal about it. But it’s a great resource for sure, and also great proof of what can be done with a PWA outside of the App Store.

Tweaks for Twitter 1.0

Jeff Johnson (tweet):

Tweaks for Twitter is a macOS web browser extension that improves the user interface of in many ways. Tweaks works in Safari for Mac, Google Chrome for Mac, and any other Chromium-based web browser for the Mac, such as Brave, Microsoft Edge, and Vivaldi.

In addition to cleaning out lots of extraneous elements, it expands “” URLs and makes the full page scrollable.


Epic v. Apple, Day 12

Adi Robertson (tweet):

“Product marketing works hand-in-hand with engineering on all of our projects,” Schiller explained. Different parts of Apple simply aren’t siloed into neat divisions; it’s one tight-knit company that makes a many-featured product.

That anecdote buttressed a more legally pertinent claim: because of this management system, Apple allegedly has no idea how much the App Store makes.


Where Epic has pointed out phrases like “lock-in” and seeking “stickiness” on iOS, Schiller emphasized that the “stickiness” involved trying to add features that would discourage phishing. “If there’s any plan here, it’s simply to come up with new features to help protect users from security and privacy scams.”


Cross-examination touched on topics like iMessage, but Epic’s counsel favored exhaustive readings of policies and lists that could show Apple in an unfavorable light, including every time it mentions relying on open source software and the search results for “BDSM” on the App Store.

Nick Statt (tweet):

Schmid was likely far underplaying the amount of revenue Apple earned from Fortnite’s mobile app, as court documents and independent analyst firms estimate the amount to be more in the range of $300 million to $350 million. It’s unclear why Schmid chose the $100 million figure when asked how much money Apple earned on commission from Fortnite through the App Store’s standard 30% cut.

Nick Statt:

Epic’s lawyer gets Schiller to admit there were no known security issues he’s aware of from downloading apps through the enterprise app program, which companies can use to sideload software on the iPhone.

Adi Robertson:

Epic’s attorney raises one case of a company that had to remove in-app purchases of a sort: Amazon. Schiller says Amazon launched a store specifically to sell Kindle ebooks, because “they didn’t expect anyone to read books on an iPhone.” So it was considered an external purchase.

Amazon added support for reading ebooks within iOS, and Apple said Amazon had to either remove it and force people to only read on the Kindle again, or start giving Apple a commission on what had become an in-app purchase.

I don’t really agree with that narrative, given the sequence of events:

Nick Statt:

Epic’s lawyer plays Schiller a clip of Scott Forstall’s deposition in which he reveals some apps were processing their own in-app payments prior to the launch of IAP in 2009.

Schiller says he doesn’t “agree” with Forstall’s testimony.

Nilay Patel:

Agree w Adi and Nick - Schiller did a good job today, and Epic failed to figure out what story to tell with him

Horacio Gutierrez (via MacRumors):

There is a lot to admire about Apple, but my company, Spotify, has seen another, brutish side.


A Hard Bargain for Apple in China

Jack Nicas, Raymond Zhong, and Daisuke Wakabayashi (tweet):

Tim Cook, Apple’s chief executive, has said the data is safe. But at the data center in Guiyang, which Apple hoped would be completed by next month, and another in the Inner Mongolia region, Apple has largely ceded control to the Chinese government.

Chinese state employees physically manage the computers. Apple abandoned the encryption technology it used elsewhere after China would not allow it. And the digital keys that unlock information on those computers are stored in the data centers they’re meant to secure.

Internal Apple documents reviewed by The New York Times, interviews with 17 current and former Apple employees and four security experts, and new filings made in a court case in the United States last week provide rare insight into the compromises Mr. Cook has made to do business in China. They offer an extensive inside look — many aspects of which have never been reported before — at how Apple has given in to escalating demands from the Chinese authorities.


Mr. Cook often talks about Apple’s commitment to civil liberties and privacy. But to stay on the right side of Chinese regulators, his company has put the data of its Chinese customers at risk and has aided government censorship in the Chinese version of its App Store. After Chinese employees complained, it even dropped the “Designed by Apple in California” slogan from the backs of iPhones.

Francisco Tolmasky:

The journey this slogan has taken under Tim Cook is incredible: from inheriting it as a subtle and classy message under box flaps, to clumsily pushing it to the forefront as tasteless over-branding, only to be sacrificed as a representation of complete capitulation to China.

Nicas et al.:

U.S. law has long prohibited American companies from turning over data to Chinese law enforcement.


In China, Apple has ceded legal ownership of its customers’ data to Guizhou-Cloud Big Data, or GCBD, a company owned by the government of Guizhou Province, whose capital is Guiyang. Apple recently required its Chinese customers to accept new iCloud terms and conditions that list GCBD as the service provider and Apple as “an additional party.”


The terms and conditions included a new provision that does not appear in other countries: “Apple and GCBD will have access to all data that you store on this service” and can share that data “between each other under applicable law.”

Under the new setup, Chinese authorities ask GCBD — not Apple — for Apple customers’ data, Apple said. Apple believes that gives it a legal shield from American law[…]

Matthew Green:

Big parts of iCloud rely on special devices called Hardware Security Modules, or HSMs. These are specialized computers that store keys. In the US, Apple uses Thales HSMs.

Not only is Apple being forced to move Chinese citizens’ HSMs to China, China specifically refused to certify the Thales HSMs. This is actually pretty fascinating.


It’s really hard to know what to make of this. There are two good theories:

  1. China does not trust western HSM hardware to keep them safe.
  2. China felt the Thales HSMs were too safe, ie they would be difficult to for China to access.


What’s interesting about this change is that (to the best of my knowledge) your iCloud country registration can be changed by anyone who has your iCloud password.

What happens to my data if someone changes my registration to China?

Jack Nicas.

Here is Apple’s full statement on our story.

Timothy Buck:

FB/Google: We would rather give up business in China than hand over your data to the totalitarian Chinese regime.

Apple: We would rather give your data to a totalitarian Chinese regime than give up our business there.

John Gruber:

Option A: Apple does what it did — store all Chinese users’ iCloud data on servers in China, under the ultimate control of the Chinese government.

Option B: Apple refuses to do so, and the Chinese government shuts down iCloud in China and probably bans the sale of Apple devices.

Is there an Option C? I don’t think there is.

I suppose the argument for Option B is that if enough companies did this together that might put pressure on the Chinese government and eventually lead to positive change. Whereas, by bending to the demands, Apple is helping to keep the regime in power.

On the other hand, there’s no guarantee that Option B would “work.” It would have disastrous consequenes for Apple’s sales, and possibly for its supply chain, and, at least in the short term, for its Chinese customers:

What would I want Apple to do if I were a Chinese citizen who wants to use an iPhone and iCloud? (And if I were a Chinese citizen, I would very much want to use an iPhone and iCloud.) […] Even with the multiple significant compromises Apple has made to comply with Chinese law, it feels entirely possible that using Apple devices and iCloud is one of the most private things anyone outside government leadership can do in China.

Nick Heer:

If Apple were not involved in hardware and software and services, it would have less complicity but, also, less potential influence. It looks like that balance is tipping in the direction of this combination being a liability in the country.

Thomas Clement:

When you wish iCloud was designed with end-to-end encryption.


Update (2021-05-25): Mike Rockwell:

There’s a very clear and obvious Option C — build Apple products that are less reliant on iCloud.

If access to the physical servers is the biggest privacy issue, then give users the tools to effectively opt-out of it entirely and take control of their own data.


iCloud Photos, iCloud Drive, Notes, and any other service that syncs or stores data in iCloud could be stored locally on a Time Capsule. Apple’s servers would just be there to tell the device I’m using how to connect to the Time Capsule on my home network. In other words, Apple facilitates the connection and then my devices talk directly with the Time Capsule using end-to-end encryption.