Archive for May 20, 2021

Thursday, May 20, 2021

Carbon Copy Cloner 6

Mike Bombich (tweet):

We’ve completely rebuilt our file copier to take advantage of the performance characteristics of modern storage.


CCC can now tap into the macOS FSEvents service for a list of folders modified on the source since the last backup rather than scanning every folder for changes.


CCC now offers more detailed progress indication while a task is running, including a time remaining estimate. File processing and transfer rates are now charted live during backup tasks.


CCC’s Snapshot Navigator allows you to step through older versions of your backups and get a preview of your files as they were at specific points in time.


If a sudden change in snapshot-related disk usage occurs, or if disk usage is exceeding expectations, CCC raises the change to your attention so you can address the root of the matter.


When your tasks run, CCC will record detailed information about the transactions that occurred during the task, e.g. files copied, files updated, folders created or updated, files deleted or archived. You can view these backup audits in CCC’s Task History window, and never again wonder why CCC copied a particular file.

This is a great update. $40 for new purchases or $20 to upgrade.

See also: What’s new in CCC 6? and Beyond Bootable Backups: Adapting recovery strategies for an evolving platform.


Preventing Surprisingly Large Objective-C Type Encodings

Peter Steinberger:

If you’re familiar with Objective-C, you likely know about selectors, but they only contain the name and number of parameters. The type each parameter has is stored in the method type encoding, which is encoded as a simple string. With C++ types, those strings can easily become lengthy and add to your binary size. […] Before it was changed, the worst offending method type signature in our codebase contained 13,126 characters. That’s 12 KB (!) for one type.


While you can use strings | grep -e '{' in your app binary to find encodings, it’s not always easy to see the method or variable referenced. So instead, I wrote a helper in Swift to find the largest type encodings of methods and instance variables.


There are various ways you can hide C++ objects. For most situations, I created a separate struct in the ObjC class implementation and moved C++ objects into it. This newly created struct is connected to the class via a unique_ptr. This is an additional level of indirection, but it can be cached before entering any hot paths, so it shouldn’t have any performance drawbacks (see below).


Update (2021-06-05): Peter Steinberger:

Looks like this was picked up and fixed!

“[ObjC] Encode pointers to C++ classes as "^v" if the encoded string would otherwise include template specialization types”

Epic v. Apple, Day 13

Nick Statt (tweet):

Epic and its lawyers have throughout the trial pointed to the freedom consumers have on macOS to download applications outside the Mac App Store and to largely do what they please on the macOS operating system. Epic has held up the openness of the Mac as an example of what the iPhone, as a general computing device in Epic’s eyes, should be transitioned into if it were to win its case.

But Federighi on Wednesday argued against this proposition by saying it would destroy the level of security enjoyed by iOS users, in effect tarnishing the Mac in order to save the iPhone. “It would become commonplace for users to be directed to download misrepresented software from untrusted sources where they’d be subject to malware,” Federighi argued, referring to the notion of alternative app stores as a “pretty devastating setback for iOS security.”

Adi Robertson (tweet):

Federighi basically says iOS users need to be more protected because the Mac is a specialist tool for people who know how to navigate the complexities of a powerful system, while the iPhone and iPad are — literally — for babies.


Federighi took a far broader view of security than Epic’s own expert witness James Mickens. Mickens testified earlier that iOS wasn’t meaningfully more secure than Android, but he analyzed mostly technical threats to the platforms. Federighi focused on scams, phishing, and other apps that target human psychology instead of computer code — many of which pose serious dangers.

Sometimes, though, the protectiveness felt patronizing. When Federighi explained Apple’s restrictions on cloud gaming, he focused partly on tangible security issues, like how to grant device permissions for different titles on a single gaming app. But he slipped seamlessly into discussing how the concept would be simply too confusing — that iPhone and iPad owners would be befuddled by the notion of launching a separate game catalog. Apple wants iOS devices to feel trustworthy, but at times like that, it seems more like Apple just doesn’t trust its own users.

Chris Welch (Hacker News):

Federighi’s mission was pretty clear from the outset: to extol the security benefits that come with iOS’s walled-off ecosystem and warn of the dangers that would come with breaking the App Store model.

But in building that argument, Federighi also made some surprisingly blunt concessions about security on macOS.

“If you took Mac security techniques and applied them to the iOS ecosystem, with all those devices, all that value, it would get run over to a degree dramatically worse than is already happening on the Mac,” Federighi said in the testimony. “And as I say, today, we have a level of malware on the Mac that we don’t find acceptable and is much worse than iOS.”


Federighi also cast the difference between the two platforms in unusual terms, describing the desktop platform as something akin to a car. “If operated correctly, much like that car, if you know how to operate a car and obey the rules of the road and are very cautious, yes,” he said when asked directly whether macOS is safe. “If not, I’ve had a couple of family members who have gotten some malware on their Macs.”

What happened to iOS devices being cars and Macs being trucks?

Joe Wituschek:

It’s kind of insane to know that Apple’s strategy to protect the App Store on the iPhone requires it to throw the Mac under the bus. Federighi’s reasoning is that the iPhone, being that it contains more private information and is carried around with you, requires a higher bar of security.

Kosta Eleftheriou:

There it is. If Apple has their way, we might even have to say goodbye to macOS “sideloading”.

A true dystopian future of centralized software distribution, in which Apple only sees upside, no downside.

Francisco Tolmasky:

And of course it goes without saying that they’re playing word games here, where an app that just tricks you into paying monthly isn’t classified as “malware” in the traditional sense, but I assure you, users don’t care about technicalities when they are scammed.

Logan Collins:

It’s hard not to read into this as Federighi saying “we see the Mac as a malware-ridden mess and will change that by locking out everyone who doesn’t agree with us.”


For those that think that iOS is safe because of the “walled garden” take a look at the leaked Pegasus/NSO documents here. NSO couldn’t care less about the “walled garden” because they infect devices without it: silently (0-click) or click on a link (aka 1-click).

Russell Brandom and Adi Robertson (MacRumors):

In a filing Tuesday night, Apple asked the court to dismiss one of the 10 counts alleged in the initial complaint, arguing Epic had failed to establish any evidence for the charge that Apple had violated the essential facilities doctrine by failing to provide access to software distribution tools on iOS.

Ian Sherr:

Schmid said there were “over 80 times” Epic asked for expedited review for Fortnite, and it was reviewed over 200 times. There were times that App Review apparently pushed back on Schmid’s team, asking if these expedited reviews were necessary

Paul Haddad:

“We treat all developers the same.”

Pretty sure I’ve gotten told no on my second expedited request within a year.

See also: Leah Nylen.


Update (2021-05-24): Jeff Johnson (see his screenshots of the Mac App Store):

I agree that the level of Mac malware is unacceptable.

20 Years of Apple Retail Stores

Michael Steeber:

Twenty years ago this week, Apple opened its first brick and mortar retail stores to applause, cheering, and seemingly endless lines of smiling faces. What started at two malls in Tysons Corner, Virginia and Glendale, California became a tradition spanning two decades, generations of customers, and more than five hundred new stores.

See also: Tim Cook.