Archive for July 9, 2021

Friday, July 9, 2021

Pulse Network Logger Goes Open Source

Alex Grebenyuk (tweet):

Pulse is a powerful logging system for Apple Platforms. Native. Built with SwiftUI.

Record and inspect network requests and logs right from your iOS app using Pulse Console. Share and view logs in Pulse macOS app. Logs are recorded locally and never leave your device. Learn more at

This looks like a good project if you want to see SwiftUI in action.


Open-sourcing the Apps

Manton Reece:

I’ve been thinking a lot lately about the longevity of and where we need help to continue to grow the platform and community. As we approach 4 years since the public launch, there are some parts of the platform and supporting services that should be shared more widely, so that I’m not the bottleneck on every little change.

As a next step, all the native apps for iOS and macOS are now open source, available on GitHub[…]

See also: Core Intuition.

Apple Music Lobotomizes Siri

Dave Scocca:

I have an iTunes library of almost 15,000 songs, mostly ripped from my CDs but with a number of iTunes store purchases. I have a 256 GB iPhone to allow me to have my music with me, and my new-ish Civic has CarPlay. It used to be great–I could use either the car’s voice control button or (later) “Hey Siri” and request music and have it played.

Since activating Apple Music, that process has gone completely to hell. Siri seems to have no idea of what music might actually be stored on the phone. At first, I could play an album using the phone controls or the CarPlay interface, but if I asked Siri to play the exact same album I would be told that it couldn’t be played because I didn’t have cellular data enabled for music streaming. I have tried adding the words “from my library” to various places in my requests to Siri, and it generally does nothing.

If I ask for a specific song, I can often get it–but after the song, instead of continuing on with the album, it goes to whatever the Apple Music algorithm might think is appropriate.

If I ask for one of my specific playlists, using a phrase like “Play the playlist ‘Five Star’ from my library, shuffled”, Siri goes to Apple Music and shuffles something called “Kill Rock Stars/5RC Experimental”.


Woz on Right to Repair

Derek Wise (Hacker News):

Apple is often brought up when talking about right to repair, usually in reference to their anti-repair practices. In response to a Cameo request, Steve Wozniak spoke for almost 10 minutes on the importance of right to repair and how it has impacted his life.


He then focused on the way that Apple, at its founding, was positively impacted by the open schematics of the time. “When starting Apple, I could never afford a teletype for input and output.” He then spoke about how he was able to use a tv to output the signals. “That all came from being able to repair things, modify them, and tap into them yourself.”

Moving on from his own repair experience, he questioned, “why stop the self-repair community? Why stop the right to repair people? Look at the Apple II. It shipped with full schematics… this product was the only source of profits for Apple for the first ten years of the company.”

The video is here.

See also: Mixerology.


Update (2021-07-13): Jesper:

You can do this with multiple ton vehicles, often filled with tens of gallons of flammable propellant just to make things interesting, but also with separate computer networks, tight clearances and miniaturized components out the wazoo.

Why you should not be able to do this with mobile phones and tractors has only ever had one honest answer[…]

Migrating 2FA Codes From Authy to iCloud Keychain

Dan Moren:

Nice as it would be if Apple’s new system could simply import all your codes from Authy—or other apps like Google Authenticator—it doesn’t seem as though that’s an option for that at present, which isn’t entirely surprising given the security issues involved.


I found a tip that lets you easily display all of your time-based one-time password (TOTP) setup keys from Authy using the Authy Desktop app for Mac and Google Chrome.

The end result was that I spent about an hour laboriously copying each setup code into the appropriate password entry in the Safari Technology Preview’s Password section and—just to be on the safe side—logging in to each website to make sure it worked.

I’m interested in using this feature to enter 2FA codes more easily and to sync them using iCloud Keychain, but testing it out is giving me doubts:


Update (2021-07-09): Dave Wood:

I’m surprised Apple even added this as a feature. Just like storing 2FA codes in 1Password, it’s no longer 2FA if both factors are stored together.

Update (2022-02-04): Glenn Fleishman:

Thus, to switch from whatever you’re using now to Apple’s system, you’ll have to disable and re-enable two-factor authentication for each site or, if the site supports it, regenerate the seeding secret.

What if you want to try Apple’s system but maintain whatever app you’re using now? In that case, after you disable and re-enable two-factor authentication, you can scan the QR code or enter the setup key manually in multiple systems, one after another. Just add the QR code to Apple’s system, and then, while it remains onscreen, scan it with Authy or 1Password or whatever.

Apple has now implemented importing and exporting via CSV, including the 2FA codes, so at least you can make a local backup.

Cabel Sasser:

I would like to try importing a 1P CSV into Passwords, but I’m paranoid, and docs are scant. Would it overwrite any existing passwords? Is there a conflict dialog if there are dupes? What can I expect from the experieince?

Rick Mondello:

  • We won’t overwrite existing creds.
  • There is a conflicts dialog at the end.
  • Importing something that’s exactly already there isn’t a conflict. Just silent success.


Another Western Digital 0-Day

Brian Krebs (Hacker News):

But there is a similarly serious zero-day flaw present in a much broader range of newer Western Digital MyCloud network storage devices that will remain unfixed for many customers who can’t or won’t upgrade to the latest operating system.

At issue is a remote code execution flaw residing in all Western Digital network attached storage (NAS) devices running MyCloud OS 3, an operating system the company only recently stopped supporting.


But according to Domanski, OS 5 is a complete rewrite of Western Digital’s core operating system, and as a result some of the more popular features and functionality built into OS3 are missing.


Domanski said MyCloud users on OS 3 can virtually eliminate the threat from this attack by simply ensuring that the devices are not set up to be reachable remotely over the Internet. MyCloud devices make it super easy for customers to access their data remotely, but doing so also exposes them to attacks like last month’s that led to the mass-wipe of MyBook Live devices.

Western Digital remains my favorite brand for bare hard drives. They have consistently good reliability, prices, and quiet operation. But we keep being reminded to stay away from their software.