Archive for October 2021

Friday, October 29, 2021 [Tweets] [Favorites]

Apple’s Q4 2021 Results

Apple (Hacker News, MacRumors, TidBITS):

The Company posted a September quarter revenue record of $83.4 billion, up 29 percent year over year, and quarterly earnings per diluted share of $1.24.

[…]

“Our record September quarter results capped off a remarkable fiscal year of strong double-digit growth, during which we set new revenue records in all of our geographic segments and product categories in spite of continued uncertainty in the macro environment,” said Luca Maestri, Apple’s CFO. “The combination of our record sales performance, unmatched customer loyalty, and strength of our ecosystem drove our active installed base of devices to a new all-time high. During the September quarter, we returned over $24 billion to our shareholders, as we continue to make progress toward our goal of reaching a net cash neutral position over time.”

Jason Snell (transcript):

iPhone sales were $38.9 billion, up 47% versus the year-ago quarter. It was a very good year for the iPhone business. Services were $18.3 billion, continuing their relentless growth pace at 26% above the year-ago quarter.

Wearables sales were $8.8 billion, up 12% versus the year-ago quarter. That’s a good number out of context, but actually the slowest year-over-year growth rate for the category in almost five years.[…]

iPad sales were $8.3 billion, up 21% versus the year-ago quarter. The iPad business has averaged almost $8B in sales per quarter over the last year. We’ve seen six straight quarters of year-over-year growth for the iPad, 10 of 12, and 14 of 18.

Mac sales were $9.2 billion, up 2% versus the year-ago quarter. […]

Joe Rossignol:

Apple today reported Mac revenue of $9.17 billion in the fourth quarter of its 2021 fiscal year, which is an all-time quarterly revenue record for Macs. Apple CEO Tim Cook said there was “strong demand” for the M1 MacBook Air in particular.

Joe Rossignol:

Apple today reported services revenue of $18.27 billion in the fourth quarter of its 2021 fiscal year, which is an all-time quarterly revenue record. The company’s services revenue was up around 25% from $14.54 billion in the year-ago quarter.

Sami Fathi:

Microsoft now sits at a market value of $2.46 trillion, while Apple stands at $2.43 trillion. Apple’s drop in market value follows what Wall Street analysts and experts call disappointing quarterly earnings results yesterday, despite solid growth in product categories.

Previously:

Larger Files and Smaller Packages on Monterey

Armin Briegel:

I stumbled over this as I was looking for a different new option for pkgbuild in Monterey. In a conversation with the ever awesome Duncan McCracken, he mentioned that the tool had gained an new option, --large-payload, which allows for individual files in the payload to be larger than 8GB.

[…]

We have learned that when you use the --compression latest with a --min-os-version of 10.10 or higher the pkg creation uses the Apple Archive compression for the payload, leading to smaller pkg file sizes. I did a few more tests with some other apps and the file compression improvements were between 20% and 25%.

Tesla’s Configurable Floating Point Formats

Tesla (PDF, via Reddit):

Tesla extended the reduced precision support further, and introduced the Configurable Float8 (CFloat8), an 8-bit floating point format, to further reduce the enormous pressure on memory storage and bandwidth in storing the weights, activations, and gradient values necessary for training the increasingly larger [neural] networks. Unlike the IEEE 754R standard, the purpose of this standard is mostly to standardize the formats and not necessarily to provide for portability of code to guarantee identical numerical result across all platforms.

The IEEE Float16 and Bfloat16 formats described above have a fixed number of bits allocated to the mantissa and exponent fields and have a fixed exponent bias. However, eight bits can only accommodate a small number of mantissa and exponent bits, so some configurability is required to ensure high accuracy and convergence of the training models.

One key property enabling this configurability is the fact that different parameters, namely weights, gradients and activations, have different precision and dynamic range requirements to achieve high training accuracy and convergence.

[…]

Due to the limited number of representable exponent values, Infinity and NaN encodings are not supported.

See also: James Douma.

Update (2021-11-12): Miguel de Icaza:

We do something like that, with great results[…]

What’s New on the Monterey Command Line

Florian Albrecht:

The other day we found a helpful command line tool option, only to discover later that the option was only available in macOS Monterey. Since we also need to target Big Sur, this would not be an option for us. So we created something to help us overcome similar issues in the future: a way to compare man pages between macOS system versions.

[…]

We applied some shell scripting in order to get those man page source files into readable plain text. Then we put the releases we wanted to compare, in this case macOS 11.6 and macOS 12.0, into a git repository. And voilà, out of approximately 3200 man pages, 817 had changes.

[…]

We think that our solution can be useful to more people, so we published the formatted results on GitHub. Just clone the repository, and make sure you have Kaleidoscope installed and set up as git difftool. Enter git difftool changeset/macOS11 changeset/macOS12, and you will get this[…]

This is really cool. The GitHub repo is here.

Previously:

Denis Tokarev’s Four Zero-Days

Sergiu Gatlan:

Proof-of-concept exploit code for three iOS zero-day vulnerabilities (and a fourth one patched in July) was published on GitHub after Apple delayed patching and failed to credit the person who reported them.

Via Andy Ihnatko:

Defenders of a multi-trillion-dollar company can’t whine “But this stuff is harrrrrd…they operate at scaaale” in the face of evidence that Apple crunched all the numbers and found that the company’s DGAF Index on this issue was too high to merit action.

This is another moment when I remind everybody that Apple moved heaven and earth to refit and equip its stores to accommodate the sale of $12,000 solid gold gadget watches. They are capable of properly crediting a security researcher who’s saving our collective asses.

Finally: when they decline to properly recognize the people whose independent research makes iPhones safer, they’re actively discouraging them from disclosing deathly security problems via the route that’s keeps things safest for iPhone users: a confidential report to Apple.

This is why every time Apple defends itself from criticism by claiming that their actions, decisions, policies, whatever are “in the best interests of our users,” I nod and write “Apple responded to the controversy by making a sequence of noises familiar to seasoned observers.”

Denis Tokarev:

I want to share my frustrating experience participating in Apple Security Bounty program. I’ve reported four 0-day vulnerabilities this year between March 10 and May 4, as of now three of them are still present in the latest iOS version (15.0) and one was fixed in 14.7, but Apple decided to cover it up and not list it on the security content page. When I confronted them, they apologized, assured me it happened due to a processing issue and promised to list it on the security content page of the next update. There were three releases since then and they broke their promise each time.

Ten days ago I asked for an explanation and warned then that I would make my research public if I don’t receive an explanation. My request was ignored so I’m doing what I said I would. My actions are in accordance with responsible disclosure guidelines (Google Project Zero discloses vulnerabilities in 90 days after reporting them to vendor, ZDI - in 120). I have waited much longer, up to half a year in one case.

Juli Clover:

Three others remain unaddressed, including a Game Center bug that allegedly allows any app installed from the App Store to access full Apple ID email and name, Apple ID authentication tokens, lists of contacts, and some attachments.

Denis Tokarev (Hacker News, MacRumors):

Only after I had published a post detailing three iOS 0-day vulnerabilities and expressing my frustration with Apple Security Bounty Program, I received a reply from Apple:

We saw your blog post regarding this issue and your other reports.

We apologize for the delay in responding to you. We want to let you know that we are still investigating these issues and how we can address them to protect customers. Thank you again for taking the time to report these issues to us, we appreciate your assistance.

Please let us know if you have any questions.

Indeed, I do have questions. The same ones that you have ignored. I’m gonna repeat them. Why was the fix for analyticsd vulnerability quietly included in iOS 14.7 update but not mentioned on its security content list? Why did you promise to include it in the next update’s list but broke your words not once but three times? Why do you keep ignoring these questions?

[…]

So in this article I’m going to dispute the claim that the App Store is safe, voice my complaints about the App Store review process and provide a detailed explanation (including source code) how malicious apps on the App Store conceal their functionality from the App Store review team and are able to sneak into the App Store.

nbzso:

Until we have some outrageously horrible events which will affect directly general population, all this facts will be comfortably avoided and “mitigated”.

This is systemic problem derived not only from bad management and absence of responsibility.

Denis Tokarev:

Apple quietly fixed gamed vulnerability in iOS 15.0.2 without giving me credit. Took them 7 months to fix it! Both of my other 0-days are still unpatched.

Denis Tokarev:

After this I’ve sent 2 emails to Apple, complaining about lack of credit for gamed and analytics vulns. They replied to the first one pretty fast (6hrs) saying “We ask you treat the following information as confidential”.

[…]

However, they haven’t replied to my second email continuing to ignore my questions about analyticsd vulnerability which I asked exactly a month ago.

Sergiu Gatlan (via Hacker News):

Other bug bounty hunters and security researchers have also reported having similar experiences when reporting vulnerabilities to Apple’s product security team via the Apple Security Bounty Program.

Some said bugs reported to Apple were silently fixed, with the company failing to give them credit, just as it happened in this case.

Thomas Reed:

It’s no great surprise to anyone that Apple has a rocky relationship with many security researchers. Years ago, well-known researcher and co-author of the book “The Mac Hacker’s Handbook”, Charlie Miller, figured out how to get a “malicious” proof-of-concept app into the App Store, and reported this to Apple after having achieved it. His reward? A lifetime ban from Apple’s developer program.

This says a lot about Apple’s relationship with third-party security researchers. Unfortunately, things haven’t changed much over the years, and this is a constant cause of strains in the relationship between Apple and the people trying to tell it about security issues. During the conference, Apple got booed several times by the audience following reports from OBTS speakers of mismanaged bug reports and patches.

What is it that Apple has been accused of doing? There have been multiple offenses, unfortunately. First, a number of security researchers have reported getting significantly lower bug bounties from Apple’s bug bounty program than they should have earned. For example, Cedric Owens (@cedowens) discovered a bug in macOS that would allow an attacker to access sensitive information. Apple’s bug bounty program states that such bugs are worth up to $100,000. They paid Cedric $5,000, quibbling over the definition of “sensitive data.” (For the record: Cedric’s bug absolutely gave access to what any security researcher or IT admin would consider sensitive data… more on this later.)

Other researchers have reported similar issues, with significantly reduced payments for bugs that should have qualified for more. Further, there is often a significant wait for the bounties to be paid, after the bugs have been fixed—sometimes six months or more. Apple also had a tendency to “go silent,” not responding to researchers appropriately during the process of handling bug reports, and has repeatedly failed to properly credit researchers, or even mention important bugs, in its release notes.

Previously:

Thursday, October 28, 2021 [Tweets] [Favorites]

Swift Concurrency for Older OS Versions

Xcode 13.2 Beta:

You can now use Swift Concurrency in applications that deploy to macOS 10.15, iOS 13, tvOS 13, and watchOS 6 or newer. This support includes async/await, actors, global actors, structured concurrency, and the task APIs.

See also: Swift concurrency back deployment. The memory corruption issues are apparently fixed, too.

Previously:

Update (2021-10-29): John Sundell:

Although Swift 5.5’s new concurrency system is becoming backward compatible in Xcode 13.2, some of the built-in system APIs that make use of these new concurrency features are still only available on iOS 15, macOS Monterey, and the rest of Apple’s 2021 operating systems.

[…]

Thankfully, the above problem is something that we can fix ourselves, since Swift’s new concurrency system ships with a continuation mechanism that lets us retrofit existing code with async/await support.

Here’s how we could use that mechanism to replicate the above async/await-powered URLSession API in order to make it available all the way back to iOS 13[…]

Update (2021-12-16): Dimitri Bouniol:

Now that Swift’s concurrency system is backwards compatible with iOS 13/Catalina, here are a few packages you might want to check out!

Update (2022-01-31): Doug Gregor:

For folks using #SwiftLang concurrency on older Apple platforms, Xcode 13.3 beta addresses launch-time crashes reported on earlier OS versions (eg iOS 12, macOS 10.14).

Update (2022-04-27): Ole Begemann:

Boy, this back-deployment of Swift features is complicated.

tl;dr: Critical concurrency bug fixes that shipped in iOS 15.4/macOS 12.3 don’t magically make it into the concurrency runtime used on iOS 13/14.

Photoshop for the Web Public Beta

Google (Hacker News):

The idea of running software as complex as Photoshop directly in the browser would have been hard to imagine just a few years ago. However, by using various new standardized web technologies, Adobe has now brought a public beta of Photoshop to the web.

[…]

Adobe previously brought Spark and Lightroom to the web and had been interested in bringing Photoshop to the web for many years. However, they were blocked by the performance limitations of JavaScript, the absence of a good compile target for their code, and the lack of web capabilities. Read on to learn what Chrome built in the browser to solve these problems.

[…]

WebAssembly and its C++ toolchain Emscripten have been the key to unlocking Photoshop’s ability to come to the web, as it meant that Adobe would not have to start from scratch, but could leverage their existing Photoshop codebase. WebAssembly is a portable binary instruction set shipping in all browsers that was designed as a compilation target for programming languages. This means that applications such as Photoshop that are written in C++ can be ported directly to the web without requiring a rewrite in JavaScript.

John Gruber:

Unsurprisingly, supported only in Chrome and Microsoft Edge, but an impressive demonstration of just how rich a platform Chrome is for something like this.

Previously:

Texas vs. Google Second Amended Complaint

Nick Heer (PDF, Hacker News):

Twelve U.S. Attorneys General, led by Texas’ Ken Paxton, amended their suit against Google with fewer redactions and plenty more allegations than first seen ten months ago.

Keach Hagey and Tripp Mickle (via Hacker News):

Google takes a cut of 22% to 42% of U.S. ad spending that goes through its systems, according to a newly unredacted lawsuit by state attorneys general, shedding new light on how the search giant profits from its commanding position in the internet economy.

The share the Alphabet Inc. subsidiary takes of each advertising transaction on its exchange—a marketplace for ad buyers and sellers—is typically two to four times as much as the fees charged by rival digital advertising exchanges, according to the suit, which is being led by Texas.

Thomas Claburn (Hacker News):

Header bidding emerged around 2015 as a way to bypass Google’s control of the ad auction ecosystem and the fees it charged. By 2016, the court filing explains, about 70 per cent of major publishers were using header bidding to offer their ad space to multiple ad exchanges at the same time, not just Google, to get the best deal from advertisers.

“Google quickly realized that this innovation substantially threatened its exchange’s ability to demand a very large – 19 to 22 percent – cut on all advertising transactions,” the revised complaint says. “Header bidding also undermined Google’s ability to trade on inside and non-public information from one side of the market to advantage itself on the other – a practice that in other markets would be considered insider trading or front running.”

Initially, the amended complaint says, Google appeared to accommodate publishers by allowing them to use its servers to send their ad space inventory to be sold on more than one exchange at a time.

Patrick McGee:

Google’s response - “secretly made its own exchange win, even when another exchange submitted a higher bid,” complaint alleges.

The program’s name: Jedi.

Google’s own words: Jedi program “generates suboptimal yields for publishers and serious risks of negative media coverage if exposed externally.”

fasterthanlime (Hacker News):

google appears to have a team called gTrade that is wholly dedicated to ad market manipulation

Google had a plan called “Project NERA” to turn the web into a walled garden they called “Not Owned But Operated”. A core component of this was the forced logins to the chrome browser you’ve probably experienced (surprise!)

Patrick McGee (Hacker News):

Facebook and Google allegedly agreed on quotas for how often Facebook would win publishers’s auctions -- “literally manipulating the auction with minimum spends and quotas for how often Facebook would bid and win,” complaint alleges.

John Gruber:

Re: false claims about AMP performance (p. 90):

After crippling AMP’s compatibility with header bidding, Google went to market falsely telling publishers that adopting AMP would enhance page load times. But Google employees knew that AMP only improves the “median of performance” and AMP pages can actually load slower than other publisher speed optimization techniques. In other words, the ostensible benefits of faster load times for a Google-cached AMP version of a webpage were not 90 true for publishers that designed their web pages for speed. Some publishers did not adopt AMP because they knew their pages actually loaded faster than AMP pages.

The speed benefits Google marketed were also at least partly a result of Google’s throttling. Google throttles the load time of non-AMP ads by giving them artificial one-second delays in order to give Google AMP a “nice comparative boost.” Throttling non-AMP ads slows down header bidding, which Google then uses to denigrate header bidding for being too slow. “Header Bidding can often increase latency of web pages and create security flaws when executed incorrectly,” Google falsely claimed. Internally, Google employees grappled with “how to [publicly] justify [Google] making something slower.”

Tom MacWright:

google… intentionally slowed down non-amp ads to give amp a “comparative boost”?

Laurie Voss:

I don’t think enough has been made of the discovery that Google’s funding of AMP was an explicitly anti-competitive move designed to limit competition from other ad exchanges and what enormous damage this does to Google’s credibility with developers:

Google pushed AMP into a privileged place in search results and said it was a pro-consumer move to make the web faster. Publishers implemented it to get higher placement and in the process locked themselves into Google’s ad exchange. That boosted Google revenue at their expense.

[…]

Google got good people inside and outside of Google to commit to developing and propagating AMP and to buy in to the vision of making the web faster. But now we know that even the people who worked on AMP at Google were in the dark about its real purpose.

Anil Dash:

For non-developers, it may be hard to understand why this is such a big betrayal. But the bottom line is it fundamentally undermines the trust that so many had in Google’s technical motives, especially seeing their own devs (and developer advocates) apparently got duped too.

Many of us were skeptical about this particular technology for various implementation reasons (the stated goal of making web pages load faster is pretty non-controversial) but had been willing to believe that the motivation wasn’t solely anticompetitive. That’s dead now.

Patrick McGee:

In 2015, Google signed agreement with WhatsApp to give users option of backing up their messages.

Users were led to believe they were encrypted. They were not.

Google knew users were mislead.

Leah Nylen (Hacker News):

Google sought to use an August 2019 meeting with fellow tech giants Apple, Facebook and Microsoft to stall federal efforts to strengthen a children’s online privacy law, attorneys general for Texas and other states alleged in newly unsealed court documents on Friday.

Google also bragged about “slowing down” new privacy rules in Europe that would apply to digital services like services such as WhatsApp, Facebook Messenger and Microsoft’s Skype, according to internal documents quoted by the states.

Previously:

Update (2021-11-12): Sarah Gooding:

During an (AMA) live Q&A session with Chrome Leadership, ex-AMP Advisory Board member Jeremy Keith asked a question that echoes the sentiments of developers and publishers all over the world who are viewing Google’s leadership and initiatives with more skepticism:

Given the court proceedings against AMP, why should anyone trust FLOC or any other Google initiatives ostensibly focused on privacy?

The question drew a tepid response from Chrome leadership who avoided giving a straight answer.

The Facebook Papers

Isobel Asher Hamilton and Katie Canales (via Hacker News):

Seventeen US news organizations on Monday said they had reviewed leaked internal documents obtained by former Facebook employee-turned-whistleblower Frances Haugen.

Their reports on the documents span a wide variety of issues at the company, including its fading popularity with teens, its ability to counter hate speech, and its treatment of politicians.

David Pierce Anna Kramer:

Before it was The Facebook Papers, of course, it was The Facebook Files, a Wall Street Journal series that included the first looks at many of Haugen’s documents. (You can read the backstory of that name change, along with more details on the consortium of journalists that worked together on the Papers stories, from The New York Times.)

The stories started to publish last Friday night, but landed with a bang Monday morning and have been coming out ever since. Since they’re spread across lots of publications, we’ve rounded them all up in one place (in no particular order), to make them easier to find and read.

Nick Heer:

One thing I am trying to keep straight in my own head, as more reporting is published, is the source of different leaks. The Wall Street Journal’s “Facebook Files” series is primarily sourced to documents from Haugen, as are stories from other publications collected under the “Facebook Papers” banner. But a story on Friday from the Washington Post is sourced to a different whistleblower.

One thing that remains unclear is whether Haugen and her team supplied these documents to the other outlets, or if they received them from a third party.

Russell Brandom, Alex Heath, and Adi Robertson:

Facebook scrambled to address human trafficking content after Apple threatened to kick its apps off the iOS App Store, a leaked SEV (or Site Event) report shows. The report, referenced briefly by The Wall Street Journal’s Facebook Files reporting, indicates that Apple threatened to pull Facebook and Instagram from iOS on October 23rd of 2019.

[…]

The Wall Street Journal first revealed that news outlets and political parties had complained about users favoring negative and hyperbolic content. Facebook was considering ways to fix the problem, and one method involved re-weighting the News Feed to optimize for “civic health” instead of primarily focusing on meaningful social interactions or session time.

[…]

A highly publicized plan from early last year to hide like counts on Instagram never happened because testing the change hurt ad revenue and led to people using the app less.

Ellen Cushing:

But these documents show that the Facebook we have in the United States is actually the platform at its best. It’s the version made by people who speak our language and understand our customs, who take our civic problems seriously because those problems are theirs too. It’s the version that exists on a free internet, under a relatively stable government, in a wealthy democracy. It’s also the version to which Facebook dedicates the most moderation resources. Elsewhere, the documents show, things are different. In the most vulnerable parts of the world—places with limited internet access, where smaller user numbers mean bad actors have undue influence—the trade-offs and mistakes that Facebook makes can have deadly consequences.

Previously:

Acquiring Kaleidoscope

Christopher Atlan:

When an app is transferred to a new owner, the historical revenue data is not transferred. And because it was only recently transferred from Black Pixel to Hypergiant, we had to look for other sources of data to find the trailing twelve months (TTM) revenue, which was needed to have an overview of the app’s financial performance.

We weren’t able to get all the Kaleidoscope graphic assets. And we had no way of looking up references to issues that were noted in the source code because bug reporting and customer support history were no longer available.

[…]

After reviewing the pros and cons of each option, we ultimately decided on taking out a loan from a bank. We were able to get a six-year term, which provides the freedom to try and make the app profitable. We have two years to try and make it work. If it doesn’t, the six-year timeframe makes monthly repayments manageable in a scenario where we’d have to downsize the team.

Previously:

Wednesday, October 27, 2021 [Tweets] [Favorites]

iPhone 13 Pro Max vs. Pixel 6 Pro

Juli Clover:

Shortly after the launch of the new iPhone 13 models in September, Google came out with the Pixel 6 and the Pixel 6 Pro, its latest flagship devices, which are feature rich and priced at $599 and $899 respectively.

[…]

With smartphone cameras this advanced, both the iPhone 13 Pro Max and the Pixel 6 Pro take incredible photos and there’s often not a lot of difference in quality just because they’re both offering excellent camera options.

[…]

Google also built in some neat little features to its Pixel 6 Pro camera. There’s a Magic Eraser that can use the Tensor chip inside to erase objects that you don’t want from a photo, and it works super well so it’s a great option to have available natively.

Ben Schoon:

The Pixel 6 Pro is Google’s first true flagship with top-tier specs and the company’s own chipset under the hood, and it’s exactly what Google needed to put out at this moment in time.

[…]

The mediocre performance of the Pixel 5 last year left me mostly sticking with other devices such as the Galaxy Z Fold 2/3 and Galaxy S21 Ultra, but over the past few days, I’ve been reminded why I love using a Pixel so much. Google’s software tricks are just so good, and they can’t be had anywhere else.

[…]

On a hardware level, the Pixel 6 Pro offers a 50MP primary sensor that’s physically larger than the 12MP sensor in previous versions. That’s backed up by a 12MP ultrawide camera and a third 48MP sensor with a telephoto lens.

[…]

But the more important addition is the telephoto lens, which offers the Pixel 6 Pro a 4x optical zoom and digital zoom up to 20x. The results from the telephoto lens are not nearly as impressive as what Samsung’s Galaxy S21 Ultra pulls off with its 10x lens, but it’s hard to be unhappy with Google’s offering here.

Previously:

Russia Investigates App Store

Sami Fathi:

Russia’s FAS, or Federal Antimonopoly Service, has launched a formal investigation into Apple over alleged violation of antitrust laws about the App Store and Apple’s restrictions that do not allow developers to link to third-party payment methods outside of the platform.

In August, FAS issued a warning to Apple to “stop violating antimonopoly legislation” by not inhibiting developers from directing users to make in-app purchases from outside the App Store , such as on the web. Apple “did not comply with the warning,” according to a press release from the agency, and therefore a case has been opened against Apple on the grounds of violating antitrust laws.

Previously:

iOS 15.1 and iPadOS 15.1

Federico Viticci:

15.1 mostly focuses on enabling SharePlay (which was announced at WWDC, then postponed to a later release a few months ago), rolling Safari back to a reasonable design, and bringing a few tweaks for the Camera app and spatial audio.

Juli Clover:

When the iPhone 13 Pro models launched, Apple promised that a high-quality ProRes video option would be coming in an update, and it has arrived in iOS 15.1.

[…]

For macro shots, the iPhone 13 Pro models switch over to the Ultra Wide lens when the iPhone’s camera gets close to an object, which some people are not a fan of because it can be difficult to get a shot with the camera lenses swapping back and forth.

[…]

iPhone users who have added their COVID-19 vaccination records to the Health app on the iPhone can now use those records to generate a vaccination card in the Wallet app. The Apple Wallet vaccination card can be shown to businesses, venues, restaurants, and more that are requiring vaccines for entry.

Damien Petrilli:

Another iOS update, and Apple re-enabled Apple Music again.

Previously:

Final Safari 15 Fixes Favorites Bar and Tabs

Jason Snell (MacRumors):

Yep, that’s the Safari Favorites Bar, now located above the tabs.

If you don’t use the Favorites Bar, maybe you won’t care. I use the Favorites Bar a lot, and I hated Apple’s decision to move it beneath the tabs.

Juli Clover:

As noted by Daring Fireball’s John Gruber, iOS 15.1 beta 4 also includes the same Safari design tweak with the Favorites bar located above the tabs.

John Gruber:

The full Bookmarks menu on iPad, alas, still remains hidden in the sidebar. That’s a weird one.

Steve Troughton-Smith:

As per the new macOS 12 page on Apple.com, the Safari redesign is toast on macOS and iPadOS! Compact tab bar mode is still an option, but regular tabs are back!

John Gruber:

Safari 15 on iPadOS 15.1 comes along for the ride too.

We’re left with one single design mistake in Safari 15 across all platforms: the close buttons for tabs being on the right instead of the left on iPhone. Pretty good outcome given what was shown back at WWDC.

Steve Troughton-Smith:

In all the distraction caused by the Safari tab bar in macOS 12, I feel like nobody noticed that pinned tabs are incompatible with tab groups 🤔 And closing(/‘deleting’) a tab group leaves you with no way to undo the operation. There’s just no permanence to tab group tabs at all

Eric Slivka:

Safari 15.1 now features a standard Big Sur tab design, which is enabled by default and is labeled "Separate" in Safari preferences.

[…]

As with Safari in the macOS Monterey release candidate, the new Safari 15.1 beta also scales back on the option to have the Safari window chrome blend in with websites, moving the option to the Accessibility section of the Advanced page in Safari preferences and limiting it to only the Compact Tab Bar design.

Previously:

Monday, October 25, 2021 [Tweets] [Favorites]

Photos in iOS 15 and Monterey

Jason Snell:

The Memories feature has been completely reworked into a dynamic multimedia slideshow—though it won’t arrive on macOS until later on in the cycle. New sharing features make it easy to pluck images out of Messages and pop them into your library—and in the case of some images, they’ll show up in there even when you don’t ask them to.

Every year, Apple seems to apply more machine-learning algorithms to scan your photo library, and this year is no exception. The system now identifies all sorts of objects, scans all the text found in images, and exports a lot more of that data into Spotlight search.

[…]

Beginning with macOS Monterey, Photos can import the contents of one Photos library into another—with a few important limitations. All the photos will be imported from the other library into the one you’re currently using. However, your albums and keywords will be left behind, so don’t consider this a complete merger. It’s more accurate to think of this as importing all the images from one library into another, just as you’d import images from a camera.

Federico Viticci:

Besides Live Text, the most relevant changes to Photos this year involve integration with Look Up and, at long last, the ability to view rich metadata for images inside the app.

[…]

The company also claims “expert film and TV music curators” selected a set of default songs for Memories, which are combined with your music tastes, the contents of your photos, their original date, and their location to recommend songs that where popular when and where you captured an image or video.

I don’t know how to put this: either these curators need a crash course in music industry news, or the algorithm is way off on my iPhone.

Ryan Jones:

This was driving me mad… iOS 15 live text photo search only works via Spotlight, not Photos.app. 🤦‍♂️ So dumb.

Kyle Howells:

Just tried using the memories feature of the Photos app in iOS 15 and it’s such a big downgrade for how I used it.

It used to basically be my favourite video editor. I could point it at an album of photos and tell it to make a video. Then go in and manually edit each photo and video clip segment included.

Now it’s just a slideshow that plays music at the same time.

[…]

Before, when it guessed wrong and showed you a clip of the video which ends just before the bit you actually what to see, you could press edit & adjust which bit of the video it includes in the memory video.

Now those controls are completely gone. You get what it gives you.

Greg Hurrell:

Last time, a bunch of photos mysteriously disappeared after importing into Photos app and then updating. And it’s not just my device. Partners phone also has problems syncing to a different Apple computer. So much for seamless integration.

Previously:

macOS 12.0 Monterey Released

Apple (Hacker News):

Connect, share, and create like never before. Say hello to exciting new FaceTime updates. Explore a redesigned Safari. Discover and invent powerful new ways to work using Universal Control and Shortcuts. Stay in the moment with Focus. And so much more.

Mr. Macintosh:

This database will contain download links for macOS 12 full Installer pkg files (InstallAssistant.pkg). This file is the same full installer that you would download directly from the App Store for Intel and Apple Silicon M1 Mac Computers. The InstallAssistant.pkg is stored on Apple’s servers and contains the full “Install macOS.app”. Once downloaded, all you need to do is install the pkg and the full installer of macOS will be in your applications folder.

Juli Clover:

macOS Monterey adds quite a few features that have already been introduced on iOS devices with iOS 15 and iPadOS 15. FaceTime has gained spatial audio support and voice isolation to cut down on background noise, and in the future, it will work with the SharePlay feature for screen sharing and watching tv and movies with friends and family over FaceTime.

[…]

To give a better overview of all of the new features that Apple has brought to the Mac with macOS Monterey, we have a dedicated macOS Monterey roundup that’s available.

John Voorhees:

Monterey’s focus is all about system apps, a topic near and dear to me. With the technical building blocks in place and a refined design out of the way, Monterey is one of the most tangible, user-facing payoffs of the past three years of transition. More than ever before, Apple is advancing system apps across all of its platforms at the same time. Finally, everything is everywhere.

However, as much as it pleases me to see the groundwork laid in years past pay dividends in the form of new features being rolled out simultaneously on all platforms, Monterey’s payoff isn’t an unqualified success. Every OS release has its rough spots, but this year, Shortcuts is especially rough.

Michael Potuck:

Just last week, Apple confirmed that Universal Control will be coming “later this fall,” and not with the initial launch of macOS Monterey.

And although SharePlay has been enabled for all users on iPhone and iPad with iOS 15.1, the feature has been pushed to “later this fall” as well.

Howard Oakley:

When Apple announced details of Monterey in the summer, features varied considerably according to model. To help discover exactly what your Mac would benefit from when upgraded, I produced a chart.

David Sparks:

Once you get it installed, there are several features that I found delightful through the beta[…]

Stephen Hackett:

I’ve added macOS 12 to my macOS Screenshot Library for your viewing pleasure[…]

Previously:

Update (2021-10-29): Jason Snell:

The big new features of iOS 15 and iPadOS 15 are also the big new features of macOS Monterey.

Unfortunately, some of the biggest features are still missing. The most important new feature in Photos is missing from the Mac, though Apple says it will arrive soon. And one of the biggest features being imported to the Mac from iOS, Shortcuts, is in a half-finished state.

[…]

On the Mac, the Shortcuts app feels like something from an entirely different operating system—or maybe solar system. Editing items becomes a process of hunting and clicking for just the right gesture that will get you what you want—there’s nothing like trying to insert a Smart Variable in the proper place by precisely control-clicking in a text field. In a Save File action, the Replace option doesn’t offer to replace the file you’re saving, but changes which folder the file will be saved into. Pop-up windows are awkward. Keyboard support is weak.

[…]

Most notably, macOS Monterey does nothing to address the failure of notifications, Notification Center, and widgets from macOS Big Sur.

And there are even more alerts that are narrow.

Andrew Cunningham:

The Finder’s Go To Folder (or Command-Shift-G) search field has been reworked with a design that more strongly resembles the Spotlight search box. It will offer to autocomplete your folder path for you, and your most recent locations will be displayed without needing to click-through to a drop-down menu first.

When hovering over a folder in a Finder window, holding the Option key will show you the full path of the folder in the lower-left corner of the window, and you can click anywhere in the path to hop up to the parent directories or parent volume. Right-click any folder within that path, and you can copy the path to the Clipboard, view the folder in its parent directory, or open a Terminal window that has already navigated to that directory.

[…]

It turns out that whether you’re using an Apple Silicon or an Intel Mac, Low Power Mode operates primarily by reducing CPU clockspeed, thus reducing CPU voltage. Examining Activity Monitor while running Geekbench 5, we saw all eight of the M1’s cores being lit up in similar patterns whether Low Power Mode was enabled or not.

[…]

After a big year with Big Sur, Monterey is a return-to-form macOS update. Most people will be able to find at least one or two new things that they really like. Other people will continue using it without noticing that it’s different. And it would benefit from a major bugfix update or two. The hardware is changing a lot, but macOS remains macOS.

Jason Snell:

When you copy a file in macOS Monterey’s Finder, you will see a floating copy window, of course[…] There’s just one thing about that window that’s unusual. The red circle used to close windows, inactive in previous versions of macOS, is now active. […] Once you close the window, it won’t reappear for subsequent operations until you choose Show Progress Window from the Window menu. But Finder is still providing you with some feedback that a copy operation is happening. In List views, a circle to the right of the filename slowly fills in clockwise until the copy is done. In Icon views, a progress bar fills from left to right across the bottom of the icon.

MacMule:

After upgrading to macOS Monterey, you might see notifications like the above [overlayed with a circle and a slash].

If so, the simple solution is to logout and then back in (or restart).

Tim Hardwick:

There have been several reports on Reddit, Apple’s Developer Forums, and Apple’s Support Communities about the issues. In some cases, users say the the USB 3.0 ports on their hub no longer work since upgrading to Monterey, while HDMI, USB-C, and other hub ports continue to work as expected.

See also: Hacker News, Rene Ritchie and John Gruber.

Update (2021-11-15): Monica Chin:

Downloading macOS Monterey, by contrast, has not impacted my life much. I installed the first beta over the summer, forgot that I was using it within a few days, and tried to download it again the following week. It looks like Big Sur, with some tweaks here and there. Many of them seem to be catch-up efforts, equipping Monterey with features that iOS (or competitors) already had. A few of the features are useful for me, but they’re features you have to seek out and set up. And we’re still waiting on some of the most innovative parts of Monterey that Apple announced earlier this year to arrive.

So my ultimate view on this operating system is, “Sure.” It’s a stable release that I’ve been using reliably for a few months. Nothing’s terribly broken. If you’re someone who prefers to exercise maximum caution and wait a while before upgrading, you’re also not missing all that much.

Sami Fathi:

macOS Monterey, released last week as the latest version of macOS, is bricking older Mac computers, rendering them unusable and unable to even turn on, according to a number of reports from users across social media and online forums.

Previously:

iPod at 20

Roger Cheng (via Joe Rossignol):

When Apple executive Jon Rubinstein, who had been tasked with creating a music player, came knocking in early 2001, Fadell was already working on his own startup, Fuse Systems, with the goal of creating a mainstream MP3 player. It was a nascent market, with more than a dozen players from different companies including Creative Labs and RCA. The problem: Sales of the devices, which cost a few hundred dollars apiece, only totaled 500,000 units in 2000, according to the Consumer Electronics Association. Fuse itself faced plenty of rejection. Still, Fadell saw the Apple consulting gig as a chance to keep his own project alive.

[…]

After a few weeks of negotiations with Jobs, Fadell joined Apple in April 2001 and assembled a team made up of Fuse and General Magic employees to put together what would become the iPod. The project immediately faced an uphill challenge. The team needed to work with a lot of new components, including a brand new hard drive from Toshiba that Rubinstein, who oversaw the whole project, identified as the key ingredient for the iPod.

Other breakthroughs included new software for the user interface and a then-new kind of lithium ion pack, giving the device 10 hours of battery life that far exceeded anything else in the market.

[…]

Jobs told Fadell he was going to throw marketing dollars at the iPod, pulling resources from its core Mac business. And even though sales of the original iPod and the follow-up version didn’t light any fires, Jobs followed through.

Cabel Sasser (tweet, Hacker News):

Sure, Apple had made other things before (QuickTake! PowerCD!) but they never really felt committed to those things. […] I have fond memories of Dave (who now works on Playdate) reverse-engineering the iPod database storage format so that you could use Audion to load songs onto it. I remember how plain fun it was to use — that click wheel, the original fidget toy! It was cool that I could use it as a tiny portable hard drive. The iPod was really good.

[…]

Now, there are a lot of mysteries in the Panic Archives (it’s a closet) but by far one of the most mysterious is what you’re seeing for the first time today: an original early iPod prototype.

[…]

A (literally) small easter egg, but I loved this so much. It felt like classic Apple — engineers and designers just having a little fun before things got so big and serious — a tiny reminder that actual humans made the polished things I enjoyed. So of course, Apple removed it from a later firmware revision when the press noticed. Times were changing. (In solidarity, I registered https://☃.net.)

Tony Fadell:

This is a P68/Dulcimer iPod prototype we (very quickly) made before the true form factor design was ready. Didn’t want it look like an iPod for confidentiality - the buttons placement, the size - it was mostly air inside - and the wheel worked (poorly)

Om Malik:

When iPod launched, digital music was a mess. Napster had awakened us to the potential of digital and online music, but the dream was a nightmare. The music industry hated Silicon Valley. (It still does.) You had to buy compact discs, rip them and then put those files onto your devices. These digital music players had exotic names — iRiver, Rio, and Creative Labs, for example. I had them all. I hated them all, though iRiver was pretty awesome for its time. We were so close, yet so far. Against that backdrop came the iPod.

Eamonn Forde (via Hacker News):

In 2001, the record business was in freefall due to digital piracy, and the best way out of this accelerating crisis came in the shape of a white device the size of a deck of cards. The iPod, launched 20 years ago this week, was also how Apple’s Steve Jobs was able to prey on a failing business in order to avenge his own past failures – exiled between 1985 and 1997 from the company he co-founded – by turning Apple into the most profitable company in history.

[…]

Teeth were gnashed at the time, but labels had to accept that Apple steered them into a future they could not have reached under their own steam. “In effect, [Apple’s dominance of legal downloads] was the price you paid for entry into the creation of a legitimate marketplace,” shrugs Berman. “The creation of iTunes was the whipped cream on top. It really did create a sense, once things got off the ground, that this had rescued the recording industry.”

Ali Partovi:

In 2007, my music startup, iLike, had pioneered a way for fans to follow artists and watch their videos in a feed.

[…]

Our service was so popular that it was the top driver of affiliate sales to iTunes Music Store. I naively thought a record industry in decline would embrace us as saviors. How wrong I was!

[…]

I was excited to meet the legendary Jimmy Iovine. He was the top record mogul, with an enviable roster that included Eminem, Black Eyed Peas, and my favorite band, U2. One of his lieutenants had summoned me with overtures about a “partnership.”

[…]

Jimmy repeated with emphasis: “You’re building a business off our backs. I can cause enormous harm to you, unless you give us our share. If you want to stay in business, you need to give us 50% of your company.”

Jimmy demanded half our equity simply to continue what we were already doing legally! He started lamenting that he should never have licensed music to iTunes without getting Apple stock, because Apple had built an empire “off our backs.”

Update (2021-10-28): Jack Wellborn:

Flash forward to a few years later, when my mother decided to get my father an iPod for Christmas. Still relatively poor, my role in the gift would be to put my father’s music on the device. This was no small task. My father is an avid music listener and had amassed close to 200 CDs at the time. I persevered, knowing that being able to hold his entire library would be a magical moment for my father. It was. To this day he still prefers his iPod Classic over pretty much any other device, including his iPhone.

Apple Updates Guidelines for Cameron Settlement

Joe Rossignol:

Apple today announced it has updated its App Store Review Guidelines with three key changes related to outside-of-app communications, collecting contact information within an app, and in-app events featured in the App Store.

[…]

Specifically, Apple removed the following sentence from section 3.1.3 of the guidelines:

Developers cannot use information obtained within the app to target individual users outside of the app to use purchasing methods other than in-app purchase (such as sending an individual user an email about other purchasing methods after that individual signs up for an account within the app).

Second, a new guideline under section 5.1.1 (x) indicates that apps may request basic contact information, such as a name and email address, so long as the request is optional for the user, features and services are not conditional on providing the information, and it complies with all other provisions of the guidelines.

Previously:

Thursday, October 21, 2021 [Tweets] [Favorites]

Google Play Store Drops Fees on Subscriptions and Content

Sameer Samat (MacRumors, Hacker News):

To help support the specific needs of developers offering subscriptions, starting on January 1, 2022, we’re decreasing the service fee for all subscriptions on Google Play from 30% to 15%, starting from day one.

For developers offering subscriptions, this means that first-year subscription fees will be cut in half.

This applies to all developers, whereas the previous cut to 15% was for after the first year or for non-subscription revenue below $1 million.

Ebooks and on-demand music streaming services, where content costs account for the majority of sales, will now be eligible for a service fee as low as 10%.

Meanwhile, Apple recently implied that the App Store Small Business program is only temporary.

Previously:

Update (2021-10-25): See also: Hacker News.

Ryan Jones:

Subs pay 15%
IAP’s pay 30%

…so every Game has a 15% incentive to turn their gem IAP’s to a subscription.

There is also a good discussion in the 10/22 episode of Dithering.

Yahoo Finance App Removed From Chinese App Store

Sophia Yan:

Chinese internet users have lost one of their last avenues to foreign news after the Yahoo Finance app disappeared from Apple’s store, as the Communist Party intensifies its censorship of information from abroad.

The Yahoo app republishes news from foreign media organisations, including outlets whose websites are blocked in China, such as Bloomberg and Reuters, as well as stock market data.

This allowed users to skirt official censorship bans, a feature that likely drew the ire of Chinese authorities.

Mikey Campbell:

Days prior to its App Store expulsion, Yahoo Finance republished a Bloomberg story critical of China’s crackdown on the tech industry, the report said. The article contained reference to supposed preferential treatment afforded to Apple in exchange for compliance with government requests, including app takedown notices.

[…]

More recently, Apple last week reportedly pulled Quran Majeed at the behest of government officials. Other apps that present users with religious texts and material, including “Olive Tree Bible,” “Holy Bible King James” and “Jehovah’s Witnesses Kingdom,” were also expelled from China’s App Store.

Previously:

On The Much Improved State of Macintosh Hardware

Quentin Carnicelli:

Back in mid-2018, there wasn’t a single Macintosh computer that was free of major drawbacks or otherwise ridiculously out of date. After yet another disappointing WWDC, I took to my keyboard to air some grievances, with a lengthy complaint entitled “On The Sad State of Macintosh Hardware”. That post was written out of a deeper frustration with Apple’s failure to keep the Mac product line current.

A little over three years later, it’s time to do the opposite. With Apple’s announcement of new M1 Pro- and M1 Max-based MacBook Pros, they are more than halfway through their transition from Intel to their own Apple Silicon chips. The state of Macintosh hardware is now much closer to “Jubilant” than “Sad”.

The biggest Mac problem is still software quality.

Previously:

Yoink for iOS Uses Picture-in-Picture

Matthias Gansrigler:

After releasing Yoink v2.3, which brought the app up-to-speed on all things iOS 15, I have another great update out for Yoink for iPad and iPhone, which allows you to make the app monitor your clipboard in the background and save almost anything you copy or cut.

[…]

So in addition to sharing content to Yoink with its Share extension, manually pasting content into the app, and Siri Shortcuts, you can now have anything you copy stored automatically in Yoink.

Federico Viticci (tweet):

The result is unlike anything else I’ve seen on iOS and iPadOS, and it unlocks the kind of flexibility and peace of mind I’ve long missed from macOS. It’s almost too good to be true, and I hope I won’t cause any trouble by writing about it.

[…]

Several years ago back when Pastebot was also available on iPhone, Tapbots attempted to let it run persistently in the background by playing a silent audio track that would trick iOS into not suspending Pastebot when it was closed. The feature was promptly shut down by Apple.

Unable to devise other methods to let apps run in the background without interruptions, developers of clipboard managers then converged on the same idea: using old-school Today widgets to capture the contents of the clipboard as soon as the user opened the Today page.

[…]

Yoink’s persistent clipboard monitoring is a new spin on an old concept: it uses an audio/video trick to let the app run in the background and make iOS/iPadOS think it’s always in the foreground, capable of capturing your clipboard. Specifically, Yoink uses Apple’s Picture in Picture technology to remain active even if you close the app, monitor what you copy, and save it into the main Yoink app.

Sounds like a great idea, and one arm of Apple is currently promoting Yoink in the App Store. Hopefully, another arm doesn’t decide that this is not how the Picture-in-Picture API was intended to be used.

Previously:

The Impossible Move

Rob Griffiths:

  1. Create a screen full of apps and folders, such that there’s no remaining space.
  2. Position a folder in the rightmost lower corner of the screen.
  3. Attempt to drag an app from another screen into that folder.

[…]

The only solution I’ve found that works for all cases is this one:

  1. Move the target folder to another location on the screen.
  2. Move the target app into the target folder.
  3. Move the target folder back to its original location.

To reiterate my earlier tweet…please, Apple, provide an official solution for home screen management using a Mac.

Previously:

Update (2021-10-25): Jesse Squires:

This bug also happens on macOS “Launchpad”

Tuesday, October 19, 2021 [Tweets] [Favorites]

The Best Mac External Displays

Scharon Harding:

Apple held its fall event was today, and the stars of the show were the M1 Pro and M1 Max announced for the new MacBook Pros. We even got new AirPods and word on macOS Monterey. But all was quiet on the displays front. Hope for a larger iMac with Apple Silicon to accompany the 24-inch model announced in April was not rewarded, and the Apple Pro Display XDR is still Apple’s only standalone monitor. If you were waiting for today’s event to help you select the next screen to run macOS on, we feel your pain. We can’t force Apple to release new displays, but we can round up some non-Apple PC monitors worth considering if you need something now.

The best option still seems to be the LG 5K. I wonder whether it’s improved from the earlier models that so many people seemed to have problems with.

Marc Edwards:

If you’re considering an external display for your Mac, there’s a few important decisions to make.

Previously:

Update (2021-10-21): Craig Mod:

because apple didn’t announce a new monitor on Monday, my old 22” 4K LG died today … there is no obvious replacement? I am so monitor befuddled. It’s a weird moment in the world of monitors. Goldilocks, where are you?

Apple Music Voice Plan

Apple:

The Apple Music Voice Plan offers subscribers access to the service’s catalog of 90 million songs; tens of thousands of playlists, including hundreds of brand new mood and activity playlists, personalized mixes, and genre stations; as well as the award-winning Apple Music Radio — all through Siri for just $4.99 per month.

[…]

Apple Music Voice Plan subscribers will get a customized in-app experience with suggestions based on the listener’s music preferences and a queue of recently played music through Siri. Within the app there will also be a dedicated section called “Just Ask Siri” where subscribers can learn tips to optimize Siri for Apple Music.

For access to Apple Music’s premium offerings, including Spatial Audio and Lossless Audio, Lyrics, Music Videos, and more, subscribers can easily switch to Apple Music’s individual plan for $9.99 per month or family plan with up to six accounts for $14.99 per month at any time.

Benjamin Mayo:

so if you have the Voice Plan the Music app will show you a list of things you can ask Siri to play, but no play button lol!

John Gruber:

This plan struck me as weird when it was announced during the keynote, but it makes sense for the way many people use Apple Music: by just asking Siri to play whatever, where “whatever” is a particular song, a particular artist, or a particular mood.

[…]

Amazon Music has a $4/month Echo plan that is very similar, but Amazon’s Echo plan is limited to one single Echo device or Fire TV.

Update (2021-10-21): Alex Brooks:

Coldplay

App Tracking Transparency Helps Apple’s Ads

Eric Benjamin Seufert:

Last week, Apple introduced a new ad unit to the App Store: a paid placement on its Search page. Rumors of this new unit had circulated previously, although the notion that Apple would increase the density of ad placements in the App Store was wholly predictable, as I assert in this piece and this piece. Apple is expanding its mobile advertising platform in parallel with the rollout of the App Tracking Transparency (ATT) privacy policy, which presents meaningful commercial challenges to other mobile ad platforms and will likely diminish their operational efficiency.

With ATT, Apple has robbed the mob’s bank. In bolstering its ads business while severely handicapping other advertising platforms — but especially Facebook — with the introduction of a privacy policy that effectively breaks the mechanic that those platforms use to target ads, Apple has taken money from a party that is so unsympathetic that it can’t appeal to a greater authority for redress. Apple has brazenly, in broad daylight, stormed into the Bank of Facebook, looted its most precious resource, and, camouflaged under the noble cause of giving privacy controls to the consumer, fled the scene.

John Gruber:

I guess this money is too good to pass up. But Apple pushing further into mobile advertising now — right after launching this App Tracking Transparency feature — just looks cheesy. It’s ham-fisted.

Nick Heer:

From a consumer’s perspective, there is some logic to the argument Apple is making and which is echoed by the W3C. Using only first-party data to target advertising fits with the existing business relationship a user has with a company. If I have tracking enabled, I fully expect Apple to use my App Store purchase history to show me ads for other apps. If I use one of Facebook’s apps, I will not be surprised if it uses the accounts I follow and things I search to inform the advertising it shows me. But if I launch some other third-party app, I only know that some undisclosed SDK will inform the ads Facebook and Google show me elsewhere because I am in this industry and I write this website. It’s the same thing for ad tracking across the web.

But if platform owners get to claim that the activity that occurs in their own apps and third-party apps that are required to use a specific payment mechanism, that gives them a diabolical first-party advantage.

Alex Heath:

Apple’s rule for other developers: you have to ask users if they want to be “tracked” for ad targeting

But Apple’s own ad tracking is “personalization,” which sounds much less nefarious

Marko Karppinen:

You can absolutely implement on-device ad personalization the way Apple does, and Apple will not require you to pop up the App Tracking Transparency consent dialog for that

You can implement it the way Apple does by only using your own data, but you won’t get the results that Apple does because it gets extra data by virtue of being the platform owner and exclusive app distributor.

Dan Masters:

Classic Apple dark pattern! Compare the primary action for Apple’s ad tracking prompt vs the App Tracking Transparency modal, pictured above

Ben Lovejoy:

The Financial Times reports that because Apple’s own search ads effectively let developers target users by interests, it became much more appealing once ATT rules came into force.

Apple’s advertising business has more than tripled its market share in the six months after it introduced privacy changes to iPhones that obstructed rivals, including Facebook, from targeting ads at consumers.

[…]

Branch, which measures the effectiveness of mobile marketing, said Apple’s in house business is now responsible for 58 per cent of all iPhone app downloads that result from clicking on an advert. A year ago, its share was 17 per cent.

[…]

That is set to see Apple’s ad business revenue climb from $5B this year to $20B/year within three years, estimated one research group.

[…]

Media analyst Eric Seufert has previously made the same point – that Apple’s ad business does give itself privileges unavailable to competitors. However, he said the analysis behind the FT piece may overstate the position, for several reasons[…]

Patrick McGee:

What has made Search Ads suddenly attractive is not any new feature but the fact that Apple has rendered the rest of the ad industry “blind” in the iOS universe, says @kochavaofficial, whose own data has Search Ads up 69% since June, while rivals are down 43%(!) on average.

Damien Geradin:

Last year, I attended a hearing where Apple and its lawyers swore that its privacy changes were not in any way motivated by a desire to grow its advertising activities, which would remain totally marginal.

Previously:

Update (2021-10-21): Dare Obasanjo (via Dan Grover):

Every social app will eventually become a shopping app, even Twitter. As Apple has killed the ability to track ad effectiveness outside apps via ATT, the industry reaction is to bring all commercial activity within apps.

Update (2021-10-28): Sami Fathi (Hacker News):

Apple’s privacy rules are “negatively affecting” Facebook, and its business, Facebook CEO Mark Zuckerberg claimed during its most recent earnings call.

Update (2021-10-29): Nick Heer:

I truly believe Apple had good intentions with App Tracking Transparency, and I fully buy its premise. But it is shaping up to be a letdown on both sides of advertising. Apps are not respecting users’ choices and tracking them anyway, while Apple is — at the very least — appearing to behave anticompetitively by restricting what is available to third-party advertisers while expanding its own ads business.

Update (2021-11-12): Dave Mark:

This just popped up in Apple News.

Turn on Personalized Ads? Nah, no thanks.

Eric Benjamin Seufert:

In this article, I’ll make the case that ATT advantages Apple’s own ad network, and I’ll propose remedies that would bring the applicability of ATT to parity across Apple’s ad network and the broader advertising ecosystem. Note that Apple’s documentation for its ads platform and privacy controls is vague in places, and the logic it uses to power certain protocols is non-public. I attempt in this article to document all claims with authoritative resources, but in some cases that is not possible and I rely on direct experience and anecdotes.

Amazon Knockoffs and Search Placement

Aditya Kalra and Steve Stecklow (via Hacker News):

A trove of internal Amazon documents reveals how the e-commerce giant ran a systematic campaign of creating knockoff goods and manipulating search results to boost its own product lines in India - practices it has denied engaging in. And at least two top Amazon executives reviewed the strategy.

Adrianne Jeffries and Leon Yin (via Hacker News):

An investigation by The Markup found that Amazon places products from its house brands and products exclusive to the site ahead of those from competitors—even competitors with higher customer ratings and more sales, judging from the volume of reviews.

Nick Heer:

Earlier this year, Mother Jones cited several journalists who, in the words of one, claimed that Amazon is “the only company [they have] dealt with that has directly lied to me”. Several reporters used that word, “lie”, or said the company was deceitful in its responses to journalists — that it goes far beyond a typical carefully worded corporate message.

Manish Singh (via Slashdot):

Five members of the House Judiciary Committee have accused (PDF) Amazon’s top executives of either misleading or blatantly lying to it about its business practices and said they are considering an investigation following publication of two damning reports last week.

John Gruber:

There’s a good argument for Amazon on this front that store brands are as old as retail. That Sears did the same thing a century ago, and that Walmart does it now. And that of course retailers with house brands — including Amazon — look at sales data to choose what to make. But that’s not what Amazon — and Jeff Bezos in particular — have said under oath. Bezos left Jassy with a serious mess to clean up here.

Previously:

Monday, October 18, 2021 [Tweets] [Favorites]

MacBook Pro 2021

Apple (video, Hacker News, MacRumors, Stephen Hackett, Jesper, The Verge, Slashdot):

Apple today unveiled the completely reimagined MacBook Pro powered by the all-new M1 Pro and M1 Max — the first pro chips designed for the Mac. Available in 14- and 16-inch models, MacBook Pro delivers groundbreaking processing, graphics, and machine learning (ML) performance whether running on battery or plugged in, as well as amazing battery life — enabling workflows previously unimaginable on a notebook. The new MacBook Pro also features a stunning Liquid Retina XDR display, a wide range of ports for advanced connectivity, a 1080p FaceTime HD camera, and the best audio system in a notebook.

[…]

Up to 2.1x faster project builds in Xcode [compared with i9].

[…]

Unlike other pro notebooks that lose performance when they are not plugged in, MacBook Pro delivers the same level of performance whether it is plugged in or using the battery. This unprecedented combination of system performance, on-battery performance, and battery life sets MacBook Pro apart from every other notebook.

[…]

Physical function keys — including a wider escape key — replace the Touch Bar, bringing back the familiar, tactile feel of mechanical keys that pro users love.

[…]

ProMotion technology also comes to the Mac on this new display, featuring an adaptive refresh rate up to 120Hz.

[…]

Both models feature three Thunderbolt 4 ports to connect high-speed peripherals, an SDXC card slot for fast access to media, an HDMI port for conveniently connecting to displays and TVs, and an improved headphone jack that supports high-impedance headphones. MagSafe returns to MacBook Pro with MagSafe 3, featuring an updated design and supporting more power into the system than ever before. MagSafe 3 makes connecting a charge cable quick and easy while protecting MacBook Pro. Additionally, fast charge comes to the Mac for the first time, charging up to 50 percent in just 30 minutes.

This looks really great, advancing the state of the art as well as righting lots of wrongs. It’s even slightly thicker, at 0.66 vs. 0.64 inches, which is probably inconsequential in feel but speaks to a more sensible balance of design priorities.

The remaining problems carried over from the 2016 design: the huge trackpad that gets lots of accidental input, the keyboard feel, and the glossy display.

Only the M1 Max supports more than 32 GB of RAM, and then the only option is 64 GB. My iMac has 40 GB, which is perhaps the equivalent of 48 GB since none is reserved for video, and I still see a significant amount of paging. So, for a primary Mac, I’d want more than 32 GB, but 64 GB is more than I need and costs $800 extra (including extra GPU cores that I don’t need).

However, that doesn’t yet appear to be a decision that I need to make because, with no external Retina 5K display, I’m going to wait for the forthcoming large-screen iMac.

John Gruber:

People want standalone displays for their MacBooks and Mac Minis. People don’t want to spend $5,000 on a Pro Display XDR. Third-party display makers clearly are not capable or willing of serving the Mac market. So why not get back in the prosumer display game with a $1,500 iMac-quality standalone display?

Marco Arment:

For the first time in five years, the MacBook Pro looks like it was designed by and for people who love computers.

Rich Siegel:

This is the first laptop in 5 years where I don’t feel like I’ve had to settle for stuff I didn’t really want (constrained memory, touch bar) in order to get something I really did (13-inch machine, touch ID).

MKBHD:

Apple flexing so hard about how they gave back ports that they took away is just poetry.

Matt Birchler:

They basically said “using dongles sucks” and I lost it.

But you’ll still need to carry extra cables for Lightning and USB-A devices, and perhaps for Ethernet.

Paul Graham:

Apple got rid of the touch bar! Finally I can buy a new laptop.

Marco Arment:

This turned out less funny than I expected

Well, even Apple’s logo has a notch.

James Thomson:

Menus to the left of me, icons to the right, here I am stuck in the notch with you.

If your menus are short enough.

Joe Groff:

Loving the squared edges, tiny bezels, assortment of ports, and dark keyboard on the new MacBook Pro design

Previously:

Update (2021-10-19): Jason Snell:

Here’s a quirk of the new MacBook Pros. On the 14-inch models, the larger 96W USB-C power adapter is required for fast charging. You can fast charge either via MagSafe or via a standard USB-C cable attached to that adapter. However, on the 16-inch models—all of which come with a 140W adapter—you can only do ultra-fast charging via MagSafe. While there’s a new specification that allows for much higher power delivery levels over USB ports, the Thunderbolt 4/USB 3 ports on the MacBook Pro don’t support it. You can still charge via those ports, of course—just not at the ultra-fastest speed.

[…]

Apple’s argument for getting rid of the SD slot was that the future would be wireless, and we wouldn’t need to use cards to transfer data anymore. It wasn’t true back in 2016, and it’s still not true.

[…]

When the Touch Bar arrived, I thought it had a lot of potential. Unfortunately, there were two big problems: a lack of tactile feedback and software support. […] As for the lack of software support, that comes from the top: After the launch of the Touch Bar, Apple did almost zero to help the hardware fulfill its potential.

[…]

I can’t remember the last time this was true, but both models of MacBook Pro can be configured to the same heights if you want to—every single built-to-order option from the more expensive, larger model is also available in the smaller one.

Matt Birchler:

The SD card reader alone made me want to buy this computer to replace my Air immediately. This is what my computer looks like when I need to import images/video from my modern Canon camera[…]

Matt Birchler:

Most high end cameras can wirelessly connect to your computer (or phone for that matter), but they often transfer super slowly, and sometimes even convert your RAW images to JPG in the process (presumably to improve the transfer speed). Wired connections work, but often transfer speeds are still very slow due to slower USB tech in the device. Using my Canon EOS RP as an example, I can plug in via a USB-C cable, but photos and video transfer at about 1/3 the speed I get from just plugging the SD card into Apple’s SD-to-USB-C adapter.

Another issue is that many photographers shoot with multiple SD cards. If they have a big job, they’re going to have several SD cards with them, and they’ll swap between them as they fill up each card. Needing to use their camera as a several thousand dollar dongle to offload these photos/video to their computer is a pain (and has slower speeds).

Steve Troughton-Smith:

Notch avoidance

See also: Pinboard.

Apple M1 Pro and M1 Max

Apple (video, Hacker News, MacRumors):

The CPU in M1 Pro and M1 Max delivers up to 70 percent faster CPU performance than M1, so tasks like compiling projects in Xcode are faster than ever. The GPU in M1 Pro is up to 2x faster than M1, while M1 Max is up to an astonishing 4x faster than M1, allowing pro users to fly through the most demanding graphics workflows.

[…]

M1 Pro offers up to 200GB/s of memory bandwidth with support for up to 32GB of unified memory. M1 Max delivers up to 400GB/s of memory bandwidth — 2x that of M1 Pro and nearly 6x that of M1 — and support for up to 64GB of unified memory. And while the latest PC laptops top out at 16GB of graphics memory, having this huge amount of memory enables graphics-intensive workflows previously unimaginable on a notebook. The efficient architecture of M1 Pro and M1 Max means they deliver the same level of performance whether MacBook Pro is plugged in or using the battery. M1 Pro and M1 Max also feature enhanced media engines with dedicated ProRes accelerators specifically for pro video processing.

[…]

Utilizing the industry-leading 5-nanometer process technology, M1 Pro packs in 33.7 billion transistors, more than 2x the amount in M1. A new 10-core CPU, including eight high-performance cores and two high-efficiency cores[…]

Scott Perry:

The M1 Max’s DRAM is as fast as Intel’s on-die LLC circa 2016. Between this and the SSD performance (as fast as RAM was about 10 years ago), Apple is making a mockery of memory hierarchies.

Hector Martin:

As for the M1 Pro/Max, reminder that a single P-core can saturate the M1’s memory bandwidth, even significantly downclocked. And the M1 already has a lot of memory bandwidth. All that extra memory bandwidth in the new chips has to make a pretty big difference.

See also: Ken Shirriff.

Previously:

Update (2021-10-19): Andrei Frumusanu:

Today’s reveal of the new generation Apple Silicon has been something we’ve been expecting for over a year now, and I think Apple has managed to not only meet those expectations, but also vastly surpass them. Both the M1 Pro and M1 Max look like incredibly differentiated designs, much different than anything we’ve ever seen in the laptop space. If the M1 was any indication of Apple’s success in their silicon endeavors, then the two new chips should also have no issues in laying incredible foundations for Apple’s Mac products, going far beyond what we’ve seen from any competitor.

Steven Sinofsky:

Apple’s M1 Pro/Max is the second step in a major change in computing. What might be seen as an evolution from iPhone/ARM is really part of an Apple story that began in 1991 with PowerPC.

[…]

When you look at M1 Pro/Max today it is tempting to think of this in terms of performance, but performance per watt AND integrated graphics AND integrated memory AND integrated application processors is innovation in an entirely different direction.

Update (2021-10-29): Andrei Frumusanu (Hacker News):

The M1 Pro and M1 Max change the narrative completely – these designs feel like truly SoCs that have been made with power users in mind, with Apple increasing the performance metrics in all vectors. We expected large performance jumps, but we didn’t expect the some of the monstrous increases that the new chips are able to achieve.

On the CPU side, doubling up on the performance cores is an evident way to increase performance – the competition also does so with some of their designs. How Apple does it differently, is that it not only scaled the CPU cores, but everything surrounding them. It’s not just 4 additional performance cores, it’s a whole new performance cluster with its own L2. On the memory side, Apple has scaled its memory subsystem to never before seen dimensions, and this allows the M1 Pro & Max to achieve performance figures that simply weren’t even considered possible in a laptop chip. The chips here aren’t only able to outclass any competitor laptop design, but also competes against the best desktop systems out there, you’d have to bring out server-class hardware to get ahead of the M1 Max – it’s just generally absurd.

Andy Somerfield (via John Gruber):

The #M1Max is the fastest GPU we have ever measured in the @affinitybyserif Photo benchmark. It outperforms the W6900X - a $6000, 300W desktop part - because it has immense compute performance, immense on-chip bandwidth and immediate transfer of data on and off the GPU (UMA).

Yining Karl Li (tweet, Hacker News):

The wider takeaway here though is that in order to give the M1 Max some real competition, one has to skip laptop chips entirely and reach for not just high end desktop chips, but for server-class workstation hardware to really beat the M1 Max. For workloads that push the CPU to maximum utilization for sustained periods of time, such as production-quality path traced rendering, the M1 Max represents a fundamental shift in what is possible in a laptop form factor.

Engin Kurutepe:

This is interesting: only about 6% improvement form 8 core M1 Pro to 10 core M1 Max when compiling a large Xcode project

Jean-Louis Gassée (Hacker News):

The Intel side of our village has dismissed the M1 Pro and Max as impressive but hardly threatening: “Sure, Apple has a fleeting advantage due to their access to TSMC’s denser 5 nanometer process, but once Intel gets there, x86 chips will outperform Apple Silicon, especially with their access to the vast library of Windows software.”

Some things never change. Intel fans had the same reaction, eight years ago, when Apple introduced its first 64-bit processor, the A7 that powered the iPhone 5.

Usman Pirzada:

Almost all of us expected Intel to win on the single-threaded front because of high clock rates and some serious architectural improvements but what is surprising is that they even beat the Apple M1 Max on the multi-threaded front. The Alder Lake Core i9 12900HK mobility processor gets an astounding 13256 score which is followed by Apple at 12753 points. The Intel 11980HK (stock) is further into the horizon at 9149 points and AMD clocks in at 8217 points. This is a generation over generation increase of almost 45% in roughly the same TDP - although not surprising because even though the ADL-P CPU only has 8 “big cores” the small cores have proven to be quite powerful as well.

Now keep in mind, I have no qualms that Apple is still going to win on a power efficiency metric - they always have since the A11 - but Apple’s reign as the fastest mobility chip “period” seems like it is going to be short-lived (we expect ADL-P to land in early 2022).

Update (2021-11-16): Rene Ritchie:

Tom Boger, Vice President of iPad & Mac Product Marketing and Tim Millet, Vice President of Platform Architecture, join me to talk about what they thought when Apple first decided to switch the Mac to custom silicon, what it was like bringing their low/slow/wide approach to a thermal envelope as big as the new MacBook Pro, how scalable architecture really scales up this much (and more), how they think about transistor budget in an increasing post-big compute core world, gaming on Mac, and which MBPs we’re all rocking!

Update (2021-11-24): Timothy Liu (via Hacker News):

I still had questions, so here I am with some (casual) benchmarks that I hope add some additional perspective into interesting hardware capabilities on the M1 Max SOC, just for fun and out of my curiosity.

AirPods 3

Apple (video, Hacker News, MacRumors):

By combining the power of the H1 chip with an Apple-designed acoustic system, the new AirPods use computational audio to deliver breakthrough sound with Adaptive EQ. Users can enjoy spatial audio featuring Dolby Atmos in Apple Music, movies, and tv shows, along with dynamic head tracking, across Apple devices. The new AirPods are resistant to sweat and water, and feature a force sensor for easy and intuitive control of music and phone calls. The extended battery life enables up to six hours of listening time and up to 30 hours of total listening time with the convenient charging case.

[…]

AirPods also feature AAC-ELD, a superior speech codec that offers full HD voice quality, providing clear, natural communication for FaceTime calls.

[…]

A new skin-detect sensor accurately discerns if AirPods are in the ear — versus in a pocket or on a table — and pauses playback when removed.

I like the shorter stem, water resistance, and the fact that Apple seems to have kept its most comfortable shape. I wonder if the increased battery life comes from a larger battery, meaning that the product might last for more years.

I don’t like that it has the less usable pressing controls from AirPods Pro, and the less comfortable case size and shape.

The original AirPods and AirPods 2 were $159. AirPods 3 are $179, but you can now get AirPods 2 for $129. I still like AirPods Pro because of the noise cancellation, but otherwise I’d probably be happier with AirPods 2, even without the $50 savings.

Previously:

Update (2021-10-18): AirPods 2 does not include a wireless charging case. Originally, you could get AirPods 2 bundled with the wireless case for $199. Now, it seems to only be available as a $79 extra, making the total more than with AirPods 3. That’s kind of strange, though for me the wireless case is not very important.

Update (2021-10-25): Hartley Charlton:

The MagSafe Charging Case for the third-generation AirPods features sweat and water resistance, making the standard AirPods the first to feature an IPX4-rated charging case.

Update (2021-10-29): Federico Viticci:

- Case is smaller than AirPods Pro
- MagSafe attachment is awesome for compatible stands
- In-ear shape is definitely bigger than AirPods 2

Mike Rockwell:

The new shape is pretty odd. It feels like they don’t sit as firmly in my ears as the previous ones, so I’m a little worried they’re going to fall out a lot. But I haven’t had any issues so far.

Mike Rundle:

AirPods 3 single tweet review: sound is closer in quality to AirPods Pro than AirPods 2, much better bass response, closer fit in ears is very nice, slightly harder to pull from the case than AirPods 2 but I’m sure I’ll figure out the trick soon, overall a massive upgrade 👍

Matt Birchler:

The case on the new AirPods is noticeably smaller than the Pro and helps it fit way better in the little coin pocket thing in my jeans.

It’s a massive decrease from the Beats Studio Buds case I’ve been using for much of the year.

Rob Rhyne:

The imaging on these 3rd gen AirPods are unreal.

If I press them deeper into my ear, the sound doesn’t change! This Adaptive EQ tech is no joke.

Sound quality is equivalent to the Pros, without the uncomfortable seal. 🤯

Juli Clover:

Overall, reviews of the AirPods 3 were highly positive. Reviewers like the new design, which is more comfortable and offers a tighter and more secure fit in the ears, and the improved fit also makes the sound quality better than before.

Update (2021-11-16): Julio Ojeda-Zapata and Josh Centers:

The first thing I noticed about the new AirPods is how much bigger the buds are. While the original AirPods were a perfect fit for my ears, the new ones are a bit uncomfortable because they’re so large. My wife found even the original AirPods painful, so she declined my offer to try the new ones.

[…]

Automatic device switching moves your AirPods connection between your iPhone, iPad, and Mac depending on which device you’re using. Both Josh and Julio found that it doesn’t live up to its promise.

I hear from lots of customers that they prefer to turn off automatic device switching and use ToothFairy instead.

Update (2021-11-29): Saagar Jha:

Haven’t heard anyone else talking about this, but third generation AirPods are much easier to clean than second generation ones are. As a professional AirPods scrubber™ the design makes the process take under half the time, with better results.

SuperDuper 3.5 Beta 4 for Monterey and Apple Silicon

Dave Nanian:

Part of rolling these Betas slowly involves trying to figure out how to help users when these failures happen: basically, it’s a learning process, and when we can’t refer to the code, and the errors are (at best) a number and a word or two, well, it takes some time.

At this point, though, I’m relatively confident I understand how to work around most of asr’s failures.

[…]

Apple silicon execution require new-style licenses purchased after June of 2019, when our new license system was released. Old licenses will not work natively… and if you want to run natively on an Apple silicon Mac with registered features, you’ll need a new license.

I’ve probably gotten more years of free updates for SuperDuper than any other software I’ve purchased. I ran into the same issue with eSellerate licenses and SpamSieve, except that I used my own licensing system for newer purchases. I ended up supporting the old licenses in the native app by using an XPC service that runs in Rosetta. However, I do not necessarily recommend this approach. There’s a bug where, on certain Macs, XPC messages get blocked: the service never receives them and so the app hangs waiting for a response. I’m guessing this is a Rosetta issue, since I ran into a similar bug with AppleScript and Rosetta and because I’ve not heard of such problems with the many apps that use XPC services of the same architecture. [Update (2021-11-03): The problem seems to be that Rosetta is not installed, and rather than prompting to install it XPC just hangs.]

Previously:

Update (2021-10-28): Dave Nanian (tweet):

At long last, v3.5 is out[…]

[…]

Bootable backups under macOS 11 (Big Sur) and later are a bit strange, because they don’t show up immediately in the Startup Disk Preference Pane. You’ll find they do show up in either Option+Boot (Intel) or Power+Boot (Apple silicon) boot menus, though. And once authorized, they boot nicely.

[…]

A bootable backup cannot start out encrypted, due to macOS rules about creating volume groups. So, after you create a bootable backup, start up from it, turn on FileVault (you don’t have to wait for it to finish), then boot back to your regular drive.

[…]

If you get a “Resource Busy” error during an Erase, then copy error under Big Sur and later, it’s likely your Mac fell asleep during the copy, even though we asked it to stay awake. You can usually fix this by installing Coca from the App Store (it’s free!) and using it to keep the Mac awake during this process.

Friday, October 15, 2021 [Tweets] [Favorites]

Apple Refuses App Store Changes for South Korea

Mike Wuerthele (also John Gruber):

The Korea Communications Commission (KCC) is in charge of enforcing compliance with the new App Store payment law. While Google says that it plans to comply in full with the law, including the adoption of third-party payment systems, Apple appears to be resisting it, saying that there is nothing that it needs to change.

Reuters:

The law went into effect last month but Apple had told the South Korean government that it was already complying and did not need to change its app store policy, a Korea Communications Commission (KCC) official in charge of the matter told Reuters.

“This goes against the purpose of the amended law,” the official said, requesting anonymity as the KCC was still in talks with Apple on compliance.

This reminds me of Apple “clarifying” the rules in the Cameron v. Apple Settlement, except that here there seems to be even less basis for the position that they’re already complying.

Previously:

Update (2021-10-19): Geoff Keating:

I suspect what’s going on is the law says something like “must allow a choice of payment providers” and Apple says “we have Visa and PayPal”. The law cannot say “Apple must allow all apps on its platform for free” because that’s expropriation and there are treaties against it.

Update (2021-11-16): Hartley Charlton:

Apple is not doing enough to comply with South Korean legislation that forbids app store operators from forcing developers to use their payment systems, according to lawmaker Jo Seoung-lae, Reuters reports.

[…]

It is as yet unclear how platform operators will be sanctioned if the regulations are breached, but according to a draft seen by Reuters, it could involve fines of up to two percent of revenue.

The initial details of what Apple will need to do to meet its new obligations in South Korea are expected to be made public by the Korea Communications Commission (KCC) tomorrow, ahead of them coming into full effect by March 2022.

The Risks of Client-Side Scanning

Ben Lovejoy:

The British government has expressed support for Apple’s now-delayed CSAM scanning plans, and says that it wants the ability to scan encrypted messages for CSAM, even where end-to-end encryption is used.

Tim Hardwick:

More than a dozen prominent cybersecurity experts hit out at Apple on Thursday for relying on “dangerous technology” in its controversial plan to detect child sexual abuse images on iPhones (via The New York Times).

The damning criticism came in a new 46-page study by researchers that looked at plans by Apple and the European Union to monitor people’s phones for illicit material, and called the efforts ineffective and dangerous strategies that would embolden government surveillance.

Hal Abelson et al. (PDF):

Some in industry and government now advocate a new technology to access targeted data: client-side scanning (CSS). Instead of weakening encryption or providing law enforcement with backdoor keys to decrypt communications, CSS would enable on-device analysis of data in the clear. If targeted information were detected, its existence and, potentially, its source, would be revealed to the agencies; otherwise, little or no information would leave the client device. Its proponents claim that CSS is a solution to the encryption versus public safety debate: it offers privacy -- in the sense of unimpeded end-to-end encryption -- and the ability to successfully investigate serious crime. In this report, we argue that CSS neither guarantees efficacious crime prevention nor prevents surveillance. Indeed, the effect is the opposite. CSS by its nature creates serious security and privacy risks for all society while the assistance it can provide for law enforcement is at best problematic. There are multiple ways in which client-side scanning can fail, can be evaded, and can be abused.

Bruce Schneier:

It’s not a cryptographic backdoor, but it’s still a backdoor — and brings with it all the insecurities of a backdoor.

[…]

We had been working on the paper well before Apple’s announcement. And while we do talk about Apple’s system, our focus is really on the idea in general.

Ross Anderson:

We did not set out to praise Apple’s proposal, but we ended up concluding that it was probably about the best that could be done. Even so, it did not come close to providing a system that a rational person might consider trustworthy.

Even if the engineering on the phone were perfect, a scanner brings within the user’s trust perimeter all those involved in targeting it – in deciding which photos go on the naughty list, or how to train any machine-learning models that riffle through your texts or watch your videos. Even if it starts out trained on images of child abuse that all agree are illegal, it’s easy for both insiders and outsiders to manipulate images to create both false negatives and false positives. The more we look at the detail, the less attractive such a system becomes. The measures required to limit the obvious abuses so constrain the design space that you end up with something that could not be very effective as a policing tool; and if the European institutions were to mandate its use – and there have already been some legislative skirmishes – they would open up their citizens to quite a range of avoidable harms.

Previously:

Apple’s Threat Analysis of Sideloading

Apple (PDF, via Hacker News, MacRumors, Slashdot):

iPhone is a highly personal device where users store some of their most sensitive and personal information. This means that maintaining security and privacy on the iOS ecosystem is of critical importance to users. However, some are demanding that Apple support the distribution of apps outside of the App Store, through direct downloads or third-party app stores, a process also referred to as “sideloading.” Supporting sideloading through direct downloads and third-party app stores would cripple the privacy and security protections that have made iPhone so secure, and expose users to serious security risks.

Siguza:

31 pages of fearmongering?

Damn, Apple must actually be scared!

Tim Sweeney:

If automated software analysis or human review were essential for security, iOS could support or even require it for competing stores. Mac notarization shows it’s feasible. Nothing about security requires an Apple monopoly on distribution.

Furthermore, competing stores could do a much better job than Apple of ensuring quality software, going above and beyond Apple’s modest standards for human review - typically a 6 to 12 minute process staffed by only several hundred employees worldwide, most of them not engineers.

Look at the amazing job that Sony, Microsoft, and Nintendo do of quality assurance on console. It’s so good that a sub-par game release is almost a once-in-a-decade news story. If Apple faced competing stores, those companies plus Valve, Epic, and others could step up.

Michael Love:

I don’t think alternate stores make any sense without sideloading; if it’s important sideloaded apps by reviewed by sb you can have a bunch of 3rd party Notarization Authorities or whatever, but the binary should be coming from my server.

Alternate app stores add competition - which is certainly good - but don’t fundamentally change the app distribution model; direct sideloading does because it lets installation happen at the point of discovery, and discovery can happen anywhere; can install an app from a tweet.

Mike Wuerthele:

Thieves have used a combination of social media, dating apps, cryptocurrency, and abuse of Apple's Enterprise Developer program to steal at least $1.4 million from unsuspecting victims.

[…]

After gaining the trust of the victim through the dating apps, scammers start discussing cryptocurrency investments. They are then directed to a website that looks like the Apple App Store, and then told to download a Mobile Device Management profile, giving control of a number of features, and the ability to use signed apps made by the fraudsters.

Previously:

Old Apple Human Interface Guidelines

Andy Matuschak:

Why are there no “standard texts” on designing software interfaces? (or tell me I’m wrong?)

If you want to learn to build software, there are excellent and complete texts on the subject. It’s not just a tech-vs-art thing: there are standard texts on type, drawing, color, etc.

Andy Matuschak:

[S]everal people mentioned the original 1987 Apple Human Interface Guidelines, which I’d not read. It’s not a comprehensive primer on interface design, but it is an extraordinary read—a huge amount of detail on why things are as they are. And a great bibliography!

Andy Matuschak:

Oh my gosh, and there’s a (pre-release) 1985 HIG that’s quite different. It includes e.g. case studies (useful!), and an extended discussion of Jung’s theories of intuition and how they should influence your designs (!!)

There’s a 1995 version here. I like Tog on Interface.

Previously:

Thursday, October 14, 2021 [Tweets] [Favorites]

PrivacyTests.org

Arthur Edelstein (via Hamed Haddadi):

PrivacyTests.org is an open-source testing program that measures browser privacy characteristics, and a website, https://privacytests.org, that renders the results for human consumption.

XPC Service’s Methods Not Necessarily Run on Main Thread

Matthias Gansrigler:

After subsequently moving them into an XPC service and thinking it would “just work”, I found that it didn’t. At least not reliably. Maybe every 8th or 9th time, yes, it did all it was asked to do, but every other time, it outright refused to execute Apple Scripts.

After two days of desperate attempts to get it working correctly, and almost giving up on the XPC privilege separation entirely for this, I figured I’d check to see if the Apple Scripts were being executed on the main thread.

Update (2021-10-15): Thomas Clement:

It is documented that NSXPCConnection calls back on the connection’s internal private queue.

Todd Ditchendorf:

I was tinkering with creating an app with an XPC service around 2013 and gave up cos it was flakey. In hindsight, I’m pretty sure this was the problem.

XcodeNueve: Running the Xcode 9 Tools

Brendan Shanks:

A hack allowing the use of Xcode 9’s toolchain on macOS Catalina, Big Sur, and Monterey.

Xcode 9.4.1 and the macOS 10.13 SDK are the last versions capable of building 32-bit Intel (i386) binaries.

Due to internal frameworks that reference private AppKit instance variables (removed in macOS Catalina), Xcode 9 and its included toolchain fail to run on any macOS version past Mojave.

For projects which need to build i386 binaries to support macOS 10.14 and earlier (like Wine), this requires keeping around a 10.14 build machine, which is undesirable for a number of reasons (no more security updates, requires older hardware, can’t also run latest Xcode, etc.)

The Xcode 9 app itself still doesn’t work, but this lets you use its compiler and other tools.

Wednesday, October 13, 2021 [Tweets] [Favorites]

Keyb 1.3

Zev Eisenberg (tweet):

Type with one hand, no special hardware required! I wrote Keyb while holding my sleeping daughter in one hand. It’s also great for permanent and temporary disabilities, or tasks where you want to keep one hand on the mouse, like gaming or spreadsheets.

How does it work? Simply hold down the spacebar, and the left and right half of your keyboard magically swap places. The two halves are mirrored, so if you would normally type a letter with your left middle finger, use your right middle finger. The same is true in the other direction. If you can already touch-type, you’ll be surprised how quickly your brain gets used to it!

It’s free on the Mac App Store.

Swift-DocC Is Now Open Source

Franklin Schrans:

Swift-DocC encompasses tools and libraries to help developers write and generate documentation on many platforms, including macOS and Linux, with the goal to support all platforms with a Swift toolchain. The docc command line tool is already integrated in Xcode 13 and is architected in a way that can be integrated with other build systems such as SwiftPM. The open source project is composed of several components, some of which may be interesting in their own right for building other developer tools. The components include:

  • Swift-DocC — the documentation compiler tool that processes source file comments, standalone Markdown files, and related assets to produce a machine-readable JSON archive.
  • Swift-DocC-Render — a JavaScript-based web application that renders compiled DocC archives.
  • Swift-Markdown — a library that makes it easy to parse Markdown syntax in Swift.
  • SymbolKit — a Swift library that parses the symbol graph files emitted by the Swift compiler. These files encapsulate information about a module’s APIs, including their documentation comments.

The tooling understands the Swift documentation comment syntax already popular within the Swift community in stand-out tools like Jazzy and SwiftDoc, and in IDEs like Xcode. It adds some novel syntax features, too. For example, the double-backtick ``SymbolName`` syntax creates links between symbols.

Previously:

Visual Studio and Teams Get More Native

Microsoft:

We’re moving Visual Studio for Mac to native macOS UI, which will fix over 100 previously reported issues related to performance, reliability, and product quality. By using native macOS UI, the IDE now works more reliably with macOS’s built in assistive technologies. In this first preview release, we’re giving you a glimpse at the IDE and focused on main features .NET developers use to build applications for the web.

My understanding is that this used a cross-platform UI layer [Update: Gtk+], not Electron.

Faisal Khan (via Hacker News):

Microsoft recently announced that they have reached a whopping 250 Million active users with Teams. Not Word or Excel but Teams is the rockstar of the Microsoft Office suite. But, it has always been plagued with performance issues as it consumes heaps of system resources. Running Teams is a nightmare on computers with less memory to work with.

[…]

The senior vice president of Microsoft Teams announced that Teams would be moving to their own Edge Webview2 Rendering Engine ditching Electron for seeking performance gains. It is marketed that Teams would consume 2x less memory as a result of the transition. It would be called Teams 2.0 and might ship with Windows 11 in late 2022.

I’m not sure this makes much difference for Mac users, since it’s still built on Web technologies with a bundled browser engine.

Previously:

Tuesday, October 12, 2021 [Tweets] [Favorites]

Download Progress With Awaited Network Tasks

Soroush Khanlou:

One would think the URLSessionTaskDelegate would have some affordance that calls you back when new bytes come in, but if that exists, I couldn’t find it.

However, iOS 15 brings a new API that can be used for this purpose — a byte-by-byte asynchronous for loop that can do something every time a new byte comes in from the network — called AsyncBytes.

[…]

One question that this API raises: why does it call your block with every byte? The (very) old NSURLConnectionDelegate would give you updates with chunks of data, so why the change?

[…]

I think this example highlights something important about this new API. The file I was trying to download was about 20MB. That means my for loop is going to spin 20 million times. Because of that, it’s extremely sensitive to any slow tasks that take place in the loop.

[…]

The last thing I did, which did work, is to keep a local variable for the progress, and then only update the progress in SwiftUI when the fastRunningProgress had advanced by a percent.

Joseph Lord:

For the record AsyncSequence blazing fast in beta 5. 🏎❤️ Quicker to XOR the bytes in the file with AsyncSequence of bytes than to Data(contentsOf:) and iterate over the unsafe bytes

David Smith:

I think one of the biggest things people are going to be startled by in my async Swift code is how often I write async functions that aren’t (usually) asynchronous. It took me a few months and some advice from a coworker to internalize how useful this is.

[…]

The most obvious case this is useful is if you have some sort of cache: check the cache, if you hit do the thing immediately, if you miss, suspend and do the thing once you’ve loaded what you needed into the cache.

David Smith:

For bytes, next() looks approximately like this…

@inline(__always) @inlinable mutating func next() async -> UInt8 {
    if bufferRange.isEmpty { await refillBuffer() /* does suspend */ }
    return buffer[bufferRange.popFirst()] /* doesn't suspend */
}

Previously:

Boox Nova Air Review

Jason Snell:

What if someone built a tablet that could run a wider selection of apps but still had the crisp, clear look of an E Ink screen?

In fact, a few companies have been trying to marry E Ink with Android for a while now. Recently I got a chance to spend a lot of time with the Boox Nova Air, a $389 Android tablet with an E Ink display, just as I was also spending time with Apple’s $499 iPad mini.

[…]

Once I was able to get everything set up, was I able to use the Boox Nova Air as a reader for my newspapers, RSS, newsletters, and other content apps, as well as for ebooks via the Kindle and Kobo apps? Yes, I was. But with the exception of the book-reading apps—which were built for a page-at-a-time reading experience that’s perfect for E Ink—what I found was that using apps intended for standard screens was always awkward.

Previously:

Redesigning iOS Alarm and Timer Notifications

Matt Birchler:

What’s always confused me is that the timer makes “I’m done with this” the primary action, while the alarm makes “I need more time” the primary action. Why is this? Even after years with this UI, I still get it wrong sometimes because I have to do some thinking on “is this an alarm or a timer?” which isn’t terribly hard, but it’s harder than normal when you’re either tired and have a phone blaring annoying sounds at you.

[…]

No matter what the reason, I think there are a few main problems with the current UI, even if there is a logical reason to have their order flipped.

  1. The order of options is flipped between timers and alarms.
  2. The colors in the UI don’t seem to indicate anything. Orange is destructive? The opposite? 🤷‍♂️
  3. The buttons are smaller than they need to be.

And there’s a huge amount of empty space, yet no icons.

Previously:

TextExpander 7

Diana Prodan (release notes):

15 years ago, the small team of developers at Smile acquired the core product we now know and love called TextExpander. In those 15 years, we’ve been through many iterations and changes to the product, and our small team has expanded to almost 40 team members.

[…]

Enhanced Snippet Suggestions make it even easier to notice and create Snippets from frequently-typed words and phrases.

[…]

The app now shows you how to resolve conflicts with your Snippet abbreviations in a clear, easier-to-use interface.

[…]

You can now view search results by group, and adjust how your search results are sorted and presented to quickly find what you need.

Pricing is unchanged.

Previously:

Monday, October 11, 2021 [Tweets] [Favorites]

Firefox Can Now Fill Out PDF Forms

Mozilla (via JP):

Last year, during lockdown, many discovered the importance of PDF forms when having to deal remotely with administrations and large organizations like banks. Firefox supported displaying PDF forms, but it didn’t support filling them: users had to print them, fill them by hand, and scan them back to digital form. We decided it was time to reinvest in the PDF viewer (PDF.js) and support filling PDF forms within Firefox to make our users’ lives easier.

While we invested more time in the PDF viewer, we also went through the backlog of work and prioritized improving the accessibility of our PDF reader for users of assistive technologies. Below we’ll describe how we implemented the form support, improved accessibility, and made sure we had no regressions along the way.

This is not a full-featured PDF annotation editor, but it does let you fill in a form and save it as a new PDF file.

Previously:

Simplifying Backwards Compatibility in Swift

Dave DeLong:

Every year as new OS and Swift versions are released, the question comes up over and over again: “how do I use this new thing while also supporting older versions?”. While we have a bunch of “availability” tools at our disposal (and I’ll be using them in this post), they always come across as somewhat cumbersome: we need to do inline checks, or we have conditional logic flow that obfuscates the intent of some of our code, and so on.

[…]

At first glance, this doesn’t look very useful; it’s a struct that holds a single value, and it doesn’t do anything. This is by design. Backport exists to serve as a holding space (namespace) for shims: the conditional code we must write in order to do proper availability checking.

[…]

Unfortunately, I have not come up with a good way to backport things like specific properties on SwiftUI’s EnvironmentValues, such as .headerProminence.

I have typically done this sort of thing by declaring prefixed category methods, but this technique lets you keep the original method name by adding a namespace.

Previously:

Update (2021-10-19): Christian Tietze:

Behold: @davedelong’s Backport, but for cross platform SwiftUI

Update (2021-11-23): Jesse Squires:

If you are working on a multiplatform SwiftUI project, you will start accumulating #if os() checks and #if canImport() checks. Overtime, these start to accumulate and — in addition to being unsightly — they make your code much more difficult to read. When possible, I have started to encapsulate these preprocessor directives to improve code organization and readability.

Google Winds Down Material Design for iOS

Jeff Verkoeyen:

This year my team shifted the open source Material components libraries for iOS into maintenance mode.

Since 2012 and the original launch of Google Maps iOS, my team has supported the creation and maintenance of shared UI components across Google. This was originally born out of a need to fill gaps in UIKit’s design language.

[…]

With the introduction of SwiftUI and significant UIKit improvements in iOS 14+, it’s never been easier to build a great branded experience with a tiny amount of code.

[…]

The time we’re saving not building custom code is now invested in the long tail of UX details that really make products feel great on Apple platforms.

Via Charles Arthur:

I think the TL;DR of this thread is that Google apps on iOS will start looking like they were born on iOS in future, rather than looking like they’re from another planet.

Jason Snell:

This is good news. It’s good for Google’s developers, who no longer have to build that custom code. And more importantly, it’s good for people who use Google’s apps on iOS, because with any luck they’ll be updated faster, work better, and feel more like proper iOS apps, not invaders from some other platform.

Apple Appeals Anti-Steering Ruling in Epic Case

Jay Peters and Sean Hollister (PDF, tweet, MacRumors):

While Apple largely won that case (the company went so far as to call the ruling a “resounding victory”) with Judge Gonzalez Rogers ruling in favor of Apple in nine of the ten claims Epic brought against the company, it did lose in one important way: the judge found that Apple violated California’s anti-steering rules, and demanded that Apple let developers link to outside payment systems. That policy would have taken over in December, but it may be pushed out beyond that — and it seems that’s the point.

[…]

Apple claims that the new anti-steering rule is unnecessary because the company had already agreed to delete the offending section of its App Store Guidelines in the Cameron v. Apple settlement, but that’s news to us: at the time, Apple only agreed to “clarify” that app developers were allowed to communicate with consenting customers, not link to outside payment systems. That clarification was widely seen by developers as a red herring. At the time, Apple didn’t say anything about deleting a section of its App Store Guidelines entirely.

Previously:

Friday, October 8, 2021 [Tweets] [Favorites]

Orion 0.99

Vladimir Prelovac (Hacker News):

Orion is fast, privacy-respecting and open to the web, standards and protocols. If you want a browser that just works, is lightning fast, respects your privacy, stays out of your way and lets you get the job done, Orion makes it possible. It is a browser built for professionals, by professionals. It is also that one browser that you install for your grandma and the web would just work for her, on default settings.

[…]

Safari features are great to begin with, but they also leave a lot to be desired. Whether a built-in ad-blocker or productivity enhancements, with Orion we are able to provide the users with exactly what they need.

If you thought Safari is fast, wait until you experience Orion. Orion is simply the fastest browser on Mac. We took the same WebKit core web engine (also used by Safari) and built a snappy, lightweight browser around it.

I was skeptical, but I’ve been using the Mac version on and off for several months, and it really does feel faster than Safari. It kind of reminds me of iCab back in the day, except that being based on WebKit it’s fully compatible. Tabs can work like in Safari 14 (i.e. standard macOS tabs) or vertically like in Edge. The developer has been very responsive to feedback.

Orion is also a truly zero telemetry browser, with a built-in powerful ad and tracker blocker. Orion has the highest possible protection for your privacy on the web, by default.

And finally, extensions! Orion has native support for both Chrome and Firefox extensions.

It also works with EagleFiler’s capture hotkey. Unfortunately, there’s no way for it to integrate with Safari-specific features like Reading List, iCloud Tabs, bookmarks syncing, and security code auto-fill.

Previously:

Firefox Suggest and Contextual Suggestions

Mozilla (via Hacker News, 3, 4):

Firefox has always provided address bar suggestions, such as websites from your browsing history, bookmarks and open tabs (on by default), as well as suggestions from your default search engine. Beginning in Firefox version 92, you will also receive new, relevant suggestions from our trusted partners based on what you’re searching for. No new types of data are collected, stored, or shared to make these new recommendations.

[…]

To help you find information faster, Firefox Suggest uses a service provided by us to offer relevant suggestions for what you’re typing. When you opt-in to improve Contextual suggestions, Mozilla receives your search queries. When you see or click on a Firefox Suggest result, Mozilla collects and sends your search queries and the result you click on to our partners through a Mozilla-owned proxy service. The data we share with partners does not include personally identifying information and is only shared when you see or click on a suggestion.

However, it sounds like it does send your city location as you type (if you opt in).

Chris Hoffman:

Unfortunately, all major browsers now use a combined address and search bar. So, if you’re typing in the address of a sensitive website to go directly there, your keystrokes as you type will be sent to your default search engine and your search engine may be able to determine the website address you’re typing in manually.

Firefox Suggest is just more of that. In addition to sending your keystrokes to Google or whatever your default search engine is, Firefox will also send them to Mozilla. Both your search engine of choice and Mozilla will return suggestions.

Dave LeClair:

In a move that’s sure to make no one happy, Firefox is getting sponsored address bar suggestions.

[…]

Based on the image shared by Mozilla, the results don’t look overly intrusive, as they appear right alongside the other options, but it’s still annoying to see even more ads when browsing the web.

Thankfully, you can turn this feature off quickly enough.

Dutch Antitrust Watchdog Wants IAP Changes

Juli Clover:

Apple’s in-app purchase requirements are anti-competitive, the Netherlands Authority for Consumers and Markets (ACM) has decided, reports Reuters. The ACM has ordered Apple to make changes to the rules that force developers to use in-app payment options.

[…]

The ACM told Apple about its decision on in-app purchases last month, and it was the first antitrust regulator to decide that Apple has abused its market power in the App Store. Apple has not been fined, but the ACM wants it to make changes to in-app purchase rules.

Previously:

Halide 2.5: Macro Mode

Ben Sandofsky (The Verge, MacRumors):

To start, tap the “AF” button to switch from auto focus to manual focus. Since Macro is often best done with the focus fixed to a close subject or with some adjustment, Macro Mode lives in the manual focus controls. To then enter Macro Mode, tap the the flower icon — the universal symbol for macro.

[…]

If you’d rather adjust focus by hand, we increase the swipe-distance of our focus dial so you can make granular adjustments down to the millimeter. To nail that focus point, Focus Peaking draws an outline around the sharpest areas of your image. You can set it to automatically trigger when adjusting focus, or you can turn it on and off.

[…]

We trained a neural network to upscale images in a way that produces much sharper, smoother results than what you typically get in an editor. It’s available on all iPhone with a neural engine— anything made in 2017 or later— and it produces full 4k resolution JPEGs at either 2× or 3× magnification.

This sounds great, and I appreciate the manual focus controls, but I did not notice much difference with Neural Macro over the built-in Camera app on my iPhone 12 mini. In some cases, Halide was a little sharper. Sometimes it had slightly better color, sometimes slightly worse. Perhaps the improvement is more evident at certain distances or with certain types of macro photos.

John Voorhees:

In my testing over the past day, the results have been impressive. I’m especially fond of the precise focus dial that allows for minute adjustments that make a difference at such close range.

Previously:

Update (2021-10-15): See also: Hacker News.

The Business of VPNs

Brian X. Chen (via Roustem Karimov):

The reality is that web security has improved so much in the last few years that VPN services, which charge monthly subscription fees that cost as much as Netflix, offer superfluous protection for most people concerned about privacy, some security researchers said.

Many of the most popular VPN services are now also less trustworthy than in the past because they have been bought by larger companies with shady track records.

[…]

For several years, I subscribed to a popular VPN service called Private Internet Access. In 2019, I saw the news that the service had been acquired by Kape Technologies, a security firm in London. Kape was previously named Crossrider, a company that had been called out by researchers at Google and the University of California for developing malware.

In the last five years, Kape has also bought several other popular VPN services, including CyberGhost VPN, Zenmate and, just last month, ExpressVPN in a $936 million deal. This year, Kape additionally bought a group of VPN review sites that give top ratings to the VPN services it owns.

Nick Heer:

According to a May 2021 Restore Privacy report, Kape bought Webselenese and its vpnMentor and Wizcase review websites. Both websites aggressively push their top three picks which, funny enough, are all owned by Kape. Wizcase also publishes reviews of security software, and picks Intego as the best antivirus software for the Mac; Kape also owns Intego.

But if you were browsing either review website, you would probably miss Kape’s ownership. While a legitimate news organization would typically display conflicts of interest in immediate context, the word “Kape” appears nowhere in the on-page text, nor does it appear on the dedicated ExpressVPN review page. Wizcase’s “About” page says that the review site “believe[s] in transparency” and the footer on every page claims that it is an “independent review site”. vpnMentor says that its “reviews are not based on advertising” and its claims of honesty make it a “powerful transparency tool for the internet”.

Joseph Menn (via Hacker News):

When a senior executive at virtual private network company ExpressVPN admitted to working on behalf of a foreign intelligence service to hack American machines last week, it stunned employees at his new company, according to interviews and electronic records.

Nick Heer:

This is a more comprehensive look at ExpressVPN’s sketchy history and its ownership that leave me with the impression that the world of VPNs is mostly bullshit. The honest take is that these products help users circumvent geographic restrictions, particularly for things like streaming services. I am convinced that, if streaming companies and media rightsholders were less concerned with nit-picking contracts and more focused on providing a great experience, there would be far less demand among everyday users for VPNs.

Previously:

Thursday, October 7, 2021 [Tweets] [Favorites]

Paddle In-App Purchase for iOS

Paddle (Hacker News, MacRumors):

The Epic Games v. Apple verdict clears the way for app creators to choose an alternative to Apple’s payment system (and its 15-30% fee!). But choose the wrong provider and you’ll be burdened with managing payment and subscription logic, taxes, fraud, and buyer support.

Paddle In-App Purchase will let app creators replace Apple’s In-App Purchase without worrying about any of that.

Besides lower fees, they have a long list of features beyond what the App Store offers.

It’s not yet clear whether Apple will allow any sort of non-IAP in-app payments or try to extract a 30% IP licensing fee for external purchases.

Kif Leswing (via Michael Love):

Paddle built three different implementations of an iPhone payments product in the hope one will comply with the rules.

“We would love to hear from Apple, and get on-the-record a description of exactly what’s going to be allowed versus not,” Owens said.

[…]

RevenueCat, a company that builds tools for iOS developers to manage customer subscriptions, is also developing a browser-based payment system that developers can to apps add without having to build their own, CEO Jacob Eiting said.

[…]

“We’re operating under the assumption that developers will still be required to use Apple’s IAP inside of their apps but that you now will be allowed to reference and link to external paywalls,” Eiting said.

Previously:

Update (2021-10-20): FastSpring:

If and when the courts force Apple to allow third-party payment systems for in-app purchases, developers will be able to use FastSpring’s secure payment system to manage those purchases.

We’ll have much more to say on this topic in the coming weeks.

Kaleidoscope 3

Christopher Atlan (tweet):

We have listened to your feedback and enhanced the app accordingly, with new tools for inspecting version control changesets and more settings for text comparisons. We have also brought a fresh new design specifically tailored for macOS Big Sur and macOS Monterey, including support for the Apple M1 chip.

[…]

Now you can quickly search for files by name or file extension.

We’ve also added the ability to filter files that have been changed, added, or deleted in a version control changeset.

[…]

Kaleidoscope 3 is now available as a one-time purchase for $149.99, and $69.99 upgrade for existing customers.

I like the new support for binary plists.

Previously it was $69.99. I imagine that this is a tricky app to sell because, even though it’s great, parts of its functionality are available in tools that developers already have: BBEdit, Tower, Xcode, FileMerge. And in most cases I compare files using those apps because I’m already in them. But sometimes I need more power or want more convenience for a certain workflow, and then I’m really glad that I have Kaleidoscope.

Craig Hockenberry:

I look at the $150 as an insurance policy more than a purchase. I need this app to stay healthy - and we all know it was close to death. Remember: eight years without a major version update.

I learned this from @xscopeapp - same thing - people complain that the app is too expensive. And buy cheap alternatives that disappear in a few years because the other developer finally realizes it’s not worth it.

Pay well for your tools. Don’t be cheap with your time.

Previously:

Update (2021-10-08): By way of comparison, Araxis Merge Standard is $129 and Araxis Merge Professional (which adds 3-way merging, included in Kaleidoscope) is $269.

iOS 15 Tips and Tricks

Tim Hardwick:

Open the Tabs Group, tap group’s name at the bottom of the screen, then tap Edit in the top-left of the Tab Groups card menu. Tap the circled ellipsis next to the Tabs Group in question, then select Copy Links.

[…]

Enter jiggle mode by holding your finger on a space on the Home Screen, then tap the dots above the Dock to enter the Home Screen pages view.

[…]

Bring up the Text Size selector in Control Center, and you’ll see new options to apply the text size adjustment to the system, or just the app that’s currently open.

[…]

In iOS 15, however, it’s possible to drag an app from Spotlight and place it right onto the Home Screen, which means you no longer need to continually drag app icons between Home Screen pages to rearrange them.

[…]

The Shelf minimizes when you interact with an open window, but you can resurface it by long pressing the app’s icon and selecting Show All Windows.

[…]

Simply initiate a walking route, then raise your iPhone and scan the buildings around you when prompted. The step-by-step directions will appear in the AR mode automatically, which should make it easier to get where you need to go, especially in situations where the directions are tricky.

[…]

[W]hen on a FaceTime call or when taking a call on a third-party app like WhatsApp or Teams, launch your device’s Control Center, tap the Mic Mode button, top-right, then tap Voice Isolation to enable it.

[…]

Background Sounds are designed to help you stay focused, stay calm, and minimize distractions with the help of your iPhone or iPad. The Background Sounds on offer include balanced, bright, and dark noise, as well as natural sounds like ocean, rain, and stream.

Previously:

Wednesday, October 6, 2021 [Tweets] [Favorites]

Reproducible Code Signing on Apple Silicon

Keith Smiley:

For people who expect reproducible builds, Apple Silicon machines provide an interesting challenge.

[…]

The gist of this logic is to fetch the UUID embedded in every binary and use that to derive the identifier. The reason this isn’t reproducible across architectures is because the UUID is based on the content of each binary, which differs across architectures.

[…]

While this was a very informative deep dive into this logic, if you rely on reproducible binaries and want to support Apple Silicon machines, you need to do 2 things for binaries without Info.plist files:

  1. Don’t allow the linker to automatically sign your binaries by passing -no_adhoc_codesign
  2. Pass an explicit identifier when linking binaries with --identifier to the codesign invocation

Previously:

Mac Safari Extension: ActiveTab

Zhenyi Tan:

ActiveTab makes it easier to spot the active tab in Safari on Mac by drawing a line below it. It works by predicting the position of the active tab based on the size of your browser window and the number of tabs.

[…]

ActiveTab is available for $1.99 on the Mac App Store, with no in-app purchases, no ads, and no tracking.

This sounds great, although unfortunately, because it’s implemented using JavaScript, it needs full permissions for “Webpage Contents and Browsing History” even though all it really wants is to draw a rectangle.

See also: John Voorhees and Tim Hardwick.

Previously:

iOS Safari Extension: StopTheScript

Jeff Johnson:

StopTheScript is my new Safari extension for iOS 15 and iPadOS 15 that stops all JavaScript on your selected websites!

[…]

If you install StopTheScript, you may find it strange that the extension has no settings. This is a technical limitation. Why? When a Safari extension is loaded into a web page, the extension’s settings are not available immediately; any settings must be fetched from storage, an async operation. The problem is that the <head> of an HTML document may contain <script> elements. If StopTheScript had to wait for settings to be fetched from storage, then it might be too late to stop the JavaScript from running already! Thus, StopTheScript has to do its “magic” at the very beginning of the document load, even before elements of the <head> are loaded. This is why StopTheScript relies on Safari’s own extension permission system. Safari users can grant an extension access to specific websites, and only those websites.

[…]

Will StopTheScript be coming to Safari on the Mac too? I hope so, in the future, but right now it can’t, unfortunately. […] The problem is that "run_at":"document_start" doesn’t work right in Safari on macOS, a bug that I blogged about over a year ago.

Previously:

Update (2021-10-20): Kyle Nazario:

If you want to selectively block JavaScript in Safari, try JavaSnipt.

It works on both iOS and Mac.

“date -d” vs. “date -s”

Rachel Kroll:

$ date -d @1700000000
Tue Nov 14 14:13:20 PST 2023

The problem is, there’s another command very much like it that will even spit out the same output, only it has a nice little side-effect: it also sets the clock. That command is date -s.

If you’re on a QWERTY layout or are generally familiar with it, you might notice that [S] and [D] are right next to each other and are an easy typo to make with your left hand. That’s one way to screw up.

Another problem is that you might not have known that -s has that effect[…]

There doesn’t seem to be a -s in the Mac version of date.

Previously:

Update (2021-10-08): Matt Garber:

That’s one of several differences between the GNU coreutils date on Linux, and the BSD version included in at least FreeBSD and macOS. Also, the BSD version’s -d flag is completely different: “Set the kernel’s value for daylight saving time”.

Simon Stiefel:

On macOS, no option is needed to change the flag which is arguably worse, e.g. date 1234 sets the time.

Chris Dzombak:

also, crontab -e vs. crontab -r

Tuesday, October 5, 2021 [Tweets] [Favorites]

Celebrating Steve Jobs

Jason Fried:

On the 10th anniversary of Steve Jobs’ passing, Jony Ive reflected on the man he worked with for nearly 30 years. It was a lovely remembrance, primarily orbiting the sanctity of the creative process and the burbling of ideas. It reminded me about something else Jony said about Steve in shortly after his death:

“And just as Steve loved ideas, and loved making stuff, he treated the process of creativity with a rare and a wonderful reverence. You see, I think he better than anyone understood that while ideas ultimately can be so powerful, they begin as fragile, barely formed thoughts, so easily missed, so easily compromised, so easily just squished.” —Jonathan Ive

John Gruber quotes Ive’s remembrance.

Dave Mark (tweet, MacRumors):

Start off by going to Apple’s front page, check out the short film, “Celebrating Steve” and scroll down for the “Statement from the Jobs family”.

That pic of Steve slouched in an office chair, about 4 seconds in, struck me as familiar. Was that Susan Kare’s chair?

Jason Snell:

The fact that so much of Apple’s growth has happened since Jobs’s departure hasn’t reduced him at all. It would be relatively easy to argue that the success of Tim Cook’s Apple suggests that, despite everyone’s concern in the late days of 2011, the company actually could go on without Jobs at the helm. But that’s not what anyone thinks. Instead, Jobs is credited for putting Apple on the path that led to it becoming what it is today.

Previously:

Update (2021-10-20): Joe Rossignol:

To commemorate the 10th anniversary of Steve Jobs passing away on Tuesday, Apple shared a short film called “Celebrating Steve” on its website, and Apple has now made the video available on YouTube for those who may have missed it.

Tim Cook:

Steve believed that “people with passion can change the world for the better.” That’s the philosophy that inspired him to create Apple. And it lives in us today.

Scott Forstall:

Ten years ago today I lost a mentor, colleague, collaborator, design partner, and—most importantly—friend, when Steve Jobs left us too soon. He had an incalculable effect on everyone he impacted, which as far as I can tell, is everyone on the planet.

Michael Dell:

The royalty he was talking about would amount to hundreds of millions of dollars, and the math just didn’t work, because most of our customers, especially larger business customers, didn’t really want the Mac operating system[…] Steve’s proposal would have been interesting if it was just us saying, “OK, we’ll pay you every time we use the Mac OS” -- but to pay him for every time we didn’t use it … well, nice try, Steve!”

James Dempsey:

To honor the memory of Steve Jobs on the tenth anniversary of his passing, I was joined by thirty-two members of the Apple tech community to record a song that has special meaning to us—and hope it will for you too.

See also:

iPadOS 15 Multitasking

Kirk McElhearn:

Apple first introduced multitasking features back in iOS 9, and expanded on them with iPadOS 13, but they were hard to use, and most iPad users only encountered them when an accidental swipe on their tablet’s screen enabled them. Now, in iPadOS 15, these features are a lot more usable, and easy to discover.

In this article, I’ll explain how to use multitasking on the iPad to view two apps at a time, and more.

Federico Viticci:

The new multitasking menu is both a reflection of how iPadOS has evolved over the years and an indictment of iOS 11’s solution, which required hidden drag and drop gestures and was undiscoverable by people who don’t read reviews like this one. iPadOS 15’s multitasking represents the beauty of a button: you see it because it’s always there, you click it, and it does what you expect.

Of course, it wouldn’t be a modern Apple multitasking control if it also didn’t serve double duties via hidden gestures and other implementation details. For starters, the multitasking button also acts as an active app indicator while in Split View or Slide Over to show you which of the app displayed onscreen is the active one receiving keyboard input. As you can see in the screenshot below, the active app on the left gets an enclosed button with darker dots compared to the inactive one on the right[…]

Previously:

Streaming Cropped Video

Daniel Kreps (via Hacker News):

Seinfeld finally arrived on Netflix Friday, and while all 180 episodes are now available on the streaming service, some jokes didn’t make the cut, literally.

As noted on social media, some of the visual gags from the series have been cropped out due to the series’ now-16:9 aspect ratio that updates the picture for HD televisions, as opposed to its original and boxier 4:3 ratio from when the series first broadcast on TV.

foob:

There’s a great blog post by David Simon on the conversion of The Wire from 4:3 to 16:9. It goes into a lot of depth about some of the trade-offs and considerations as well as the lack of communication from HBO. Unfortunately, the video examples don’t seem to work anymore. I can’t help but wonder if HBO sent YouTube a DMCA takedown for David Simon’s clips from the post (or they got taken down automatically). It’s pretty sad if the creator of a show can’t even post short clips from it to illustrate some of the design decisions behind them.

iso1210:

This was the case with Simpsons when it came onto Disney Plus - they took the 4:3 and didn’t just blow it to 14:9, but 16:9 -- throwing away a quarter of the original image.

There’s now an option to show the original aspect ratio, I didn’t discover it for a long time though.

Amazon prime on my phone blows up 16:9 material too, chopping off the top and bottom to fit the wider aspect ratio, unless you’re careful to ‘zoom out’

Facebook BGP Outage

Celso Martinho and Tom Strickx (Hacker News):

Social media quickly burst into flames, reporting what our engineers rapidly confirmed too. Facebook and its affiliated services WhatsApp and Instagram were, in fact, all down. Their DNS names stopped resolving, and their infrastructure IPs were unreachable. It was as if someone had “pulled the cables” from their data centers all at once and disconnected them from the Internet.

This wasn’t a DNS issue itself, but failing DNS was the first symptom we’d seen of a larger Facebook outage.

[…]

BGP stands for Border Gateway Protocol. It’s a mechanism to exchange routing information between autonomous systems (AS) on the Internet. The big routers that make the Internet work have huge, constantly updated lists of the possible routes that can be used to deliver every network packet to their final destinations. Without BGP, the Internet routers wouldn’t know what to do, and the Internet wouldn’t work.

The Internet is literally a network of networks, and it’s bound together by BGP. BGP allows one network (say Facebook) to advertise its presence to other networks that form the Internet. As we write Facebook is not advertising its presence, ISPs and other networks can’t find Facebook’s network and so it is unavailable.

Santosh Janardhan:

To all the people and businesses around the world who depend on us, we are sorry for the inconvenience caused by today’s outage across our platforms. We’ve been working as hard as we can to restore access, and our systems are now back up and running. The underlying cause of this outage also impacted many of the internal tools and systems we use in our day-to-day operations, complicating our attempts to quickly diagnose and resolve the problem.

See also: Brian Krebs (Hacker News), Bruce Schneier, Hacker News.

Update (2021-10-20): Santosh Janardhan:

Our engineering teams have learned that configuration changes on the backbone routers that coordinate network traffic between our data centers caused issues that interrupted this communication. This disruption to network traffic had a cascading effect on the way our data centers communicate, bringing our services to a halt.

Via Nick Heer:

For comparison, as I write this, Apple’s System Status page shows a resolved outage in Apple Pay and Wallet. For over seven hours yesterday, “users were not able to add, suspend, or remove existing cards to Apple Pay”, and this issue has simply been marked as “Resolved” but there are no more details. This explanation-free status update has been the standard for every iCloud-related outage, including serious incidents. It does not build confidence.

Reuters (via Hacker News):

Messaging app Telegram gained over 70 million new users during Monday’s Facebook outage, its founder Pavel Durov said on Tuesday, as people worldwide were left without key messaging services for nearly six hours.

Mark Zuckerberg (via Hacker News):

First, the SEV that took down all our services yesterday was the worst outage we’ve had in years. We’ve spent the past 24 hours debriefing how we can strengthen our systems against this kind of failure. This was also a reminder of how much our work matters to people. The deeper concern with an outage like this isn’t how many people switch to competitive services or how much money we lose, but what it means for the people who rely on our services to communicate with loved ones, run their businesses, or support their communities.

Monday, October 4, 2021 [Tweets] [Favorites]

Safari Bookmarks [Not Actually] End-To-End Encrypted

Sami Fathi:

Spotted on Reddit, an update to Apple’s “iCloud security overview” page has indicated that alongside Safari tabs and history, Safari bookmarks are now end-to-end encrypted, meaning no one, not even Apple, can access users’ saved Safari bookmarks.

It’s not clear to me when the history became end-to-end encrypted. I’ve heard that this was mentioned at WWDC 2019 for iOS 13 and macOS Catalina. Apple’s iCloud Security Overview also now says iOS 13, but it wasn’t updated to say that until March 2020, long after iOS 13 shipped.

Previously:

Update (2021-10-15): Reddit:

They updated the site again to say that bookmarks are not E2EE.

And it doesn’t say anything about Safari Reader. This privacy documentation is a disaster.

App Store’s “Report a Problem” Is Back

Hartley Charlton:

After being removed several years ago, Apple has restored the “Report a Problem” option on the App Store in an effort to flag issues and combat scams.

Spotted by Richard Mazkewich and Kosta Eleftheriou and highlighted by The Verge, the option allows users to report individual App Store listings in iOS 15. When selected, the option directs users to a website with a drop-down menu to report App Store violations, including a specific option to “Report a scam or fraud.”

However, it’s currently only available in certain countries.

Previously:

Update (2021-10-08): Apple:

Now App Store product pages on iOS 15, iPadOS 15, and macOS Monterey display a “Report a Problem“ link, so users can more easily report concerns with content they’ve purchased or downloaded. This feature is currently available for users in Australia, Canada, New Zealand, and the United States, and will expand to other regions over time. In addition, users worldwide can now choose from “Report a scam or fraud” and “Report offensive, abusive, or illegal content” options at reportaproblem.apple.com, and report issues with their apps, including free apps that do not offer in-app purchases.

Stuck When Upgrading Directly From macOS Mojave to Big Sur

Mr. Macintosh:

The macOS Mojave to Big Sur upgrade is causing problems for some users.

The progress bar is getting stuck, leaving the system in an unbootable state. The user is locked out of their data.

This is especially relevant since Mojave didn’t get the latest round of security bug fixes. He recommends updating to Catalina first, and then to Big Sur.

Scott:

This sounds like the issue @lapcatsoftware experienced in August. Crazy to imagine it is still a known issue since that is the suggested upgrade path for the now unsupported Mojave.

Mr. Macintosh:

The issue is confirmed on Big Sur versions all the way back to 11.4. (Maybe even earlier)

The account is still on the system, but no longer has admin privileges.

Previously:

Update (2021-10-21): Mr. Macintosh:

If folders in multiple directories in the location below

/private/var/folders/*/*/C/com.apple.metadata.mdworker

have more than 20,000 files your upgrade could fail.

In some situations users have reported 500,000 – 2,000,000 files!!!

After updating to Catalina, I started having problems with hundreds of thousands of files collecting in those folders. There were so many in the same folder (at the level, not organized into a hierarchy like with Apple Mail’s message files) that it would take minutes just to view the folder in Finder, and SuperDuper backups would get stuck just reading the list of files to see if they were excluded.

Update (2021-12-16): Mr. Macintosh:

Apple has fixed this issue in both the Monterey 12.1 & Big Sur 11.6.2 full installers.

Siri’s 10-Year Anniversary

Benjamin Mayo:

Affected Siri domains include ride booking, configuration of vehicles via Siri over CarPlay, and third-party Photo Search. Many of these SiriKit intents were introduced when third-party Siri support was first added to the system back in iOS 10. Apple didn’t provide a reason for their abrupt removal.

Via Nick Heer:

As Clover reports, these omissions were first documented by users on the AppleVis forums who support disabled people who use iPhones. This may be a bug — the behaviour is also present in iOS 14.8 — but it amounts to a regression until it is fixed.

James Vincent:

Described by Schiller as a “humble personal assistant,” Siri gave 2011’s iPhone a dose of star power during a difficult time for Apple. Just months before the phone’s unveiling, a relative unknown at the company, then-chief operating officer Tim Cook, had been named CEO. The day after Schiller’s presentation, Apple’s legendary co-founder Steve Jobs would die from pancreatic cancer. Analysts were cool on the company’s prospects but praised Siri as a potential game-changer. One called it “a powerful harbinger of the future use of mobile devices,” while another said it was “the beginning of a new user experience [for] all of Apple’s mobile and Mac products.”

A decade later, the sheen has worn off Siri’s star. “It is such a letdown,” was how Schiller described the promise of voice interfaces past, and such a description could easily be applied to Apple’s contribution to the genre. Everyone who uses Siri has their own tales of frustration — times when they’ve been surprised not by the intelligence but the stupidity of Apple’s assistant, when it fails to carry out a simple command or mishears a clear instruction. And while voice interfaces have indeed become widespread, Apple, despite being first to market, no longer leads.

[…]

When I ask Siri for information I know is stored in iOS, like “show me photos from last August,” it just performs an image search for the phrase “last August.”

Dag Kittlaus:

We had a shared long-term vision with Steve which faded after he passed and my successor had no vision or accountability and is happily long gone from Apple. Steve and Scott F and the Siri founders had a plan that sadly died on the vine. But I’m confident Apple will lift Siri up.

Previously:

Update (2021-10-05): Nick Heer:

Every Siri command — beyond adding Reminders and setting timers — feels like a tightrope walk I should attempt rarely.

[…]

A few years ago, I tried a bunch of the commands shown in the original Siri demo video from before Apple acquired the company. It did poorly. I ran through the same commands just now, and saw broadly similar results as I did then[…]

This morning I ran into a temporary glitch where Siri refused to let me make reminders, correctly transcribing what I’d said but complaining that there was no app available for that.

Update (2021-10-08): Federico Viticci:

A good summary of the Siri ecosystem for third-party apps:

The developers of @dueapp advise against using Siri because it doesn’t understand the app’s name “Due”.

So I tried to make my own shortcut for it, and Siri won’t run it.

Friday, October 1, 2021 [Tweets] [Favorites]

Swift Declarative String Processing Pitch

Michael Ilseman (tweet):

String processing is hard and the current affordances provided by the Swift Standard Library are underpowered. We propose adding two new declarative string processing APIs—a familiar Regex literal and a more powerful Pattern result builder—to help make Swift string processing fast and easy.

[…]

We propose adding a new regular expression literal, with strongly typed captures, to Swift.

[…]

Sophisticated features like inline capture group processing feel right at home with the result builder syntax because it’s all just regular Swift code—it isn’t nearly as natural to try to force this kind of functionality into the regex literal.

[…]

We intended to extend and add generic consumer and searcher algorithms to the standard library for operating over collections using patterns or regexes.

[…]

The Swift operator ~= allows libraries to extend syntactic pattern matching by returning whether matching succeeded or not. An enhancement to this would allow libraries to produce a result as part of a destructuring pattern match, allowing patterns and regexes to be used inside case syntax and directly bind their captures to variables.

Michael Ilseman:

I’ve been finding it helpful to think of our long-term goal as making Swift awesome at string processing, data processing, and “event processing” (working title, suggestions welcome). These are not rigid or clear-cut distinct domains (they actually blend together in extremity) so much as they are 3 interesting “regions” in this design space. Thinking about these regions helps clarify what tasks we’re enabling and helps push us towards more general solutions.

Each of these regions share technical fundamentals, but present novel performance and API design challenges. I hope that keeping the big picture in mind will help guide the design process towards pragmatic trade-offs and robust solutions.

[…]

We want to be able to compose, layer, and even interweave different kinds of processing together. And, we want these areas to be library-extensible, so that libraries can provide custom behavior through custom protocol conformances.

Previously:

Update (2021-10-15): Hamish Knight:

We propose to introduce a first-class regular expression literal into the language that can take advantage of library support to offer extensible, powerful, and familiar textual pattern matching.

PSPDFKit Takes Venture Capital

PSPDFKit:

PSPDFKit, the leading document processing and manipulation platform for developers and enterprise businesses, today announced its first strategic growth investment led by Insight Partners, a New York-based global venture capital and private equity firm focused on growth-stage software and technology companies. Insight’s investment, which totals more than €100 million, is expected to accelerate product growth and fund strategic acquisitions, further expanding the capabilities of PSPDFKit’s highly adopted document processing platform.

Nearly a billion end-users in over 150 different countries rely on PSPDFKit every day while using web and mobile applications that are built on the company’s platform, including industry leaders like Dropbox, DocuSign, SAP, IBM, Volkswagen, Fabasoft, Wolters Kluwer Deutschland, and the European Patent Office.

Ingrid Lunden:

PSPDFkit is already profitable, and it has been for a while, so this investment is about stepping up its pace of growth. It plans to use the investment to build more developer tools, make strategic acquisitions (co-founder and CEO Jonathan Rhyne is mum about what, except to say that it will be to expand the suite of useful tools that it provides); and, for the first time, make some concerted efforts in the areas of sales and marketing.

Via Peter Steinberger:

After 10 years of building PSPDFKit, I am moving into an advisory role.

Previously:

iCloudCoreDataStarter and Temporary IDs Bug

Chad Etzel (tweet):

In the course of building Sticker Doodle (which you should go download right now), I ran into many brick walls and learned way too much about Core Data, iCloud sync, Collection and Table Views, and Diffable Data Sources.

There is documentation for each of those individually, but I could find no clear and simple example project that ties them all together in a neat little bow.

Well, that changes today.

[…]

Before .save() is called on the managed object context, this temporary ID can be used to fetch the object, refer to it, etc… it acts like a normal NSManagedObjectID -- HOWEVER, after .save() is called on the managed object context, 2 things are supposed to happen:

  1. NSManagedObjects with temporary IDs are supposed to be assigned a permanent ID and those objects updated in memory with the new ID.

  2. The managed object context forgets all temporary IDs and attempting to use them to identify an object will fail.

There seems to be a bug (in iOS 14 and iOS 15 as of my latest testing) where sometimes Step 1 will not actually happen and newly inserted and saved objects will still have a temporary ID!! This has led to all sorts of unexpected and frustrating behavior until I figured out what was actually going on. There are several developer forum posts and Stack Overflow questions regarding the same behavior, so I am not the only one that has experienced this bug.

Previously:

iOS 15 Messages Bug Deletes Saved Photos

Juli Clover:

If you save a photo from a Messages thread and then go on to delete that thread, the next time an iCloud Backup is performed, the photo will disappear.

Even though the image is saved to your personal iCloud Photo Library, it appears to still be linked to the Messages app in iOS 15, and saving it does not persist through the deletion of the thread and an iCloud backup.

Aside from the data loss, this bug is concerning because I thought that the Messages, iCloud Photo Library, and iCloud Backup systems would be isolated from one another. iMessage threads are supposed to be end-to-end encrypted in iCloud, and they aren’t backed up if you have syncing enabled. Photos and iCloud Backup are not end-to-end encrypted. And photos in iCloud Photo Library don’t go into the iCloud Backup, anyway.

Secondly, is there something a third-party app could do using the PhotoKit API that would also trigger the bug? Or is it related to private APIs that Messages is using?

iOS 15 Shortcuts and SwiftUI

Federico Viticci:

Unfortunately, the Shortcuts experience in iOS and iPadOS 15 is hindered by a variety of severe UI and performance bugs that have made this update the least stable and reliable one in recent memory. I believe Apple is aware of these bugs and is actively working on fixing them, but that doesn’t change the core problem: the Shortcuts app shipping with iOS and iPadOS 15.0 is buggy, crashes often, and gets in the way of power users with SwiftUI-related issues that prevent interactions with the editor.

I don’t want this section to read like a feedback report, so I’ll keep it short, but I also think it’s important to point out that the Shortcuts team should have done a better job with app performance and stability this year. For instance, due to a widely reported SwiftUI bug, it’s often impossible to click UI elements in the editor unless you close and reopen it. This bug is so bad, it has made it extremely challenging for me to work on long shortcuts this summer since I’d have to close and reopen the editor (thus losing my position in it) every 30 seconds. I’m astounded this bug shipped to customers.

Alas, there’s a lot more. Sometimes, drag and drop for actions just refuses to work or drops an action in an entirely different spot in the editor. The ‘Run Shortcut’ action – a fantastic tool for power users that lets you use shortcuts as functions – is somewhat broken at the moment and doesn’t always recognize input. The magic variable output of Choose from Menu blocks no longer works. Sometimes, the share sheet sees no input passed from other apps. When I run shortcuts that contain Files actions with the editor open on my iPad, the app crashes.

Nick Heer:

As my professional and personal technology experiences increasingly revolve around the software-as-a-service model, I have recently been thinking a lot about the lack of stability as a priority. We are on the receiving end of a firehose of changes, redesigns, new features, and reimplementations of existing products. Yet the threshold for problems that will prevent a product from being shipped seems to be getting stricter.

What Viticci describes is an application that Apple shipped — in a production release of its most popular operating system — in an entirely unusable state. It is not a solitary case, nor is Apple the only software vendor to rush something out the door. But stuff like these Shortcuts problems — some of which are UIKit problems — and Siri regressions are profoundly disruptive to frequent users.

Steve Troughton-Smith:

A painful reckoning for Shortcuts & SwiftUI. I don’t think Shortcuts can afford to rewrite its UI every year anymore, it’s too critical a tool for its users and the consequences of it going wrong (like it has, this year) are devastating. SwiftUI was a misguided leap of faith

The newly-rewritten multiplatform Shortcuts app was always going to go one of two ways: a poster child for SwiftUI, or a cautionary tale. I’m really curious what, if anything, broader-Apple will learn from the experience — how it’s developing SwiftUI, and how it’s positioning it

Thomas Clement:

SwiftUI still has a long way to go, especially on macOS.

Certain basic things are still broken or simply impossible to do. The bridging with AppKit can be impossible to work with so there’s just no good solution sometimes.

Steve Troughton-Smith:

We’re in ‘year 3’ of SwiftUI, and my base advice remains unchanged — it is great for auxiliary non-critical UI layouts (inspector sidebars, settings windows, and panels), watchOS apps, and rapid prototyping. Beyond that, it just does not meet the bar for complex, reliable apps

[…]

There’s a clear analogy, and lesson to be learned, between ‘SwiftUI is the future’, and ‘iPad is the future of computing’

Previously:

Update (2021-10-04): Federico Viticci:

Imagine if you couldn’t trust that the Notes app for iPhone and iPad actually saves your text. Or that you fear Mail may send truncated emails to people.

That’s how bad Shortcuts is right now / has been since June. It’s painful to watch and I have no idea what’s going on there.

Previously:

Update (2021-10-19): Steve Troughton-Smith:

In 2015, you could build pretty much everything you needed to build in an iOS app with Swift. It was very much a peer to ObjC, even if very unfinished, and there was a clear path from one to the other. It could back deploy to iOS 7, and even iOS 6 (unofficially)

SwiftUI is not that. It is not a full-featured replacement for existing UI frameworks, has no back-deployment strategy, and has all manner of issues that can make your app buggier & less consistent if not properly handled as Apple’s own apps have demonstrated to disastrous effect

It is not clear at all that someday SwiftUI will power everything you see on iOS, without some bigger, better, more powerful UI framework underneath. That’s certainly the dream for a lot of folks, but I honestly don’t know if iOS is the platform that will ever get to that point

Federico Viticci:

I’m afraid we’re in for a long season of Shortcuts bugs due to their SwiftUI rewrite in iOS 15. If these can get fixed before 16.

iOS 15.1 beta 3, still can’t reliably drag and drop an action.

Drag and drop…for an app based on dragging and dropping things around.