Archive for November 9, 2021

Tuesday, November 9, 2021

Disk Utility in Monterey

Howard Oakley (user guide):

I’ve been on the look out for nominations for the title of the most improved utility of the year. I’m delighted to announce not just a nomination, but an outright winner: Disk Utility 21.0, bundled with Monterey. After four years in which it had offered frustratingly limited support for the new features of APFS, Disk Utility is now complete: this version has excellent support for snapshots, no matter which app created them.

[…]

The most recent snapshot has a Partition symbol shown against its Tidemark, a value which isn’t explained in the Help page, unfortunately.

Select a snapshot from the list and you can mount it, show it in the Finder, rename it, and delete it, using the More button and the – tool at the bottom left.

The Private Size column, which mostly but not completely matches what Carbon Copy Cloner shows, I think represents the amount of space that’s only used by that snapshot. This is the amount you would free by deleting it.

There’s also a Cumulative Size column, shown as Size no matter how wide I make the table. This takes a really long time to calculate. At first, I thought this would be the difference from the current state of the volume, i.e. the Private Size plus the components of that snapshot that are also used by other snapshots. However, the fact that Cumulative Size is larger for more recent snapshots, which differ less from the current state of the volume, seems to undermine that theory.

Six years after the rewrite in El Capitan, we’ve still not regained the ability to open multiple windows (and thereby perform simultaneous operations or compare one disk to another).

I also continue to see the problem, introduced in Big Sur, where external drives can take up to an hour to mount, during which time Disk Utility may constantly beachball, and other apps that use the Cocoa document system or file coordination will beachball as soon as they try to read or write a file. Thus, it’s no longer safe for me to initiate a backup while working.

Previously:

Update (2021-11-12): Thomas Clement:

Snapshots API is still gated behind an entitlement. And Apple still does not allow users to create new snapshots and pin them in order to control their lifetime.

Update (2021-11-15): Howard Oakley (tweet):

Tidemark is the highest block referenced by a snapshot. As this can’t be moved, this effectively limits any resizing which might be applied to the container without destroying that snapshot. Values which haven’t changed since the previous snapshot are shown in grey. The Partition symbol is used to mark the high tidemark for that volume, which sets the limit for non-destructive repartitioning of its container.

[…]

Size is the cumulative size occupied by that snapshot and all previous snapshots. This reaches a maximum for the latest snapshot. Values which haven’t changed since the previous snapshot are shown in grey.

Accessibility Exemption for E-book DRM

Damon Beres (via Hacker News):

Advocates for the blind are fighting an endless battle to access ebooks that sighted people take for granted, working against copyright law that gives significant protections to corporate powers and publishers who don’t cater to their needs. For the past year, they’ve once again undergone a lengthy petitioning process to earn a critical exemption to the 1998 Digital Millennium Copyright Act that provides legal cover for people to create accessible versions of ebooks.

Baked into Section 1201 of the DMCA is a triennial process through which the Library of Congress considers exceptions to rules that are intended to protect copyright owners. Since 2002, groups advocating for the blind have put together lengthy documents asking for exemptions that allow copy protections on ebooks to be circumvented for the sake of accessibility. Every three years, they must repeat the process, like Sisyphus rolling his stone up the hill.

[…]

Publishers have no obligation to make electronic versions of their books accessible to the blind through features like text-to-speech (TTS), which reads aloud onscreen text and is available on whichever device you’re reading this article. More than a decade ago, publishers fought Amazon for enabling a TTS feature by default on its Kindle 2 ereader, arguing that it violated their copyright on audiobooks. Now, publishers enable or disable TTS on individual books themselves.

Federighi and Cook on Sideloading

Chance Miller (tweet, video, Slashdot, MacRumors):

Last month, it was announced that Apple senior vice president Craig Federighi would attend and speak at Web Summit 2021, which takes place in Lisbon, Portugal. In a keynote delivered today, Federighi vehemently spoke out against legislation that could force Apple to open the iPhone up to sideloading…

The Digital Markets Act legislation was first unveiled last December in the EU, and it could lead to major changes for the App Store and pre-installed first-party applications on the iPhone. The DMA in Europe would force Apple to allow sideloading on the iPhone, among other changes.

[…]

The Apple executive also warned that the legislation comes as there have “never been more cybercriminals” determined to access the private information on your iPhone. “Sideloading is a cybercriminal’s best friend,” Federighi said. “And requiring that on iPhone would be a gold rush for the malware industry.”

Will Strafach:

reminder: this is not very accurate. Apple has already solved side-loading in a reasonably smart way with their SRDs.

Michael Love:

If your best response to “let people who want to take the risk sideload” is “people might be tricked into sideloading” when YOU WOULD BE THE ONES DESIGNING THE SIDELOADING UI, that’s not a very good response. (also, again, sideloaded != insecure)

People get tricked into subscriptions all the time and yet, despite proclaiming the superiority of App Review, Apple’s attempts to stop that are half-hearted at best. But when it’s a form of trickery that they don’t get a 30% cut of, somehow then it’s an unavoidable disaster.

Also, if you’re really worried about the malware industry you could, y’know, increase + actually pay out security bounties and stop antagonizing security researchers.

[…]

Provisioning profiles are a way bigger security hole than sideloaded apps, and yet Apple accepts that those are necessary + allows them.

You can install a sketchy file from a third party that allows them to more-or-less take total control of your phone, but you can’t install a fully-sandboxed third party app unless it’s from the App Store.

Nilay Patel:

This is so weird and disingenuous. Are they going to lock down the Mac next?

Chaim Gartenberg:

If Apple wanted, it could enable iOS sideloading in a similar manner and require something like the Gatekeeper system on macOS, which allows for Apple to check signed developer IDs to confirm the software is genuine. It’s an argument that Judge Yvonne Gonzalez Rogers noted as well during the Apple / Epic trial, commenting that Federighi may be “stretching the truth” on Mac malware concerns and that Apple could likely make a similar system work on iOS.

Benjamin Mayo:

Apple doesn’t trot out Federighi to a third-party conference with a highly-produced Keynote deck for the fun of it. They are clearly concerned that European lawmakers are actually going to do something they don’t want; that is, pass laws requiring them to offer sideloading as an option.

[…]

Federighi posits that a social networking app may choose to “avoid the pesky privacy protections of the App Store” and only make their apps available via sideloading. Apple’s customers would then have to leave the ‘safe’ Apple software ecosystem, or lose touch with their family and friends. This is sort of true. But what is omitted is that an app choosing to leave the App Store is not primarily doing so to avoid Apple’s privacy standards, but because it would then be able to avoid Apple’s IAP rules.

Apple benefits financially — measured in the billions of dollars per year — by keeping the App Store as a monopoly. However much it wants to tout the user privacy and safety benefits, Apple’s position would be far stronger if cynics weren’t able to point to the money being accrued by the App Store gravy train.

Sam Fathi:

Apple CEO Tim Cook said today that customers who wish to sideload apps should consider purchasing an Android device as the experience offered by the iPhone maximizes their security and privacy.

[…]

Cook drew the comparison of sideloading to a carmaker selling a car without airbags or seatbelt, saying it would be “too risky.”

[…]

The App Store’s in-app purchase method, which developers are required to use for digital purchases made within apps, gives Apple a 15-30% commission on all purchases made. Cook noted today that Apple has only ever lowered the commission, never increasing it.

He’s said this multiple times, and I still find it misleading because increasing the categories of purchases subject to the commission, which Apple has done several times, is like raising it from 0% to 30%.

Michael Love:

It’s kind of a hopeful sign that the pressure regarding sideloading has gotten serious enough that Apple feels the need to keep trotting out various executives to make this same disingenuous point.

Also that it’s gotten serious enough that Tim Cook is actually telling people who want sideloading to buy an Android phone when in the past the’ve tiptoed around even using the word “Android” in product keynotes.

Previously:

Update (2021-11-12): Nick Heer:

But those are not the arguments these Apple executives are making. They are claiming that people actively choose the iPhone over an Android phone because it is more locked down.

[…]

Apparently, over 40% of Americans want the smartphone equivalent of a car without seatbelts or airbags. This is clearly absurd, and I have to wonder if Apple’s arguments make sense.

I don’t like Apple’s analogy because there’s little potential benefit (lower price, extra space?) to having a car without seatbelts or airbags. So, not only do car safety features likely make much more of a difference than App Store safety features, but Apple is positing giving them up for nothing in return. In the real world, some customers and developers don’t want less safety; they want to trade potentially less safety to get more/better apps and businesses.

Update (2021-11-15): Nilay Patel:

Tim Cook says [allowing] sideloading is like telling a carmaker to “not to put airbags and seatbelts in a car.”

Airbags and seatbelts in cars because of regulations that carmakers lobbied against, of course.

Update (2021-11-17): John Gruber (tweet):

If Apple stopped making it look like they’re running the App Store primarily to maximize their own revenue from it, regulators and lawmakers might stop thinking that Apple is running the App Store primarily to maximize their own revenue from it.

Update (2021-12-03): Riccardo Mori:

I grew up in an era when software was just software, and you could simply start typing a BASIC program into the computer and execute it. Generally speaking, it was an era when tinkering — both in hardware and software terms — was unhampered and even encouraged. Philosophically, I can’t be against sideloading. I actually dislike how the term’s connotation has been hijacked towards negativity. On the contrary, one should think of it in terms of freedom to install any compatible software available for a certain platform.

But what about malware? Yes, in a completely open scenario, malware can indeed be a risk. But the problem, in my opinion, lies elsewhere. It lies in the tradition of treating end users like ignorant idiots instead of training them to separate the wheat from the chaff.

[…]

Instead of teaching users how to fish, Apple decided to position themselves as sole purveyors of the best selection of fish.

[…]

The problem of appointing yourself as the sole guardian and gatekeeper of the software that should or should not reach your users is that you’re expected to be infallible, and rightly so. Especially if you are a tech giant which supposedly has enough money and resources to do such a splendid job that is virtually indistinguishable from infallibility. Instead we know well just how many untrustworthy and scammy apps have been and are plaguing the App Store, and how inconsistent and unpredictable the App Review process generally is.

Peloton Blames App Tracking Transparency

Tim Hardwick:

Peloton has become the latest company to blame Apple’s ad-related privacy changes in iOS for negatively impacting its business, according to a new report by Bloomberg’s Mark Gurman.

Best known for its at-home exercise equipment and online fitness classes, Peloton blamed the App Tracking Transparency (ATT) rules Apple introduced in iOS 14.5 for making it more difficult to add new subscriptions to its services by targeting online shoppers based on their interests.

The company made the claim this week in its latest earnings call, in which it cited slower than expected post-pandemic economic re-openings, before cutting its annual revenue forecast by as much as $1 billion, while lowering its projections for subscribers and profit margins.

Carolina Milanesi:

Um I struggle to see how if you are using Peloton and want to get a subscription you would walk away because of the tracking question. Clearly you trust the company already, at least at some level

It’s not clear to me whether Peloton is complaining about the scary tracking alert or the fact that the ads they’re buying are more expensive and less effective.

Ben Bajarin:

In light of Peloton’s stock tumble, I wanted to share a brief thread on their competitive advantage and growth prospects.

Previously: