Tuesday, April 5, 2022

Audio Hijack 4

Paul Kafasis (tweet):

In Audio Hijack, individual blocks that capture, record, and manipulate audio are combined into powerful pipelines. For version 4, we made improving blocks a major focus. We’ve created brand-new blocks, added new features to the way blocks work, and improved nearly every existing block.

[…]

We also optimized many parts of the layout based on real-world usage. The powerful new session sidebar lets you search the Block Library to more quickly find the block you need, particularly great if you have dozens of Audio Units. Recordings and Timers are now grouped logically with their individual sessions, and previews for recordings feature a helpful waveform. The Info sidebar tab even offers a new Notes field, perfect for storing information about your sessions.

[…]

For power users with complex setups, we’ve implemented the ability to manually connect your audio pipeline. Most users will still want to rely on Audio Hijack’s automatic connections, but you now have the option to turn them off. You can then draw wires between blocks to achieve tricky pipeline setups, independent of layout.

[…]

With an all-new JavaScript engine and API, building programmatically-driven workflows in Audio Hijack is now a reality. Scripts can run automatically when sessions start and stop, and process recordings as they’re created.

It’s $64 for new licenses (up from $49 for version 3) or $29 to upgrade—no subscriptions.

See also:

Previously:

5 Comments RSS · Twitter

I continue to not like how most of Rogue Amoeba's products require weakening systemwide security to use the Audio Capture Engine, though I realize there's currently no alternative.

@Sean Are you sure? Apple calls it Reduced Security, but my understanding is that the system only runs the specific audio-plugins that you’ve approved. I don’t think that allowing Audio Hijack opens you up to additional risks from elsewhere.

@Michael, you may well be correct. There's some documentation here, but I admit that after reading it, I'm still not entirely clear on what it does. It seems to me to enable a lot more than just a single plugin:

https://support.apple.com/guide/security/startup-disk-security-policy-control-sec7d92dc49f/web

@Sean It’s true that Reduced Security does mean that someone could maliciously install an older version of macOS that Apple has revoked. But this is not something that you were protected against until recently, and I don’t see that as a serious risk. I think if Apple were really concerned they wouldn’t bundle that setting with the one for third-party plug-ins.

>I think if Apple were really concerned they wouldn’t bundle that setting with the one for third-party plug-ins.

I do think someone at Apple is concerned about security aspects. The scenario is ultimately similar to kernel extensions — yeah, these don't run in the same process as the kernel, but from a security/privacy angle, the difference is almost moot: data from an arbitrary number of processes can be accessed.

The problem is that Apple doesn't care _enough_ to make an API to do this more safely (probably in a similar way to the Automation section in Privacy: "allow this audio extension to access audio from other apps", with a checkbox so you'd have to opt into each), which is a bummer, to put it mildly.

Their priorities are out of whack where they make stuff harder to use and disincentivize third parties from bothering at all years before sayin "oh actually, we do want and appreciate your stuff, and here's an API you can use now".

(Someone made the observation that this also applies to sandboxing: yes, there are security benefits, but now you've made desktop apps even more like web apps, so that gives developers even _fewer_ incentives to bother making desktop apps at all.)

Leave a Comment