Archive for May 2022

Tuesday, May 31, 2022 [Tweets] [Favorites]

Rediscovering the Mac

Federico Viticci (tweet):

As much as I love the iPad, at some point I have to face its current reality: if Apple thinks iPadOS isn’t a good fit for the kind of functionalities people like me need, that’s fine, but perhaps it’s time to try something else. If my requirements are no longer aligned with Apple’s priorities for iPadOS, I can switch to a different computer. That’s why I believe 2022 – and the upcoming WWDC – will be a make-or-break year for iPad software. And I don’t think I’m the only iPad user who has felt this way.

[…]

For the past six months, I’ve been using my MacBook Pro instead of the iPad Pro to get my work done on a daily basis.

[…]

Now, it’s not like all these things are possible on macOS because of ports (except for, you know, the multiple monitors thing): it’s just that they’re more user-friendly and well, nicer than trying to do the same on iPad. The computer doesn’t punish you for trying to do computer-y things.

[…]

Then there’s the keyboard. It’s a real keyboard: the layout and size is perfect for my hands, the keys feel great, and I love the black area around the keys; it’s a very tasteful look. More importantly, however, this keyboard has an extra row of function keys, whose absence I’ve long considered the single most limitating aspect of the Magic Keyboard for iPad Pro.

[…]

The single most important quality of macOS I’ve rediscovered over the past few months is the freedom to use my computer however I want. With the MacBook Pro, the App Store does not dictate the kind of software I can run on my machine; I am free to create my own experience – and tweak it over time – by installing apps and system modifications that go beyond putting apps on my Home Screen.

[…]

There are several Mac-only features in Shortcuts, but the multitude of ways to run shortcuts in the background on macOS is the one that truly sets it apart.

Matthew Cassinelli:

Things like running multiple shortcuts at once using keyboard shortcuts, setting up all my shortcuts on the Stream Deck, and the kind of power user apps available on the Mac are pushing the Shortcuts ecosystem much further in just one year than iPad saw in multiple years of development — beyond everything else Federico lists[…]

Previously:

Activating Applications via AppleScript

John Gruber:

On MacOS 12 Monterey (and apparently MacOS 11 Big Sur), what happens instead is that TextEdit becomes the active application but only its frontmost window comes forward.

On MacOS 10.15 Catalina, and all previous versions of MacOS back to Mac OS X 10.0, all of the open windows in an app come forward when you tell that app to activate in AppleScript, or with the equivalent in JavaScript for Automation[…]

Peter Maurer:

I’m voting for bug. Here’s why: NSRunningApplication has the exact same problem, where NSApplicationActivateAllWindows isn’t being honored. Started at around macOS 11.4, if I remember correctly.

Bonus fun fact: Earlier macOS 11 versions had the inverse bug, where activating apps via NSRunningApplication always behaved as if NSApplicationActivateAllWindows were set. Looks like they then attempted to fix it, overdid it, and then never got around to revisiting the problem.

The only way (that I’m aware of) to get the correct behavior is using SetFrontProcessWithOptions(), which is deprecated. Sigh.

Previously:

SwiftUI Equal and Ideal Sizes

Matthias Maurberger (via SwiftUI Weekly):

One example that illustrates this quite well is when you want to make all children of a VStack as wide as the widest child. Sounds like it should be straightforward. But it’s not. It’s a surprisingly hard problem.

[…]

First, we’ll wrap each Button’s Text label in a .frame modifier with maxWidth: .infnity. That alone only solves our problem if we want our stack of buttons to occupy the full width it was given. If we want the stack of buttons to be as wide as it needs to be, we’ll need to make a second adjustment: apply the fixedSize modifier to the VStack.

Previously:

Parse Swift SDK

Dave Verwer:

Parse lasted longer than their major competitor, Stackmob, who was acquired and then shuttered just a few months later. But eventually, in 2017, Facebook turned off the hosted Parse servers.

They did open-source the platform as they closed it down, partially due to the huge number (600,000, according to this article) of apps they’d disrupt without a migration path. I was vaguely aware that the open-source project was still around but I hadn’t paid much attention until I spotted this package pop up in the Swift Package Index RSS feeds this week.

[…]

Why am I writing about this? Well, it has always been risky to base an app on another company’s back-end server. Yes, it can save a lot of time, but you’re always at the mercy of another company’s business decision, and their priorities almost certainly don’t match yours. Maybe the platform you pick will shut down, fundamentally change its pricing, or make another decision that doesn’t work for you. Your options are limited as these frameworks live at the heart of your app. The Parse platform is now free of many of those problems. As it is open-source, it’s almost impossible to shut down, and being self-hosted, you’re in control of pricing.

Previously:

Friday, May 27, 2022 [Tweets] [Favorites]

AirPods Amber Alerts Lawsuit

Juli Clover:

Apple’s AirPods ruptured the eardrums of a 12-year-old boy in 2020 when a loud Amber Alert was issued, according to a lawsuit filed against Apple in California (via Law360).

[…]

The AirPods Pro were allegedly set at a low volume, but an Amber Alert sounded without warning and the high-pitched noise damaged B.G.’s eardrums.

[…]

There have been other social media complaints about the noise of Amber Alerts when wearing AirPods. Amber Alerts are designed to catch the attention of iPhone owners, causing devices to play a loud sound and vibrate. Reports on the internet suggest that the Amber Alert sound is indeed very loud when played through AirPods, even when those AirPods are set at a reasonable volume.

I wish I could leave them enabled but set to only vibrate and show a notification on the screen.

Previously:

Apple Developer App 10.0

Apple (MacRumors):

Welcome to the latest version of the Apple Developer app — your resource to help you create great apps for Mac, iPhone, iPad, Apple Watch, and Apple TV, and the best way to experience WWDC.

[…]

The Developer app now supports SharePlay so that you can watch videos together with your friends and colleagues.

[…]

Need more information about an API like AsyncImage or slicing attributed strings? The Developer app supports full transcript and code snippet search of all our content, both in the app and via Spotlight on Mac, iOS, and iPadOS.

Code is now selectable and copyable, but I still think it’s not a great Mac app. Text in the Overview tab—even the name of the session—still isn’t selectable. The group rows in the sidebar are. Focus and keyboard navigation still don’t work right. Pressing Tab in the search field enters an actual Tab character. The video dimensions are smaller than what you get on the Web site, no matter how large you resize the window, which makes the slides harder to read. I thought about using the app as a catalog for opening videos in Safari, but there’s no command to do that—but there is a command to Open in News, which doesn’t work. You still can’t bulk-download videos or easily access the files from outside of the app.

Previously:

Update (2022-06-08): Nick Heer:

Also, the new version of the Developer app isn’t supported on Catalina, which I can’t upgrade on my MacBook Air, and you apparently need the newest version to open videos this year? And there’s no way to know any of this unless you try using it.

Kuba Suder:

I love such “native” Mac apps where I can’t multi-select rows in a table to remove more than one bookmark at a time ¯\_(ツ)_/¯

Update (2022-09-14): Serenity Caldwell:

As of yesterday’s update, you can now resize videos on macOS by dragging the bottom edge.

DuckDuckGo Browser Allows Microsoft Trackers

thezedwards:

The new @DuckDuckGo browsers for iOS/Android don’t block Microsoft data flows, for LinkedIn or Bing.

Shivan Kaul Sahib (via Hacker News):

DuckDuckGo has a search deal with Microsoft which prevents them from blocking MS trackers. And they can’t talk about it!

This is why privacy products that are beholden to giant corporations can never deliver true privacy; the business model just doesn’t work.

Gabriel Weinberg (tweet, Reddit):

This is not about search. To be clear, when you load our search results, you are completely anonymous, including ads. For ads, we actually worked with Microsoft to make ad clicks privacy protected as well. From our public ads page, “Microsoft Advertising does not associate your ad-click behavior with a user profile.” This page is linked to next to every Microsoft ad that is served on our search engine (duckduckgo.com).

In all our browsing apps (iOS/Android/Mac) we also block third-party cookies, including those from Microsoft-owned properties like LinkedIn and Bing. That is, the privacy thing most people talk about on the web (blocking 3rd party cookies) applies here to MSFT. We also have a lot of other web protections that also apply to MSFT-owned properties as well, e.g., GPC, first-party cookie expiration, fingerprinting protection, referrer header trimming, cookie consent handling, fire button data clearing, etc.

This is just about non-DuckDuckGo and non-Microsoft sites in our browsers, where our search syndication agreement currently prevents us from stopping Microsoft-owned scripts from loading, though we can still apply our browser’s protections post-load (like 3rd party cookie blocking and others mentioned above, and do). We’ve also been tirelessly working behind the scenes to change this limited restriction. I also understand this is confusing because it is a search syndication contract that is preventing us from doing a non-search thing.

John Gruber:

Not a good look for a company that just launched a high-profile campaign, touting “the simple fact is tracking is tracking, no matter what you call it”.

To be clear, this is about DuckDuckGo’s web browser, not their search results. But still — it’s just so contrary to the core of DuckDuckGo’s brand.

Brendan Eich:

I helped restart the browser market with Firefox, which took off in 2004 and won a lucrative Google search deal that year (Sergey Brin’s emissary made contact with me in 1H2004), so I grok the economics driving DDG to allow 3rd party tracking as a Bing ads deal quid pro quo.

For the record, @Brave has passed up or failed to close such deals because we would not whitelist the tracking scripts across the Web that the search partner said they require to be unblocked. We chose not to violate our own principles and our users’ trust, at high cost to us.

Previously:

Update (2022-05-31): See also: Hacker News.

Update (2022-06-16): Brendan Eich:

When DuckDuckGo got caught making exceptions for Microsoft and Bing trackers, one defense they offered was that it wasn’t a big deal, because DDG browsers block third-party (3p) cookies. We beg to differ.

The thing is, DDG browsers also include exceptions for how MS trackers circumvent 3p cookie blocking. Trackers try to get around cookie blocking by appending identifiers to URL query parameters, to id you across sites.

Turning a Basic Task Into a Complicated Nightmare

John Gruber:

Last weekend The Verge ran a piece by Sean Hollister under the headline “Apple Shipped Me a 79-Pound iPhone Repair Kit to Fix a 1.1-Ounce Battery”.

[…]

One possible explanation for the complexity and heft of Apple’s self repair toolkit is that iPhones are intricate devices, which require numerous special tools and machines to open and operate upon, along with expert instructions. And that even with the expensive tools and machines, and detailed instructions, they require careful attention to do it right. As with most such tasks, experience helps greatly. Thus Apple has, heretofore, concentrated its repair policies on having iPhones (and other devices) serviced by Apple itself or by certified, trained, trusted partners. And that for the Self Service Repair Program to work, self-repairers will need the same professional tools and machines and detailed instructions. This is necessarily expensive and complicated, and even with that said, there’s nothing Apple can do to bestow experience upon self-repairers. There is nothing Apple can do to make such repairs quick or easy.

[…]

If you really think an iPhone battery or cracked screen should be serviceable with nothing more than “a small box of screwdrivers, spudgers, and pliers”, what you’re really asking for is for iPhones (and all other modern computing devices) to be designed, engineered, and assembled in altogether different ways. That sounds great, of course, but that’s not how modern mobile devices work. Apple isn’t an outlier in this regard — there are no popular modern mobile devices that are easily serviceable with simple tools. If it were possible for iPhones to be more easily repairable, without sacrificing their appearance, dimensions, performance, water-and-dust resistance, and cost, Apple would make them more easily repairable. That iPhones are not easily repairable is of no benefit to Apple whatsoever.

Jesper:

The iPhone being the first of the stereotypical modern smartphone having a non-user-replaceable battery does not mean a modern smartphone has to not have a non-user-replaceable battery. It means that when a company with Apple’s design philosophy does one, they will pay more attention to pretty much everything else than to practical maintainability concerns for the user.

[…]

The roundabout nature of the repair speaks to the degree to which practicality was not a priority during the design process, with wasteful shipping of enormous machines being one of many side effects.

[…]

From a user’s point of view, it is true that having a user-replaceable battery does add to the size and weight of the device, especially the easier the mechanism is to undo. It also adds to the lifetime and the resale value, because now you could do it with your hands in under a minute, or with a screwdriver and maybe some minor tools in under 15 minutes, so now you might actually do it, since you don’t have to give your primary technical support device up for hours or days in a store that may not even be in the same city, without risking your warranty.

[…]

Just because servicing is not a “profit center” for a company, doesn’t mean that the company doesn’t benefit from designing its devices to not be user-serviceable.

This is kind of like the battery throttling scandal. In that case, Apple designed the phones in such a way that throttling kicked in rather soon, and without telling the user, and the result was that many were prompted to buy new phones because they didn’t know that all they needed to do was replace the battery. The software could have told them that, but Apple wasn’t looking out for the customer in that way. Here, the result of designing phones that are hard to service is that some number of customers buy new phones to avoid hassle. I don’t think that’s why Apple designed them that way, but neither do I believe that it gave the alternative much consideration.

Previously:

Thursday, May 26, 2022 [Tweets] [Favorites]

Code Injection with Dyld Interposing

Noah Martin:

Swizzling handles Objective-C methods, but cannot be used for C/C++ functions. Non-Obj-C lower level calls can be useful for reverse engineering iOS apps, but sometimes you need to intercept them in an app that you don’t have the source code for.

In this post we’ll be looking at a lesser known technique for injecting code at a function call, one that works with C/C++ functions and with unmodified app binaries.

Peter Steinberger:

As of macOS 10.15.4, text input in Mac Catalyst apps sometimes crashes. I’ve noticed this a lot in Twitter for Mac, however, we also saw crash reports for PDF Viewer for Mac. My hope was Apple would fix this in 10.15.5, but now the release is out and things are still crashing, so let’s fix this ourselves.

Previously:

Swift @_assemblyVision

Karl (via Ron Avitzur):

There is a super-hidden feature in the compiler which gives you insight in to all kinds of optimisation decisions: such as the cost-benefit calculations for inlining, where exclusivity is enforced, where ARC operations happen, which generic specialisations get generated and which calls get devirtualised.

[…]

To use it, add the @_assemblyVision attribute to a function, and build in release mode (or @_semantics("optremark") on a pre-5.6 compiler.

Michael_Gottesman:

The first is called opt remarks. “opt remarks” shows the decisions the optimizer is making (e.x.: did I specialize this, did I inline this/etc).

The second is something that I invented called “Assembly Vision”. This is the thing that is telling you where the ARC/exclusivity checks/runtime casts. Assembly Vision also enables the other form of normal opt-remarks since that information can be useful when determining where/why ARC is there. The idea is to make it so that instead of having to read the assembly, one can have vision on approximately where these calls are so you don’t have to read the assembly yourself.

[…]

The concept came from me trying to automate how I optimize Swift code as a compiler engineer so that other engineers who aren’t compiler people can be just as effective.

This looks incredibly useful.

Previously:

DOJ Will No Longer Charge Security Researchers

Adi Robertson (in June 2021):

The Computer Fraud and Abuse Act (CFAA), a controversial anti-hacking law which bans “exceeding authorized access” on a computer system, was narrowed by the Supreme Court on Thursday in a 6-3 ruling. The court said the law shouldn’t cover people misusing systems they’re allowed to access — and that claiming otherwise would criminalize a “breathtaking amount” of everyday computer use.

Department of Justice (via Bruce Schneier):

The Department of Justice today announced the revision of its policy regarding charging violations of the Computer Fraud and Abuse Act (CFAA).

The policy for the first time directs that good-faith security research should not be charged. Good faith security research means accessing a computer solely for purposes of good-faith testing, investigation, and/or correction of a security flaw or vulnerability, where such activity is carried out in a manner designed to avoid any harm to individuals or the public, and where the information derived from the activity is used primarily to promote the security or safety of the class of devices, machines, or online services to which the accessed computer belongs, or those who use such devices, machines, or online services.

NoSpamPlease:

So they’re saying security research actually is A Crime under CFAA, but they just promise they won’t go after you for committing that Crime, right?

Doesn’t give me a warm and fuzzy feeling…

MrC:

No, that’s not correct. The policy memo is a straightforward, good-faith instruction to USAs not to prosecute certain categories of potential CFAA cases because (a) SCOTUS’s new Van Buren precedent says they do not fit within the CFAA, or (b) they are near enough to Van Buren that, if called upon to resolve such a case, courts would likely say they do not fit within the CFAA, or (c) even if a court could maybe be convinced not to dismiss the case under Van Buren, such a prosecution wouldn’t serve to vindicate the government’s interest in “promot[ing] privacy and cybersecurity by upholding the legal right of individuals, network owners, operators, and other persons to ensure the confidentiality, integrity, and availability of information stored in their information systems.”

Will Disk Utility Ever Work Properly?

Howard Oakley:

When Apple developed APFS, it decided neither to make it open source, nor to document it sufficiently to help third parties develop their own utilities for its maintenance. In doing so, it made a commitment to its users that Apple itself would provide all the tools necessary to work with its new file system. After all, any file system without sufficient tools to check, repair and maintain it isn’t fit for release, is it?

Disk Utility and its command line check and repair tool fsck_apfs are thus among the most important utilities in the whole of macOS. While there are several excellent alternatives which can perform the same tasks on HFS+ volumes, Apple’s policies on APFS have successfully locked all competition out of this market. Yet, over five years after the new file system’s release on 27 March 2017, Disk Utility is still riddled with bugs, and can’t check or repair disks containing Time Machine backups unless the Mac is booted in Recovery Mode, or without resorting to skulduggery with hidden snapshots.

See also: AskDifferent, Should you trust Disk Utility’s First Aid or fsck?.

Previously:

Wednesday, May 25, 2022 [Tweets] [Favorites]

AttributedString Attribute Scopes

Natalia Panferova:

UIKit and AppKit attribute scopes have many attributes with matching names but different value types. Attributes with types defined in UIKit such as UIColor, UIFont etc. are available on platforms that can import UIKit and attributes with types defined in AppKit such as NSColor, NSFont etc. are available on macOS. AttributeScopes.UIKitAttributes type contains the full list of UIKit attributes and AttributeScopes.AppKitAttributes contains the full list of AppKit attributes.

Foundation can infer the right type of the attribute to use when we assign the value. The following code will assign UIColor.blue as foreground color when UIKit is imported and NSColor.blue when AppKit is imported.

[…]

Note, that when SwiftUI is imported SwiftUI attributes take priority and the resulting attribute value will be Color.blue that is defined in the SwiftUI framework.

[…]

We can even define our own attributes and attribute scopes. This can be useful if we are building a framework or a package or just want to extend AttributedString functionality in our app.

See also: NSAttributedStringBuilder (via Kaya Thomas).

Previously:

Silencing a Family Member’s Alarm

Tim Hardwick:

If you live in a family household, there’s a good chance that at some stage you’ve been disturbed by someone else’s alarm going off on their iPhone. If their phone is out of your reach and no one else is bothering to turn off the alarm, the disturbance can quickly become irritating, but if your own iPhone or iPad is nearby, there’s a handy trick you can use to silence that alarm without you having to get up.

That’s great, but how are you supposed to discover this if it’s only available via Siri?

The Rise of Canva

Mark Wilson:

As for Canva, where Perkins is CEO and Obrecht is chief operating officer: It’s now one of the most influential design platforms on the planet, with 75 million monthly active users who create, on average, 150 designs every second. The company, which is valued at $40 billion, expects to exceed $1 billion in revenue in 2022.

While many unicorns pivot again and again to find their market, Canva’s proposition today is remarkably similar to that pitch of more than a decade ago. Its easy-to-use, templated design platform allows people to create business cards, birthday invitations, social media ads, sales presentations, coffee mugs, and yearbooks. It works equally well on a phone, tablet, or laptop. Canva is a word processor for our modern visual culture, adjusting anything you see—text, an image, a background, an animation—with a simple tap.

[…]

Canva wants to push exporting options even further, by breaking its users out of the most limited format in design: the PDF. Later this year, Canva will begin allowing users to export projects not just as PDFs, but as single-serve websites with unique URLs. So a wedding invite built in Canva could be instantly published to the web, complete with the ability to accept RSVPs. Canva is reimagining stagnant files as interactive, shareable sites, which Perkins believes will be the predominant way designs are shared well into the future.

Previously:

Tuesday, May 24, 2022 [Tweets] [Favorites]

OPML-Compatible Apps

Dave Winer:

The list was started by Jesse Grosjean of Hog Bay Software, as part of the development of his Bike outliner for the Mac.

I, Dave Winer, offered to transcribe the list and provide a means for it to grow here on opml.org.

This page is of course an outline, so you should be able to open it in any of these outliners.

OmniOutliner can also directly open and save OPML files, although opening the same file at the same time as Bike doesn’t work the way it does between Bike and BBEdit. Bike sees changes made by OmniOutliner, but OmniOutliner doesn’t see changes made by Bike. [Update (2022-05-25): I think this is a Bike bug.]

Dave Winer:

Outliners will have compatible apps that render them.

Right now the renderers are specific to the outliner.

It’s as if you could only use one word processor with a printer.

As we get more interop between outliners, based on OPML, it will be possible to write renderers that work with all of them.

You could even mix outlines from different writing tools in a single presentation.

Previously:

Corey B. Marion, RIP

The Iconfactory (via Sean Heber):

[Without] Corey, there would quite literally be no Iconfactory. Corey, Ged and Talos met in 1994 and we soon began a journey together that spanned 28 years. From day one, Corey did exactly what he loved most - designing, pushing pixels and creating icons.

[…]

Corey was instrumental in the growth and success of the company from the very start. He loved participating in judging our annual icon design contest, Pixelpalooza, back in the day. His keen eye for design touched nearly all of our products and made them infinitely better including IconBuilder, xScope, Twitterrific and Triode. He even created Linea Sans, a wonderful font based on his own handwriting that users will be able to enjoy for years to come.

Previously:

SwiftUI in 2022

Jake Sawyer:

Even if you already know a bit (or a lot) of SwiftUI, Stanford’s course is incredible, amazing, wonderful, AND FREE!

Nick Lockwood:

Half the iOS devs on my TL keep posting stuff like “here’s how I shipped an amazing full-featured cross-platform SwiftUI app in 10 minutes and the other half are like “Button presses have been broken in SwiftUI for 16 months and Apple hasn’t responded to my radar”

Greg Pierce:

My SwiftUI development process starts with a clear definition of the problem and ends in a recursive loop of Google searches trying to figure out why the thing I did to fix A broke B, and the thing I did to fix B, broke C, etc.

Jonathan Badger:

As a newbie to the framework, I enjoy the instant feedback that the canvas preview provides with each code modification and am thoroughly impressed by the elegance and simplicity of SwiftUI’s design. That being said, I have run into odd behaviors and challenging problems that make me want to tear my hair out at times. One such issue, which at first seems trivial, is how to dismiss the keyboard when a user taps an area on the screen that is outside the bounds of a TextField or TextEditor view. Here, I will discuss a few of the common issues surrounding keyboard dismissal and provide two solutions and workarounds that I have found after an embarrassing amount of googling and combing of StackOverflow

Christian Selig:

Has anyone done a nice blog post on integrating SwiftUI as parts of an existing UIKit app and having them communicate nicely? (Many posts are all or nothing) Integrating it for bits and pieces sounds fun, but a bit intimidating. 😬

Scott Anguish:

It’s a nightmare. That’s what we found.

Steve Troughton-Smith:

SwiftUI remains incompetent at basic layout, something Playgrounds users are going to find out the hard way… 😅

Ron Avitzur:

I’m stuck diagnosing an infinite loop in SwiftUI layout for code that worked on macOS 11.

Steve Troughton-Smith:

I’m really excited about using SwiftUI in my apps.

SwiftUI is an unreliable mess that needs to be treated with oven mitts, and I won’t be increasing my reliance on it anytime soon.

That dichotomy is what makes the SwiftUI story so frustrating.

Oskar Groth:

We’re halfway into SwiftUI 3 and this is yet another example where it fails to provide us with a properly working default control.

Ron Avitzur:

Today in C++ → Swift: macOS 12 SwiftUI Focus

.focused($focus, equals: .mathBlock(id)) is not setting the first responder to my NSViewRepresentable NSView.

Should I expect it to?

Anyone have insight into how AppKit first responder interacts with Swift Focus for custom views?

Adam Kaump:

“Hey I got 90% of what I wanted really quick! Neat!” “…oh turns out that last 10% is basically impossible, eh?”

Marco Arment:

I like a lot of it. But it’s not simple, easy, or mature.

Its conceptual elegance and clean presentation-slide code are quickly ruined by common real-world needs.

And you frequently slam HARD into walls that you just can’t overcome.

Steve Troughton-Smith:

I really do feel like every time I use SwiftUI, even in the simplest of places, it’s burying mines in my code that will be set off at some point in the future

[…]

Conundrum: do I spend the hours required to try different combinations of SwiftUI modifiers to hopefully find a fix for this layout issue, with potential of it breaking again in the future, or do I spend same hours porting to UIKit knowing I’ll likely never have to touch it again

Simon B. Støvring:

I wouldn’t use SwiftUI for core parts of a complex app yet but it’s safe to say that Runestone wouldn’t have so many settings if it wasn’t for SwiftUI. It’s so simple to build settings screens that look decent with SwiftUI.

Josh Avant:

Today, 2.5 years after release, there’s still validly a more-than-small amount of opinion that SwiftUI is not even Production Ready for mature, complex applications.

If you have to make the choice today, I say choose UIKit.

(Unless your app isn’t intended to be mature, complex)

Helge Heß:

There is very much to like about SwiftUI (and almost all my recent apps use it), but e.g. that it can’t do a very core and basic thing like navigation in its 3rd iteration properly is just embarrassing. 🤷‍♀️

Helge Heß:

The real difference is that one may have been missing API you’d want (not really), while SwiftUI has API all over but the provided stuff isn’t just bad but simply doesn’t work. Often even depending on context - i.e. it is an inconsistent mess from an API perspective.

Sam Deane:

SwiftUI lists can get really slow, due to all the clever diffing that goes on for animation.

There is a workaround, but it seems that it stops working if you put the list inside a NavigationView.

Let’s use value types instead of objects and then allocate a UUID for each one since they no longer have pointer identity.

Paul Haddad:

It’s still terrible, takes at least twice as long to do anything for results that IMO are not as good as UIKit.

Hoà V. DINH:

I’m going to rewrite an app that I wrote with SwiftUI back to regular Swift + UIKit because I’m hitting so many blockers when refining the details.

Marin Todorov:

💯 internet points for @steipete for making a landing page for this SwiftUI crasher that you didn’t cause and can’t fix 👌🏼

Russell Ivanovic:

Let’s play a little game called “Will the SwiftUI preview load?”. It’s ok if you’re not an Apple Developer, you can play along!

Marco Arment:

A day building in SwiftUI:

I would like a search bar in the navigation bar like every app

Oh that requires iOS 15

I would like it to activate when presented

Can’t do that without rebuilding with UIKit hacks

I would like it not to hide itself

Can’t do that, go back to UIKit

For every hour SwiftUI’s niceness has saved me, I’ve probably lost two more hours to the slow and buggy tooling, scouring the web to make up for its non-discoverability and poor documentation, hacking around its brick-wall limitations, or giving up and rewriting things in UIKit.

Phillip Caudell:

Writing SwiftUI is like riding a bicycle downhill on a beautiful sunny day.

Until the bike suddenly explodes, killing you.

It makes building a production app in SwiftUI extremely difficult when the basic system controls don’t work.

There’s so much to love about SwiftUI, but still after several years the basics are still buggy as hell.

Ken Kocienda:

A tool like SwiftUI which can’t easily handle simple and well-understood tasks isn’t likely to scale to more complex and experimental tasks without seemingly endless frustration.

Steve Troughton-Smith:

Abstracting developers from the ‘real’ goings-on is also a means of control on Apple’s part, to shrink us down into a little sandbox we can’t break out of. Can’t compete with system apps if we only have toy APIs

Michael Love:

Seems like an especially self-destructive policy on Apple’s part in this case, because it’s not clear they have much of a vision for what to actually do with AR apps and by abstracting us away they’re going to make it impossible for developers to help come up with one.

Ron Avitzur:

Today in AppKit → SwiftUI:

.keyboardShortcut(.upArrow) does not work with .buttonStyle(PlainButtonStyle())

but .leftArrow and .rightArrow do work

.upArrow works with .buttonStyle(BorderlessButtonStyle()).

Filed under: I do not even want to know the explanation behind this.

Kyle Howells:

I can’t help feeling SwiftUI was a massive mistake for Apple.

I keep seeing blog posts and articles of people trying to write native iOS or macOS apps, using SwiftUI, abandoning it as: too buggy/much work/effort/not worth it. And then switching to Electron & React Native.

If Apple had just spent its effort on updating UIKit, adding more standard UI components modern apps use/need.

Improving Xcode’s tooling, bug fixes. They’d have 1 really nice "reliable" toolset for people to use.

Kyle Howells:

This is my main issue with SwiftUI. It’s a high level black box.

With UIKit I can: drop down to UIControl easily if I want to replace UIButton; make my own table view, drop down to CALayer’s, customise the CALayer a view uses, etc....

Kyle Howells:

And there in lies the problem of why I can never see SwiftUI is a real/full replacement for any UI framework.

Either it needs to allow you full control to build the thing.

Or it needs to be a high level abstraction over top the real thing.

Currently it’s sort of both badly.

Ron Avitzur:

@FocusedValue as seen in macOS menus is not changing reliably when switching windows despite my best attempts. However, setting a global in response to NSWindow.didBecomeKeyNotification seems to work just fine.

Majd Taby:

We WERE going to include a SwiftUI component in our next update, but alas, I just rewrote it in UIKit.

This was a result of three situations:

1. Incomplete APIs in SwiftUI limiting our capabilities

2. Coordinating the SwiftUI layout updates with UIKit ones was difficult and caused animation problems

3. Our data model wasn’t designed for SwiftUI, and thus caused a lot of CPU thrash

Jordan Singer:

Learning SwiftUI unleashed creativity inside of me like no language ever has and brought joy back to building user interfaces.

Here’s a thread of my experiments to show you what’s possible, to learn from, and code to remix👇

Rony Fadel:

SwiftUI forces you to think more deeply about architecture compared to UIKit.

Abstraction hijackings (e.g. getting a reference to and conditional casting a parent or sibling vc) are not possible by virtue of how SwiftUI works.

Ron Avitzur (tweet):

Is it possible to set the isAlternate property on an NSMenuItem in the macOS menubar to implement dynamic menu items in a SwiftUI document-based app which uses CommandMenu to construct the menus?

Steve Troughton-Smith:

The harsh reality of SwiftUI in 2022 is that it doesn’t enable a competent dev to build a better app. It gives you a lesser-than-native, less-reliable, less-compatible, less debuggable app — a two-tier system where 3rd-parties may never be able to compete with Apple’s own

Short of major advancement at WWDC22 wrt to reliability, configurability & back-compat, I’m not sure SwiftUI will ever be the right technology for my apps. Its priorities are clearly elsewhere, and that’s OK. But that isn’t the future of anything, just a lower entry point

Rony Fadel:

SwiftUI + Introspect gets us that much👌 closer, but I agree that we’re not there yet. Right now SwiftUI is a reactive shell on top UIKit with a number of gaping holes (Lists, Navigation, View presentation etc..)

Russell Ivanovic:

As long as you’re ok with ignoring Autolayout errors. I get tonnes of those in my SwiftUI views and it’s like “what would you like me to do with that info…exactly?”

Damien Petrilli:

The Joy of SwiftUI:

Animation in simulator:✅
Animation in Swift Playgrounds on iPad:✅
Animation in the App: freeze and lag.

100% same code.

Khoa Pham:

Just finished refactoring a 115+ screens #SwiftUI app to UIKit navigation. Every screen has its own UIViewController and is self-contained.

Feels so good

As long as SwiftUI is still based on UIKit, using UIKit is a safer bet.

Ron Avitzur:

Looks like it is back to UIKit for the UIPanGestureRecognizer for me.

Simon B. Støvring:

Many seem to either like SwiftUI or believe that it’ll get better down the road and be the future of UI development on iOS and iPadOS.

Is there a possibility that SwiftUI is simply a bad idea for these platforms? That it won’t work?

I’m starting to fear that as we’re adopting SwiftUI in our apps, we’re also compromising too much. Our UIs are getting simpler but more buggy. We’re becoming slobby.

Maybe it’ll all work out in the end. I hope it will. But this is a fear that I currently have.

Steve Troughton-Smith:

To my surprise (not.), yet another SwiftUI regression has begun to screw with my apps, this time affecting tab-focus and text fields. Appears to have cropped up either in the latest SDK or most recent macOS release. Worked fine when I shipped (& for 2 years), now does not.

I think once I bail on SwiftUI that’ll be it for me for quite a while. I’ll check back in in 5, 8 years, like I did with Swift, and maybe it’ll be tolerable then. I have a lot of development in me before then, and I just can’t base any of it around SwiftUI

Unlike early Swift, which was just clumsy to write but could still make a 1:1 version of your ObjC app, early SwiftUI is radioactive and eats holes in everything it touches. I feel like Apple will be paying this one off for a veery long time

Steve Troughton-Smith:

One place I can recommend SwiftUI: as a preview wrapper for UIKit views & view controllers. This element is hugely useful even to developers who don’t use SwiftUI for any of their code

Kyle Hughes:

In March I removed the last traces of SwiftUI from an app, going back to 100% UIKit. I needed block element support in attributed strings.

In March I also released a 100% SwiftUI app.

Perhaps they are both good.

Chris Eidhof:

I was trying to create an NSImage out of a simple SwiftUI View. Turns out to be surprisingly difficult: dataWithPDF is completely broken, cacheDisplay(in:to:) has strange artifacts and good old CGWindowListCreateImage works as expected.

Ron Avitzur:

Today’s API eldritch horror experience trying to implement the macOS Paste menu item so that it is enabled or disabled appropriately depending on what is on the clipboard.

In AppKit, this is very easy.

In SwiftUI, I’m lost in a maze of twisty APIs...

Kuba Suder:

This talk is a bit of a mindfuck… I’m gonna have to watch it more than once. Is it just me, or is it… kinda unintuitive that the lifecycle of state variables in that subview depends on whether you write this as if/else or with ternary operator “?:” ?

Marcin Krzyzanowski:

overpromise under-deliver in one screen. the title itself is almost an oxymoron

Steven Curtis:

Imagine using a version of Xcode with a major memory leak attached to SwiftUI. If it’s Xcode 13 I think that’s fine, they’ll fix in in 13.1. What do you mean, they only fixed it in Xcode 13.2.1?

[…]

I want to decouple navigation from views. I don’t want to use UIHostingController as I would like to create a completely native SwiftUI App. I need to have easy access to views using deep-linking where the screens depend on complex state, and can be accessed from multiple parts of the App.

James Thomson:

Since installing 12.4, all the labels for my SwiftUI pickers have vanished. Affects my existing versions too. This is a Mac-idiom Catalyst app.

That’s really not great 🙁

Ron Avitzur:

Replacing a SwiftUI ScrollView/VStack with a List View was straightforward and provides swipe-to-delete, and drag-to-reorder rows. However, it also made scrolling the view impossible. Breakpoint on scrollTo does not fire. I fail to understand this.

Paola Mata:

All these hacks and workarounds for making SwiftUI do basic shit…

See also: The evolution of SwiftUI.

Previously:

Update (2022-05-25): Steve Streza:

SwiftUI will be great once it’s production ready. Maybe that will be this year. Until that happens though, this post remains a spectacular cautionary tale of what happens when you go down that road.

Martin Pilkington:

There is a very strong argument to make that declarative UI frameworks are always going to be a case of “faster to get to good, difficult to get to great”

Building great software requires fine-grained control over the UI, but that’s kind of the antithesis of declarative UI.

That isn’t to say you can’t have parts of UI be built declaratively, just that you can’t handle every case people will have with a full declarative framework

Aleksandar Vacić:

I expected such issues back in 2019 (the talk I gave at Pragmaconf) but did not see them taking this long to clear up.

The black box design and complete dependence on Apple to fix issues did not turn out good.

Michael Brown:

This absolutely does not reflect my experience of using SwiftUI. In the 8 months that I’ve been using it intensively the time it has saved me is immeasurable compared to the problems encountered. It is unquestionably better than using UIKit (which I have used since 2010).

matfx:

I have built a production app for a bank in SwiftUI (released in March 2021) but I can relate to all of things described.

Benedikt Terhechte:

Doesn’t even mention how invalid layouts crash SwiftUI apps at runtime!

vinibaggio:

SwiftUI is such a bummer. While I agree with the feelings that it makes UI development so fun and freeing, when you start running into issues, then the magic is shattered and you’re back to the harsh reality that computers are all broken.

Sam Deane:

I do still like SwiftUI a lot, and am using it in production apps.

I ended up making this to fix the List issues. It is crude but effective and does just enough of what I need.

I do still regularly hit brick walls, but a lot of the time I find them to reflect a strongly opinionated design philosophy, rather than just an accidental omission.

In other words, someone is deliberately preventing you from doing something they don’t think you should do.

R. Mark Volkmann:

I have never used UIKit and am a relatively new user of SwiftUI. So far I love it.

Steve Troughton-Smith:

After @jamesthomson’s tweet, it was with trepidation I upgraded to macOS 12.4 to see how the changes to SwiftUI have broken my own apps. Sure enough, all the labels have been removed from my pickers, in the shipping version of Pastel.

See also: Hacker News.

John Gruber (tweet):

I’d like to see leaps-and-bounds improvements announced this year.

Update (2022-05-26): Luc Vandal:

Overall, my experience with SwiftUI has been mostly positive. Of course there were times I wanted it to die in a but I was able to develop & release an app that is on the App Store & actually selling.

Kevin Hayes:

I’m not blind to its bugs and limitations but it’s definitely a net positive for me. It’s working out well in 1Password 8 for iOS, and my side projects are SwiftUI too.

Francisco Tolmasky:

It requires being an expert in it before you can predict its limitations (which often are bug-related and not necessarily “conceptual”). This would maybe be excusable for a beta release, but SwiftUI is now around 4 years old.

Arguably, its original sin is simply not being open source, and on top of that is trapped behind one of the most opaque bug-reporting mechanisms in the industry. Every minor hack involves tremendous reverse-engineering, which may then have to be replicated throughout the community, instead of being a GitHub issue and PR request like in Electron for example. There are of course upsides to the closed-source model, but in 2022, you have to deliver on those upsides if you want to make a strong case for your framework.

Richard Turton:

If you are working with an existing UIKit codebase and are SwiftUI-curious when it comes to adding or updating new features, this article should help answer your questions. I’m going to cover some of the technical details of how SwiftUI works and how state is managed, some tips on integrating SwiftUI into your existing code, and some common pain points.

Update (2022-05-31): Malcolm Hall:

Beginners think it’s not ready yet; experts know it will never work. Take for example MapKit, completely different delegation model vs UIKit. The SwiftUI wrapper is fundamentally broken and will never work perfectly until MapKit is fixed but that breaks existing apps = deadlock.

Another example is NSTableView / NSTableViewDelegate, cannot work with SwiftUI’s diffing model with over 100 rows, grinds to a halt. Which team is going to fix that?

Update (2022-06-06): See also: SwiftUI Is Fine.

The Apple GPU and the Impossible Bug

Alyssa Rosenzweig (Hacker News):

The buffer we’re chasing, the “tiled vertex buffer”, can overflow. To cope, the GPU stops accepting new geometry, renders the existing geometry, and restarts rendering. Since partial renders hurt performance, Metal application developers need to know about them to optimize their applications.

[…]

When a partial render is possible, there are two “load” programs. One writes the clear colour or loads the framebuffer, depending on the application setting. We understand this one. The other always loads the framebuffer.

…Always loads the framebuffer, as in, for loading back with a partial render even if there is a clear at the start of the frame?

[…]

Doing so, Metal fails in a similar way. That means we’re at the root cause. Looking at our own driver code, we don’t specify any program for this partial render load. Up until now, that’s worked okay. If the parameter buffer is never overflowed, this program is unused. As soon as a partial render is required, however, failing to provide this program means the GPU dereferences a null pointer and faults. That explains our GPU faults at the beginning.

Previously:

Monday, May 23, 2022 [Tweets] [Favorites]

Combine’s .collect(.byTime) Timer

Jesse Grosjean:

The biggest bug in Bike’s 1.0 release was excessive CPU use while in background.

[…]

First, I didn’t realize that each time you use .collect(.byTime) you are setting up a new repeating timer. I had expected a timer was involved, but thought it would only get scheduled when new items were coming into the publisher. Nope, it’s repeating once the pipeline is setup.

[…]

I’ve posted a .collect(.byTime) replacement (for my use case) here. It solves the problem by only scheduling on the runloop once per group of incoming results.

Previously:

How to Open a Window in SwiftUI

Rob N:

I’d like to show a second window with different content in a SwiftUI app on macOS. I can’t find any documentation on this.

Malcolm Hall (tweet, forum):

In your ContentView create a button and open a URL for your app and another View e.g. Viewer to be shown in the window we will open[…]

[…]

In your App add another WindowGroup for your viewer and set it to enable handling of external launch events (an internal event in our case).

[…]

Now in Project->Info->URL Types type in myappname in the URL Schemes field (and the identifier field too) to register our app with the system.

Tony Arnold:

Is that a workaround? That’s a workaround for missing API, right? 😳

Malcolm Hall:

No, its a declarative state-driven API that handles the reason why you would want a new window. You aren’t going to get an imperative open window in SwiftUI because that’s not how it is designed.

Marcin Krzyzanowski:

I’m not convinced this is designed. It’s more like something that happens, but doesn’t really is well thought for the scenario where the app needs to open multiple windows. URL cannot be the way. It’s missing window state management. Windows are hierarchical. This is not.

It’s great that there is a way to do this without calling into AppKit, but using URLs seems gross.

Khoa Pham:

A common trick is to use an NSViewRepresentable to get underlying view.window and attach this to our SwiftUI view

[…]

For a common macOS SwiftUI app with a search bar on the toolbar and a normal settings screen, here’s how I usually do

Setup NSWindow programmatically

Previously:

Update (2022-07-12): Natalia Panferova (tweet):

In macOS 13 we finally have a way to programmatically present a window in SwiftUI. We can call the new openWindow action from the environment and pass it a scene id or a value.

Previously:

Proposed EU DMA: USB-C, Messaging, NFC

European Parliament:

Mobile phones, tablets, digital cameras, headphones and headsets, handheld videogame consoles and portable speakers, rechargeable via a wired cable, would have to be equipped with a USB Type-C port, regardless of the manufacturer. Exemptions would apply only for devices that are too small to have a USB Type-C port, such as smart watches, health trackers, and some sports equipment.

Via Nick Heer:

The straight-line way of reading this is that future iPhones and iPads will have to have a USB-C port instead of a Lightning one.

Casey Newton:

The act applies to what it calls “gatekeepers” — defined as any platform that has a market capitalization of €75 billion, or more than €7.5 billion in European revenue. So: yes to WhatsApp and iMessage; no to Signal and Telegram.

[…]

Disdain for the new requirements is not universal; Matrix, a nonprofit organization working to build an open-source standard for encrypted communication, published a blog post Friday explaining some possible technical paths forward.

But it’s clear that, to the extent that there might be a way for services like iMessage and WhatsApp to interoperate and preserve encryption, that way has yet to be invented.

Via Nick Heer:

To be clear, it does not appear that the draft law mandates the creation of no privacy or security risks; the segment posted by Benedict Evans — the full draft text is currently confidential — says platform providers must create a “high level of security and personal data protection”. It is about finding an appropriate level of risk with the caveat that it will never get to zero. But the core of the question seems correct: is there a way to make encrypted messaging services work together while ensuring negligible difference in security and privacy levels?

[…]

Remember Adium? That is a great piece of software I have not touched in about ten years as phone-centred messaging clients have replaced desktop-based ones. Something like that could be possible again.

Hartley Charlton:

The latest provisional agreement sets out plans to establish a “High-Level Group” of central European digital regulators to coordinate national regulators across EU member states and requires “gatekeepers” to create an independent “compliance function.” The new group must include compliance officers to monitor their company’s compliance with EU legislation using sufficient authority, resources, and access to management, and be headed by an “independent senior manager with distinct responsibility for the compliance function.” The rule would effectively require companies like Apple to set up an internal department dedicated to meeting pro-competition regulations.

In addition, new rules specifically targeted to address companies like Apple that have “a dual role” with control over both hardware and software look to allow any developer to gain access to any existing hardware feature, such as “near-field communication technology, secure elements and processors, authentication mechanisms, and the software used to control those technologies.” This could have major implications for the level of integration that developers can achieve on Apple platforms, such as allowing contactless payment services to operate on the iPhone and Apple Watch just like Apple Pay.

John Gruber:

This is bananas. All third party developers get control over the secure enclave and the software that controls it?

[…]

This is profoundly anti-consumer. Consumers aren’t asking for any of this shit. Actual people love their phones more than their computers — whether Macs or PCs — not despite the fact that their phones are tightly controlled consoles, but because they are tightly controlled consoles. These regulators don’t see it that way, because they’re idiots. They think they can legislate their way to a world where the iPhone (and Android, which is also console-like) remains far safer and more reliable than PCs while mandating that all the protections that have made them far safer and more reliable than PCs be removed. It’s absurd.

I think this is conflating a lot of different things. The main reasons that phones are safer and more reliable are sandboxing (so apps run mostly independently from each other and the system) and the hidden file system (so users can’t mess things up). Those would remain in place. I still think it’s far from clear that adding an API to access NFC would cause harm. The bit about the Secure Enclave strikes me as differing interpretations, like when Microsoft told the court that Internet Explorer couldn’t be removed from Windows because—thinking of the frameworks, not just the app—then it would no longer boot. Obviously, the EU doesn’t want it opened up in a way that would make it useless.

I would imagine though, if this comes to fruition, E.U. citizens are going to wind up buying iPhones that operate very differently from those sold everywhere else in the world, and they will suffer for it.

Steve Troughton-Smith:

Why does Apple see a ‘European’ iPhone variant as an existential threat, but not its stripped-down feature-restricted variant for e.g. China (which it has shipped for a decade)? Because everybody will want one with this unrestricted featureset, of course. Hence the unrelenting PR

Previously:

Five Things You Still Can’t Do With a MacBook Pro

Tim Hardwick:

Unfortunately, the HDMI port that returned isn’t so top-of-the-line – it’s an HDMI 2.0 port instead of an HDMI 2.1 port.

[…]

The SD card slot on the new MacBook Pros supports UHS-II cards, but only up to 250MB/s of data transfer, not the 312MB/s speeds that the standard is theoretically capable of.

[…]

Ethernet Port

[…]

Lenovo, Samsung, Acer, Dell, and HP all offer laptops with 5G connectivity, yet no Mac in Apple’s notebook lineup currently supports the cellular standard.

My suggestions:

  1. Shrink the trackpad.
  2. Add an external power button so that I can turn on the Mac or enter Recovery while in clamshell mode.
  3. Add more USB ports. I have not had good experiences with hubs/docks, even Apple’s own Studio Display. Being able to directly connect more devices in a pinch, or at least not have to plug one hub into another, would help.
  4. Make a first-party Thunderbolt dock. The current ones are pricey, and people still report them being flakey. Maybe this is inherent to the technology, but maybe if Apple made all the pieces (computer, OS, and dock) it would be better able to ensure that they work together.

Previously:

Friday, May 20, 2022 [Tweets] [Favorites]

Restoring Contacts From a Time Machine Backup

Miles Wolbe:

Open Contacts.app then “Enter Time Machine” from menu bar icon to restore (H/T). Note that the “Browse Other Backup Disks…” option accessed by Option-clicking the Time Machine menu bar icon really means “Browse Other Backup Disks for the current device”.

This didn’t work for me. It just showed an empty Contacts window, and none of the Time Machine buttons responded, so I had to force quit. Fortunately, he lists 4 other methods. It seems like to really do it right you need to erase all the contacts in iCloud first:

No consideration is given here to iCloud Contacts sync (though thermo2’s 20-step procedure is reproduced below without prejudice). Back up, back up, back up and understand what you are doing.

Disk Utility Can Only Check Backup Disks in Recovery

Howard Oakley:

The most serious problem with Disk Utility remains its manifest inability to run First Aid on some volumes and containers, in particular Time Machine backup stores. This problem persists, although currently it now seems confined to APFS backup volumes.

[…]

If you need to run First Aid on an APFS Time Machine backup disk, the only methods available are to use Disk Utility or apfs_fsck in Recovery Mode. This is a serious failure, particularly as the message given to users is to “back up the data on this volume”, which is wholly inappropriate for a backup volume, and gives the false impression that failure is imminent.

[…]

Less serious, but more confusing, is a sporadic bug which displays bizarre results after a disk has been erased, or partitioned into two or more containers.

I run into this last issue a lot. Sometimes partitioning fails for no apparent reason. Other times, Disk Utility says it succeeded but displays a completely different partition structure than what it had been asked to create.

Previously:

New Receipt Validation Sample Code

Apple (via Thomas Zoechling):

The following example code illustrates how to retrieve an identifier in macOS for validating an App Store receipt. Use the data returned to by the copy_mac_address function to validate the App Store receipt.

In the following Swift code, the io_service function uses IOKit to retrieve network interfaces as an optional IOKit object. The copy_mac_address function looks up an appropriate network interface and returns the hardware address from the IOKit object as optional CFData.

Apple’s sample code for this had been broken at least since Catalina. I still think there should just be an API for validating and parsing receipts, instead of encouraging developers to either reinvent the wheel or incorporate open source code of questionable quality.

Previously:

Update (2022-06-08): macOS 13 adds AppTransaction.

Update (2022-06-10): John Siracusa:

Still no simple Apple API to validate Mac App Store receipts, though, right?

Rosyna Keller:

No. And I’m not sire there will be on as it’s a semi-antithesis of DRM checking: have your check in multiple places that can’t be stubbed out by one change to the binary especially if it would apply to every binary.

John Siracusa:

I just don’t want to have to statically link OpenSSL into my dinky app and then copy/paste a bunch of code I don’t understand. I’m not trying to stop someone with a hex editor. I’m trying to stop casual piracy.

Rosyna Keller:

This new API is for making feature selections betterer based on date purchased without needing to roll a new app entry on the App Store for the new version.

Weathergraph 1.0.97

I recently started using Weathergraph. I’ve been happy with Snowflake Weather on my iPhone, but less so on my Apple Watch. Weathergraph has a great watch app and complication, and it’s even better with the new icon theme and precipitation probability display that were added in the 1.0.96 update. For some reason—maybe the location-based updates—it does not seem to be subject to the watchOS 8.5 bug that prevents my other complications from updating automatically. And, unlike Apple’s complication, it can show the last cached forecast when there’s no network connection.

The basic design feels like an evolution of Weather Line and Weather Strip, but I think Weathergraph shows the information better. The display is very configurable, so I can choose to show wind speed but not wind direction, humidity but not the dew point, and the UV index but not the atmospheric pressure. Unfortunately, the rain percentage is shown as a light blue area with no scale or label, so it’s not clear what the percentage is except in relative terms. I like how you can choose the zoom level and how it can be different for the phone, the watch app, and the watch complication.

The main drawback is that it only supports a single location, which cannot be set manually, so you can’t use it to plan travel. So right now I’m using Weathergraph in combination with Snowflake.

Weathergraph Pro—which includes Foreca, Dark Sky, and realtime forecasts—is $3.99/month, $19.99/year, or $49.99 for a lifetime license. Below are some screenshots comparing it with other weather apps that I have installed.

Weathergraph

weathergraph-iphone-1 weathergraph-iphone-2 weathergraph-watch-complication weathergraph-watch-app-1 weathergraph-watch-app-2

Apple

apple-iphone apple-watch-complication apple-watch-app-1 apple-watch-app-2 apple-watch-app-3

Snowflake Weather

snowflake-iphone snowflake-watch-complication snowflake-watch-app-1 snowflake-watch-app-2

Weather Strip

weatherstrip-iphone

CARROT Weather

carrot-iphone carrot-watch-complication carrot-watch-app

Previously:

Thursday, May 19, 2022 [Tweets] [Favorites]

Indirect Struct Properties in Swift

Sean Heber:

Surprised that Swift has “indirect” for enum cases but not for structs. Seems like a weird omission.

Here’s a property wrapper that lets you use “indirect” properties in a struct for those times when you really want to because “reasons.”

It uses an enum wrapper, which is more efficient than an object.

Apple Accessibility Feature Preview

Shelly Brisbin:

For the second year running, Apple has offered a preview of updated accessibility features coming to its platforms later this year. The announcements come just ahead of Thursday’s Global Accessibility Awareness Day, which goes by #GAAD online.

Apple:

Apple is introducing Door Detection, a cutting-edge navigation feature for users who are blind or low vision. Door Detection can help users locate a door upon arriving at a new destination, understand how far they are from it, and describe door attributes — including if it is open or closed, and when it’s closed, whether it can be opened by pushing, turning a knob, or pulling a handle. Door Detection can also read signs and symbols around the door, like the room number at an office, or the presence of an accessible entrance symbol. This new feature combines the power of LiDAR, camera, and on-device machine learning, and will be available on iPhone and iPad models with the LiDAR Scanner.

[…]

With Apple Watch Mirroring, users can control Apple Watch using iPhone’s assistive features like Voice Control and Switch Control, and use inputs including voice commands, sound actions, head tracking, or external Made for iPhone switches as alternatives to tapping the Apple Watch display. Apple Watch Mirroring uses hardware and software integration, including advances built on AirPlay, to help ensure users who rely on these mobility features can benefit from unique Apple Watch apps like Blood Oxygen, Heart Rate, Mindfulness, and more.

[…]

Live Captions in FaceTime attribute auto-transcribed dialogue to call participants, so group video calls become even more convenient for users with hearing disabilities. When Live Captions are used for calls on Mac, users have the option to type a response and have it spoken aloud in real time to others who are part of the conversation.

Update (2022-05-20): John Siracusa:

This use of accessibility features to rearrange icons on an iPhone is arguably easier than the “normal” way.

Apple Introduces Professional IT Training

Apple:

As companies expand their use of technology, employees are demanding to use iPhone, iPad, and Mac at work, resulting in an increased need for IT professionals skilled in supporting and managing Apple products.

To help meet this growing demand, Apple today launched updated professional training and certifications for IT support and management. The training has been completely redesigned and moved to an online, self-paced format. Users can demonstrate their competency with two new exams and earn certification from Apple.

[…]

Two new Apple Professional Training courses — Apple Device Support, and Apple Deployment and Management — are available today on training.apple.com. The courses are sequential, and build on skills and concepts as the user progresses. At the completion of each course, new certification exams are available to demonstrate competence achieved at each level with corresponding digital badges from Apple. Each exam costs $149, and certification can be displayed on resumes, online profiles, and job boards, enabling users to stand out in job searches — and employers to find qualified candidates.

Tom Bridge (tweet):

In addition to the new exams, Apple’s announced a program working with the Mac Admins Foundation to make sure that those who can’t afford to take this exam, or whose employers won’t pay, can still get certified. The Mac Admins Foundation is a brand new 501(c)(3) non-profit whose mission is to support the people who manage Apple products, starting with the Mac Admins Slack, and moving onward to making conferences more approachable for people just starting out in this industry.

Should You Continue Using HFS+?

Howard Oakley:

The most compelling argument for retaining HFS+ is on rotating hard disks, because APFS can result in severe fragmentation, most importantly in the file system metadata, so causing degraded performance; as SSDs don’t suffer those performance penalties, this could be a good reason for continuing to use HFS+ on hard disks, while switching SSDs to APFS.

That argument may hold good for storage which is in active use, such as boot disks and those containing working files, but appears less compelling in more static use, to contain relatively stable archives or backups in which there is limited turnover of files or data. Although objectively assessing the effects of fragmentation is fraught with difficulty, one basic question is whether there is any difference in performance between the file systems to begin with.

I updated my spinning hard drives to APFS when that became necessary in order to make bootable clones. The other main benefit is that APFS snaphots on the destination are a great way to fit multiple backups onto the same drive. Previously, I used multiple partitions, which is much less space-efficient.

The hidden downside is that, for reasons I don’t understand, most of my APFS backup drives take an unpredictable amount of time to mount. With HFS+ it consistently took a few seconds. With APFS, sometimes it takes a few seconds, but other times it takes 5 minutes or even an hour before I can access the drive’s contents. A few of my APFS backups do have multiple partitions. They mount in a random order. If I’m lucky, the one I need mounts first, and in that case the backup is almost always done before the other partitions have even mounted.

Sometimes, the APFS volume never auto-mounts, but it does show up in Disk Utility where—after it takes 10 minutes to launch—I can manually tell it to mount.

Other times, the APFS volume does auto-mount, using the password stored in the keychain, but it shows a password prompt, anyway. Sometimes, despite trying to dismiss this dialog, it stays on-screen the entire time I’m using the drive. I try to drag it mostly off-screen so that it doesn’t block my other windows.

Sometimes, generally after a kernel panic, APFS volumes don’t even show up in Disk Utility after a restart. I have to power cycle the enclosures. (Ironically, most of the kernel panics that I’ve been getting with my M1 Pro MacBook Pro seem to be related to HFS.)

Previously:

Wednesday, May 18, 2022 [Tweets] [Favorites]

Weak Self: Closure Rules of Thumb

Christian Tietze:

In Swift, you can weak-ify references to self in escaping closures, and then you need to deal with the case that the reference is gone when the block is called.

Last month, Benoit Pasquier and Chris Downie presented different takes on the problem. That discussion was excellent. It prompted me to take some more time to revisit this problem systematically, and I took away a couple of notes for future-me.

The three popular options as Chris listed them are these:

  1. Do not capture strong reference
  2. Override self with strong reference
  3. Bind strongSelf

As always, either way has its pitfalls.

[…]

[When overriding self, you] can forget weakifying inner closures and accidentally create a retain cycle again!

I think we still see this discussed because nobody has a great solution. There are some common patterns, but they are verbose and still easy to get wrong.

I tend to upgrade self at the top of the closure. For common cases like notifications and timers, I have the caller handle this and pass the strong reference into the closure if it’s not nil.

Previously:

Amazon to Support ePub

Jason Snell:

For years, Amazon has used the Mobipocket format (.mobi) rather than the ePub format for Kindle books. Recently it developed its own format, KF8 (and now KFX), and has been using that instead. Everyone else uses ePub. Publishers sell books direct as ePubs, but are forced to include .mobi versions for compatibility reasons.

But this is changing. Amazon announced that later this year, its email and drag-and-drop send tools will accept ePub format files. Amazon will then convert those files to KF8 and deliver them to Kindles, but at least the user won’t have to do the job themselves.

Update (2022-05-19): Tom Nardi (via Hacker News):

Native support for EPUB would make using the Kindle a lot less of a hassle for many folks, but alas, it was not to be. It wasn’t long before the original post was updated to clarify that Amazon had simply added support for EPUB to their Send to Kindle service. Granted this is still an improvement, as it represents a relatively low-effort way to get the open format files on your personal device; but in sending the files through the service they would be converted to Amazon’s KF8/AZW3 format, the result of which may not always be what you expected. At the same time the Send to Kindledocumentation noted that support for AZW and MOBI files would be removed later on this year, as the older formats weren’t compatible with all the features of the latest Kindle models.

If you think this is a lot of unnecessary confusion just to get plain-text files to display on the world’s most popular ereader, you aren’t alone. Users shouldn’t have to wade through an alphabet soup of oddball file formats when there’s already an accepted industry standard in EPUB. But given that it’s the reality when using one of Amazon’s readers, this seems a good a time as any for a brief rundown of the different ebook formats, and a look at how we got into this mess in the first place.

Time Machine Evolution and APFS

Howard Oakley:

You don’t have to prepare an APFS volume, as Time Machine will do that for you, but I prefer to make one ready using Disk Utility.

[…]

Time Machine will then prepare its backup volume by making another APFS volume using the case-sensitive option and designating it as a Backup volume.

Howard Oakley:

To distinguish between what are effectively two different systems, I’m going to refer to Time Machine backing up to APFS as TMA, and when backing up to HFS+ as TMH.

[…]

From its release, TMH has been dependent on features of the HFS+ file system to create its Finder illusion. Every hour the backup service examined the record of changes made to the file system since the last backup was made, using its FSEvents database. It worked out what had changed and needed to be copied into the backup. During the backup phase itself, it only copied across those files which had been created or changed since the last backup was made.

[…]

Apple later introduced what it called Mobile Time Machine, intended for laptops which could be away from their normal backup destination for some time. In around 10,000 lines of code, Mac OS X came to create something like a primitive snapshot, but on HFS+.

When Apple released the first version of APFS on Mac OS X in High Sierra, its new snapshot feature was incorporated into TMH. They were initially used instead of the FSEvents database to determine what should be backed up.

[…]

Catalina introduced a more complicated scheme to replace snapshots as the normal means for determining what to back up. This was presumably because computing a snapshot delta proved slow, and the introduction of the Volume Group, with specialist types of APFS volume for which snapshot deltas would be inappropriate or impossible.

[…]

TMA interestingly reverses the design of TMH in High Sierra: instead of using snapshots to determine what needs to be backed up before creating a backup using traditional hard links, most of the time TMA determines what’s changed using the traditional method with FSEvents, then creates its backup as a snapshot on the backup volume. The latter is essential, as without directory hard links, there’s no way of using the TMH method to make backups to an APFS volume.

Howard Oakley:

Once again, the changes required to enable Time Machine backups to be made to APFS volumes appear to have required modifications in the file system. Before macOS 11.0, we’ve always thought of snapshots as being straightforward copies of the metadata for a specific volume, something essentially generated by making a copy of those file system metadata. If that was what Time Machine relied on in Big Sur, then it could only back up whole volumes.

Instead, when backing up to an APFS volume, Time Machine now creates snapshots of individual folders when necessary, a feature which hasn’t yet been made available through the command tool tmutil. Not only that, but during the process of making a backup, Time Machine copies snapshots between volumes and seems able to assemble a backup snapshot from its file system metadata and constituent items, including changed blocks within a file.

Howard Oakley

Early versions of Time Machine started making backups when they were run by launchd scheduling (rather than cron), exactly every hour. When Apple introduced its new scheduling system with DAS (Duet Activity Scheduler) and CTS-XPC (Centralized Task Scheduling), Time Machine backups were among the first to take advantage of it. Since then, instead of backups being made at exactly hourly intervals, they’re more flexible in timing, accommodating to environmental conditions such as thermal pressure and power state.

Howard Oakley:

One feature which appears to have been lost in the new Time Machine backups to APFS volumes is the ability to check the integrity of their contents, which now appears confined to backups made to HFS+ volumes.

Howard Oakley:

There’s a clear advantage to this new scheme in that it functions not just with whole files, but with changed blocks within files. Just as a snapshot references the data blocks which make up each file, so a snapshot-based backup can back up individual blocks which have changed, which can be significantly more efficient in the storage space required.

This new scheme not only retains hourly snapshots on the source volume, which are still kept for up to 24 hours, but provides its backups in the form of snapshots on the backup volume, where the file system data are stored in addition to the snapshot itself.

The final piece of magic used by Time Machine backups to APFS volumes is that its snapshots can be made not only for whole volumes, but for individual folders within a volume. If you want to back up just your Home Documents folder, Time Machine will do that, rather than having to back up your complete Data volume.

Howard Oakley:

Creating the backup begins in earnest with a local snapshot, which is termed the stable snapshot. This appears to be a whole-volume snapshot, which is then mounted at a path based on /Volumes/com.apple.TimeMachine.localsnapshots/Backups.backupdb/[machine]/[datestamp]/[volume name]. The stable snapshot made in the last backup is located and mounted as the reference snapshot, at a similar path, but with a different datestamp, of course. TMA locates the “volume store”, into which the backed up files and other items will be copied. This should be at a path like /Volumes/[backup volname]/[datestamp].previous/.

[…]

TMA states the possible strategies which it could use to work out what is to be backed up[…]

[…]

Currently, with Big Sur only backing up Data and unroled general-purpose volumes, those are the four possibilities. The full list of what’s possible in Catalina includes:

  • full first backups
  • deep scans
  • FSEvents
  • snapshot diffing
  • consistency scans
  • cached events.

Howard Oakley:

Now that I’ve worked through the steps involved in an automatic Time Machine backup to APFS local storage (TMA), this article draws that out into a chart, and compares that against the processes used when backing up to HFS+ in Catalina (TMH).

Howard Oakley:

The backup store has a distinctive volume structure, consisting of hidden Spotlight indexes, any mounted backup snapshots listed by their datestamp, a property list containing details of all the backups in that store, and an optional property list giving information about any inheritance of those backups.

Backup snapshots themselves contain the eventdb constructed during their original backup process, a checkpoint file, a property list containing all the exclusions which applied to TMA backups when that backup was made, and the backup itself listed by volume name.

[…]

TMA backups provide good access to the user through the Time Machine app and the Finder. However, their ability to manipulate backups is severely limited. As these rely on snapshots, individual files can’t be removed from them, a feature restricted to TMH. Whole backups, complete with their snapshots, can be removed, though. That isn’t supported by the Time Machine app, but can be performed directly in the Finder.

Howard Oakley:

One day we’ll look back and remember fondly when it was possible to clone any Mac volume to an identical copy. Sadly, since the introduction of APFS in High Sierra, that has now stopped working for those volumes formatted using the new file system. Try making a clone of an APFS volume now and you may not even notice what’s missing from the copy: snapshots.

Howard Oakley:

Periodically, backup snapshots are indexed by Spotlight for the volume’s Spotlight-V100 indexes. This may require background mounting and unmounting of those snapshots, and often results in the spinning Time Machine icon being displayed against that volume in the Finder.

Howard Oakley:

Attention now needs to be devoted to addressing the problems identified here with changing source and destination volumes. It isn’t acceptable to have to start completely fresh backups whenever a disk needs to be changed, and Apple needs to document the processes required to inherit source and destination disks, without driving users to experiment with tmutil.

For all its ingenuity and sophisticated engineering, of the three backup utilities which I use, Time Machine is by far the most complex, and the only one which makes changes like these so difficult.

Howard Oakley:

This confirms that TMA is as efficient as possible in both the copying and storage of APFS sparse files and clones. This is far superior to TMH, which would of course have had to copy across almost 15 GB extra data, and required a total of 15 GB space in the backups for these three files. With sparse files and clones being relatively common in APFS volumes, the efficiency of TMA can make a big difference to the time taken to make backups, and use of storage space on the backup volume.

Howard Oakley:

This article is a summary of the current benefits and limitations of TMA as its stands in macOS 11.2.3, at the end of which is a list of those detailed accounts. These should help you make a more informed decision as to whether to use TMA.

Howard Oakley:

One significant exclusion which has been added in Big Sur is the hidden and locked folder on each volume containing its local version database; this is to work around the bug which plagued TMH in Catalina when trying to back up large and complex version databases.

Howard Oakley:

This article looks at configuring and using TMA’s backup storage on a shared disk over a network – in this case, a shared APFS volume on another Mac running Big Sur.

Howard Oakley:

Being more complex and dependent on other systems, making Time Machine backups to shared storage on your network is more prone to fail. As I’ve spent much of the day sorting one such failure out, I thought it might be useful to discuss what went wrong and what went wronger.

Howard Oakley:

A quick check on one of my working folders, just a part of my extended Home folder, found almost 1600 clone files totalling over 10 GB in size. If I were still backing up to HFS+, every one of those files would have to be saved in full into my backup, and in every subsequent backup it would have to be present either in the form of a complete copy (if it had changed), a hard link, or one to a directory above it. Instead, my APFS backup just contains a directory entry for the clone.

Howard Oakley:

With Time Machine it’s so tempting just to let it back up your entire Data volume, and be done with it. This article explains how you can do better than that, and exclude items from that backup which would merely waste space.

Howard Oakley:

In just over a month’s time, Time Machine will turn fourteen, making it one of the longest-lasting and externally almost unchanged features in macOS. As I’ve been trawling back through my archives preparing a talk for MacSysAdmins about Time Machine, I though you might enjoy a stroll down memory lane, and return to autumn 2007 for a few moments.

Howard Oakley:

I have been honoured this year to be invited to present at MacSysAdmin Online 2021, talking about Time Machine.

You can watch my presentation and download my slides from here, where you’ll also find plenty of even better presentations.

Howard Oakley:

It’s that time of year when many of us are planning our upgrades, either to Big Sur or Monterey. One vital consideration is how to migrate our backups: this article looks at what you need to do for existing Time Machine backups, whether stored locally on an external disk, or on your network.

Howard Oakley:

If you’re going to use SMB as recommended by Apple, the most robust way seems to be disable AFP on all NAS which support SMB. It may sometimes help if you’re not connected to the NAS in the Finder, before you start setting that up as your TM backup destination.

Howard Oakley:

Earlier this month, I provided a presentation for the MacSysAdmins virtual conference. Now that’s done and dusted, I’m pleased to provide a copy of my slides in high quality PDF, together with my script, available from here: timemachinemacsysadmins

Howard Oakley:

If you’re intending to back up from Time Machine to network storage such as a NAS or another Mac, the above figures can be used to provide an estimate of how long those backups are likely to take. First, connect to a share on the server, and copy to it a single large file, such as the 10 GB test file used here. Measure the total time for that to transfer, and take two-thirds (0.67) of that transfer rate as the likely overall rate to be delivered by Time Machine. Then use that with your expected average hourly backup to calculate how long that is likely to take.

[…]

Time Machine settings you should consider for improving performance include:

  • exclude items containing many small files, such as Xcode;
  • back up very large files such as VMs separately;
  • use default automatic hourly backups, rather than backing up less frequently;
  • back up to APFS, which works at a block rather than file level, and backs up clones and sparse files much more efficiently.

[…]

If you should encounter poor performance when making backups, use T2M2’s Check Speed feature to identify which items are causing most slowing.

Howard Oakley:

After four years in which it had offered frustratingly limited support for the new features of APFS, Disk Utility is now complete: this version has excellent support for snapshots, no matter which app created them.

Howard Oakley:

However, we know that snapshots are strictly read-only, and the only user experiences that I can discover confirm my suspicion that all fsck_apfs does when it finds an error in a snapshot is to throw its hands in the air, report an opaque error code, and not even attempt a repair.

For a backup snapshot, that’s fatal. All you can then do is delete the whole snapshot, knocking a hole in your backups which can never be replaced. Disk Utility’s typical response only rubs salt into the wound by telling the user to make a backup of the affected disk. As it’s currently impossible to copy backup snapshots to another disk, a single error on that storage compromises all your backups stored there: every single one of them, and there’s absolutely nothing that macOS offers to help that.

Howard Oakley:

Snapshots are one of the huge advances in APFS, but like other features, they can cause more problems than they’re worth. This article explains how they can go wrong, and what you can do to manage them so they don’t swallow all the free space on your storage.

[…]

Third-party backup products which incorporate snapshot features, like Carbon Copy Cloner (CCC), are more flexible and you can set custom snapshot retention policies for individual volumes. These operate independently, so CCC can’t change Time Machine’s policy, neither can Time Machine delete CCC’s snapshots automatically.

[…]

In most cases, apps should provide settings in their Preferences which let you store their temporary files on a volume which isn’t backed up, so avoiding them swelling the size of hourly snapshots.

Previously:

Update (2022-05-20): Howard Oakley:

Time Machine manages its backups actively to ensure that, whenever possible, they remain well within the disk space available to the backup volume. It does this by a process of ‘thinning’ older backups to recover the space that they occupy. If the backup volume is inside a container which completely fills that disk, then Time Machine will normally fill the volume, thus the container, thus the whole disk. Simply adding another non-backup volume to the same container will put the two volumes into competition for the same free disk space, and will eventually result in your use of the non-backup volume being determined by Time Machine’s thinning of its backups.

One way to avoid that competition from occurring is to reserve space on the backup disk for your non-backup storage. There are two ways to do that: you can set a reserve size on a volume in the same container as the backup volume, or you can put your non-backup volume into a separate container. Neither of those is mentioned in Apple’s guide.

[…]

However, you can only set reserve and quota sizes when you create the volume. Even diskutil can’t change them once that volume has been created. The only way that I know to make such a change is to create a new volume with the desired sizes set, then move the contents of the original volume across to it.

Tuesday, May 17, 2022 [Tweets] [Favorites]

Bike 1.0

Jesse Grosjean (tweet, Hacker News):

Bike is a macOS (11 and later) native outliner. Bike has good performance on big outlines. Bike uses open file formats and is scriptable too. Use Bike to record and process your ideas.

[…]

Outliners are powerful but constraining. Text editors are freeing but weak on structure. Bike is good at both.

[…]

Bike uses open file formats. The .bike file format is HTML–you can view it in your web browser. Bike also supports .opml and .txt.

It really is fast. I love the open formats. What’s cool is that it doesn’t just export to OPML and plain text; you can directly edit and save files in those formats, too, and convert between them. I used it to convert some of my big OmniOutliner files to plain text, for easier access on my iPhone and within BBEdit. I can edit a file in both BBEdit and Bike at the same time, and each app recognizes changes from the other. The plain text format just uses tabs and newlines for structure (no leading - or * to mark items), so it works great with lots of tools. Bike supports multiple levels of hoisting/focusing. It’s $29.99 direct and $2.99/month or $19.99/year in the Mac App Store.

See also: How does Bike relate to TaskPaper?.

Previously:

Opt-Out App Store Subscription Increases

Apple (via Mark Gurman, MacRumors):

Currently, when an auto-renewable subscription price is increased, subscribers must opt in before the price increase is applied. The subscription doesn’t renew at the next billing period for subscribers who didn’t opt in to the new price. This has led to some services being unintentionally interrupted for users and they must take steps to resubscribe within the app, from Settings on iPhone and iPad, or in the App Store on Mac.

With this update, under certain specific conditions and with advance user notice, developers may also offer an auto-renewable subscription price increase, without the user needing to take action and without interrupting the service. The specific conditions for this feature are that the price increase doesn’t occur more than once per year, doesn’t exceed US$5 and 50% of the subscription price, or US$50 and 50% for an annual subscription price, and is permissible by local law. In these situations, Apple always notifies users of an increase in advance, including via email, push notification, and a message within the app.

Mitchell Clark:

Reading that literally, it means that both conditions would have to be true to require an opt-in. But the example scenario seems so ridiculous that it’s hard to believe that’s what Apple intends.

[…]

It’s worth noting that you could easily turn Apple’s logic on its head: if users were missing those renewal opt-in notices, wouldn’t they also miss these new price change warnings? But it does sound like they’ll be relatively in your face.

[…]

There is an easy fix to this: let users pick whether or not they want the auto-renewing price increases instead of deciding for them. In my mind, that’d just be a toggle in the App Store settings that says something like “Always ask for opt-in if price increases,” and turning it on would make it like this change never happened.

Previously:

Update (2022-05-19): Benjamin Mayo:

In the short term, those same competition forces mean that Apple will have to pull back on some of the customer-friendly In-App Purchase policies to align with the market, to keep publishers onboard.

[…]

The vast majority of subscriptions in the world do not work that way. In-App Purchase was a stark outlier. It stood in contrast to even Apple’s own subscriptions like iCloud or Apple One; they increase their price freely with notification, but without consent.

PasswordWallet 4.8.13 for Mac

Selznick Scientific Software:

  • The Toolbars now look correct in mac OS Big Sur.
  • Ready for Apple Silicon! (M1)
  • Improved Bonjour support for discovering other PasswordWallets on your local network.
  • Fixed an issue with the Entry Editor when in “separate-window mode” and PasswordWallet closes on a timeout.

The iOS version has also been updated to version 4.8.22. My understanding is that the updates were held up for almost 6 months due to an Apple security bug.

Previously:

Xcode 13.4

Apple:

Xcode 13.4 includes SDKs for iOS 15.5, iPadOS 15.5, tvOS 15.4, watchOS 8.5, and macOS Monterey 12.3. The Xcode 13.4 release supports on-device debugging for iOS 15.5, iPadOS 15.5, tvOS 15.4, watchOS 8.5, and later. Xcode 13.4 requires a Mac running macOS Monterey 12.3 or later.

[…]

The async version of addTeardownBlock method in XCTestCase is now available.

Closures that are guaranteed to run on the main actor are now permitted to reference local variables from their enclosing scopes that are also running on the main actor.

Previously:

Monday, May 16, 2022 [Tweets] [Favorites]

Apple Platform Security Guide (May 2022)

Apple (PDF):

Unless otherwise noted, this documentation covers the following operating system versions: iOS 15.4, iPadOS 15.4, macOS 12.3, tvOS 15.4, and watchOS 8.5.

Apple:

Topics added:

Apple:

In macOS 12.0.1 or later, every new macOS installation also installs a paired version of recoveryOS into the corresponding APFS volume group. This design is familiar to users of Intel-based Mac computers, but on a Mac with Apple silicon, it provides additional security and compatibility guarantees. Because every macOS installation now has a dedicated paired recoveryOS, this helps ensure that only that dedicated paired recoveryOS can perform security-downgrading operations. This helps protect installations of newer versions of macOS from tampering initiated from older versions of macOS, and vice versa.

[…]

To boot into a paired recoveryOS for any macOS installation, that installation needs to be selected as the default, which is done using Startup Disk in System Preferences or by starting any recoveryOS and holding Option while selecting a volume.

Howard Oakley:

Don’t be put off by its title: Apple Platform Security Guide is mandatory reading for all advanced Mac Users, and the only way we get to learn about important details of macOS, iCloud, and much else.

[…]

Indeed, several of us have experienced problems trying to get a downgraded copy of macOS on an external disk to load third-party kexts. Could this be the result of our not setting that boot volume group as “the default”?

[…]

What the Guide says currently is incorrect at the least. If M1 Recovery Mode really does have two different ways of selecting the boot volume group to be used next, their differences need to be explained properly and not left to inference and guesswork. Users, who are hardly likely to pore over the Guide or study bputil’s man page, need clear explanation of how they should start their M1 Macs from an external boot disk, how its local Recovery system is paired to it, and how to use Startup Security Utility effectively.

Previously:

Update (2022-05-19): Nick Heer:

Max Zinkus tweeted a thread of notable new sections and updates, like this one[…] This is part of a broader question about whether Apple could switch any iMessage discussion to Messages for Business Chat, which has looser security and privacy standards than peer-to-peer iMessage.

iMessage itself retains a misleading description of its security architecture[…]

Update (2022-06-03): Howard Oakley:

This year, eagle-eyed readers noticed a significant absence: all mention of the Malware Removal Tool, MRT, has gone.

Studio Display Firmware 15.5

Juli Clover:

According to Apple’s release notes, the firmware refines camera tuning, offering improved noise reduction, contrast, and framing. We tested out the firmware update when it was in beta, and there is a clear difference in camera quality, mostly as it pertains to the way the framing works.

In addition to better framing, colors are not quite as pale, the contrast has been improved, and the overall look is more vibrant. Skin tones are also better than before, and there is less de-noising for more clarity, but ultimately Studio Display owners should not expect dramatic changes.

The first few comments talk about how the camera on the 24-inch iMac—a whole computer that’s thinner and costs less than the Studio Display—is better.

I don’t understand why the update requires macOS 12.4.

Previously:

Update (2022-05-17): Matt J Fuller:

I ran the macOS update + #AppleStudioDisplay Firmware Update 15.5 today (took 45 min). My office has no windows so lighting did not change. I used PhotoBooth w/full-screen Screen Shots to compare. I see improvements. Before: image is more washed out. After: blacks are improved.

Gus Mueller:

Studio Display got into a loop of “updating please don’t unplug” and a warning symbol with the URL “http://support.apple.com/display/restore”. It cycled between the two about 6-8 times before I just powered off the Mac and disconnected the display.

I rebooted the Mac with another display connected, waited a little bit, and reconnected the Studio Display. It tried the update again and it went through successfully this time.

Not being able to trust future display firmware updates, or my display in general, is a bummer.

Update (2022-06-16): See also: Dithering.

macOS 12.4

Juli Clover:

Universal Control is no longer in beta. It is now an official feature that Apple has deemed issue-free, and the beta labeling has been removed. Universal Control was introduced in March and it allows you to use a single mouse/trackpad and keyboard across multiple Macs and iPads.

For the Studio Display, macOS Monterey 12.4 adds support for the 15.5 firmware, which is designed to improve the webcam quality.

There’s also an update for the Podcasts app, with Apple adding a setting that limits the number of episodes stored on a Mac and automatically deletes older ones.

See also: Apple’s enterprise and security release notes.

You can download the installer here.

Previously:

Update (2022-05-16): Wojciech Reguła:

My 6 vulnerabilities patched today in macOS 12.4. Let me tell you something more about them[…]

CVE-2022-26694 (Contacts) led to impersonation of com.apple.private.tcc.manager entitlement that allows full control over the TCC. ☠️ Also I got keychain-access-groups for apple and apple account Keychain groups.

Update (2022-05-17): See also: Howard Oakley.

Update (2022-05-31): Howard Oakley (tweet):

If you’re thinking of upgrading from Big Sur to Monterey when Apple releases macOS 13 this autumn/fall, you might like to think twice, as there’s a major memory leak which may well remain in Monterey for ever.

[…]

When you set a Finder window into Find mode and start typing characters into its search box, the Finder launches an interactive search which homes in more narrowly as you type additional characters. What happens is that each of those searches is retained in memory, rather than being purged when a new search is started. The amount of memory used each time is determined by the number of ‘hits’ obtained at that moment. The more files that Mac has in its Spotlight database, the more hits are likely, and in some cases their number can be vast.

Previously:

Update (2022-08-29): Steve Troughton-Smith:

Big news that I missed: macOS 12.4 finally fixed virtual resolutions on external monitors on Apple Silicon, meaning you can render 4K (or 1080p HiDPI) on a 1440p display again 🥳

iOS 15.5 and iPadOS 15.5

Juli Clover:

Compared to prior iOS 15 updates, iOS 15.5 and iPadOS 15.5 are smaller in scale. There are updates to the Apple Cash card in the Wallet app and a new setting that lets Podcasts users limit the number of episodes stored on their devices.

There’s a long list of security fixes.

Previously:

Update (2022-05-17): Joe Cieplinski:

What’s with 15.5 having 15.4’s release notes?

Update (2022-05-19): Juli Clover:

The new updates aren’t as feature rich as the prior updates and focus primarily on under-the-hood changes, but there are still a few minor tweaks, which we’ve outlined below.

Friday, May 13, 2022 [Tweets] [Favorites]

Music Unitasker

Riccardo Mori:

Listening to music with an iPod shuffle is still (and can still be) a fun experience. You can create the digital equivalent of a mixtape, load it on your shuffle, clip the shuffle to your shirt/jeans/jacket, and then you can go out and listen to music without even having to touch the device, unless you need to change volume or skip a track. It’s basically a hands-free device that disappears on you. If Apple made a new iPod shuffle with Bluetooth, the invisibility factor would be even higher, since you wouldn’t even have the earphones’ cable around you to remind you that you are wearing an iPod. It would still be a nice device for commuting, or jogging, or during a workout.

Sure, you might say that these uses are now taken over by the Apple Watch or other smartwatches, but for an Apple Watch you’ll pay a minimum of $199 up to more than $1,000. An iPod shuffle would be a $50 device. If you’re a casual user who just wants to have some music while out and about, jogging, etc., and don’t use a smartwatch, a little wearable device like the iPod shuffle could still be your cup of tea. But maybe wanting from today’s Apple a fun, inexpensive, wearable, colourful device is asking too much. Here, have an AirTag instead.

Tyler Hall:

With all the shit in the world in the last few years, listening to music has become even more of a refuge and safe space for me than it ever was before.

But, for me at least, the incredible technological convergence of every single use-case into a deck of cards-sized pocket super-computer means that when I do want to only listen to music - there are a million beeps, boops, and badges fighting for my attention.

An underappreciated feature of the iPod (because it wasn’t a feature you could market during its heyday) was that it was only an iPod. Not also a mobile phone and internet communicator.

He bought a Sony NW-A105 Walkman running Android.

For all the amazing interactions touch screens have given us, until I clicked to the next track without taking this Walkman out of my pocket, I had forgotten how nice it is to control my music by touch - and not by voice or by first waking my phone from sleep and tapping a button I can’t feel.

Previously:

iCloud Drive Folder Sharing Risks Data Loss

Adam Engst:

Today’s target is the discovery that when collaborators in an iCloud Drive shared folder delete files or folders, those items are destroyed instantaneously, not put in the Trash or added to iCloud Drive’s Recently Deleted folder. They’re just gone, with no option for recovery. If that’s not bad enough—and it is—Apple has recently tweaked its already weak documentation in a way that further conceals this dangerous implementation.

Previously:

Sideloading via AltStore

Jared Newman:

AltStore has been downloaded more than 1.5 million times since its launch in 2019, and the service has more than 300,000 monthly active users.

[…]

As Apple faces more political pressure to let users install apps from outside the App Store, AltStore is preparing for its biggest updates yet. Users will soon be able to discover new apps to sideload directly through AltStore, so they don’t have to wade through questionable download sites.

[…]

The goal, Testut says, is to turn AltStore into a haven for independent apps that clash with Apple’s App Store policies.

[…]

To enable sideloading, users must install a companion app called AltServer on a Mac or Windows PC. This program then logs users in with their Apple ID, prepares their account for development, and signs the AltStore app so that it looks like the user created it. AltServer then uses the iTunes sync protocol to send AltStore to the user’s iPhone or iPad.

[…]

As for the kind of apps that AltStore plans to curate, Testut points to UTM, an app for running virtualized versions of other operating systems, such as Windows and Linux, on an iPhone or iPad. […] “You would think that allowing high performance apps would be to Apple’s benefit as they keep making more and more powerful iPads, but the state of (allowed) iPad software has been stagnant,” says UTM’s developer, who goes by the pseudonym Osy.

As previously discussed, there are Apple-imposed limits to the number of apps that can be installed, and apps must be refreshed weekly by AltServer in order to keep working.

See also: Matt Birchler.

Previously:

On App Store Pricing Inflexibility

Jeff Johnson:

If I made StopTheMadness universal and gave the iOS version to previous Mac customers for free, even to the customers who only paid $4.99 three years prior, I’d be passing up a huge amount of money — money I desperately needed at the time just to stay afloat.

The App Store unfortunately doesn’t support paid upgrades. Nonetheless, in my own mind, I treated StopTheMadness on iOS as a kind of paid upgrade: if you already purchased the Mac version, and you wanted the new iOS version, you had to pay extra.

[…]

If I charge $9.99 for the universal app, or even more than $9.99 to reflect the added value of cross-platform support, then I scare away potential buyers of the iOS version. On the other hand, if I charge $7.99 for the universal app, I may be losing a lot of revenue. Despite the wild claims of people who are ignorant of the software business, little indie developers like me can’t “make it up in volume” with lower prices, because the hardest part of selling for an indie developer is making potential customers aware of the existence of your app. Lowering your price doesn’t magically make customers appear.

I think the inflexibility of pricing upgrades and different versions of the same app is holding back the products that are available. It seems like the App Store is designed for apps where the software is really a window for selling content or a service. If the app itself is the product, and the goal is to tailor it to each platform and to build deep features over time, the paid-upfront universal model is a bad fit. Subscriptions help in some ways, but they don’t account for the facts that customers don’t want to pay for platforms they aren’t using and that developing for more platforms is more expensive. It takes a lot more than a clicking checkbox.

Previously:

Thursday, May 12, 2022 [Tweets] [Favorites]

The Apple Services Experience Is Not Good Enough

Benjamin Mayo:

Apple’s services tick the boxes, and they mostly do what they promise. However, nothing comes close to the quality of experience I expect to have from things branded with the Apple logo. When I am using these apps, I am not filled with confidence that striving for greatness was a top priority. Far too often, meeting revenue goals and business objectives seem more important to their creation.

They are built to a passing grade, but nothing more. Basic features found in services from rival companies are either lacking altogether in Apple’s apps, or implemented half-heartedly and performance is sluggish. Browsing in Music and TV is painful, with an over-reliance on the infinite scroll. New content is just tacked on the bottom of already long lists. Meanwhile, the navigation bars are blank when they could include simple shortcut buttons and filters to help users navigate and explore. Moreover, these apps feature too many loading states and too much waiting around. They are akin to janky web apps, rather than richly-compelling responsive experiences.

The services apps are all frustrating to use. In may ways, they feel worse than Web apps. I cannot believe how Apple has let them regress so much. I miss iTunes from 15 years ago. Looking through movies in the TV app the other day: there is no way to see a sorted list of titles. There’s no way to search my list of purchases, nor even to jump-scroll by letter. There is no way to mark a movie on my iPhone so that I can easily find it again on my Apple TV. I guess I could start playing it for a few seconds to make it appear in Up Next? But I don’t want to download it onto my phone, and the sideways scrolling Up Next list is hard to work with and also includes the things that I’m currently watching. Why does it scroll sideways? I guess so that the rest of the screen can be used to promote Apple TV+ content.

Previously:

Update (2022-05-13): Craig Grannell:

  • Going into Albums view in Photos on iPhone and dragging up to prompt photos to actually upload
  • Regularly force-quitting bird in Activity Monitor to get iCloud docs to sync
  • Restarting Music to get streaming to play

Becky Hansmeyer:

There is downloaded, on-device video content in the TV app on my kids’ iPads that they literally cannot access without an internet connection. I have to tether their iPads to my phone in the car to get their library to appear. Otherwise it just shows an empty state.

Mike Rockwell:

I maintain an old Mac Mini that runs El Capitan and an even older iMac that runs Snow Leopard. iTunes is so much better on those older machines than the current state of the TV app, Apple Music, and Apple Podcasts.

My current pet peeve is the Podcast app’s lack of OPML export or import. What a terrible, user-hostile omission.

Update (2022-05-24): Nick Heer:

Apple’s native apps on these devices simply are not good enough, and that is bananas. The company’s whole thing is that it makes the entire widget, so hardware, software, and services can work seamlessly together. But they do not. They feel brittle, like I am using prototypes where any deviation from a golden path is a risky endeavour.

Update (2022-06-06): Jacob Svensson (via Hacker News):

There is no other software that I use and pay for that can compare to Apple Music when it comes to severe bugs and annoyances. The worst of the Apple Music clients is that on macOS.

@MainActor Not Guaranteed

Ole Begemann:

@MainActor is a Swift annotation to coerce a function to always run on the main thread and to enable the compiler to verify this. How does this work? In this article, I’m going to reimplement @MainActor in a slightly simplified form for illustration purposes, mainly to show how little “magic” there is to it. The code of the real implementation in the Swift standard library is available in the Swift repository.

[…]

@MainActor already uses the unofficial ability for an actor to provide a custom executor, and we’re going to do the same for our reimplementation. A serial executor that runs its job on the main dispatch queue is implemented as follows.

[…]

John McCall’s draft proposal for custom executors is worth reading, particularly the philosophy section.

Rob Jonson (tweet):

For good measure – I mark the task as @MainActor.

My expectation was the following

  1. in doWork(), it would return off the main thread after Background().go()
  2. @MainActor annotation would ensure that calling self.mainDate would happen on the main thread – or there would be a compiler error
  3. @MainActor annotation would ensure that calling self.storedDate would happen on the main thread – or there would be a compiler error

#2 and #3 are false.

[…]

Bizarrely – If include a print statement in my task, then everything does run on the main thread!!!

Ole Begemann:

If you’re writing Swift concurrency code, add these compiler flags:

-Xfrontend -warn-concurrency -Xfrontend -enable-actor-data-race-checks

(in Xcode: Other Swift Flags)

Warnings in Swift 5.5 identify unsafe constructs, will become errors in Swift 6.

Rob Jonson:

Moving the exact same code out of the NSViewController and into a separate class (that inherits from nothing) causes the expected compiler warnings to kick in.

It seems that my model is ‘Sendable’ – so now the compiler can do magic.

This feels like an important limitation that should be in BIG BOLD LETTERS in the documentation…

See also: @MainActor ignored by the compiler.

Update (2022-05-13): See also: Frank Illenberger.

Extended Verification Certificates

Troy Hunt (via Nick Heer):

Ah, now we know the cert has been issued to DigiCert Inc. in the US. So, all good right? No, because who are they? I mean, all we know is that the cert has been issued to an entity with that name, we don’t know if they are a certificate authority or a company that certifies how many fingers you have on your hand (digits - get it?). This is what Ian Carroll demonstrated a few years back when he got an EV cert for Stripe Inc. Perfectly legit cert issued to a perfectly legit entity, just not the one everyone thought it was.

[…]

Amazon doesn’t have an EV cert, inevitably because they’re smart enough to realise it wouldn’t do them any good if they did! But you see the problem: if DigiCert wants to make the case that you should inspect a cert by drilling down 2 clicks (not one) before trusting the site, that clearly flies in the face of how the web actually works. Same with eBay. Same with Alibaba. Same with the little shop I buy my coffee from. Don’t “look beyond the lock” because if you do, you’re not going to be buying anything online any more.

[…]

Let’s keep humouring DigiCert: how do you look “beyond the lock” on mobile? You know, those devices that are now massively dominant in the mobile shopping space? The ones that account for about three quarters of all e-commerce sales? Try it on Safari on iOS. Can you figure out how to inspect a site’s certificate? You won’t, because you can’t.

Proposed EU Digital Markets and Services Acts

James Vincent (Hacker News):

Early Saturday morning, after hours of negotiations, the bloc agreed on the broad terms of the Digital Services Act, or DSA, which will force tech companies to take greater responsibility for content that appears on their platforms. New obligations include removing illegal content and goods more quickly, explaining to users and researchers how their algorithms work, and taking stricter action on the spread of misinformation. Companies face fines of up to 6 percent of their annual turnover for noncompliance.

[…]

Large online platforms like Facebook will have to make the working of their recommender algorithms (used for sorting content on the News Feed or suggesting TV shows on Netflix) transparent to users. Users should also be offered a recommender system “not based on profiling.”

[…]

Hosting services and online platforms will have to explain clearly why they have removed illegal content as well as give users the ability to appeal such takedowns. The DSA itself does not define what content is illegal, though, and leaves this up to individual countries.

Thomas Claburn (Hacker News):

In short, when the DMA takes effect in 2024, it appears that Apple will be required to allow browser competition on iOS devices.

Hartley Charlton:

Apple will be forced to allow users to utilize third-party app stores and payment systems, as well as make iMessage interoperable with other messaging services, by the European Union’s Digital Markets Act (DMA), according to a newly published document from the European Commission.

Steve Troughton-Smith:

From the start, we knew the App Store was a symbiotic environment designed to create value-add for Apple devices by giving devs great tools to make apps to entice customers to Apple, whilst also ensuring to deny devs any ability to ever remotely threaten Apple’s position of power

It was an incredibly-delicate, calculated ‘truce’ that relied on Apple not overstepping into abuse. Apple, through greed, was unable to maintain status quo. Instead of reform, set in motion to burn it all down + spent 3 years illustrating to devs just how small & worthless we are

The idea that governments would ever step in and ‘save’ the platform from Apple’s nannying, abuse, was a pipe dream few of us back in ’08 thought would happen in a million years. Yet somehow, bit by bit, Apple pushed far enough across that line to bring us to where we are today

Jesper:

I’ve never understood why people have been so bewitched about the positive potential outcomes. Purely by making the operating system, defining the APIs, bundling its own software, manufacturing its own hardware, tying the operating system to its hardware and vice versa and selling even more of its own software, Apple has plenty of opportunity to set good examples and draw people to the combined value proposition. Why the hell does it need any more control than that?

[…]

iOS and the App Store has not been a truce. It has been a destructive, abusive, lopsided, mistrustful relationship; a relationship that has allowed access to a platform advantageous enough to make you close your eyes and think of multi-touch. It has been an insult to history, an exercise in attempting to redefine away the fundamental facts of the market and of their existing user base and developer ecosystem in a puff of malevolent marketing.

Foo Yun Chee (via Hacker News):

Apple faces a possible hefty fine and may have to open its mobile payment system to competitors after EU antitrust regulators charged the iPhone maker with restricting rivals’ access to its technology used for mobile wallets.

Previously:

Wednesday, May 11, 2022 [Tweets] [Favorites]

Microsoft’s Adaptive Accessories

Mitchell Clark:

Microsoft has announced a lineup of adaptive accessories which are meant to augment or replace the regular keyboards and mice that people with disabilities could struggle to use. The lineup consists of three different devices: the Adaptive Mouse, Adaptive Buttons, and the Adaptive Hub. The mouse and buttons are made to support 3D-printed accessories so you can customize them to work the way you want them to.

[…]

Microsoft says that its adaptive accessories will be launching in the fall, though there isn’t yet info on how much the devices will cost yet.

AirPlay Bugs

Nick Heer:

Here are the two ways I most frequently use AirPlay through my Apple TV:

  1. I want to listen to music on my living room speakers, so I play albums — local and streamed from Apple Music — from my iPhone or my Mac.

  2. I want to watch a movie I previously ripped from disc or a TV show I have in my library, so I will AirPlay from QuickTime on my Mac.

Both of these features are acknowledged on Apple’s AirPlay marketing webpage, but neither works as expected.

[…]

I have filed bug reports against all of these behaviours. It is this last one where I received the biggest surprise: Apple closed it with the explanation that it “works as currently designed”.

USB-C Hubs Breaking Ethernet Networks

algalgal:

I recently learned that some USB-C hubs, with power pass through and an Ethernet port, seem to destabilize a wired network when they are connected to ethernet and to power but not to a computer. They do this by flooding the network with bad traffic (or maybe PAUSE frames).

[…]

It sounds unlikely but it seems like a longstanding issue if you look for it.

This carefully researched 2018 reddit post does the best job documenting the issue in depth, manifesting on a TOTO USB-C hub. This blog post describes the same issue with Aukey and Flyland hubs. This 2020 forum post describes the issue with an Orbi router. More recently, this 2021 forum post describes it in a Dell monitor’s embedded USB-C hub

I believe I’m seeing it myself. My new Anker PowerExpand 8-in-1’s Ethernet port lights up with a lot of “phantom” network activity even when there’s no computer attached. Then later, a computer and other devices plugged into the same network switch as that USB-C hub will lose wired connectivity. Restarting the switch resolves the problem. But the problem is also solved by never leaving the hub USB-C powered and connected without a computer!

Via Kyle Howells:

I’ve had this problem with 3 different ethernet adapters. If I leave the ethernet USB hub plugged into the ethernet switch it will break the switch sending any network traffic at all unless I unplug it & reboot the switch.

KittensInc:

The interesting thing is that the hub doesn’t seem to be anything explicitly wrong here.

[…]

USB is a bit flaky, and sometimes the connection burps and drops out for a fraction of a second. You don’t really want to lose any data, so you just add a small buffer on the adapter so you can resume when the connection comes back.

But doing that is expensive, and you still run the risk of the buffer filling up. Turns out Ethernet supports a “pause” command which tells the switch to halt sending new data for a bit!

[…]

Besides, it’s completely harmless.

Well, until someone doesn’t really read the Ethernet specs when designing switches. Turns out some switches will honor the pause command, and then forward it to all other device. A blatant violation of the spec, but nobody notices because the pause thing was specified in 1997 and most people forgot about it because it turned out to be pretty useless. And of course the devices they forward it to are honoring the pause commands, so they stop sending data altogether.

Problems With Promotion-Oriented Cultures

Zach Lloyd (via Hacker News):

If you’re an engineer at Google or Facebook, you’re likely focused on one career question: when am I going to make it to the next level?

Getting to the next level unlocks a lot – more money, more responsibility, more respect, a feeling of progress – and even if you care deeply about other things (your product, your users, etc), you can’t really avoid caring about promotion as well.

[…]

The main problem with promotion-oriented culture is that it’s very hard to align promotion-criteria with business objectives, and so engineers end up doing a lot of work that doesn’t necessarily most benefit the product, users, or business – or even potentially their own growth.

[…]

Our [Google Sheets] engineers cared about the product and wanted to polish it. But they also wanted to be promoted. And so we would deprioritize product polish for projects that looked better to a promotion committee.

xoofoog:

But the root cause isn’t that people want to get promoted. It’s that Google promotes people for the wrong reasons. Put very simply, the problem is that Google promotes people for “solving hard problems” not for solving USEFUL problems.

Imagine if people did get promoted for fixing bugs instead of building a new product (to be abandoned)! Or if maintaining an existing system was somehow on par with building a new system (which is just a bigger more complicated version of something perfectly good). The googler would say “well those useful problems are too easy to merit a promotion.

Previously:

Update (2022-05-19): See also: Hacker News.

Tuesday, May 10, 2022 [Tweets] [Favorites]

iPod touch Discontinued

Apple (MacRumors, Hacker News, Slashdot):

Since its introduction over 20 years ago, iPod has captivated users all over the world who love the ability to take their music with them on the go. Today, the experience of taking one’s music library out into the world has been integrated across Apple’s product line — from iPhone and Apple Watch to iPad and Mac — along with access to more than 90 million songs and over 30,000 playlists available via Apple Music.

“Music has always been part of our core at Apple, and bringing it to hundreds of millions of users in the way iPod did impacted more than just the music industry — it also redefined how music is discovered, listened to, and shared,” said Greg Joswiak, Apple’s senior vice president of Worldwide Marketing.

John Gruber:

It’s been under-remarked-upon how good the Apple Newsroom site has been. Back in the Jobs era, Apple would post things to the “Hot News” page of apple.com and when it was no longer hot or news, it would just disappear. Newsroom posts feel permanent. Apple’s post today contains a nice gallery of the best and most beloved iPod models: the 2001 original, the 2004 Mini, the 2006 Nano (which really propelled the lineup into what we then thought was the stratosphere of popularity), the 2007 Touch, the 2012 seventh generation Nano, and the Shuffle.

Dr. Drang:

End of an era at Apple. I believe this is the first time an exec has failed to refer to music as “part of Apple’s DNA.”

John Voorhees:

The way Apple handles discontinued products is interesting.

Most quietly disappear as replacements are announced. When there’s not a replacement things get interesting…

HomePod - ended with a statement to @panzer

iPod touch - a press release that never says it’s discontinued

Simone Manganelli:

The discontinuation of the iPod touch shows just how myopic Apple has become.

Apple could easily continue making it by taking an iPhone SE and removing the cell capabilities. There’s still plenty of people who’d use it.

But it just doesn’t want to sell anything low-priced.

Ross Boucher:

Imagine if, instead of cancelling the iPod touch, Apple released a new iPod touch that was cheaper than an SE and completely unlocked. It could open up so many possibilities.

For comparison, iPod touch started at $199. Of the remaining products, iPad starts at $329, and iPhone SE starts at $429. (Apple notes that Apple Watch SE starts at $279, but it is much less capable than iPod touch; it does not mention the $199 Apple Watch Series 3, which most people agree should not be purchased.)

It’s a shame that iPod touch languished so much at the end of its life. Once a peer, which was actually superior as a music player, it stopped getting the modern iPhone features and hardware. Nor did Apple make it aggressively cheaper, where it might have found a niche as a sort of Raspberry Pi for iOS. Alas, Apple’s vision for iOS has never included tinkerers.

Nick Heer:

For what it is worth, I think the true iPod era ended in either 2014, when the Classic was discontinued, or 2017 when the last Nano and Shuffle were made. But this was the last pocket-friendly Apple device you could buy that was not dependent on monthly fees. Pour one out for the last of the iPods.

Previously:

Update (2022-05-11): Francisco Tolmasky:

The iPod was discontinued over a decade years ago, I don’t know why anyone is making a big deal about it today. If they came out with a Mac mini with no WiFi and called it “the new iPod,” it would be as much of an iPod as the cellular-less iPhone they’ve been selling for 10 years

I tend to agree that iPod touch was not a true iPod. Removing the physical controls made it a more versatile device but worse for playing music. I also think that the Music app, while fancier looking, is more difficult to navigate than the old iPods or the iPod app.

Steven Sinofsky:

I will be switching back to this now that Apple as simply abandoned customers.

Jim Allchin (in 2003):

Apple is just so far ahead. How can we get the IHVs to create something that is competitive with the iPOD? I looked at the DELL system and that is not close either.

Douglas Hill:

The discontinuation of the iPod touch is the discontinuation of one-handed computing for most people. I don’t know of anything else that size on the market anymore.

Joe Rossignol:

Just one day after Apple announced it is discontinuing the iPod touch, which remains available “while supplies last,” the portable music player is now listed as “sold out” in some configurations on Apple’s online store in the United States.

Phantom AirTag Alerts

Dalvin Brown (via Joanna Stern):

Apple iPhone Users Got Alerts About Strangers’ AirTags. The Trackers Were Never Found. The company alerts users when an unknown AirTag is ‘near you.’ When those people don’t appear to be in the path of any rogue tracker, confusion and concern follow.

Josh Centers:

Apple wisely designed the Find My system so your iPhone alerts you if it determines that you’re traveling with an unknown AirTag. But unfortunately, you’re also alerted even if you’re knowingly traveling with an AirTag owned by a friend or relative. I regularly use my wife’s car, which means borrowing her keys, taking her attached AirTag with me, and getting AirTag alerts.

[…]

Once you get the “AirTag Found Moving With You” alert, tap the notification to see the AirTag in the Find My app, and then tap Pause Safety Alerts to stop receiving alerts for that particular AirTag.

But you can only pause it for the rest of the day.

I run into a similar issue where my iPhone always alerts me that I’m leaving my iPad behind. There’s an option to turn that off, but a day—or sometimes only hours—later it warns me again.

Previously:

Tony Fadell and “Build”

Nilay Patel:

Tony’s written a new book called Build: An Unorthodox Guide to Making Things Worth Making, which, I’ll be honest, is total bait for Decoder. It’s one part memoir, one part tech industry gossip, and one part org charts and decision-making. Seriously, this book has a lengthy section with actual diagrams of org charts to illustrate how company cultures change as things get bigger.

Tony Fadell (via Jason Snell):

Steve didn’t just read a script for the presentation. He’d been telling a version of that same story every single day for months and months during development—to us, to his friends, his family. He was constantly working on it, refining it. Every time he’d get a puzzled look or a request for clarification from his unwitting early audience, he’d sand it down, tweak it slightly, until it was perfectly polished.

It was the story of the product. And it drove what we built.

If part of the story didn’t work, then part of the product wasn’t going to work, either, and would need to be changed.

ACM Still Unsatisfied With Apple’s Dating Apps Rules

Joe Rossignol:

In a statement obtained by journalist Nando Kasteleijn, the Authority for Consumers and Markets (ACM) said that while Apple eliminating its requirement for Dutch dating apps to create a separate app binary in order to accept alternative payments was an improvement, the company has yet to fully comply with Dutch and European regulations. The statement did not outline the specific conditions that Apple has yet to comply with.

They could have at least picked a decimal number at random.

Previously:

Monday, May 9, 2022 [Tweets] [Favorites]

Apple Support Community Forums

Howard Oakley:

After a brief exchange with a Level 10 expert [in the Apple Support Community Forums], they were told that they could delete a large snapshot on their Mac’s Fusion Drive ‘to free up space’. The snapshot in question was clearly the Signed and Sealed System Volume (SSV) from which their Mac was currently booted.

[…]

Recently, I’ve heard of other disturbing problems occurring on those same forums. One concerns recommending solutions which involve turning SIP off, and similar essential manoeuvres. Much as we all dislike doing that, there are times when you can’t solve a problem with SIP turned on, and that’s an intentional security feature. However, it’s apparently well known that if you post a solution there explaining how to do that, your response will be removed. It seems that, as a matter of unwritten policy, that’s not allowed.

[…]

Getting sage support for Macs is becoming increasingly difficult. Other places offer forums, in which a mixture of the excellent and absurd abound in equal measure. Telling them apart is just as hard whether they flaunt hundreds of thousands of points, many awarded for attending Communities meet ups (25 points) or someone liking your User Tips (10 points), or just give the air of knowing what they’re talking about. That Level 10 expert might have earned most of those points from their deep knowledge of Mail or Photos, and be completely unaware of huge swathes of macOS.

Forums have always been somewhat hit-or-miss, hilariously bad advice mixed in with really insightful stuff that you wouldn’t get from an official source. From my perspective, what has been getting worse lately is that it’s harder to find solutions via general Web searches. I keep running into outdated advice and pages that are filler/SEO content that doesn’t answer the question, even incorrectly.

Previously:

Google Docs “And” Loop

Bryan Menegus (via Dave Mark):

And. And. And. And. And.

For whatever reason that specific string of words seems to be enough to permanently brick a Google Docs page. Noted Google’s support pages mere hours ago, the poster who seemingly discovered this unusual bug is quick to point out that the series of five conjunctions, separated by periods, is case-sensitive (at least if the goal is to cause the document in question to become unusable.)

Engadget was able to confirm the issue on a 16-inch 2019 MacBook Pro running Monteray 12.3.1 and Google Chrome 100.0.4896.127… and we were summarily greeted by the “Something went wrong” popover as well as its loathsome cousin “Unable to load file.” Reloading the page as prompted results in the same popovers. In effect, a death loop.

What a strange bug. It sounds like you can’t even access the document enough to revert the last edit. I wonder whether you can download it or if your data is totally inaccessible?

Previously:

The Information Rejected From App Store Over Pricing

Jessica Lessin:

Um. Anyone had an Apple App Store update rejected because Apple didnt like their pricing strategy? I cannot believe this just happened to @theinformation! Trying to fix but lets say this takes Apple’s power over the entire tech ecosystem to a new level.

For context, nothing tricky about pricing. Our standard app pricing with monthly and annual at a discount to monthly. Apple asks “Please explain what factors led you to choose this pricing.” Really Apple????

The price of hundreds of dollars per year is high compared with most apps but not compared with other professional publications. And the publication is well known and longstanding—obviously not a scam.

The role of the App Store should be to make it clear to customers what the price is, say on an annual basis, to prevent confusion due to different billing intervals. I don’t like Apple deciding whether a pricing strategy is appropriate, nor the policy of asking about your product roadmap before they allow you to offer a subscription.

Nick:

Yes this is exactly what I faced in 2018, with our education app Mathew.

Apple has recently shifted from human policing & enforcement to an algorithmic approach internally.

A softwares assessment that’s telling teams to investigate your app. Wish their was transparent here.

Getstic_ky:

Yes happened to our devs’ previous app multiple times, including on the very same day Tim Cook was telling US Congress ‘developers choose their own prices’.

Previously:

Alternative Android App Stores

Marine Nozerand (via Dave Verwer):

All in all, alternative app stores can be classified into different categories:

  • Device-specific app stores: like the Samsung Galaxy Store or the Huawei App Gallery
  • Country or culture-specific stores: AppToko is for Indonesians, Cafe Bazaar for a Persian speaking audience
  • Content-specific stores: Aurora Store is a tracking free app store, QuooApp is an app store dedicated to comics and games, TapTap is a game only app store, WhiteApp is an app store aimed at developers and allowing them to purchase apps or rights on some apps

[…]

Consumer spending is growing on third-party Android stores, their overall revenue is closing the gap with the Play Store.

Saturday, May 7, 2022 [Tweets] [Favorites]

JXA’s Parenthesis Paradox

Dr. Drang:

Because the name of the process is what we want to return, name has to go last in the chain of calls, and it’s the one that gets the parentheses. We’re applying the whose filter to the processes, so it has to go after processes. The properties we’re filtering on (just visible in this case) are set up as a JavaScript object that’s passed as an argument to whose.

Suppose we had two criteria for our filter? Let’s say we want all the visible processes that start with the letter M (which will return just Mail and Messages). In AppleScript, it’s easy to add an extra clause:

tell application "System Events" to get the name of every process ¬
    whose visible is true and name begins with "M"

In JXA, the syntax gets nasty:

Application('System Events').processes.whose(
    {visible: true, name: {_beginsWith: "M"}}).name();

JavaScript is nicer for basic programming and data manipulation, but Apple event stuff is much nicer in AppleScript.

Update (2022-05-10): See also: JavaScript vs. AppleScript.

Update (2022-06-10): Dr. Drang:

Next, we move on to whether JavaScript for Automation (JXA) is worth getting into at all. Do AppleScript concepts really translate well to JavaScript? The same day my last post was published, Rosemary and David released their Automators episode with Daniel Jalkut. While discussing Daniel’s FastScripts app, they had a little sidebar about JXA. Daniel doesn’t think much of it. “It just shouldn’t be there” was his most pithy comment, but he also mentioned an “impedance mismatch” between the JavaScript language and the AppleScript infrastructure underneath it. Exactly.

[…]

Finally, let’s talk about the reason I’ve used JXA for some scripts: JavaScript has a good regex engine and AppleScript has none.

Previously:

Inside Code Signing Technotes

TN3125: Provisioning Profiles:

A macOS app can claim certain entitlements without them being authorized by a provisioning profile. These unrestricted entitlements include:

  • com.apple.security.get-task-allow

  • com.apple.security.application-groups

  • Those used to enable and configure the App Sandbox

  • Those used to configure the Hardened Runtime

In contrast, restricted entitlements must be authorized by a provisioning profile. This is an important security feature on macOS. For example, the fact that the keychain-access-groups entitlement must be authorized by a profile means that other developers can’t impersonate your app in order to steal its keychain items.

[…]

Modern systems no longer treat the profile’s property list as the source of truth. Rather, they use the binary form of the profile stored in the profile’s DER-Encoded-Profile property[…]

TN3126: Hashes:

Every now and again an issue crops up where you actually need to understand how code signing works. For example:

  • Using the Latest Code Signature Format has a diagnostic process that involves code signing hash slots. While that process is actionable in and of itself, it makes more sense if you know what those hash slots hold.

  • The issue covered by Updating Mac Software makes more sense once you understand code signing’s lazy per-page signature checking.

This technote explains how code signing uses hashes to protect the code’s executable pages, resources, and metadata from tampering. This technology is absolutely central to code signing’s core function: protecting code from malicious modification.

TN3127: Requirements:

However, in some cases requirements are important, especially on macOS. For example:

  • If you’re building an XPC service, you might want to restrict it to specific clients. The best way to do this is by setting a code signing requirement on the connection with xpc_connection_set_peer_code_signing_requirement. But what requirement to use?

  • When working with privacy-protected resources on macOS, like the microphone, you might find that the system fails to remember your choices during development.

  • You might find that the keychain presents unexpected authorization alerts when you deploy your app through a new channel, like TestFlight.

Previously:

Bug Puts Apple Music in Dock

Juli Clover:

Apple Music appears to be affected by a bug that is causing the app to install itself directly into the dock when downloaded from the App Store, with the app even replacing other first and third-party apps located in the dock.

[…]

There have also been complaints that Apple Music is setting itself as the default music service when it is downloaded even if another music app was set as the default, but we have not been able to replicate this behavior.

[…]

Apple told MacRumors that it is aware of the issue and is looking into it.

Damien Petrilli:

Just like the “bug which re-enable Apple Music by itself in the settings all the time. A “bug”.

There are also longstanding bugs where users report that Software Update or Bluetooth gets switched on after an update. Most of the engineers and testers probably have all these features enabled, so preservation of the off state doesn’t get tested organically.

Previously:

ISPs Ordered to Block Three Pirate Streaming Services

Jon Brodkin:

A federal judge has ordered all Internet service providers in the United States to block three pirate streaming services operated by Doe defendants who never showed up to court and hid behind false identities.

The blocking orders affect Israel.tv, Israeli-tv.com, and Sdarot.tv, as well as related domains listed in the rulings and any other domains where the copyright-infringing websites may resurface in the future. The orders came in three essentially identical rulings (see here, here, and here) issued on April 26 in US District Court for the Southern District of New York.

[…]

The defendants are liable for copyright infringement and violated the anti-circumvention provision of the Digital Millennium Copyright Act (DMCA), the judge wrote[…]

[…]

The judge ordered domain registrars and registries to transfer the domain names to the plaintiffs.

Previously:

Friday, May 6, 2022 [Tweets] [Favorites]

One-click Time Machine Restore

Matt Sephton:

Often I want to restore the latest version of a file from Time Machine, but using the Time Machine interface to do so is awkward and slow. So I came up with my own solution that can be triggered from the Finder context menu of any file.

[…]

This takes a seconds or two, depending on the size of the file in question. Most importantly this saves interrupting my workflow by having to opening the Time Machine interface and zooming through all those windows looking for the file.

Camo 1.6

Michael Potuck:

Reincubate launched its Camo app back in 2020 to seamlessly upgrade your Mac’s webcam with the iPhone you already have. Over the last two years, the app has been continuously upgraded, and today brings a major milestone. Camo now has official support to use your iPhone as the webcam in FaceTime, Safari, and QuickTime Mac apps.

[…]

After talking with Apple over the last couple of years, Reincubate has been able to build official support for Camo into first-party Mac apps.

Scarlet Salkeld:

I bought just about every type of stand on the market, and even tried constructing some makeshift ones from things I had around the house. In this guide, I'm going to run through which ones might work for you, and why.

James Thomson:

So, this is the iPhone XS Max rear camera via @reincubate Camo, with a few tweaks. Nowhere near the Sony ZV-1 obviously, but realistically good enough for what I need to do[…]

Previously:

Apple Lowers Trade-In Values

Joe Rossignol:

Apple this week lowered its estimated trade-in values for select Mac, iPad, and Apple Watch models in the United States.

iMacs are down from a maximum of $1,200 to $850. When I traded in my iMac a month or so ago, I was surprised to find that Apple offered the best price, by almost $100. Now Apple is offering $215 less than before, which is more typical. So perhaps it is just slower to adjust.

Previously:

iPhone 4S Performance Settlement

Sami Fathi:

Apple has agreed to settle a long-lasting six-year class-action lawsuit that accused it of knowingly slowing down iPhone 4S devices following the iOS 9 update in 2015, agreeing to pay some iPhone 4S owners who had experienced poor performance $15 each for their claims.

The update was marketed as making the iPhone “faster and more responsive” but, at least on that hardware, it did the opposite. Alas, after updating iOS, there is no way to revert. This settlement has got to be a win for Apple—such a small payment and after delaying for so many years.

Previously:

Thursday, May 5, 2022 [Tweets] [Favorites]

ReadKit 3

Balazs Varkonyi:

  • Universal app: same features and same services are supported on iOS and macOS.
  • Brand new macOS application with new design and improved functionality.
  • New supported services on macOS: BazQux, FreshRSS, Inoreader, Miniflux, The Old Reader, Tiny Tiny RSS, Wallabag.
  • Safari Extension to subscribe to feeds from Safari on macOS.
  • Improved focus-based navigation with left/right arrow keys.

The old Mac app was an iOS-style AppKit app. Now it’s an iOS-style Catalyst app, with many parts written using SwiftUI.

ReadKit 2.5 was $9.99. The new version is free (with no ads) and has premium features available for a $9.99/year subscription ($1.99/month or $39.99 lifetime):

  • Universal purchase: all premium features are available on both iOS and macOS with a single purchase.
  • Multiple accounts: use it with two or more accounts at the same time. Allows you to save articles from RSS feeds to read-later accounts.
  • Unlimited feeds: unlocks the limit of 20 feed for the built-in RSS service.
  • Manage folders and tags: allows to organize feeds and read-later articles into folders or tags.
  • Reader mode: displays the full text of article, even if it’s not included in the feed source.

OPML import and export are also premium features, though likely also available via your syncing service, if you have one. iCloud syncing for local accounts is promised for an upcoming version.

Previously:

Open Letter About Apple Remote Work

Stephen Warwick (Hacker News):

A group of Apple employees has penned an angry letter to the company’s executive team over its office-bound work policy that doesn’t let them work remotely for more than two days a week.

[…]

The group says the most important reason that the hybrid working pilot is bad, is because it sends a bad message to customers:

We tell all of our customers how great our products are for remote work, yet, we ourselves, cannot use them to work remotely? How can we expect our customers to take that seriously? How can we understand what problems of remote work need solving in our products if we don’t live it?

The same irony was not lost in a March video posted by the company touting the benefits of remote working using devices like its best iPhones, iPads, and MacBooks for remote collaboration. The film told the story of a group called ‘The Underdogs’ who literally escape “from their evil boss’s clutches.”

Apple Together:

In your first email titled “Returning to our Offices”, you talk about “the serendipity that comes from bumping into colleagues” when everyone is in the same place. Except we are not all in one place. We don’t have just one office, we have many. And often, our functional organizations have their own office buildings, in which employees from other orgs cannot work. This siloed structure is part of our culture. It doesn’t take luck to overcome the communication silos and make cross-functional connections that are vital for Apple to function, it takes intentionality. We need to be able to reach out to each other intentionally, and have the chance to do so.

Slack has made this much easier over the last two years. Yet, you choose to keep us all in separate siloed Slack workspaces and try to prevent us from talking to each other, so software engineers don’t accidentally talk to AppleCare employees, and retail staff don’t accidentally meet hardware engineers.

[…]

What is also required for creativity and excellent work for many of us is time for deep thought. But being in an office often does not enable this, especially not many of our newer offices, with their open floor plans, which make it hard to concentrate on anything for an extended amount of time.

And with everyone working “remotely” it was much easier to reach out to colleagues in other offices. For example, a US team member could easily have a meeting with someone from the UK in the morning and meet with someone from Japan a couple hours later in the afternoon. This enabled a kind of international collaboration that we didn’t see before, where especially colleagues from “far away” locations could finally contribute as well as people in our major offices and no longer felt like second-class participants in meetings.

They make a lot of good points. It’s hard for any of us on the outside to adjudicate how well the previous remote policy worked, and different people and groups probably have different opinions on that. I think the main weakness in the letter’s argument is that it’s framed as “people should get to choose,” but that’s not really possible. If anyone can choose to be remote, that prevents the rest of their team from being able to choose to work (with them) in person. I don’t think anyone prefers hybrid meetings. There’s no solution that will please everyone.

Previously:

Update (2022-05-09): Sami Fathi:

Apple’s director of machine learning, Ian Goodfellow, has resigned from his role a little over four years after he joined the company after previously being one of Google’s top AI employees, according to The Verge’s Zoë Schiffer.

Update (2022-05-20): Richard Lawler and Zoe Schiffer (MacRumors):

Apple is delaying moving forward on its hybrid return to work for office employees, saying in a memo seen by The Verge and (reported earlier by Bloomberg) that “we are extending the phase-in period of the pilot and maintaining two days a week in the office for the time being.” Employees who are in the current two-day-per-week pilot will have the option to once again work fully remote if they feel uncomfortable coming into the office.

In the memo, the company’s COVID-19 response team says that its updates are based on monitoring local info like test positivity and hospitalization rates. The memo also asks employees to go back to wearing masks when in common areas like meeting rooms, hallways, and elevators.

Juli Clover:

Goodfellow has now found another company to work for, taking a position with DeepMind, a subsidiary of Alphabet, reports Bloomberg.

Update (2022-08-29): Juli Clover (Hacker News):

Apple today informed corporate employees that they must return to the office for three days starting the week of Monday, September 5, reports Bloomberg.

CDC Bought Phone Location Data

Joseph Cox (Hacker News):

The Centers for Disease Control and Prevention (CDC) bought access to location data harvested from tens of millions of phones in the United States to perform analysis of compliance with curfews, track patterns of people visiting K-12 schools, and specifically monitor the effectiveness of policy in the Navajo Nation, according to CDC documents obtained by Motherboard. The documents also show that although the CDC used COVID-19 as a reason to buy access to the data more quickly, it intended to use it for more-general CDC purposes.

[…]

SafeGraph is part of the ballooning location industry, and SafeGraph has previously shared datasets containing 18 million cellphones from the United States. The documents say this acquisition is for data that is geographically representative, “i.e., derived from at least 20 million active cellphone users per day across the United States.”

[…]

Researchers at the EFF separately obtained documents concerning the CDC’s purchase of similar location data products from a company called Cubeiq as well as the SafeGraph documents.

[…]

Google banned SafeGraph from its Google Play Store in June. This meant that any app developers using SafeGraph’s code had to remove it from their apps, or face having their app removed from the store.

Nick Heer:

In a context vacuum, it would be better if health agencies were able to collect physical locations in a regulated and safe way for all kinds of diseases. But there have been at least stories about wild overreach during this pandemic alone: this one, in which the CDC wanted location data for all sorts of uses beyond contact tracing, and Singapore’s acknowledgement that data from its TraceTogether app — not based on the Apple–Google framework — was made available to police. These episodes do not engender confidence.

Also — and I could write these words for any of the number of posts I have published about the data broker economy — it is super weird how this data can be purchased by just about anyone. Any number of apps on our phones report our location to hundreds of these companies we have never heard of, and then a government agency or a media organization or some dude can just buy it in ostensibly anonymized form. This is the totally legal but horrific present.

Previously:

EU Objects to Apple Limiting Third-Party Access to NFC

Eric Slivka:

In line with a report late last week, the European Commission today officially announced that it has issued a Statement of Objections to Apple over its restrictions that prevent third-party services from accessing the NFC capabilities of the iPhone, thereby restricting competition in mobile wallets on iOS.

[…]

European Commission Executive Vice-President Margrethe Vestager argues that access to NFC is a requirement for viable mobile wallet services at brick-and-mortar locations.

John Gruber:

Apple took a vibrant, perfectly balanced market where NFC payments were used by almost no one and turned it into a market where Apple Pay is accepted at most brick and mortar retailers and millions of iPhone users enjoy using it, with whatever credit and debit cards they choose. Let’s get back to a balanced market, right?

It’s hard to tease out what caused what because access to iPhone’s NFC hardware was tied to the availability of Apple Pay. So we went from Apple blocking progress in this area to promoting its own (very good) solution. There was never a market where customers could choose among alternatives.

The E.C. complaint wavers between claiming Apple Pay dominates NFC payments on iPhones and dominates the entire industry. The latter was true as recently as October 2017, when Apple Pay accounted for 90 percent of all contactless transactions globally, where it was available. As I noted at the time, that’s a remarkable achievement for a platform that by all accounts is a distant second to Android in global market share.

It is, but we also know that—separate from NFC—the App Store generates more than double the revenue of the Google Play Store. (Hardware revenue is also disproportional.) So how much of the payments difference is because Apple Pay is so good and how much of it relates to iOS and Android customers being different?

Nick Heer:

In Canada, where tapping to pay for stuff has been similarly commonplace for years, people use their cards about twice as often as they use a mobile wallet, according to a 2021 report from Payments Canada[…]

[…]

If mobile wallet apps were so much more amazing to use, should they not have much greater adoption than this? It is ironic that the one clear benefit they provide — security — is cited as a reason against their use.

This report also found Apple Pay is used more than Samsung Pay only by four percentage points, even though iPhones are about twice as popular here as Samsung phones.

John Gruber:

I don’t see how the security implications of any of these features — payments, car keys, getting into hotel and dorm rooms — are not obvious.

[…]

I mean, it’s all just ones and zeroes. Apple could allow users to add third-party wallet apps and grant them permission to be invoked simply by double-pressing the side button. But what happens then? Do you get an extra step where the user has to choose which wallet to use, Apple Wallet or a third-party one? Or does the third-party one replace Apple Wallet? What happens when you add a second third-party wallet app? It would get confusing very quickly.

It is not obvious to me that this couldn’t be opened up in a secure way. It’s true that things could get more confusing, though the same could be said of many other areas that are (rightly) not locked down today. The question is whether the potential benefits are worth it.

Ben Brody:

Apple told the Wall Street Journal it is “setting industry-leading standards for privacy and security” while providing would-be competitors access to the technology on the same terms as it operates. The pushback echoes Apple’s defense in other antitrust cases, including those targeting its App Store: The company often insists that features that appear to create a closed ecosystem funneling consumers through its products are merely security protections.

Nick Heer:

Are the security features it has built for Apple Pay unique to the implementation of that service, unable to be reproduced by or for third parties? I am asking honestly. Apple’s statement manages to be both misleading — “Apple Pay […] has ensured equal access to NFC” makes no sense — and vague about its security standards. Apple’s security guide suggests deep hardware and software integration lends Apple Pay a superlative level of security, but it does not say anything about why this could not be made available to third parties.

John Gruber:

Is the E.C.’s argument that any third-party app should be able to wake up and respond to an NFC tap?

[…]

To me it’s clear that the wallet itself belongs as part of the system. It’s the elements inside the wallet that should be open to third-party apps, which is exactly how Apple Wallet works. That NFC card readers in retail point-of-sale terminals only work with credit and debit cards isn’t Apple’s fault or responsibility, and Apple Pay integrates with any and all credit and debit cards that choose to support Apple Wallet.

So, because Apple makes the phone, they should get a percentage of every credit card transaction that goes through the phone’s NFC chip? And what potential features might we be losing out on? For example, there’s no way to sync my Apple wallet with a non-Apple device.

Update (2022-05-09): Damien Petrilli:

Also because of Apple lockdown, most NFC public transport systems are android only (ex: Paris, Lyon in France)

Wednesday, May 4, 2022 [Tweets] [Favorites]

Studio Display 15.5 Firmware Beta 2

Juli Clover:

Apple today released a second beta version of new 15.5 firmware that’s coming to the Studio Display, with the software coming one week after the launch of the first beta. The Studio Display firmware is designed to improve the function of the webcam on the device.

James Thomson:

Comparing the new beta Studio Display firmware (1st pic) with the beta from last week (2nd pic), picture quality does seem to be still improving - I’m less red and there’s more contrast.

Jason Snell:

We can debate the wisdom of putting Center Stage on a display most likely destined for the desks of nerds, but let’s leave that aside. How about the audacity of Apple shipping it without any interface to speak of? And how much better might the camera on the Studio Display have been received if it could be tweaked by its users to produce more pleasing images?

[…]

My podcasting partner Myke Hurley, who lives in the U.K., has been frustrated for the past year that the M1 iMac and Studio Display don’t properly deal with the flicker rate of fluorescent lights in Europe. A recent update seems to have solved the issue on the iMac, but no such luck for the Studio Display. You know what might solve the issue? A flicker-frequency setting like the one found in the Webcam Settings app! But since Apple refuses to provide that sort of control, Myke’s forced to quit and re-launch apps in the hopes that the problem will eventually correct itself.

[…]

Studio Display users are reporting that occasionally, the Studio Display’s audio–speakers or microphones or both–get a little choppy. That’s a common problem with audio hardware on the Mac (and as a podcaster I’d like to suggest that Apple should probably spend some time making the Mac’s audio subsystem more reliable) but it’s fixed by the classic tech problem solver: turn it off and back on.

Except… the Studio Display does not have a button.

I had to unplug mine recently, too.

Previously:

Periodic Table of NSVisualEffectView

Matthias Gansrigler:

While working on that feedback panel that comes up when resizing a shot, or changing its transparency (see above), I needed an overview of the different appearances an NSVisualEffectView can have.

During testing, I discovered that NSVisualEffectView accepts material values from 0-37, of which only a few are documented.

With that in mind, this sample app shows 152 NSVisualEffectViews. 76 light, 76 dark, each consisting of 38 vibrant and 38 non-vibrant variants. Some of them look like they produce duplicate results, but all I needed was a brute-force way of showing all variants at once for comparison, so I didn’t bother filtering out anything.

You can download the source code here, if you’d like to play around with it yourself.

See also: Todd Ditchendorf.

Is Grammarly a Keylogger?

Jason Meller (via Hacker News):

The problem, it seems, is that Grammarly is only willing to perform this magic trick on their cloud. That means, the text you enter into an app when the Grammarly widget is visible is sent to them.

Grammarly:

Grammarly does not record every keystroke you make on your device. Grammarly accesses only the text you write when you are actively using a Grammarly product offering[…]

Jason Meller:

In my reading, Grammarly heavily implies that users have a fair degree of control over what Grammarly can access. But in practice, this is very misleading. Let me show you why.

[…]

Grammarly parsed and marked up my document without me typing a single keystroke. All I needed to do was bring the window into the foreground. This makes sense; Grammarly would not be easy to use if it could only provide grammar advice on the documents and words you typed when it was running. I’m not even sure how much Grammarly even cares about the keystrokes you’re typing; if it can read what was written previously, it does not need to.

Grammarly:

As a rule, Grammarly employees do not monitor or view your User Content stored in or transferred through our Site, Software, and/or Services, but it may be viewed if we believe the Terms of Service have been violated and confirmation is required, if we need to do so to respond to your requests for support, if we otherwise determine that we have an obligation to review it as described in the Terms of Service, or to improve our algorithms[…]

This is completely unsurprising for a server-based product. But I doubt that most customers realize that the contents of nearly every text field on their Mac is being uploaded and stored in the cloud.

Previously:

Update (2022-05-09): Thomas Reed:

If we were to call Grammarly a keylogger, we’d also have to call Siri a wire tapper, since it captures audio and (on older devices/systems) sends it to Apple’s servers for processing. Some people may not be comfortable using Siri, but it’s definitely not a PUP.

Tuesday, May 3, 2022 [Tweets] [Favorites]

1Password 8 for Mac

Dave Teare:

We created an entirely new design language, code-named Knox, to unleash the power and productivity we’ve been dreaming of – all while preserving the heart and soul of 1Password. 😍

[…]

Quick Access is a floating panel that is always available, giving you access to all of your 1Password data, wherever you need it. Quick Access is fully keyboard-optimized, and it’s smart, too, suggesting the most relevant logins for the active application.

[…]

1Password can now fill into Mac apps like Zoom, Spotify, and the App Store, and also other places like Terminal and system prompts. 🤯

They call this Universal Autofill. PasswordWallet has long had a similar feature, which works by simulating keystrokes. This is much better than Copy/Paste because it can Tab between multiple fields and because it doesn’t expose your password to the clipboard. It sounds like 1Password is taking this to the next level because it will know which app you are in and actually recognize which field is which. I’m not sure how important this last bit is, because apps tend to focus the right field automatically, but I love the idea of it.

Previously:

Update (2022-05-09): Ryan Jones:

Search doesn’t happen in-list now. It’s a separate field and you have to press CMD+Enter to view all results. 🤣

Dan V Peterson:

Doing it this way enabled a lot of functionality and removes some confusion we’ve seen around scope and “lost items”. We tried a few different approaches and this one seemed to test the best and satisfied the most use cases in our testing.

However, it’s inconsistent with other Mac apps.

Nathaniel Strauss:

Any chance you could offer a standard .pkg installer for 1Password 8? The custom installer looks cool, but doesn’t work for enterprise customers.

The current installer is what used to be called an “active installer,” a small download that installs an app that downloads that real app. Whatever happened to just dragging and dropping the app icon to install?

Reddit:

We’re the team behind 1Password 8 for Mac. Ask us anything!

mitchchn:

Sometimes people ask why large companies don’t make native desktop apps, even though they should have all the resources they need, even when indies seem to get away with it just fine. To me it’s obvious: the lack of mature, competitive tooling and the absence of a viable dev community have sealed the fate of this kind of development at scale.

[…]

The platform vendors who ought to set the example here are simply not doing so. Few Electron critics would cite the current generation of first-party, native apps for Mac or Windows as examples of what we should be doing instead.

See also: MacRumors, Reddit, Jason Snell.

Previously:

Update (2022-06-02): Curtis Herbert:

I genuinely don’t think they did the “wrong” thing, even though they are losing me as a customer. Sure it meant building enterprise software (🤮), but it’s better than laying off employees because Apple is chipping away at their customer base from one side and LastPass (who also raised a ton of money) is eating the base from the other.

But just ‘cause they didn’t do anything wrong doesn’t mean this outcome was inevitable. I personally think there is room, even in today’s market, for a smaller password management app. A business that could support 1-4 full-time people. Said app doesn’t have the audience of today’s 1PW, but that scale of app did exist in the beginning. The team just chose to grow beyond it.

[…]

Left unchecked you may stop worrying about building the best product, and you instead focus on building the best business. It is a subtle subconscious switch, but it’ll have massive impact on the product your customers use.

Update (2022-07-28): 1Password 8 is not in the Mac App Store due to some of the new features.

Update (2022-09-26): Yan Zhu:

wow i think i just bricked my @1Password personal account

if u upgrade to 1password 8 and have a personal account linked to your work account, u MUST save the pwd for your personal account (which is not the same as for the work account) outside of 1password itself

Roustem Karimov:

The older versions of 1Password had this obscure way of unlocking accounts by encrypting with the first master password.

Unfortunately, this was a time bomb that would eventually go off.

This is fixed in 1Password 8. Unfortunately, it does create a problem for customers who are migrating from the older version and forgot the real account password.

Yan Zhu:

i would highly suggest the upgrade path include some kind of warning about this.

Monday, May 2, 2022 [Tweets] [Favorites]

Reminders API Requests

Dr. Drang:

A couple of days ago, Federico Viticci tweeted his wish list for a new or updated Reminders API and asked for other people for theirs. Stephen Hackett answered with this:

parameters for repeating tasks

Stephen’s simple request is exactly what I want, too. In fact, a way to script repeating tasks has been the top item on my wish list since well before Reminders existed.

I lost interest in Reminders as soon as I realized that the order of the reminders didn’t sync between devices. I think that did eventually get fixed. But it doesn’t look like you can change the order via the API or AppleScript. Nor can AppleScript see which reminder is currently selected.

Success and Failure at Pebble

Eric Migicovsky (via Hacker News):

I started Pebble with some friends from the University of Waterloo in 2008. We were the first company to work on smartwatches. Pebble defined what a smartwatch was meant to do — vibrate and display incoming calls and messages, control music without taking out your phone, track your exercise and sleep, and be customizable by downloading fun watchfaces.

You might remember us from 2012 we launched Pebble on Kickstarter and raised over $10m from 68,000 people around the world. This was our first breakthrough (a classic 5 year overnight success!) Over the next few years, we sold 2 million watches and did over $230m in sales.

We succeeded at inventing the smartwatch and an entirely new product category. The product itself is amazing, people still use it to this day. […] But in the end, we failed to create a sustainable, profitable business. We sold parts of our business to Fitbit at the end of 2016.

[…]

We weren’t the only one with positioning problems. Look back at the original Apple Watch marketing. ‘Most precise timepiece ever.’ Ultra luxury $17,000 gold models. LVMH partnerships. Thousands of apps on your wrist. $350+ price point. It took Apple 2 years to reposition as a sports/fitness device. This turned out to be the largest market for wearables in 2016/2017.

Previously:

Canon Camera Museum

Dave Mark:

Ever own a Canon camera?

Below is a link to the Canon museum, which has details on every camera and lens they ever made.

The pic shows one of their earliest models, the J II.

Apple is, I guess, not sentimental about stuff like this. There was the Designed by Apple in California book, but it only covered the Ive era, wasn’t online, and seemed to go out of print quickly. Fortunately, there is EveryMac, though it excludes the Apple II.

Previously:

Apple’s Explanation for Removing Old Apps

Apple (MacRumors):

As part of the App Store Improvements process, developers of apps that have not been updated within the last three years and fail to meet a minimal download threshold — meaning the app has not been downloaded at all or extremely few times during a rolling 12 month period — receive an email notifying them that their app has been identified for possible removal from the App Store.

Apple always wants to help developers get and keep quality software on the App Store. That’s why developers can appeal app removals.

[…]

To learn more, visit the revised App Store Improvements Support Page.

Apple’s title says that it’s “clarifying” the policy, but this actually raises many more questions:

After writing the above, I saw this post from Jeff Johnson, which makes some of the same points:

One enormous problem with Apple’s publicly stated criteria is that they directly contradict what Apple has said previously in response to accusations of antitrust[…]

[…]

Besides the minimal download threshold number, we’d like to know how many apps are affected by Apple’s criteria — apps that haven’t but updated in 3 years and haven’t been downloaded enough — as well as how many apps are not affected by Apple’s criteria, by which I mean specifically apps that haven’t been updated in 3 years but have met the minimal download threshold. Are there any developers in the latter group? If not, then Apple’s announcement feels very much like a cynical ploy to downplay the controversy and how it affects indie devs. On the other hand, if the number of older apps with significant downloads is high, that raises important questions about user privacy, and why those apps are exempt from updating.

[…]

The new policy is basically the exact opposite of what users would want. If an app has been downloaded zero times in the past 12 months, then who cares what its privacy policy is? You can’t violate user privacy if you don’t have any users. But for some bizarre reason, if an app has enough users to exceed the download threshold, then Apple’s App Store “Improvement” process doesn’t help these users at all.

[…]

Finally I should mention that the scam artists who plague the crap store have no trouble submitting regular pointless updates with uninformative release notes such as “Bug fix” in order to avoid Apple’s threat of removal.

Previously:

Update (2022-05-09): Jeff Johnson:

IMO it’s been framed in the wrong way — whether developers are right to complain — rather than whether it’s good for users.

Tom Harrington:

Your app doesn’t have enough downloads to interest Apple, and your $99/year doesn’t make it worthwhile to them. Also you’re not allowed to distribute your app any other way.