Archive for June 1, 2022

Wednesday, June 1, 2022 [Tweets] [Favorites]

Safer SwiftUI View Modifiers

Marco Eidinger:

Despite the missing qualifier, the code compiles because padding() gets treated as self.padding(). During runtime, that leads to an infinitely recursive View => stack overflow 💥

I did not find a technique to detect the mistake of a missing dot when using standard SwiftUI view modifiers[…]

But for custom view modifiers there is a simple way. We can use the Swift attribute @warn_unqualified_access to warn us in Xcode :)

Update (2022-06-02): See also: Helge Heß.

External SSD Boot Speed

Howard Oakley:

Although increasing the transfer speed from the SATA SSD at up to 400 MB/s to more than 1 GB/s halved the time taken to boot, there’s no consistent improvement beyond that. This suggests that time to boot an M1 Mac from an external SSD is around 5 seconds longer than from the internal SSD, and independent of SSD performance above 1.5 GB/s. This most probably reflects the lengthier process, in which early boot takes place from the internal SSD anyway, then transfers to the external SSD only after its LocalPolicy has been checked and applied.

Previously:

StarTech Thunderbolt 4 Dock

Howard Oakley:

Until relatively recently, one limitation with Thunderbolt was the absence of hubs which allowed the connection of multiple Thunderbolt devices to a single port on the Mac. Several models are now available, although they’re considerably more expensive than USB hubs. Inevitably, these are constrained by the bandwidth available in the single Thunderbolt connection made to the Mac. Connect a couple of external displays and those will limit the performance of SSDs connected to the same hub.

Wesley Hilliard:

This dock does come at a high price, and other products in the price range offer more port variety. However, we’d argue that reliability is included in the high markup, and the StarTech Thunderbolt 4 Dock has proven to be reliable.

$439.99 for 4 Thunderbolt ports, 3 USB-A 3.2 Gen 2, 1 USB-A 2, Ethernet, SD card, and audio.

Previously:

AirDrop Contacts Privacy Flaw

Sami Fathi:

Researchers at TU Darmstadt have discovered that the process which AirDrop uses to find and verify someone is a contact on a receiver’s phone can expose private information.

[…]

As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – even as a complete stranger. All they require is a Wi-Fi-capable device and physical proximity to a target that initiates the discovery process by opening the sharing pane on an iOS or macOS device.

The discovered problems are rooted in Apple’s use of hash functions for “obfuscating” the exchanged phone numbers and email addresses during the discovery process. However, researchers from TU Darmstadt already showed that hashing fails to provide privacy-preserving contact discovery as so-called hash values can be quickly reversed using simple techniques such as brute-force attacks.

I’m not sure of the status of this issue. The flaw was reported to Apple in 2019, and Fathi’s article is from 2021, but I’ve not heard more about it since.

ikramerica:

[Does] this mean turning on “everyone” is more secure as no matching is attempted?