Archive for January 13, 2023

Friday, January 13, 2023

Setting the Bozo Bit on Apple

Marcel Weiher (Hacker News):

What I wanted to do was simple: I have some practice recordings for my choir and voice lessons that I want on my iPhone and Apple Watch. How hard could it be?

[…]

iTunes used to be if not the, then certainly a flagship app for Apple.

[…]

With this, I noticed that I hadn’t actually expected better. I knew it should be better but I hadn’t expected Apple to actually make it work.

In other words, I had set the Bozo Bit on Apple. By default, when Apple does something new these days, I fully and quietly expect it to be broken. And I am surprised when they actually get something right, like Apple Silicon.

It’s so sad how iTunes used to be amazing, and then it got bloated and dated but we worried that the replacement would be worse, and indeed it was.

Previously:

20 Years of Safari

Joe Rossignol (Hacker News, Reddit):

Today marks the 20th anniversary of Apple’s co-founder Steve Jobs introducing Safari on the Mac at the 2003 Macworld Expo in San Francisco. Apple advertised Safari as the “fastest web browser ever created for the Mac” at the time.

[…]

A public beta of Safari was made available for OS X Jaguar in January 2003, with key features including the WebKit rendering engine for faster browsing speeds, Google search capabilities integrated directly into the toolbar, improved bookmark management, optional pop-up ad blocking, a simpler file download process, and more.

[…]

Safari was eventually overshadowed by Google’s Chrome, which was released in 2008 and is now the world’s most popular web browser across all PCs and Macs.

D. Griffin Jones:

Over the past 20 years, Apple’s Safari web browser grew from a speedy young upstart to a polished professional. […] Take a trip down memory lane as we look at how Safari has evolved over the years.

I’ve been a fan of Safari since the beginning. It’s still my default browser, it still feels like a Mac app, and I think Apple has done a better job of maintaining it than most of the other built-in apps. That said, I’ve been a bit less happy with it in recent years:

Andy Lee:

I don’t know if it’s an iOS 16 thing, but Safari has been flaky for me lately, especially with YouTube, to the point where I sometimes have to kill it and restart it to get it to work right. I mean flaky like becoming unresponsive, or not showing the keyboard when I enter a text field.

Magic Lasso (Hacker News):

In the Interop 2022 stable category Safari also made significant progress, increasing its score from 48.9% in January 2022 to 96% today. This puts Safari ahead of its competitors and demonstrates the Safari team’s commitment to addressing long-standing concerns about the browsers lack of standards conformance.

Previously:

Twitter Breach of 235M E-mail Addresses

Lawrence Abrams (via Hacker News):

A data leak described as containing email addresses for over 200 million Twitter users has been published on a popular hacker forum for about $2. BleepingComputer has confirmed the validity of many of the email addresses listed in the leak.

Since July 22nd, 2022, threat actors and data breach collectors have been selling and circulating large data sets of scraped Twitter user profiles containing both private (phone numbers and email addresses) and public data on various online hacker forums and cybercrime marketplaces.

These data sets were created in 2021 by exploiting a Twitter API vulnerability that allowed users to input email addresses and phone numbers to confirm whether they were associated with a Twitter ID.

Barbara Ortutay:

Gal, who is the co-founder and chief technology officer at cybersecurity firm Hudson Rock, wrote in a LinkedIn post this week that the leak “will unfortunately lead to a lot of hacking, targeted phishing, and doxxing.”

While account passwords were not leaked, malicious hackers could use the email addresses to try to reset people’s passwords, or guess them if they are commonly used or reused with other accounts.

Previously:

Twitter API Down

Ben Schoon (Hacker News, Tweetbot, Twitterrific, echofon):

Around 11 p.m. ET this evening, many Twitter users noticed that third-party clients were throwing back error messages related to the Twitter API. This widespread outage is occurring across all third-party apps including Twitterrific, Fenix, Talon, and many others on both Android and iOS, as well as macOS. Tweetbot is also affected by the API outage, but Tweetdeck, thankfully, appears unaffected.

Whether this is a temporary outage or an intentional decision by Twitter remains to be seen, as the company has issued no official explanation at this time.

It does stand to reason, though, that it is possible Twitter may be killing off third-party clients.

I’d had virtually no trouble with Twitter over the past few months, but about 12 hours later this is now the worst outage I’ve ever seen with the service. There doesn’t seem to be a status page or official blog that even mentions the issue.

Benedict Evans:

Has Twitter deliberately just blocked all third-party apps or is that another screw up? (The native Twitter UX is so bad, and getting worse, that I avoid if at all possible)

Alex Brooks:

Buffer and Hootsuite seem ok to me, and brands are happily tweeting away so suggests the big tools are not cut off. Different API I’m sure, but does suggest something more nefarious.

supermatt:

Unsurprisingly, the outage hasn’t affected twitters own client.

Twitter doesn’t allow users to install the iOS version on Apple Silicon Macs. You have to use the Catalyst version, which I guess uses a different API than the iOS version, so it doesn’t work. Thus, there is effectively no Mac client at the moment. The Web version is pretty grim, so currently I’m using the official app on my iPad. It’s also much worse than Tweetbot, though.

I had to uninstall the official Mac app because, thanks to Universal Links, any time I click a Twitter link in any app it will open in the Twitter app, which—due to the outage—can’t display it. It’s terrible how this macOS “feature” causes breakage across the system.

The other design thing I want to point out is that apps should not assume that an error is transitory. I have lots of old tweets already loaded that I could be reading in Tweetbot, but I don’t want to because it keeps throwing up modal dialogs for the same error.

Steve Streza:

You know how everyone is upset about Twitter apps getting suddenly taken offline without warning after months or years of hard work, whether by bug or by policy change?

That’s what Apple does to App Store apps, regularly.

Previously:

Update (2023-01-13): Jeff Johnson:

If you block the swcd process in Little Snitch, it blocks all Universal Links.

Mark Jardine:

I get that 3rd party clients were severely nerfed when they took away streaming around 5 years ago, and that that we didn’t get most of the new features that came after, but wow spending a few hours reading with the official Twitter products and wondering how people even manage. Trying to read new tweets and when I refresh, all I get is a bunch more old tweets. I absolutely loathe algorithmic timelines.

Eric Schwarz:

Tweetbot and Twitterrific are both broken so I checked out the official app for the first time in awhile and holy smokes it sucks—to the point where I don’t want to waste time and hang around. That seems counterintuitive for an engagement factory like a social network?

Rene Ritchie:

Main issue with 3rd-party Twitter apps not working is that Twitter web has become increasingly unusable. I get 4-5 tweets on Home or in threads, then nothing, unless/until I change font size, then the rest renders. Also, mentions are missing, don't update, or skip hours/days 🤷

The Icon Factory:

There’s been no official word from Twitter about what’s going on, but that’s unsurprising since the new owner eliminated the employees dedicated to keeping the API up and running smoothly, including the developer evangelists who previously provided communication with third-parties.

We wouldn’t know whom to reach out to at Twitter even if such people existed. We’re in the dark just as much as you are, sadly.

Rui Carmo:

But what Twitter is doing goes way beyond negligence and borders on abuse of dominant position (even though it is their network and they’re not a utility, etc). API downtime would prevent third-party clients from logging in, but deregistering them from user accounts cannot be an availability issue–they removed the application keys, period.

John Gruber:

Last night I’d have bet — a small amount — that it was an unintentional outage. Today I’d bet the other way, that this is the end. If so, this is probably the end of my regular usage of Twitter. Twitter’s official client has been terrible ever since it was anything other than a rebranded version of Tweetie.

[…]

Unlike Tweetbot, Twitterrific uses different app IDs for iOS and Mac, and whatever is going on, it seems to have affected only the most popular third-party apps.

Ben Sandofsky:

If you’re worried about losing revenue to third-party Twitter clients, the obvious solution would be to limit them to Twitter Blue subscribers.

Uli Kusterer:

They could have served ads all this time. Nothing in the Twitter API keeps them from just serving ads as yet another tweet. They could even have changed their API TOS to prevent clients from filtering out ads.

Mike Rockwell:

What’s interesting about this third-party client situation on Twitter is that the people using third-party apps are the ones that are most likely to try and most likely to enjoy the fediverse.

And I have a hunch those people are also pretty influential within their family and friend circles.

Benedict Evans:

I can understand why Twitter wouldn’t want third party apps, though (apparently) cutting them off with no communication is typically inept. But people used them because Twitter’s own app is just terrible, and Twitter is actively making it worse. Try fixing that, perhaps?

Paul Haddad:

Almost 24 hours later and still no official/unofficial info from inside Twitter. I’m going to continue as if this was all done on purpose.

What now? Ivory goes into hyper mode with just the absolute minimum 3-4 things that have to be done finished up and then off to Apple. Probably going to be a bunch of things I’m not super happy with but I guess we’ll fix it in post.

Hopefully everyone knows what we’re capable of and can live with some, hopefully not long lived, rough edges/missing features.