Archive for April 4, 2023

Tuesday, April 4, 2023

Alex Hay, RIP

John Voorhees (via Federico Viticci):

Recently, Alex Hay, the developer of Toolbox Pro and other apps, passed away after a battle with cancer.


In any creative field, though, there are always some people who stand apart from the pack. You don’t notice them because they’re especially good at self-promotion. No, they stand out because their raw talent is simply impossible to ignore. That was Alex Hay.

I don’t recall how Alex first appeared on my radar, but it was undoubtedly a text from Federico along the lines of “Hey, you gotta check out the crazy stuff this guy in the UK is doing with Shortcuts. You’re going to love this.”


Instead of building apps that fulfilled a specific need, Alex’s talent was building apps that let users tap into their own creativity to make what they wanted for themselves with Shortcuts.

Federico Viticci:

In many ways, Alex invented the modern idea of a “headless app” with Shortcuts integration.

He saw the beauty and power of automation for what it ultimately stands for: pure creativity. To let users take control of their computers however they want.

John Gruber:

His apps Toolbox Pro and Logger for Shortcuts are my two favorite Shortcuts utilities. (I’ve always been a printf() debugger and that’s what Logger enables for Shortcuts hacking.)


Update (2023-08-25): Snailed It Development (via John Voorhees):

We’re truly honoured to be able to announce that we have taken over development of Toolbox Pro, Logger for Shortcuts, and Nautomate.

All three apps were originally developed by indie developer Alex Hay before he tragically passed away back in March after a battle with cancer.

General Motors to Phase Out CarPlay

Hartley Charlton (Hacker News):

General Motors (GM) will phase out Apple CarPlay and Android Auto in its vehicles starting this year, shifting to a built-in infotainment system co-developed with Google (via Reuters).

GM owns Buick, Cadillac, Chevrolet, and GMC in the United States. It will stop offering Apple CarPlay and Android Auto starting with the 2024 Chevrolet Blazer, which goes on sale this summer. The company plans to continue offering Apple CarPlay and Android Auto in its combustion models, which are expected to be phased out by 2035 in favor of electric vehicles.

John Gruber:

I’m wondering if this bizarre decision has something to do with tracking users in a way that CarPlay defends against.

Or perhaps Google is paying them?

Stephen Hackett:

I don’t plan on ever purchasing a car without CarPlay again. I suspect a lot of folks feel the same way.

Michael Yacavone:

I saw this news and thought GM had done an April Fools, but no, they are just fools. We got a Bolt EUV in December, and CarPlay was a requirement, didn’t look at any cars without it.

It’s not just about purchasing, though. Rental companies have lots of GM vehicles, and you can’t choose what you’re going to get. Currently, it’s pretty safe to assume that a rental will support CarPlay. In the future, you might have to bring a mount for using your phone directly.


Update (2023-04-07): Jason Snell:

I ranted about this topic for a while on this week’s Upgrade and Patrick George did an excellent job of summarizing this move at The Verge[…] I have a lot of strong feelings about this, because it’s a clear case of a corporation prioritizing its own business and technical interests over the needs of its users. While GM’s statements on the matter constantly emphasize that this is an improvement or evolution of the in-car experience, it’s all spin and lies.


Even if you happen to use a supported service or app, you have to rely on syncing between devices. Now you’ve got to hope that whatever connectivity the car offers will be able to keep your music playlists and the current playing location of your podcast or audiobooks synced and up to date. Cloud syncing is tricky—do I really trust General Motors to keep all my stuff in line?


Tangentially, two EV companies have already gone down this path: Tesla and Rivian. And yes, both of them are just as arrogant as GM in preferring their own stock software to the smartphones in everyone’s pockets. At least GM will have access to Android apps—Tesla finally added support for Apple Music earlier this year! (It took just eight years!) A guy in Poland has spent countless hours trying to hack CarPlay into the Tesla web browser.

See also: TidBITS.

Update (2023-04-22): Jamie L. LaReau and Phoebe Wall Howard (via Hacker News):

Harsh reaction to GM’s decision last month echoed across social media immediately with some people saying they will not buy a vehicle that doesn’t offer CarPlay or Android Auto, prompting some car shopping experts to predict that GM may lose customers.


Mossberg introduced the article by saying, “I think this is a huge blunder, which puts greed over consumer choice. I wouldn’t buy a car without Car Play and I bet millions of others feel the same.”

Some say GM wants to create new revenue streams by selling subscriptions to certain features on the GM-built infotainment systems, plus gather data on how consumers use their EVs.

John Gruber:

One thought I had regarding this decision by GM is that it’s a bit like selling “smart” TV sets that don’t support HDMI input. You get the TV maker’s interface for using apps, games, and streaming services, with no choice to plug in a third-party device like an Apple TV, Chromecast stick, or Roku. I don’t know of any TV sets like that, but HomePods are sort of like that as speakers. HomePods have no traditional line-in for audio — whatever sound comes out of your HomePods, it comes through Apple’s own software stack. GM is more like a traditional speaker company. It’d be really weird if, say, Bose sold a set of smart speakers that didn’t support line-in, because unlike Apple, Bose isn’t a leading software platform company.

Tesla is seemingly thriving while going its own way software-wise. Rivian is following Tesla’s lead, and can’t manufacture their vehicles fast enough to keep up with demand. But both of those companies have roots in Silicon Valley, not Detroit. Both Tesla and Rivian seem more like Apple than they do General Motors.

Update (2023-05-01): John Gruber:

It doesn’t seem to be about being able to provide a better experience than CarPlay, but instead about collecting surveillance data that Apple’s privacy rules don’t allow. Sozzi just breezes past this notion of using surveillance data to sell car insurance, but a car that reports such data to insurance companies seems like a privacy disaster.

Update (2023-05-10): General Motors (via Hacker News):

General Motors Co. announced today that Mike Abbott, former vice president of Engineering for Apple’s Cloud Services division, will join GM as executive vice president, Software, effective May 22, 2023. He will report to GM Chair and CEO Mary Barra.

Update (2023-05-18): John Gruber:

But I don’t look at this hire and think that GM is any more likely to come up with a CarPlay-quality interface for its own platform. Some back-of-the-envelope math on Barra’s services revenue goals for GM makes it sound to me like Mike Abbott is being tasked with designing an in-dash slot machine.


What services could they offer that new car buyers would pay north of $50/month for? Maps and navigation? Everyone has that on their phones already. Music and podcasts? Everyone has that on their phones already. Crash detection? By 2030 everyone will have that on their phones already (or at least they will if they have iPhones, but I bet that will soon become a standard feature on Android phones too). GM wants to sell “behavior based insurance” (translation: tracking/surveillance), but according to Reuters, their goal for insurance is just $6 billion/year by 2030. I find it hard to see where the rest of the money will come from.


One idea that occurred to me is the equivalent of Apple’s services revenue dark matter: payments from Google for default placement as Safari’s search engine.

Update (2023-12-19): Juli Clover:

According to Tim Babbitt, GM’s head of product for infotainment, GM has driver safety in mind. CarPlay and Android Auto can have issues like bad connections, slow response times, compatibility issues, and connectivity problems, leading drivers to be distracted from the road with smartphone troubleshooting.

Lawrence Hodge (via Hacker News):

Essentially, the thinking is that if a car’s in-built infotainment system is good enough, drivers will be less likely to use their phone for what they’re trying to do while they’re behind the wheel, — though Babbitt admits that GM hasn’t exactly tested this in a controlled setting to see whether or not it’s true.

John Gruber:

In his imagined scenario, people check their phones while driving when the CarPlay connection flakes out. But if the car doesn’t support CarPlay, people will use their phones for every single thing that’s on their phones but not in GM’s built-in system. “If drivers were to do everything through the vehicle’s built-in systems” is as much a fantasy as, say, “If drivers always obeyed all posted speed limits.” It’s not going to happen. There is no plausible scenario where the drivers of future GM vehicles without CarPlay support check their iPhones less frequently than they do in vehicles that support CarPlay.

Apple Passwords Deserve an App

Cabel Sasser (Mastodon, Hacker News):

Very few people know these things because Apple tucks all of their important password features away in weird little Settings panels, instead of in a Proper Real App. I think this is a mistake.

Passwords are productivity, not preferences.


Break Passwords out into a standalone app, with an actual fully resizable window (!!), and full, proper UI for most of its features[…] PS: there is one place where Apple provides a nice standalone iCloud Passwords management app, with a fully resizable window. On Windows!?! 🫠

John Gruber:

Apple should break these features out into a discrete Passwords app, and they should launch a marketing campaign to raise awareness of it. I’ve been using the built-in password management in iOS and MacOS (and iCloud for syncing) for years, and last summer I switched all of my 2FA verification codes to it too. It’s a great system, especially if you use Safari as your web browser. But the biggest reason it isn’t used more is that zillions of people don’t even know it’s there.


As a postscript, it’s also possible that you know this feature exists within Settings, but don’t know that it offers full import and export options, because those commands are tucked away in a “···” menu.

Dan Moren:

Unlike Cabel, however, I would like Apple to implement some sort of family sharing feature for Passwords. I share a bunch of logins with my wife, and while I can share them with 1Password, there’s an additional hurdle to getting someone on a third-party app that requires their own account, etc. Especially as we shift more and more to passkeys, where traditional methods of sharing will be impractical, it’s more important that Apple make it easier to share credentials.

John Gruber:

Apple Notes added robust small-scale sharing years ago and hasn’t sherlocked the market for third-party notes apps. I think the same would be true for passwords.

Glenn Fleishman:

Cabel is right on a Passwords app—which could also manage FIDO hardware security keys, passkeys (they need a management app in addition to the website-based enrollment UI), and everything else.

Damien Petrilli:

Knowing that you can be robbed from your iCloud account easily by stealing your iPhone pin code, it might [not] be a good idea to put all your eggs in the same basket.


Update (2023-04-07): Nick Heer:

iCloud Keychain works great for my needs, but its existing implementations leave much to be desired. As of MacOS Ventura, the preferred way to do password-related things is through the Passwords pane in System Settings. But its performance flags with the number of passwords I have.

ChatGPT Plug-ins

OpenAI (Hacker News):

Users have been asking for plugins since we launched ChatGPT (and many developers are experimenting with similar ideas) because they unlock a vast range of possible use cases. We’re starting with a small set of users and are planning to gradually roll out larger-scale access as we learn more (for plugin developers, ChatGPT users, and after an alpha period, API users who would like to integrate plugins into their products). We’re excited to build a community shaping the future of the human–AI interaction paradigm.

Plugin developers who have been invited off our waitlist can use our documentation to build a plugin for ChatGPT, which then lists the enabled plugins in the prompt shown to the language model as well as documentation to instruct the model how to use each. The first plugins have been created by Expedia, FiscalNote, Instacart, KAYAK, Klarna, Milo, OpenTable, Shopify, Slack, Speak, Wolfram, and Zapier.

It’s still early days, but you can see the possibility of this being the next big platform, if the community can iterate and it doesn’t all collapse in a disaster. It seems like the wild west compared with what third parties can do with Siri.

Stephen Wolfram (Reddit, Hacker News):

Early in January I wrote about the possibility of connecting ChatGPT to Wolfram|Alpha. And today—just two and a half months later—I’m excited to announce that it’s happened! Thanks to some heroic software engineering by our team and by OpenAI, ChatGPT can now call on Wolfram|Alpha—and Wolfram Language as well—to give it what we might think of as “computational superpowers”. It’s still very early days for all of this, but it’s already very impressive—and one can begin to see how amazingly powerful (and perhaps even revolutionary) what we can call “ChatGPT + Wolfram” can be.

rez0__ (via Hacker News):

This morning I was hacking the new ChatGPT API and found something super interesting: there are over 80 secret plugins that can be revealed by removing a specific parameter from an API call.

The secret plugins include a “DAN plugin”, “Crypto Prices Plugin”, and many more.

It is possible to use these unreleased plugins by setting up match-and-replace rules through an HTTP proxy. There are only client-side checks to validate that you have permission to use the plugins and they can be bypassed.


There’s no way I’m going to accept the intersection of “we take security very seriously” and implementing security checks purely client side. This and the recent title information leak are both canaries for how the rest of Open AI operates.