Archive for May 29, 2023

Monday, May 29, 2023

Receipt Validation With SHA-256

TN3138:

Apple is updating the App Store receipt signing intermediate certificate with one that uses the SHA-256 algorithm in the sandbox, TestFlight, and App Store environments, on the dates shown below[…]

[…]

If your app verifies App Store receipts on the device, follow the instructions outlined in this document to ensure that your receipt validation code is compatible with this change.

[…]

If your app follows the instructions in Validating receipts on the device, the new certificate affects step 2, which involves verifying the certificate chain. Be sure your app uses the latest certificates from Apple PKI.

Previously:

Update (2023-06-26): Anders Borum:

Any developers that have successfully validated receipts in the sandbox using StoreKit1 methods after June 20?

The docs do not mention where to get the SHA256 value and ASN.1 Field Type 5 is 20 bytes and not the 32 bytes expected for SHA256.

Photo Stream Shutting Down

Juli Clover:

Apple’s “My Photo Stream” service is set to shut down on July 26, 2023, which means customers who are still using that feature will need to transition to using iCloud Photos prior to that date.

You can see why they are consolidating on iCloud Photos, but Photo Stream had some appealing features that will be lost. First, you could backup/sync an unlimited amount of data (for a limited time). There was no need to worry about upgrading your account temporarily or having photo storage crowd out storage for other apps. Second, you could access recent photos and videos on all devices without having to store everything in the cloud.

Stephen Hackett:

Photo Stream is one of the original components of iCloud, and was kept around even after iCloud Photo Library launched in 2014. Here’s how Apple pitched the feature when iCloud was new[…]

Update (2023-06-01): Michael Steeber:

I don’t know if my memory is toast or what, but until the news last week of Photo Stream shutting down, I cannot recall one single time before that it was ever called “My Photo Stream.” I’ve known it as just “Photo Stream” since day one.

I was thinking the same thing.

Update (2023-06-28): See also: Hacker News.

Apple Intelligence

Daniel Jalkut:

People are justifiably less confident about Apple’s prospective plans in the area of artificial intelligence (AI), and particularly in the realm of large language models: the technology behind such imagination-captivating products as OpenAI’s ChatGPT, and GitHub Copilot (which itself uses another OpenAI language model).

I zeroed in on ChatGPT and Copilot because it’s easy to imagine the functionality of these services shining in the context of two important Apple products: Siri, and its Xcode developer tools. In fact, technology is advancing so quickly that the absence of something like ChatGPT and something like Copilot in these products seems likely to be viewed as major shortcoming in the near future, if it isn’t seen that way already.

[…]

Apple Intelligence won’t be as good as ChatGPT or GitHub Copilot, at least not to start with. But it will be Apple’s. They can frame the pros and cons however they see fit, working their typical marketing magic to make its shortcomings seem less important, if not downright advantageous.

It would seem that Apple is way behind, not only in terms of announced products, but also because, as large language models become commoditized, access to proprietary training data and integrations will become key. Apple does have some unique data such as iTunes and App Store reviews, but these seem less useful than what its competitors have. Xcode Cloud could potentially be a great data source, but it, rightly, is designed for privacy:

Source code is only accessed for builds and the ephemeral build environments are destroyed when your build completes.

On the other hand, perhaps we are not that far from fitting really useful, if not market-leading, models on device. Apple has great hardware to run them, which is already deployed. It could work offline and preserve your privacy. This could be easier and cheaper to scale up to large numbers of users than models running in data centers.

Previously: