Archive for December 2023

Friday, December 29, 2023

Apple’s Ferret MLLM

Mike Wheatley (Hacker News, Reddit):

Artificial intelligence researchers from Apple Inc. and Cornell University quietly unveiled an open-source and multimodal large language model last October known as Ferret, which is said to use parts of images as queries.

According to VentureBeat, the release of Ferret on GitHub in October went completely under the radar, with no announcement being made. However, it has since gotten a lot of attention from AI researchers. Bart De Witte, who operates a non-profit focused on open-source AI in medicine, posted on X that the release of Ferret “solidifies Apple’s place as a leader in the multimodal AI space.”

Malcolm Owen:

Ferret’s release to open-source is being performed under a non-commercial license, so it cannot be commercialized in its current state.


A tweet from October by Apple AI/ML research scientist Zhe Gan explains Ferret’s use as being a system that can “refer and ground anything anywhere at any granularity” in an image. It can also do so by using any shape of region within an image.


In one interesting element from the Github release, Reddit’s r/Apple spotted that Ferret is “trained on 8 A100 GPUs with 80GB memory.” Given Apple’s history with Nvidia GPU support, this was seen to be a rare acknowledgment of the GPU producer.


Mellel 6 Leaves the Mac App Store

Mellel (via Agen Schmitz):

This significant update, more than a year and half in the making, brings Dark Appearance support, Split View, improved Find & Replace and a multitude of enhancements to Mellel’s user interface, rendering and features. A swarm of nasty and annoying bugs were also squashed in the process, along with some deep, under-the-hood, changes that make Mellel more robust and future ready.


Mellel 6 also marks two additional significant changes. The first is that Mellel is no longer sold on the Mac App Store. There are many reasons for this decision, the 30% cut Apple is taking for every copy sold, the lack of any promotion from Apple (for example, we were removed, due to and error on Apple’s part, from the “Apps for writers” list of apps, a decision that hurt our sales significantly and that we had no way to appeal or protest) but most importantly, the lack of any mechanism to allow paid upgrades within the App Store. This hampered our ability to deliver more frequent updates as any major update would necessitate releasing the update as a new application on the App Store, losing the ranking, requiring a re-branding, and making the whole process much more cumbersome.

The upgrade is free for purchasers within the last two years, $44.99 for other upgraders, and $69.99 for new customers (but on sale for WinterFest) vs. $49 for version 5.

There’s more information about the new features and enhancements here.


Beeper and the Centurion Lounge

John Gruber:

Here’s the analogy I’ve been thinking best applies. American Express operates Centurion Lounges at a few dozen airports around the world, exclusively for the use of their Platinum Card holders. Other premium credit cards offer similar access to other lounges. If you have an American Express Platinum Card, you just show up, show them your card and boarding pass, and you’re in. You get free Wi-Fi; free food (pretty good); free beverages (including a full-service bar); and comfortable seats, tables, and desks. They even have showers for travelers on extended trips. They’re great — and a cut above even most airlines’ own lounges for their premium frequent travelers. Centurion Lounge access is presented as a free benefit, but, of course, there’s no more such a thing as a free premium lounge as there is a free lunch: the cost of the lounges is baked into the annual fees Platinum Card holders pay.

iMessage is like a Centurion Lounge. It’s a free premium messaging service, exclusively for the use of people who own iPhones, iPads, and Macs. SMS, in this analogy, is like waiting for your plane out in the public airport terminal: not as nice, the Wi-Fi is worse, there’s no free food or drinks, but it’s available to everyone.

iMessage users in a group chat who are annoyed by Android-owning group members relegating the conversation to SMS are like a group of friends travelling together — some of whom have Amex Platinum Cards, some of whom don’t — who need to wait in the public terminal if the group wants to wait for their flight together.


Beeper Mini presenting itself as Messages on a Mac to gain access to iMessage is as dishonest as presenting a forged Amex Platinum Card to gain access to a Centurion Lounge.

This is a good analogy that captures why Apple is justified in cracking down. But it doesn’t capture the way SMS can only be used within, and I think it misses the feel of the situation from the customer’s point of view. iMessage does not feel like a premium experience, both because there’s a much higher percentage of iPhone users than Platinum Card holders and because the service itself is so unreliable. Sometimes it feels more like a scourge than a perk.

Also unlike Amex, it’s not something that people consciously opted into. They just bought a phone and got the bundled messaging service. Now they have a poor experience communicating with half of their friends. It’s as if people with names from one half of the alphabet can’t get into the lounge. The lounge doesn’t offer guest passes; they expect you to change your name to get in. That’s technically possible, but hardly anyone wants to do it. Meanwhile, once you’ve entered the lounge, it’s hard to ever leave. The airlines will no longer make your flight status available in other parts of the airport, so if you start hanging out in the public terminal you could miss your plane.

This paragraph would make sense in a world where Apple, say, didn’t allow WhatsApp, Signal, Line, Telegram, and Messenger in the App Store. But the market for messaging apps is incredibly competitive, and Apple’s App Store hosts all of them.

Many airlines offer lounges for their premium fliers, but try getting everyone you know to meet up at the United Club. It might be in the wrong terminal or they might only have frequent flier status on another airline. Meanwhile, Amex owns the airport, and they make sure that the Centurion is the only lounge located inside of the TSA screening.


Update (2024-01-03): See also: Manton Reece.

Update (2024-01-10): Eric Migicovsky:

Getting champagne at a bar in an airport. This is about people’s everyday lives: How you chat with your friends, your family, your colleagues, is the core experience of your phone. And for most people, if they want to contact their friends or family, they don’t think about all the different apps or the multitude of ways they can contact someone. They send a text.

The argument that Gruber was trying to put together is that this is some sort of luxury experience that only some people should have. It’s out of touch, and in fact it’s pretty insulting.


How about the telephone? Imagine if you couldn’t phone certain people. Would we allow that? Back in the 1990s, before interoperability, you couldn’t send a text message to someone on a different mobile carrier. If you had an AT&T phone number, you could only text people on AT&T. It’s kind of the stakes we’re at right now.

Via Eric Schwarz:

While an airport lounge isn’t the most relatable analogy, it does demonstrate something that is exclusive for members that have either paid or are continuing revenue streams.


Like I said, I can appreciate the intent of Beeper Mini, but in my checking around with Android-using friends, the anecdata isn’t exactly in Beeper Mini’s favor either. Most Android users either hate anything that Apple stands for or seem disinterested in downloading and paying for something to have better messaging with their iPhone-using buddies. I can agree with that—it’s clearly a problem Apple has let simmer and the burden of fixing should be on Apple, not Android users. That’s where something like Beeper Mini is not going to be the fix, but rather embracing RCS, effectively bringing iPhones up to par with Android devices makes the most sense.

Japanese Consumption Tax and the App Store

David Smith (2012):

The Japanese government requires that Apple withhold 20% of your profits from App Store sales unless you have filed forms demonstrating that you are a foreign company and taxable there instead. The forms are a bit complex and the process a bit cumbersome, but unless you complete it 20% of whatever you make in Japan is taken and not returned.

I have been doing this, and my understanding is that it’s for the tax on software royalties.

Wesley Hilliard:

Small developers operating outside of Japan can be tough to get ahold of for owed consumption tax payments, so the Finance Ministry is placing the burden on Apple and other app market operators.


According to a report from Nikkei Asia, Japan’s Finance Ministry is making app store operators like Apple and Google responsible for paying consumption taxes owed by foreign developers. These changes won’t go into effect until 2025 to give companies time to adapt.


The current consumption tax is 10%, which Apple would pass to its developers. So, for example, on top of Apple’s 15% to 30% revenue share on App Store sales and subscriptions, Apple would add 10% on top to pay for the consumption tax in Japan.

Developers would then need to adjust prices to account for this price increase.

It is now possible for developers to set different prices in different regions, so they could make Japan-specific adjustments if desired. But this still seems like a loss for small developers because—with Japanese revenue under JPY10,000,000 (~$95,000)—they are currently exempt from the Japanese consumption tax, but now they will need to pay it because Apple itself is above the threshold. Or maybe there will be a way to certify to Apple that your combined sales in Japan are under the threshold?


Update (2024-01-03): Jeff Johnson:

I’ve never heard of this before. There doesn’t appear to be anything in App Store Connect.

I’m not sure what happened, but I no longer see the Japanese tax stuff in App Store Connect, either.

Thursday, December 28, 2023

Operation Triangulation Details

Dan Goodin (Hacker News):

Researchers on Wednesday presented intriguing new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.


The mass backdooring campaign, which according to Russian officials also infected the iPhones of thousands of people working inside diplomatic missions and embassies in Russia, according to Russian government officials, came to light in June. Over a span of at least four years, Kaspersky said, the infections were delivered in iMessage texts that installed malware through a complex exploit chain without requiring the receiver to take any action.


With that, the devices were infected with full-featured spyware that, among other things, transmitted microphone recordings, photos, geolocation, and other sensitive data to attacker-controlled servers. Although infections didn’t survive a reboot, the unknown attackers kept their campaign alive simply by sending devices a new malicious iMessage text shortly after devices were restarted.

Boris Larin (video, Hacker News):

This presentation was also the first time we had publicly disclosed the details of all exploits and vulnerabilities that were used in the attack. We discover and analyze new exploits and attacks using these on a daily basis, and we have discovered and reported more than thirty in-the-wild zero-days in Adobe, Apple, Google, and Microsoft products, but this is definitely the most sophisticated attack chain we have ever seen.


Various peripheral devices available in the SoC may provide special hardware registers that can be used by the CPU to operate these devices. For this to work, these hardware registers are mapped to the memory accessible by the CPU and are known as “memory-mapped I/O (MMIO)”.


I discovered that most of the MMIOs used by the attackers to bypass the hardware-based kernel memory protection do not belong to any MMIO ranges defined in the device tree. The exploit targets Apple A12–A16 Bionic SoCs, targeting unknown MMIO blocks of registers that are located at the following addresses: 0x206040000, 0x206140000, and 0x206150000.


This is no ordinary vulnerability, and we have many unanswered questions. We do not know how the attackers learned to use this unknown hardware feature or what its original purpose was. Neither do we know if it was developed by Apple or it’s a third-party component like ARM CoreSight.

Bill Toulas:

The four flaws that constitute the highly sophisticated exploit chain and which worked on all iOS versions up to iOS 16.2 are:

  • CVE-2023-41990: A vulnerability in the ADJUST TrueType font instruction allowing remote code execution through a malicious iMessage attachment.
  • CVE-2023-32434: An integer overflow issue in XNU's memory mapping syscalls, granting attackers extensive read/write access to the device's physical memory.
  • CVE-2023-32435: Used in the Safari exploit to execute shellcode as part of the multi-stage attack.
  • CVE-2023-38606: A vulnerability using hardware MMIO registers to bypass the Page Protection Layer (PPL), overriding hardware-based security protections.

Nick Heer:

As you might recall, Russian intelligence officials claimed Apple assisted the NSA to build this malware — something which Apple has denied and, it should be noted, no proof has been provided for Apple’s involvement or the NSA’s. It does not appear there is any new evidence which would implicate Apple. But it is notable that it relied on an Apple-specific TrueType specification, and bypasses previously undisclosed hardware memory protections. To be clear, neither of those things increases the likelihood of Apple’s alleged involvement in my mind. It does show how disused or seemingly irrelevant functions remain vulnerable and can be used by sophisticated and likely state-affiliated attackers.


Update (2024-01-05): See also: Bruce Schneier.

The New York Times Sues OpenAI

Emma Roth (Hacker News):

The New York Times is suing OpenAI and Microsoft for copyright infringement, claiming the two companies built their AI models by “copying and using millions” of the publication’s articles and now “directly compete” with its content as a result.

As outlined in the lawsuit, the Times alleges OpenAI and Microsoft’s large language models (LLMs), which power ChatGPT and Copilot, “can generate output that recites Times content verbatim, closely summarizes it, and mimics its expressive style.” This “undermine[s] and damage[s]” the Times’ relationship with readers, the outlet alleges, while also depriving it of “subscription, licensing, advertising, and affiliate revenue.”

John Timmer (Hacker News):

The Times is targeting various companies under the OpenAI umbrella, as well as Microsoft, an OpenAI partner that both uses it to power its Copilot service and helped provide the infrastructure for training the GPT Large Language Model. But the suit goes well beyond the use of copyrighted material in training, alleging that OpenAI-powered software will happily circumvent the Times’ paywall and ascribe hallucinated misinformation to the Times.


Part of the unauthorized use The Times alleges came during the training of various versions of GPT. Prior to GPT-3.5, information about the training dataset was made public. One of the sources used is a large collection of online material called “Common Crawl,” which the suit alleges contains information from 16 million unique records from sites published by The Times. That places the Times as the third most referenced source, behind Wikipedia and a database of US patents.

OpenAI no longer discloses as many details of the data used for training of recent GPT versions, but all indications are that full-text NY Times articles are still part of that process (Much more on that in a moment.) Expect access to training information to be a major issue during discovery if this case moves forward.

Benjamin Mullin and Tripp Mickle:

Apple has opened negotiations in recent weeks with major news and publishing organizations, seeking permission to use their material in the company’s development of generative artificial intelligence systems, according to four people familiar with the discussions.

The technology giant has floated multiyear deals worth at least $50 million to license the archives of news articles, said the people with knowledge of talks, who spoke on the condition of anonymity to discuss sensitive negotiations. The news organizations contacted by Apple include Condé Nast, publisher of Vogue and The New Yorker; NBC News; and IAC, which owns People, The Daily Beast and Better Homes and Gardens.


Update (2023-12-29): Jason Kint:

The complaint is a must-read imho, it’s the only way to understand the alleged violations and the extent as to which the systems have been designed and tuned in order to generate certain output.


So back to Exhibit J. Unlike the other 220k+ pages of exhibits documenting registered works, this exhibit contains 100 examples of alleged copyright violations with nearly identical content being outputted by ChatGPT. Again, it’s impossible to argue with this.

Here are four examples. Again, the lawsuit includes one hundred of them. You get the point. I find this exhibit to be an incredibly powerful illustration for a lawsuit that will go before a jury of Americans.

Update (2024-01-05): Gary Marcus (via Hacker News):

The crux of the Times lawsuit is that OpenAI’s chatbots are fully capable of reproducing text nearly verbatim[…]

The thing is, it is not just text. OpenAI’s image software (which we accessed through Bing) is perfectly capable of verbatim and near-verbatim repetition of sources as well.

Daniel Jeffries (via Hacker News):

The NY Times is asking that ALL LLMs trained on Times data be destroyed.

That includes GPT 3 and 4, Claude, Mistral, Llama/Llama 2 and pretty much any other model in existence.

Update (2024-01-09): Kate Downing (via Hacker News):

The complaint paints a picture of an honorable industry repeatedly pants-ed by the tech industry, which historically has only come to heel under enormous public pressure and the Herculean efforts of The Times to continue to survive. It’s interesting because US copyright law decisively rejects the idea that copyright protection is due for what is commonly referred to as “sweat of the brow.” In other words, the fact that it takes great effort or resources to compile certain information (like a phonebook), doesn’t entitle that work to any copyright protection – others may use it freely. And where there is copyrightable expression, the difficulty in creating it is irrelevant. So, is all this background aimed solely at supporting the unfair competition claim? Is it a quiet way of asking the court to ignore the “sweat of the brow” precedent, to the extent that it’s ultimately argued by the defendants, in favor of protecting the more sympathetic party? Maybe they’re truly concerned that the courts no longer recognize the value of journalism and need a history lesson? No other AI-related complaint has worked so hard to justify the very existence, needs, and frustrations of its plaintiffs.

Unless Microsoft and OpenAI hustle to strike a deal with the New York Times, this is definitely going to be the case to watch in the next year or two. Not only does it embody some of the strongest legal arguments related to copyright, it is likely to become a lightning rod for many interests who will use it to wage a proxy war on their behalf.

Update (2024-02-28): Blake Brittain (via Slashdot):

OpenAI said in a filing in Manhattan federal court, opens new tab on Monday that the Times caused the technology to reproduce its material through “deceptive prompts that blatantly violate OpenAI’s terms of use.”


“The truth, which will come out in the course of this case, is that the Times paid someone to hack OpenAI’s products.”

Crashing iPhones With a Flipper Zero

Dan Goodin (via Bruce Schneier):

To van der Ham’s surprise and chagrin, the same debilitating stream of pop-ups hit again on the afternoon commute home, not just against his iPhone but the iPhones of other passengers in the same train car. He then noticed that one of the same passengers nearby had also been present that morning. Van der Ham put two and two together and fingered the passenger as the culprit.


The culprit, it turned out, was using a Flipper Zero device to send Bluetooth pairing requests to all iPhones within radio range. This slim, lightweight device has been available since 2020, but in recent months, it has become much more visible. It acts as a Swiss Army knife for all kinds of wireless communications. It can interact with radio signals, including RFID, NFC, Bluetooth, Wi-Fi, or standard radio. People can use it to covertly change the channels of a TV at a bar, clone some hotel key cards, read the RFID chip implanted in pets, open and close some garage doors, and disrupt the normal use of iPhones.


Despite its multifaceted capabilities, the Flipper Zero seems best known in recent weeks for its iPhone DoSing capabilities. The way Bluetooth works on iPhones and iPads makes them especially susceptible. Van der Ham flashed his device with custom firmware called Flipper Xtreme, which he acquired on a Discord channel devoted to the Flipper Zero. One firmware setting sends a constant stream of messages announcing the availability of a BLE (Bluetooth low energy) device nearby. This constant stream can be annoying for users of any device, but it doesn’t crash phones. A separate setting, labeled “iOS 17 attack,” is the one the train prankster used.

Ric Ford:

Turning off Bluetooth is an unappealing workaround.

Juli Clover:

With the launch of iOS 17.2, Apple has fixed an exploit that allowed the Flipper Zero electronic multi-tool to lock up iPhones, reports ZDNET.

Jo DeVoe (via Hacker News):

“The preliminary investigation indicates that between 10:45 a.m. and 1:30 p.m. on November 29, a student inside Washington Liberty High School utilized an electronic device that caused nearby iPhones to turn off,” she said.


ACPD did not provide additional details, such as what kind of device might have been used, citing the need to preserve the integrity of the ongoing investigation. A cybersecurity expert contacted by ARLnow declined to speculate on how a student might have turned off nearby iPhones.


Wednesday, December 27, 2023

SpamSieve 3.0.3

SpamSieve 3.0.3 is another maintenance update. The main focus is working around various cases where Apple Mail doesn’t behave properly, resulting in hangs or messages not being filtered or trained.

Some interesting bugs were:


Apple Music Replay’s Broken Record

Joe Rosensteel:

The tile implores you to “Replay and share your year in music.” In tiny text, seemingly indicating shame or remorse, it says “Go to site”.

You see, the Apple Music app - and iTunes before it - are largely glorified markup viewers, but for whatever reason, the Music app still can’t display Apple Replay in the Apple Music app. Instead the user is shunted off to the web version of the Music app.

Not a big deal, right? Except you have to log in with your Apple ID in your web browser to see the web version of the app you were just in so you can look at text and images with CSS animation. Does the Music app not pass Acid3? For all the crap Apple, and its fans, level at Electron based apps we’re left with this native app’s sweet solution.

And, needless to say, the Web page is designed for mobile with sideways carousels.

It seems to be like something one could upload to a Stories, or other vertical video product to share, but there are no sharing controls in a desktop web browser at all, so you have to go to the site in Safari on iOS, to get a share icon to save a static PNG to send somewhere else. There’s something poetic about failing to do something social well and using the format pronounced “ping”.



Julia Evans:

has anyone made a read-only FUSE filesystem for a git repository where every commit is a folder and the folder contains all the files in that commit?

Jordan Rose:

And I did in fact do something very like that, back when I was playing with FUSE! But I never put it up anywhere cause it had an annoying build process, and didn’t seem to add much, and—

Well, in any case, Evans asked to see it, so here it is, cleaned up to be a plain old SwiftPM package.


Just Get a Brother

ifixcoinops (via Hacker News):

Watching a mutual ask for printer recs and receive a chorus of tired tech folk going “Just get a Brother, they’re fine” and man


Like this is actually kinda fascinating honestly, Brother is now the best printer brand, the one that every Computer Person recommends, and is it because their printers are good? Their printers are fine, they print, whatever, no, it’s because everybody else’s printers have gotten Innovated out the wazoo, every innovation making them way worse, until it’s gotten to the point where I wouldn’t have one in the house even if it were free, and meanwhile Brother’s have remained consistently Fine I Guess, which now makes them the best printer manufacturer simply by virtue of them opting out of the Who Can Get Crappiest Fastest race

It’s true, from what I can tell. There was a time when pretty much all the printers were fine. I tended to like the HP ones. Then at some point they pretty much all started to suck. I ran into a series of horrible models from HP and Epson, with both hardware and software issues. I’ve been using a Brother laser printer for at least 15 years now, and it’s boring in the best possible way. It does what it’s supposed to do and never gives me any trouble. Over the summer we bought another one—my first color laser—and it also works as expected. Decent printers are ridiculously cheap these days. I think I got it on sale for roughly the price of an AirPods Pro. It seems like we’ve printed and color-copied a lot, yet the initial toner cartridges are still going strong. There’s no software to install, and the scanner works with macOS’s Image Capture, although that app seems to be falling into disrepair.


Update (2023-12-28): Simone Manganelli:

I was amazed w/how simple a B&W Brother laser printer was to setup: there was none.

What I want from tech: a Brother brand for every piece of hardware and every app. Something that I can rely on and never changes. I hate that tech cos insist on changing everything constantly.


I have an MFC-3750 that’s been running perfectly with Non-OE ink for more than a year now. The W1.56 firmware update, however, disabled the automatic color registration feature. With the colors not able to be aligned, the printer is effectively non-functional.


I recently bought a Brother colour laser printer, with the understanding that OEM toner was not chip-locked.


Not only is the above, post-sale firwmware update a change of what I understood to be Brother’s historical policy, the method is beyond evil.

Brother seems to be apparently accepting the ink, but then purposefully making the print quality poorer.

Update (2024-01-03): Deceptive Patterns:

Surely this can’t be real.

“We’ve alerted you multiple times that this printer had non-Original HP cartridges installed. This is your final notice to fix the issue”

Update (2024-01-11): Karl Bode:

Hewlett Packard (HP) has been socked with yet another lawsuit for crippling the printers of consumers who use cheaper third-party ink cartridges.

Update (2024-01-23): Richard Speed (via Hacker News, Slashdot):

HP CEO Enrique Lores admitted this week that the company’s long-term objective is “to make printing a subscription” when he was questioned about the company’s approach to third-party replacement ink suppliers.


Later in the interview, he added: “Every time a customer buys a printer, it’s an investment for us. We are investing in that customer, and if that customer doesn’t print enough or doesn’t use our supplies, it’s a bad investment.”


Lores said of customers who use a third-party cartridge: “In many cases, it can create all sorts of issues from the printer stopping working because the ink has not been designed to be used in our printer, to even creat[ing] security issues.

“We have seen that you can embed viruses into cartridges, through the cartridge go to the printer, from the printer go to the network, so it can create many more problems for customers.”

Update (2024-01-30): Karl Bode:

Ars Technica talked to numerous security researchers who laughed at the claim, noting that it’s never been meaningfully documented in the wild, and isn’t something consumers should be worried about.

Or, if you believe Lores, the design is a bit of a strategy tax in that their business model led them to create a security hole where none had previously existed.

Update (2024-04-08): Nilay Patel (tweet):

It’s been over a year since I last told you to just buy a Brother laser printer, and that article has fallen down the list of Google search results because I haven’t spent my time loading it up with fake updates every so often to gain the attention of the Google search robot.

It’s weird because the correct answer to the query “what is the best printer” has not changed, but an entire ecosystem of content farms seems motivated to constantly update articles about printers in response to the incentive structure created by that robot’s obvious preferences. Pointing out that incentive structure and the culture that’s developed around it seems to make a lot of people mad, which is also interesting!

Anyway, here’s the best printer for 2024: a Brother laser printer. You can just pick any one you like; I have one with a sheet feeder and one without a sheet feeder. Both of them have reliably printed return labels and random forms and pictures for my kid to color for years now, and I have never purchased replacement toner for either one. Neither has fallen off the WiFi or insisted I sign up for an ink-related hostage situation or required me to consider the ongoing schemes of HP executives who seem determined to make people hate a legendary brand with straightforward cash grabs and weird DRM ideas.


Friday, December 22, 2023

Beeper’s Final Fixes and Government Investigations

Juli Clover:

On Reddit, the Beeper Mini team says that the Mac-based fix coming on December 20 stabilizes iMessage for Beeper Cloud and Mini, and it “works well” and “is very reliable.”


Beeper has been using its own Mac servers to provide that information to Apple, but that resulted in thousands of Beeper users having the same registration info, which was an “easy target for Apple.”

The Beeper update will instead generate unique registration data for each Mac, making it harder for Apple to tell which users are accessing iMessage through an Android device. The Beeper Mini team says that registration data is “only used to indicate that a Mac is available during registration” and that the Mac will not be given access to an account or messages.

Tim Hardwick:

The developers of Beeper Mini, the iMessage for Android app, are back with another attempt to keep Apple’s blue bubbles onside, and this time they will ask users to generate their iMessage registration data with the help of jailbroken iPhones, MacRumors has learned.


If users don’t have access to an old iPhone for jailbreaking in order to complete the registration process, that’s okay – Beeper will rent them one for a small monthly fee. The developers say this service will be available in the new year, if there is enough interest.

Juli Clover:

The Beeper Mini team says that 10 to 20 people can “safely” use the same registration data, but the Mac method limits Beeper Mini users to email-based iMessage communications, and it requires an Apple ID.

The second more complicated Beeper Mini workaround uses an iPhone. Beeper Mini’s developers suggest that customers get an old iPhone 6, 6s, original SE, 7, 8, or X and jailbreak it with a Mac or Linux computer to install a Beeper tool that generates an iMessage registration code. The registration code can be added to the Beeper Mini app, and it allows an Android phone number to be registered with iMessage.

Aisha Malik (Hacker News, Slashdot):

Although the company has issued a complex workaround, it says it has no plans to roll out another one if this one is knocked down by Apple.

“Each time that Beeper Mini goes ‘down’ or is made to be unreliable due to interference by Apple, Beeper’s credibility takes a hit,” the company wrote in a blog post. “It’s unsustainable. As much as we want to fight for what we believe is a fantastic product that really should exist, the truth is that we can’t win a cat-and-mouse game with the largest company on earth. With our latest software release, we believe we’ve created something that Apple can tolerate existing. We do not have any current plans to respond if this solution is knocked offline.”

Josh Centers:

I’m starting to suspect that Beeper Mini is a pretense to sue or regulate Apple, much like Epic trying to sneak IAP past the App Store.

I’m supposed to believe these guys are smart enough to reverse engineer iMessage but dumb enough to not expect Apple to block it?

Wes Davis and Jess Weatherbed:

[…] a group of US lawmakers are pushing for the DOJ to investigate Apple for “potentially anticompetitive conduct” over its attempts to disable Beeper’s services. Senators Amy Klobuchar (D-MN) and Mike Lee (R-UT), as well as Representatives Jerry Nadler (D-NY) and Ken Buck (R-CO), said in a letter to the DOJ that Beeper’s Android messaging app, Beeper Mini, was a threat to Apple’s leverage by “creating [a] more competitive mobile applications market, which in turn [creates] a more competitive mobile device market.”

Kevin Purdy (Hacker News):

Eric Migicovsky welcomed CBS Mornings into his garage, where he advanced his argument that Beeper was turning grossly insecure SMS messages between iPhone and Android users into secure, end-to-end encrypted chats.


That interview lined up with another development: a bi-partisan foursome of US lawmakers, including Sen. Amy Klobuchar (D-Minn.), sending a letter to the Department of Justice regarding “Apple’s potential anti-competitive treatment of the Beeper Mini messaging application.” Apple’s actions toward Beeper, the letter suggests, could “eliminate choices for consumers,” “discourage future innovation and investment” in messaging, and make Apple a “digital gatekeeper,” suggesting a need for review by the DOJ’s Antitrust Division.

Adamya Sharma (Hacker News):

“In December 2015, Beeper’s Chief Executive Officer, Eric Migicovsky, testified before the Senate Judiciary Committee’s Subcommittee on Competition Policy, Antitrust, and Consumer Rights. He expressed concern that dominant messaging services would use their position to impose barriers to interoperability and prevent Beeper entering and delivering services that consumers want. Given Apple’s recent actions, that concern appears prescient,” the lawmakers state in their letter to the DOJ.

William Gallagher (Slashdot):

According to The Information, this cycle is going to continue, too, as Beeper CEO Eric Migicovsky maintains that his company will persist — and could take legal action, too.

“We’re investigating legal ramifications for Apple, definitely,” said Migicovsky. “Around antitrust, around competition, around how they’ve made the experience worse for iPhone users with this change.”

Hartley Charlton:

The United States Department of Justice (DOJ) and Federal Trade Commission (FTC) are intensifying their investigations into Apple's alleged anti-competitive practices following the recent blocking of the iMessage for Android app Beeper Mini, the New York Times reports.


Update (2023-12-28): Beeper Mini was removed from the Google Play Store.

See also: The Talk Show.

Update (2024-01-30): Malcolm Owen (Hacker News):

Beeper mini users who used their hardware to register their app with Apple’s iMessage network may find their Mac blocked from the service instead, in what could be retaliation against the use of the controversial messaging app.


It appears that Apple may be detecting the instances of registrations being used by Beeper, and then striking the registration’s access from iMessage. The problem is that doing so also blocks the legitimate original source of the registration too, as well as any other devices that use the same registration data.

At the time of the method’s introduction, Beeper said that testing revealed up to 20 users could “safely” use the same registration data.

Chethan Rao (via Hacker News) :

While Apple has since reversed the ban, this whole ordeal has led Beeper to call off its iMessage efforts.


The Beeper team notes that they emailed Apple directly about the banning episode, but didn’t hear back from the company. It was then that they approached a NYT reporter with experience covering Beeper, who in turn, got in touch with Apple. The bans were lifted around two days later, per Beeper.


How to Control the World

Brandon Williams and Stephen Celis (2018, via Christian Tietze):

While unconventional, we hope that it’s obvious that this solution of controlling dependencies is superior to the traditional solutions in use today. It also gives us an opportunity to reevaluate deep-seated beliefs we may have. We should continuously question our assumptions. In this case, we found that:

  • Singletons can be good (as long as we have a means to control them) and global mutation can be good (when it’s limited to development and testing). Blanket statements against singletons and global mutation are fun to make, but we were able to find real value in using them.

  • Protocols aren’t necessarily a good choice to control dependencies. Protocol-oriented programming is all too easy to reach for when a simple value type requires less work.

The global mutable struct approach certainly reduces boilerplate code, but I’ve never understood how it can work with threads. Most basically, how do you deal with modifying the dependencies for multiple unit tests that are running concurrently?

Their newer Dependencies library handles this more directly:

A dependency management library inspired by SwiftUI’s “environment.”


For example, you can easily control these dependencies in tests. If you want to test the logic inside the addButtonTapped method, you can use the withDependencies function to override any dependencies for the scope of one single test.

The dependencies are stored in a TaskLocal. But it still feels like a partial solution because not all code uses Swift Concurrency, and you still need to worry about propagating dependencies:

It is important to note that task locals are not inherited in all escaping contexts. It does work for Task.init and TaskGroup.addTask, which make use of escaping closures, but only because the standard library special cases those tools to inherit task locals (see copyTaskLocals in this code).

But generally speaking, task local overrides are lost when crossing escaping boundaries.


In order to access dependencies across escaping closures, e.g. in a callback or Combine operator, you must do additional work to “escape” the dependencies so that they can be passed into the closure.

It’s more ergonomic not to have to propagate dependencies explicitly, but relying on implicit behavior can be harder to understand and error-prone.


WeChat’s HotspotHelper Entitlement

Yingyu (via Hacker News):

Since the introduction of iOS 9 in 2015, Apple has included an API call named “HotspotHelper,” enabling developers to request a capability for their apps to assist the system in connecting to WiFi access points.


The real cause for concern arises from the fact that, with access to such information, apps can effectively track a user’s location. This is based on the premise that most WiFi access points remain stationary after deployment, providing a consistent reference for triangulating a user’s whereabouts.


Adding another layer to the discussion is the fact that major apps like WeChat and Alipay have already implemented this capability. These two apps are ubiquitous in mainland China, touching almost every aspect of people’s lives. The widespread use of these applications in a densely populated region intensifies the implications of location tracking without user consent.


I strongly advocate for Apple to offer users the option to disable this feature, akin to other privacy settings such as location and notifications. Apps should explicitly seek permission before accessing this feature, ensuring users have the ability to grant or deny access while using the app.

We already know that WeChat gets special treatment to bypass the App Store guidelines (apps-within-apps and payments) because of its strategic importance. It sounds like it also has a special entitlement. This is ostensibly needed so that users can connect to public hotspots authorized by their WeChat accounts, but it also allows the app access to tracking information even for users not using those hotspots and with no way to opt out.

iOS’s app-based privacy protections are not well suited to super-apps. An app that does all the things gets all the entitlements and all the access. Once the app gets all the data, Apple and the user have no control over how it’s used.


iOS 17 Autocorrect

Juli Clover:

The machine learning technology that Apple is using for autocorrect has been improved in iOS 17. Apple says it has adopted a “transformer language model,” that will better personalize autocorrect to each user. It is able to learn your personal preferences and word choices to be more useful to you.

After using iOS 17 for a few weeks, most users will notice that the autocorrect suggestions are much better at predicting what you want to say and presenting words for you to tap to autofill. When you use acronyms, shortened words, slang words, and colloquialisms, autocorrect is not as aggressive with the automatic correcting, but it is still able to correct accidental typos.

Federico Viticci:

Imagine my relief, then, when I realized that iOS 17’s brand new autocorrect feature based on a transformer model was not just marketing speak but actually works and makes typing on the iPhone’s (and iPad’s) software keyboard a…pleasant experience. I can’t believe I’m saying this but I love Apple’s new autocorrect system in a way I never even remotely appreciated typing on a software keyboard.

The new autocorrect is so good, it allowed me to write a good chunk of this review without using the Magic Keyboard for iPad at all.


All of these traits are complemented by the refreshed user experience Apple designed for the system keyboard in iOS 17. For starters, when a word is automatically corrected, it gets underlined; tap the underlined word, and a new popup appears, allowing you to revert to what you wanted to type in the first place or choose between different suggestions.

After using it for a while now, I think autocorrect is definitely improved in iOS 17, but I’m not seeing as dramatic an improvement as others are reporting. I’m not sure that it’s better than the old iOS 10 system that didn’t use machine learning.

The main issues are that it still changes correct entries to be incorrect and still suggests garbage words. At the same time, it is sometimes surprisingly unhelpful at what would seem to be the easy cases. For example, I was recently trying to type the word “didn’t” and had entered “didn”. iOS’s suggested completions were “don’t” and “doesn’t”. Other times, this same example has worked, though. I cannot predict what the predictive text model is going to do, which makes it require more attention, and it sometimes seems dumber than a simple prefix-based approach.

I do really like the new user interface, as it makes it much easier to deal with the system’s foibles.

Damien Petrilli:

The keyboard on iOS 17 is a nightmare. It was already going down since few releases but now it’s unbearable.

  • can’t keep up if you type too fast
  • key precision is worst than ever by triggering the wrong letter.
  • sometimes the system takes your typing as touches instead and you are sent back on the springboard with tap triggered everywhere like it was catching up
  • keyboard freezes more and more

I have not been seeing these problems, thankfully.


Update (2024-02-05): Mario Guzmán:

I am having to fucking go back and edit my text messages more than ever before due to how fucking aggressive and awful auto-correct on iOS is these days. I’ve tried resetting my dictionary but even that doesn’t help.

Update (2024-03-08): Pierre Igot:

In my experience, lots of Mac users, even if they are regular iPhone users, DO NOT LIKE autocomplete in macOS, for fairly obvious reasons. Yet, unless they happen to know what the official name for the feature is (“inline predictive text”), how are they supposed to find how to turn it off in the jungle of System Settings? The most commonly known term, “autocomplete”, yields NO RESULTS. For some reason, “autoc” and “autoco” work, but NOT “autocom” or anything longer.

Update (2024-03-11): Todd Thomas:

So what really happened to autocorrect between the iOS 17 betas where it looked amazing and the current state of things right now?

Thursday, December 21, 2023

State Restoration With NSSecureCoding on Sonoma

Milen Dzhumerov:

AppKit state restoration behaviour changed on macOS 14 Sonoma in a subtle way that can lead to apps not restoring their state correctly. The change can lead to silent breakages which can be hard to debug.


Violations can now arise in any -restoreStateWithCoder: implementations, so they need to be audited.

  • Check for any usages of -[NSCoder decodeObjectForKey:].
    • Replace with the appropriate secure variants.
  • At the end of -restoreStateWithCoder:, check the value of NSCoder.error property.
    • If it’s non-nil, an error must have occurred earlier.

This is necessary because AppKit uses NSDecodingFailurePolicySetErrorAndReturn, rather than raising an exception that couldn’t be caught with Swift.

I was already opting into using secure coding but have sometimes seen this error logged even though I was implementing that method:

WARNING: Secure coding is not enabled for restorable state! Enable secure coding by implementing NSApplicationDelegate.applicationSupportsSecureRestorableState: and returning YES.

See also: Jordan Morgan.


How to Change a New iPhone Passcode If You Forget It

Tim Hardwick:

In iOS 17 and iPadOS 17, it is now possible to reset an iPhone or iPad’s new passcode with the previous passcode you used for up to three days after the change is made. In other words, Apple lets you use your old passcode within 72 hours of setting a new one, which is handy if you’re someone who is likely to forget a newly created passcode.

When you enter an incorrect passcode on a device running iOS 17 after making a change, simply tap on the Forgot Passcode? option at the bottom of the display to use the Try Passcode Reset option. Tapping it allows you to use your old passcode to create yet another new passcode.

For protection in case someone has learned your passcode, there is also an “Expire Previous Passcode Now” setting that you can make use of.


Manual AutoFill in Safari

Dan Moren:

In a very clever move, Apple has introduced essentially a manual mode for AutoFill. You’re no longer dependent on Safari recognizing that, yes, these are fields where you can put your address in. Instead, anywhere that you can enter text—and not just in Safari, but anywhere, in any app—bring up the contextual menu by right/two-finger/control clicking on the Mac or tapping and holding on iOS/iPadOS, and then go to the new AutoFill submenu. From there choose Contact or Passwords, depending on what info you want to bring up, and you can have it drop that info right into the form.


Update (2023-12-22): Ricky Mondello:

Not just Safari! Across the whole OS (macOS, iOS, iPadOS)! For any Mac app not using a standard contextual menu, you can look in the Edit menu for AutoFill, too!


Sadly only for iCloud Keychain passwords and not 3rd party password-managers.

Wednesday, December 20, 2023

Triggering Swift Property Observers From Initializers

Natalia Panferova:

In Swift, property observers such as willSet and didSet are not called when a property is set in an initializer. This is by design, as the initializer's purpose is to set up the initial state of an object, and during this phase, the object is not yet fully initialized. However, if we need to perform some actions similar to what we'd do in property observers during initialization, there are some workarounds.

Ole Begemann:

When a Swift property has a willSet clause, any mutation of that property will be made on a temporary copy.

⇒ At least two copies exist during the mutation.

⇒ This defeats the copy-on-write optimization for Array, String, etc. (which relies on uniquely referenced buffers).

⇒ A property of a COW type with a willSet will copy its contents on every mutation.

Relevant for SwiftUI code because @Published uses willSet: every mutation of a @Published var array: [T] will copy the array contents.

This happens even if the willSet doesn’t actually use the new value, e.g. if it was just being used to trigger a notification.


Dictation and Predictive Text in macOS Sonoma and iOS 17

Kirk McElhearn:

It may seem counterintuitive to dictate and type at the same time, but there is a reason for this. As you dictate, you will find that the accuracy of the transcription is far from 100%. Previously, when you spotted mistakes to correct while dictating, you would have to stop dictating, correct the mistakes, and then pick up again. Now, you can keep the dictation active while you are correcting misunderstood words. If you dictate a lot, this can save you a lot of time. I find that it’s much easier to correct as I go along, rather than waiting until I get to the end of a long paragraph and going back to fix errors.

Another reason is that there are symbols and special characters that are not very easy to dictate. Apple has a support document explaining how to dictate many of these characters, but I find that they don’t always work. And you may need other special characters that you can’t dictate.

When dictating in this mode, you’ll see the blue cursor visible at the end of your dictation, waiting for you to continue. Previously, after you stopped talking for a few seconds, your device would stop listening. At this point, you can type, and when you start dictating again, your Mac picks up its transcription where your cursor is located.


To enable predictive text on the Mac, go to System Settings > Keyboard > Text Input.


Google Groups Ending Support for Usenet

Google (via Hacker News):

Starting on February 22, 2024, you can no longer use Google Groups (at to post content to Usenet groups, subscribe to Usenet groups, or view new Usenet content. You can continue to view and search for historical Usenet content posted before February 22, 2024 on Google Groups.

In addition, Google’s Network News Transfer Protocol (NNTP) server and associated peering will no longer be available, meaning Google will not support serving new Usenet content or exchanging content with other NNTP servers.

The Original iPhone Demo

Fred Vogelstein (2013, via Hacker News):

The software in the iPhone’s Wi-Fi radio was so unstable that Grignon and his team had to extend the phones’ antennas by connecting them to wires running offstage so the wireless signal wouldn’t have to travel as far. And audience members had to be prevented from getting on the frequency being used. “Even if the base station’s ID was hidden” — that is, not showing up when laptops scanned for Wi-Fi signals — “you had 5,000 nerds in the audience,” Grignon says. “They would have figured out how to hack into the signal.” The solution, he says, was to tweak the AirPort software so that it seemed to be operating in Japan instead of the United States. Japanese Wi-Fi uses some frequencies that are not permitted in the U.S.


Then, with Jobs’s approval, they preprogrammed the phone’s display to always show five bars of signal strength regardless of its true strength. The chances of the radio’s crashing during the few minutes that Jobs would use it to make a call were small, but the chances of its crashing at some point during the 90-minute presentation were high. “If the radio crashed and restarted, as we suspected it might, we didn’t want people in the audience to see that,” Grignon says. “So we just hard-coded it to always show five bars.”

None of these kludges fixed the iPhone’s biggest problem: it often ran out of memory and had to be restarted if made to do more than a handful of tasks at a time. Jobs had a number of demo units onstage with him to manage this problem. If memory ran low on one, he would switch to another while the first was restarted.

Ben Thompson:

The part of the Gemini announcement that drew the most attention did not have anything to do with infrastructure or data: what everyone ended up talking about was the company’s Gemini demo, and the fact it wasn’t representative of Gemini’s actual capabilities.


Google, given its long-term advantages in this space, would have been much better served in being transparent, particularly since it suddenly finds itself with a trustworthiness advantage relative to Microsoft and OpenAI. The goal for the company should be demonstrating competitiveness and competence; a fake demo did the opposite.


Measuring the Data iOS and Android Send to Apple and Google

Douglas J. Leith (2021 PDF, via John Opdenakker, ArsTechnica)

We investigate what data iOS on an iPhone shares with Apple and what data Google Android on a Pixel phone shares with Google. We find that even when minimally configured and the handset is idle both iOS and Google Android share data with Apple/Google on average every 4.5 mins. The phone IMEI, hardware serial number, SIM serial number and IMSI, handset phone number etc are shared with Apple and Google. Both iOS and Google Android transmit telemetry, despite the user explicitly opting out of this. When a SIM is inserted both iOS and Google Android send details to Apple/Google. iOS sends the MAC addresses of nearby devices, e.g. other handsets and the home gateway, to Apple together with their GPS location. Users have no opt out from this and currently there are few, if any, realistic options for preventing this data sharing.


During the first 10 minutes of startup the Pixel handset sends around 1MB of data is sent to Google compared with the iPhone sending around 42KB of data to Apple.


The high frequency of network connections made by both iOS and Google Android (on average every 4.5 minutes) therefore potentially allow tracking by Apple and Google of device location over time.

Hopefully they aren’t logging.

Thomas Germain (January 2023, via Hacker News):

France’s data protection authority, CNIL, fined Apple €8 million (about $8.5 million) Wednesday for illegally harvesting iPhone owners’ data for targeted ads without proper consent.


Apple failed to “obtain the consent of French iPhone users (iOS 14.6 version) before depositing and/or writing identifiers used for advertising purposes on their terminals,” the CNIL said in a statement. The CNIL’s fine calls out the search ads in Apple’s App Store, specifically.


With iPhones running iOS 14.6 and below, Apple’s Personalized Advertising privacy setting was turned on by default, leaving users to seek out the control on their own if they wanted to protect their information. That violates EU privacy law, according to the CNIL. It doesn’t cross the Europe’s GDPR, though; the violation falls under the more obscure ePrivacy Directive of 2002.


Tuesday, December 19, 2023

macOS 14.2.1

Juli Clover (release notes, security, developer, full installer, IPSW):

According to Apple’s release notes, macOS Sonoma 14.2.1 includes bug fixes and a security update. macOS 14.2.1 fixes a screen sharing vulnerability that could cause a user to unintentionally share the incorrect content.

See also: Mr. Macintosh and Howard Oakley.


Update (2023-12-21): Howard Oakley (tweet):

If you run macOS virtual machines (VMs) on Apple silicon Macs using lightweight virtualisation, you may wish to avoid updating those VMs to macOS Sonoma 14.2 or 14.2.1 for the moment. If you do, then they will lose any shared folders they have previously used in 14.1.2 and earlier.


This also affects new VMs built using IPSW image files for 14.2 and 14.2.1: even though your virtualiser may configure shared folders without error, they aren’t made available when running that VM.

The other bug that I’ve seen reported, and reproduced on my Mac, is that pressing the Pause button in the Console app crashes it.

Update (2023-12-22): Howard Oakley:

Not all virtualisers automount shares in this way: VirtualBuddy is an exception, which still uses a single manually mounted share mounted using a script inside the VM. However, both Parallels Desktop and my apps (Viable and Vimy) rely on automounting, thus they lose their shares in 14.2 and 14.2.1.


I’m extremely grateful to Dan for providing the workaround to manually mount the share. Unfortunately, you need to do this every time that VM is started up, as there’s no straightforward way to make this persist between boots.


This bug is fixed in the current beta of Sonoma 14.3, although that will most probably only re-enable shared folders in 14.3 and later, and might be unable to fix them in 14.2 or 14.2.1.

Update (2023-12-28): Martin Wierschin:

InfoClick initially had issues on macOS Sonoma; crashes during system text decoding could be triggered by certain email content. We don’t know exactly what content caused crashes, but Apple appears to have fixed it.

Craig Hockenberry (via Mr. Macintosh):

Don’t use Screen Sharing in macOS Sonoma 14.2.

It shares random windows in other Spaces with whoever is on the other end of the line. If you think your desktop is completely empty, it isn’t.

As you can see below, this could range from embarrassment to leaking private data.

I reported this about a month ago (FB13398611) and can’t believed it shipped. Same with the window manager bug in 14.1. I liked macOS better when point releases weren’t full of breaking changes without workarounds.

I ran this by Apple Security Research and their response was: “We’re unable to identify a security issue in your report.”

After macOS Sonoma 14.2 went out and I tooted about the Screen Sharing vulnerability, Apple folks quickly understood what I was trying to tell them with the FB and OE.

Good that Apple fixed it, but they should give him a bounty and investigate why the security team again blew off a real issue.

iOS 17.2.1

Juli Clover (release notes TBA, security TBA, developer):

The iOS 17.2.1 update includes unspecified bug fixes, according to Apple's release notes for the update.


Update (2024-01-09): iulianOnofrei (via Peter Steinberger):

PSA: There’s a bug in iOS 17.2 where the notes associated to a saved account (Settings app > Passwords) get completely lost, but I don’t know the reproduction steps.

I use the notes to save the 2FA recovery codes, so I risked getting locked out of my account.

tvOS 17.2 Removes Wishlists

Juli Clover:

Unfortunately, Apple’s move to consolidate purchasing and viewing in the Apple TV app has done away with wishlists, and customers who used the feature got no warning about their elimination.

On Reddit, Twitter, the MacRumors forums, and the Apple Support Community, customers are complaining about the change.


The wishlists did not transfer over to the Apple TV app with these updates, so some customers who had compiled long watch lists are unable to access those curated lists or copy them over to a new location. Some users are able to open up the iTunes Store app on iOS devices and tap on the hamburger button in the upper right corner to see their wishlists, but this does not appear to be working for everyone. Those who compiled lists on the Apple TV appear to have no way to access them.

The Apple TV auto-updates, and customers lose their data without even being warned. We were not using the wishlists because there was no export feature, and I don’t trust Apple to preserve this sort of data. But we did run into other signs of lack of care.

We were in the middle of watching a movie, purchased from the iTunes Store, when the Apple TV updated overnight. When we went to resume, we clicked the thumbnail at the top of the screen, and it showed an alert saying not to use the Movies app—a strange message if you don’t know the backstory because we had not tried to open the app. Even being aware of the transition, I had assumed that the thumbnail was like a bookmark to open the movie; I didn’t realize that it was tied to a particular app. In any case, why couldn’t Apple redirect the link to the new app? They control both apps as well as the purchased content. If this had been a Web video and I changed my default browser the link would have still worked.

After manually opening the TV app, it was easy to find the movie, but the thumbnail was blank. When we came back the next night to finish the movie the thumbnail was still blank.

Mike Rockwell:

I’ve also noticed that there is no option to view a preview of TV show episodes in the TV app either, which was available in the dedicated iTunes TV Shows app.

A warning on this would have been nice, but I hate that they’re doing it regardless. If I want to browse TV shows or movies to purchase on my Apple TV, all the iTunes Store content is commingled with media that’s only available on streaming.

Benjamin Mayo:

With Movies and TV Shows now purged, what is the solution for the Music tab in terms of retiring the iTunes Store app altogether? Are they planning to add the store to Music app soon?


Adobe Abandons Figma Acquisition

Paul Kunert (Hacker News):

Adobe’s $20 billion buy of web-first design collaboration start-up Figma will harm software developers if it goes ahead as proposed, according to a provisional ruling on the merger by Britain’s competition regulator.


The CMA adds in its report: “The inquiry group also provisionally concluded that Adobe abandoned development of new product design software which could have competed even more closely with Figma and, given the timing of the decision, did this as a consequence of the merger.


The EC has a new February deadline to conclude its own probe. And of course the Dept of Justice’s anti-trust team is also taking a keen interest in the $20 billion sale, which would be the most expensive for a private company in enterprise software history.

Dylan Field (Hacker News, Slashdot):

Figma and Adobe have reached a joint decision to end our pending acquisition. It’s not the outcome we had hoped for, but despite thousands of hours spent with regulators around the world detailing differences between our businesses, our products, and the markets we serve, we no longer see a path toward regulatory approval of the deal.

We entered into this agreement 15 months ago with the goal of accelerating what both Adobe and Figma could do for our respective communities. While we leave that future behind and continue on as an independent company, we are excited to find ways to partner for our users.

Jess Weatherbed:

“Adobe and Figma strongly disagree with the recent regulatory findings, but we believe it is in our respective best interests to move forward independently,” said Adobe chair and CEO Shantanu Narayen in a statement.


In a letter dated December 14th, Adobe rejected remedies suggested by the UK’s Competition and Markets Authority (CMA) to approve the merger following an in-depth antitrust probe. The authority wanted Adobe to make a significant divestment of assets, source code, and engineers to “restore the conditions of competition.”

Thomas Claburn:

European Commission Executive Vice-President Margrethe Vestager, who oversees competition policy, said in a statement, “By combining these two companies, the proposed acquisition would have terminated all current and prevented all future competition between them. Our in-depth investigation showed that this would lead to higher prices, reduced quality or less choice for customers.”

Om Malik:

The writing has been on the wall for sometime — the regulators on both sides of the Atlantic have been hemming and hawing about not only this specific transaction, but also about any “mergers” or “acquisitions” in the technology sector.


The implications of the failure of the Adobe-Figma deal are pretty clear for the startup ecosystem. If “big tech” and the next layer of technology companies (such as Adobe) can’t buy “startups,” the liquidity environment is going to change for the startup founders, and of course, the venture investors. Deals, especially mid-sized deals, are part of the equation. The innovation ecosystem depends on sustained outcomes — a positive outcome of even one in a hundred startups keeps the innovation engine chugging along.

Large technology companies will be forced to do what they can with their resources — get bigger. By using their mountains of cash, they can enter new markets, and even if they can’t make an impact — they can muddy the waters. Of course, they can do what Microsoft has done with OpenAI — own 49 percent of OpenAI, and get all the benefits without the regulatory headaches.

What about the startups? Well, if the outcomes are going to become scarce, then investor dollars are going to be focused on likely winners — ones that can probably go public.

Nick Heer:

It seems unwise to treat this as a case of a smaller company not being allowed to grow up because of big government regulators. Adobe was clearly trying to buy its first major competitor since Macromedia — which it also acquired. Technology companies, even very big ones like Adobe, will certainly be allowed to merge and acquire, but it is right for competition authorities to ask questions about what impact it will have for individuals.

John Gruber:

Adobe owes Figma a $1 billion termination fee, but it’s unclear to me whether Figma was adequately prepared to go it alone as an independent company. Who else could and would acquire them for a similar price?


Monday, December 18, 2023

Apple Watch Sales Paused Over Masimo Patent

Chance Miller (MacRumors, Hacker News):

The Apple Watch Series 9 and Apple Watch Ultra 2 will no longer be available to purchase from Apple starting later this week.

The move comes following an ITC ruling as part of a long-running patent dispute between Apple and medical technology company Masimo around the Apple Watch’s blood oxygen sensor technology.

John Voorhees:

The dispute is the subject of a federal court lawsuit and the complaint filed with the ITC, which ruled in Masimo’s favor in October. That decision is subject to executive review by the Biden administration and could be vetoed, but time is running out, and vetos are historically rare.


If I had to guess what’s going on here, I’d say it’s a high-stakes game of corporate chicken. Masimo got a ruling from the ITC that gave it leverage, so they asked for a big licensing deal. The Biden administration probably doesn’t want to deal with the dispute or look like it’s bailing out a big tech company, so I bet it told the parties to work things out, assuming Apple would pay up. Whether it ultimately will, only Apple knows, but it’s decided to force the Biden administration’s hand on the veto. If the ruling is vetoed, Apple’s existing court fight with Masimo continues, and the Series 9 and Ultra 2 go back on sale on December 26th. If not, the company still has the option to settle, which I have to imagine is preferable to pulling products from shelves for a potentially extended period of time.

I wonder whether Apple would be allowed to keep selling the watches if it disabled the blood oxygen sensor in software?

I’ve had little interest in the new watches since my Apple Watch SE has been working great and doing everything that I need it to do. However, this week I’ve noticed the battery not lasting as long, and the Battery Health is down to 80%, despite it being less than 2 years old. I don’t usually buy AppleCare+, but perhaps that would have been a good idea at $2.49/month given that Apple charges $99 for a battery replacement.


Update (2023-12-21): Nick Heer:

It is deeply weird that Apple issued an anonymous statement to a niche publication announcing it will soon stop selling a flagship product, which is usually the kind of thing it would want to tell the Wall Street Journal or CNBC.

John Gruber:

There’s some room here to finish holiday gift sales, but color me surprised that this dispute has gone to the deadline like this. Apple will continue selling Series 9 and Ultra 2 watches outside the U.S., but here, the only model that will remain available is the SE.

Juli Clover:

The U.S. International Trade Commission today denied Apple's motion to stay a looming Apple Watch ban while Apple files for appeal [PDF via The Verge], which means one avenue avoiding a pause in sales has been exhausted.

Juli Clover:

When the Apple Watch import ban goes into effect after December 25, 2023, Apple will not be able to repair out-of-warranty Apple Watch models in the United States. Apple Watch repairs typically involve replacing a broken unit with a new model rather than fixing an individual component, and replacement devices will not be available.

Sheel Mohnot:

Apple + Maximo met for partnership/acquisition talks but Apple had a secret plan (Project Everest) to steal the tech without paying. They even recruited 20 of Masimo’s team, doubling their salaries…. Apple paid their CTO $4M to come over, and in his 1st 2 weeks he filed 12 patents for sensors at Apple that were Masimo trade secrets… the worst part is that Apple fumbled the ball and the product doesn’t really work and Apple didn’t get FDA approval like Masimo did.

Joe Kiani, the immigrant electrical engineer CEO of Masimo seems to be fighting this as a vendetta - he’s spent >$60M fighting Apple so far & preliminarily seems to have won… most companies would not keep fighting.

Update (2023-12-28): Ariel Shapiro (Hacker News):

Apple has filed an appeal to the International Trade Commission’s decision to ban U.S. sales of Watch Series 9 and Watch Ultra 2 models, court records show. Additionally, the company is requesting an emergency stay on the ban for at least two weeks until a decision is made on redesigned versions of the banned models.

Blake Brittain and Jaspreet Singh (Hacker News):

Apple can for now resume sales of its flagship smartwatches, after a U.S. appeals court on Wednesday paused a government commission’s import ban on the devices imposed in a patent dispute over its medical monitoring technology.

Update (2024-02-01): Tim Hardwick:

As expected, Apple has updated its U.S. website to notify customers that the Blood Oxygen feature on the Apple Watch Series 9 and Apple Watch Ultra 2 is no longer included.

John Gruber:

Apple will disable blood-oxygen monitoring via software.

John Gruber:

This workaround definitely does not apply to already-sold watches, even after those watches upgrade to future versions of WatchOS. The reason why is that the ITC injunction is an import ban. Apple is banned from importing watches that violate Masimo’s patents. Units that have already been sold aren’t affected by an import ban.

The software workaround is clearly distinguishing which watches can continue to use the blood-oxygen sensor and which can’t by checking the device identifiers or serial numbers or something.


Because the ban was instituted by the International Trade Commission, I believe Apple could tell Masimo to go fuck themselves if Apple Watch Series 9 and Ultra 2 were manufactured in America, because an import ban wouldn’t matter.

Update (2024-02-05): Wesley Hilliard:

Apple CEO Tim Cook implies there isn’t any intention to license Masimo’s blood oxygen detection to end the Apple Watch import ban.

The Case for Clipboard Managers

Jason Snell:

[Over] the two decades of modern macOS, Apple has addressed most of the basic needs of the average user. At the end of that process, I ended up discovering that the most glaring feature omission in all of macOS might just be its lack of a clipboard manager.


Let me walk you through the reasons why non-nerds should care, why Apple should consider making this a built-in macOS feature, and what apps you should try out if you decide to go for it.


Once you know that copying something to your clipboard doesn’t destroy what’s there, your use of the clipboard can become far more extensive. You lose the fear of wiping out something important, replaced with confidence that you can grab something in case you want it later and stash it away in the clipboard history.

The classic MacOS had the Scrapbook app, and since Mac OS X 10.0 we’ve had hidden, partial support via the kill ring, but Apple has never made this a real feature. I’ve been using LaunchBar’s Clipboard History feature for years, and it’s great. But it would be nice to have multiple clipboards on iOS, too, and Apple is in the unique position of being able to extend Universal Clipboard.

Federico Viticci:

The lack of Mac-like clipboard management is one of the things I miss most from macOS when I work on my iPad. To give you an example: as I was putting together this post on Threads tonight with some tips I discovered, I realized I had to go back and double-check something else in the Threads app, so I copied my post (Threads doesn’t support saving as draft yet) and closed the composer UI. A few minutes later, I had already forgotten that my “draft” was stored in the clipboard, so I copied something else, and with no way to get my original text back from the iPadOS clipboard, I had to rewrite the post from scratch. That wouldn’t have happened if I was using macOS (or if Threads supported post drafts, but that’s a different story).

The clipboard management situation is even gloomier on iPadOS and iOS since, unlike the Mac, third-party apps can’t run with background privileges to monitor changes to your clipboard. Again, I don’t understand why Apple doesn’t want to make a modern API for this with all the necessary privacy controls for users. Because of these limitations, over the years I’ve seen the market for third-party iOS and iPadOS clipboard managers dry up.

Update (2023-12-19): Cabbage:

More indie apps don’t need to be Sherlocked

I think there would still be room for indie apps if Apple added OS support for multiple clipboards. My concern is that Apple would do it in a way that pulled the rug out from them.

Contingent Pricing for App Store Subscriptions

Apple (Hacker News, MacRumors):

Contingent pricing for subscriptions on the App Store — a new feature that helps you attract and retain subscribers — lets you give customers a discounted subscription price as long as they’re actively subscribed to a different subscription. It can be used for subscriptions from one developer or two different developers. We’re currently piloting this feature and will be onboarding more developers in the coming months.

Everything seems to be about subscriptions these days.

Wes Davis:

Pete Hare, an Apple engineering manager, said in a LinkedIn post that the company will “handle all the eligibility checks and commerce work” and that customers can download and subscribe to apps being promoted “in one step directly from email links or the App Store.” It could be a while before the benefits of the program are visible out in the wild, as Apple says it is bringing developers on board over the “coming months.”

It’s not clear to me why this is the sort of feature that needs to be pre-announced and piloted to a select group first.

Paulo Andrade:

This is interesting. Wasn’t expecting it to allow the contingency to be from another developer. This will allow various partnerships between indie devs.

The other potential use with two different developers is as a sort of “competitive upgrade” incentive to get customers to switch to your product. I did not see anything in Apple’s (very sparse) documentation about whether this is intended or possible, e.g. whether both developers have to agree to the discount and whether it’s reciprocal. The discount does require active subscriptions to both products, but it seems that condition would be met if you were switching to a new product just before the first one expired.

Friday, December 15, 2023

Stolen Device Protection in iOS 17.3

Joe Rossignol:

The first iOS 17.3 beta rolling out to developers today includes a new “Stolen Device Protection” feature that is designed to add an additional layer of security in the event someone has stolen your iPhone and also obtained the device’s passcode.

Joanna Stern and Nicole Nguyen:

With Stolen Device Protection: If you want to change an Apple ID password when away from a familiar location, the device will require your Face ID or Touch ID. It will then implement an hour-long delay before you can perform the action. After that hour has passed, you will have to reconfirm with another Face ID or Touch ID scan. Only then can the password be changed.


As with changing the Apple ID password, enabling or changing the recovery key or trusted phone number will require two biometric scans an hour apart. (Needless to say, thieves couldn’t use the passcode to immediately turn off Stolen Device Protection itself—that, too, will require the same biometric scans and security delay.)


The device requires your Face ID or Touch ID to access those passwords [in the keychain]. The passcode will no longer serve as a backup for failed biometrics.


A thief with your iPhone and its passcode can still unlock your phone, even when Stolen Device Protection is on. Any app that isn’t protected by an additional password or PIN is vulnerable. So are accounts that can be reset by text or email.

Adam Engst:

Requiring just one biometric authentication blocks the snatch-and-grab approach because the passcode won’t be sufficient on its own to do anything. Requiring the second scan an hour later ensures that even a forced scan during a mugging or drugging won’t be sufficient unless you’ve been held hostage for that time.

One concern is that viewing Settings > Privacy & Security > Location Services > System Services > Significant Locations must also require biometric authentication, or else the thief could go to one of those locations to complete the takeover. In iOS 17.2, viewing that screen requires Face ID or Touch ID, but failures can be overridden with the passcode.


Apple won’t turn Stolen Device Mode on for you, but iOS 17.3 will alert users to the feature when they update. That seems reasonable for the first release, and I plan to turn it on.

Michael Potuck:

  1. Make sure you’re running the iOS 17.3 beta on your iPhone.
  2. Open the Settings app.
  3. Swipe down and tap Face ID & Passcode (or Touch ID & Passcode).
  4. Now choose Stolen Device Protection.

John Gruber:

After Stern and Nguyen broke this story, a lot of people reasonably wondered why Apple allows you to reset your iCloud account password using only your device passcode. The reason is customer support: every single day, hundreds — maybe thousands? — of people are locked out of their iCloud account because they can’t remember the password. Android phones work the same way: you can reset your Google account password knowing only your device passcode. However many people are falling victim to thieves taking advantage of this, there are orders of magnitude more innocent users who do know their phone passcode, but have forgotten their iCloud/Google account password.

Stolen Device Protection addresses the problem well, with balance between security and convenience. No existing workaround is a true defense against a thief who knows your device passcode. (Locking your iPhone with Screen Time protections was suggested by many as a mitigation, but you can completely override Screen Time protections with the device passcode — it just adds a few extra steps.)


My only doubts about the feature are the “home” and “work” safe locations, where the hour-long delay is overridden. (You still need to authenticate with Face ID or Touch ID, though.) How are these locations determined?


Update (2023-12-21): John Gruber:

One aspect that struck me from Johnson’s description of his modus operandi is that it relied little on observing people surreptitiously to glean their device passcodes. Instead it was mostly pure social engineering. He’d make fast friends with a target in a bar and just talk his way into the target telling him their passcode, so he could show them his Snapchat account or whatever. He’d talk people into giving him what he needed. Never underestimate how much digital crime revolves around person-to-person social engineering.

I’m glad Apple is adding the new Stolen Device Protection feature in iOS 17.3 (currently in beta), but my main takeaway from this entire saga is that everyone, including Apple, needs to spread awareness that device passcodes need to be treated as holiest-of-holy secrets.

Update (2023-12-28): See also: Bruce Schneier.

Update (2024-05-23): Eric deRuiter:

I’ve disabled Apple Stolen Device Protection after seeing this.

The unexpected downside is that Face ID is required once SDP is activated so if Face ID no longer recognizes you then you would have to recovery mode to restore your phone.

There are many plausible scenarios for Face ID failing such as surgery, injury, shaving a beard, broken eye glasses, or even it just no longer recognizing you for no discernible reason—which happened to my wife recently.

Even if you are at a familiar location you would need another device to reset the phone.


Threads in EU and on ActivityPub

Jon Porter (via John Gruber):

Meta’s Twitter competitor, Threads, is now available in the European Union, CEO Mark Zuckerberg has announced. “Today we’re opening Threads to more countries in Europe,” Zuckerberg wrote in a post on Threads. The launch follows the service’s debut in the US and over 100 other countries across the world, including the UK, in July 2023. But until now, Threads hasn’t been available to the 448 million people living in the EU, and the company has even blocked EU-based users from accessing the service via VPN.

To coincide with today’s launch, Meta is giving users in the region the ability to browse Threads without needing a profile. Actually posting or interacting with content will still require an Instagram account, however.

Adam Mosseri:

Second, threads posted by me and a few members of the Threads team will be available on other fediverse platforms like Mastodon starting this week. This test is a small but meaningful step towards making Threads interoperable with other apps using ActivityPub[…]

Via John Gruber:

When Threads launched this summer, with the stated intention of federating via ActivityPub, there were a lot of naysayers who thought it would never happen. But here we are.

John Gruber:

It brings me no joy to report this, but unless I scrolled past one, there are no Mastodon clients in the top 200 free apps, even looking specifically within the “social networking” category, on either the App Store or Play Store. (Twitter/X categorizes itself as “News”, not “Social”, as a sad crutch to place higher in a category with less competition.) Even Bluesky makes these lists (#80 on the App Store; #49 on Play Store).


Regular people do not want to use social networks without algorithmic feeds, and do not want to use social networks whose basic premise they do not understand.


Update (2023-12-22): Erin Kissane (via Jesper):

For people with those concerns, Threads federation is a pretty big step toward being able to maintain an account on Mastodon (or another fediverse service) and still find the people they want to interact with—assuming some of those people are on Threads and not only on Bluesky, Twitter/X, Instagram, and all the other non-ActivityPub-powered systems.

On the flipside, Threads federation gives people on Threads the chance to reconnect with people who left commercial social media for the fediverse—and, if they get disgusted with Meta, to migrate much more easily to a noncommercial, non-surveillance-based network.


The Threads federation conversations that I’ve seen so far mostly focus on:

  • Meta’s likelihood of destroying the fediverse via“embrace-extend-extinguish”
  • Meta’s ability to get hold of pre-Threads fediverse (I’ll call it Small Fedi for convenience) users’ data,
  • Threads’ likelihood of fumbling content moderation, and
  • the correct weighting of Meta being terrible vs. connecting with people who use Threads.

Update (2024-02-01): Tom Coates:

Now, I mentioned above that the people we met at Meta seemed like decent, well-intentioned people attempting to do the right thing. However, this may not be enough to be a ‘good citizen’. And to understand why I think it’s worth talking briefly about the scale of the various parties.


Meta can currently claim around 160 million total users and about 100 million MAUs for Threads alone. So, again, maybe we shouldn’t be thinking about Threads ‘integrating’ with the fediverse and instead think about Threads attempting to engage with the Fediverse without entirely crushing it in the process.

Via Nick Heer:

I found myself nodding along with Coates’ description of the challenges of trying to fit the Meta model into the fediverse, and vice versa. It is not impossible, it is going to require a lot of work, and it sounds like Meta wants to make a good faith effort. I do not much like Threads as an application, but I know many people are now active there and I would like to see their posts on my own terms.

Update (2024-04-03): Dare Obasanjo:

I remember all of the skepticism about how Threads was not really going to integrate with fediverse. And now it’s here and actually quite mundane.

Apple and Corellium Settlement

Thomas Brewster (MacRumors):

After four years of court hearings and plenty of controversy, Apple and cyber startup Corellium are settling a copyright lawsuit. Terms have not been disclosed.

The suit was filed in 2019, with Apple claiming that Corellium had illegally replicated iOS by creating software that created virtual versions of iPhones so they could be probed by security researchers and app developers. Apple alleged Corellium had breached the Digital Millennium Copyright Act (DMCA) too by breaking the law’s “anti-circumvention” provision that makes it “unlawful to circumvent technological measures used to prevent unauthorized access to copyrighted works.”


The case had a number of surprises, with Corellium’s lawyers revealing that Apple had attempted to buy the startup for $23 million in 2018. In an unusual move, the tech giant also subpoenaed defense giant L3Harris so it could demonstrate how it was using Corellium’s technology.

I had thought this was already over.


Apple Expands Self Service Repair


Apple is expanding Self Service Repair, and launching a new diagnostic tool that gives users more transparency and autonomy to troubleshoot issues. Self Service Repair is now available for the iPhone 15 lineup and Mac models powered by the M2 lineup, including the 14- and 16-inch MacBook Pro, the 15-inch MacBook Air, Mac mini, Mac Pro, and Mac Studio. Self Service Repair is also now available for Apple users in 24 additional European countries[…]

Adam Engst:

However, I’m intrigued by what the Apple Diagnostics for Self Service Repair brings to the table for helping users identify hardware problems, even if they still plan to have Apple perform the repair. Although it’s available only in the United States for now, Apple says this remote tool “will give customers the same ability as Apple Authorized Service Providers and Independent Repair Providers to test devices for optimal part functionality and performance, as well as identify which parts may need repair.”


To get started, you put the device to be tested into diagnostic mode (which loads over the Internet) and enter that device’s serial number (clearly displayed in diagnostic mode) into a secondary device.


Google’s Confusing New Location Data Settings

Ron Amadeo:

Google’s misleading Location History descriptions in Google Maps have earned it several lawsuits in the US and worldwide. A quick count involves individual lawsuits in California, Arizona, Washington, a joint lawsuit in Texas, Indiana, and the District of Columbia, and another joint lawsuit across 40 additional US states. Internationally, Google has also been sued in Australia over its location settings.


Google’s big new location data change is a new, duplicate data store that will live exclusively on your device. Google’s new blog post says data for the long-running Google Maps Timeline feature will now “be saved right on your device—giving you even more control over your data.”


Cloud-based Location History will still exist and still be collected. Instead of the additional security of encrypted on-device storage, this is less secure since your data will now be in two places, or maybe multiple places, if you have multiple devices.


Update (2023-12-21): Ron Amadeo:

Google seems to be saying that Location History and Google Maps Timeline are always the same dataset and are never different. One is in the cloud, and one is going to be stored on your phone. It says that Google Maps timeline is “a visualization of your Location History data,” and that deletes in the Maps Timeline will delete data in Location History. The key thing this post got wrong is assuming that two location features—“Maps Timeline” and “Location History”—with different names and different controls in different locations, are different. Google says they are not.


The other issue I didn’t catch is that “Maps Activity” can be a pinpoint location, but it’s not necessarily a visit to that location. Instead, it could be something like a search for that location, so it’s not technically “location” data since it’s not positional.

John Gruber:

The reason these overly broad geofence warrants “almost always” were specific to Google is that Apple never collected location data that could be collected in the aggregate like this.

See also: Hacker News.

Update (2024-01-03): See also: Bruce Schneier.

Thursday, December 14, 2023

Standard Ebooks

Standard Ebooks (via Jason Kottke):

Standard Ebooks is a volunteer-driven project that produces new editions of public domain ebooks that are lovingly formatted, open source, free of U.S. copyright restrictions, and free of cost.

Ebook projects like Project Gutenberg transcribe ebooks and make them available for the widest number of reading devices. Standard Ebooks takes ebooks from sources like Project Gutenberg, formats and typesets them using a carefully designed and professional-grade style manual, fully proofreads and corrects them, and then builds them to create a new edition that takes advantage of state-of-the-art ereader and browser technology.

Google Reneges on Unlimited Storage and on Read-Only Preservation

Mike Masnick (Hacker News):

We’ve written a few times about independent journalist Tim Burke. Earlier this year, the FBI raided his house and seized all of his electronic devices after he had obtained and published some leaked video footage from Fox News. As we noted, this seemed like a pretty big 1st Amendment issue. Burke is also facing bogus CFAA charges because he was able to access the footage by using publicly accessible URLs to obtain the content.

But, with all of his devices seized, Burke at least still had Google Cloud to keep all of the massive troves of (mostly video) data he’s collected over the last few years of reporting. Burke said he paid Google “a lot of money for a long time” for an “unlimited” cloud storage account. This was a plan that was offered to Google “Enterprise” Workspace customers for a while. However, in the last year or so, they simply phased out that plan, which really sucked for those who had a ton of data.


[They] told those who had formerly used a ton of storage on their unlimited plan, that their account would go into “read-only” mode and they wouldn’t be allowed to upload any more data. Tim Burke and his 237.22 TB of video files were among those put into read only mode, which he assumed meant that, at least, that content would be kept safe (hopefully until he could get the feds to return all of his computer equipment).

Instead, over the weekend, Google reached out to say that since he’s using too much storage, they’re going to delete his entire account in seven days (later this week).

That doesn’t even seem like enough time to download all of the data, even if he had the equipment to do so.

Nick Heer:

Blaming people for not having local copies of everything is such a lazy slight. Google markets Drive as a “secure place” to “use less of your PC/Mac disk space” by keeping files only in the cloud. After all, is that not the point of cloud storage? The software encourages us to go beyond just synchronizing our files between computers and entrust it as an extension of our local storage, so of course people are generally going to treat it as just another disk.


If you search the web or Google’s forums, you will find other stories of users consuming large amounts of Google Drive space suddenly being told they must delete files. It is an unfair bait-and-switch. These are certainly a minority of users and are extreme in their data requirements, but it seems impossible that Google would not consider that this would happen — that is to say Google did, in all likelihood, recognize that some people would take up dozens of terabytes of cloud storage when offered the opportunity, and the company either did not have a plan or, worse, its plan was to shut off unlimited access and tell people to delete stuff.

One can be forgiven for trusting what Google said, especially when paying for an enterprise plan. This sounds very different from the consumer-oriented Amazon Cloud Drive. But I think people need to learn that no unlimited plan is actually unlimited. The real crime here is that Google didn’t provide reasonable notice that it was reneging the second time.


Proton Drive for Mac

Tim Hardwick:

Swiss-based privacy startup Proton today announced the availability of its end-to-end encrypted cloud storage service for Mac users with the launch of its macOS app.

Proton Drive lets users sync files between Mac and the cloud, access files offline, and free up space on local drives. Unlike iCloud, all data (including metadata) is end-to-end encrypted by default, so that no-one – not even Proton – can see the files.

Richie Koch:

The main issue with Google Drive is it does a good job preventing external attackers from gaining unauthorized access to your files, but security should also mean that no one besides you and those you’ve shared a file with can access it. As this article explains, Google always retains access to your files and can share them with third parties, like law enforcement, at any time without your knowledge.


By using Google Drive, you give Google permission to scan and potentially remove your personal files at any time.


Google also uses this access to your data to train AI services, like its spell check and autocomplete features. There is no way to opt out of having your personal data used to develop these services, although Google says it anonymizes data before using it.


iCloud Drive in Sonoma: FileProvider and Eviction

Howard Oakley:

Prior to Sonoma, one of the features in iCloud Drive that hasn’t behaved as documented is Optimise Mac Storage. This has changed in Sonoma, as it now effectively switches between two different types of file provider: a replicated file provider, which syncs between local and remote copies of all files put in the cloud, and a nonreplicated file provider, which hosts and manages files that can be stored locally or whose data may only exist in the cloud.


It’s essential to remember that, in the new iCloud Drive, changing Optimise Mac Storage results in a major change in behaviour, and as far as FileProvider is concerned, it effectively switches between two different versions of iCloud Drive.


Update (2023-12-29): Howard Oakley:

None of this guarantees that iCloud Drive won’t sulk when it should be syncing, and plenty have suffered traumatic conversions to this new FileProvider architecture. But experience so far is encouraging. Most importantly for us, it puts Apple’s service on a par with other cloud services. If they’re affected by problems in the FileProvider mechanism, then Apple has great incentive to fix them, as they’ll most probably also affect its own service. And what could have been considered unfair advantages of iCloud Drive are removed, integrating all cloud services with similar benefits in macOS.

In the longer term, it could open up some cloud services that haven’t yet been fully realised on Macs, such as backup to the cloud, a feature conspicuously absent from iCloud even though it was provided in Apple’s older services such as .Mac way back in July 2002.

Wednesday, December 13, 2023

VMware Transition to Subscriptions

VMware (via Hacker News):

Broadcom’s close of the VMware acquisition has brought together two engineering-first, innovation-centric teams to help build the world's leading infrastructure technology company.


VMware has been on a journey to simplify its portfolio and transition from a perpetual to a subscription model to better serve customers with continuous innovation, faster time to value, and predictable investments.


Complete the transition of all VMware by Broadcom solutions to subscription licenses, with the end of sale of perpetual licenses, Support and Subscription (SnS) renewals for perpetual offerings, and hybrid purchase program/subscription purchase program (HPP/SPP) credits beginning today (effective dates will vary).

It says “all” solutions, but at least for now VMware Fusion is still available as a perpetual license.


Update (2023-12-19): Scharon Harding:

Broadcom is looking to grow VMware’s EBITDA (earnings before interest, taxes, depreciation, and amortization) from about $4.7 billion to about $8.5 billion in three years, largely through shifting the company’s business model to subscriptions, Tom Krause, president of the Broadcom Software Group, said during a December 7 earnings call, per Forbes.


Additionally, Broadcom’s layoffs of at least 2,837 VMware employees have brought uncertainty to the VMware brand. A CRN report in late November pointed to VMware partners hearing customer concern about potential price raises and a lack of support. C.R. Howdyshell, CEO of Advizex, which reportedly made $30 million in VMware-tied revenue in 2022, told the publication that partners and customers were experiencing “significant concern and chaos” around VMware sales. Another channel partner noted to CRN the layoff of a close VMware sales contact.

Via Rui Carmo:

Ah, the typical Broadcom acquisition playbook: lay off staff, drive up revenue as much as possible, and then maybe, if things hold out, not kill off all the product lines. Kind of sad to see VMware being milked like this, but virtualization has become a commodity market.

This licensing and support cutoff move is going to seriously annoy a lot of people who have built their entire IT (and hosting) landscape atop VMware, and I’m betting that many major customers (and partners) were caught completely by surprise and are now scrambling to figure out what to do.

Update (2024-02-28): Rui Carmo:

The amount of aggravation Broadcom has been causing VMware customers and parters is certain to become the stuff of legend in IT circles–Since getting wind of this I have been personally involved in at least three instances of major customers (one of them a sizable European hosting company) setting some hard dates for cutoff to another solution (either on premises or in the cloud), and smaller shops are already deploying KVM or Hyper-V in multiple shapes and forms.

Update (2024-03-17): Scharon Harding (Hacker News):

Broadcom CEO and President Hock Tan has acknowledged the discomfort VMware customers and partners have experienced after the sweeping changes that Broadcom has instituted since it acquired the virtualization company 114 days ago.

In a blog post Thursday, Tan noted that Broadcom spent 18 months evaluating and buying VMware. He said that while there’s still a lot of work to do, the company has made “substantial progress.”

Why Is Bluetooth Sound Quality Bad on My Mac?

Daniel Gonzalez Reina (via Hacker News):

On the one hand you have that Macs will use a HFP when the microphone is in use, and on the other you have that HFP use audio codecs which prioritizes low latency over audio quality. Therefore,

☠️ Using the Bluetooth headset’s microphone will make your Mac sacrifice audio quality to improve latency

Then, your headphones might have 10 year old codecs, which will need to really lower the quality of the sound to get decent latency.

ToothFairy can help you get around this problem. If you enable the Improve sound quality by disabling audio input from device option, when you connect your headphones it will automatically switch the Mac’s sound input back to the internal microphone (or whichever microphone you had been using) so that the headphones can use a high-quality codec for sound output.

Xcode 15.1

Apple (downloads):

Xcode 15.1 includes SDKs for iOS 17.2, iPadOS 17.2, tvOS 17.2, watchOS 10.2, and macOS Sonoma 14.2. The Xcode 15.1 release supports on-device debugging in iOS 12 and later, tvOS 12 and later, and watchOS 4 and later. Xcode 15.1 requires a Mac running macOS Ventura 13.5 or later.

Robin Kunde:

There’s a bug in Xcode 15 that prevents apps from running on macOS versions older than 13. There’s another bug doing the same thing for 10.13 and older. You can’t use Xcode 14 on Sonoma, so good luck getting out working builds! No urgency getting a fix out.

It looks like these are finally fixed. I have a few more things to check, but it seems I’ll now be able to update my main Mac to Sonoma.

It sounds like it also fixes this CPU use issue with the iOS Simulator (via Jon Reid).

Christian Beer:

TIL: in Xcode 15 you can press right-arrow-key in suggestions to just use select options[…]

Brad Miller:

Xcode’s autocomplete could really use an option to use line breaks if a function has more than N parameters to it.


Update (2024-01-03): ShikiSuen:

I am using Xcode 15.1 to compile my project against macOS 13.1 SDK (targeting macOS 10.9). The compiled app ridiculously asks for SwiftUI support on macOS 10.9 and macOS 10.13.6.

Epic Wins Antitrust Case With Google

Kyle Orland:

The jury unanimously answered “yes” to all 11 questions on the verdict form, indicating that Epic had proven those monopolies existed in every worldwide market except for China. Google “engaged in anticompetitive conduct” to establish or maintain the monopoly and illegally tied the Google Play store to the use of Google Play billing, according to the verdict. The jury also agreed with Epic’s arguments that programs like “Project Hug” and agreements signed with Android phone OEMs represented an “unreasonable restraint on trade,” harming Epic in the process.

With the verdict set, US District Judge James Donato will hold hearings next month to determine the best way to remedy Google’s anticompetitive monopoly power. During the trial, Epic did not ask for monetary damages but asked that it and other developers be able to introduce their own Android app stores and use their own billing systems on Android devices “without restriction.”

Sean Hollister (via Hacker News):

It’s a historic victory, particularly because Epic mostly lost its fight against Apple two years ago when Judge Yvonne Gonzalez Rogers decided that fight had nothing to do with apps.

But Epic v. Google turned out to be a very different case. It hinged on secret revenue sharing deals between Google, smartphone makers, and big game developers, ones that Google execs internally believed were designed to keep rival app stores down. It showed that Google was running scared of Epic specifically. And it was all decided by a jury, unlike the Apple ruling.

Ben Thompson:

Lots of folks are surprised that Epic beat Google but not Apple, except for Stratechery readers.

Chance Miller:

“The big difference between Apple and Google is Apple didn’t write anything down. And because they’re a big vertically integrated monopoly, they don’t do deals with developers and carriers to shut down competition, they just simply block at the technical level,” Sweeney explained.

And have you ever tried to find anything in iMessage?

Epic Games (Hacker News):

Over the course of the trial we saw evidence that Google was willing to pay billions of dollars to stifle alternative app stores by paying developers to abandon their own store efforts and direct distribution plans, and offering highly lucrative agreements with device manufacturers in exchange for excluding competing app stores.

These deals were meant to cement Google’s dominance as the only app store in town - and it worked. More than 95% of apps are distributed through the Play Store on Android.

Google imposes a 30% tax on developers simply because they have prevented any viable competitors from emerging to offer better deals. And Google executives acknowledged in Court that their offer of a 26% rate on third party payment options is a fake choice for developers.

Tim Hardwick:

Google said it would appeal. “We will continue to defend the Android business model and remain deeply committed to our users, partners and the broader Android ecosystem,” said Wilson White, vice-president of government affairs and public policy at Google.


The Supreme Court will decide in the coming months whether it will hear either or both of Epic’s and Apple’s appeals, but if it does not take up either petition, the previous rulings will stand.

See also: Damien Petrilli.

John Gruber:

[We] have no idea what this will actually mean in practice. I’m still not quite sure what Epic even wants. Android already supports third-party app stores, and Epic already runs one. I think one thing Epic wants is to force Google to allow third-party app stores to be installed without any sort of warnings or friction, which would be a disaster for device security. […] The other thing Epic wants is to be able to use its own payment processing for apps distributed through the Play Store and Apple’s App Store.

Tim Sweeney (Hacker News):

I’d suspected a lot of the practices that Google had, you know, since 2018 or so when we first started this, to such an extent that some folks would occasionally call me a conspiracy theorist. It was really, really interesting to see that my understandings of what Google was doing behind the scenes were actually true — you’re leaking our conversations to reporters to get negative stories written about us; you’re paying other developers off to convince them not to launch their own stores; they were going around and paying carriers and OEMs secretly not to carry competing stores.

And when we tried to bundle Fortnite with other smartphone manufacturers like OnePlus and carriers of all sorts, they told us they couldn’t do a deal because Google had done a secret deal with them.

It was really disconcerting to see the extent of bad faith efforts that were going on in a company of Google’s size. You’d think a trillion-dollar company would develop to the point where they have pretty respectable processes and leadership structures that provide a check and balance against wrongdoing, but they were rampantly destroying all their chats on these topics.


The most interesting thing to me in this case is Epic refusing Google’s $150 million ‘offer’, and instead relying on the courts. Epic could have accepted that offer with zero risk, and been all the better off for it, with zero risk. Of course everybody else would be left behind. But by going all the way, and refusing the pay off, they instead make a better world for everybody.


Update (2023-12-22): Matt Stoller:

That said, Google is likely to be in trouble now, because it is facing multiple antitrust cases, and these kinds of decisions have a bandwagon effect. The precedent is set, in every case going forward the firm will now be seen as presumed guilty, since a jury found Google has violated antitrust laws. Judges are cautious, and are generally afraid of being the first to make a precedent-setting decision. Now they won’t have to. In fact, judges and juries will now have to find a reason to rule for Google.


Third, tying claims, which is a specific antitrust violation, are good law. Tying means forcing someone to buy an unrelated product in order to access the actual product they want to buy. The specific legal claim here was about how Google forced firms relying on its Google Play app store to also use its Google Play billing service, which charges an inflated price of 30% of the price of an app. Tying is pervasive throughout the economy, so you can expect more suits along these lines.

And finally, big tech is not above the law. This loss isn’t just the first antitrust failure for Google, it’s the first antitrust loss for any big tech firm. I hear a lot from skeptics that the fix is in, that the powerful will always win, that justice in our system is a mirage. But that just isn’t true. A jury of our peers just made that clear.

Tuesday, December 12, 2023

macOS 14.2

Juli Clover (release notes, security, developer, full installer, IPSW):

macOS Sonoma 14.2 introduces an Enhanced AutoFill feature for PDFs, which Apple announced earlier this year. It automatically identifies common fields like name and address, allowing them to be autofilled similar to a website.

In the Messages app, stickers can be added directly to chat bubbles with a tapback reply feature, and the catch-up arrow now jumps to the first unread message in a conversation. There are new Weather and Clock widgets, and a favorite songs playlist in Apple Music.

There are no longer separate builds for M3 Macs. It does not include the Journal app that was introduced in iOS 17.2.

See also: Howard Oakley, Mr. Macintosh.


Update (2023-12-19): Howard Oakley:

Rather than trying to catalogue every codewart and cause for infuriation, this article attempts to identify bugs in macOS that are real showstoppers.


However, there are two reproducible memory leaks in user space, both affecting the Finder, and possibly arising from the same underlying bug. One affects Finder Icon views, the other Gallery views. As there are only four different Finder Views, and those are the two used to browse QuickLook thumbnails, these combine to impose serious limitations on the usefulness of the Finder in macOS 14.2.


I’m grateful to Adam Engst for pointing out a reproducible crash when trying to print lists in the Contacts app. This is described in detail here, and still hasn’t been fixed in Sonoma 14.2.

Matthias Gansrigler:

We have macOS 14.2 now, and that bug that’s been around since macOS 14.0, where screencapture won’t add any dpi info to the files it creates, is still around.

Update (2023-12-21): Howard Oakley (tweet):

Over the last month or so, we have been looking at what appear to be large memory leaks in the Finder, specifically in its Icon and Gallery views. While I still await responses to my two Feedback reports detailing these, Neal has received a response to his earlier report, stating that this is intentional behaviour. This article considers the implications of that response:

We believe this behavior is as designed, and is not a memory leak or abandoned memory. Instead, we expect we are caching the (large) thumbnails for the items selected in gallery view. We purge such cached thumbnails from memory periodically if they haven’t been used in the last two or three days, and we also perform more aggressive purges if the system is under memory pressure.


Memory is a resource shared between all processes. What if other apps decided that they too would pursue aggressive caching policies as the Finder does?

I don’t think this approach scales. As he says, letting the user choose the maximum cache size is a sensible approach that some other apps use, though I can’t imagine Apple adding such a setting. To me the question is why the thumbnail caching is done in RAM instead of on disk, as photo apps, including Apple’s, do. Is this a privacy issue because the content might be coming from an encrypted volume?

Update (2024-01-23): Mario Guzmán:

macOS 14.2 brings back the way you can peek into a collapsed sidebar that uses NSSplitViewController.

You just need to move your cursor close to a collapsed split view item and wait a second.

macOS 13.6.3 and macOS 12.7.2

Apple (full installer):

This document describes the security content of macOS Ventura 13.6.3.

Apple (full installer):

This document describes the security content of macOS Monterey 12.7.2.


Apple Launches Journal App


Journal, a new iPhone app available today, helps users reflect and practice gratitude through journaling, which has been shown to improve wellbeing. With Journal, users can capture and write about everyday moments and special events in their lives, and include photos, videos, audio recordings, locations, and more to create rich memories. On-device machine learning provides private, personalized suggestions to inspire journal entries, and customizable notifications help users develop their writing habits. With the new Journaling Suggestions API, third-party journaling apps can also suggest moments for users to write about. Journal and the Journaling Suggestions API are available with the release of iOS 17.2.

Stephen Hackett:

There’s no iPad or Mac version yet, which some may find frustrating. However, given all the suggested content stuff that the app is doing, Apple may not be ready to ship it on more than one device.

The version that is out now for the iPhone is very basic, without any import or export functionality[…]

I don’t think any app should ship without export functionality.

Dan Moren:

Though Apple may have great hopes for its new Journal app, I think it unlikely that it will transform the average person into an avid journal-keeper if they aren’t already. And, frankly, if they already are, I’m not sure Apple’s Journal app is going to sway those folks from their current journal of choice.


But to set itself apart, Apple is applying the secret sauce—the fact that it is the platform owner and can leverage data that no third-party developer would ever have access to.


As I looked back over the entries that I’d made, I came to the conclusion that Apple has kind of done this feature already—and arguably better—in the Photos app. Journaling Suggestions seem to use the same algorithm that Photo’s Memories do, looking at pictures and videos taken within a certain time period or at a certain location, and grouping them together with a theme. (And, indeed, Memories are even surfaced within the app’s suggestions at times.) But Photos does this automatically, presenting memories as a fait accompli for you to revisit, rather than waiting for users to actively go in and manually create them.


In the end, Journal feels a bit like Apple applied its trademark fixation on privacy to social networking: it’s a social network of one person, for one person.

I will continue to use BBEdit.

Ryan Jones:

Sadly, @FlightyApp will not add your travel to Apple Journal.

The API is only for reading suggestions from Journal. 😔


Update (2023-12-19): Niléane:

Design-wise, the Journal app is simply beautiful. It doesn’t look like any other built-in iOS apps, but it doesn’t feel too alien either.


While it is possible to highlight text to format it to bold, italic, or underlined, it is impossible to manually insert a link. If you paste a URL, it cannot be tapped to open in Safari.


Weirdly enough, though, there is no way to view an entry in a standalone view. Nothing happens if you tap an entry. Instead, you tap items that are contained within an entry — which will expand them to a full-screen view. This means the only way to read your journal is to scroll through the main view of the app.


Unfortunately, in its current state, I don’t think this UI will scale well as you keep using it over months and years. You can filter entries by content type — or only display bookmarked entries, but that’s it. There are no tags, no folders, no compact view, and no way to browse by date.

Nor is there search.

Although developers cannot contribute to suggestions populated by the appropriately named Journaling Suggestions API[…]

iOS 17.2 and iPadOS 17.2

Juli Clover (release notes, security, developer):

The iOS 17.2 update includes the new Journal app, which is designed to allow iOS users to record key moments in their lives. The Journal app includes journaling suggestions, scheduled notifications, and options for adding photos, locations, and more.

For the iPhone 15 Pro models, iOS 17.2 adds a Translate option for the Action Button, which activates the Translate app for conversing with someone in another language. There’s also now an option to record spatial video that will be viewable on the Apple Vision Pro headset in 3D.

In the Messages app, there’s a catch-up arrow for jumping to the first unread message in a conversation, and an option to add stickers to chat bubbles through the tapback menu. There are new Weather and Clock widgets, support for accessing Health data through Siri, a Favorite Songs playlist in Apple Music , and more.

Federico Viticci:

The [Weather] app now shows precipitation amounts for rain and snow conditions for any given day over the next 10 days; there’s a wind map snapshot to see wind patterns for the next 24 hours[…]

Chance Miller (MacRumors):

As we’ve covered extensively, support for collaborative playlists in Apple Music was initially included in the early iOS 17.2 betas. Apple ended up removing the feature due to concerns about spam and abuse. Its website now says that the feature won’t make a return until 2024.

Meanwhile, Apple also says that iOS 17’s AirPlay in hotel rooms feature has also been pushed to 2024, missing Apple’s initial deadline of before the end of this year.

Thomas Ricouard:

Some new SwiftUI features look interesting, like the _logChanges, which is an upgrade over _printChanges. It is very useful to understand why a view body gets computed!


Update (2023-12-19): Jeff Johnson:

I’ve noticed that it has started to show the wrong Safari extension icons in some places for some extensions.


For some bizarre reason, iOS 17.2 has started to substitute the toolbar icon for the app icon in some cases, for example in the Safari Manage Extensions popup.

watchOS 10.2

Juli Clover (release notes, security, developer):

The watchOS 10.2 update adds support for using Siri to access and record data in the Health app on the Apple Watch Series 9 and the Apple Watch Ultra 2. Users can ask Siri questions like “How did I sleep last night?” or “How many steps have I taken this week?”

Health data can be added to the Health app through Siri as well with statements like “My weight is 195.3 pounds,” or “I’ve taken my 6:00 p.m. medications.” This is functionality that Apple announced with the launch of the newest Apple Watch models, and it is limited to these devices as they are the only Apple Watches that support on-device Siri processing.

watchOS 10.2 also reintroduces an option to swipe to change the Apple Watch face, a feature that was removed in watchOS 10 and has been missed by some.


Users can also ask Siri to log:


  • “I took my 8 a.m. medications.”
  • “Log that I took my multivitamin.”
  • “I weigh 167 pounds.”
  • “My period started today.”
  • “Log that I have spotting today.”
  • “My blood sugar is 122.”
  • “Record my blood pressure as 118 over 76.”
  • “Log my body temperature as 98.3 degrees.”

Rui Carmo:

Maybe it’s Apple “moving my cheese” again or just a result of actual user feedback, but the three daily annoyances I have since upgrading were likely avoidable:

  • Changing the operation and contextual meaning of the crown and side button (it feels like change for the sake of change).
  • Changing the springboard/app launcher into a scrollable list (I relied on groupings of things and quick tapping to access often-used apps, and I had to spend a good while re-arranging them to both be on top of the list and still make logical sense).
  • Noticeably impacted battery life on my Series 5. I was starting to wake up to the watch telling me it had less than 10% charge, but now I get that warning before going to bed.

The battery issue was probably fixed in the previous release.


Update (2023-12-19): Stephen Darlington:

The battery issue was not resolved in the previous version. I have a Series 4 and if I go on a thirty minute run, I have to add some charge to make it to bed time. No such problem with watchOS 9. (The battery has been replaced, but is surely a factor. However, there was a marked drop after I installed watchOS 10.)

audioOS 17.2

Juli Clover:

Apple does not specify what’s included in the HomePod 17.2 software, and the generic release notes only say that it includes bug fixes and performance improvements.

All I know is that it’s 2.6 GB, took a really long time to install, and doesn’t fix the bug with not being able to play music that I bought from the iTunes Store.


tvOS 17.2

Apple (MacRumors):

Today Apple unveiled a redesigned Apple TV app that makes it even easier for users to watch Apple’s award-winning original series and films, as well as live sports, movies, and television shows across their favorite Apple devices, smart TVs, streaming sticks, gaming consoles, and more. The simplified interface’s new sidebar allows users to quickly navigate the app, providing easy access to Apple TV+, home of Apple Original series and films; MLS Season Pass, home of Major League Soccer; Store, where users can buy and rent popular movies; and shortcuts to channels and apps viewers already have, such as Disney+, Paramount+, and Max.


Also starting today, the iTunes Store app on iPhone and iPad, and the iTunes Movies and iTunes TV Shows apps on Apple TV 4K and Apple TV HD, will redirect users to the Apple TV app, where they can find their existing purchases and watch all of their favorite TV shows and movies in one place.

Juli Clover:

Attempting to access the TV Shows and Movies sections in the app directs users to the Apple TV app instead. “iTunes Movies and Your Purchases Have Moved,” reads the app’s message. “You can buy or rent movies and find your purchases in the Apple TV app.”

During the beta testing process, the iTunes Store app continued to offer access to TV shows and movies, so this is a change that Apple made to its servers. With this update, Apple says in a support document that it is no longer possible to gift movies or TV shows on an iPhone running iOS 17.2 or later, on an iPad running iPadOS 17.2 or later, or on an Apple TV running tvOS 17.2 or later.

Mike Rockwell:

On the rare occasion when I want to watch purchased content before I have a chance to process it, though, I always use the TV Shows and Movies apps. It’s just a much nicer experience without having to trudge through all of the Apple TV+ promotion.


Monday, December 11, 2023

Apple Blocks Beeper Mini

John Gruber:

I installed Beeper Mini on my Pixel 4, and it worked like a charm. In addition to working seamlessly — including support for group chats, tapbacks (albeit substituting animated emoji in place of Apple’s monochromatic badges), undoing sent messages, and editing recent messages — it’s just a really nice chat app. It looks a lot like what I’d imagine an official iMessages Android client from Apple would look like. Just like with an iPhone, Beeper Mini even worked without requiring you to sign in to an iCloud account. Beeper Mini reverse-engineered the way that Apple creates a new implicit iMessage account based on your phone number, via a one-time exchange of keys sent through SMS. But, if you wanted to use your existing iCloud account with Beeper Mini, you were able to sign in — which, unlike Beeper Cloud, worked with an app-specific password. When I tried Beeper Mini, I used a secondary iCloud account that I use for testing and product reviews, but even with that account, I would not have signed in if Beeper Mini didn’t support app-specific passwords.

Migicovsky told The Verge and Nelson that Beeper believed Apple would be unable to cut off their technique without also breaking iMessage for a significant number of iMessage users on actual Apple devices. I found that hard to believe, given that part of Beeper’s technique involves masquerading as a legitimate Apple device, re-using device identifiers.

Ben Schoon:

Many reports across Reddit and other platforms confirm that Beeper Mini is currently unable to send or receive messages for many users. Some also report that Apple ID sign-in is currently not working if the app is re-installed or activated on a new device.

Sarah Perez (Hacker News, MacRumors):

However, Beeper CEO Eric Migicovsky responded to TechCrunch’s inquiry about Beeper Mini’s status by pointing us to the X post acknowledging the outage, and providing more detail. Asked if possibly Apple found a way to cut off Beeper Mini’s ability to function, he replied, “Yes, all data indicates that.”


In a statement shared with press, Apple said:

“At Apple, we build our products and services with industry-leading privacy and security technologies designed to give users control of their data and keep personal information safe. We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage. These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks. We will continue to make updates in the future to protect our users.”

The company said that it’s unable to verify that messages sent through unauthorized maintain end-to-end encryption.

Chris Welch:

The belief — or I suppose the hope — among Beeper’s developers and users was that it would be such an ordeal for Apple to block the Android app that doing so wouldn’t be worth the hassle. Apparently, it was easier than anyone expected.


Reached for comment, Beeper CEO Eric Migicovsky did not deny that Apple has successfully blocked Beeper Mini. “If it’s Apple, then I think the biggest question is… if Apple truly cares about the privacy and security of their own iPhone users, why would they stop a service that enables their own users to now send encrypted messages to Android users, rather than using unsecure SMS? With their announcement of RCS support, it’s clear that Apple knows they have a gaping hole here. Beeper Mini is here today and works great. Why force iPhone users back to sending unencrypted SMS when they chat with friends on Android?”

David Pierce (Hacker News):

When I ask Migicovsky if he’s prepared to do battle with Apple’s security team for the foreseeable future, he says that the fact that Beeper Cloud is still working is a signal that Apple can’t or won’t keep it out forever. (He also says Beeper’s team has some ideas left for Beeper Mini.) Beyond that, he hopes the court of public opinion will eventually convince Apple to play nice anyway. “What we’ve built is good for the world,” he says. “It’s something we can almost all agree should exist.”

Malcolm Owen:

In posts to X first reported by Engadget, Beeper is working on a fix that is “still in the works.” The fix itself is apparently “very close, and just a matter of a bit more time and effort.”

Beeper says that it has deregistered phone numbers of users from iMessage so they can still receive text messages, albeit as a dreaded green speech bubble to iOS users. However, as the iPhone messages app “remembers” the blue bubble status for between 6 hours and 24 hours before returning to SMS, Beeper warns “it’s possible that some messages will not be delivered during this period.”

John Gruber:

What I meant by it being “untenable” for Apple to look the other way at Beeper Mini wasn’t that Beeper made legitimate use of iMessage insecure. That’s part of the point of end-to-end encryption. But it was untenable perception-wise for Apple to allow unauthorized client software on a messaging platform heralded first and foremost for its privacy and security. Apple had even lost control over new account signups.


Again, I wish Apple would release an iMessage client for Android. (But what I really wish is that they’d done so a decade ago, before current platforms had gotten so entrenched, country-by-country around the world.) But I don’t buy the argument that Apple is under any sort of ethical obligation to do so.

The bottom line is that it would be better for Apple’s customers if they could use iMessage everywhere, but (Apple thinks) it would be better for Apple to keep it exclusive.

My own experience is, I guess, an outlier, but I’ve had such terrible problems with messages not being delivered and with the app itself that I often wish iMessage would just go away.

Nick Heer:

I am not falling for Migicovsky’s play-dumb act here and, I am certain, neither are you.


There are plenty of end-to-end encrypted messaging apps available for iOS and Android, like Signal and WhatsApp, so the premise that “iPhone users can’t talk to Android users except through unencrypted messages” is also complete nonsense.

The issue is that, at least in the U.S., iMessage is dominant, and there’s no way to get everyone you communicate with to switch to something else. Practically speaking, it’s as if the alternatives don’t exist.

Eric Migicovsky and Brad Murray (via Hacker News, MacRumors):

We’ve created an updated version of Beeper Mini that fixes an issue that caused messages not to be sent or received.

I wonder how long this arms race will last.

We’ve made Beeper free to use. Things have been a bit chaotic, and we’re not comfortable subjecting paying users to this. As soon as things stabilize (we hope they will), we’ll look at turning on subscriptions again.


We—of course—expected a response. What we didn’t expect was 1984-esque doublespeak. The statement is complete FUD. Beeper Mini made communication between Android and iPhone users more secure. That is a fact.

More secure both because the messages were encrypted and because Beeper prompted Apple to fix some latent bugs.

Many people have asked, ‘why don’t people just use Signal or WhatsApp?’. The answer is that Messages App is the default chat app for all iPhone customers. Not only is it the default, iOS makes it impossible to change the default chat app.

I am, of course, in favor of being able to change the default chat app, but I doubt that would make much difference.


Update (2023-12-22): John Gruber:

In other words, what remains broken is the implicit creation of an iMessage account based on the cellular phone number of your device. I described this process in broad terms in a footnote on my column yesterday. It’s a magically-invisible-to-the-user process that’s been part of iMessage since it first debuted as an iOS-only feature in iOS 5.


If Android SMS users were interested in installing a third-party app to enable better cross-platform messaging, wouldn’t they be suggesting to their iPhone-using friends and family that they be the ones who install WhatsApp or Signal or something?


It is true that Apple does not allow third-party apps to handle anything related to your cellular account. So cellular phone calls only go through the built-in Phone app, and SMS messages only go through the Messages app. Messages isn’t merely the default handler for SMS, it’s the only handler for SMS. But there is no default for “chat”.

Adam Demasi:

I really commend JJTech and Eric for taking on iMessage with a serious and privacy-conscious implementation, but Beeper Mini’s implementation of iMessage seemed problematic to me from the outset for two reasons:

The iMessage protocol is well-documented, and has been pretty much since it was introduced in 2011. The challenge with iMessage has never been on the side of actually sending and receiving messages - the challenge is authenticating a user to their Apple ID, so they can even send or receive a message at all.


I hope they have more tricks up their sleeve, because it would be a shame to let 3 days of iMessage utopia be the end of it. But if you’re ever curious why nobody has successfully brought down the walled garden of iMessage/FaceTime in any way that doesn’t involve keeping a Mac always running at home or giving up your privacy to a 3rd-party (like Nothing and Sunbird’s security disaster of an app), this is why. It’s designed to be as close to impossible as it can possibly be. It frustrates me even as an iPhone user, because I feel iMessage becoming ubiquitous on Android will have an effect on how much the public (including the biggest Apple fans) believe Apple’s “but privacy!” excuses, but this is still the reality of the situation.

Jay Peters (Slashdot):

Here we go again: After investigating reports that some users aren’t getting iMessages on Beeper Mini and Beeper Cloud, Beeper says that Apple seems to be “deliberately blocking” iMessages from being delivered to about five percent of Beeper Mini users. The company says that uninstalling and reinstalling the app fixes the issue and that it’s working on a broader fix (though that apparently won’t be in place tonight).

Kevin Purdy (Hacker News, MacRumors):

That kind of grievance is why, after Apple on Wednesday appeared to have blocked what Beeper described as “~5% of Beeper Mini users” from accessing iMessages, both co-founder Eric Migicovksy and the app told users they understood if people wanted out. The app had already suspended its plans to charge customers $1.99 per month, following the first major outage. But this was something more about “how ridiculously annoying this uncertainty is for our users,” Migicovsky posted.


Where Have the Network Tools Gone?

Howard Oakley:

When writing about network tools available in macOS just eight years ago, I identified three GUI apps:

  • Network Utility, tucked away in /System/Library/CoreServices/Applications,
  • Wireless Diagnostics, accessed via the WiFi menu,
  • Network Diagnostics, hidden in /System/Library/CoreServices.

It seems strange that of those three, only one has survived into Sonoma.


In Apple’s current support documents, there appears to be no mention of diagnosing network problems except those for WiFi, although Apple sells three models with Ethernet ports fitted as standard (Mac mini, Mac Studio and Mac Pro).

I don’t know why Apple wants us to go back to using command-line tools.

Howard Oakley:

Much of network diagnosis could also be automated, rather than relegated to the command line. Those users who currently struggle to work out why Safari isn’t able to connect to a website could initiate a series of checks, delivering a list of suggestions as to what to try next.

In other areas, adding a layer of simplicity over generic tools like Console can go a long way to revealing the cause of errors that currently only get recorded in the log.


For the first 17 years of the Mac there was no Terminal, and people bought Apple’s products on the strength of their human interface. If a feature is worth building into macOS, then that alone justifies providing an accessible means of using it.


WhatsApp Supports Photos and Video in Original Quality

Tim Hardwick:

WhatsApp is rolling out a new option that lets users on iPhone share photos and video over the messaging platform in their original quality.


WhatsApp’s latest feature avoids compression altogether by allowing photos and video to be shared as files, thereby preserving their original quality.

Being able to send full-quality media is one of the primary reasons to use iMessage. However, unfortunately, sharing a video from iOS will sometimes resize and re-encode it, reducing the quality. To send a full-quality video, I find that I have to attach it as a file from my Mac.


Opening URLs in Private Safari Windows

Jeff Johnson:

The problem with using both private and public windows is that when I open a URL in Safari from another app, such as Mail app, or such as my own Link Unshortener, which I use as my default web browser, I can’t control where exactly the URL opens. If the frontmost Safari window happens to be private, then the URL will open in a private window, whereas if the frontmost Safari window happens to be public, then the URL will open in a public window. Even worse, if Safari is running but currently has no windows, then the URL will open in a new public window, ignoring my “Safari opens with” setting!

I’ve come up with a solution to this problem. Actually, two solutions, two new Mac apps, which I’ve named, with great imagination, PrivateWindow and PublicWindow.

I’ve set PrivateWindow as the browser associated with certain logins in PasswordWallet. Among other benefits, this means I can download a financial statement and then “log out” simply by closing the tab.

Jeff Johnson:

Since Apple doesn’t provide any API for this, the apps use AppleScript to automatically click menu items in the Safari File menu in the main menu bar, a primitive but effective method. Or mostly effective. It turns out that this method didn’t support Safari Profiles, which add items to the Safari File menu. The shortcoming has been rectified in version 2.0 of PrivateWindow and PublicWindow.

Apple should add a real AppleScript API so that this sort of thing can be done without GUI scripting. You should be able to directly specify whether a URL should be opened in a private or public window and which profile should be used. Really, it should also be available at the Launch Services level. Currently, there’s a standard way to specify whether an application should open a URL in the background or whether a file should not be added to the recents. Private browsing should be in there, too.

Google Maps in Late 2023

Tim Hardwick:

When users get directions for driving, walking, or cycling, Google Maps now offers a “multidimensional experience” that can be used to preview bike lanes, sidewalks, intersections, and parking along the route, according to Google.

A time slider can be used to see air quality information and how the route looks as the weather changes throughout the day, while AI and historical driving trends simulate how many cars might be on the road at a given time.

Jack Wellborn:

Launching its own mapping service was Apple’s biggest gambit in its war with Google, way more than any lawsuit. The lawsuits were about iPhone verses Android and while many Android device makers did borrow liberally from iPhones and iOS, it turns out Apple’s fight with Google wasn’t really about one phone platform versus the other. It was about platforms versus services, and which one might commoditize the other. Up until Apple Maps, Google had the undeniable upper hand because it was a win-win for them as long as Apple had to use its services. Google would certainly win more if everyone suddenly started using Android, but they still won even if people stuck with iOS.


Google would not be paying billions of dollars annually to be the search default in Safari if Apple needed something equally as important from them. The only thing Apple truly ever needed from Google was mapping data. With its own mapping data, Apple no longer needs anything of significance, and so Google has to pay.

Elizabeth Laraki (via Hacker News):

Last week, the team dramatically changed the map’s visual design.

I don’t love it.

It feels colder, less accurate and less human.


Admittedly, I do think major roads, traffic, and trails stand out more now.

But the colors of water and parks/open spaces blend together.


So much stuff has accumulated on top of the map.

Currently there are ~11 different elements obscuring it[…]

Darren Allan (via Hacker News):

Google Maps now has gray roads like Apple, rather than white or yellow roads as before, and forests are a darker green.


These may not sound like massive changes – and to be fair, they aren’t, they’re essentially tweaks. But they have rubbed a number of users up the wrong way. As Android Authority points out, there’s some quite spicy feedback on the new Google Maps on Reddit, X (formerly Twitter) and other online forums.

John Gruber:

This is a very long way of saying that Google Maps’s app design should be like Apple Maps. In fact, Apple Maps has fewer UI elements obtruding actual map content than she’s proposing for Google Maps.

As I’ve said, I think the app design of Apple Maps is better, but I preferred the map design (colors, labels, decisions of what to shown when) of the old Google Maps. It’s frustrating that Google seems to be copying the wrong things from Apple. The new coloring perhaps looks nicer, but it’s less clear. Google Maps seems to be more aggressive about hiding street names that I want to see. I do still prefer it, especially for navigation, because of the way it draws street labels on the actual streets, instead of as horizontal bubbles that cover other parts of the map. Given that maps are now vectors, rather than pre-rasterized images, why can’t some of these details be configurable?


Google’s Gemini

Casey Newton:

Google this morning announced the rollout of Gemini, its largest and most capable large language model to date. Starting today, the company’s Bard chatbot will be powered by a version of Gemini, and will be available in English in more than 170 countries and territories. Developers and enterprise customers will get access to Gemini via API next week, with a more advanced version set to become available next year.

How good is Gemini? Google says the performance of its most capable model “exceeds current state-of-the-art results on 30 of the 32 widely-used academic benchmarks used in LLM research and development.” Gemini also scored 90.0% on a test known as “Massive Multitask Language Understanding,” or MMLU, which assesses capabilities across 57 subjects including math, physics, history and medicine. It is the first LLM to perform better than human experts on the test, Google said.

Sundar Pichai (Hacker News):

Our first version, Gemini 1.0, is optimized for different sizes: Ultra, Pro and Nano. These are the first models of the Gemini era and the first realization of the vision we had when we formed Google DeepMind earlier this year. This new era of models represents one of the biggest science and engineering efforts we’ve undertaken as a company.

Demis Hassabis:

This promise of a world responsibly empowered by AI continues to drive our work at Google DeepMind. For a long time, we’ve wanted to build a new generation of AI models, inspired by the way people understand and interact with the world. AI that feels less like a smart piece of software and more like something useful and intuitive — an expert helper or assistant.

Today, we’re a step closer to this vision as we introduce Gemini, the most capable and general model we’ve ever built.

Gemini is the result of large-scale collaborative efforts by teams across Google, including our colleagues at Google Research. It was built from the ground up to be multimodal, which means it can generalize and seamlessly understand, operate across and combine different types of information including text, code, audio, image and video.

John Gruber:

Loosely speaking, Gemini Ultra is competing with GPT 4, and Gemini Pro with GPT 3.5. Nano, the on-device model, will first appear on Pixel 8 Pro phones.


It seems like the whole demo ought be considered fraudulent — a fake. What’s wrong with Google as a company that they repeatedly try to pass off concept videos as legitimate demos of actual products?

Nick Heer:

If you read the disclaimer at the beginning of the demo in its most literal sense, Google did not lie, but that does not mean it was fully honest. I do not get the need for trickery. The real story would have undoubtably come to light, if not from an unnamed Google spokesperson, and it undermines how impressive this demo is. And it is remarkable — so why not make the true version part of the story? I do not think I would have found it any less amazing if I had seen a real-time demonstration of the still frame of the video being processed by Gemini with its actual output, and then I saw this simplified version.


Friday, December 8, 2023

Selecting Multiple Tabs in Safari

John Gruber (video):

Just like making multiple selections in a list view, Shift-click will select an entire range at once, and Command-clicking lets you select (and deselect) noncontiguous tabs. […] Once you have multiple tabs selected, you can drag them together to create a new window, or do things like close them all at once.

I had no idea that you could do this, and it apparently works in Firefox, Chrome, and Brave, too. This seems to be new in Safari 17, and I guess it relies on SPI because it doesn’t work in other apps that use the standard NSWindow tabbing.

Gordon Smith:

My use case is to select those tabs I want to save as a group, right click one of those tabs to add them all to a new Tab Group (to keep things neat and tidy).


Unfortunately, it also means you can’t select another tab in an inactive Safari window anymore by command+click. You could even (command+)click a button on a site while the window remained inactive. You can’t have it all…

Mac Menu Bar Icons and the Notch

Jesse Squires (Mastodon):

On my 13” Intel MacBook Pro, the icons reached to about halfway across the screen. On the 14” M3 MacBook Pro, ironically a machine with a larger display, at least 3 icons get hidden.

This “design” (or lack thereof) is so dumb. It is utterly ridiculous to me that this is still how it “works” two years after the introduction of the redesigned MacBook Pro with a notch. How hard could it be to add an overflow menu with a “«” (or should it be “»”?) button that shows the remaining apps and icons that can’t be displayed? This entire situation with the notch is ironic, because the iPhone notch and “dynamic island” are so thoughtfully designed with zero compromises regarding the functionality of iOS. In fact, they actually provide a better user experience. Yet on the Mac, how the notch interacts with macOS is laughably incompetent. It is shockingly lazy regarding attention to detail, and results in an outright disruptive and confusing user experience.

Aside from the problem of the icons being hidden, there’s no API for an app to tell whether its icon is hidden. NSStatusItem.isVisible tells you whether the app or user wants the icon to be visible, but it will return true if the icon is hidden in the notch—or even if it’s hidden behind a menu title.

This has caused problems for me because in Sonoma it’s no longer possible for SpamSieve to add commands to the Message menu in Apple Mail. So SpamSieve instead offers its own menu that’s visible in Mail. If there are too many icons, I want to be able to warn the user so that they can rearrange them or access the functionality in a different way. The best workaround I’ve found is to get the coordinates of the icon and then use a pile of hacks to try to figure out whether it overlaps the notch or a menu title. The menu title positions cannot be accessed without accessibility permissions, so I have to hard-code them for each localization and hope the font metrics don’t change.


I feel a bit sad every time somebody asks me how to recover an icon that “disappeared behind the notch.” I still believe people should not have to download a third-party app to deal with Apple’s hardware and software decisions that lead to the notch and its tendency to swallow menu bar icons. macOS should at least have a way to handle an overflowing menu bar. For this reason alone, Bartender is an essential Mac utility that’s easy to recommend to anyone running a Mac.


Update (2023-12-21): Jesse Squires:

I figured it was worth making a separate post about this specific issue to list all of the workarounds and alternatives. It is clear that this is a widespread problem that users are having.


Reduce the menu bar item spacing and padding via UserDefaults. (Thanks to Oliver Busch for the tip. Also see this Reddit post.) There are two defaults settings you can configure via Terminal, NSStatusItemSpacing and NSStatusItemSelectionPadding.

Update (2024-06-12): Patrick Wardle:

macOS can put the item partially, or worse, wholly behind the camera notch (so it’s invisible)!? 🤦🏻‍♂️

…what’s the solution/how do avoid this?

Bartender 5

Surtees Studios:

With support for macOS Sonoma and a multitude of innovative features, Bartender 5 represents the pinnacle of Mac menu bar mastery.


Conceal select menu bar items while retaining quick and easy access through intuitive methods. Swipe and scroll within the menu bar to unveil hidden items instantly, simplifying access to multiple screens of concealed items with a simple swipe.


With its revamped trigger system, Bartender 5 elevates menu bar item interaction. Apply presets or reveal menu bar items precisely when they demand attention. Whether at work, on a specific Wi-Fi network, monitoring battery status, or using custom scripts like VPN or AirPods connectivity, Bartender 5 ensures you’re always in control.

Surtees Studios:

Bartender 5 introduces a novel feature known as “Menu Bar Item Groups,” which facilitates the consolidation of sets of menu bar items beneath a single, fully customizable menu bar item. This feature serves as an ideal solution for categorizing and conveniently accessing related menu bar items with a simple click or hover. This innovation is particularly advantageous for MacBook Pro users seeking to optimize their menu bar space efficiently.


Perhaps the fanciest new feature in Bartender 5 is the ability to entirely customize the way your menu bar looks. Bartender 5 now lets you change the color of the menu bar, add a border or drop shadow, or even change the way it fills the top part of your screen.


With the release of macOS Sonoma, Surtees Studio had to face a technical challenge. macOS now displays a purple badge in the menu bar whenever an app is capturing part of the screen. This is, of course, a welcome privacy feature, but it meant Bartender would have to work around its reliance on screen capture to rearrange icons in the menu bar. I’m happy to report that this challenge was successfully tackled and the purple badge only shows up when navigating Bartender’s settings and when you’re actually recording your screen.


Bartender 5 is $16 if you buy it directly from Surtees Studios and is priced at $8 for anyone upgrading from a previous version.

Krishna Sadasivam:

Thankfully, starting with Bartender 4, menu bar item search was added. And what if you don’t remember what the menu bar item’s icon looked like? No problem! Type in the first few letters using Bartender’s search bar, and your menu bar item is served to you, lick-ity split.


23andMe Breach

Lorenzo Franceschi-Bicchierai (Hacker News):

On Friday, genetic testing company 23andMe announced that hackers accessed the personal data of 0.1% of customers, or about 14,000 individuals. The company also said that by accessing those accounts, hackers were also able to access “a significant number of files containing profile information about other users’ ancestry.” But 23andMe would not say how many “other users” were impacted by the breach that the company initially disclosed in early October.

As it turns out, there were a lot of “other users” who were victims of this data breach: 6.9 million affected individuals in total.

Pieter Arntz:

With the breached accounts at their disposal, the attacker used 23andMe’s opt-in DNA Relatives (DNAR) feature—which matches users with their genetic relatives—to access information about millions of other users. According to a spokesperson the DNAR profiles of roughly 5.5 million customers could be accessed in this way, plus the Family Tree profile information of 1.4 million additional DNA Relative participants.

The 5.5 million DNAR Profiles contained sensitive details including self-reported information like display names and locations, as well as shared DNA percentages for DNA Relatives matches, family names, predicted relationships, and ancestry reports.

For a subset of these accounts, the stolen data might contain health-related information based upon the user’s genetics.

Alex Ivanovs (Hacker News):

In response to the cyberattack, rather than implementing robust security measures, 23andMe has opted for a legal shield, mandating binding arbitration for disputes.

Nick Heer:

Give your family and friends the gift of not subjecting their genetics to businesses with a data breach record of, as of writing and I cannot stress this enough, half their customer base.


If you are a user, there are specific steps you need to follow this month to opt out of binding arbitration.

Jason Koebler:

Every few years, I write an article about how it is generally not a good idea to voluntarily give your immutable genetic code to a for-profit company (or any other genetic database, for that matter), and how it is an even worse deal to pay money to do so. It is also not wise or ethical to gift a 23andMe Saliva Collection Kit to your loved ones for Christmas, their birthday, or any other reason.

Update (2023-12-19): Bill Toulas (via Hacker News):

“Rather, the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials.”

Ezekiel Elin:

Breach didn’t involve any disclosure of genetic data that wasn’t authorized to the accounts that were logged in? This wasn’t someone stealing DNA samples…

Update (2024-01-04): Lorenzo Franceschi-Bicchierai (via Hacker News):

Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch.


In other words, by hacking into only 14,000 customers’ accounts, the hackers subsequently scraped personal data of another 6.9 million customers whose accounts were not directly hacked.

But in a letter sent to a group of hundreds of 23andMe users who are now suing the company, 23andMe said that “users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe.”

“Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures,” the letter reads.

Update (2024-02-01): Rolfe Winkler (via Hacker News):

23andMe’s valuation has crashed 98% from its peak and Nasdaq has threatened to delist its sub-$1 stock. Wojcicki reduced staff by a quarter last year through three rounds of layoffs and a subsidiary sale. The company has never made a profit and is burning cash so quickly it could run out by 2025.


But with 23andMe’s stock trading at just 74 cents, the company likely can’t raise money by selling more shares. And the company’s early-stage drug programs are so expensive, she has sought investor partners for some of them, so far unsuccessfully, and given up stakes in others.


At the center of 23andMe’s DNA-testing business are two fundamental challenges. Customers only need to take the test once, and few test-takers get life-altering health results.

Wojcicki’s most ambitious bet is developing drugs using 23andMe’s stockpile of more than 10 million DNA samples that test-takers have agreed may be used for research. But getting new drugs to market is expensive and takes years.


To create a recurring revenue stream from the tests, Wojcicki has pivoted to subscriptions. As media companies launched streaming “+” channels, Wojcicki rolled out 23andMe+, offering personalized health reports, lifestyle advice and unspecified “new reports and features as discoveries are made” for an initial $229, with annual renewals of $69.


I was a heavy believer of 23andMe until this point. I answered all of the available research questions, which was a thing that took absolutely hours and was filled with semi-invasive medical questions. I did this under the premise that I would hopefully be helping research and I felt really rewarded having completed all of them. Then, they dropped the + bombshell and I felt really rugpulled. I paid them for genotyping on their v4 and v5 platforms -- so I paid twice, I referred friends, I bought people kits, I helped research...and now I was being asked to pay a subscription for what I was promised to begin with? Eesh.


It happened right after the hack, but there’s also a new crop of competitors that let you upload your raw 23andMe data, so there’s speculation that it’s trying to stop the outflow.

If you email them about it, you just basically get a copy-pasta reply restating the message on the site [“As an added security measure, we have temporarily disabled the ability to download your raw genetic data.”], and if you keep emailing them 3+ times asking for a refund (ask me how I know), they’ll tell you you can manually upload identity verification and they’ll get back to you in 6-8 weeks with the data.

Thursday, December 7, 2023

End-to-End Security for Facebook Messenger

Jon Millican and Reed Riley (Hacker News):

  • We are beginning to upgrade people’s personal conversations on Messenger to use end-to-end encryption (E2EE) by default.
  • Meta is publishing two technical white papers on end-to-end encryption:

It even works in the Web interface. Advanced Data Protection for iCloud requires manually opting in, and you can only do that if all your devices are new enough. So, ironically, this may mean that Facebook Messenger will be effectively E2EE for most users before iMessage is.

Tim Hardwick:

As things stand, end-to-end encryption for group Messenger chats remains opt-in, and Meta previously said that Instagram messages will be encrypted “shortly after” the rollout of default encryption for Messenger chats.


Update (2023-12-11): Mike Masnick:

It’s extremely rare that I’d offer kudos to Meta, but this is a case where it absolutely deserves it. Even if some of us kept pushing the company to move faster, they did get there, and it looks like they got there by doing it carefully and appropriately (rather than the half-assed attempts of certain other companies).

Update (2023-12-12): See also: Bruce Schneier.

Privacy Manifests Update


Starting in spring 2024, if your new app or app update submission adds a third-party SDK that is commonly used in apps on the App Store, you’ll need to include the privacy manifest for the SDK. Signatures are also required when the SDK is used as a binary dependency.


Based on the feedback we received from developers, the list of approved reasons has been expanded to include additional use cases. If you have a use case that directly benefits users that isn’t covered by an existing approved reason, submit a request for a new reason to be added.

Here’s the updated list. It mercifully still does not seem to apply to Mac apps.


Update (2024-03-07): Jesse Squires:

Apple’s security theater and review bureaucracy are just next-level now. I love how they keep finding ways to “innovate” in this space.

Apple: “Here’s an AP to save app preferences!”

Dev: uses API


Dev: “I’m saving app preferences”

Apple: “Oh, ok. lol. Please fill out this paperwork.” in tvOS 17.2

Benjamin Mayo (MacRumors):

Apple will discontinue the standalone iTunes Movies and iTunes TV Shows apps on the Apple TV box, starting with tvOS 17.2 The warning message seen above has started appearing in the release candidate version of tvOS 17.2 beta, released yesterday.


Apple has updated the TV app in 17.2 in preparation of the migration away from the standalone iTunes videos app, bringing across some functionality that was previously missing in TV. That includes things like filtering by genre in purchased tab, and the inclusion of box sets in the store listings.

John Gruber:

It’s a good simplification overall: Apple’s own content — both iTunes purchases and TV+ streaming content — is in the TV app.

But now you really can’t avoid the streaming content.

Joe Rosensteel:

The issues that I have suggested Apple should resolve:

  1. Unify media and apps into one interface, with the ability to pin favorite apps.
  2. Reduce the amount of Apple TV+ promotion in the interface, particularly for non-subscribers.
  3. Properly personalized recommendations based on viewing habits.
  4. Handle live TV through a unified programming guide, like Amazon does, instead of pretending the only live TV is live sports.

The new interface miraculously resolves none of these things.

Upon upgrading to 17.2, and opening the TV app for the first time, you’re still treated to the same behavior I’ve bemoaned in the past where the TV defaults to showing the Apple TV+ view asking me to “Come back for new Apple Originals” with Jason Sudekis’ mustachioed face right next to it. There’s no more Ted Lasso, fellas. Let it go.

There’s also a new sidebar with Apple TV+ and MLS Season Pass elements that can’t be hidden. As he says, Apple wants to “pretend that the universe revolves around Apple TV+ and consider all other streamers as ancillary add-ons.”


Update (2023-12-08): Adam Chandler:

Eddie cue when unveiling the modern Appletv OS said the future of TV is apps. He was right but Apple has chosen to put all of their video into one app. This is user hostile. If you dislike soccer, sports, TV+ and just want to watch a TV show you own from iTunes, you have only one place to go. I want the choice to “uninstall” AppleTV MLS but I can’t do that.

Scott Anguish:

Really disappointed that the iTunes movie store app is going to be going away in 17.2 tvOS.

It’s far and away a better movie purchasing (wishlist) and viewing (able to see descriptions and previews for a movie). It’s much faster than the library in the TV app.

Update (2024-04-24): Joe Rosensteel:

If you launch the app after an OS update, and you’re not a current subscriber, you get whisked to the Apple TV+ tab where you will get autoplaying video, and spiel about all the great Apple TV+ content you’re missing out on. This happens every time there’s a point update.

If you go to the Home section of the TV app, you’ll get the same carousel sales pitch for Apple TV+ shows that you’d get if you were in the Apple TV+ section. It’s not left to stand on its own. Apple doesn’t trust you to pay enough attention to them.

TV+ isn’t playing hard to get, or trying to lure me back with mystery. It all just turns into interface noise, frustrating what I want to do. This screen real estate belongs to Apple, not to me.

Just like all these other companies shoving promotions in, Apple doesn’t think it’s a villain. It thinks it’s increasing awareness and fostering discovery! (Never mind that if you are an Apple TV+ subscriber, you’ll see shows in the carousel that you’ve already watched.)

Update (2024-05-07): Scott Anguish:

The TV+ app on AppleTV has so many missing features.

  • you are no longer shown how many movies you have
  • no way to select a movie and be taken to the description like on the old movies app. Want to know more about a movie than the title and thumbnail? Google it. The view still exists, but you need to go to an in progress movie from outside the app to see it.
  • I only want to see movies in the store. Not tv shows, not shows on other apps. Just movies.
  • You can’t tell if a movie has iTunes extras without trying to play it. No visual indicators.

Sonoma’s “cp -l” Won’t Create Links

Rob Griffiths:

I ran into this while working on a Keyboard Maestro macro that creates hard links: The macOS version of cp won’t create links, at least not in Sonoma. In Ventura, it works even though it throws the same error as it does in Sonoma.


I have filed this bug as FB13255408 with Apple, and I’m hopeful they fix it soon. There is a workaround, obviously: Use ln instead. This works fine for individual hard links, but using cp to quickly copy an entire folder as hard links is a nicer implementation.

The MacBook Air Gap

Joe Rosensteel:

Why do I care about the “Pro” chip so much? Despite the name the Pro is really the middle chip, but there’s no middle laptop for it. The base M2 and M3 can be configured with more RAM (to a point) but they can’t be configured with extra ports, or even drive more than one external display. They’re not like pokey Centrino chips — they do have the ability to perform — but they are inflexible for certain workflows that require additional connectivity, like dual displays.

It’s pretty easy to argue that dual displays is a high-end feature, and thus demands a $1999 or more computer, but that wasn’t true of Apple’s Intel-based laptops. It has always felt like a regression to me since the introduction of the first M1 chips, and it’s not something apple wanted to correct in the M2 or M3.


If the base M chips could work with dual displays in clamshell mode it would be a no-brainer and I would get the 15” MacBook Air.


That means there’s a price umbrella between $1499 (15” M2 MBA 8/512 GB) and $2499 (16” M3 Pro MBA 18/512 GB). A thousand dollars where the only thing that can fill that gap is custom RAM and SSD sizes, no chip variation at all.

Mike Rockwell:

My recommendation for almost anyone that wants a desktop Mac now is to get a Mac Mini and an external display. You could get a Mac Studio or a Mac Pro, but if you’re the kind of person that needs the additional performance or connectivity, you already know that the Mac Mini isn’t enough for you.

Unlike the iMac and MacBook Air, even the base Mac mini can support two large displays. And the Mac mini also has an option for a Pro processor.


Filing Mail Messages on Sonoma Using the Keyboard

Adam Tow:

As I continue to investigate how to bring MsgFiler to macOS Sonoma, here’s a tip from a user that allows you to file messages via the keyboard on Sonoma. It also works on previous versions of macOS dating back to 2011.

  1. Select a message to file
  2. Click on the Help menu or press Command-Shift-/
  3. Type in a portion of the mailbox you wish to file or copy the message to
  4. Choose the mailbox in the list that appears with the arrow keys or the mouse
  5. Press Return or click the mouse/trackpad

There are a bunch of limitations.

My approach has long been to use a large number of rules so that almost everything is filed automatically. I then have a few AppleScripts, invoked via FastScripts, which move the selected messages to particular mailboxes. Another option is to add mailboxes to the Favorites Bar, and Mail will then automatically assign them numeric keyboard shortcuts.


FastSpring Risk Screening

I received a pair of e-mails from one of my payment processors, FastSpring, which included this text:

Our implemented process is designed to ensure full alignment and compliance with regulatory standards, including KYC/KYB (Know Your Customer/Know Your Business) requirements, Anti-Money Laundering (AML) regulations, Countering the Financing of Terrorism (CFT) guidelines, and international sanctions screening. We’ve had to invest in various compliance measures to meet these regulatory requirements, but they do come with associated costs. We’re striving to keep these costs as reasonable as possible for our sellers.

The annual Risk Screening process is applicable to all sellers. To offset the administrative costs associated with this service and to ensure a seamless process, we have implemented a fee of $150.00 to complete the Risk Screening, no more than annually.


Upon successful payment processing, our Risk team will reach out to you in the following weeks to guide you through the screening process. We understand the importance of your business, and we are committed to upholding the highest standards of security and service. If the fee isn’t received by the specified date, your account will be unfortunately disabled, resulting in loss of access to the FastSpring platform and payment processing capabilities, including subscription renewals.

This sounded a bit suspicious. The e-mails seemed to be sent from FastSpring, but they looked different from other e-mails I’ve received from them. They used different formatting and did not address me by name. A link to their terms of service was included. The ToS does mention a $150 fee, but it refers to it as a “Vendor Risk Verification Fee,” whereas the e-mail calls it a “Risk Screening Fee.”

The e-mail said to go to to pay the fee. This is odd because it’s a store hosted at FastSpring itself. It calls FastSpring an “authorized reseller” and has a field to enter a coupon code. There’s a “Get updates about our products and offerings” box that’s pre-checked. Nothing on the main site seems to link to this store.

This store is not inside of the admin interface for my account, and it doesn’t ask for my account ID, so it’s not clear how they would associate the payment with my account. Do they match the e-mail address? And why aren’t they just taking the fee out of my earnings automatically, like they do for their other fees?

This all just looked strange, but I contacted FastSpring’s support and they said it was legitimate.

The decision to use a separate payment link,, is intentional and aimed at enhancing the accuracy of fee tracking. This approach ensures a detailed and accurate record of all fee-related activities.

I don’t understand that at all. In any case, I’m a longtime customer but am currently only using FastSpring as a backup processor, so the transaction volume is low, which may explain why they want me to pay the fee.

It’s not that big of a deal, if legit, and it seems I have no choice if I want to keep the account, so I went to pay the fee, but they said my credit card was declined (3 times). I know the card works and had just used it for something else. It’s never been declined anywhere else. I contacted the card issuer who said there was no record of FastSpring even attempting a charge. I’ve contacted FastSpring again to see what’s going on but have not heard back from them since yesterday, whereas the initial confirmation that the e-mails were real came after only a few hours.

Everything else with FastSpring has gone smoothly over the years, which is what makes this so surprising. So I wanted to document this odd interaction in case anyone else gets these e-mails that look like possible phishing.

As a side note, when I got started selling software, all the e-commerce providers would post their rates online. It was all transparent and simple to compare. Now, they are all up front about the fact that rates depend on negotiating custom deals based on your scale. FastSpring pointedly does not tell you their pricing, except to say that it’s “simple, flat-rate” that “works on a revenue-sharing model.” But there’s apparently at least one hidden fee that’s only mentioned in the fine print.


Update (2023-12-08): FastSpring e-mailed me back to say that the payment issue was corrected, but it again reported that my card was declined.

Update (2023-12-08): FastSpring “pointed the store to a different processor,” and then it worked for me. They were very nice and said they would proceed with the screening, anyway, if we couldn’t get the payment to work.

Update (2023-12-11): See also: Hacker News.

I forgot to note that the first e-mail that I got had the FastSpring domain name misspelled!

As to the verification, FastSpring asked me some basic questions about my business and requested some documents. We then moved on to the next phase with ShuftiPro, which I failed. The live photo capture didn’t work in Safari on my Mac—I gave it camera permission, but it kept showing a blank image. They then gave me a QR code to scan with my iPhone to continue the process there. I used the phone’s camera to take a photo of my face, but it was rejected for being “altered or photoshopped.” They also requested a document for address verification, so I submitted an insurance certificate, but that document was rejected for being “altered/edited.” So I’ve now contacted FastSpring to see how I can try again and what I can do about it falsely claiming that the information I’m providing was altered.

Update (2023-12-12): Rob Jonson:

I really want to use @PaddleHQ for billing in my SAAS. They really don’t seem to want the business. Applied for verification two weeks ago. Responded to email a week ago explaining what I do. Still no response.

Back when I did verification with Paddle it was quick. I’ve yet to hear back from FastSpring about what to do about the verification that failed yesterday.

Update (2023-12-16): FastSpring was able to manually verify me, so my account is back in good standing.

Update (2023-12-21): See also: Reddit.

Update (2024-01-03): Even though FastSpring had previously told me that I was verified, I got another e-mail from a different support person saying that I still need to do the verification.

Update (2024-01-04): I have not yet heard back about my verification. I did receive an e-mail yesterday from Braden Steel, Senior Product Marketing Manager at FastSpring, who writes:

As a payment provider, FastSpring is required by our upline payment processors and other organizations to perform ongoing risk assessments on all of our customers in order to comply with various regulations and rules related to fraud prevention, money laundering, sanctions screening, and other similar concerns. For customers processing more than $5,000 per month through the FastSpring platform, ongoing risk assessments are free. For customers processing less than $5,000 per month through FastSpring (e.g. using FastSpring as a failover / backup payment solution) there is a $150 per year fee to cover the administrative costs of ongoing risk assessments which isn’t fully covered by FastSpring’s fees for customers processing less than $5,000 per month. If you’d like more information on the fee or have additional concerns, please contact

I can kind of see why FastSpring doesn’t want to be a backup, though if they made it attractive to be a backup they would be on-deck to be promoted to primary at any time, whereas now they are encouraging developers to drop them completely. It’s unfortunate that developers who are just starting out, are part time, or are getting most of their sales from the App Store are going to be stuck with a semi-hidden fee that’s a higher percentage of their revenue even though they are prioritizing FastSpring.

I asked why they are adding the fee now—since I’m not aware of the regulations changing in the last year—and whether the $5,000 per month is a minimum for the year or an average, but have not heard back yet.

Update (2024-01-05): Here are two more Reddit threads on FastSpring and alternatives.

Update (2024-01-10): More clarifications from Steel:

Why Now? In the 18 years we’ve been in business, we’ve built up a large number of customers who use us as a backup or may maintain their FastSpring account despite only using FastSpring for only a small amount of their sales. As the number of these customers has grown, not only do admin costs increase, but potential risk also goes up. We’ve made the call to do this now to ensure that we’re protecting our customers and our business.

I don’t find that this really answers the question about why longtime customers who have never caused problems and haven’t changed their business info are suddenly a risk. There are legal and regulatory requirements, but it seems that they do not specify that verification needs to be done annually (and other payment processors do not):

The requirements can vary depending on where they originate globally. To ensure continued compliance with all of those regulations, we’ve made the decision to standardize our internal processes.

I’ve also heard that longtime customers with higher sales volumes, while exempt from the fee, are not being required to do the verification, either. So it seems that FastSpring is only worried about the risk from low-volume accounts, or perhaps they are staggering the verifications and focusing on those first.

The fee seems to be determined based on the lowest-sales month of the year:

To calculate this fee, we look at the previous year’s sales volume on a monthly basis to see who falls below the $5,000 monthly threshold. Those who do may be subject to the fee for the following year as we do our standard risk verification that is applicable to all sellers on the FastSpring platform. Sellers are only subject to this fee after they’ve been on the FastSpring platform for an entire year as well to give them time to ramp up their stores on the FastSpring platform.

If you aren’t able to ramp up to $60K of annual sales, with no month falling below the minimum, you have to pay the fee every year.

Update (2024-01-11): I got an update from FastSpring saying that the original e-mail from Steel was in error:

The fee is only applicable to sellers who are transacting at less than $5000 annually, not monthly.

The original text seemed to be part of a coordinated press response, so I have to believe this is more a backtracking than a correction. In any case, the reduced threshold is great news for smaller businesses who don’t have $60K in annual sales. And businesses using FastSpring as a secondary processor could direct some orders to FastSpring until they hit the threshold in order to avoid the $150 fee. In theory, everyone will still need to go through the annoying annual screening, though.

Wednesday, December 6, 2023

Standalone Beeper Mini Brings iMessage to Android

Beeper (Hacker News, MacRumors):

It’s our beautiful new Android app built specifically to send and receive blue bubble messages to friends with iPhones.


Full end-to-end encryption.

It’s a standalone Android app - no server, laptop, Mac or iPhone required.


The app connects directly to Apple servers to send and receive end-to-end encrypted messages. Encryption keys never leave your device. No Apple ID is required. Beeper does not have access to your Apple account.

With Beeper Mini, your Android phone number is registered on iMessage. You show up as a ‘blue bubble’ when iPhone friends text you, and can join real iMessage group chats. All chat features like typing status, read receipts, full resolution images/video, emoji reactions, voice notes, editing/unsending, stickers etc are supported.


To be honest, I am shocked that everyone is so shocked by the sheer existence of a 3rd party iMessage client. The internet has always had 3rd party clients! It’s almost like people have forgotten that iChat (the app that iMessage grew out of) was itself a multi-protocol chat app!


Don’t believe this is possible? Try the open-source Python proof of concept on your own computer to see for yourself. Security researchers are invited to verify all claims that we make, see appendix below.


This is now possible because the iMessage protocol and encryption have been reverse engineered by jjtech, a security researcher. Leveraging this research, Beeper Mini implements the iMessage protocol locally within the app.


Optionally, you may also sign in to your Apple ID to enable sending/receiving from your email address. This will also enable you to send and receive messages from other Apple devices like iPad or Macs.

Nick Heer:

This is all made possible by the frankly incredible work of the pypush project. Primarily, its author is “JJTech”, a high school student who reverse-engineered the way iMessage works[…]


Unlike the catastrophic launch of Nothing’s messaging client and all other predecessors, Beeper Mini is not proxying iMessages through Apple devices.


The people behind it — including “JJTech” — believe Apple could not end access for technical reasons, but it seems like Apple is prepared for ending access to services on older devices. The Verge’s Nilay Patel noted on Threads the P.R. risk of shutting it down, while Sarah Perez of TechCrunch points to current antitrust investigations and E.U. regulations.

Jacob Kastrenakes:

I’ve been using the app for the past few weeks, and I’ve been surprised at how smoothly it works. Messages sent from Beeper Mini on my Pixel 8 appear as blue bubbles on the iPhones of my friends and family members. Group chats I’m on automatically switched over to iMessage as soon as someone fired off a meme. Reactions, threads, photos, and videos (without the messy text message compression) all came through. The best thing I can say about Beeper Mini is that almost no one noticed I was using it: blue bubbles just started appearing — no lost messages to speak of.


At launch, the service will cost $2 per month and only offer access to iMessage. Migicovsky says Beeper Mini will eventually drop the “Mini” branding and integrate all the other chat services offered on Beeper’s main app — WhatsApp, Messenger, Signal, and so on, all hacked together to work inside a single convenient interface. My biggest complaint at the moment is that Beeper Mini doesn’t support SMS and RCS, so this one-day all-in-one app is currently dividing my texting experience in two. Migicovsky says bundling in SMS and RCS is coming, too. All those extra services might just cost a little more, though.

Even with RCS coming to iMessage, Migicovsky thinks there’s still an important role for Beeper. “The long-term vision is one app that you can use to chat with anyone in the world,” he says.


Update (2023-12-08): Jason Snell:

Quinn Nelson has an excellent explanation video and Jacob Kastrenakes at the Verge has an article about it.


In a time when Apple’s being assailed by multiple regulators for uncompetitive behavior, it would not look great if the company were to crush Beeper, even if it could do so easily. Instead, it might take a months- or years-long overhaul of its authentication systems to do so. And would it be worth it? Beeper is making a calculated gamble that Apple will let this go.

See also: Accidental Tech Podcast.

Governments Using Push Notifications to Surveil Users

Tim Hardwick (Hacker News):

Senator Ron Wyden said foreign officials were demanding the data from the tech giants to track smartphones. The traffic flowing from apps that send push notifications put the companies “in a unique position to facilitate government surveillance of how users are using particular apps,” Wyden said.


In a statement given to Reuters, Apple said that Wyden’s letter gave them the opening they needed to share more details with the public about how governments monitored push notifications.


Apple advises developers not to include sensitive data in notifications and to encrypt any data before adding it to a notification payload. However, this requires action on the developers’ part. Likewise, metadata (like which apps are sending notifications and how often) is not encrypted, potentially giving anyone with access to the information insight into users’ app usage.


We at the Home Assistant Companion for iOS team have been wanting to implement end to end encryption for our push notifications for a while now but Apple has denied our request for the entitlement multiple times. Wondering if with today’s news we could apply again and get it.


Update (2023-12-08): Ashley Belanger:

Apple has since confirmed in a statement provided to Ars that the US federal government “prohibited” the company “from sharing any information,” but now that Wyden has outed the feds, Apple has updated its transparency reporting and will “detail these kinds of requests” in a separate section on push notifications in its next report. Ars verified that Apple’s law enforcement guidelines now notes that push notification records “may be obtained with a subpoena or greater legal process.”


A source familiar with Wyden’s probe told Reuters that “both foreign and US government agencies have been asking Apple and Google for metadata related to push notifications to, for example, help tie anonymous users of messaging apps to specific Apple or Google accounts.” The source could not confirm how long agencies had been sending the requests and would only describe the foreign governments as “democracies allied” to the US.

Nick Heer:

This is an entire category of stuff the U.S. government has apparently prohibited Apple and Google from disclosing and it is a good reminder that their transparency reports exist at the behest of governments, with their limitations imposed. But, also, Apple specifically blames the “federal government” — I take that to mean the U.S. federal government. Why would they be able to prevent Apple from disclosing this category of law enforcement requests from other countries?

Joseph Cox of 404 Media reviewed one warrant which mentioned push notifications in the case of an Ohio researcher, questioning whether it “is boilerplate language that has been included in the search warrant application”.

Update (2023-12-11): John Gruber:

Law enforcement agents can issue subpoenas on their own, so there’s no oversight here. Google, on the other hand, requires a court order[…]

Tim Hardwick:

Apple has updated its Legal Process Guidelines to reflect the company's legal obligation to comply with law enforcement requests for Apple ID information associated with its push notification service.

Tuta (via Hacker News):

When we redesigned the Tuta client back in 2017, we strictly focused on our mission to liberate everyone from being forced to use Google’s services. New evidence now shows this was an excellent move as Google and Apple monitor all your push notifications. But not so with Tuta: We offer one of the very few email apps available without Google’s push notification service. Technically, this was a true challenge; so let's explain how we succeeded!

See also: Bruce Schneier.

Update (2023-12-19): Raphael Satter (via Hacker News):

Apple has said it now requires a judge’s order to hand over information about its customers’ push notification to law enforcement, putting the iPhone maker’s policy in line with rival Google and raising the hurdle officials must clear to get app data about users.

iCloud Advanced Data Protection Uptake

John Gruber:

Back in August I ran a poll on Mastodon, asking my followers if they have iCloud Advanced Data Protection enabled. iCloud Advanced Data Protection was announced two years ago this week, alongside support for security keys (e.g. Yubico).

I’m in the last group, too. I still use some older devices that would be dropped from iCloud if I enabled it.


Update (2024-01-09): Pierre Igot:

I’ve got to say that, when you are trying to activate the “Advanced Data Protection” safety feature in #macOS #Sonoma, the level of attention to detail on the part of Apple’s software engineers is really confidence inspiring. I mean, wouldn’t YOU trust those guys with the safety of your data?

(And let’s just not mention the couple of times where System Settings just conked out on me when I was in the middle of typing important information.)

His System Settings screenshots look awful, with text clipped and a bare URL that isn’t clickable. Of course, Advanced Data Protection was probably implemented by an entirely separate team than the one that seems to be learning SwiftUI and incorporating Web technologies while redoing the System Settings app. But gone are the days where the company seemed to have an attention to detail and polish top to bottom.


Vladislav Smolyanoy:

I got locked out of my iCloud in December because their Advanced Data Protection somehow broke my iCloud.

After 9 hours on the phone with Apple support and me couple gray hairs richer they finally called in internal Apple iCloud engineers to personally fix it.

It was a crazy story where I almost lost most of my digital life (passwords, pictures, documents, 2fa, mail and so much more)

Misinformation About NameDrop

Juli Clover:

As noted by The Washington Post, there have been warnings about NameDrop popping up on FaceTime. Police departments in Pennsylvania, Oklahoma, Ohio, and other states have been suggesting that contact information can be shared “just by bringing your phones close together.”


While it’s true that NameDrop is turned on by default, the way that it functions is more nuanced than simply putting two iPhones near each other.


Contact information is not shared automatically, and it is a user-initiated process that requires both people exchanging information to accept the transfer. While an accidental exchange could occur, it would require a user to unlock their device and accept the sharing prompt for that to occur.

Nick Heer:

I cannot imagine how someone could surreptitiously activate this feature, but I can see how someone might get confused if they only watched a demo. In Apple’s support video, it almost looks as though the recipient will see the contact card as soon as the two devices are touched, perhaps because of the animation. But that is not how the feature works. When two devices are brought in close proximity, each person first sees their own contact card; from there, they can choose whether they want to share the card.

Jason Snell:

I’m glad that so many sources are rushing to correct the original police department posts, but if you really want to get depressed, visit one and read the comments from all the people who are grateful for the misinformation. You’ll have to laugh to keep from crying.

See also: TidBITS.

NSFileManager’s File Copy Error Messages Lie

Jeff Johnson:

The error says that the source file InstallHistory.plist doesn’t exist, but the file does exist! The true reason for the copy failure is that the destination directory /Users/Shared/nonexistent/ doesn’t exist. Sigh.

I tested my command-line tool all the way back to macOS 10.13 High Sierra, and the behavior is the same! This is an old bug in NSFileManager. And note that the bug is not restricted to path-based API: it also affects NSFileManager URL-based API.

This is a really old bug, and it affects other types of failures, not just NSFileNoSuchFileError. I first encountered it when working on the SpamSieve installer for Apple Mail. I would ask NSBundle for the copy of the plug-in that was built into the app and then try to copy it to a protected folder, but the error message would say that it didn’t have permission to read the source path that was in the app itself.

Emergency SOS via Satellite Pricing

Adam Chandler:

Garmin had a few benefits Apple’s hardware did not thanks to a larger antenna and dedicated hardware. My InReach could be tracked by my wife anywhere. She could see my location instantly by going to a special web page and entering a passcode. I could also text anything I wanted to any phone number made easier by the InReach app where I could type on a smartphone keyboard instead of the old thumb pad input on the InReach. Finally, InReach had topographic maps for the entire USA. I could open it up anywhere and relate myself to the surroundings, use the compass and know how to find water or civilization.

Of course, all of this came for a high price and now, FindMy, Basic texting to my wife and emergency SOS were built in to my iPhone 14.


In fact, SOS may be a wake up call to some people that could graduate to owning a real PLB when they have an emergency and see how slow and cumbersome Apple’s SOS is compared to a dedicated device with its one-week battery life and easier use along with being hooked to their clothes via a clip than stuck in a backpack. This could grow the amount of people using a dedicated PLB who never knew those products existed.


I think SOS will be $49 a year or $5 a month to convert 2 million people to their SOS service and, because bundling, it will be included with AppleOne because what’s better than people paying $5 a month? Well, it’s getting them to pay $30 a month and subscribe to everything Apple has to offer.


One year ago today, Apple’s groundbreaking safety service Emergency SOS via satellite became available on all iPhone 14 models in the U.S. and Canada. Now also available on the iPhone 15 lineup in 16 countries and regions, this innovative technology — which enables users to text with emergency services while outside of cellular and Wi-Fi coverage — has already made a significant impact, contributing to many lives being saved. Apple today announced it is extending free access to Emergency SOS via satellite for an additional year for existing iPhone 14 users.

John Gruber:

My hunch on this is that Apple would like to make this available free of charge in perpetuity, but wasn’t sure how much it would actually get used, and thus how much it would actually cost. If they come right out and say it’s free forever, then it needs to be free forever. It’s safer to just do what they’ve done here: make it free for an extra year one year at a time, and see how it goes as more and more iPhones that support the feature remain in active use.

Kyle Melnick:

After Shepherd frantically called 911, investigators contacted Volkswagen’s Car-Net service, which can track the location of the manufacturer’s vehicles. They hoped to locate Isaiah.

But a customer service representative said that wouldn’t be possible because Shepherd’s subscription to the satellite service had expired, according to a new lawsuit. The employee said he couldn’t help until a $150 payment was made, the complaint said.

Via John Gruber:

This perfectly illustrates the perils of Apple eventually charging for Emergency SOS satellite service. If Apple someday cuts off free service for compatible iPhones, eventually there’s going to be someone who dies because they chose not to pay to continue service. No one wants that.

Dan Moren:

I was pretty confident Apple would kick this can down the road, and now they have. My guess is that it might (next year or the year after) introduce a paid tier that lets you do more with satellite connectivity—non-emergency messaging, for example—and use a charge for that to essentially subsidize free emergency functionality for all users.


Tuesday, December 5, 2023

Filmic’s Entire Staff Laid Off

Jaron Schneider (Hacker News):

Filmic, or FiLMiC as written by the brand, no longer has any dedicated staff as parent company Bending Spoons has laid off the entire team including the company’s founder and CEO, PetaPixel has learned.


Considered for years as the best video capture application for mobile devices, the team behind Filmic Pro and presumably Filmic Firstlight — the company’s photo-focused app — has been let go.


The company acquired Filmic in September 2022 in what was framed as a move designed to provide much-needed support to further build out the company’s capture apps, which made sense given Bending Spoons’s focus on post-production.

Via Christina Warren:

This sucks but is sadly not at all surprising. If you pay for a Filmic subscription, I would cancel now and start migrating to the Blackmagic Design camera app. It is free b/c it is a loss leader, and is actively developed. But I hate this for the Filmic team who I truly believe erred in underpricing their app for close to a decade before selling/moving to a very unpopular subscription model.


Update (2023-12-08): John Gruber:

Filmic was featured by Apple in numerous iPhone keynotes and App Store promotions over the years — for a long stretch it was undeniably the premier “pro” video camera app for iPhones.

The Impassioned Moderate (2022):

The problem? Bending Spoons is the one the most predatory actors on the entire App Store - they’re terrifying in a completely different way.


So what most likely happened is that Bending Spoons raised ~$50M in equity from all these various celebrities, and a much larger debt facility (~$300M) that they can draw on to pursue the “acquisitions” they refer to. It’s highly misleading for the company to foster the narrative that this was a $340M equity funding round[…]


Now, lest you think this critique an ad hominem one, let’s talk about Bending Spoons’ business model.

Via John Gruber:

Bending Spoons’s business model is to buy successful apps, change them to a weekly auto-renewing subscription model that perhaps tricks users into signing up, and using the revenue to buy more apps and repeat the cycle. Filmic, for example, now defaults to a $3/week subscription — over $150/year. To be fair, there’s also a $40/year subscription.

It doesn’t seem like a scam, per se, but it doesn’t seem like a product-driven company. Apps seemingly don’t thrive after acquisition by Bending Spoons — instead, they get bled dry.

Ads When You Start Your Fire TV

Luke Bouma (Hacker News):

Amazon is adding full-screen video ads that will play when you start your Fire TV unless you quickly perform an action on it.

This new update will be rolling out to all Fire TVs made in 2016 or newer. With this update, the ad at the top of your Fire TV will now start playing full-screen, often promoting a movie or TV show. By hitting the home button, you can quickly exit the ad or if you quickly perform an action on the Fire TV once it finishes, you will avoid the video ad, but you only have a few seconds.

In a way, this isn’t as crazy as it sounds because turning on a TV has historically shown full screen content that you weren’t expecting to see. But Amazon is not offering this as a Special Offers discount, and it sounds like there’s no way to turn it off. They are altering the implicit deal with customers, notwithstanding the attempt to spin this as an “immersive experience” feature.

Via John Gruber:

I really don’t understand how anyone uses anything but an Apple TV box. Apple TV is far from perfect but holy hell, it really does start from the perspective of respecting you, the user.

It sure doesn’t feel like that if you don’t subscribe to Apple TV+. And the Netflix app, especially, constantly shows unsolicited partial-screen previews when all I want is a static menu with no sound when nothing’s playing. But, yeah, the grass is not always greener.

The people at Apple who make it are obviously trying to create the experience that they themselves want when they’re watching TV at home.

To me, this is not at all obvious when using the product. Who wants wants a multi-step process to toggle subtitles? It feels like it was designed by people who don’t watch TV. And that don’t respect me to choose for myself what I want to watch.


Slower Chrome Extension Updates

Ron Amadeo (via Hacker News):

Google’s war on ad blockers is just gearing up, with YouTube doing its best to detect and block ad blockers and Chrome aiming to roll out the ad block-limiting Manifest V3 extension platform in June 2024. A new article from Engadget detailing the “arms race” over ad blocking brings up an interesting point regarding the power that YouTube and Chrome have in this battle: a dramatic update advantage over the ad blockers.

In addition to hamstringing Chrome’s extension platform with no real user-centric justifications, Manifest V3 will also put roadblocks up before extension updates, which will delay an extension developer’s ability to quickly respond to changes. YouTube can instantly switch up its ad delivery system, but once Manifest V3 becomes mandatory, that won’t be true for extension developers. If ad blocking is a cat-and-mouse game of updates and counter-updates, then Google will force the mouse to slow down.


All updates, even to benign things like a filtering list, will need to happen through full extension updates through the Chrome Web Store. They will all be subject to Chrome Web Store reviews process, and that comes with a significant time delay.


Keyboard Cowboy 3.19

Christoffer Winterkvist (Reddit):

With Keyboard Cowboy, users can automate repetitive actions, launch applications and scripts, control system settings, manipulate files and folders, and perform a wide range of actions – all without ever having to take their hands off the keyboard.


Automating workflows by triggering them through application events, such as opening, switching, or closing an application.


By binding groups of workflows to specific applications, you can stay focused and run workflows seamlessly, making you a multitasking master.


By rebinding keys to perform different actions or execute complex key sequences, power users can unlock a new level of efficiency and customize their workflow to fit their unique needs.

This looks really interesting, but unfortunately I haven’t been able to get it to work. Anything I do in the main window seems to trigger a SwiftUI hang and then eventually a crash. It sounds like this may be a Ventura-specific issue.


Update (2023-12-06): The hang and crash are fixed in 3.19.1. I then ran into a bug where AppleScript text views were compressed, due to a difference in how SwiftUI decides the intrinsic content size for an element between Ventura and Sonoma. Winterkvist quickly fixed this one, too, in version 3.19.2.

Castro May Be Dying

Jason Snell:

The cloud database that backs the service is broken and needs to be replaced. As a result, the app has broken. (You can’t even export subscriptions out of it, because even that function apparently relies on the cloud database.) “The team is in the progress of setting up a database replacement, which might take some time. We aim to have this completed ASAP,” said an Xtweet from @CastroPodcasts.

What’s worse, according to former Castro team member Mohit Mamoria, “Castro is being shut down over the next two months.”


The truth is, between Apple’s solid upgrades to the Podcast app and the rise of Spotify as a podcast-playing competitor, the squeeze has really been put on most podcast apps.

John Gruber:

As a publisher, Castro was the 4th or 5th most popular client for The Talk Show for a while, but in recent years has slipped. Right now it’s 10th — but in a logarithmic curve. Overcast remains 1st; Apple Podcasts 2nd. The truth is, if not for Overcast, Castro would likely be in that top position, not shutting down. But Overcast does exist, and it’s the app where most people with exquisite taste in UI are listening to podcasts.

It’s a shame because, though I like Overcast, I would like to have multiple good options, especially when they tend to be opinionated. I like all the indie podcast apps I’ve tried better than Apple Podcasts and Spotify.

Stephen Hackett:

As a podcast network owner, I’ve had a front-row seat to Castro’s entire history. It’s never accounted for a large number of downloads when it comes to shows on Relay, but I know users who love Castro really love it, despite the lack of an iPad app and other oddities.


While it is true that we have experienced departures within our company, we want to assure you that we are actively working with a lean dedicated team to address these challenges. We apologize for any unnecessary panic that may have arisen from these conversations.

We believe in transparency with our community and want to share with you that we are actively seeking a new home for Castro with new owners.


Update (2024-01-09): Ben Lovejoy:

The popular podcasting app Castro appears to have ceased functioning, and the website has gone. The latter appears to be because the domain is no more, as emails also bounce.


We are having issues with our DNS on Digital Ocean. We have been working over the weekend to fix it. We will be back shortly.

It seems to be back for now.

Via Stephen Hackett:

“Working over the weekend” should have included updating paying customers as to what was going on. Instead, the company was silent — yet again — as people wondered about the future of the app.

I hate it to say it, but I have very little confidence that Tiny knows what it’s doing with Castro, or even cares that much about it.

iMessage Contact Key Verification

macOS 14.2 Beta:

With iMessage Contact Key Verification, users can choose to further verify that they are messaging only with the people they intend. iMessage Contact Key Verification uses Key Transparency to enable automatic verification that the iMessage key distribution service returns device keys that have been logged to a verifiable and auditable map. When a user enables the feature, they will be notified about any validation errors directly in the Messages conversation transcript and Apple ID Settings.


All devices signed into your iCloud account must be on the minimum supported version of iOS 17.2 Beta, macOS 14.2 Beta, or watchOS 10.2 Beta. If you wish to keep using other devices on older versions of the OS, you will need to sign out of iMessage on these devices in order to enable contact key verification.

Glenn Fleishman:

The company announced the process and timeline on 27 October 2023 on its Security Research blog.


Instead of relying on Apple to verify the other person’s identity using information stored securely on Apple’s servers, you and the other party read a short verification code to each other, either in person or on a phone call. Once you’ve validated the conversation, your devices maintain a chain of trust in which neither you nor the other person has given any private encryption information to each other or Apple. If anything changes in the encryption keys each of you verified, the Messages app will notice and provide an alert or warning.


Looking at it another way, this explains why Apple notes someone with a “public persona” could post a verification code online without risk. When someone wants to start an iMessage conversation with a public figure, they rely on that public element as proof that the public figure is who they say they are. Further, because Apple associates their public key with the email addresses and phone numbers associated with their Apple ID account, someone contacting them and verifying their code could only face an imposter if the hijacker had taken over the public figure’s Apple ID account.

Contact Key Verification is a solution to an issue known for years. Way back in 2016, security researcher Matthew Green explained several of iMessage’s fundamental design problems, with one of the worst being “iMessage’s dependence on a vulnerable centralized key server.” (Another was Apple’s failure to publish the iMessage protocol, which remains a concern. I wrote a Macworld column about these failings in 2016.)

Bruce Schneier:

Signal has had the ability to manually authenticate another account for years. iMessage is getting it.


Update (2023-12-19): Howard Oakley:

To turn on CKV, open System Settings, then your Apple ID. At the foot of that you’ll see the new item Contact Key Verification, within which is the switch to enable it.


If you’re in any doubt as to whether you’re messaging the person you want, provided that their details are saved to a card in your Contacts, you can verify them. Both of you will then create a code at the same time, to share and compare. To do that, open the Messages app, tap the message thread, then that person’s name to obtain Conversation details. At the foot of those you and your contact should then tap Verify Contact…. Both of you will then receive a code that you can compare with them, in person, using FaceTime or over a phone call. If the codes match, mark them as verified to add the code to their card in Contacts.


For those who have extensive contact with the public, perhaps as a well-known figure, they can create and share a public verification code, to allow others to verify messaging with them.

Update (2023-12-21): See also: Hacker News.

Monday, December 4, 2023

Smaller and Faster Updates With Sonoma

Howard Oakley (Hacker News):

When a user accepts Software Update’s invitation to upgrade to macOS 13 or 14, rather than downloading a full installer app of about 12 GB, Ventura or Sonoma will instead attempt an update, in which only changed files are copied to the System volume, substantially reducing the amount to be downloaded, and increasing the speed of the update process. This also has the unfortunate side-effect that users who inadvertently start that update process have no easy way to abort it, and Ventura and Sonoma resulted in many upgrading sooner than they had intended [because Apple released them as updates rather than upgrades].

As far as I’m aware, Apple has made no announcements of changes in macOS updates for Sonoma, and there’s no evidence that any more of the contents of the SSV have been transferred to cryptexes, allowing them to be updated without rebuilding the SSV. However, the two unscheduled patch updates to Sonoma so far, in 14.1.1 and 14.1.2, have required the smallest updates since the days of Mojave. In the case of 14.1.2, the update was only 400 MB for Intel Macs, and 820 MB for Apple silicon, far below the smallest update sizes in Ventura. Although there’s some uncertainty as to exactly what was changed in 14.1.1, 14.1.2 contains two fixes to WebKit, thus in a cryptex, and some smaller updates in the contents of the SSV. In previous versions of macOS since Big Sur, those would have required larger downloads, particularly for Apple silicon Macs, which would have been at least 1 GB larger.

Although harder to quantify, macOS update installation times have also become steadily shorter, at least on Apple silicon models, whose 30 minutes ‘preparation’ seldom takes even half that time. Some of this improvement in speed may be attributable to the smaller size of updates, of course, but on Apple silicon Macs they are now sufficiently quick as to be little interruption.

I continue to have problems, on multiple Macs, where updates repeatedly fail to prepare. So it takes a while to redownload the updater and prepare multiple times. However, I agree with Oakley that, when they work, the updates are smaller and install much more quickly.


Sony Removing Purchased Discovery TV Shows

PlayStation Store (via Hacker News, Reddit):

As of 31 December 2023, due to our content licensing arrangements with content providers, you will no longer be able to watch any of your previously purchased Discovery content and the content will be removed from your video library.

It isn’t that streaming content is no longer available; they actually admit they’re removing content that people purchased.

Sophie McEvoy:

Over 1,300 seasons of shows will be removed as listed by PlayStation, including Animal Planet Presents, Cake Boss, Deadliest Catch, How It’s Made, and MythBusters.

Last year, PlayStation removed purchased content from Studio Canal due to “evolving licensing agreements with its content providers,” leaving users unable to view purchased content in their library.

Kara Phillips:

Yet, no efforts to explain whether or not you will be compensated for the loss were touched on either. Rather, the email continues: “We sincerely thank you for your continued support.”

Wesley Yin-Poole:

The decision has sparked a backlash online, and fuelled concern around ownership of digital media. Video game preservation is a hot topic within the industry, but the issue of content removal from digital platforms is top of mind of movie and TV makers, too. Last month, Oscar-winning filmmaker Guillermo del Toro backed Oppenheimer director Christopher Nolan in championing physical media amid controversial moves by streamers that have seen some films pulled from availability.


There is currently no way to back up purchased PlayStation Store video content from a PlayStation 4 or PlayStation 5. They cannot be transferred to a disc by any means.


It’s worth noting that when Sony stopped selling TV shows and movies from the PlayStation Store in 2021, it said users would still be able to access existing purchases.

Kind of like how Apple says that HomePod can play iTunes music purchases, but due to bugs and/or content licensing arrangements this doesn’t actually work for many older purchases.

Ethan Gach:

This isn’t the first time Sony has done something like this and it won’t be the last. I’d say just buy your favorite shows on Bluray instead, but Sony and Microsoft also appear to be planning to slowly phase out optical disc drives in the future. Even the new PS5 slim’s detachable disc drive will require an online DRM check every time you plug it in.


Update (2023-12-06): Nick Heer:

I spot-checked the PlayStation list and found many of these shows are not officially available in a hard copy format. Sure, nobody is entitled to own them at all, but if you want to ensure you retain access for whatever reason, you often have no legal option. “Okay, well, you know what that means: steal it”.

Amazon Employees Returning to Offices

Jane Thier (via Hacker News):

Mike Hopkins, senior vice president of Prime Video and Amazon Studios, reportedly told members in an internal meeting that when it comes to returning to the office, “it’s time to disagree and commit. We’re here, we’re back—it’s working,” he said. “I don’t have data to back it up, but I know it’s better.”


Disgruntled Amazon workers likely saw this coming. This time last year, Jassy said Amazon had no plans for a compulsory office return and instead intended to “proceed adaptively.” That sentiment didn’t last, and Jassy soon joined peers Elon Musk and Sundar Pichai in their pro-office enthusiasm, mandating an office return earlier this year (the company does have an exception request process that’s considered on a case-by-case basis).


Amazon spokesperson Rob Munoz told Fortune that the company has been happy with how the return to office has gone since Amazon mandated it earlier this year: “There’s more energy, collaboration, and connections happening, and we’ve heard this from lots of employees and the businesses that surround our offices.”

Greg Iacurci (via Hacker News):

The share of workers being called back to the office has flatlined, suggesting the pandemic-era phenomenon of widespread remote work has become a permanent fixture of the U.S. labor market, economists said.

“Return to the office is dead,” Nick Bloom, an economics professor at Stanford University and expert on the work-from-home revolution, wrote this week.


Research has shown that the typical worker equates the value of working from home to an 8% pay raise.

However, the work-from-home trend isn’t just a perk for workers. It has been a profitable arrangement for many companies, economists said.


Update (2023-12-11): Jane Thier (via Hacker News):

Bolstered by Daco’s four-point explanation, the new BLS data puts to rest the idea that where work happens is consequential in the productivity debate. Experts have maintained that exact point for years.

Evidence of productivity differences between remote and in-person work isn’t black and white, Daco says; there’s a “huge diffusion” of gains and losses. “I don’t know if return-to-office policies have had much of an effect one way or another, because the arguments are clear both ways,” he adds. “It really depends on the culture and the reasoning behind the [policies].”

Computational Bridal Photo

Matt Growcoot:

A woman says that “the fabric of reality crumbled” after she looked at an iPhone photo of herself trying on a wedding dress and noticed that her reflection looked different.

Standing in front of two large mirrors, Tessa Coates’ reflection does not return the same pose that she is making, and not only that, but both reflections are different from each other and different from the pose Coates was actually holding.

While Coates was holding one arm up and another down, the reflection on the left is seen holding both arms down, and the reflection to her right is holding both arms up to her waist.

John Gruber:

Coates, in her Instagram description, claims “This is a real photo, not photoshopped, not a pano, not a Live Photo”, but I’m willing to say she’s either lying or wrong about how the photo was taken.


In a long-winded story post, Coates says she went to an Apple Store for an explanation and was told by Roger, the “grand high wizard” of Geniuses at the store, that Apple is “beta testing” a feature like Google’s Best Take. Which is not something Apple does, and if they did do, would require her to have knowingly installed an iOS beta.

Nick Heer:

This is, as far as I can find, the first mention of this claim, but I would not give it too much credibility. Apple retail employees, in my experience, are often barely aware of the features of the current developer beta, let alone an internal build. They are not briefed on unannounced features. To be clear, I would not be surprised if Apple were working on something like this, but I would not bet on the reliability of this specific mention.

It’s almost unbelievable the sort of looney things that my customers tell me they were told by Apple retail employees/geniuses, and I’ve been directly told some quite unlikely things myself. The best bet is that someone in this story is mistaken. But I’m not sure I’d rule anything out after hearing Apple brag on stage that they secretly beta tested APFS file system conversions during the regular software update process.

Wesley Hilliard (Hacker News):

What’s actually occurred here is a mistake in Apple’s computational photography pipeline. The camera wouldn’t realize it was taking a photo of a mirror, so it treated the three versions of Coates as different people.

Coates was moving when the photo was taken, so when the shutter was pressed, many differing images were captured in that instant as the camera swept over the scene, since it was a panoramic photo capture. Apple’s algorithm stitches the photos together, choosing the best versions for saturation, contrast, detail, and lack of blur.

John Gruber:

The subject claims it wasn’t a Panoramic mode photo, but she didn’t snap the photo, and if a photo taken in Panoramic mode isn’t wide enough to reach some threshold, the Photos app does not identify/badge it as such. And conversely, a normal photograph cropped to a very wide aspect ratio will be badged as Panoramic — like this and this from my own library — even though it wasn’t snapped in Panoramic mode.

Those sound like bugs to me.

I think it’s quite likely Korkmaz is correct that this is the explanation for how this photo was created; I remain unconvinced that it wasn’t a deliberate publicity stunt.


Dave Cutler Interview

Dave Plummer (via Hacker News):

Dave Cutler is a seminal figure in computer science, renowned for his contributions to operating systems. Born in 1942, he played pivotal roles in the development of several OSes, most notably VMS for Digital Equipment Corporation (DEC) and Windows NT for Microsoft. Cutler’s design principles emphasize performance, reliability, and scalability. His work on Windows NT laid the foundation for many subsequent Windows versions, solidifying its place in enterprise and personal computing. A stickler for detail and a rigorous engineer, Cutler’s influence is evident in modern OS design and architecture.

Cutler is quick-witted and has an impressive recall of details. It’s hard to believe he’s 81, except that his stories go back to punched cards and 16-bit minicomputers.


Disabled Safari Extensions Are Not Fully Disabled

Jeff Johnson:

The good news is that when you navigate to a new page in a Safari tab after disabling the extension, its content script won’t get injected into the new page. The bad news is that if you navigate back to the old page with Safari’s back button, the disabled extension’s injected content script remains in the cache of the old page.

Following Nick Heer’s workaround, when you subsequently reenable StopTheMadness after updating to the latest version in the App Store while Safari is still open, Safari injects the updated extension’s content script and style sheet into open web pages that the extension has permission to access, which is typically all of them, including the pages with leftover content scripts from the previous version of the extension. Consequently, an App Store update can leave you with two different versions of the extension’s content script running simultaneously in the same web pages! This is a very undesirable situation, because the two competing scripts could conflict in unpredictable ways.


You may be wondering, since the App Store allows you to update Safari web extensions without quitting Safari, how do they avoid the issues faced by StopTheMadness and other Safari app extensions? The answer, surprisingly, is that they don’t!


In my testing, Chrome (1) does not inject the extension’s content scripts into open web pages when enabling the extension, (2) does not disable the extension’s content scripts when disabling the extension, and (3) does not include the disabled extension’s content scripts in the page cache. Firefox (1) does inject the extension’s content scripts into open web pages when enabling the extension, (2) does disable the extension’s content scripts when disabling the extension, and (3) does not include the disabled extension’s content scripts in the page cache (because of 1).


Update (2023-12-19): Andrew Abernathy:

In general, I’m very happy about the new level of security protection on Safari extensions, allowing me to approve access for just one day. But it didn’t register to me that when I approved access for a day, it didn’t then go ahead and perform the extension’s action. I thought I had saved a bunch of items to Instapaper, but no, I have to click the toolbar button again after responding to this alert.