Archive for December 8, 2023

Friday, December 8, 2023

Selecting Multiple Tabs in Safari

John Gruber (video):

Just like making multiple selections in a list view, Shift-click will select an entire range at once, and Command-clicking lets you select (and deselect) noncontiguous tabs. […] Once you have multiple tabs selected, you can drag them together to create a new window, or do things like close them all at once.

I had no idea that you could do this, and it apparently works in Firefox, Chrome, and Brave, too. This seems to be new in Safari 17, and I guess it relies on SPI because it doesn’t work in other apps that use the standard NSWindow tabbing.

Gordon Smith:

My use case is to select those tabs I want to save as a group, right click one of those tabs to add them all to a new Tab Group (to keep things neat and tidy).

Jef:

Unfortunately, it also means you can’t select another tab in an inactive Safari window anymore by command+click. You could even (command+)click a button on a site while the window remained inactive. You can’t have it all…

Mac Menu Bar Icons and the Notch

Jesse Squires (Mastodon):

On my 13” Intel MacBook Pro, the icons reached to about halfway across the screen. On the 14” M3 MacBook Pro, ironically a machine with a larger display, at least 3 icons get hidden.

This “design” (or lack thereof) is so dumb. It is utterly ridiculous to me that this is still how it “works” two years after the introduction of the redesigned MacBook Pro with a notch. How hard could it be to add an overflow menu with a “«” (or should it be “»”?) button that shows the remaining apps and icons that can’t be displayed? This entire situation with the notch is ironic, because the iPhone notch and “dynamic island” are so thoughtfully designed with zero compromises regarding the functionality of iOS. In fact, they actually provide a better user experience. Yet on the Mac, how the notch interacts with macOS is laughably incompetent. It is shockingly lazy regarding attention to detail, and results in an outright disruptive and confusing user experience.

Aside from the problem of the icons being hidden, there’s no API for an app to tell whether its icon is hidden. NSStatusItem.isVisible tells you whether the app or user wants the icon to be visible, but it will return true if the icon is hidden in the notch—or even if it’s hidden behind a menu title.

This has caused problems for me because in Sonoma it’s no longer possible for SpamSieve to add commands to the Message menu in Apple Mail. So SpamSieve instead offers its own menu that’s visible in Mail. If there are too many icons, I want to be able to warn the user so that they can rearrange them or access the functionality in a different way. The best workaround I’ve found is to get the coordinates of the icon and then use a pile of hacks to try to figure out whether it overlaps the notch or a menu title. The menu title positions cannot be accessed without accessibility permissions, so I have to hard-code them for each localization and hope the font metrics don’t change.

Niléane Dorffer:

I feel a bit sad every time somebody asks me how to recover an icon that “disappeared behind the notch.” I still believe people should not have to download a third-party app to deal with Apple’s hardware and software decisions that lead to the notch and its tendency to swallow menu bar icons. macOS should at least have a way to handle an overflowing menu bar. For this reason alone, Bartender is an essential Mac utility that’s easy to recommend to anyone running a Mac.

Previously:

Update (2023-12-21): Jesse Squires:

I figured it was worth making a separate post about this specific issue to list all of the workarounds and alternatives. It is clear that this is a widespread problem that users are having.

[…]

Reduce the menu bar item spacing and padding via UserDefaults. (Thanks to Oliver Busch for the tip. Also see this Reddit post.) There are two defaults settings you can configure via Terminal, NSStatusItemSpacing and NSStatusItemSelectionPadding.

Update (2024-06-12): Patrick Wardle:

macOS can put the item partially, or worse, wholly behind the camera notch (so it’s invisible)!? 🤦🏻‍♂️

…what’s the solution/how do avoid this?

Bartender 5

Surtees Studios:

With support for macOS Sonoma and a multitude of innovative features, Bartender 5 represents the pinnacle of Mac menu bar mastery.

[…]

Conceal select menu bar items while retaining quick and easy access through intuitive methods. Swipe and scroll within the menu bar to unveil hidden items instantly, simplifying access to multiple screens of concealed items with a simple swipe.

[…]

With its revamped trigger system, Bartender 5 elevates menu bar item interaction. Apply presets or reveal menu bar items precisely when they demand attention. Whether at work, on a specific Wi-Fi network, monitoring battery status, or using custom scripts like VPN or AirPods connectivity, Bartender 5 ensures you’re always in control.

Surtees Studios:

Bartender 5 introduces a novel feature known as “Menu Bar Item Groups,” which facilitates the consolidation of sets of menu bar items beneath a single, fully customizable menu bar item. This feature serves as an ideal solution for categorizing and conveniently accessing related menu bar items with a simple click or hover. This innovation is particularly advantageous for MacBook Pro users seeking to optimize their menu bar space efficiently.

Niléane Dorffer:

Perhaps the fanciest new feature in Bartender 5 is the ability to entirely customize the way your menu bar looks. Bartender 5 now lets you change the color of the menu bar, add a border or drop shadow, or even change the way it fills the top part of your screen.

[…]

With the release of macOS Sonoma, Surtees Studio had to face a technical challenge. macOS now displays a purple badge in the menu bar whenever an app is capturing part of the screen. This is, of course, a welcome privacy feature, but it meant Bartender would have to work around its reliance on screen capture to rearrange icons in the menu bar. I’m happy to report that this challenge was successfully tackled and the purple badge only shows up when navigating Bartender’s settings and when you’re actually recording your screen.

[…]

Bartender 5 is $16 if you buy it directly from Surtees Studios and is priced at $8 for anyone upgrading from a previous version.

Krishna Sadasivam:

Thankfully, starting with Bartender 4, menu bar item search was added. And what if you don’t remember what the menu bar item’s icon looked like? No problem! Type in the first few letters using Bartender’s search bar, and your menu bar item is served to you, lick-ity split.

Previously:

23andMe Breach

Lorenzo Franceschi-Bicchierai (Hacker News):

On Friday, genetic testing company 23andMe announced that hackers accessed the personal data of 0.1% of customers, or about 14,000 individuals. The company also said that by accessing those accounts, hackers were also able to access “a significant number of files containing profile information about other users’ ancestry.” But 23andMe would not say how many “other users” were impacted by the breach that the company initially disclosed in early October.

As it turns out, there were a lot of “other users” who were victims of this data breach: 6.9 million affected individuals in total.

Pieter Arntz:

With the breached accounts at their disposal, the attacker used 23andMe’s opt-in DNA Relatives (DNAR) feature—which matches users with their genetic relatives—to access information about millions of other users. According to a spokesperson the DNAR profiles of roughly 5.5 million customers could be accessed in this way, plus the Family Tree profile information of 1.4 million additional DNA Relative participants.

The 5.5 million DNAR Profiles contained sensitive details including self-reported information like display names and locations, as well as shared DNA percentages for DNA Relatives matches, family names, predicted relationships, and ancestry reports.

For a subset of these accounts, the stolen data might contain health-related information based upon the user’s genetics.

Alex Ivanovs (Hacker News):

In response to the cyberattack, rather than implementing robust security measures, 23andMe has opted for a legal shield, mandating binding arbitration for disputes.

Nick Heer:

Give your family and friends the gift of not subjecting their genetics to businesses with a data breach record of, as of writing and I cannot stress this enough, half their customer base.

[…]

If you are a user, there are specific steps you need to follow this month to opt out of binding arbitration.

Jason Koebler:

Every few years, I write an article about how it is generally not a good idea to voluntarily give your immutable genetic code to a for-profit company (or any other genetic database, for that matter), and how it is an even worse deal to pay money to do so. It is also not wise or ethical to gift a 23andMe Saliva Collection Kit to your loved ones for Christmas, their birthday, or any other reason.

Update (2023-12-19): Bill Toulas (via Hacker News):

“Rather, the preliminary results of this investigation suggest that the login credentials used in these access attempts may have been gathered by a threat actor from data leaked during incidents involving other online platforms where users have recycled login credentials.”

Ezekiel Elin:

Breach didn’t involve any disclosure of genetic data that wasn’t authorized to the accounts that were logged in? This wasn’t someone stealing DNA samples…

Update (2024-01-04): Lorenzo Franceschi-Bicchierai (via Hacker News):

Facing more than 30 lawsuits from victims of its massive data breach, 23andMe is now deflecting the blame to the victims themselves in an attempt to absolve itself from any responsibility, according to a letter sent to a group of victims seen by TechCrunch.

[…]

In other words, by hacking into only 14,000 customers’ accounts, the hackers subsequently scraped personal data of another 6.9 million customers whose accounts were not directly hacked.

But in a letter sent to a group of hundreds of 23andMe users who are now suing the company, 23andMe said that “users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe.”

“Therefore, the incident was not a result of 23andMe’s alleged failure to maintain reasonable security measures,” the letter reads.

Update (2024-02-01): Rolfe Winkler (via Hacker News):

23andMe’s valuation has crashed 98% from its peak and Nasdaq has threatened to delist its sub-$1 stock. Wojcicki reduced staff by a quarter last year through three rounds of layoffs and a subsidiary sale. The company has never made a profit and is burning cash so quickly it could run out by 2025.

[…]

But with 23andMe’s stock trading at just 74 cents, the company likely can’t raise money by selling more shares. And the company’s early-stage drug programs are so expensive, she has sought investor partners for some of them, so far unsuccessfully, and given up stakes in others.

[…]

At the center of 23andMe’s DNA-testing business are two fundamental challenges. Customers only need to take the test once, and few test-takers get life-altering health results.

Wojcicki’s most ambitious bet is developing drugs using 23andMe’s stockpile of more than 10 million DNA samples that test-takers have agreed may be used for research. But getting new drugs to market is expensive and takes years.

[…]

To create a recurring revenue stream from the tests, Wojcicki has pivoted to subscriptions. As media companies launched streaming “+” channels, Wojcicki rolled out 23andMe+, offering personalized health reports, lifestyle advice and unspecified “new reports and features as discoveries are made” for an initial $229, with annual renewals of $69.

Shank:

I was a heavy believer of 23andMe until this point. I answered all of the available research questions, which was a thing that took absolutely hours and was filled with semi-invasive medical questions. I did this under the premise that I would hopefully be helping research and I felt really rewarded having completed all of them. Then, they dropped the + bombshell and I felt really rugpulled. I paid them for genotyping on their v4 and v5 platforms -- so I paid twice, I referred friends, I bought people kits, I helped research...and now I was being asked to pay a subscription for what I was promised to begin with? Eesh.

epmatsw:

It happened right after the hack, but there’s also a new crop of competitors that let you upload your raw 23andMe data, so there’s speculation that it’s trying to stop the outflow.

If you email them about it, you just basically get a copy-pasta reply restating the message on the site [“As an added security measure, we have temporarily disabled the ability to download your raw genetic data.”], and if you keep emailing them 3+ times asking for a refund (ask me how I know), they’ll tell you you can manually upload identity verification and they’ll get back to you in 6-8 weeks with the data.

Update (2024-09-19): 23andMe (via Hacker News):

The independent directors of the Board of 23andMe Holding Co., today sent the following letter to Anne Wojcicki, Chief Executive Officer, Co-Founder, and Chair of the Board of Directors of 23andMe, in which the independent directors have provided their resignation from the Board, effective immediately.

Update (2024-10-09): Beth Skwarecki (via Hacker News):

The company is not currently for sale, but nothing about this is looking good—and it’s not clear what would happen to customer data if the company goes under.

[…]

Still, the company’s documentation claims that you can download your data and delete your account if you can get past that screen. Good luck.