Archive for June 2024

Friday, June 28, 2024

RCS in iOS 18 Beta

Ryan Haines:

Then, it was time to jump into an RCS-powered future, and by that, I mean flipping a toggle in the Settings app. Seriously, that’s all there is to it right now for beta testers on the most recent build.

From there, it was time to send my first RCS text message on an iPhone, so I figured I’d start with an easy one — a dig about Apple finally getting the message. Then, it was time to test a few RCS basics: the ability to react to messages and send read receipts from Android to iOS. I asked my dad to respond to my first message, and he sent back a thumbs up — both to my original message and my request for a reaction. Both reactions popped up smoothly and immediately, a massive improvement over the generic SMS alert on iOS 17 and older, and far closer to what we see from Apple’s iMessage service between Apple devices.

[…]

Once I finished shaking my head, I realized that both had come through just the same as if they’d been sent from another iPhone. The comic was crystal clear, and the video came out much better than the Patterson-Gimlin resolution I often get when he sends me a clip. It’s a vast improvement over the SMS and MMS struggles both sides have been used to and a sign that Google was probably right all along.

Via Dave Mark:

Note that the only currently supported carriers are Verizon, AT&T, & T-Mobile, though that’s pretty much everyone I know.

Previously:

Update (2024-07-02): Chance Miller:

Curious if your carrier supports RCS on iPhone yet? Here’s how to check.

Update (2024-07-09): Tim Hardwick:

Think of it as SMS 2.0 – a major upgrade to the traditional text messaging we’ve been using for years.

Update (2024-07-18): John Gruber:

Here’s a hot take: last week’s news of a massive AT&T breach revealing the phone call and text messaging records of all AT&T customers for six months in 2022 exemplifies why RCS is a terrible protocol that ought not exist, and why it’s a mistake that Apple is adding support for it to iOS 18 this year.

It’s worth noting that the breach did not include the content or dates of the text messages. Its sounds like the leaked information was less extensive than the iMessage metadata that Apple logs.

But the argument against RCS is strong and simple: it doesn’t support end-to-end encryption. The only new messaging platforms that should gain any traction are those that not only support E2EE, but that require it.

[…]

It’s difficult to mandate E2EE on a platform that already supports unencrypted messaging.

[…]

Carrier-based messaging was best left as a legacy protocol. SMS wasn’t dying, but it was slowly fading away, and should have been left for things like automated “your table is ready” notifications from restaurants. RCS is just going to give carrier-based messaging new legs that it shouldn’t have gotten.

[…]

There is, admittedly, a good argument in favor of RCS. Basically, that phone carrier messaging is now and always will be a universally accessible form of communication. Everyone who is online has a cell phone, and those phones can all send and receive SMS. Because carrier-based messaging isn’t going away, this argument goes, it ought to be made as good as possible, and RCS — despite its deficiencies — is clearly better than SMS. Therefore RCS ought to be supported by all mobile devices, including iOS.

That’s where I’m at. I don’t see carrier messaging going away. And there does not seem to be a path for Apple to open up iMessage or for WhatsApp to become universal. So why not at least make the messy status quo better?

Also, as I’ve said, iMessage has always been unreliable for me, and I personally care more about reliability than encryption. RCS offers a potential path for me to finally have reliable messaging on iOS.

Previously:

Update (2024-07-19): Eric Schwarz:

This is the point that I’d respectfully disagree with Gruber. This idea sets up silos owned by generally unregulated entities—while WhatsApp is extremely popular elsewhere in the world, using it or Facebook Messenger means that you’re willing to have an account and share your contact information with Facebook Meta. I don’t. I also don’t want to juggle multiple messaging apps on my devices—right now I can reach all my contacts with at least SMS, as opposed to wondering if someone is only on a particular service (i.e. one of my coworkers is on Signal, a friend is on Facebook Messenger, and my significant other is on iMessage). In that case, for anyone outside of Apple’s ecosystem, trading encryption for accessibility is the decision I’ve made at this point. Because that’s not a great decision, I’d be much more inclined to support a federated messaging protocol or ways to bridge different systems. I’d also argue that if iMessage ever came to Android, plenty of people would refuse to opt-in.

Update (2024-07-22): Matt Birchler:

I’d prefer people using messaging services that are encrypted, but I don’t think that means that we should cede all messaging communication to private companies, especially when it’s Meta handling those messages.

In my view, RCS is the next evolution of SMS and MMS. Whether it technically may be something new, that doesn’t matter, it’s good that there is a baseline messaging service that anyone can use that is cross-platform and not owned by any one company (despite seemingly many people thinking Google invented and owns RCS).

Removing Archives of Comedy Central and MTV News

Rick Porter:

A pop-up window on the Comedy Central site reads, “While episodes of most Comedy Central series are no longer available on this website, you can watch Comedy Central through your TV provider. You can also sign up for Paramount+ to watch many seasons of Comedy Central shows.”

[…]

As noted by LateNighter, the cleaning out of the Comedy Central site in particular wipes out a huge trove of archival material from The Daily Show and other late night series, along with clips from South Park, Key & Peele and Workaholics, among many others. Some of that material is available on YouTube, but it’s not as easily searchable or accessible as it was on the network page. (The oldest video on the Daily Show YouTube channel, for instance, is from 2016, while the show’s history stretches back 20 years before then.)

Todd Spangler:

The move to scrub content from Comedy Central comes after Paramount similarly pulled the full archive of MTV News from the internet on Monday, as well as articles from CMT.

What’s odd is that they aren’t bothering to sell access direct to the content nor even make it available on the paid Paramount+ service.

Nick Heer:

I will not pretend to understand how big of a financial hole Paramount is in, but I fully understand the loss of this archive. Most of the video clips are not available anywhere else — at least, not publicly and not legally. Much of the text on MTV News has been saved by the Internet Archive going back to 1996, but it also has huge gaps.

Dare Obasanjo:

I assumed Paramount would be one of the streaming services that wouldn’t make it but I didn’t expect the company to struggle so much it would rather delete its websites than maintain them.

Sarah Kessler:

In a storage unit somewhere in Philadelphia, 140,000 VHS tapes sit packed into four shipping containers. Most are hand-labeled with a date between 1977 and 2012, and if you pop one into a VCR you might see scenes from the Iranian Hostage Crisis, the Reagan Administration, or Hurricane Katrina.

It’s 35 years of history through the lens of TV news, captured on a dwindling format.

It’s also the life work of Marion Stokes, who built an archive of network, local, and cable news, in her home, one tape at a time, recording every major (and trivial) news event until the day she died in 2012 at the age of 83 of lung disease.

Previously:

Update (2024-07-02): See also: Hacker News.

Longevity, by Design

Joe Rossignol:

Apple today published a lengthy whitepaper that highlights the company’s approach to device repairability and longevity. In the document, Apple revealed that iPhones will better support third-party displays and batteries later in 2024.

[…]

First, Apple said True Tone will work with third-party iPhone displays later this year[…]

[…]

Second, Apple said battery health metrics such as maximum capacity and cycle count will work with third-party iPhone batteries later this year[…]

Apple:

Apple Diagnostics for Self Service Repair — a software tool that enables users to troubleshoot issues — is now available in 32 European countries, including the U.K., France, Germany, and the Netherlands.

Nick Heer:

The paper is worth a read to understand what role Apple sees repair playing in the lifecycle of a device, and why it is so keen on parts pairing. For example, it says the charging port is part of a more complex module, and separating it would actually create greater carbon emissions if you account for both the total emissions from manufacturing and the likelihood of repair. This is fair though, it should be said, based entirely on an internal case study, the results of which are not readily available, and which appears to be isolated to only carbon emissions — what about other environmental costs?

[…]

It also makes me wonder about Apple’s attitude toward batteries in general. There should be no need to replace the trackpad, keyboard, and a square foot of aluminum in order to install a new battery in a laptop.

Previously:

Update (2024-07-04): Howard Oakley:

Where Apple’s case is weaker is with macOS support. Although the white paper states that “a key pillar of product longevity is software support, especially security updates and bug fixes,” it avoids stating Apple’s longstanding macOS support policy of 1 + 2 years. This is strange, as this policy is well-known, but has (as far as I’m aware) never been articulated in writing.

The paper then boldly goes where macOS doesn’t, in claiming that “macOS Sonoma is compatible starting with Mac computers introduced in 2017. But even after an Apple product can no longer be updated with Apple’s newest OS, we strive to provide our customers with critical security updates”.

What it doesn’t say is that the sole Mac from 2017 that’s still supported by Sonoma is the iMac Pro, then top of the range, and the only Mac released that year that is still supported, and will be by Sequoia. The situation changes again this autumn/fall with macOS 15, which is dropping support for two more recent MacBook Air models.

Porting Google Sheets Calculations to WasmGC

Michael Thomas and Thomas Steiner Thomas Steiner (via Hacker News):

The Google Sheets calculation engine was originally written in Java and launched in 2006. In the early days of the product, all calculation happened on the server. However, from 2013, the engine has run in the browser using JavaScript. This was originally accomplished through Google Web Toolkit (GWT), and later through Java to Closure JavaScript transpiler (J2CL).

[…]

The Sheets team uses this tool regularly to validate changes to Sheets. But the team didn’t just compare the results of those calculations, they also compared the performance between JavaScript on the client and Java on the server. They found that the JavaScript version of the calculation engine was more than three times slower than the Java version.

[…]

By mid 2021, the teams had a working Java to WasmGC compiler. Toward the end of the same year, they had a prototype version of Google Sheets running as WasmGC and doing calculations.

[…]

After all these optimizations, the final WasmGC version of Sheets achieves a calculation performance approximately twice as fast as JavaScript, representing a fourfold improvement from the starting point of the initial WasmGC version.

Python Apps Rejected From App Store

Joe Brockmeier (via Hacker News):

The problem at hand is that Apple’s macOS App Store is automatically rejecting apps that contain the string “itms-services”. That is the URL scheme for apps that want to ask Apple’s iTunes Store to install another app. […] That string is in the urllib parser in Python’s standard library, though an application may never actually use the itms-services handler.

[…]

Of course, Apple did not do anything so straightforward as to explain this to Froemling.

[…]

One solution might be to obfuscate the offending string to pass review, but that might “lead to an obfuscation arms race” and there were no guarantees this would be the last time the project had to resolve app-validation problems.

[…]

It is frustrating that free-software projects like Python have to waste time finding ways around opaque review processes just so developers can write software for non-free platforms.

The first problem is that Apple is doing a dumb static analysis. If it can be thwarted by simple obfuscation then what good is it really doing? But, second, why is it even trying to detect this URL scheme upon submission when iOS could more easily and effectively block all the “dangerous” URLs at runtime?

Years ago, I ran into a similar problem with EagleFiler being rejected because it used PyObjC, which included some symbols for the deprecated Java VM.

Previously:

Rounded Quick Look Corners

Robin Allen (via Hacker News):

For whatever reason, QuickLook will now remove the corners of your images before showing them to you.

It doesn’t matter if they’re photos, game assets, or UI elements you’re designing. Everything will be rounded off before you see it.

[…]

We can click through these views and get info about them, including their addresses so we can mess with them in the debugger. And we can see straight away that the frontmost view, which Xcode tells us is a QLBorderView, is a border with rounded corners!

[…]

We now have all the building blocks we need to make a nice script that attaches to all running QuickLook processes and patches them.

-[NSObject fp_shortMethodDescription] was new to me. QuickTime Player has also hidden the corners for for a long time. I think it also used to hide part of a paused video with the player controls, but now it hides those when you move the cursor out of the window.

Mac Marketshare in Q1 2024

Ben Lovejoy (via Hacker News):

Mac shipments are estimated to have grown from 1.7M in the first quarter of 2023 to 2.1M in the same quarter this year. That represents year-on-year growth of 22%, giving Apple a 14.2% share of the US PC market.

The launch of the new M3-powered MacBook Air models in March were likely one of the main reasons for this growth.

I find this kind of surprising given that the new MacBook Air wasn’t available until late in the quarter, and while it was a solid update it did not have as large a performance bump as the M1 MacBook Air nor the new physical design of the M2 MacBook Air.

Previously:

Moaan InkPalm Plus

John Moltz (Hacker News):

A post on Mastodon got boosted into my feed that touted the Xiaomi Moaan InkPalm 5 which sells for about $95. Now you’re talking my kind of cheap. Looking into the Moaan lineup, I then found the InkPalm Plus which features a slightly larger screen, more storage and a more up-to-date version of Android, all for as low as $124 on AliExpress.

[…]

So, what did I get for not that much of my money? The InkPalm Plus has 64 GB of storage, 2 GB of RAM, a 5.84-inch screen with a 1440 x 720 resolution and runs Android 11. All of the hardware specs are less than the Boox Palma but, again, see the price.

[…]

My main attraction to the Boox Palma was twofold: it was easy to palm and it had physical buttons for page turning. These two things are ultimately what make the InkPalm Plus worth the warts for me.

It works with content from both Kobo and Kindle, but neither Kobo nor Amazon makes a reader in this narrow a size. It looks like it will easily fit in a pocket, but the line lengths are very short.

Starlink Mini

Chris Wedel (via Hacker News):

However, since I first began using these low-orbit satellites to power my internet, not only has the price gone up $30 per month, but the speeds and reliability have degraded significantly. I’ve talked to others in my area who use Starlink, and since January, we’ve experienced frequent downtime and fluctuating speeds between 30-50/2-10Mbps. I’m aware Starlink states that what I’m getting served is within stated expectations. I could deal with that if it were consistent and reliable and also if I wasn’t getting charged $120 per month.

[…]

This has forced me to look for alternate options. For the last two months, I’ve gone back to T-Mobile Home Internet because I can get T-Mobile for only $50 per month and because speed and reliability are on par with what I’d been getting from Starlink. But even getting T-Mobile at my house required some extra work and money on my part. If you can believe it, I had to first walk into the store and ask for a modem and reassure them that I knew my experience might not be great because, officially, according to the T-Mobile website, the internet isn’t available at my home. I also had to purchase a $400 external antenna kit designed to connect directly to the router since I don’t get a good cellular signal from any U.S. carrier at my house, and I need the boost from an antenna.

Thomas Ricker:

The new compact DC-powered Starlink Mini is about the size of a thick laptop and integrates the Wi-Fi router right inside the dish. And despite using less power than other Starlink terminals, it can still deliver speeds over 100Mbps.

[…]

Notably, the Mini kit consumes an average of just 20-40W compared to the 33-62W we measured just two years ago with a Standard Actuated dish and separate AC-powered Wi-Fi router. That means you can power the Mini dish for two to three hours from something like an Anker Prime 27,650mAh (99.54Wh) power bank, or a little over an hour with smaller 10,000mAh (40Wh) portable batteries you probably already have laying about. It requires a USB-C PD power source with a minimum rating of 100W (20V/5A).

[…]

In the US, Starlink Mini is an add-on to Residential plans — at least for now. The Mini kit costs $599 which is $100 more than the standard dish, and will cost an extra $30 per month to add the Mini Roam service to existing $120 Residential plans. That gives Starlink Mini users up to 50GB of mobile data each month, with the option to purchase more for $1 per GB, according to early-access invitations sent to some exiting US Starlink customers.

Previously:

Wednesday, June 26, 2024

EU Charges Microsoft for Bundling Teams and Office

Kelvin Chan (via Hacker News):

The European Commission said Monday it informed Microsoft of its preliminary view that the U.S. tech giant has been “restricting competition” by bundling Teams with core office productivity applications such as Office 365 and Microsoft 365.

The commission, the 27-nation bloc’s top antitrust enforcer, said it suspects Microsoft might have granted Teams a “distribution advantage” by not giving customers a choice on whether to have Teams when they purchased the software. The advantage might have been widened by limits on the ability of rival messaging apps to work with Microsoft software, it said.

Dare Obasanjo:

Four years after Slack complained that Teams being bundled with Office was unfair competition, the EU has charged Microsoft with illegal bundling.

If found guilty, Microsoft could be fined as much as 10% of global revenues.

First Apple, now Microsoft. The EU is out for blood this week.

Natasha Lomas:

It’s not only chat-based apps like Slack that might be impacted. As we pointed out earlier this year, video conferencing companies like Zoom have also potentially been impacted over the years by how Microsoft has bundled Teams — which is an all-in-one product offering messaging, voice and video calls, and conferencing to users. Indeed, since Slack filed its complaint, the EU noted, it’s received another complaint from German company alfaview GmbH, a videoconferencing provider, which it said raised “similar concerns regarding the distribution of Teams.”

Previously:

Update (2024-06-28): John Gruber:

I can see the argument from regulatory proponents, that unbundling Teams from Office in some packages, after the fact, is too little too late. That the damage from abusing their dominant position was already done. But still, what more does the EC want?

[…]

I mean of course Microsoft had an advantage by being able to bundle Teams with Office. But Office needs something like Teams to remain relevant today.

[…]

Surely the lesson Microsoft is taking from this is not that they were wrong to bundle Teams with Office, but that they were wrong to offer their integrated service in the EU.

But I think the bundling was more about promoting Teams than about Office remaining relevant. Will the lesson for Microsoft be that they can stop the bundling in the EU now but that it was worth it?

Update (2024-07-02): Drew McCormack:

This is actually a pretty good case to demonstrate why the EU are pissed about these practices. Far from being the case that EU companies are incompetent, Skype – which dominated this space early– was a European company. Anticompetitive practices from the likes of MS ruined the whole market, such that only monopolists now have any chance, and the software is worse for it.

Slack to Delete Old Messages in Free Accounts

Slack (Hacker News, Slashdot):

Slack will no longer keep messages and files for the lifetime of your free workspace. Starting 26th August 2024, Customer Data – such as messages and file history – older than one year may be deleted on a rolling basis from workspaces on the free subscription[…]

[…]

If you choose to remain on a free workspace, you’ll have full access to the past 90 days of message and file history, and the remaining 275 days will become available should you upgrade to a paid subscription. If you decide to upgrade, we’ll store messages and files based on your chosen retention period, with an option to keep all history.

For the last few years, the free plan stored older messages but would not let you see them or export links to files from them. At this point, you have two months to pay, at least temporarily, if you want to export your data before it’s deleted. Exporting everything (including DMs) requires a Business+ plan at $15/user/month.

I think a lot of people thought that Slack would be like other services and use their enterprise business to subsidize much lower volume free accounts indefinitely. Instead, they are severely limiting the free accounts and pricing out informal communities and even small businesses. True, the search isn’t very good now, but there was always the potential that you would be able to find something in the future. This will also break any saved links to conversations. (Printing to PDF doesn’t work, but I have been archiving ones I want to keep by using EagleFiler’s system service hotkey to save the selected text as a Web archive.)

I see no reason that Discord and other free competitors won’t eventually do the same thing.

Adam Engst:

From Slack’s perspective, this policy update will reduce its data storage needs and may trigger some upgrades in the next two months. I doubt most free existing teams were dragging their heels on upgrading because they knew they could always recover all their old content. But perhaps it will increase the incentive for new free teams to upgrade.

I don’t really get it because it doesn’t seem like it would reduce Slack’s costs that much, nor would many stragglers on the free plan be able to or choose to upgrade.

Lucas Mearian (via Hacker News):

What Slack will eventually be able to offer both its own and Salesforce’s users is a unified experience where AI oversees any influx of both structured and unstructured data and parses through it to offer users the most important summaries. Being able to find key moments in chats and knowing what happened in conversations is hard to navigate, Dresser said, and is at the heart of Slack’s AI integration.

Previously:

Update (2024-06-28): Adam Engst:

For anyone who would like to extract all their historical data from a free workspace, it turns out you can do that without subscribing. You only get public channels (but you can make private channels public temporarily and set them back again afterward) and files are only linked, not downloaded, which is a loss, but you will get all the text in JSON format.

Apple News Publisher Sign-in Required

Apple sent me an e-mail this morning:

It has been several months since you signed in to News Publisher. If you do not sign in within the next 30 days, your role will be changed.

Your role will change from Administrator to Editor for the following Apple News channels:

Michael Tsai - Blog

Dave Verwer:

I can correct their first line to “It has been several years since you signed into News Publisher”.

It’s an odd thing to do to remove an administrator privilege, though, and what do Editors not get to do? I’ll sign in and make it happy, but it’s an odd change.

It was an odd e-mail. With only one account for the channel, I’m not sure how you’re supposed to get admin access back if you lose it. There’s little you can do in News Publisher, so I almost never log in, but they should know that my account is active as I use the API to submit new posts daily. I do wonder whether that’s worth it, as it does not seem to be a significant driver of traffic, nor even have many readers compared with the Web site.

Previously:

Update (2024-06-28): Nick Heer:

When I got the email, I immediately tried signing in, and it errored out in two different browsers on four separate attempts. Also, it isn’t available on iOS. A services company!

Half-Life’s Canceled Mac Port

Greg Gant:

It was natural for the game to be ported to Mac OS and OS X, as other high-profile first-person shooters from the era, like the Doom series, Hexen series, Quake series, Dark Forces, Deus Ex, Duke Nukem, and Unreal series, were all ported to the Mac.

[…]

In April 1999, Logicware under Sierra Studios announced that a Mac OS version was in the works, but by October it was completely canceled. The official reason why the port was axed was given by Gabe Newell, president of Valve, citing the lack of Team Fortress Classic and multiplayer with PC users and fear of releasing an inferior product.

[…]

For years, this was the accepted narrative. The port was nearly complete but didn’t live up to Valve’s high standards… that is, until recently, when Rebecca Heinemann (formerly Bill) spoke on the Retro Tea Breaks podcast, covering the ill-fated original port of Half-Life.

Via John Voorhees:

Drawing from an interview with developer Rebecca Heineman, who worked on the port, the video explains that Valve canceled the port after being misled by an Apple games evangelist about expected sales figures.

In addition to Heineman’s story about the cancellation of the Mac port of Half-Life, the video covers how Valve intended to bring the [Proton] technology that powers the Steam Deck to the Mac and why it never did.

Previously:

Tuesday, June 25, 2024

llama.ttf

Søren Fuglede Jørgensen (via Hacker News):

llama.ttf is a font file which is also a large language model and an inference engine for that model.

[…]

The font shaping engine HarfBuzz, used in applications such as Firefox and Chrome, comes with a Wasm shaper allowing arbitrary code to be used to “shape” text.

In particular, this “arbitrary” code could in principle be an entire LLM inference engine with trained parameters bundled inside, relying on treating text containing magic symbols for fake “ligatures” to initialize the LLM and use it to generate text.

[…]

[You can] get text generation in any Wasm-enabled HarfBuzz-based application; your favorite text editor/email client/whatever without having to wait for the vendor to include the “Copilot”-like features that everyone is rushing to implement these days. And everything runs completely locally.

visionOS Throttles CPU Based on Microphones

Shiny Quagsire (via Hacker News):

visionOS 2 (or RealityKit) seems to have gotten way more aggressive about power throttling (or my battery/cable are having issues idk), so ALVR seems to throttle to 45Hz at much lower PPDs despite being totally fine thermally.

lolll I found the answer, I was getting fucked by the userexperienced. Apparently it dictates thermal limits based on fan limits, and it sets fan limits based on how much it hears the fans in the mics

If I blast white noise, fan speeds stay at max + no throttle

rickdeckard:

Quite smart idea, not for throttling when the fans are heard, but SPEEDING THEM UP while they are NOT heard, based on the noise floor of the current environment.

This, combined with an assessment how much of the environment the user currently hears (i.e. maybe he is watching a movie), could provide a lot of headroom for additional cooling without bothering the user.

Lightroom Classic 13.3 and 13.4

Agen Schmitz:

Adobe has released Lightroom Classic 13.3, enabling you to erase unwanted objects and imperfections in your photos using the Generative Remove tool (powered by Adobe Firefly generative AI).

This requires a new catalog database format. I’m seeing some weird behavior in that I can run it for days with it seemingly not doing anything, but then when I try to quit it will warn that it hasn’t finished writing the XMP metadata. Then, sometimes, after starting the quitting process it will show a new modal progress bar for writing XMP before asking whether I want to back up the catalog.

Adobe (MacRumors):

Generative Remove is Lightroom’s most powerful remove tool yet, giving everyone the power to remove unwanted objects from any photo non-destructively in a single click by intelligently matching the removed area with pixel perfect generations for high-quality, realistic and stunning results. From removing distractions in family photos, to empowering professionals with speedier retouching workflows and more fine-grain control, Generative Remove empowers exciting capabilities for all photographers. Generative Remove is available today as an early access feature across the Lightroom ecosystem for millions of users.

Today, Lightroom’s AI-powered Lens Blur tool is now generally available with all-new presets, empowering everyone to achieve aesthetic blur effects on any photo in a single click.

John Gruber:

Generative fill/erase is rising to the level of table stakes. Google launched Magic Eraser in 2021. Adobe’s brief demo video in this press release doesn’t show a professional photographer — it’s a woman shooting photos with her phone. Apple is going to have to add this to Photos, and it ought to be announced next month.

Apple calls it Clean Up. There’s also a 13.4 update that fixes some bugs.

Tim Hardwick:

With the release of version 5.4 for Mac and 7.4 for iOS, Lightroom now enables you to edit videos using the same controls that are used for photos. You can trim videos, adjust color and exposure, and apply presets optimized for video.

But these are not in Lightroom Classic.

Wade Tregaskis:

I don’t know why, but it’s apparently impossible to directly import a Lightroom catalog from one computer into the catalog of another. It always fails at the end of the import with the same infuriatingly useless error message.

However, I seem to have found a fairly reliable workaround[…]

Previously:

MarsEdit 5.2.1

MarsEdit 5.2:

The “Search” field in the main window now features a filter selection to toggle between searching everything or searching just the current selection.

Inline “Find” support is now available in the rendered versions of posts in the Preview Window or Main Window.

These are great.

The ability to duplicate posts may serve as an aid on blogs where posts repeatedly follow the same pattern or template. You might, for example, keep a Local Draft “starting point” and use that to create duplicates which are then fleshed out and published.

The 5.2.1 update includes an important fix:

In some cases, the web preview held on to an incorrect value associated with the content that was previously being displayed. For example, a link might go to the wrong site, or the style of an element might reflect the style of another element in the post.

Previously:

Monday, June 24, 2024

Apple Found in Breach of DMA

Lisa O’Carroll (via Hacker News, New York Times, Slashdot):

Apple has been found to be in breach of sweeping new EU laws designed to allow smaller companies to compete and allow consumers to find cheaper and alternative apps in the tech business’s app store.

The European Commission, which also acts as the EU antitrust and technology regulator, said it had sent its preliminary findings to Apple after an investigation launched in March.

[…]

The company has 12 months to comply before it face fines of up to 10% of its global revenues but the EU hopes ongoing dialogue will lead to compliance rather than sanctions.

Margrethe Vestager (tweet):

Because the ball is now in the gatekeepers’ court. They have to convince us that the measures they take will achieve full compliance with the DMA. And where this is not the case, we will intervene. Within a month of the compliance deadline, we opened no less than five non-compliance cases. Today, we are opening a sixth one: we will look into Apple’s new business model: the commercial terms Apple imposes on app developers who want to reach end users on the iOS platform. The criteria these app developers have to meet to even be allowed to operate as alternative marketplaces or make apps available via sideloading. And the complex user journey for those users who want to download and install alternative marketplaces and sideloaded apps.

We are concerned that Apple designed its new business model to discourage app developers and end users from taking advantage of the opportunities afforded to them by the DMA. The letter of the DMA is clear: gatekeepers have to allow for alternative app stores to establish themselves on their platforms; and for consumers to be fully informed about the offers available to them. So that they can freely choose where they want to source their apps, and at what conditions.

And there is more. Today, and after less than three months from opening, we adopt our first Preliminary Findings in a case of non-compliance. And it is again about Apple. About the many ways in which their new terms fall short of the DMA requirements regarding steering of users to options outside the Apple App Store. As they stand, we think that these new terms do not allow app developers to communicate freely with their end users, and to conclude contracts with them.

William Gallagher and Mike Wuerthele:

In a statement to AppleInsider, Apple said that it denies failing to comply with the DMA.

Throughout the past several months, Apple has made a number of changes to comply with the DMA in response to feedback from developers and the European Commission. We are confident our plan complies with the law, and estimate more than 99% of developers would pay the same or less in fees to Apple under the new business terms we created.

All developers doing business in the EU on the App Store have the opportunity to utilize the capabilities that we have introduced, including the ability to direct app users to the web to complete purchases at a very competitive rate. As we have done routinely, we will continue to listen and engage with the European Commission.

John Voorhees:

In particular, the EC’s preliminary findings take issue with Apple’s response to the DMA’s anti-steering provisions[…]

Benjamin Mayo:

The Commission says Apple may charge a fee for facilitating “the initial acquisition of a new customer” via the App Store, but it essentially cannot charge for each ongoing transaction.

Tim Hardwick:

The Commission also said it was opening a new non-compliance procedure against Apple over concerns that its new contractual requirements for third-party app developers and app marketplaces, including its €0.50 Core Technology Fee, “fall short of ensuring effective compliance with Apple’s obligations under the DMA.”

Dan Moren:

Should the EC find Apple to not be in compliance in these areas, it would require a substantial reworking of much of Apple’s EU terms. As with the previous investigations, it will likely take some time for a final ruling to be issued, though we may get a preliminary ruling such as the one above in a matter of months.

This uncertainty is not good for anyone trying to build a business using App Marketplaces or Web Distribution.

Warner Crocker:

This will bounce back and forth over the next nine months and will probably become even more contentious given quotes like this from Thierry Breton, the EU internal market commissioner: “Apple’s new slogan should be ‘act different.’”

Previously:

Update (2024-06-25): Jesper:

In the DMA, the ground rule is for sideloading apps to be allowed, and to only very minimally be reigned in under very specific conditions. Apple chose to take these conditions and lawyer them into “always, unless you pay us sums of money that are plainly prohibitive for most actors”. Apple knew the rules and understood the intent and chose to evade them, in order to retain additional income.

In the App Store Guidelines, as written and period appropriate, the ground rule was for in-app purchases to be allowed only through the App Store’s native in-app purchase system, at the penalty of removal from the App Store. Epic chose to take those conditions, break them and lawyer up. Epic knew the rules and understood the intent and chose to evade them, in order to retain additional income.

It is completely fair to look at what Epic did and say “that was kind of a dick move”. (I personally think it was kind of a dick move, even as I agree with some downwind consequences.) But any argument that what Epic did was wrong and what Apple did was right hinges on distinctions that do not make sense to me.

[…]

Apple has a significantly easier time silently assenting to the qualms of dictatorships than to simply stop reaching into the pockets of customers, many of which have funneled tens to hundreds of thousands of dollars for the most consistently successful high margin product in the history of mobile telephony, or developers who have largely made those devices attractive in the first place.

John Gruber:

This sounds like they’re going to insist that Apple make installing sideloaded apps and alternative stores a no-hassle experience. What critics see is Apple putting up obstacles to installing marketplaces or sideloaded apps just to be a dick about it and discouraging their use to keep users in the App Store. What I see are reasonable warnings for potentially dangerous software. We’ll see how that goes.

[…]

For sideloading, Apple requires that developers “Be a member in good standing of the Apple Developer Program for two continuous years or more, and have an app that had more than one million first annual installs on iOS and/or iPadOS in the EU in the prior calendar year.” Apple’s requirements are an attempt to prevent fly-by-night scammers from opening marketplaces or offering nefarious apps for sideloading. But the EC sees that as a catch-22, where the only way to become a marketplace or offer sideloading is to already be a longstanding developer in Apple’s own App Store.

[…]

I complain as much as anyone about the aspects of the DMA that are vague (or downright inscrutable), but this aspect seems clear-cut. It’s a bit baffling why Apple seemingly sees notarization as an opportunity for content/purpose review, like with last week’s brouhaha over the UTM SE PC emulator.

Riley Testut:

We tried to warn Apple that rejecting UTM was illegal 😬

When we first met with the EC a few months ago, we were asked repeatedly if we trusted Apple to be in charge of Notarization. We emphatically said yes.

However, it’s clear to us now that Apple is indeed using Notarization to not only delay our apps, but also to determine on a case-by-case basis how to undermine each release — such as by changing the App Store rules to allow them.

For these reasons, we are no longer telling the EC we trust Apple to be in charge of Notarization. 🤷‍♂️

Paul Haddad:

I’m confused as to why the answer was an emphatic yes to begin with. At best the answer should’ve been Apple hasn’t weaponized notarization on Mac, yet…

Steve Troughton-Smith:

Apple is convinced

1) that they’re the good guys
2) that European regulators are dumb

It’s patently obvious that neither of these are the case. Until that actually sinks in, this is going to continue to be a rollercoaster.

Michael Love:

On Apple and the EU: if you take all of our EU revenue on iOS and move it to Android instead, it would be enough to make our Android revenue roughly even with our iOS revenue. In absolute terms it’s like 20% of iOS, but if you take 20% of iOS and move it to Android, Android ends up bigger than iOS, at least for us.

So from the standpoint of developer platform priorities, this is an extremely stupid game for Apple to play, and they stand to lose far, far more from it than from the DMA.

Update (2024-06-26): Nick Heer:

If you are somebody who believes it is only fair to take someone at their word and assume good faith, I am right there with you. Even though Apple has a long history of capricious App Review processes, it was fair to consider its approach to the E.U. a begrudging but earnest attempt at compliance.

[…]

That is, however, a rather difficult position to maintain, given the growing evidence Apple seems determined to evade both the letter and spirit of this legislation.

Update (2024-07-02): Steve Troughton-Smith:

I think how the EU intends to enforce & litigate the DMA has become much clearer over the past couple weeks[…]

SwiftData vs. Realm Performance Comparison

Jacob Bartlett:

The Realm DB engine was written from the ground-up in C++ to minimise this overhead. […] Therefore, it’s not unreasonable to describe SwiftData as a wrapper over a wrapper over a wrapper.

[…]

These show that the SwiftData objects took around 10x longer to instantiate.

[…]

Realm topped out at writing 2,000,000 simple User objects before hitting an out-of-memory exception and crashing. SwiftData was only able to manage a paltry 1,000,000 objects. Realm was about 3-6x faster beyond write volumes exceededing 1,000 objects.

[…]

For our dead-simple User objects (a few fields and no relationships), we queried for all users with the first name “Jane”. Realm was much faster, its zero-copy architecture shining when reading data directly into memory. For simple SwiftData objects, read performance started off okay and degraded sharply with over 100k objects in the database.

With our more complex Student model, we searched for all Physics students who got the top grade. We observed the opposite effect: SwiftData was usually more than 10x faster than Realm.

Interestingly, SwiftData sometimes has the edge with smaller datasets, both in terms of RAM use and speed.

Previously:

Update (2024-06-26): Wade Tregaskis:

I think we (Shark engineers) tried to be open-minded and kind. We were sceptical, but you never know until you actually look. We could see some potential for a more general query capability, for example. But of course the first and most obvious hurdle was: how well does Core Data handle sizeable numbers of records? Oh yes, was the response, it’s great even with tens of thousands of records.

[…]

We asked how it did with tens of millions of records, and that was pretty much the end of the conversation.

[…]

I guess by modern standards SQLite is considered efficient and fast, but – hah – back in my day SQLite was what you used when you didn’t have time to write your own, efficient and fast persistent data management system.

Helge Heß:

The Realm vs SwiftData thing encouraged me to try the same project w/ Lighter. It isn’t exactly the same as Lighter is no ORM, but it will give some hints on what a little lower level can yield. For now, the 10k plain items test:

SwiftData:
💽 User instantiation: 0.0676
💽 Create users: 1.9151

Realm:
💽 User instantiation: 0.0229
💽 Create users: 0.1220

Lighter:
💽 User instantiation: 0.0049
💽 Create users: 0.0820

[…]

Something disappointing in SwiftData is that it doesn’t make use of the static nature of the macro(s). The macro can’t see the full schema like Lighter does, but it could still statically generate a ton, e.g. a static snapshot struct for the backing data. Or predefined indices for quickly binding the snapshot to the SQLite API (or really any).

Instead we get custom backends.

Helge Heß:

So I’ve essentially ported the whole perf test over to Lighter, which was interesting because it also demonstrates some key differences in the approaches. E.g. to update the math grades of the bad students, the sample essentially loads all students and their grades into memory, then updates the grades one-by-one and saves them back to the store.

In plain SQL that would be just a single line UPDATE statement, no loading at all.

The SwiftData implementation in the test also seems to be not quite optimal. E.g. to update the items, already fetched items get inserted into a new ModelContext and then saved (a lot of new MCs are created, which seems completely counter the idea, though sometimes necessary to keep SwiftData RAM at bounds). Presumably just saving the context used to fetch the items would be quite a bit more efficient.

Update (2024-07-01): Aleksandar Vacić (Mastodon):

Thus by using somewhat reasonable but still sizable chunks (100k records) of the original data set and employing Core Data best practices, we lowered peak memory usage 10× and shortened total time spent about 2.5× which is no small feat.

Always Allow Safari Bookmarklets

Jeff Johnson:

You may already be aware that for a number of years, Safari has asked your permission every time you click on a link, such as an RSS feed, that opens in an app other than Safari[…]

[…]

The permission prompt now has an option to “Always Allow”! This option is new in Safari 17.

This is an improvement, but even with Always Allow it only remembers per-domain. So I’m still prompted a lot when using MarsEdit and EagleFiler bookmarklets. And it messes up my muscle memory because I had been in the habit of always pressing Enter after invoking a bookmarklet to Allow it—Can you see from the slightly bold text in this iOS-style alert that Allow is the default button?—but with Always Allow it’s unpredictable. I have to either pause to see whether I need to press Enter or I end up with an extra blank line in my blog post draft.

You might wonder where this new preference is stored on disk. As far as I can tell, there’s no corresponding user interface in Safari Settings, certainly not in the Websites pane. What if you want to undo your selection? What if you select Always Allow by accident?

[…]

The good news is that with a little reverse engineering, I found a way to undo the preference. It’s stored on disk in the file ~/Library/Safari/PerSitePreferences.db, which is an SQLite database.

Jeff Johnson (Mastodon):

To run bookmarklets in Safari on macOS, you need to enable “Show features for web developers” in Safari Advanced Settings and “Allow JavaScript from Smart Search field” in Safari Developer Settings.

I think this is only necessary for testing them. I have this unchecked, and my previously created bookmarklets still work.

The permission is per-website, which means that every time you use the EagleFiler bookmarklet on a different website, Safari requests your permission again!

But he has a workaround:

This JavaScript first calls window.open(), which creates a new about:blank tab. It then creates an HTML anchor element—in other words, a hyperlink—adds the link to the about:blank document, and clicks the link automatically.

[…]

This time the value of the domain is empty (''), because about:blank has no domain. The about:blank trick allows you to use the same bookmarklet on every website without any additional permission prompts!

This kind of exposes the permission prompt as security theater, but if it’s not protecting us anyway we may as well get rid of the annoyance.

Previously:

iCloud Drive, Dropbox, and Proton Drive

Ryan Christoffel (AppleInsider, MacRumors):

The problem is, Apple “intelligently” decides which files can remain stored in local cache, and will make decisions to remove certain downloads without telling you. So when you need to access a given file—say, on an airplane with no connection—you might find that the file has been sent back to the cloud and is no longer available.

iPadOS 18 changes that.

Not only on the iPad but also the iPhone in iOS 18, you can long-press on a file or folder and find a new ‘Keep Downloaded’ button in the menu.

Francisco Tolmasky:

Something lost in this “Dropbox is a feature, not a product” story is that today, more than 10 years later, iCloud Drive (Apple’s implementation of this “feature”) still sucks. And Dropbox is arguably only falling behind because macOS has made it increasingly difficult to make a 3rd party syncing solution that “just works.” So maybe the real lesson is that Apple, like Game of Thrones’ Littlefinger, “would see the [OS] burn, as long as they can be king of the ashes”.

The two main problems I’ve had with iCloud Drive are files not uploading promptly and needless eviction of recently downloaded files that I want to keep. The former seems to have gotten better over the last year, and it sounds like iOS 18 and Sequoia will address the latter.

Howard Oakley:

Unexpected behaviour is seen when the user turns off the setting to put Desktop & Documents Folders into iCloud Drive. Instead of moving the folders back from the iCloud Drive location to their original location, macOS creates fresh and empty folders in the regular Home folder. Although the contents of the previous Desktop and Documents folders are retained in iCloud Drive, when seen from their Mac, the user may believe that those entire contents have been deleted, despite an alert that tries to explain what will happen. At least this time the user is offered a way back to reconsider their action, although it’s unclear what other option they might have.

When turned off, those folders are removed with all their contents, which remain in iCloud Drive, but are absent from the empty local Documents and Desktop folders.

The saving grace to this counter-intuitive behaviour is that, despite their apparent movement, the files themselves have remained within the same volume throughout the process of ‘moving’ to iCloud Drive, and ‘vanishing’ on their return journey. As they retain the same inode numbers at each stage of these processes, when they’re finally ‘moved’ manually back into ~/Documents and ~/Desktop, they have remained intact, complete with all their extended attributes and any saved versions. Thus their ‘movements’ preserve both data and metadata at all times.

Tim Hardwick:

Apple wants iPhone and iPad users to be able to format external drives connected to their device, without the need for a Mac, based on the latest find in the iOS 18 and iPadOS 18 developer betas (via MacStories).

MereCivilian:

Anyway, I gave Proton Drive a real go but from the get go, it was disappointing at best. It took three attempts to transfer 6GB files from Dropbox to Proton Drive. The upload and download speeds was terrible. At this point, I went seeking for answers on Reddit and what I discovered was anecdotes from many Proton users on Proton Drive is just not ready. I should have done my research first.

Previously:

AI Companies Ignoring Robots.txt

Mark Sullivan:

The AI search startup Perplexity is in hot water in the wake of a Wired investigation revealing that the startup has been crawling content from websites that don’t want to be crawled.

[…]

“Perplexity is not ignoring the Robot Exclusions Protocol and then lying about it,” said Perplexity cofounder and CEO Aravind Srinivas in a phone interview Friday. “I think there is a basic misunderstanding of the way this works,” Srinivas said. “We don’t just rely on our own web crawlers, we rely on third-party web crawlers as well.”

Srinivas said the mysterious web crawler that Wired identified was not owned by Perplexity, but by a third-party provider of web crawling and indexing services. Srinivas would not say the name of the third-party provider, citing a Nondisclosure Agreement. Asked if Perplexity immediately called the third-parter crawler to tell them to stop crawling Wired content, Srinivas was non-committal. “It’s complicated,” he said.

Srinivas also noted that the Robot Exclusion Protocol, which was first proposed in 1994, is “not a legal framework.” He suggested that the emergence of AI requires a new kind of working relationship between content creators, or publishers, and sites like his.

Nick Heer (Mastodon, Hacker News):

Srinivas is creating a clear difference between laws and principles because the legal implications are so far undecided, but it sure looks unethical that its service ignores the requests of publishers — no matter whether that is through first- or third-party means.

Tim Marchman:

Earlier this week, WIRED published a story about the AI-powered search startup Perplexity, which Forbes has accused of plagiarism. In it, my colleague Dhruv Mehrotra and I reported that the company was surreptitiously scraping, using crawlers to visit and download parts of websites from which developers had tried to block it, in violation of its own publicly stated policy of honoring the Robots Exclusion Protocol.

[…]

After we published the story, I prompted three leading chatbots to tell me about the story. OpenAI’s ChatGPT and Anthropic’s Claude generated text offering hypotheses about the story’s subject but noted that they had no access to the article. The Perplexity chatbot produced a six-paragraph, 287-word text closely summarizing the conclusions of the story and the evidence used to reach them. (According to WIRED’s server logs, the same bot observed in our and Knight’s findings, which is almost certainly linked to Perplexity but is not in its publicly listed IP range, attempted to access the article the day it was published, but was met with a 404 response. The company doesn’t retain all its traffic logs, so this is not necessarily a complete picture of the bot’s activity, or that of other Perplexity agents.) The original story is linked at the top of the generated text, and a small gray circle links out to the original following each of the last five paragraphs. The last third of the fifth paragraph exactly reproduces a sentence from the original: “Instead, it invented a story about a young girl named Amelia who follows a trail of glowing mushrooms in a magical forest called Whisper Woods.”

This struck me and my colleagues as plagiarism.

Kali Hays (via John Voorhees):

OpenAI and Anthropic have said publicly they respect robots.txt and blocks to their web crawlers.

Yet, both companies are ignoring or circumventing such blocks, BI has learned.

Katie Paul:

TollBit said its analytics indicate “numerous” AI agents are bypassing the protocol, a standard tool used by publishers to indicate which parts of its site can be crawled.

“What this means in practical terms is that AI agents from multiple sources (not just one company) are opting to bypass the robots.txt protocol to retrieve content from sites,” TollBit wrote. “The more publisher logs we ingest, the more this pattern emerges.”

Previously:

Update (2024-06-28): Elizabeth Lopatto:

“Someone else did it” is a fine argument for a five-year-old. And consider the response further. If Srinivas wanted to be ethical, he had some options here. Option one is to terminate the contract with the third-party scraper. Option two is to try to convince the scraper to honor robots.txt. Srinivas didn’t commit to either, and it seems to me, there’s a clear reason why. Even if Perplexity itself isn’t violating the code, it is reliant on someone else violating the code for its “answer engine” to work.

Update (2024-07-05): See also: Accidental Tech Podcast.

Pirate Ship

Adam Engst:

Pirate Ship is a shipping platform with an elegant interface that allows users to access discounted shipping rates from USPS and UPS with no subscription fee. I’ve used it a handful of times for mailing packages, and it has been brilliant.

[…]

And, oh, what a lovely interface!

[…]

Pirate Ship has negotiated corporate-level discounted shipping rates of up to 89% off retail and passes most of those savings on to customers. For shipping something heavy, Glenn has seen international shipping prices that run about $200 on UPS’s site, while Pirate Ship’s rate was about $60.

That slight arbitrage allows Pirate Ship to avoid the monthly subscriptions that make no sense for all but high-volume shippers—Stamps.com charges $19.99 per month plus postage, for example.

[…]

Pirate Ship’s support pages are also outstanding.

Friday, June 21, 2024

No Apple Intelligence or iPhone Mirroring in EU at Launch

Juli Clover (Hacker News, ArsTechnica):

Apple today said that European customers will not get access to the Apple Intelligence, iPhone Mirroring, and SharePlay Screen Sharing features that are coming to the iPhone, iPad, and Mac this September due to regulatory issues related to the Digital Markets Act.

John Gruber (Mastodon):

Kudos to Apple for breaking this news to the Financial Times, of all outlets. Poetry in media relations. Here’s the full on-the-record statement, provided to me by an Apple spokesperson:

Two weeks ago, Apple unveiled hundreds of new features that we are excited to bring to our users around the world. We are highly motivated to make these technologies accessible to all users. However, due to the regulatory uncertainties brought about by the Digital Markets Act (DMA), we do not believe that we will be able to roll out three of these features — iPhone Mirroring, SharePlay Screen Sharing enhancements, and Apple Intelligence — to our EU users this year.

Specifically, we are concerned that the interoperability requirements of the DMA could force us to compromise the integrity of our products in ways that risk user privacy and data security. We are committed to collaborating with the European Commission in an attempt to find a solution that would enable us to deliver these features to our EU customers without compromising their safety.

[…]

The Mac is not considered a “gatekeeping” platform in the EU, but the iPhone and iPad are, and the iPhone Mirroring and screen sharing features obviously involve those platforms. I think Apple could try to thread a needle here and release Apple Intelligence only on the Mac in the EU[…]

Ian Betteridge:

So, Apple, which bits of the DMA does Apple Intelligence violate? Because unless you can actually tell us - which case we clearly have a bit of a problem with some of the claims you’ve made about how it works - or you’re talking bullshit, and just trying to get some leverage with the EU.

John Gruber (Mastodon):

They don’t know. It’s uncertain by design. EC proponents keep telling me it’s a feature, not a bug, that unlike the US, it’s the spirit, not letter, of the law that matters in the EU.

[…]

Under repeated threats of fines up to $40–80 billion dollars (10–20 percent of worldwide revenue), it would be recklessly irresponsible for Apple, or any other designated “gatekeeper”, to launch any new services or integrated features in the EU without absolutely certainty that those features are compliant with the DMA. And the nature of the European Commission is that they do not issue such assurances in advance.

Like the App Store, of course. But, unlike with App Review, Apple can communicate with the European Commission in advance. If they never “submit for review” by shipping and even withhold betas in the EU, that’s what they’ll eventually have to do. Reading Apple’s statement, it sounds like this is what they plan to do.

Why the statement to the press now, before any of this is in beta and more than two months before shipping? Is communication with the EU already in progress and not going well? Retaliation and strategy ahead of the negotiations?

Nick Heer:

Apple does not explain specifically how these features run afoul of the DMA — or why it would not or could not build them to clearly comply with the DMA — so this could be mongering, but I will assume it is a good-faith effort at compliance in the face of possible ambiguity. I am not sure Apple has earned a benefit of the doubt, but that is a different matter.

[…]

Is that not Apple’s whole vibe, anyway? It says it does not rush into things. It is proud of withholding new products until it feels it has gotten them just right.

I don’t think this is just Apple being cautious. In prior regulatory situations, Apple has done the absolute bare minimum and arguably engaged in malicious compliance, seemingly without asking the EU in advance. Caution has not been their MO. And, if they are now just being cautious, wouldn’t they also remove existing features which, by the same logic, could run afoul of the DMA?

Federico Viticci:

Apple Intelligence not coming to Europe right away because of the DMA.

Clearly Apple had to respect this, just like they didn’t scrape European websites for their LLM.

oh wait

Jeff Johnson:

Second, if iPhone Mirroring is somehow problematic, what about Universal Control, which already exists?

Steve Troughton-Smith:

Apple’s screen sharing being the only one with remote control is very clearly self-preferencing. iPhone Mirroring, though? Beats me. None of these actually hit upon DMA rules directly, so maybe Apple’s just pulling out the dirty tricks to try to turn users against legislators. If they applied this imaginary criteria to all their existing software, they’d have to un-ship virtually everything.

Jason Snell:

I’m curious if Apple intends to eventually ship the features, amended to work in the EU. This approach also gives Apple the opportunity to induce regulators to declare that Apple’s interpretation of the DMA is incorrect and that announced features aren’t restricted and could be shipped.

The European Commission ultimately serves and reports to citizens of the EU, and this is Apple telling Europeans that under the DMA, they will not get some of Apple’s best new features. Instead of the DMA granting Europeans new features like third-party marketplaces, it will reframe the DMA as something that limits what they get. I don’t know if that’ll make a difference in perception in the EU, but Apple’s going to give it a try.

Warner Crocker:

Apple PR is obviously hard at work here and I’m sure the EU’s PR operations will be following suit shortly. I’m particularly entertained by the phrase “we do not believe.” It’s also fascinating to watch the sideshow of reactions that might turn into something more: how Apple users on their respective sides of the pond are responding to this. Generally speaking from the early reactions I’ve seen the majority of American sympathies tend to lean towards Apple, while it’s just the opposite in Europe. But it’s early and it’s a Friday.

Craig Hockenberry:

Shit is really going to hit the fan when Europe doesn’t get new Emoji.

Scott F:

Didn’t Meta try this with Threads? “Oh, we can’t do the EU” then they did?

Steve Troughton-Smith:

The DMA is only vague if you’re trying to game it. The rules amount to “don’t be a dick”.

Apple’s out here asking “well how will I know if I’m being a dick?? I can’t operate under this environment!”

Whereas most people don’t have to ask themselves that question.

Matthaus Woolard:

There are areas were the DMA is unclear on how much access the platform vendor must provide day one to third parties.

Eg does the DMA require apple expose apis so that MS and Linux devs can implement iPhone mirroring?

Is this an iPhone platform feature or a Mac feature, so does it fall under the DMA or not?

These are legit questions that are unclear and would likely require a good bit of dev work to comply with securely.

René Fouquet:

Odd that Apple’s main competitor somehow manages to bring their AI features to the EU despite the DMA.

Steve Streza:

In reality, Apple is purposefully withholding these features from the EU, either because Apple are being retaliatory against EU customers for the existence of the DMA, or because Apple (with full knowledge of the DMA for years) refused to build these features in compliance with it.

Apple chose to harm their products in the EU. The DMA didn’t. This framing is marketing.

At any large company there is a legal team and a compliance team to ensure that products are going to be ok with regulators. Apple has a whole website just to talk about how great they are at compliance.

There is zero chance they are not completely and institutionally aware of what is expected of them by the EU and the DMA. It is settled law and has been for a year and a half.

Sebastiaan de With:

For all of its purported goals to ‘foster a better digital market’, having foreign tech companies delay features into the EU market will have huge effects not just for consumers but for developers. I can’t see that becoming an economic advantage to an already-lagging EU tech economy.

Previously:

Update (2024-06-24): Marcel Weiher:

The cookie banners + GDPR banners are the playbook Apple is following:

1. Implement the regulation in the most idiotic and user-hostile (frequently illegal, too) way possible when there are easy + convenient ways to comply.

2. Blame the regulators for their own malfeasance.

Craig Grannell:

This also feels very lose-lose. The EU for a time or possibly permanently gets a worse iOS experience. And Apple’s reputation continues to erode while regulators elsewhere start taking notes that will be ramping up future risks.

Benjamin Mayo:

I don’t really get what Apple means re the EU DMA thing because system integrated machine learning already exists in the platforms, you can already share your screen in FaceTime, and you can already mirror your iPhone to Mac through QuickTime if you try hard enough.

M.G. Siegler:

And make no mistake, this is a stick. Apple (reluctantly) tried to feed the carrot to the EU, giving into some of the DMA changes they required. That clearly wasn’'t good enough for the body. So now the sticks are coming out.

See also: Hacker News.

Update (2024-06-25): Ian Betteridge:

In other words, companies can engage with the EU before something is released to work out ways to stay within the DMA. The idea that it’s just a crap shoot and WHO KNOWS WHAT THOSE CRAZY EUROS WILL WANT is just silly.

And maybe, in fact, that’s what Apple is doing behind the scenes – in which case, it should just cut the crap and say it. Part of the mystery about this is we actually already knew some of it. Apple had already announced it wouldn’t be released Apple Intelligence except in US English before the end of the year. That means, of course, EU countries weren’t going to get it for a while anyway.

[…]

Apple is happy to cave in to even the most repressive regimes and forget about user privacy when it’s beneficial to its bottom line. On the other hand, when user privacy conflicts with Apple’s profits, it will go to the mat to defend its right to do what the hell it wants. That’s why even if you tick the box marked “disable sharing of analytics”, your iPhone will continue sharing analytics with Apple.

Previously:

Update (2024-06-26): Manton Reece:

When a company withholds a feature from the EU because of the DMA — Apple for AI, Meta today for the fediverse — they should document which sections of the DMA would potentially be violated. Let users fact-check whether there’s a real problem.

Update (2024-06-28): Steve Troughton-Smith:

I’m not entirely sure commentators are aware that Apple has not been shipping its full featureset around the world for decades. My country never got TV shows in iTunes. I’ve had an iPhone for 17 years without access to Visual Voicemail. Apple’s News app isn’t available here. There’s no cellular Apple Watch. And so on. No tears will be shed for Apple Intelligence in the EU.

Steve Troughton-Smith:

So I thought I’d try and find actual relevant sections of the DMA that may (or may not) apply to the features Apple has said won't be coming to the EU at launch: Apple Intelligence, SharePlay Screen-Sharing, and iPhone Mirroring

Ezekiel Elin:

Since macOS isn’t covered I’ve assumed that the issue isn’t screen mirroring an android phone to macOS, but instead screen mirroring iOS to windows/linux.

See also: Accidental Tech Podcast (Mastodon).

Update (2024-07-02): Tim Hardwick:

Writing in his latest Power On newsletter, Gurman said that while Apple Intelligence will be free to start, Apple’s long-term plan is to launch something like “Apple Intelligence+,” with extra features that users pay monthly fees to access.

Damien Petrilli:

Ok now it makes sense about why Apple doesn’t want to launch AI in Europe yet: subscription lock-in.

So they can’t until they provide third party APIs otherwise it’s another monopoly abuse.

Update (2024-09-10): John Gruber:

It makes no sense for Apple to withhold tentpole iOS features from EU citizens out of spite. Even if you think Apple is guided by its own self-interest above all else, their biggest self-interest is selling new iPhones. And the biggest new feature in this year’s iPhone 16 models is going to be Apple Intelligence, and the best new feature in iOS 18 is iPhone Screen Sharing. These features will sell iPhones — but not in the EU, at least this year.

The key is that the DMA is not a targeted attack on the App Store model. It’s a sweepingly broad attack on the entire idea of integration. And integration is Apple’s entire modus operandi.

[…]

Now that we have proof that the DMA demands Apple to allow all apps other than Settings (and on iPhones, Phone) to be deleted, and to allow third-party defaults to be set for everything from contactless payments to password management to maps to translation and even to keyboards, it’s obvious that the EC might also demand that users be able to specify a third-party “default” AI language model for Apple Intelligence.

[…]

If the DMA had been in effect 10 years ago, I don’t think Apple Watch would have been available in the EU until and unless the EC said it was permitted. Same for AirPods, which pair with Apple devices in a vastly superior but proprietary way compared to standard Bluetooth. Any sort of integration between an iPhone and another Apple device that isn’t available to third-party devices could be ruled to violate the DMA. By the letter of the DMA, the EC should, I think, rule that all such integration is a violation.

It’s unclear to me whether iPhone Mirroring and Apple Intelligence really are being held back due to the DMA. Apple Intelligence doesn’t support other languages yet, anyway.

But the EU isn’t that large or essential. The European Commission is beset by delusions of grandeur.

Steve Troughton-Smith:

Over 50% of Apple’s revenue (~$220B), which accounts for $70B in profit, is booked through the EU, as that’s how they handle their global sales.

Guy English:

I think the key missing here is that the DMA targets integration at the scale of designated gatekeepers. That’s an important distinction. It isn’t simply that iOS is a tightly integrated system but that it is such at a scale that the EU believes it has cast a shadow so large it has inhibited other approaches and innovation.

And, to be honest, the required remedies are ham-fisted and don’t show a particular concern for the user. At least not the same kind of usability concerns Apple has. They may well make the product worse. But part of that is the price of success and dominating markets the way Apple does. Ultimately the tight integration, terrific and well earned success, and intransigence has painted the company into an unenviable corner.

Previously:

Update (2024-09-19): Allison Johnson:

Apple Intelligence’s list of forthcoming supported languages just got a little longer. After an October launch in US English, Apple says its AI feature set will be available in German, Italian, Korean, Portuguese, Vietnamese, “and others” in the coming year.

[…]

The company already announced plans to support Chinese, French, Japanese, and Spanish next year as well.

John Gruber:

This is just for Apple Intelligence on the Mac — which already offers Apple Intelligence in the EU in MacOS 15.1 Sequoia betas, because the Mac is not a designated “gatekeeping” platform. The standoff over Apple Intelligence on iOS and iPadOS remains.

And presumably you’ll be able to use Apple Intelligence with these languages on an iPhone outside of the EU. For example, there are millions of French speakers in Canada.

Thursday, June 20, 2024

Safe Superintelligence Inc.

Ilya Sutskever et al. (via Hacker News):

Building safe superintelligence (SSI) is the most important technical problem of our​​ time.

We have started the world’s first straight-shot SSI lab, with one goal and one product: a safe superintelligence.

[…]

We approach safety and capabilities in tandem, as technical problems to be solved through revolutionary engineering and scientific breakthroughs. We plan to advance capabilities as fast as possible while making sure our safety always remains ahead.

[…]

Our singular focus means no distraction by management overhead or product cycles, and our business model means safety, security, and progress are all insulated from short-term commercial pressures.

I don’t really understand how they know whether what they are doing is “safe.” And currently, I think, people are more worried about what humans will do with AI—which they can’t control—not with what the AI will do by itself. But, I guess, good luck to them in outrunning the other companies who have less focus on safety.

Om Malik:

Daniel Gross, former AI lead at Apple, and researcher Daniel Levy are co-founders of the company.

[…]

What does “safe” mean when it comes to superintelligence? […] I have read fewer word that have more clarity.

Simon Sharwood:

Building an SSI “is our mission, our name, and our entire product roadmap, because it is our sole focus. Our team, investors, and business model are all aligned to achieve SSI.”

Who are those investors? The page doesn’t indicate. Ditto the business model.

Previously:

Update (2024-09-10): Reuters (via Hacker News):

Safe Superintelligence (SSI), newly co-founded by OpenAI’s former chief scientist Ilya Sutskever, has raised $1 billion in cash to help develop safe artificial intelligence systems that far surpass human capabilities, company executives told Reuters.

SSI, which currently has 10 employees, plans to use the funds to acquire computing power and hire top talent.

Richard Speed:

Exactly what those resources will do remains unclear at this stage. SSI intends to build safe superintelligence, describing it as “the most important technical problem of our time.”

[…]

Some estimates put the value of SSI at $5 billion following the investment, although the company itself has not commented. It is, however, an eye-watering sum to be poured into a business that has been around for just a few months, with barely enough employees to fill a minibus.

Previously:

SuperDuper 3.9 Beta

Dave Nanian:

We’re happy to announce Beta 2 of SuperDuper! v3.9, our initial cut at a Sequoia compatible release.

[…]

SuperDuper v3.9 includes Dark Mode support, and banishes our old textured window to the land of shadows.

[…]

[W]e’ve turned on our ability to copy local Cloud files, while intelligently skipping the files and folders that have local “stubs”.

Previously:

Update (2024-07-05): Dave Nanian:

We’ve noticed that, on occasion, “dataless” cloud files and folder proxies can get into strange states on the backup where, quite literally, nothing can delete them. In these situations, we have no choice but to throw up our hands and continue.

Previously:

Update (2024-09-17): Dave Nanian:

Announcing the public release of SuperDuper v3.9 - with full Sequoia compatibility, Dark Mode support, better Cloud file handling, etc.

MicroMac: a Macintosh for Under £5

Matt Evans (via Hacker News):

A Raspberry Pi RP2040 microcontroller (on a Pico board), driving monochrome VGA video and taking USB keyboard/mouse input, emulating a Macintosh 128K computer and disc storage. The RP2040 has easily enough RAM to house the Mac’s memory, plus that of the emulator; it’s fast enough (with some tricks) to meet the performance of the real machine, has USB host capability, and the PIO department makes driving VGA video fairly uneventful (with some tricks). The basic Pico board’s 2MB of flash is plenty for a disc image with OS and software.

Update (2024-06-26): Jeremy Cook (via Hacker News):

The original Macintosh’s boxy all-in-one design is iconic, but has long been surpassed by modern computing options. If you’d like a reminder of this techno-touchstone, in a boxy beige form factor that won’t dominate your desk, the Tiny Mac III uses a Pi 4 to cram lots of retro goodness into a very small package.

The device was inspired by the Tiny Mac running on a Raspberry Pi Zero, which was in turn inspired by a similar little Mac built a decade ago. Creator The_Old_Wolf first built a Tiny Mac II with a Pi Zero 2, then branched off from its predecessors with a Pi 4 processing unit. This gives the Tiny Mac III lots of power to perform functions like running Pi-hole for ad blocking, using xscreensaver as an electronic photo frame, or even running gnome-weather to display conditions outside.

OmniFocus 4.3

Ainsley Bourque Olson (release notes):

Focus Filters, configurable in the Focus section of the Settings app, allow you to customize what app data is displayed when a Focus mode is enabled on your device. With OmniFocus 4.3, you can now set device Focus Filters to automatically filter out any OmniFocus content which is not relevant to the current Focus.

[…]

OmniFocus 4.3 also introduces the ability to add comments to perspective rules in OmniFocus Pro, and expands rich text note formatting options in OmniFocus for Mac.

[…]

OmniFocus 4 introduced a brand new independent Apple Watch application that allowed us to bring the full OmniFocus database to the Apple Watch for the first time ever. The expanded feature set was very well received, yet we also heard from some customers (particularly folks who do not live near our servers) that the v4 watch application did not sync, or stay up to date, reliably. In OmniFocus 4.3, this issue has been addressed by syncing to the paired iPhone, prior to syncing with the sync server, whenever possible. This change makes syncing faster and more reliable when the watch doesn’t have a fast connection to the sync server.

[…]

Many of these bug fixes improve the reliability of the outline, addressing scenarios in which the order of items in the outline appeared to change unexpectedly (or when content displayed in the outline didn’t change as expected).

I can confirm that the new Bonjour watch syncing is much faster and more likely to succeed. I still find that it never syncs automatically in the background; the complication always shows the wrong number until I tap it to open the app.

I’m also glad to see that single-key Delete is back in the Mac app and that various iOS display glitches have been fixed.

Previously:

Wednesday, June 19, 2024

Apple Intelligence Training

Apple:

In the following overview, we will detail how two of these models — a ~3 billion parameter on-device language model, and a larger server-based language model available with Private Cloud Compute and running on Apple silicon servers — have been built and adapted to perform specialized tasks efficiently, accurately, and responsibly.

[…]

Our foundation models are trained on Apple’s AXLearn framework, an open-source project we released in 2023. It builds on top of JAX and XLA, and allows us to train the models with high efficiency and scalability on various training hardware and cloud platforms, including TPUs and both cloud and on-premise GPUs. We used a combination of data parallelism, tensor parallelism, sequence parallelism, and Fully Sharded Data Parallel (FSDP) to scale training along multiple dimensions such as data, model, and sequence length.

We train our foundation models on licensed data, including data selected to enhance specific features, as well as publicly available data collected by our web-crawler, AppleBot.

David Pierce:

Wild how much the Overton window has moved that Giannandrea can just say, “Yeah, we trained on the public web,” and it’s not even a thing. I mean, of course it did. That’s what everyone did! But wild that we don’t even blink at that now.

John Voorhees:

As a creator and website owner, I guess that these things will never sit right with me. Why should we accept that certain data sets require a licensing fee but anything that is found “on the open web” can be mindlessly scraped, parsed, and regurgitated by an AI? Web publishers (and especially indie web publishers these days, who cannot afford lawsuits or hiring law firms to strike expensive deals) deserve better.

It’s disappointing to see Apple muddy an otherwise compelling set of features (some of which I really want to try) with practices that are no better than the rest of the industry.

Colin Cornaby:

The justification of “if you posted it on the public web - it’s ok for us to train AI on” is really bizarre - and not completely legally sound? Posting something on the public web doesn’t mean you surrender the copyright.

That’s actually exactly the basis of the NYT’s suit against OpenAI. The NYT proved that OpenAI was able to reproduce articles that it had scraped from the NYT.

Apple:

With Applebot-Extended, web publishers can choose to opt out of their website content being used to train Apple’s foundation models powering generative AI features across Apple products, including Apple Intelligence, Services, and Developer Tools.

[…]

Applebot-Extended does not crawl webpages. Webpages that disallow Applebot-Extended can still be included in search results. Applebot-Extended is only used to determine how to use the data crawled by the Applebot user agent.

The models were trained before they told us how to opt-out. If you update your robot.txt to exclude Applebot Extended, it’s not clear when your data will be removed from the models. It can take a long time to re-train a model, and I don’t know whether the on-device models are tied to OS updates.

Joe Rosensteel:

Literally the same presentation talks about protecting your privacy from unscrupulous internet companies. Your data is isolated by a whole auditable cloud solution and will never be used for modeling. BUT if that same Apple customer posted anything on the open web then it’s fair game for Apple to use regardless of copyright, licenses, or expectations. Doing it before anyone could ever object is all the more damning.

Eric deRuiter:

Disabling Apple AI via robots.txt is not supported on Squarespace as you can’t edit your own robots.txt file.

Apple does offer a way to opt out entirely via a <meta> tag, but I don’t see a way to use that to exclude only the AI stuff.

Dan Moren:

To test this out, I’ve added those directives to my personal site. This turned out to be slightly more confusing, given that my site runs on WordPress, which automatically generates a robots.txt file. Instead, you have to add the following snippet of code to your functions.php file by going to the administration interface and choosing Appearance > Theme File Editor and selecting functions.php from the sidebar.

[…]

If you want to go beyond Apple, this same general idea works for other AI crawling tools as well. For example, to block ChatGPT from crawling your site you would add a similarly formatted addition to the robots.txt file, but swapping in “GPTBot” instead of “Applebot-Extended.”

Google’s situation is more complex: while the company does have a Googlebot-Extended that powers some of its AI tools, like Gemini (née Bard), blocking that won’t necessarily remove your site’s content from being crawled for use in Google’s AI search features. To do that, you’d need to block Googlebot entirely, which would have the unfortunate effect of removing your site from its search indexes as well.

Robb Knight (via Nick Heer, Hacker News):

[Perplexity is] using headless browsers to scrape content, ignoring robots.txt, and not sending their user agent string. I can't even block their IP ranges because it appears these headless browsers are not on their IP ranges.

John Voorhees:

Over the past several days, we’ve made some changes at MacStories to address the ingestion of our work by web crawlers operated by artificial intelligence companies. We’ve learned a lot, so we thought we’d share what we’ve done in case anyone else would like to do something similar.

Previously:

Update (2024-06-20): Nick Heer:

The question seems to be whether what Perplexity is doing ought to be considered crawling. It is, after all, responding to a direct retrieval request from a user. This is subtly different from how a user might search Google for a URL, in which case they are asking whether that site is in the search engine’s existing index. Perplexity is ostensibly following real-time commands: go fetch this webpage and tell me about it.

But it clearly is also crawling in a more traditional sense. The New York Times and Wired both disallow PerplexityBot, yet I was able to ask it to summarize a set of recent stories from bothpublications. At the time of writing, the Wired summary is about seventeen hours outdated, and the Times summary is about two days old. Neither publication has changed its robots.txt directives recently; they were both blocking Perplexity last week, and they are blocking it today. Perplexity is not fetching these sites in real-time as a human or web browser would. It appears to be scraping sites which have explicitly said that is something they do not want.

Perplexity should be following those rules and it is shameful it is not. But what if you ask for a real-time summary of a particular page, as Knight did? Is that something which should be identifiable by a publisher as a request from Perplexity, or from the user?

Update (2024-06-24): John Gruber:

Apple should clarify whether they plan to re-index the public data they used for training before Apple Intelligence ships in beta this summer. Clearly, a website that bans Applebot-Extended shouldn’t have its data in Apple’s training corpus simply because Applebot crawled it before Apple Intelligence was even announced. It’s fair for public data to be excluded on an opt-out basis, rather than included on an opt-in one, but Apple trained its models on the public web before they allowed for opting out.

But other than that chicken/egg opt-out issue, I don’t object to this. The whole point of the public web is that it’s there to learn from — even if the learner isn’t human.

Louie Mantia (via Federico Viticci):

This is a critical thing about ownership and copyright in the world. We own what we make the moment we make it. Publishing text or images on the web does not make it fair game to train AI on. The “public” in “public web” means free to access; it does not mean it’s free to use.

Besides that, I’d also add what I’ve seen no one else mention so far: People post content on web that they don’t own all the time. No one has to prove ownership to post anything.

Someone who publishes my work as their own (theft) or republishes my work (like quoting or linking back) doesn’t have the right to make the choice for me to let my content be used for training AI.

That same argument would also apply to indexing for search.

Update (2024-07-19): Tim Hardwick:

[Apple] emphasized that since OpenELM is not integrated into Apple Intelligence, the “YouTube Subtitles” dataset is not being used to power any of its commercial AI features.

Update (2024-07-30): John Voorhees:

If you still had doubts whether Apple scraped the web to build its foundation model and only gave publishers an option to opt-out after the fact, it’s all laid out here.

Steve Troughton-Smith:

Apple clearly has vacuumed up data from European websites and open-source projects to build its Foundation Models, which makes it incredibly distasteful for them to be trying to hold Apple Intelligence hostage as a bargaining chip against EU regulation.

If for some reason regulators were to angrily demand an immediate purge or audit of the affected data, it could set Apple Intelligence back years and push it well out of the iOS 18 timeframe.

Hartley Charlton:

The paper reveals that Apple utilized 2,048 of Google’s TPUv5p chips to build AI models and 8,192 TPUv4 processors for server AI models. The research paper does not mention Nvidia explicitly, but the absence of any reference to Nvidia’s hardware in the description of Apple’s AI infrastructure is telling and this omission suggests a deliberate choice to favor Google’s technology.

Customizable Control Center and Lock Screen Buttons in iOS 18

Tim Hardwick:

In iOS 18, when you invoke Control Center with a swipe down from the top-right of your iPhone’s screen, you can continuously swipe to get to more control center screens. There’s a new controls gallery that lets you customize the controls you see, and you can change the size of buttons to emphasize priority. Additionally, developers can include controls from their own apps, enabling quick access to controls like remotely starting a car, for example.

Steven Aquino (Mastodon):

In the current Face ID era, which dates back to the 2017 introduction of the iPhone X, turning off an iPhone or iPad entails a high-tech game of Twister. One must hit the volume buttons in quick succession while simultaneously holding the side button. Depending on the level of one’s fine-motor skills, performing these movements can be infuriating if not impossible.

[…]

In a broad scope, it’s worth reiterating the notion that this new Power button in iOS 18’s Control Center is hugely beneficial as a de-facto accessibility feature.

Juli Clover:

iOS 18 includes a new LockedCameraCapture framework for developers, which will bring some useful new functionality to third-party apps with camera features. The update will let a third-party camera app be opened directly from the Lock Screen.

This is great. It does not, however, let you customize which app opens when you swipe.

Simon B. Støvring:

Thanks for making the Control Center more configurable, Apple, so I can move the controls to an area I can reach with my thumb. Now, please make it so the Control Center is opened from a reachable area on the screen.

Previously:

Update (2024-06-20): John Spurlock:

As someone that worked on the Android lock screen to camera transition in a previous life, I don’t see Apple ever letting you do this.

Tight integration is needed to ensure that the transition looks great, and the app launches quickly.

The Camera app is probably the last app you’d pick to launch at a moment’s notice - needs gobs of working memory and fires up multiple hardware sensors.

Tab Bar and Sidebar in iPadOS 18

Tim Hardwick:

In iPadOS 18, Apple has redesigned the tab bar experience for many apps like Podcasts, Apple TV, and Apple Music. Previously in these apps, tabs sat at the bottom of the interface. When in portrait orientation however, tab bars now sit at the top of these apps to be closer to other navigation controls, while a customizable sidebar appears in landscape mode.

[…]

To accompany the new tab bars, sidebars in apps have been updated to help users navigate apps and provide quick access to top-level destinations.

Together, side bars and tab bars support user customization, so it's now possible to drag and drop items from the sidebar into a pinned section on the tab bar for even quicker access to favorite content.

Nico Reese (via Steve Troughton-Smith):

Apple has made significant updates to UITabBarController, which now supports displaying a sidebar as well. By default, the tab bar floats at the top of the screen and uses only text labels, essentially placed in the navigation bar’s title view area. Optionally, developers can add a sidebar button to the tab bar. When tapped, the tab bar morphs into a sidebar on the left side of the screen.

Unfortunately, this change brings many complex issues, some of which I want to discuss as I try to integrate these updates into my app, Gamery. These issues are particularly frustrating for me as a developer attempting to implement this new UI.

When sidebars were first introduced in iPadOS 14, it seemed like Apple was moving the iPad experience closer to that of a desktop. It was a step in the right direction. Now, it feels like they are regressing, making the app experience confusing and unnecessarily complex.

Federico Viticci:

Earlier today on Mastodon, I shared some concerns regarding the Books app in iPadOS 18 and how Apple implemented the new tab bar design in the app. Effectively, by eschewing a sidebar, the app has returned to feeling like a blown-up iPhone version – something I hoped we had left behind when Apple announced they wanted to make iPad apps more desktop-class two years ago.

[…]

[S]ince tab bars now sit alongside toolbar items, the entire UI can get very condensed, with buttons often ending up hidden away in an overflow menu.

[…]

If the goal was to simplify the iPad’s UI, well, now iPad users will end up with three ways to navigate apps instead of two, with the default method (the top bar) now generally displaying fewer items than before, without glyphs to make them stand out.

Kyle Howells:

This new combined side bar and tab bar design just seems to make both the tab bar and the side bar worse and the iPad even more limited….

The 2 big UI changes this year, Photos & the new tab bar and both flops that I’m hoping will be reverted.

Previously:

Update (2024-08-07): Andy Lee:

Is iPadOS really removing the search field from the tabs view? I’ve been assuming it was a temporary omission while they rework other things. If it hasn’t been restored in the next beta I will have to write some strongly worded… uh… words.

Previously:

Update (2024-10-17): Léo Natan:

The news sidebar implementation in “iPad”OS is absolutely terribly broken, by design and by implementation. First of all, it’s completely broken. Throws layout constraint failures, overlaps the navigation title, doesn’t trim properly, crashes from broken collection view updates.

But that is only half the problem. By design, it is half-assed at most. The resulting sidebar is not a controller, so there is no regular <-> compact size handling of any sort. After all, why would Apple support responsive design?

So developers that wish to implement this idiom, still need to keep their old sidebar controller, and then listen to trait collection changes and modify their navigation controller to have the old sidebar as the root, while removing it for large layouts.

And even that is broken, as the tab bar attempts to put the overflowing tabs as “more” controllers from iOS 6 fame days, and, you guessed it, that functionality is completely broken too, and cannot be disabled.

Arvind, RIP

Adam Zewe (via Hacker News):

A prolific researcher who led the Computation Structures Group in the Computer Science and Artificial Intelligence Laboratory (CSAIL), Arvind served on the MIT faculty for nearly five decades.

[…]

As a scientist, Arvind was well known for important contributions to dataflow computing, which seeks to optimize the flow of data to take advantage of parallelism, achieving faster and more efficient computation.

In the last 25 years, his research interests broadened to include developing techniques and tools for formal modeling, high-level synthesis, and formal verification of complex digital devices like microprocessors and hardware accelerators, as well as memory models and cache coherence protocols for parallel computing architectures and programming languages.

Wikipedia:

In 2000, Arvind took two years off from teaching at MIT to build Sandburst, Inc, a fabless manufacturing semiconductor company. He served as its president until his return to MIT in 2002. In 2006, Sandburst was acquired by Broadcom Corporation.

In 2003, he cofounded Bluespec, Inc., headquartered in Waltham, Massachusetts. They produce proven electronic design automation (EDA) synthesis toolsets. With Lennart Augustsson, Arvind codeveloped the programming language Bluespec SystemVerilog (BSV), a high-level functional programming hardware description language, which is a Haskell variant extended to handle chip design and electronic design automation in general.

I really enjoyed his graduate Computer System Architecture class. He was so excited about the material and clear in communicating it, both verbally and notationally using term-rewriting systems.

Tuesday, June 18, 2024

iDOS 3 Rejected From the App Store

Litchie (Reddit):

Initially they rejected the submission because it was same as iDOS 2, but after I explained to them that I can not continue under iDOS2 [because Apple had blocklisted it], then they rejected again as “Design spam” on the basis that there has been many submissions lately with the exact same design.

I don’t actually care much about the copycats, but just can’t understand why it’s difficult for Apple to check my account history and tell which is the original.

They took two months to review the submission and then rejected it:

They have decided that iDOS is not a retro game console, so the new rule is not applicable. They suggested I make changes and resubmit for review, but when I asked what changes I should make to be compliant, they had no idea, nor when I asked what a retro game console is.

Craig Grannell:

iDOS rejected from the App Store because it is “not a retro game console”. Nor is the C64, but that has several emulators already on the App Store. Apple rules incoherent yet again. More at 11.

This also makes me increasingly think that the only reason Apple opened this up was the screw with AltStore. Delta was the headline act. But now people have some emulators, they’ll stop moaning. Although I do now wonder 1) what happens to MAME for iOS, 2) what happens to FBA (already on the App Store), and 3) what major changes Apple will now require of RetroArch, that is if Apple’s even remotely aware of what that emulator actually is or does.

Kristoffer:

Seeing as Apple makes a distinction between PCs and Consoles, as per their UTM ruling, making a distinction between phones and consoles [for government regulation] should be A OK (Apple OK)

Previously:

Update (2024-06-25): See also: Hacker News.

Former Head of NSA Joins OpenAI Board

Jay Peters:

OpenAI has appointed Paul M. Nakasone, a retired general of the US Army and a former head of the National Security Agency (NSA), to its board of directors, the company announced on Thursday.

Nakasone, who was nominated to lead the NSA by former President Donald Trump, directed the agency from 2018 until February of this year. Before Nakasone left the NSA, he wrote an op-ed supporting the renewal of Section 702 of the Foreign Intelligence Surveillance Act, the surveillance program that was ultimately reauthorized by Congress in April.

Edward Snowden (Reddit, Hacker News, Fortune, Newsweek):

They’ve gone full mask-off: do not ever trust @OpenAI or its products (ChatGPT etc). There is only one reason for appointing an @NSAGov Director to your board. This is a willful, calculated betrayal of the rights of every person on Earth. You have been warned.

Previously:

Update (2024-06-25): See also: Bruce Schneier.

Monday, June 17, 2024

Rumored Thinner Apple Devices

Tim Hardwick:

Apple intends to slim down the MacBook Pro, Apple Watch, and iPhone, with the new ultra-thin M4 iPad Pro a sign of the company’s new design trajectory, according to Bloomberg’s Mark Gurman.

[…]

Writing in the latest edition of his Power On newsletter, Gurman says that like the iPad Pro, Apple is now focused on delivering the thinnest possible devices across its lineups without compromising on battery life or major new features.

[…]

In 2021, Apple significantly redesigned the MacBook Pro, making it thicker and heavier. A major highlight of the redesign was the reintroduction of several ports that were removed in previous iterations in favor of chassis thinness.

The 2021 MacBook Pro was a big step in the right direction, but I think it didn’t go far enough. The spec sheet shows all-day battery life, but when using Xcode with my M1 MacBook Pro, battery is still a concern, even on non-transcontinental flights. And I would trade some thinness to be able to replace the battery (or storage!) without mailing the computer to Apple.

I also don’t want a thinner keyboard. I would rather they add more hardware, such as more USB ports and a cellular modem, than shave off a few more millimeters. Maybe that makes sense for a device like a MacBook Air or watch that’s supposed to be small, but not at the Pro end of the lineup.

Previously:

Update (2024-06-18): Robin Kunde:

The MBP still doesn’t have enough ports and the keyboard is finally back in a decent place (aside from the crappy key caps). Who’s asking for this?

John Gruber:

Unlike other devices Apple sells, Apple Watch sizes are given not by screen diagonal but by case height. So what Kuo is claiming is that the current “big” size will become the small size and the new big size will be much bigger. I find this very hard to believe.

I hope Kuo is wrong because the current small Apple Watch size is already larger than I’d like. It’s not so much about how it looks but how it feels on a narrow wrist. And this is the one Apple product that I’d want to be thinner, so that it stays out of the way of long sleeves and gloves.

U.S. Sues Adobe Over Subscriptions

FTC (PDF, via Hacker News):

The Federal Trade Commission is taking action against software maker Adobe and two of its executives, Maninder Sawhney and David Wadhwani, for deceiving consumers by hiding the early termination fee for its most popular subscription plan and making it difficult for consumers to cancel their subscriptions.

[…]

According to the complaint, when consumers purchase a subscription through the company’s website, Adobe pushes consumers to its “annual paid monthly” subscription plan, pre-selecting it as a default. Adobe prominently shows the plan’s “monthly” cost during enrollment, but it buries the early termination fee (ETF) and its amount, which is 50 percent of the remaining monthly payments when a consumer cancels in their first year. Adobe’s ETF disclosures are buried on the company’s website in small print or require consumers to hover over small icons to find the disclosures.

[…]

In addition to failing to disclose the ETF to consumers when they subscribe, the complaint also alleges that Adobe uses the ETF to ambush consumers to deter them from cancelling their subscriptions. The complaint also alleges that Adobe’s cancellation processes are designed to make cancellation difficult for consumers. When consumers have attempted to cancel their subscription on the company’s website, they have been forced to navigate numerous pages in order to cancel.

Emma Roth:

Customers encounter similar obstacles when attempting to cancel their subscriptions over the phone or via live chats, the DOJ alleges. The complaint claims “subscribers have had their calls or chats either dropped or disconnected and have had to re-explain their reason for calling when they re-connect.”

[…]

In 2012, Adobe went from selling its creative software for lifetime use to charging users for a monthly or yearly subscription to its suite of products, including Photoshop, Illustrator, InDesign, and others. The company’s subscription model has long frustrated creatives, who are often forced to stay subscribed to Adobe in order to keep doing their jobs.

Jeremy Gray:

Despite being full of passionate, talented people who genuinely care about artists, the company has earned its negative reputation. To no fault of the people who make the Adobe software that so many use daily, the company’s beleaguered customers do not trust Adobe.

Previously:

Update (2024-06-18): Nick Heer:

The contours of the case itself bear similarities to the Amazon Prime one, too. In both cases, customers are easily coerced into subscriptions which are difficult to cancel. Executives were aware of customer complaints, according to the FTC, yet they allegedly allowed or encouraged these practices. But there are key differences between these cases as well.

See also: Mac Power Users Talk, MacRumors.

Update (2024-07-26): Ben Lovejoy (Hacker News):

An Adobe exec is quoted as describing its hidden pricing strategy as being “a bit like heroin.” The remark was revealed when the government released its unredacted complaint, which accuses the company of deliberately making it hard to cancel a Creative Cloud subscription.

The exec acknowledged customer anger at the way the company made its contractual terms hard to understand, but said that improving this would result in “taking a big business hit” …

[…]

Adobe’s chief in-house lawyer Dana Rao claimed that the remark was taken out of context, and that the employee who made it was not a C-level employee who could make decisions on such matters. The company also claimed that revealing the penalty fee would make the user interface “very cluttered.”

EU to Charge Apple for Violating DMA

Joe Rossignol (Hacker News):

The European Commission plans to charge Apple for violating the Digital Markets Act after determining that the iPhone maker is not complying with obligations to allow app developers to “steer” users to offers outside of the App Store without fees, according to the Financial Times, which cites three people familiar with the matter.

It appears that the EU is taking issue with Apple’s Core Technology Fee, but the exact charges that it allegedly plans to bring against Apple are unclear.

Ryan Jones:

Reminder: The EU itself leaks to FT

John Gruber:

My basic theory is that what the EC has wanted all along is to force Apple not merely open up iOS to other methods of distribution, but to force Apple to allow apps to be distributed through those non-App-Store channels free of charge. But they don’t want to come out and say, flatly, that they seek to forbid Apple from monetizing its IP from all developers on the platform, because that’s so radically anti-capitalist. So instead the wrote the DMA to forbid the way Apple had, heretofore, mandated its cut of App Store revenue, and I suspect they somehow thought that if they banned the current rules — all apps must go through the App Store, all apps must use Apple’s App Store payment processing — then Apple would be forced to allow free-of-charge distribution through other channels and other payment processing. They didn’t foresee the Core Technology Fee as a route to collect a cut from any and all popular applications distributed by large commercial developers.

This is buying too much into Apple’s frame. As I’ve said, Apple created the “monetizing its IP” concept, long after creating the App Store itself, as a preemptive defense of its monopoly rents in the face of antitrust action. If the EU’s language had been more sweeping, surely they would have been criticized for being heavy handed. Instead, they were more measured, explaining their intent but not exactly how to get there. I think the reason they didn’t anticipate the CTF is that it obviously violates the intent of the DMA. They were wrong to expect a good faith attempt at compliance.

It’s not as if Apple is trying to monetize its IP by licensing iOS to clone vendors. It’s already monetizing via high-margin, non-upgradable hardware and hard-sell services. As commenter Doodpants mentions, this licensing business is pernicious for customers:

I don’t want to “license” software; I want to buy it. But software companies have come up with this “licensing” concept so that they can control what you can and cannot do with the software after you’ve paid for and installed it.

René Fouquet:

The thing that irritated me most is the “you can just buy an Android phone” by Federighi [at The Talk Show]. If this is your response to valid criticism, watch out not to fall from that high horse.

Of course, this recalls Tim Cook saying that the solution for iOS’s poor messaging interoperability is to buy your mother an iPhone. It reminds me of nothing so much as the current American political situation. No big deal if you’re unhappy with one of the two main candidates—you can just vote for the other guy! Yet in another four years there will be two new candidates, but we’ll still have Apple and Google and little means of influencing either.

archagon:

Listening to Apple, I come away feeling that the Mac is only an open platform for legacy reasons, and it certainly wouldn’t be one if it was released as a new product today. I am very worried that we’re heading towards a future where Apple disables my notarized emulators, torrent clients, and encrypted messaging apps for commercial, legal, or political reasons and then tells me to “just buy a PC” if I don’t like it.

Steve Troughton-Smith:

Apple leadership has twisted itself in knots to fit an App Store-centric reality distortion field and that’s why they’re facing antitrust action around the world and serious, painful consequences for their illegal conduct

mʌp:

As someone that qualified for his first WWDC scholarship in 2002 it sure feels weird to hear Tim say that there were no students in the dev community before the App Store…

Martin Pilkington:

I was literally in University when both the iPhone and the App Store were released, and had been shipping apps for years prior.

Apple seems to be stuck in its own reality distortion field when it comes to the App Store.

Previously:

Update (2024-06-18): Jesper:

The EC is not the ideal horse, and other multi-billion dollar technology firms are not the ideal cheerleaders. In a world where the phone is the dominant computing device for most people and nearly everything involves it, the case against monopolistic rent seeking and corporatist distribution restrictions should be to protect not only customers but individual freedoms. Nevertheless, the horse has been saddled and does work roughly towards the same goals.

[…]

There are still ways Apple, say, in its approach to privacy and compared to some of its competitors, are exceptional. But dying on this hill, to squeeze out the same money that putatively is not the primary driver behind the company anyway, to maintain a ridiculous charade wherein no developers were successful before a distribution model that not uncommonly was a significant downgrade, is just exceptionally stupid.

Update (2024-06-19): See also: Hacker News.

Juli Clover (Mastodon):

Apple is facing a “number” of “very serious” issues with its Digital Markets Act compliance in Europe, EU competition commissioner Margrethe Vestager said in an interview with CNBC.

[…]

Vestager does not believe that Apple’s changes meet the requirements of the DMA. “We have a number of Apple issues; I find them very serious,” she said. “I was very surprised that we would have such suspicions of Apple being non-compliant.”

Craig Grannell:

I suspect there’s US arrogance here, along with a total misunderstanding of how the EU works. Ian Betteridge has said this way better than I can, but US folks appear to consider this some kind of negotiation, whereas for the EU it’s more a case of “here’s where you need to be and it’s up to you how you get there”.

See also: Steve Troughton-Smith, Hacker News.

Previously:

Update (2024-07-08): See also: Hacker News.

Previously:

Japan Passes Law to Allow App Marketplaces

Ryohei Yasoshima and Riho Nagao (Hacker News):

Legislation slated to be sent to the parliament in 2024 would restrict moves by platform operators to keep users in the operators’ own ecosystems and shut out rivals, focusing mainly on four areas: app stores and payments, search, browsers, and operating systems.

The plan is to allow the Japan Fair Trade Commission to impose fines for violations. If this is modeled on existing antitrust law, the penalties would generally amount to around 6% of revenue earned from the problematic activities.

Kazuaki Nagata:

A bill submitted by the administration of Prime Minister Fumio Kishida would compel the dominant platforms to allow third parties to launch their own app markets and to offer more payment options, while banning the technology giants from giving preferential treatment to their own products.

Hartley Charlton (Hacker News):

New legislation in Japan requires Apple to allow third-party app stores and payment providers on the iPhone.

The Japanese parliament has passed the Act on Promotion of Competition for Specified Smartphone Software, a law that compels Apple to allow access to third-party app stores and payment providers on devices that run iOS. The legislation, which was passed by Japan’s upper house and will be enforced following Cabinet approval within the next eighteen months, seeks to curb the dominance of major tech firms like Apple in the smartphone market.

The law requires Apple to make several significant changes to its business practices. The company will have to permit third-party app stores on its devices, just like it does in the EU. App developers will be allowed to use third-party payment services. There are also provisions to allow users to change default settings via new choice screens during setup, such as for selecting a default browser.

Nick Heer:

Penalties are 20–30% of Japanese revenue. Japan is one of very few countries in the world where the iPhone’s market share exceeds that of Android phones.

John Gruber:

The United States should treat this as a trade war, and reciprocate by passing legislation mandating third-party game stores and payments on game consoles from Sony and Nintendo. […] It’s patently hypocritical that Japan’s law targets only phones; this law wouldn’t exist if Sony were a player in phones and mobile platforms.

As I’ve said, I’m not persuaded that the smartphone market is analogous to game consoles. It’s not hypocritical that phone companies and ISPs are regulated differently from, say, refrigerators and slot machines.

Alan Crisp:

What percentage of the global economy’s business comms and app usage (outside China) is on Apple/Android systems? 80%? 90%? 95%?

For me it makes sense that the regulatory focus is on phones - this can have a great impact on innovation across all markets. The gaming console market, by comparison, has a far, far smaller impact on the lives of everyday commerce, and thus far less deserving of regulating those systems.

[…]

Imagine if AT&T banned you from calling certain phone numbers (App Store anti-steering provisions), or chose which kinds of telesales were allowed. With the landline being essential to business communications, left unchecked AT&T could have slowed innovation more generally in other areas.

Previously:

Friday, June 14, 2024

WWDC 2024 Links

General:

What’s New:

Release Notes:

Key Sessions:

Podcasts:

Interviews:

Other:

This post will be updated as I find new links. If you see anything good that I missed, please post a comment, tweet, toot, or e-mail me.

Previously:

Private Cloud Compute

Apple (via Ivan Krstić, ArsTechnica):

Apple Intelligence is the personal intelligence system that brings powerful generative models to iPhone, iPad, and Mac. For advanced features that need to reason over complex data with larger foundation models, we created Private Cloud Compute (PCC), a groundbreaking cloud intelligence system designed specifically for private AI processing. For the first time ever, Private Cloud Compute extends the industry-leading security and privacy of Apple devices into the cloud, making sure that personal user data sent to PCC isn’t accessible to anyone other than the user — not even to Apple. Built with custom Apple silicon and a hardened operating system designed for privacy, we believe PCC is the most advanced security architecture ever deployed for cloud AI compute at scale.

[…]

The root of trust for Private Cloud Compute is our compute node: custom-built server hardware that brings the power and security of Apple silicon to the data center, with the same hardware security technologies used in iPhone, including the Secure Enclave and Secure Boot. We paired this hardware with a new operating system: a hardened subset of the foundations of iOS and macOS tailored to support Large Language Model (LLM) inference workloads while presenting an extremely narrow attack surface. This allows us to take advantage of iOS security technologies such as Code Signing and sandboxing.

On top of this foundation, we built a custom set of cloud extensions with privacy in mind. We excluded components that are traditionally critical to data center administration, such as remote shells and system introspection and observability tools. We replaced those general-purpose software components with components that are purpose-built to deterministically provide only a small, restricted set of operational metrics to SRE staff. And finally, we used Swift on Server to build a new Machine Learning stack specifically for hosting our cloud-based foundation model.

[…]

Since Private Cloud Compute needs to be able to access the data in the user’s request to allow a large foundation model to fulfill it, complete end-to-end encryption is not an option. Instead, the PCC compute node must have technical enforcement for the privacy of user data during processing, and must be incapable of retaining user data after its duty cycle is complete.

[…]

Every production Private Cloud Compute software image will be published for independent binary inspection — including the OS, applications, and all relevant executables, which researchers can verify against the measurements in the transparency log.

Matthew Green:

Then they’re throwing all kinds of processes at the server hardware to make sure the hardware isn’t tampered with. I can’t tell if this prevents hardware attacks, but it seems like a start.

They also use a bunch of protections to ensure that software is legitimate. One is that the software is “stateless” and allegedly doesn’t keep information between user requests. To help ensure this, each server/node reboot re-keys and wipes all storage.

[…]

Of course, knowing that the phone is running a specific piece of software doesn’t help you if you don’t trust the software. So Apple plans to put each binary image into a “transparency log” and publish the software.

But here’s a sticky point: not with the full source code.

Security researchers will get some code and a VM they can use to run the software. They’ll then have to reverse-engineer the binaries to see if they’re doing unexpected things. It’s a little suboptimal.

And I don’t understand how you can tell whether the binary image in the log is actually what’s running on the compute node.

Matthew Green:

As best I can tell, Apple does not have explicit plans to announce when your data is going off-device for to Private Compute. You won’t opt into this, you won’t necessarily even be told it’s happening. It will just happen. Magically.

[…]

Wrapping up on a more positive note: it’s worth keeping in mind that sometimes the perfect is the enemy of the really good.

[…]

I would imagine they’ll install these servers in a cage at a Chinese cloud provider and they’ll monitor them remotely via a camera. I don’t know how you should feel about that.

Aside from the source code issue, it’s not clear to me what more Apple could reasonably do. Let researches inspect the premises? They’re making a strong effort, but that doesn’t mean this system is actually as private as on-device. You have to trust their design and all the people implementing it and hope there aren’t any bad bugs.

Matthew Green:

It’s a very thoughtful design. Indeed, if you gave an excellent team a huge pile of money and told them to build the best “private” cloud in the world, it would probably look like this.

Francisco Tolmasky:

I’ve asked a lot of people: “OK, imagine Facebook implemented the same system, you’d be fine using it?” Their answer was “Well, no…” Because at the end of the day this system still fundamentally relies on trust. None of this stuff is actually verifiable. And that becomes crystal clear when you realize that you wouldn’t trust it if you simply switched out the names. No one is saying they’re not trying, but that’s different than having created an actually secure system.

Francisco Tolmasky:

Shell game: We put the data under the “local processing cup,” mention you need servers, start swapping cups around, invent a nonsense term “Private Cloud Compute” & voila! These are SPECIAL servers. That’s how you go from “local matters” to “we’re doing it on servers!”

Francisco Tolmasky:

Something that gets lost in discussions about trust is the kind of trust you actually need. Plenty of people trust Apple’s intentions. But with the cloud you actually further need to trust they, e.g., never write any bugs. That they have perfect hiring that catches someone trying to infiltrate them, despite it being super tempting for a gov to try. That they’ll shut the whole feature down if a gov passes a data retention law. This seems pedantic, but these were Apple’s own arguments in the past.

Jeff Johnson:

The so-called “verifiable transparency” of Private Cloud Compute nodes is a bad joke. They’re mostly closed source, so security researchers would have to reverse engineer almost everything. That’s the opposite of transparency.

Only Apple could claim that closed source is transparent. Orwellian doublespeak.

Previously:

Update (2024-06-18): Sean Peisert:

My question is why Apple is doing Private Cloud Computing rather than Confidential Computing (e.g., AMD SEV, Intel TDX) to have entirely hardware-enforced isolation, and I guess the obvious answer is that they haven’t built that level of technology into Apple Silicon yet.

Rob Jonson:

You still need to trust that Apple is running the software they say they are.

You also need to trust that they can ignore the NSA if they get an NSA letter demanding that they secretly change the software to enable NSA snooping.

They can’t tell you if the NSA demands that.

Khaos Tian:

Did I miss something on Apple’s PCC setup? If the attestation chain of trust is ultimately traced back to a private key Apple manages, wouldn’t they be able to fake attestation and trick the end device to talk to nodes that’s running non public PCC software?

Update (2024-06-24): Saagar Jha:

Apple seems to just categorically fail at threat models that involve themselves. I guess for iPhone you just suck it up and use it anyway but for this the whole point is that it’s supposed to be as secure as on-device computation so this is kind of important.

Even shelving insider threat, there are a lot of words for “we did TPM”.

[…]

To be 100% clear: you know how NSO or Cellebrite keep hacking iPhones? This thing is made so that if you do that to PCC, you get to see what is going on inside of it. And because of how TPMs work it will likely send back measurements to your phone that attest cleanly.

The “solution”, as far as I can tell, is that Apple thinks they would catch attempts to hack their servers. Oh yeah also hacking the server is hard because they used Swift and deleted the SSH binary. Not like they ship an OS like that already to a billion people.

Also other people have been grumbling about this but I’ll come out and say it: gtfo with your “auditability”. You don’t care about auditability. You care about your intellectual property. This blog post is hilariously nonsensical.

See also: James Darpinian.

Update (2024-07-02): Rich Mogull:

Here is where Apple outdid itself with its security model. The company needed a mechanism to send the prompt to the cloud securely while maintaining user privacy. The system must then process those prompts—which include sensitive personal data—without Apple or anyone else gaining access to that data. Finally, the system must assure the world that the prior two steps are verifiably true. Instead of simply asking us to trust it, Apple built multiple mechanisms so your device knows whether it can trust the cloud, and the world knows whether it can trust Apple.

[…]

So, Apple can’t track a request back to a device, which prevents an attacker from doing the same unless they can compromise both Apple and the relay service. Should an attacker actually compromise a node and want to send a specific target to it, Apple further defends against steering by performing statistical analysis of load balancers to detect any irregularities in where requests are sent.

[…]

Apple will publish the binary images of the software stack running on PCC nodes. That’s confidence and a great way to ensure the system is truly secure—not just “secure” because it’s obscure.

I don’t know—a binary image is certainly on the spectrum to obscurity. And it is still not clear to me how it can be proven that the image that you inspected is the same as the one that’s actually running on the node.

Update (2024-09-13): Lily Hay Newman (via John Voorhees):

“We set out from the beginning with a goal of how can we extend the kinds of privacy guarantees that we’ve established with processing on-device with iPhone to the cloud—that was the mission statement," Craig Federighi, senior vice president of software engineering at Apple, tells WIRED. “It took breakthroughs on every level to pull this together, but what we’ve done is achieve our goal. I think this sets a new standard for processing in the cloud in the industry.”

Nick Heer:

I would hope so — an iPhone 15 with an A16 chip is not compatible with Apple Intelligence. An iPhone 15 Pro and its A17 Pro chip would be a better comparison. I do not know whether this error is Apple’s or the reporter’s, but it has survived a full day since the article’s publication.

[…]

Wired appended a cheeky note to the article saying it “was updated with clarification on the Apple Intelligence-generated image Federighi created for his dog’s birthday and additional confirmation that she is a very good dog”.

They “corrected” that and added the name of his dog but didn’t fix the substantive error.

UTM Blocked Outside App Store via Notarization

Benjamin Mayo (Hacker News):

App Review has rejected a submission from the developers of UTM, a generic PC system emulator for iPhone and iPad.

The open source app was submitted to the store, given the recent rule change that allows retro game console emulators, like Delta or Folium. App Review rejected UTM, deciding that a “PC is not a console”. What is more surprising, is the fact that UTM says that Apple is also blocking the app from being listed in third-party app stores in the EU.

As written in the App Review Guidelines, Rule 4.7 covers “mini apps, mini games, streaming games, chatbots, plug-ins and game emulators”.

UTM says Apple refused to notarize the app because of the violation of rule 4.7, as that is included in Notarization Review Guidelines. However, the App Review Guidelines page disagrees. It does not annotate rule 4.7 as being part of the Notarization Review Guidelines. Indeed, if you select the “Show Notarization Review Guidelines Only” toggle, rule 4.7 is greyed out as not being applicable.

UTM:

Apple has reached out and clarified that the notarization was rejected under rule 2.5.2 and that 4.7 is an exception that only applies to App Store apps (but which UTM SE does not qualify for).

This is confusing, but I think what Apple is saying is that, even with notarization, apps are not allowed to “download executable code.” Rule 2.5.2 says apps may not “download, install, or execute code” except for limited educational purposes. Rule 4.7 makes an exception to this so that retro game emulators and some other app types can run code “that is not embedded in the binary.” This is grayed out when you select Show Notarization Review Guidelines Only, meaning that the exception only applies within the App Store. Thus, the general prohibition remains in effect for App Marketplaces and Web Distribution. But it seems like this wasn’t initially clear to Apple, either, because the review process took two months.

This also seems inconsistent with the fact that the Delta emulator is allowed to be notarized outside the App Store. It doesn’t make much sense for the rules to be more lax within the App Store. I first thought the mistake was that Apple didn’t mean to gray out 4.7 for notarization. Then everything would make sense. But the clarification states that 4.7 is not intended to apply to notarization.

The bottom line for me is that Apple doesn’t want general-purpose emulators, it’s questionable whether the DMA lets it block them, and even siding with Apple on this it isn’t consistently applying its own rules.

kelthuzad:

If Apple can block what’s on “independent” third-party app stores, then the letter of the DMA may be violated or not, but its spirit is most certainly violated. Hope the EU cracks down on such malicious compliance.

Steve Troughton-Smith:

Apple needs to read the terms of the DMA again; Apple can’t reject UTM from distribution in third party marketplaces, in just the same way it can’t prevent Epic from building an App Store. App Review is going to land them yet another clash with the EU, and potential fine-worthy rule violation.

Thomas Clement:

Sigh… what is even the point of third-party distribution if Apple is going to block whatever competition it does not want to see there?

Miguel Arroz:

This is so stupid. UTM is an essential tool for my work, running stuff I need 24/7. This shows that 1. The EU didn’t go far enough in telling tech companies the products people buy belong to them and they must be able to run whatever the hell they want on those products regardless of what some multinational company likes it or not, and 2. Every platform Apple makes is not targeted for real work and productivity except macOS and that’s mostly for historic reasons.

UTM:

We will adhere by Apple’s content and policy decision because we believe UTM SE (which does not have JIT) is a subpar experience and isn’t worth fighting for. We do not wish to invest any additional time or effort trying to get UTM SE in the App Store or third party stores unless Apple changes their stance.

gorkish:

I remember the flash-in-the-pan moment where through some strange conflux of exploits and firmware features UTM on iOS was able to access full hardware virtualization support. It was a glorious glimpse into an alternate reality that we will likely never get to see again.

I don’t have enough superlatives to express my disappointment when seeing all of that effort suppressed and restricted by Apple.

When the UTM authors say “it’s not worth it” -- they may be onto something. Apple is slowly but surely beginning to be “not worth it” for me and for many other professional users.

Previously:

Update (2024-06-19): John Gruber:

Apple’s stance on this seems inscrutable and arbitrary: retro game emulators are, at long last, acceptable, but general PC emulators are not. Such arbitrary policy decisions related to the purpose of the app are fine for the App Store (legally speaking), but clearly not compliant with the DMA. That’s one of the few areas where the DMA is clear. Apple can, of course, ban (say) porno apps from the App Store, but can’t refuse to notarize them for distribution outside the App Store in the EU.

Apple has a security leg to stand on when it comes to JIT compilation, but the version of UTM (UTM SE) that was held up in review for two months, and ultimately rejected by Apple, doesn’t use a JIT. […] That restriction should, in theory, be permitted under the DMA on security grounds. But how the no-JIT version of UTM could be rejected for notarization, I do not see.

And, again, Delta is a retro game emulator, but that’s, officially at least, not why it’s able to be notarized, because the retro game emulator exception doesn’t apply for notarization. If Apple were being consistent it would either notarize both Delta and UTM or neither.

Jason Snell:

In other words, parts of Apple apparently think that they can enforce inconsistent and arbitrary rules even outside the App Store, which is contrary to the entire regulatory process that led to the DMA and the concept of alternative App Stores in the first place.

[…]

The whole point of the DMA is that Apple does not get to act as an arbitrary approver or disapprover of apps. If Apple can still reject or approve apps as it sees fit, what’s the point of the DMA in the first place?

See also: Accidental Tech Podcast, Ben Lovejoy.

Previously:

Thursday, June 13, 2024

iPhone Mirroring

Filipe Espósito (Reddit):

Both macOS 15 and iOS 18 introduce iPhone Mirroring, which is a new way of interacting with your iPhone from your Mac. The feature lets you see and control your iPhone screen from your computer without having to touch your phone. You can also drag and drop files between macOS and the mirrored iPhone.

At least in beta 1, this feature is not available.

Wayne G:

iPhone Mirroring steps things up considerably, allowing you to use your phone, see notifications, and use your apps—all from your Mac desktop. Because this is a Continuity feature, it does require that your iPhone be on the same WiFi network as your Mac and have Bluetooth enabled.

When you launch iPhone mirroring, your iPhone’s Home Screen appears in a window on the Mac desktop. From there you can use your keyboard and mouse/trackpad to navigate the phone, swiping between Home Screen pages, and launching and browsing apps.

I’m really looking forward to this, both so that I can access my phone when it’s locked and so that I can fly through tasks with the keyboard and mouse that would be awkward on the touch screen. Universal Clipboard helps but doesn’t go far enough.

Matthias Gansrigler:

iPhone Mirroring. Aka “I can finally post to Instagram from my Mac”

Matt Birchler:

Bezel has done something like this before, but Apple uses their elevated position as the platform owner to take this to the next level.

This looks sick and is really cleverly done. The thing that gets me most excited is the ability to have notifications appear on my Mac and not just on my iPhone. The fact that clicking on that notification opens that on my iPhone on my Mac’s display is just awesome. And again, since Apple has elevated powers here, the fact that your phone screen remains off while all this is happening is just a cherry on top.

I can’t help but snark that Apple lets you use your iPhone with a mouse and everyone thinks it’s awesome, but touching a Mac remains beyond the pale and something only a fool would suggest 😉

Christina Warren:

So if I can control my phone from my Mac with a touchpad — wouldn’t it be cool if I could I dunno, control those apps on my Mac with a touch screen? What if I just got a touch screen on my Mac!

Previously:

Update (2024-06-24): M.G. Siegler:

iPhone Mirroring on macOS Sequoia still may be the star of the entire show to me.

Also, how about we do the same thing with Mac Mirroring on an iPad?

Previously:

Update (2024-06-25): Juli Clover:

With the second developer beta of macOS Sequoia, Apple has added support for iPhone Mirroring, one of the main updates coming to the Mac.

Update (2024-07-01): George Garside:

By default, the iPhone Mirroring window on macOS Sequoia appears at actual size and cannot be resized. The frame of the iPhone with iOS 18 is not draggable and the size of the iPhone cannot be enlarged. However, it is possible to make the window larger through a hidden setting.

Update (2024-07-25): Juli Clover:

With the fourth beta of macOS Sequoia that came out today, Apple added a useful new feature to iPhone Mirroring.

Aaron Pearce:

I do have one question around iPhone mirroring… can you have multiple iPhones?

Previously:

Update (2024-10-08): Sevco Security (via Hacker News):

Sevco discovered a major systemic privacy bug whereby the applications from a user’s personal iPhone may become part of the company’s software inventory via a new Apple feature known as “iPhone Mirroring.”

In short, the applications on an employee’s personal iPhone may be exposed to their corporate IT department.

Update (2024-10-09): Rui Carmo (MacRumors):

My initial thought when reading this was “this is just stupid”. Then I thought about the added complexity involved over just mirroring the display, and I thought it was probably a great idea UX-wise (on the lines of Continuity), but, in the end, I still think it’s a profoundly stupid implementation, for the following reasons[…]

Update (2024-11-06): Cabel Sasser:

Using iPhone Mirroring just to listen to the Nintendo Music app on my Mac is an incredibly good trick

And as a bonus, after shrinking it down, it ALMOST feels like I’ve got a weird Audion skin running

Update (2024-11-25): Stephen Hackett:

The addition of iPhone Mirroring in macOS Sequoia is my favorite addition to the Apple ecosystem in years.

[…]

I — like everyone else — have some iPhone-only apps in my life that either aren’t available on my Mac, or run pretty poorly. Having them available from the machine I’m already working on is sweet.

Update (2024-12-02): Helge Heß:

I really love the idea of iPhone mirroring, and it somewhat works, sometimes. But the execution is not exactly great? Feels a little weird that this got released in this state. In practice it gives me notifications only arriving on my iPhone and when I click them,

  • my phone itself is on, stopping the process, or
  • not nearby (though still in the same WLAN) or
  • sth else

which doesn’t actually make the mirror app to successfully connect. Disappointing, because I’d like that. No resizing.

Dark Mode iOS 18 App Icons and Home Screen Personalization

Apple:

People can customize the appearance of their app icons to be light, dark, or tinted. You can create your own variations to ensure that each one looks exactly the way you way you want. See Apple Design Resources for icon templates.

Design your dark and tinted icons to feel at home next to system app icons and widgets. You can preserve the color palette of your default icon, but be mindful that dark icons are more subdued, and tinted icons are even more so. A great app icon is visible, legible, and recognizable, even with a different tint and background.

Louie Mantia:

It appears to me that all white-glyph icons in dark mode use their background color as their foreground color. Mail’s white envelope becomes blue. The blue background becomes black. A blue envelope is a little weird, but it’s rendered as a symbol, unlike Wallet or Files, which have minor shading.

The white-background icons simply become black-background icons. Maps utilizes a dark mode color palette from the app itself, Weather turns the sky black, but oddly keeps the sun rather than switching to the moon. This could be a rule Apple enforces only for themselves, where their app icons won’t change shape, only coloration. The Photos petals are now additive color rather than subtractive.

Unfortunately, some icons appear to have lost or gained weight in dark mode. For example, the Settings gear didn’t change size in dark mode, but it appears to occupy less space because the dark circle around it blends with its background. That makes it appear smaller than the Find My icon, which now looks enormous next to FaceTime. This is a remnant of some questionable design choices in iOS 7 that have lingered now for the last decade.

[…]

Now, let’s walk through some icons I adapted into dark mode to see how we might tackle this new challenge.

Nick Heer:

I think it is safe to say a quality app from a developer that cares about design will want to supply a specific dark mode icon instead of relying upon the system-generated one. Any icon with more detail than a glyph on a background will benefit.

Also, now that there are two distinct appearances, I also think it would be great if icons which are very dark also had lighter alternates, where appropriate.

Ryan Jones:

These tinted icons are… something.

Includes a Large icon option. 🫣

Matt Birchler:

On Android, app developers need to submit their icons in a specific way to make them available for theming like this. If an app developer doesn’t do this and just has an image file for an icon, then they won’t get themed. What this ends up meaning is that icons that are set up for theming look great and those that are not stick out like a sore thumb.

[…]

iOS 18 takes a different approach, in that it will change every single icon for you, no matter what. This removes the case above where apps like Letterboxd and Readwise Reader don’t support theming, but in my view, also makes it so that every icon looks pretty bad.

Previously:

Update (2024-06-18): United States Graphics Company:

Icons as they are supposed to be.

The whole point of icons is to identify and differentiate using semiotics, not assimilate as a sleek monochromatic slop of washed out minimalism.

See also: Eli Schiff.

Update (2024-06-19): Craig Grannell:

Still floored that the new iOS 18 iPhone Home Screen gives you four different options for how your icons can look, at two different sizes, but no sorting options. Apple execs must like busywork and fiddling around, rather than efficiency.

At least it will be easier to rearrange them using a mouse with iPhone Mirroring.

Remo_Pr0:

Wait if every app icon must have a dark mode and tintable icon then what would happen to additional app icons? Now in apps like for example @marvis_app there must be two extra icons for every additional style?

Via Eli Schiff:

Apple in their new theming paradigm makes redundant the functionality they made available a few years ago to allow devs to include custom icons. Oh, they still let you supply them. But they’ll just stick out.

Eli Schiff:

There is a reason designers have never done monotone blend modes/maps on top of their icons. They don’t look good. We can see here in this example. Just look at the two on the left. But now that Apple’s forced the matter somehow people say mono looks good.

Update (2024-06-24): John Brayton:

If an app has several icon options that vary only by color combination, it seems natural to let the user choose one option for light mode and another for dark mode. But there is no way to do this without providing n2 app icon entries in the asset catalog. It also seems like the tinted icon should be the same for each option when they only vary by color combination. But the only way for several icon options to use the same tinted variant is to copy the same PNG into each app icon asset catalog entry.

My ideal solution to this would be a new setAlternateIconName method on UIApplication that accepted 3 different parameters: a light mode icon name, a dark mode icon name, and a tinted icon name.

Update (2024-07-09): Sebastiaan de With:

iOS 18 beta 3 seems to be doing an intelligent auto-dark tint on some third party app icons. It’s reliably triggered by being a clearly delineated shape on a white background. Other icons just get a slight ‘darkening’ effect applied.

BUT! check out that Facebook icon invert. Some kind of computational icon design happening here. Wild.

Sebastiaan de With:

it’s super interesting to me how iOS 18b3 inverts colored icons: it seems to grab icons with a flat color or 90° gradient and somehow turns the main shape into a mask to cut out its previous background gradient?

Redesigned Photos App in iOS 18

macOS 15 upgrade managed to delete my local Photos library. Since I don’t have iCloud Photos enabled on that mac, all local photos are gone now. well.

Federico Viticci:

The Photos app is getting a big redesign in iOS 18 that is surely going to take some time getting used to. The new design revolves around a single-page UI that eschews a tab bar in favor of a split-screen approach with your grid of photos shown at the top, followed by a series of collections that encompass both traditional albums, previous categories such as ‘People and Pets’ and Memories, as well as new sections such as Trips and Recent Days.

The best way to think about this redesign – which I’m sure will be debated a lot this summer – is that everything can now be considered a “collection” that you can pin for quick access to the top of the Photos UI. The top of the interface is still taken up by the regular photo grid (which you can more easily filter for content now), but that part can also be scrolled horizontally to swipe between the grid and other collections. For example, you can swipe from the grid of recents to, say, featured photos, your favorites, or any other collections you want to pin there.

[…]

It’s a lot to take in at once, and this new design can be quite daunting at first. I understand that Apple wants to try a unified design for the Photos app to put a stronger emphasis on rediscovering memories, but I wonder if maybe packing too much information all at once on-screen could be disorienting for less proficient users. The new Photos design almost feels like an exercise in showing off what Apple can build with SwiftUI just because they can; time will tell if users will also appreciate that.

The new Photos interface reminds me of the TV and Music stores, which are among my least favorite Apple designs. I never want to see horizontal scrolling.

Ryan Christoffel:

Photos in iOS 18 now puts all your content on a single screen. Similar to the Journal app introduced last year, the entirety of Photos navigation is done in a single screen that you scroll through to find all your content. That’s it. One screen, scroll up and down, scroll side to side for carousels—everything in the app lives there.

I suppose I should reserve judgement until I try it, but this sounds dreadful.

Juli Clover:

These changes to Photos are in iPadOS 18 and macOS Sequoia as well as iOS 18.

The Mac version does still have a sidebar.

Benjamin Mayo:

iOS 18 Photos app is weird. It’s like they tried to simplify it, but in reality it is now more complicated. No tab bar means there’s nothing to permanently ground navigation.

Ryan Jones:

iOS 18 Photos app is NOT going to go over well.

Waaaaaaay too little org hierarchy.

iOS 18 Photos == iOS 15 Safari

Steve Troughton-Smith:

If the new Photos app is the new poster child for ‘rewritten in SwiftUI’, hoo-boy…

Previously:

Update (2024-06-18): CTD:

Still very surprising and longstanding omissions in iOS and iPadOS Photos including no support for viewing or adding keywords. No Smart Albums.

Update (2024-07-02): See also: Brandon Butch and Trevor.

Update (2024-07-08): Chance Miller:

Billy Sorrentino, senior director at Apple’s human interface design team, explained the motivation behind this dramatic redesign.

“As our features, users and libraries have grown, so has the density of the [Photos] app. So rather than hunt and peck throughout, we’ve created a simple streamlined single view photos experience based on deep intelligence,” Sorrentino explained. “Ultimately, we wanted to remove friction.”

[…]

“Lots of deep intelligence combined with customization means that Photos can be more personal,” Apple’s Della Huff, manager of the camera and photos product marketing team, explained. “Everyone has a different workflow and so automatic customisation is really key here.”

Emphasis added.

Frank Rausch:

It’s a typical modern UI: You don’t get to form a fitting mental model / cognitive map of how the app is structured and how it works; instead you react to whatever pops up on screen and tap to see what happens.

Mario Guzmán:

This is the current state of app design. And I hate it. Also, what makes it more frustrating is that the old HIG used to have a section on mental models.

But it feels like prominent apps like Photos get redesigned so often that even if you adapt your mental models around the app, you’ll have to re-adapt again shortly because they will be introducing a whole new design soon.

I also hate that it is “Suggestions-first” rather than let me just go to where I need to go to.

Mario Guzmán:

For any designer who has lost their way… here is some information on Metaphors and Mental Models when designing your app’s UX from the original Mac Human Interface Guidelines. I hope this helps.

Federico Viticci (Mastodon):

It’s been a few weeks since I installed iOS 18 on my primary iPhone, and I feel pretty confident in saying this: I was wrong about the new Photos app at first.

I’ll reserve more in-depth comments for the public beta and final release of iOS 18; of course, given the drastic redesign of the app, there’s also a chance Apple may scrap their plans and introduce a safer update with fewer structural changes. However, over the past few weeks, I noticed that not only do I find myself discovering more old photos in iOS 18, but the modular approach of the more customizable Photos app really works for me. I was able to fine-tune the top carousel to my liking, and I customized pinned collections with shortcuts to my favorite sections. Put simply, because of these changes, I use the Photos app a lot more and find navigating it faster than before.

John Gordon:

Things are bad when Apple execs bother to say anything about Photos.app

In my hallucinations the EU forces Apple to make PhotoKit a full platform for third parties to replace Photos.mac with their own product.

Update (2024-07-15): D. Griffin Jones:

With the major Photos app redesign coming in iOS 18, Apple aims for simplicity. However, the version of the Photos app in iOS 18 developer beta 3 is a hodge-podge of design that will confuse users. I think that if Apple doesn’t revise its approach, the company will face significant backlash when it releases the updated app to the public this fall.

Update (2024-07-16): Steve Troughton-Smith:

The new Photos app in iOS 18 just doesn’t do it for me; in fact, I can’t stand the changes they’ve made to the UI and navigation. I am firmly in the camp that feels the photo library is a feature, a utility to be used by other apps. Apple, however, wants Photos to be a destination, a product with a unique UI, flashy features and user retention gimmicks. Whether these two things should be two different apps, I don’t know, but what we’ve got here isn’t an app I want to have my photos in anymore.

It’s worth saying: none of this would be a problem if the Photos app were a user-replaceable component like antitrust regulators in the EU desire. I could just replace the Photos app, which is clearly going off in a direction I want nothing to do with, with an alternative that looks and functions like the old one.

Jason Snell:

I 100% understand the impulse and think it might be forgivable if you could dismiss the other thing and keep it gone, but I can’t get over the whole thing where you launch into the MIDDLE of a scrollable area with different destinations up, down, and (sort of) to the right. It’s bananas.

Machiel:

There is no sense of place. You are lucky if it shows you what you want to see because good luck finding it yourself. Good luck organizing.

There is no way to manage photos properly with this design.

Collin Donnell:

A lot of modern Apple apps on macOS are really lacking in the keyboard shortcuts department. Apple Photos are Freeform are two big ones for me.

Update (2024-07-18): Tuomas Hämäläinen:

One of the things that bothers me about the new Photos app is the heavy emphasis on the system picking a photo or a set of photos to represent a particular collection of items. It makes me feel like I’m not in control, like I might just miss the thing I’m looking for because the system has decided what to highlight and what to downplay. It looks fancy but doesn’t fit the way my brain works. Give me all the items in a regular grid so I can scan visually like I’m used to.

Update (2024-08-07): Steve Troughton-Smith:

I'm really not looking forward to teaching my parents how the new Photos app works and telling them 'no you can’t have the old one back’, ‘no I don't like it either’ 😑

Federico Viticci:

Well, I sure am glad I didn’t pre-write the Safari and Photos chapters of my iOS 18 review.

In today’s iOS 18 beta 5, Safari now comes with a ‘Distraction Control’ feature to hide website elements; Photos’ new design loses the carousel at the top and has other tweaks.

Chance Miller:

One of the big changes to the Photos app in iOS 18 was the addition of a new Carousel view. This view allowed users to swipe left and right to view highlights that updated each day and featured favorite people, pets, places, and more. However, with iOS 18 beta 5, this feature has been removed entirely from the Photos app.

Apple says iOS 18 beta 5 also tweaks the “All Photos” view to display more of the photos grid, without the user having to swipe down. The new “Recent Days” feature also now includes “Recently Saved” content, both of which previously existed separately.

Finally, Apple says that iOS 18 beta 5 adjusts where albums are located for people with multiple albums. The Photos app continues to be fully customizable, and users can rearrange sections and categories as they see fit.

Steve Troughton-Smith:

The base level of UI in Photos in iOS 18 beta 5 is a little bit better. But it still has janky scrolling and scroll cancellation that makes it a pain to transition between the grid and what lies beneath. Scroll up and down and watch it rubberband and stutter and glitch about to see what I mean. Navigate a level deeper into anything and it’s just as bad as before, though. It’s even more awful than I would have expected a SwiftUI rewrite of a major system app to be, and my expectations are low.

Previously:

Update (2024-08-14): Juli Clover:

This guide aggregates everything different with the iOS 18 Photos app, and it is up to date with Apple’s latest changes.

Steve Troughton-Smith:

Photos in iOS 18b6 has improved to ‘unpleasant, but tolerable’, at least once you turn off basically everything. I don’t like the scrolling main screen, and I don’t like that albums dismiss on scroll, but you can turn off enough of it now to make it work

Update (2024-09-12): Justin Bianco:

I’ve been using iOS 18 for a few weeks now and the Photos app is interesting but scrolling is a joke. I constantly dismiss an album when I’m trying to scroll through it, if I scroll too far sometimes I get an auto playing slideshow movie, and the whole thing feels like using an over-designed, scroll-jacked website. Navigation just doesn’t feel linear or hierarchical anymore and I hate it.

Mario Guzmán:

Everything about this post is what I experience too. I’m constantly accidentally exiting out of an album because my finger meaning to scroll vertically is slightly slanted and takes it as a horizontal swipe. This is by far the most frustrating Photos app.

Steve Troughton-Smith:

I really hope Apple has learned something useful by rewriting Photos in SwiftUI, but I would still go back to the old app in a heartbeat

Update (2024-09-17): Jason Snell:

I’ve spent the summer working on a new edition of my book about Photos and so I’ve had a lot of time to think about what Apple’s trying to do here.

[…]

So the new version of Photos doesn’t launch to the Library view, with a bunch of tabs at the bottom that apparently few people clicked on. Instead, it launches to a new hybrid view (thankfully simplified and tweaked since the original iOS beta earlier this summer) that displays the familiar Library grid in the top two-thirds of the screen, with a series of Collections in the bottom third. When you scroll up, you’re in classic Library view. When you scroll down, you’re seeing the multitude of ways that Photos can automatically carve up and re-serve you the contents of your Library in ways that make sense and are pleasing.

I know that these changes made a lot of people cranky this summer, but I think the app ended up in a great place. Sure, if you are someone whose idea of using Photos is to launch it and only see the very latest items, I guess this update adds clutter. And Apple should probably let people say “I don’t want to launch in this view” and honor that request. But for the vast majority of iPhone users, Collections are a boon, a way in to your library that offers major improvements over long scrolls through the Library.

[…]

The Mac is updated too, but there’s no real interface overhaul—you can get to Collections via the Sidebar, as always.

Update (2024-09-20): Dan Moren:

The redesign has taken some time to get used to, but after a few months with it I’ve found I really do appreciate the changes for the most part.

Federico Viticci:

I was wrong about the new Photos at first. Having used iOS 18’s Photos app every day since June, not only do I think Apple managed to invent a new design paradigm for SwiftUI-based, library-centric apps on iOS, but they’ve also created an app that is going to help people rediscover old memories more effectively and serendipitously than before.

Update (2024-09-25): Scott Hanselman:

The new ios18 photos app is just awful. Does exactly the opposite of everything I need it to do in the most unintuitive way possible.

John Gordon:

iOS 18: took me 20 minutes of use to crash Photos.app on iOS 18.0

[…]

Looks like iOS 18 photos can’t handle large numbers of albums. Apple needs to pay me to test their crap.

Tim Hardwick:

While this new layout aims to streamline navigation, you may want to tailor it to your preferences. Here's how you can customize and reorder collections in the new Photos app.

Dave Mark:

I am constantly confused by the new Photos app layout. Years and years of muscle memory thrown to the wayside.

This article really helps, PLUS it’s good to know how to customize the layout.

Update (2024-11-11): Marcin Krzyzanowski:

my iPad has almost 20 cm width, yet all buttons are crumbled in a corner with 1mm space between them, with spaces that makes it impossible to touch the right button with human sized fingers

Update (2024-12-05): Tanner Bennett:

There used to be a private setting to revert the photos app back to how it looked before iOS 18. I hope Apple is seeing all this feedback and makes that setting public. This is worse than the Safari redesign by far.

Update (2024-12-06): Matt Growcoot (via Ric Ford):

While users can’t take their Photo app back to the iOS 17 way of doing things, there is a way of changing it on iOS 18.

Catalyst (Not) at WWDC24

As far as I can tell, there were no Catalyst sessions this year. Apple hasn’t talked about it much since 2021.

The Mac developer page says:

Choose your app-builder technology

Another early choice to make is which app-builder technology to use for your interface. Apple’s app-builder technologies provide the core infrastructure macOS needs to communicate with your app. They also define the programming model you use to build your interface, handle events, and more.

The two technologies listed are SwiftUI and AppKit, with SwiftUI preferred. There is still a navigation bar item for Mac Catalyst, but I’m not sure Apple itself is using it much except for the apps like Messages and Home that it already ported. I wonder whether those will become SwiftUI in time. Initially, Catalyst sounded like a transition technology, but, as with Carbon, Apple didn’t paint it that way. Some in the iOS developer community like it. It started out with a lot more functionality than SwiftUI. But I don’t hear developers talk about it that much anymore, and Apple doesn’t seem to be using it for new apps. Freeform for Mac uses AppKit and nibs (along with SwiftUI). Journal curiously remains iOS-only.

Michael Love:

Catalyst appears to be dead, more-or-less.

Amber Neely:

Apple has announced a handful of new features coming to its Journal app this fall, but for reasons only it knows, the company hasn’t announced any plans to bring it to iPad.

Jesse Squires:

The iOS Journal app improvements look great.

Still a mystery why it is not available on iPad or Mac.

Even if it’s just catalyst or otherwise not customized for the other platforms, it would still be incredibly useful as is.

But instead, I’m going to be using iPhone Mirroring to use the journal app on my Mac. And that just seems so fucking dumb and absurd.

Previously:

Update (2024-06-14): See also: Steve Troughton-Smith.

Update (2024-06-18): Thomas Ricouard:

The last time Catalyst was ever mentioned at a WWDC was in 2021 lol.

Colin Cornaby:

I think what killed Catalyst is what’s slowly killing UIKit everywhere - it’s not flexible enough to adapt to multiple platforms. Does Vision Pro support UIKit? Sure. Is UIKit a good way to write Vision Pro apps? No. It’s not just the Mac. Across the board UIKit is generally not adapting well to other platforms. All the platforms support UIKit - and generally it’s half baked on all of them except iOS.

That’s not to say SwiftUI doesn’t have its own problems - but it’s still much more quickly adapting itself to new platforms. I don’t know if visionOS would be as easy to develop for without SwiftUI.

Update (2024-06-20): Marcin Krzyzanowski:

The way UITextView is broken on Catalyst, is beyond imagination. It is just plain broken editing.

Update (2024-08-08): pmdj:

I guess my forum question comes down to this: Is Mac Catalyst considered a platform for building macOS apps in its own right? Or are we “holding it wrong” and should we only treat it as a way of tweaking Mac ports of iOS/iPad-first apps? Should we expect APIs to disappear from the Mac Catalyst SDK with zero notice?

Quinn:

Regarding these XPC APIs, you are right that APIs shouldn’t just disappear without warning. […] I had a look at your bug and it’s clear that this was a mistake.

[…]

Regarding Mac Catalyst as a whole, Apple rarely makes forward-looking statements about our platforms, but this is a rare exception to that rule. Watch WWDC 2022 Session 102 Platforms State of the Union, and specifically Josh’s section starting at 3:43.

[…]

I’m not a UI programmer at heart. That’s why I’m a big fan of SwiftUI. With SwiftUI I can cons up a basic interface and have it run natively on both iOS and macOS, without having to worry about the limitations of Mac Catalyst.

Update (2024-08-09): Aaron Pearce:

When you still have to build your own toolbar library to fix Mac Catalyst UI bugs, it says a lot about how little Catalyst has improved.

Matt Gallagher:

This looks like it’s a MacCatalyst limitation. I might need to file a feedback: app-defined commands should be allowed to override the commands that MacCatalyst injects automatically.

Aaron Pearce:

Yeah, sadly I’m stuck with Catalyst due to decisions by Apple to only allow HomeKit access via that means…

There’s also a Catalyst-only API that I’d like to use, but that’s probably asking for trouble.

Update (2024-08-17): Aaron Pearce:

Trying to build a first class Mac app via Catalyst just seems demotivating right now. So many small bugs that should have been fixed after so many versions of macOS.

I feel like I’ve spent the last few weeks investing in workarounds to simple UI bugs caused by Catalyst.

The next step would be to invest even more time into a solution to let me mostly use HomeKit via native AppKit/SwiftUI. Only HomeCam wouldn’t get to use this as the camera view is UIKit based.

Using Apple Accounts With macOS Virtual Machines

Andrew Cunningham (Hacker News):

But up until now, you haven’t been able to sign into iCloud using macOS on a VM. This made the feature less useful for developers or users hoping to test iCloud features in macOS, or whose apps rely on some kind of syncing with iCloud, or people who just wanted easy access to their iCloud data from within a VM.

Or even to run an app from the Mac App Store.

This limitation is going away in macOS 15 Sequoia, according to developer documentation that Apple released yesterday. As long as your host operating system is macOS 15 or newer and your guest operating system is macOS 15 or newer, VMs will now be able to sign into and use iCloud and other Apple ID-related services just as they would when running directly on the hardware.

Great news, but the version restrictions mean it will be most useful after the next WWDC.

Apple (via Hacker News):

Nested virtualization is available for Mac with the M3 chip, and later.

This means running a VM inside of a VM.

Marcin Krzyzanowski:

macOS virtual machine allows to install macOS AND USE ICLOUD

That is 99% what you need to have viable macOS simulator.

Miles Wolbe:

“Using a macOS 15 installer to upgrade an older VM doesn’t provide support for iCloud.”

Sadly, signing in to the App Store does not appear to be supported (for now?), returning “An unknown error occurred.”

Previously:

Update (2024-06-18): Howard Oakley:

This article explains the changes promised in macOS Sequoia as a host, and their consequences on VMs.

[…]

In previous versions of macOS, VMs have been unable to access most storage except in the VM’s own disk image or through shared folders. With Sequoia they will now be able to access USB storage through the UUID of the storage device. This should provide direct access to external disks, and any other external storage connected to the host via USB.

[…]

For those with Macs with Ultra chips and ample cores, there’s no indication that Apple has relaxed its licence to allow any more than two macOS VMs to be run at the same time.

Apple Account

Joe Rossignol:

Earlier this year, we reported that “Apple ID” would be renamed to “Apple Account,” and this change has now been officially announced.

Update (2024-06-18): Adam Engst:

Apple ID and Apple Account aren’t precisely parallel, since an Apple ID was primarily an identifier—it’s an email address—whereas an Apple Account would have both a username and a password.

The real problem comes when tech writers document features across multiple versions of Apple’s operating systems. We’ll probably use both terms for a while before slowly standardizing on the new term. Blame Apple if you see awkward sentences like “Continuity features require that you be logged into the same Apple Account (Apple ID in pre-2024 operating systems).” Or maybe writers will compress further to “Continuity features require that you be logged into the same Apple Account/ID.”

Wednesday, June 12, 2024

Thank You, Big Nerd Ranch

Big Nerd Ranch:

It is with a mix of emotions that we announce the upcoming sunsetting of some key aspects of Big Nerd Ranch and the transition of others. For over 23 years, we’ve had the privilege of empowering aspiring programmers through our immersive bootcamps and books. From the iconic ranch in south Georgia to the late-night coding sessions, Big Nerd Ranch has fostered a unique and beloved community for anyone looking to grow and learn new technology.This decision hasn’t been an easy one. The landscape of tech education has evolved significantly since our inception. While Big Nerd Ranch has always strived to adapt, the current environment necessitates a more substantial shift.

[…]

We are not planning on releasing any new editions of our books. Current editions will be available for the foreseeable future but will go out of print over time.

Via Tim Schmitz:

I got into developing for Apple platforms by reading Big Nerd Ranch books in the 2000s. Sad to see them go.

Same.

Previously:

Update (2024-06-13): David Kopec:

That’s too bad. Some of the best macOS, iOS, and Android books. I used them in my classes.

Rob Jonson:

what a shame, Big Nerd Ranch Bootcamp was how I transitioned from PalmOS to MacOS (they didn’t yet have a course for iOS!)

iOS RCS Support Delayed

Allison Johnson (Hacker News):

The long-awaited day is here: Apple has announced that its Messages app will support RCS in iOS 18. The new standard will replace SMS as the default communication protocol between Android and iOS devices. The move comes after years of taunting, cajoling, and finally, some regulatory scrutiny from the EU.

Unfortunately, we don’t know much else other than the fact that it’s coming in iOS 18. Apple’s website on the upcoming release does at least include one example of how RCS will look on iPhones. “RCS” appears in the text field to indicate a connection, but otherwise, it’s all pretty standard.

Green bubbles, of course.

Andrew Orr:

Apple said in its WWDC 2024 announcement on Monday that RCS support will be introduced in a software update later in the year.

However, it may not coincide with the initial release of iOS 18. Users might see RCS features become available in subsequent updates.

Last November, Apple had said that RCS would be added to iOS 17 in early 2024, so it’s disappointing to hear that it probably won’t even be in iOS 18.0.

The keynote announcement had the same energy as announcing the iPhone 15 switch from Lightning to USB-C. But I thought that was great, and I have high hopes for RCS if it can indeed improve the photo quality over MMS.

Previously:

Update (2024-06-18): Emma Roth:

Instead of showing how RCS will make things better, Apple softly announced support for the standard and focused on all the great features coming to iMessage users — not RCS ones.

Apple didn’t go over how RCS adoption will finally let iPhone and Android users send each other high-resolution pictures and videos. It didn’t even say how RCS will enable support for cross-platform read receipts and typing indicators.

Tuesday, June 11, 2024

Window Tiling and Snapping in Sequoia

William Gallagher:

Now with macOS Sequoia, it’s having a third go — and this time it’s mimicking third-party window management apps. There are very many of these, including perhaps the most popular, Moom.

All of them, including Apple’s new window tiling feature, let you either drag a given window to a certain spot on your screen, and then have it automatically reposition itself. It’s startling how many options there can be, but the basics that Apple does mean if you drag a window to the left, it expands out to occupy the whole left side of your display.

[…]

Apple has also copied one particularly good element of third-party window management apps. Once a window has been dragged to tile on one side or the other, dragging it back immediately resizes it to the width and height it had before.

I’ve tested this a bit, and it seems great. I’ve never understood why Apple spent 20+ years working on Mission Control, Spaces, full screen, and Stage Manager—all while mostly neglecting regular window management. (They did add the hidden Move Window to Left/Right Side of Screen commands in the Window menu, which only appear if you hold down Option and which have no built-in keyboard shortcuts.)

It’s great to have these features built-in, but I will probably still use Moom because of its more advanced tiling features and ability to reposition windows when I connect and disconnect displays.

On my Mac, with Developer Beta 1, the Window menu shows the new commands with no modifiers keys for the keyboard shortcuts. I couldn’t figure out how to type them. This screenshot shows that the modifiers are intended to be fn-Control and fn-Control-Shift, which do work on my Mac, even though I can’t see them.

Steve Troughton-Smith:

The biggest ‘finally’ of the WWDC keynote was macOS picking up Windows-style window snapping.

Craig Grannell:

What got me: someone at Apple thought it a good idea to leave gaps between the windows.

I wondered that, too, but there is a Tiled windows have margins setting to turn off the extra spacing.

Previously:

Update (2024-06-12): Jack Brewster:

I don’t think I’ll be switching away from Moom. Saved layouts, and automatic layout changes with display changes are too useful to me. And the custom window sizes with keyboard shortcuts are more useful to me than what I’ve seen with Apple’s feature.

I do think it’s a solid implementation though, and lighter-weight tiling apps will probably be Sherlocked by this.

I think Apple is leaving room for more powerful third-party utilities. I just Apple would give them better APIs to work with.

Many Tricks:

In theory, we could add support in Moom to leave space for the thumbnails, but it’s non-trivial because Apple didn’t provide a developer API to Stage Manager (which we would use to find out if it’s running, and the size and location of its thumbnails).

Tim Hardwick:

PC users have had tiling since at least Windows 7 and Aero Snap, and if you've ever used those, the new window tiling feature in macOS Sequoia will be familiar.

[…]

The dragging system is far from infallible though. If you drag a window to the side of the screen and hold it for more than a couple of seconds, you can sometimes unintentionally switch to an adjacent desktop space if one is active. It can also be quite tricky to place certain app windows so that they snap to corners.

A good reason to use keyboard shortcuts, except that the fn/globe key is hard to access on a full-sized keyboard.

Update (2024-06-18): Ben Cohen:

I only have four non-default settings I need on a fresh Mac install and now I have a fifth one.

aridan:

An underrated feature in macOS Sequoia is that you can now make it so that when you double click the title bar of an application it will fill the screen.

There is a zoom option, but that only tells the application to use as much space to show all content, not the whole screen.

Update (2024-09-17): Jesse Grosjean:

I like the idea of MacOS 15’s snap to windows, but I’m getting a lot of false positive snaps. Is there a way to increase the delay, or quickly undo the snap?

Update (2024-10-30): On macOS 15.1, I have Drag windows to screen edges to tile enabled, but it does not actually offer to tile the windows when I drag them to the screen edge. (Hold ⌥ key while dragging windows to tile does work, however.)

Update (2024-11-01): The other bug I’m seeing is that the really annoying Drag windows to menu bar to fill screen option keeps turning itself back on.

Update (2024-11-08): Adam Engst:

Apple understandably chose to turn these features on by default because no one would find them otherwise, but having windows change size underneath your pointer can be jarring. Luckily, new settings in Sequoia let you move windows around your Mac without having them jump around.

Besides Drag windows to menu bar to fill screen not staying off, I am having trouble getting Hold ⌥ key while dragging windows to tile to stay turned on.

Monday, June 10, 2024

Apple Intelligence Announced

Apple (preview, Hacker News, MacRumors, 9to5Mac):

Writing Tools help users feel more confident in their writing. With Rewrite, Apple Intelligence allows users to choose from different versions of what they have written, adjusting the tone to suit the audience and task at hand. From finessing a cover letter, to adding humor and creativity to a party invitation, Rewrite helps deliver the right words to meet the occasion. Proofread checks grammar, word choice, and sentence structure while also suggesting edits — along with explanations of the edits — that users can review or quickly accept. With Summarize, users can select text and have it recapped in the form of a digestible paragraph, bulleted key points, a table, or a list.

[…]

In the Notes and Phone apps, users can now record, transcribe, and summarize audio.

[…]

Natural language can be used to search for specific photos, such as “Maya skateboarding in a tie-dye shirt,” or “Katie with stickers on her face.” Search in videos also becomes more powerful with the ability to find specific moments in clips so users can go right to the relevant segment. Additionally, the new Clean Up tool can identify and remove distracting objects in the background of a photo — without accidentally altering the subject.

[…]

A cornerstone of Apple Intelligence is on-device processing, and many of the models that power it run entirely on device. To run more complex requests that require more processing power, Private Cloud Compute extends the privacy and security of Apple devices into the cloud to unlock even more intelligence.

Benjamin Mayo:

Apple today unveiled a new version of Siri, that it promises is more natural and helpful. The new Siri is powered by Apple Intelligence generative AI models.

[…]

Apple says the new Siri will understand context, so you don’t have to repeat information in subsequent requests.

[…]

Siri will have on-screen awareness about what you are currently looking at, and have the ability to take in-app actions.

[…]

App Intents will allow Siri to work deeply with first-party and third-party apps.

But will Siri be able to create a reminder with the literal text of what I said?

Hartley Charlton (9to5Mac):

Siri will determine if queries may be useful to forward to ChatGPT, and asks the user for permission to share. This enables Siri to leverage ChatGPT’s image- and text-understanding capabilities with no need to jump between tools.

[…]

Siri will leverage GPT-4o for free, with no need to create an account. Requests are not logged and IP addresses are obscured.

Tim Hardwick:

has unveiled a new Image Playground feature that allows you to create generative images on the fly using a range of concepts like themes, costumes, accessories, places, and more.

You can type a description, and choose from Animation, Illustration, or Sketch, and Image Playground will create the image tailored to your preferences.

Ryan Christoffel (MacRumors):

Apple shared a new feature that will enable you to create an emoji for any occasion. Apple calls this AI-powered feature Genmoji.

[…]

Since emojis are actually unicode characters that work cross-platform, Apple’s Genmoji won’t technically work the same way as other emoji, since if they were, they wouldn’t display properly on non-Apple devices. Instead, Apple creates Genmoji as images.

Meek Geek wonders whether the hardware requirements are artificial.

Previously:

Update (2024-06-14): See also:

Tyler Hall:

Here’s the thing. This all looks amazing. But, when it comes to knowing when to pick my mom up from the airport, I’m going to have to triple-check the results with the source data to be sure the AI isn’t just making stuff up.

I’m sure Apple has this covered better than other companies, but it’s going to be a long time before I blindly trust the results of so much disparate data.

Francisco Tolmasky:

Biggest takeaway from WWDC: everyone overestimated Tim Cook and underestimated Sam Altman. Apple I’m sure thinks this is a stopgap until they can swap in their own LLMs. But OpenAI is betting this is a stopgap until they can swap in their own phone. It remains to be seen who is right here, but I can tell you that OpenAI is getting way more out of being put in front of every Apple customer than Apple is getting from finally accurately telling you George Washington’s birthday or whatever.

Mark Gurman (Hacker News:

Left unanswered on Monday: which company is paying the other as part of a tight collaboration that has potentially lasting monetary benefits for both. But, according to people briefed on the matter, the partnership isn’t expected to generate meaningful revenue for either party — at least at the outset.

JP Simard:

I initially wrote off Apple’s integration with ChatGPT as an admission of defeat, that they couldn’t develop an LLM competitive with GPT-4o or Gemini or Claude despite having near infinite resources, powerful ML co-processors in their hardware lineup going back years and some very bright people.

But now I’m beginning to see that Apple’s strategy is actually kinda brilliant in unexpected ways.

[…]

Apple is letting the rest of the industry burn money and duke it out while providing a ton of value for their customers. This has echoes of its approach to integrate 3rd party search providers, with a 2024 AI craze twist.

Steve Troughton-Smith:

I still have so many questions about ‘Apple Intelligence’ after yesterday. Does Siri just… not get better?… on anything below an iPhone 15 Pro? No improvement to the cloud-based Siri on older devices? No HomePods? Can we as developers not rely on an improved conversational, smart Siri across devices when building our new Siri features?

Jim Dalrymple:

Lots of great AI things from Apple, as expected.

I still don’t know if Siri can set a fucking timer, get reliable directions from Siri in Maps, or ask Siri for a specific song/band to be played in Apple Music.

Previously:

Update (2024-06-19): Nathan Lambert (via Hacker News):

Apple’s presentation rang very different than most AI keynotes we’ve seen in the last few years. While OpenAI and Google are trying to prove that they are the best at AI, Apple leaned into a narrative of what else we can do with AI. Apple’s large suite of new AI features coming this fall across all their devices, enabling automation, information retrieval, and generation in a privacy-conscious way will be the first time that many people meaningfully interact with AI.

[…]

Apple has done a ton of things to put all of this together on their devices. They figured out how to train great models that use just the right amount of memory with quantization, how to train many adapters that work with different apps or styles, how to get fast latency speeds, and much more they didn’t talk about. This is very serious ML system engineering of a different flavor than large models and large request count handling.

Adam Engst:

As far as I can tell, Apple Intelligence won’t be treading on anyone’s lawn. If you don’t want to use it, just ignore it, like all the other features that aren’t relevant to how you prefer to use technology. But I have talked with people who find Apple Intelligence some of the more exciting work Apple has done on the software side in years.

Francisco Doménech (via Hacker News):

The new Apple Intelligence system and the expected deep revamp of Siri — coming in the fall, and in testing phase, with the new iOS 18 operating system — will sideline well over 90% of current iPhone users, if they don’t buy a new smartphone.

Tim Hardwick:

The iPhone 15 Pro models use the A17 Pro chip, which has a 16-core Neural Engine that’s up to 2x faster than the A16 chip found in the iPhone 15 and iPhone 15 Plus, performing nearly 35 trillion operations per second. Federighi hinted that RAM is also another aspect of the system that the new AI features require, so it is perhaps no coincidence that all the devices compatible with Apple Intelligence have at least 8GB of RAM.

Emma Roth (Hacker News):

Even Apple CEO Tim Cook isn’t sure the company can fully stop AI hallucinations. In an interview with The Washington Post, Cook said he would “never claim” that its new Apple Intelligence system won’t generate false or misleading information with 100 percent confidence.

What else did they expect him to say?

Tim Hardwick:

Apple is not expected to introduce its most significant Apple Intelligence features in September when iOS 18 sees a public release. Instead, many will come alongside a Siri overhaul in a future iOS 18 update that’s set to be introduced in 2025.

Benjamin Mayo:

Apple currently plans to ship the new Siri UI design this fall, but the most significant upgrades to Siri’s intelligence won’t launch until at least Q1 2025. Honestly, if I was them, I’d hold out until it was all there. One chance to make a first impression.

Previously:

Update (2024-06-24): Benjamin Mayo:

Everything Apple Intelligence does, we’ve seen before.

However, what makes it profound is the intentionality of the design, and the way in which these features are being realised. The marketing is straightforward and easy for people to understand, and the features are integrated naturally into the operating system surfaces that people already use. In fact, most of the ‘new’ features are things that the OS already ostensibly does; things like text editing and manipulation, notification management, smart replies, transcriptions, and — yes — emojis. Apple isn’t trying to convince people on wholesale new dimensions of what a phone is capable of. It’s taking what users already do, but made better by using modern AI techniques, so that users can extract more value out the other end.

[…]

I am personally looking forward to all the new Siri improvements, although it remains a little murky as to exactly what will get better. The semantic index stuff isn’t shipping until next year, and it doesn’t seem to cover everything.

[…]

Perhaps my biggest disappointment of the entire endeavour is there is no indication as to how any of this could conceivably come to products like the Watch or HomePod, Apple’s most voice-oriented devices.

John Gruber:

One question I’ve been asked repeatedly is why devices that don’t qualify for Apple Intelligence can’t just do everything via Private Cloud Compute. Everyone understands that if a device isn’t fast or powerful enough for on-device processing, that’s that. But why can’t older iPhones (or in the case of the non-pro iPhones 15, new iPhones with two-year-old chips) simply use Private Cloud Compute for everything? From what I gather, that just isn’t how Apple Intelligence is designed to work. The models that run on-device are entirely different models than the ones that run in the cloud, and one of those on-device models is the heuristic that determines which tasks can execute with on-device processing and which require Private Cloud Compute or ChatGPT. But, see also the previous item in this list — surely Apple has scaling concerns as well.

[…]

VisionOS 2 is not getting any Apple Intelligence features, despite the fact that the Vision Pro has an M2 chip. One reason is that VisionOS remains a dripping-wet new platform — Apple is still busy building the fundamentals, like rearranging and organizing apps in the Home view. VisionOS 2 isn’t even getting features like Math Notes, which, as I mentioned above, isn’t even under the Apple Intelligence umbrella. But another reason is that, according to well-informed little birdies, Vision Pro is already making significant use of the M2’s Neural Engine to supplement the R1 chip for real-time processing purposes — occlusion and object detection, things like that.

Update (2024-07-02): Steve Troughton-Smith:

If the point of Apple Intelligence isn’t to make Siri ‘not shit’, why are we even doing this?

Apple has an entire product line of Siri devices to put in your home that are laughably behind everything else on the market, and an embarrassment to the brand.

Non-intelligent Siri is also going to be the experience for most devices running iOS 18 and co this year.

Why isn’t this priority no. 1?

macOS 15 Sequoia Announced

Apple (preview, Hacker News, MacRumors, 9to5Mac):

macOS Sequoia makes Continuity even more magical with iPhone Mirroring, which allows users to fully access and engage with their iPhone — right from their Mac. A user’s custom wallpaper and icons appear just like on their iPhone, and they can swipe between pages on their Home Screen, or launch and browse any of their favorite apps. The keyboard, trackpad, and mouse on Mac also let a user interact with their iPhone, and audio even comes through. Users can seamlessly drag and drop between iPhone and Mac, and a user’s iPhone remains locked, so nobody else can access or see what the user is doing. It also works great with StandBy, which stays visible, so users can get information at a glance. Additionally, users can review and respond to iPhone notifications directly from their Mac.

[…]

Game Porting Toolkit 2 takes this to the next level with some of the most-requested capabilities from game developers, making it even easier to bring advanced games to Mac, as well as iPhone and iPad.

[…]

When a user drags a window to the edge of the screen, macOS Sequoia automatically suggests a tiled position on their desktop. Users can release their window right into place, quickly arrange tiles side by side, or place them in corners to keep even more apps in view. And new keyboard and menu shortcuts help users organize tiles even faster.

[…]

macOS Sequoia brings Passwords, a new app that makes it even easier to access passwords, passkeys, Wi-Fi passwords, and other credentials all in one place.

Joe Rossignol:

In a post on X, the leaker said macOS 15 will be compatible with all Apple silicon Macs with the M1 chip and newer, and all Intel-based Macs equipped with Apple's T2 security chip. If this information is accurate, macOS 15 would be compatible with all Macs that support macOS Sonoma, with one possible exception: the 2019 iMac.

Previously:

Update (2024-06-13): Mr. Macintosh:

The 2018 & 2019 MacBook Air models ARE DEAD

Highlights: 2017 iMac Pro & 2019 NON T2 LIVES!!!

Howard Oakley:

However, Apple Intelligence will only be available on Apple silicon Macs. Because a T2 chip isn’t required by Intel Macs, it’s possible that OCLP will enable other Intel Macs to run Sequoia.

Steve Troughton-Smith:

I think macOS Sequoia is the last release you can reasonably expect to run on Intel; half the WWDC keynote was AI features that don’t run on Intel Macs, including Xcode’s new editor functionality, and the visionOS SDK already requires ARM. You can only expect more from here. The writing is clearly on the wall; if we get next year’s release, it would be unnecessarily generous of Apple,

See also: MacStories, ArsTechnica, AppleInsider.

Michael Love:

If Apple actually wanted more advanced games on Mac, they’d make a deal with Valve to integrate Game Porting Toolkit with Steam, but that means sharing the cake and Apple does not under any circumstances share the cake.

Basic Apple Guy (MacRumors):

One of the rumours that came out right before WWDC was that Apple might be adding the ability to include ‘retro wallpaper packs’. While those are nowhere to be found in Developer Beta 1, we did get an excellent new Macintosh screensaver/wallpaper in macOS 15. This new dynamic wallpaper floats over Susan Kare’s iconic Macintosh iconography, Control Panel, and applications like the Calculator and MacWrite, Apple’s early word processor.

After a couple of hours scouring macOS Seqioua, I wasn’t able to find the file responsible for these images, so I opted for the next best option and took some high-resolution screenshots of some of my favourite parts to share before people unearth the file.

Mario Guzmán:

I guess we now have individual processes for both dynamic/animated wallpapers introduced in Sequoia.

I assume the new default wallpaper is called Helios.

I have to admit, I get happy seeing the word “Macintosh” anywhere.

Mario Guzmán:

macOS Sequoia has two new Energy widgets under the Home app.

💡Electricity Usage - Get an idea of how your home's electricity usage is trending.
💡Electricity Rates - Quickly see how your electricity is priced.

Previously:

Update (2024-06-18): Howard Oakley:

This article summarises some of the most important details it has given so far, both in the Keynote and the subsequent Platforms State of the Union.

iPadOS 18 Announced

Apple (preview, MacRumors, 9to5Mac):

With iPadOS 18, Calculator comes to iPad with Math Notes, along with new handwriting tools in Notes — all designed for Apple Pencil.

[…]

An all-new Math Notes calculator allows users to type or write out mathematical expressions and see them instantly solved in their own handwriting. They can also assign values to variables when learning new concepts in class, calculating a budget, and more. With a new graphing feature, users can write or type an equation and insert a graph with just one tap, and can even add multiple equations on the same graph to see how they relate. And Math Notes are automatically accessible in the Notes app in the new Math Notes folder.

[…]

With the power of Apple Pencil, Smart Script makes handwritten notes fluid, flexible, and easier to read, all while maintaining the look and feel of a user’s personal handwriting. Smart Script allows users to write quickly without sacrificing legibility by smoothing and straightening handwritten text in real time. And it makes editing handwritten text just as simple as editing typed text.

[…]

A redesigned tab bar floats above app content and complements the sidebar to help users stay focused on what matters most while keeping favorite tabs within reach. The new floating tab bar elegantly morphs into the sidebar so users can dive deeper into an app’s full functionality.

Previously:

Update (2024-06-13): See also: ArsTechnica.

Federico Viticci:

As I feared, iPadOS 18 is not a meaningful update for iPad users who hoped Apple would fill some of the longstanding platform gaps between the Mac and iPad. With no Stage Manager improvements, no changes to audio routing, and seemingly very little happening in Shortcuts in terms of new actions (for now), it’s hard to be excited about iPadOS 18. Sadly, everything I wrote last month in my article about iPadOS still stands today.

[…]

Unsurprisingly, pro features for iPadOS users are nowhere to be seen, adding to my concerns regarding who’s in charge of this platform and what their vision for it actually is. It’s quite telling that the marquee additions to iPad this year are…a Calculator app and a redesigned tab bar.

Marina Epelman:

Ok, when Craig said “solve math” in the keynote, I cringed and moved on since it was a fleeting moment (not really, but for argument’s sake, let’s say I have). But this shit is on their actual website. Who the hell solves a function?! What does it even mean to solve a function?!

You solve a problem. You solve an equation. You solve a riddle. A mystery. A crime.

You don’t solve a function. Or math (or maths, for that matter).

Steve Troughton-Smith:

I’m not convinced by the new floaty-morphy tab bar in iPadOS 18, and I don’t think I want to put it in any of my apps. It kinda feels like an attempt to simplify/dumb-down the iPad UI too, which is the opposite direction of where I want to see iPadOS go.

Christina Warren:

Still no actual file manager on the iPad, but we got new animations!

Steve Troughton-Smith:

Stage Manager, now entering its third year, is unchanged in iPadOS 18.

Fernando Silva:

Regarding iPadOS 18 and everything they showed we are still missing a few features. Most, if not all, have to do with Apple Intelligence. As of now, Beta 1 does not have any of the Apple Intelligence-related features. There is no new siri animations, no genmojis, no ChatGPT integration.

Update (2024-06-19): Steven Aquino:

Now that the Calculator app is finally coming in iPadOS 18, my personal hobby horse is for Apple Sports to get on the iPad too.

Steve Troughton-Smith:

The iPad comments on The Talk Show Live have me feeling like maybe I might be done with iPad. As somebody who has loved the platform and has used it exclusively as my portable computer for 12 years, it doesn’t feel good to have a roundtable of Apple executives laugh with derision at what I want to do on that form factor. That’s not a platform whose future I can have confidence in, nor one I want to build new apps for.

Previously:

watchOS 11 Announced

Apple (preview, MacRumors, 9to5Mac):

The new Vitals app surfaces key health metrics and context to help users make more informed day-to-day decisions, and the ability to measure training load offers a game-changing new experience when working out for improved fitness and performance. Activity rings are even more customizable, the Smart Stack and Photos face use intelligence to feature more individualization, and Apple Watch and the Health app on iPhone and iPad offer additional support for users who are pregnant. Check In, the Translate app, and new capabilities for the double tap gesture come to Apple Watch for added connectivity and convenience.

Chance Miller:

watchOS 11 will drop support for the Apple Watch Series 4, Apple Watch Series 5, and the original Apple Watch SE.

Previously:

tvOS 18 Announced

Apple (MacRumors, 9to5Mac):

With tvOS 18, intelligent new features like InSight — and updates to Enhance Dialogue and subtitles — level up cinematic experiences, while new Apple Fitness+, Apple Music, and FaceTime capabilities get even better on users’ biggest screen. The Home app gains new features with iOS 18, like guest access and hands-free unlock with home keys, delivering effortless and secure access to the home.

[…]

Enhance Dialogue gets smarter with tvOS 18, leveraging machine learning and computational audio to deliver greater vocal clarity over music, action, and background noise on Apple TV 4K.

[…]

For even more convenience, subtitles now automatically appear at just the right moments with tvOS 18, including when the language in a show or film does not match the device language, when users mute, or when they skip back while watching something.

Previously:

Update (2024-06-12): Sigmund Judge:

A new addition to Apple TV+, InSight gives users real-time access to information about the actors and their characters onscreen, as well as the soundtrack in a given scene, allowing viewers to quickly add that song or musical performance to an Apple Music playlist to enjoy later. Much like Amazon Prime Video’s X-Ray feature that came before it, there’s lots of fine granular detail that could be added to InSight before its fall launch, but this is a great start.

In addition to accessing InSight on the big screen, users will also be able to view real-time actor, character, and music information through the Remote app found in Control Center on iOS and iPadOS, allowing access to the same information for a distraction-free experience when watching with friends and family.

[…]

While the latest iteration of Apple’s big-screen entertainment experience may not offer the grand reinvention some might have hoped for, the ninth iteration of tvOS does introduce a handful of welcome enhancements.

iOS 18 Announced

Apple (MacRumors, 9to5Mac):

Users will be able to arrange apps and widgets in any open space on the Home Screen, customize the buttons at the bottom of the Lock Screen, and quickly access more controls in Control Center. Photo libraries are automatically organized in a new single view in Photos, and helpful new collections keep favorites easily accessible. Mail simplifies the inbox by sorting email into categories using on-device intelligence, and all-new text effects come to iMessage. Powered by the same groundbreaking technology as existing iPhone satellite capabilities, users can now communicate over satellite in the Messages app when a cellular or Wi-Fi connection isn’t available.

[…]

Locked and hidden apps offer users peace of mind that information they want to keep private, such as app notifications and content, will not inadvertently be seen by others. Users can now lock an app; and for additional privacy, they can hide an app, moving it to a locked, hidden apps folder. When an app is locked or hidden, content like messages or emails inside the app are hidden from search, notifications, and other places across the system.

[…]

In Apple Maps, users can browse thousands of hikes across national parks in the United States and easily create their own custom walking routes, which they can access offline. Maps users can also save their favorite national park hikes, custom walking routes, and locations to an all-new Places Library and add personal notes about each spot.

Tim Hardwick:

iOS 18 will be compatible with the same iPhone models as iOS 17[…] iOS 18 will be compatible with the iPhone XR, and hence also the iPhone XS and iPhone XS Max models with the same A12 Bionic chip, but older iPhone models will miss out.

Ryan Christoffel:

One major new feature will enable using the Messages app even when you don’t have a Wi-Fi or cellular connection.

Benjamin Mayo:

iOS 18 includes Tap to Cash, a new way to send money to your friends using Apple Pay Cash. By simply bringing your phone close to a friend, you can send money instantly – transferring from your Apple Cash account.

It’s like AirDrop, but for sending money.

Tim Hardwick:

In iOS 18, when you invoke Control Center with a swipe down from the top-right of your iPhone’s screen, you can continuously swipe to get to more control center screens. There’s a new controls gallery that lets you customize the controls you see, and you can change the size of buttons to emphasize priority. Additionally, developers can include controls from their own apps, enabling quick access to controls like remotely starting a car, for example.

Apple (MacRumors):

Siri Interactions allow AirPods Pro users to privately respond to Siri with a simple head nod yes or shake no. For even clearer call quality, Voice Isolation comes to AirPods Pro, helping ensure the caller’s voice is heard in loud or windy environments. AirPods updates also significantly reduce audio latency while gaming, and add Personalized Spatial Audio for even more immersive gameplay.

Joe Rossignol:

iMessage is finally getting bold, italics, underline, and strikeout options, along with all-new text effects that allow you to animate individual words in a message.

Apple has redesigned the Tapback icons like the heart, thumbs up, thumbs down, and exclamation marks to be more colorful on iOS 18, and the Tapback system now works with any emoji too.

Previously:

Update (2024-06-13): See also: ArsTechnica, MacStories, Hacker News, Macworld, AppleInsider.

Malcolm Owen (MacRumors, 9To9Mac):

Under iOS 18, it is possible to change how wide or narrow the beam of light is for some later models of iPhone.

Tim Hardwick:

As part of its Home Screen customization overhaul, iOS 18 lets iPhone users hide the labels on app icons for a cleaner look.

Juli Clover:

One of the interesting new features coming in iOS 18 will let you automatically record and transcribe your live phone calls through the Phone app.

Benjamin Mayo:

A long-requested feature for Android users switching to iPhone is the addition of T9 dialling. This is a shortcut to dialling phone numbers from your address book, by typing in letters on the keypad.

Juli Clover:

Apple revamped the iCloud section of the Apple Account (formerly Apple ID) that’s available in the Settings app. The redesigned interface has much of the same functionality, but a “Saved to iCloud” feature makes it clearer how storage is being used.

Update (2024-06-19): D. Griffin Jones:

After spending a few days trying out all the new features in iOS 18, I think it really is one of the biggest updates in a long time. However, hands-on testing shows there’s a lot that needs cleaned up before September, when it’s expected to ship.

visionOS 2 Announced

Apple (preview, MacRumors, 9to5Mac):

With visionOS 2, users can revisit past memories by creating spatial photos directly from their library in the Photos app. visionOS uses advanced machine learning to transform a 2D image into a beautiful spatial photo that truly comes to life on Vision Pro.

[…]

Later this year, Canon will offer a brand-new spatial lens for its popular EOS R7 digital camera to capture gorgeous spatial video, even in challenging lighting conditions. An update to Final Cut Pro will enable creators to edit spatial videos on their Mac and add immersive titles and effects to their projects, and with the Vimeo app designed for Vision Pro, users will be able to upload and share spatial videos for others to discover and enjoy.

[…]

visionOS 2 makes navigating Apple Vision Pro faster and easier for users to access key functions with new hand gestures to get to frequently used features like Home View and Control Center.

[…]

Later this year, Mac Virtual Display will feature a higher resolution and larger size — creating an ultra-wide display that is equivalent to two 4K monitors side by side. To create the perfect workspace, visionOS 2 also adds mouse support for additional workflow options, and Vision Pro will now reveal the user’s physical Magic Keyboard — even when they are fully immersed in an Environment or app.

Previously:

Update (2024-06-12): See also: Hacker News.

Samuel Axon:

Vision Pro users hoping for multiple virtual Mac monitors will be disappointed that's not planned this time around, but Apple plans to add the next-best thing: Users will be able to take advantage of a larger and higher-resolution single virtual display, including a huge, wraparound ultrawide monitor mode that Apple says is equivalent to two 4K monitors.

[…]

A lot of the improvements that will lead to better apps come in the form of new developer APIs that will facilitate apps that really take advantage of the spatial features rather than just being flat 2D windows floating around you—something we noted as a disappointment when we shared our impressions of the device. Some APIs help create shared spatial experiences with other Vision Pro users who aren't in the same room as you. One of those, TabletopKit, is focused on creating apps that sit on a 2D surface, like board and card games.

Wes Davis:

But the company glossed right over some of the most sorely needed features that it’s adding to visionOS — and those quieter changes make for a much more exciting update.

After the update arrives this fall, you’ll be able to see a Magic Keyboard while you’re working in a virtual environment, use any Bluetooth mouse you want, and rearrange your homescreen icons — including putting iPad and iPhone apps where you want.

[…]

Apple says the Vision Pro will also start saving eye and hand setups for guest users for 30 days, too. It’s been nothing short of a pain to share a Vision Pro with anyone because each time you pop it in guest mode, that person has to go through setup all over again.

[…]

Lastly, when you encounter a video on the web, you’ll be able to break it out into a free-floating video player — something Apple was bound to do since neither YouTube nor Netflix have built apps for the Vision Pro.

[…]

Here’s a brief list of additional features it notes are on the way[…]

Malcolm Owen:

Here’s what’s coming in visionOS 2.0.

mb bischoff:

lmao at Vimeo making a visionOS app for Spatial Video after literally killing their Apple TV app in 2023…

Colin Cornaby:

I was a little disappointed to see a lack of conversation around gaming on visionOS. visionOS isn’t really a gaming platform - so kind of understandable. But it does feel weird I’m considering buying a Quest to play the Riven remaster when I have a perfectly good Vision Pro.

Steve Troughton-Smith:

By the way, we’re now a full year on and Apple never did ‘get back to [you] soon’ re the application for a Vision Pro Developer Kit. Just crickets, for twelve months.

Steve Troughton-Smith:

New in visionOS 2.0, you can create UI that changes when looked at, much like some of the existing system experiences.

Update (2024-06-18): Ben Lang (via Hacker News):

We’ve know that Apple planned to support WebXR for quite some time, but with VisionOS 2, the company is enabling the feature for all users. WebXR allows developers to deliver cross-platform XR experiences directly from the web, with no gatekeepers to approve or reject content.

See also: Are you still using your Vision Pro?.

Hartley Charlton (Hacker News):

Apple has suspended work on the second-generation Vision Pro headset to singularly focus on a cheaper model, The Information reports.

Friday, June 7, 2024

WWDC 2024 Preview

Apple:

From the Keynote to the last session drop, here are the details for an incredible week of sessions, labs, community activities, and more.

Juli Clover:

The updated version of the Developer app will host 2024 session videos, 1-on-1 labs with Apple engineers and designers, and more.

As far as I can tell, the app has the same old problems. I insta-deleted it when I realized that it still hijacks links opened in Safari.

Juli Clover:

The Vision Pro version of the Apple Developer app has a special immersive Environment included that can be used as a backdrop for watching session videos when WWDC begins next week.

Apple (MacRumors):

Every year, the Apple Design Awards recognize innovation, ingenuity, and technical achievement in app and game design. But they’ve also become something more: A moment to step back and celebrate the Apple developer community in its many forms.

Craig Hockenberry:

The next thing you know, they’re going to be giving the answers to Stump The Experts before WWDC starts.

Joe Rosensteel:

Here’s what Apple can learn from the mistakes other companies are making when it comes to demonstrating AI prowess.

Jason Snell:

But this isn’t just Apple’s chance to show it’s doing AI right. It’s also an opportunity to redefine the conversation about AI to make it more substantive and results-oriented–and, of course, to make Apple look better while doing it.

Howard Oakley:

If Apple sticks to its normal timetable, that would bring the release of Xcode 16 with Swift 6 in mid-September.

This is the first major version of Swift for five years; version 5 was distinguished with its introduction of a stable binary interface (ABI), a key milestone in its evolution since its first release ten years ago. Central to the changes in Swift 6 is structured concurrency that encapsulates threads with proper controls.

Jordan Morgan:

Our favorite annual conference is near, which means that the TENTH(!!) annual edition of the Swiftjective-C W.W.D.C. Pregame Quiz is ready to go!

The macOS App Icon Book is currently 20% off with coupon code DROP20.

See also: Who’s Going to WWDC24?, WWDC24 Wallpaper, How to Process WWDC, Dithering.

Previously:

Update (2024-06-12): Basic Apple Guy:

This is my fourth annual dub-dub Bingo Board and one of the hardest to devise.

Update (2024-06-18): Helge Heß:

The developer app is a perfect testament of the quality of Marzipan and a punch in the face of developers. There is a reason why the vids are all available on YT. And why people are using the proper WWDC native app.

Previously:

Apple Mail’s Broken “Block All Remote Content”

Jeff Johnson (Mastodon):

Mail app on macOS has a privacy setting Block All Remote Content that prevents downloaded emails from connecting to the internet. For example, HTML emails frequently include image links, which can be used for tracking: when the image is loaded from a remote server, the owner of the server knows that you’ve opened the email! Block All Remote Content is supposed to prevent this kind of tracking, and it did… until macOS Sonoma.

[…]

The remote connection attempt doesn’t occur when I open the email. […] In this case, the remote connection attempt occurred when I opened Mail app itself and the new email was downloaded.

What would we do without Little Snitch?

Import and Export From Apple Notes

John Gruber:

I worry that import and export aren’t priorities for Apple. Apple Notes can import RTF and plain text files, but its only option for exporting is, bizarrely, PDF — which is a file format Notes can’t import. A good system for import/export would allow for full fidelity round-tripping. You should be able to export to a file or archive format that Notes can also import, without losing any formatting, metadata, or image attachments. Notes doesn’t even try. And if Notes still doesn’t support robust import/export, 17 years after it debuted as one of the original iPhone apps in 2007, we probably shouldn’t hold our breath for Journal.

Open formats are where it’s at.

Previously:

No Bounty for Kaspersky

Alexander Martin (via Damien Petrilli):

Apple declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.

[…]

Operation Triangulation, as the spying campaign was named, was “definitely the most sophisticated attack chain we have ever seen,” the Kaspersky researchers said, with an explanation of it including 13 separate bullet points.

[…]

On the same day as Kaspersky’s disclosure, Russia’s Federal Security Service (FSB) accused the United States and Apple of having collaborated to enable the U.S. to spy on Russian diplomats.

[…]

Although Kaspersky is not specifically sanctioned in the United States in relation to the Ukraine conflict, the Department of Homeland Security had previously banned its products from government use on security grounds due to the level of control anti-virus software requires on a computer and the risks attached to that control for a company based in Russia.

See also: MalwareTips.

Previously:

Update (2024-06-12): Arin Waichulis (Hacker News):

Galov even proposed that Kaspersky donate the bounty to charity, but Apple rejected this, citing internal policies without explanation. It’s not uncommon for research firms to donate bounty payments from large companies to charity. Some perceive it as an extension of their ethical obligation, but it undeniably contributes to a positive reputation within the security community.

[…]

According to Apple’s Security Bounty Program, the reward for discovering such vulnerabilities can be up to $1 million. It’s crucial to maintain this reward, as non-reported iOS zero-days can sell for well north of a million dollars in corners of the dark web.

[…]

Additionally, per Apple Security Bounty’s terms and conditions, “Apple Security Bounty awards may not be paid to you if you are in any U.S. embargoed countries or on the U.S. Treasury Department’s list of Specially Designated Nationals, the U.S. Department of Commerce Denied Person’s List or Entity List, or any other restricted party lists.”

It doesn’t seem like giving it to charity would violate the sanctions.

Nick Heer:

Kaspersky discovered this malware. It has affected devices running versions up to iOS 15.7, and it has been seen in use as early as 2019.

Dan Goodin (via Hacker News):

According to officials inside the Russian National Coordination Centre for Computer Incidents, the attacks were part of a broader campaign by the US National Security Agency that infected several thousand iPhones belonging to people inside diplomatic missions and embassies in Russia, specifically from those located in NATO countries, post-Soviet nations, Israel, and China. A separate alert from the FSB, Russia's Federal Security Service, alleged Apple cooperated with the NSA in the campaign. An Apple representative denied the claim.

Kaspersky Lab (via Hacker News):

This script allows to scan iTunes backups for indicator of compromise by Operation Triangulation.

Update (2024-09-25): Karl Bode:

Regardless, this week Kaspersky Labs effectively left the U.S., but not before engaging in a practice that doesn’t exactly scream “high security standards.” The company effectively deleted its products from U.S. user computers without anybody’s consent, then replaced it with UltraAV’s antivirus solution — also without informing users.

Thursday, June 6, 2024

WWDC 2024 Wish Lists

I always want releases focused on bug fixes, but we all know that isn’t going to happen. If we’re dreaming big, how about something like virtual memory for iOS so that it stops losing my Safari tabs?

Cihat Gündüz:

From a SportsKit API and .zoom modifier in SwiftUI, over improved SwiftData and source control in Xcode, to my biggest pain points in tvOS and visionOS, and much more! Blending long-standing requests with fresh ideas.

John Gordon:

In particular it would be rather nice if the courts decide that Apple uses Photos lock-in as a part of its monopoly.

[…]

Here are two ways that Apple could free photo management from their iron control and provide options for the tiny sliver of the Apple base that cares.

Matt Birchler:

I think they have too much power in too many industries and the more they spread out the less they can focus on the parts of their business that I personally enjoy the most.

Steve Troughton-Smith:

If all macOS 15 does is remove that stupid emoji-palette-blocking autocomplete popup that Sonoma added, I will be happy. Adding an extra step to something I do a hundred times a day, without giving an option to turn it off? Genius.

Brian Webster:

My number 1 wish for macOS 15 is support for SMS filtering in Messages. I have an app that works great on iOS but all the spam still shows up on my Mac unless I shut off text message forwarding altogether. But if I do that then I can't autofill two factor codes on my Mac. Grrrrr.

Dave DeLong:

All I want for WWDC is for this to be fixed.

Mike Cohen:

I still want them to fix the thing where just looking at a xib without changing anything modifies it.

Craig Hockenberry:

Are we absolutely sure we want AI features in Xcode?

Ryan Jones:

  • iMessage group typing indicators
  • iMessage draft sync
  • iMessage emoji tapbacks
  • First tap works on Always On Display
  • Mail secondary inbox
  • iMessage expiring threads
  • Photos stack similar pics
  • Siri reboot
  • paste hyperlinks on text
  • Warn about high refund rate apps
  • AI merge group photos for smiles
  • Rotation lock except video
  • Live Activities queue offline events
  • Don’t offload recent photos!
  • “5G Minimal” option
  • AI emoji suggestions
  • AI Memoji
  • Native spam call filter

Scott Anguish:

This is my short list of what I’d love to see added to SwiftUI and Xcode.

Aaron Pearce:

It is the time of the year that I start compiling my list of HomeKit feature requests that will be promptly be ignored by the team at Apple.

Jeff Johnson:

Move the iPhone call and end call buttons away from each other on the screen.

Christian Beer:

Just fix Xcode so that it works again!

Harshil Shah:

Smart charging reminders. They’ve got all the usage data and calendar info, it’s all right there!

Just remind me to charge my watch because I’m gonna go to sleep and then off to the gym as soon as I wake up.

Rob Napier:

I know it’s a really hard thing to do well, and it isn’t in the top 10 things I hope to be improved in Xcode, but I still wish Xcode could handle Arabic string literals without getting so confused.

Mr. Macintosh:

Below is a list of possible macOS 15 features. NOTE: You can only pick 2.

Ryan Jones:

Hopes for a better Control Center:

  1. Big clear single tap audio output
  2. Pick home controls
  3. Any shortcut
  4. Hide less in long presses
  5. Rotation lock except video
  6. All buttons are customizable
  7. No double button in Focus Modes
  8. Mini TV Remote at first level

Benjamin Mayo:

For tvOS 18, Apple should just add whatever format/codec support is needed to get BBC iPlayer to stream in 4K and with subtitles.

John C. Welch:

  1. documentation that isn’t header regurgitation written by people who think only incompetents need documentation.
  2. Apple actually dogfooding beyond their own convenience.
  3. full-throated support for automation, both Shortcuts and AppleScript/JXA (or even a more swift-based language)

Tim Schmitz:

[Make] it easier and more reliable for Siri to do basic things.

Dave DeLong:

iOS SMS filtering needs to apply to messages that are forwarded to my Mac.

It’s a straight-up bug that things that I’ve explicitly said to block on my phone are still causing alerts and badges on my Mac.

Christian Beer:

[Bring] back speed and stability to LLDB

David Smith:

These are minor annoyances or little things which have bugged me in the last year.

Steve Troughton-Smith:

Every time I see some B-roll with a MacBook entering Mission Control or Exposé, it makes me wish iPad had that instead of Stage Manager. Unlimited windows, that can be tiled on a key press, and Fullscreen Spaces that you can flip through with the trackpad

Mitchell Cohen (Mastodon):

WWDC is almost here, so it’s a good time to talk about the @1Password browser extension for Safari, its history, challenges, and the future — what we’re working on and what we’d like to see from Apple, Safari, and the web platform.

[…]

Safari’s implementation of the spec is new. There are missing/incomplete APIs which must be worked around, and others which simply do not work.

[…]

This mandatory layer of indirection has unique bugs and reliability issues, most of which are outside of a developer's control, on both Mac and iOS.

Sebastiaan de With:

I really want only one thing from WWDC24 and that’s One True Gear (I vote VisionOS)

Sam Rowlands:

Every year my wish for WWDC is that they DON’T release a new version of the macOS, just fix the bugs in the current one.

Next year, release an optimized version that cuts the bloat, and improves performance.

Rob Jonson:

Swift Package Management that works like Ruby Package management.

Nick Heer:

Apple still has not fixed the bug in Mail where the All Inboxes view does not show huge numbers of recent emails.

Mine keeps loading today with a near three-month gap in which messages are visible.

Joe Rosensteel:

For a few years (2016, 2017, 2018) I wrote a specific post before WWDC about updates I was hoping to see for tvOS. These were never requests for those features to be built in a few days, but things I was hoping had already occurred to Apple, like the many years I put picture-in-picture on the list before it occurred to someone at Apple to ship it in 2020.

I stopped writing these posts because fewer and fewer updates were coming out for tvOS, in general, and those that were were often tied to new hardware launches usually occurring late in the Fall.

[…]

Knowing that it’s very unlikely we’ll see anything from Apple for the Apple TV this summer, I’ll offer a critique of where things are at instead, and offer some possible solutions ranging in complexity.

mb bischoff:

I’m hoping for thoughtful integration of LLMs across the OSes, performance and reliability updates for core services, and the introduction of a few power-user tweaks and long-missing features.

Some of these ideas have been inspired by others’ wishlists, and where applicable, I’ve included those references.

Previously:

Update (2024-06-07): Craig Grannell:

A switch in Settings to turn off the Home indicator.

[Overriding] the daft iCloud Photos sync. Drives me bonkers.

Der Teilweise:

Fix the handling of bug reports!

It’s been 12 years since “Fix Radar or GTFO” but little (if anything) has improved.

Warner Crocker:

Apple’s iCloud has gotten so much better since its initial debut, but these problems remain and keep getting put off year after year. Most notably, users aren’t freely allowed any control over syncing when things appear stuck.

Christian Beer:

„Build better document-based apps" with a „real" app example, not a simple Markdown editor. One that uses NavigationSplitView in the UIDocumentViewController

Christian Beer:

Another thing added to my WWDC wishlist for macOS: video controls in picture-in-picture videos. I mean... does somebody at Apple even use this?!

Miguel de Icaza:

Search option on the Journal app.

Updated Adobe Terms of Use

Ben Lovejoy (via John C. Randolph):

A change to Adobe terms & conditions for apps like Photoshop has outraged many professional users, concerned that the company is claiming the right to access their content, use it freely, and even sub-licence it to others.

The company is requiring users to agree to the new terms in order to continue using their Adobe apps, locking them out until they do so …

Adobe says that its new terms “clarify that we may access your content through both automated and manual methods, such as for content review.”

[…]

Concept artist Sam Santala pointed out that you can’t raise a support request to discuss the terms without first agreeing to them. You can’t even uninstall the apps!

Brandon Lyttle (via Hacker News):

This has caused concern among professionals, as it means Adobe would have access to projects under NDA such as logos for unannounced games or other media projects. Sam Santala, the founder of Songhorn Studios noted the language of the terms on Twitter, calling out the company’s overreach.

As with Slack, I doubt there’s nefarious intent here, but why can’t these documents be written in a more narrow way to allay people’s fears? Right now it says that “Our automated systems may analyze your Content[…] using techniques such as machine learning.” And they define “Content” as including anything that you create using their software. The machine learning FAQ says that they “don't analyze content processed or stored locally on your device” and that you can opt out. I’m not sure whether there’s any legal force to a FAQ linked from a ToS.

See also: Theodore McKenzie, Penny Horwood, Reddit.

Previously:

Update (2024-06-07): See also: Hacker News.

Mike Wuerthele:

We saw that furor, and reached out to Adobe about it. Then, they issued an unclear statement on the matter, saying that the terms had always been this way.

“Adobe accesses user content for a number of reasons, including the ability to deliver some of our most innovative cloud-based features, such as Photoshop Neural Filters and Remove Background in Adobe Express, as well as to take action against prohibited content,” the company said at the time. “Adobe does not access, view or listen to content that is stored locally on any user’s device.”

[…]

They finally said something concrete on Thursday night.

[…]

The company says that it will be clarifying the Terms of Use acceptance to reflect the details of Thursday’s post. It’s not clear when this is going to happen.

He does think the post addresses all the issues, either.

Glenn Fleishman:

Adobe did the thing companies that host and sync data keep doing: they updated their terms in what is a reasonable way without a) giving advance warning and a thorough explanation and b) realizing that the legal niceties sound horrifying to an average person. Adobe can’t legally safely host your content without a license. This updates mostly adds compliance issues that are govt focused—and should be examined.

mcc:

I don’t think this “explanation” helps at all. They don’t justify why this data needs to be on their server rather than at rest on the user computer, and I don’t see where they make it clear what you’d need to do to prevent exfiltration to “the cloud” or applicability of the bad terms. Some of the justifications they give as to when and why they apply tos terms are either so elastic they could mean anything (“to improve the service”) or are the exact features people are afraid of (“AI”).

Update (2024-06-12): Scott Nover (via Hacker News):

According to a post on its blog, the company is not training its A.I. model on user projects: “Adobe does not train Firefly Gen AI models on customer content. Firefly generative AI models are trained on a dataset of licensed content, such as Adobe Stock, and public domain content where copyright has expired.” The post claims that the company often uses machine learning to review user projects for signs of illegal content, such as child pornography, spam, and phishing material.

Although an outside spokesperson for Adobe simply pointed me to the blog post, Belsky offered a view into the consternation inside the company, admitting on X that the wording of the terms of use was confusing. “Trust and transparency couldn’t be more crucial these days, and we need to be clear when it comes to summarizing terms of service in these pop-ups,” he wrote.

Despite the cleanup efforts, this episode demonstrates how gun-shy everyone is about generative A.I. And perhaps there’s no population that has been more wronged here than creative professionals, many of whom feel that generative A.I. companies have illicitly trained their image-, video-, and sound-generation models on copyright works. Big Tech is splitting its loyalties between serving its existing audiences and taking advantage of self-propagating hype for generative A.I. But by doing this, it risks alienating loyal customers. No one wants to be treated like training data—even if that’s what we all are.

Adam Engst:

It feels like we’re descending into a morass of miscommunication, with examples from companies large and small, including Slack, Bartender, and Adobe.

[…]

Slack’s error lay in failing to update its privacy principles as generative AI became a thing. In contrast, Adobe got in trouble for updating its terms of use—and requiring users to agree before they could use Photoshop or other Adobe apps. (Apparently, you couldn’t even uninstall Photoshop without agreeing.)

[…]

That’s not to criticize the people who did freak out. Yes, many of them were playing to a social media audience and exaggerating the potential downside, but the resulting media attention may have been necessary to get these companies to update their documents, clarify what they meant, and back down from potentially problematic changes.

On the other hand, it’s painfully obvious that companies need to do a better job with corporate communications.

Right now, we just have of bunch of tweets and blog posts clarifying Adobe’s intent. I would like to see the Adobe General Terms of Use updated to say, directly in the document, what people actually want to know:

Currently, the document is written very broadly, I guess to protect Adobe, but from the customer’s point of view it seems to be full of loopholes.

Previously:

Update (2024-06-18): Theodore McKenzie:

Apparently, the community’s dissatisfaction with the company grew so intense that even Adobe’s own staff started expressing unhappiness about this whole ordeal, a relatively rare occurrence in an era when many employment contracts often pressure employees to unconditionally support the company’s decisions and strategies.

As reported by Business Insider, which obtained Adobe’s internal Slack discussions, the company’s workers appear to be siding with regular users, voicing complaints about the TOS updates and the resulting backlash, as well as Adobe’s poor communication and apparent mishandling of the situation.

Update (2024-06-20): Ina Fried (via Nick Heer):

Adobe on Tuesday updated its terms of service to make explicit that it won’t train AI systems using customer data.

Adobe:

We don’t scan or review content that is stored locally on your device. We also don’t train generative AI models on your or your customers’ content unless you’ve submitted the content to the Adobe Stock marketplace.

Bravo.

MarketplaceKit License Renewal Problems

Mysk:

Several iOS apps installed from alternative marketplaces stopped working after some time. Some are grayed out and can’t be opened or deleted. Others crash on launch because MarketplaceKit can’t renew the license. How would users recover their data when apps end up like this?

Oleksandr Bilous:

Technically, apps doesn’t crash, they are just terminated due to invalid license. But for me this UX is definitely looks like crash and users associated behaviour with crash on launch.

I’m not sure whose bug this is, but the system is way more complicated than it needs to be, which creates more opportunities for problems.

appdb:

All this is done by Apple just to get a “checkmark” for “compliance”. They aren’t interested in this in any way. Only independence from Apple allows customers to install apps outside their app store without any problems.

Previously:

Windows 11 Requires Microsoft Account

Laura Pippig (via Hacker News):

Before PC users can enjoy everything Windows 11 has on tap, they must first enter an e-mail address that’s linked to a Microsoft account. If you don’t have one, you’ll be asked to create one before you can start setting it up.

A frequently used trick to circumvent this block is a small but ingenious step. By entering a random e-mail address and password, which doesn’t exist and causes the link to fail, you end up directly with the creation of a local account and can thus avoid creating an official account with Microsoft.

[…]

This common method no longer seems to work, as Microsoft has apparently patched this bug. Instead of skipping the account link, you’re led into a kind of continuous loop that doesn’t end until you have entered the correct email address.

Previously:

Update (2024-06-25): Jowi Morales (Hacker News):

The company also supplied instructions on how to ‘Change from a Microsoft account to a local account’ on the same page. However, when we checked the page using the Wayback Machine, the instructions on how to do the latter appeared on June 12, 2024, then disappeared on June 17, 2024. The ‘Change from a Microsoft account to a local account’ instructions yet haven’t returned.

Andrew Cunningham (Hacker News):

Using Windows with a traditional local account is still extremely possible, but it does require a small amount of know-how beyond just clicking the right buttons.

[…]

Despite the documentation change, most of the workarounds for creating a local account still work in both Windows 11 23H2 (the publicly available version of Windows 11 for most PCs) and 24H2 (available now on Copilot+ PCs, later this fall for everyone else). The easiest way to do it on a PC you just took out of the box is to press Shift+F10 during the setup process to bring up a command prompt window, typing OOBE\BYPASSNRO, rebooting, and then clicking the "I don't have Internet" button when asked to connect to a Wi-Fi network.

Wednesday, June 5, 2024

Bartender Acquired by Applause Group

Juli Clover (Reddit, Hacker News, Mac Power Users Talk, AppleInsider):

Popular Mac app Bartender appears to have been quietly sold approximately two months ago, with neither the prior owner nor the current owner providing customers or potential customers with information on the sale.

[…]

Bartender’s new owners replied to the Reddit thread and confirmed that Bartender had been acquired, but did not explain why customers had not been notified nor why there had been a certificate change without said explanation.

[…]

Reddit users asked Bartender’s owners for more information on their identity, but there was no response.

Jason Snell:

These things happen—no developer should be chained to their software forever—but it’s odd that (anonymous?) new owners could appear without any communication to existing Bartender customers beyond a note saying a certificate had been changed. It’s Apple’s rules around signing app binaries, and the attention of MacUpdater, that brought this out into the open at all.

A glance around the Bartender website does reveal that while Surtees celebrated 12 years of Bartender in a blog post announcing version 5, posts from 2024 read more like SEO spam, with “key takeaways” summaries at the top, followed by unrelated Mac tips, followed by a pitch for Bartender.

Jonas Wisser:

The transaction needs to be acknowledged and endorsed by both the seller and the buyer. Otherwise it looks like one or the other (or both) are trying to pull something.

Jeff Johnson:

I am doing fine, hope to be an indie dev forever, have no plans to sell StopTheMadness, and indeed never had an acquisition offer, but if someone totally mad offered me $millions for it, I absolutely would owe my customers an announcement.

Don’t let anyone tell you otherwise. It’s a sacred responsibility to run my native code on other people’s computers, and I take that responsibility seriously. Your customers trusted you, and any developer who violates that trust harms all other developers.

Jeff Johnson:

1) A comment by MacUpdater about the new Developer ID code signing certificate. Before it became Bartender App LLC it was temporarily App Sub 1 LLC, a name shared by a number of iOS App Store apps.

2) A tweet from a Chinese software distributor claiming that the new owner of Bartender is applause.dev

ran mak:

This is the same group that acquired and then fucked up VoiceDream by forcing users to a subscription model even if they had paid the full price when it first came out (they later backtracked).

A few weeks ago, I heard from a reader who said that:

[The] app now attempts to connect to Amplitude and to export analytics without, as far as I can tell, making this clear. I found my Wi-Fi MAC address in the Analytics’ JSON trail, which is dirty at best and a gross violation of GDPR at worst.

[…]

The release notes for the latest update did not make the change in certificate clear, only explaining that macOS would prompt for permissions again due to an issue in the TCC database — which is sadly riddled with bugs, making the explanation perfectly plausible.

Greg Pierce:

I don’t know anything about Bartender, but I do know that acquisition by a private equity backed app farm is one of the only practical exit strategies for indie developers who are looking to move on from a project, so expect it to happen again.

I think this not inherently bad, there are such organizations that are reputable, but certainly there are plenty that are not.

Craig Hockenberry:

The problem with Bartender is that you are giving Accessibility and Screen Recording permissions to an unknown entity.

With Accessibility APIs you can control the Mac (including other apps). With Screen Recording APIs you can see everything that’s happening.

Both of those things require trust, and the new owners being silent about the matter does not gain that.

Craig Hockenberry:

If you have Bartender currently installed, I would not assume that dragging the app to the trash is enough to get rid of it.

Again, since it has a higher level of access than other apps, there may be things lurking around.

Christian Tietze:

Marco (@esamecar@social.lol) posted a list of alternatives. From that list, I filtered out MAS-only and Chinese-subtitled apps[…]

As I was about to hit Publish, I saw that the original developer, Ben Surtees, had finally made an announcement:

After the release of Bartender 5, I came to the realization that supporting all the users and maintaining the app at the high standard I expect and you deserve was too much for one person. It required a dedicated team that could provide continuous support, innovate, and keep up with the fast-evolving macOS landscape. This realization led me to make a difficult decision.

Three months ago, I sold Bartender to Applause, a company with the resources and expertise to take the app to new heights. Applause shares my vision for Bartender and is committed to maintaining its core values while bringing in new features and improvements. I truly believe they are the right team to continue the journey and ensure Bartender remains a valuable tool for all of you.

I understand that the transition hasn’t been entirely smooth. Recently, there was a change in the signing certificate for the app, and unfortunately, this change wasn’t communicated properly to you, our loyal users. I apologize for any confusion or concern this may have caused.

Previously:

Update (2024-06-06): Christian Sonnenfleck:

A bit curious that Applause’s website looks like a ripoff of Tiny.com.

Stephen Hackett:

I take slight exception with his explanation of Notarization.

Michael Schmitt:

What’s the latest release you can download that is from before the acquisition, and doesn’t include the new Amplitude telemetry framework? […] The reddit article gives links for previous versions, but also says that the size of 5.0.51 jumped from 8 to 10 MB when the telemetry was added and it was re-released.

It seems that the last Surtees version, 5.0.51, has been removed. [Update: The correct link still works.]

qforzy:

I’m an extremely long-time Bartender user. I hope this doesn’t sound like I’ve donned my tinfoil hat, but I am concerned that there is no assurance that the above statement actually comes from Ben Surtees.

It seems likely that both sites where this statement was posted are currently under the control of Applause. As a commenter on the original Reddit thread has pointed out, an ICANN lookup indicates that the registration of surteesstudios.com was updated in February 2024, and that domain is currently redirecting to macbartender.com (try loading https://www.surteesstudios.com/foo and you are taken to a 404 page on the macbartender.com domain). People are reporting that emails to the original developer’s bens@surteesstudios.com email address have been bouncing for months.

If you don’t believe the domain is under his control then there would be no reason to trust the e-mail address, either. Or maybe he sold the whole business, not just the app. How can one prove identity online? There doesn’t seem to be a Twitter account, but any online account could be transferred, anyway. I guess he could go on an another podcast? But I see no reason to doubt the simplest explanation.

Adam Engst:

Instead, this was merely a case of botched PR. As a friend with a decades-long career in the field once told me, the goal of PR is to tell the truth and tell it first.

It is a bit strange given that acquiring indie apps is Applause’s whole thing, evaluating “hundreds of acquisitions” since 2020. You would think they would know how to do this smoothly.

Earth759:

I find it hilarious that the new owners decided to just take a randomly generated reddit name instead of taking the 5 seconds to change it to something more official like “BartenderAppLLC” to try and assure users.

Also the fact that they said they offered a subscription instead of actually saying it’s setapp just further shows me there is a lack of due care that makes me weary like the others in the thread.

It’s also worth noting they have just raised the price of every option of the app. I was looking to upgrade to a lifetime license a couple of days ago and I know for a fact it was for $30 (now $38). Regular license I believe was $16 now it’s $22.

Tim Hardwick:

Bartender is not the only app of its kind. So unless Apple ever gets round to integrating better menu bar management into macOS, here are some alternative menu bar utilities that are worth considering.

Update (2024-06-07): Adam Engst (Mastodon):

Since the initial publication of this piece, I have corresponded via email with Ben Surtees, who confirmed that he wrote the post.

Update (2024-06-12): jimblock:

Applause issued a new version 5.0.53, explaining (and apologizing) for the bad way they released it. The new version removes the Amplitude digital analytics framework entirely, explaining that they initially included it (as Adam said in his note) to get an idea of the user base.

See also: Reddit.

Update (2024-06-25): Niléane Dorffer:

I’ve rounded up some of my favorite menu bar management utilities available right now and even a couple of macOS tips to help manage the menu bar without having to install any third-party apps at all.

Screen Time Bugs

Joanna Stern (tweet):

Porn, violent images, illicit drugs. I could see it all by typing a special string of characters into the Safari browser’s address bar. The parental controls I had set via Apple’s Screen Time? Useless.

Security researchers reported this particular software bug to Apple multiple times over the past three years with no luck. After I contacted Apple about the problem, the company said it would release a fix in the next software update. The bug is a bad one, allowing users to easily circumvent web restrictions, although it doesn’t appear to have been well-known or widely exploited.

Parents who read this aren’t surprised. Apple’s Screen Time has seen more bugs than a soda spill on a summer’s day. Many report that the app time restrictions they set for kids—say, one hour for YouTube—don’t work. Last year Apple told my colleague Julie Jargon that it fixed a bug where kids could use their devices even during preset Downtime hours. When my son requests to download a new app, I often don’t get a notification, and the Screen Time interface doesn’t always accurately show how much my kids or I are using our devices.

The WSJ also wrote about Screen Time bugs last summer.

Mark Jardine:

As a parent who heavily relies on Screentime to keep my kids safe and prevent them from staring at a screen all day, I agree that the whole service is super buggy, feels like an afterthought, and there seems to be loopholes around everything. And it’s been like this for over a decade.

Ilja A. Iwas:

neatly summarizes Apple’s software quality for everything that isn’t used by Tim Cook daily.

David Friedman:

Three weeks ago ScreenTime just stopped blocking apps on my kids’ devices. I had no idea until I discovered that one kid spent every night watching YouTube shorts til midnight. For three days, every time I turned “block apps” back on, it turned itself off. (I changed the code so it definitely wasn’t my kid bypassing it). Then for no reason it started working again. How can I trust it?

Ogi:

every time I try and use it, it never works as intended and I always wonder if I did something wrong. This is a service that everyone (except Ninendo?) seems to have put the absolute bare minimum of effort into. And not just in the functionality but the documentation or capabilities too.

Don Whiteside:

It doesn’t help that they put out an API for it that’s just as mediocre and poorly supported. For the first year (maybe still?) it didn’t work as documented in the emulator. By the time I got two more devices I could devote to screwing around with it I was so angry about the whole situation I dropped the project.

Dan Moren:

I’ve heard from plenty of other parents, though, who’ve found Screen Time frustrating and full of loopholes. And this is after Apple started pruning third-party parental control apps from its iOS store.

At the end of the piece, Stern details a number of other Screen Time bugs that she’s had reported by others. I’d add a few more, like, say, making a passcode that’s longer than four digits.

Previously:

Update (2024-06-06): Nick Heer:

I find this chart is always wildly disconnected from actual usage figures for my own devices. My iMac recently reported a week straight of 24-hour screen-on time per day, including through a weekend when I was out of town, because of a web browser tab I left open in the background.

[…]

It sucks how common problems are basically ignored until Stern writes about them.

Jesse Squires:

The “Developer” app opened when I clicked on a WWDC video link (because of universal links).

I immediately quit the app and opened the link in a browser.

And yet… Screen Time reports 14h of usage. 🤦🏼‍♂️

Juli Clover:

In a statement to Stern, Apple said that it is aware of an “issue with an underlying web technology protocol for developers, which allows a user to bypass web content restrictions.” A fix is planned for “the next software update.”

Kaveh:

So happy that Joanna Stern is bringing attention to this. Apple always tells you not to run to the media, but Screen Time is so buggy and parents have been complaining about it to Apple for years to no avail. Finally someone in the media says something and Apple’s like “we take this very seriously and will fix”. 🤔

Tuesday, June 4, 2024

macOS Installer’s “Failed to Personalize” Error

Adam Engst:

Typically, Mac firmware is updated whenever a new version of macOS is installed, but if something goes wrong in the process, the Mac can be left with outdated firmware. When automatic firmware updates fail, the solution is to “revive” or “restore” the Mac using another Mac running macOS 12 Monterey or later and a USB-C cable that supports data and charging, such as the Apple USB-C Charge Cable (Apple explicitly warns against trying to use a Thunderbolt 3 cable). Although Macs running Sonoma can update firmware using the Finder, Apple Configurator is necessary for Macs running Monterey or Ventura, and LALicata’s Apple rep said that this particular problem could be resolved only by restoring from Apple Configurator, not the Finder. (Reviving leaves your data in place and is worth trying first; restoring erases the Mac and reverts it to factory defaults.)

[…]

If you’re having problems associated with startup or updating, compare your Mac’s current firmware version with the latest version. Howard Oakley’s excellent Silent Knight utility, which reports on the update status of various system settings, makes that easier.

[…]

I’d argue that the problem here revolves around documentation. First, the error message is terrible. What does “Failed to personalize” mean (nothing, in at least this context, and not much in any I can imagine), and how is it related to firmware (it’s not)? […] The error condition might be rare, but it’s not unheard of, so the second problem is that Apple’s article about reviving and restoring Mac firmware doesn’t include the error message text as one of the symptoms of corrupted firmware.

Previously:

Update (2024-06-06): Paul Goracke:

I had to DFU revive to fix an even more generic install error. Unfortunately, it seems I need to do it again to update to 14.5 😭

Proposed EU Chat Control

Patrick Breyer (via Hacker News):

The highly controversial indiscriminate child sexual abuse regulation (so-called chat control) could still be endorsed by EU governments after all, as France could give up its previous veto. This is reported by Euractiv and confirmed by internal documents. France considers the new “upload moderation” proposal in principle as a viable option.

[…]

[Users] of apps and services with chat functions are to be asked whether they accept the indiscriminate and error-prone scanning and possibly reporting of their privately shared images, photos and videos. Previously unknown images and videos are also to be scrutinised using “artificial intelligence” technology. If a user refuses the scanning, they would be blocked from sending or receiving images, photos, videos and links (Article 10). End-to-end encrypted services such as Whatsapp or Signal would have to implement the automated searches “prior to transmission” of a message (so-called client-side scanning, Article 10a).

[…]

Probably as a concession to France, the chats of employees of security authorities and the military are also to be exempted from chat control.

This is kind of like what Apple was planning to do with iMessage, using AI rather than just checking for known images, but:

Meredith Whittaker:

Signal strongly opposes this proposal.

Let there be no doubt: we will leave the EU market rather than undermine our privacy guarantees.

This proposal--if passed and enforced against us--would require us to make this choice.

It’s surveillance wine in safety bottles.

Previously:

Update (2024-06-18): Alexander Martin:

Meredith Whittaker — president of the Signal Foundation, which operates the end-to-end encrypted (E2EE) messaging app of the same name — criticized on Monday the latest European Union proposals for requiring messaging services to check if users were sharing child abuse material.

Her complaint follows the publication of an internal document from the European Council — the EU body that sets the bloc’s political direction — revealing its position as of the end of May on a proposed regulation to “prevent and combat child sexual abuse.”

Matthew Green:

The European Council has taken a proposal to force mandatory scanning of all photos and videos sent through private messengers (including encrypted messengers like Signal) and they’ve rebranded it as “upload moderation.” The implication is that it’s voluntary when it’s not.

If you choose not to submit your deeply private personal photos to be scanned for criminal activity, you won’t be allowed to send images or videos at all. It’s coercion into a mass surveillance regime, with some branding.

And if your reaction is “oh well at least it’s just images and not the private text messages themselves,” understand that this is a temporary climbdown from the original proposal that required AI scanning of text messages as well. This proposal is an obvious stepping stone.

It’s not clear how this can be done safely for encrypted messengers, or if it can be done at all. None of the people behind this proposal have any idea. Their plan appears to be: get the law in place and then it won’t really matter.

Update (2024-06-20): Patrick Breyer (via Hacker News):

This is what the current proposal actually entails[…]

Meredith Whittaker (via Hacker News):

Official statement: the new EU chat controls proposal for mass scanning is the same old surveillance with new branding.

Whether you call it a backdoor, a front door, or “upload moderation” it undermines encryption & creates significant vulnerabilities.

Proton:

“The fact that the EU interior ministers want to exempt police officers, soldiers, intelligence officers and even themselves from chat control scanning proves that they know exactly just how unreliable and dangerous the snooping algorithms are that they want to unleash on us citizens.”

Matthew Green:

People think ChatControl is about specific crimes. No, that’s not what’s at stake. What’s being made is an architecture decision for how private messaging systems work : if it passes, by law these systems will be wired for mass surveillance. This can be used for any purpose.

Once you build an architecture where every interpersonal private message goes through a scanning filter, one that reports to the police, the only question in the future is: what software updates do you push to that filter?

Alex Ivanovs (via Hacker News):

The EU Council and its participants have decided to withdraw the vote on the contentious Chat Control plan proposed by Belgium, the current EU President.

Update (2024-06-24): Nick Heer:

That is a truncated history of this piece of legislation: regulators want platform operators to detect and report CSAM; platforms and experts say that will conflict with security and privacy promises, even if media is scanned prior to encryption. This proposal may be specific to the E.U., but you can find similar plans to curtail or invalidate end-to-end encryption around the world[…]

Update (2024-09-17): Sebastiaan de With:

With Thierry Breton’s resignation the European Commission loses one of the most fierce proponents of ChatControl, their longtime effort to weaken or eliminate secure online communications, and regulatory overreach.

As a European I am genuinely relieved to see him gone, though I still fear there’s a lot of powerful forces trying to get it pushed through.

Previously:

Update (2024-09-19): Nick Heer:

This [new proposal] is a similar effort to that postponed earlier this year. The proposal (PDF) has several changes, but it still appears to poke holes in end-to-end encryption, and require providers to detect possible known CSAM before it is sent. A noble effort, absolutely, but also one which fundamentally upsets the privacy of one-on-one communications to restrict its abuse by a few.

Swift at 10

Basic Apple Guy:

10 Years Ago: Apple Announced Swift

Brian Webster:

10 year anniversary of Swift being announced at WWDC.

Chris Lattner:

Wow that’s right. This was a big day and Swift has come a long way in the intervening decade: Congrats to everyone who has driven it forward to support such an amazing tech platform! 🍎🐣

Jim Rea:

Interesting to go back and watch this presentation and see how Swift was originally promoted ten years ago. I would certainly say that Swift has been a huge success. On the other hand, I’m personally still 100% programming in Objective-C and that continues to be an excellent development environment for building a sophisticated Mac app.

My high-level take is that I generally like programming in Swift. I’m rewriting all my apps in it. But I’m not sure it was the right thing to build. It’s been such an immense effort both within Apple and for the community. This has been a distraction from apps, frameworks, architecture, and documentation. So much mindshare has been taken up by the language itself, which should be just a tool for building the things that actually matter for our customers. It’s come a long way, but the “end” is not yet in sight, as, even 10 years in, essential pieces are still being designed.

I think it’s quite possible that most of the parts that I, as an app developer, care about could have been had—sooner, and with greater tools speed and reliability—with a less ambitious project that actually tried to be Objective-C without the C, rather than a more static mega language that tries to replace C, C++, Objective-C, and Rust. The question is not how Swift 5.10 compares with Objective-C 2 but how it would compare with the hypothetical Objective-C n or Objective-Mojo that we could have had instead.

It all comes down to the big vision of world domination and having a single language from the bottom of the stack to the top. That would never have happened with a more pragmatic evolution of Objective-C. If that eventually pans out, and Swift ends up being good at all levels of the stack, that would be a triumph. But, here in 2024, it still seems like a very long way away. In another 10 years, I suspect that XNU and WebKit will still be mostly C and C++, and the app frameworks will still have large amounts of Objective-C (or C++ in the case of SwiftUI).

Now let’s look at some specifics. The good:

The bad:

Previously:

Update (2024-06-05): See also: Hacker News.

Der Teilweise:

I’d say what I like most about Swift is Optional. It is simple to use (especially since we got if let x {}) but gives one a warm feeling of not missing a nil.

I 100% agree with each and every point in the bad list.

Thinking of integer index for string, I’d add a “Stubbornness of the language guardians” (phrased as “Strict adherence to a clean design.”) but I do not disagree with any of the points that are on the list.

Damien Petrilli:

I agree with Michael’s take but to me the jury is still out on performance. It’s clearly not competitive against C++.

Update (2024-06-06): See also: this Swift roast and Nathan Manceaux-Panot.

Francisco Tolmasky:

Swift is 10. I think at 7 or so I asked whether it felt it was as mature as ObjC/Cocoa were at that age. I have a different question now. Where do we think Swift will be in 10 years? Will SwiftUI actually be capable of making a real Mac app? Or will we have a new language and/or framework by then (20 years after Swift). Or will the Mac maybe just no longer exist by then, making this question moot?

Kyle Howells:

There’s 2 separate worlds of software development.

Building apps and user facing features.

Infrastructure and low level language design.

Swift concurrency (and a lot of Swift actually) just looks to me like evidence the language people being given far too much power, to run away with architecture astronauting projects.

Sarah Reichelt:

Apple banning employees from developing their own apps has many negative effects and this is one of them.

Alex Grebenyuk:

The parts of Swift Concurrency that make me more productive when building apps are Async/Await and maybe MainActor. Everything else is more work for little benefit, making it impractical.

Update (2024-06-07): See also: Reddit and Lobsters.

Steve Streza:

  • The language delivered on core promises of better architecture, reduced crashes, more semantic types
  • The compiler is simply not adequate, it is barely functional and Apple has failed to invest in it sufficiently
  • Initiatives like WASM, server-side are exciting but hamstrung by the BDFL problem making it difficult to widen the ecosystem like in Rust, JavaScript, etc
  • Swift is still just “the language for Apple dev”, not a true C-level player like Rust

Update (2024-06-19): Andy Finnell:

After 10 years of Swift, I still get compiler crashes on the regular. Xcode should at least make them actionable.

The compiler logs give instructions on how to file a bug report. It should just be a button I can press.

The compiler logs give zero indication of what’s causing the crash. Xcode should have a command that runs a bisect over the file causing the crash until it’s identified the offending lines. i.e. automate what a human would do by commenting out code.

Daniel Hooper (via Hacker News):

The Swift compiler can take an absurdly long time to compile expressions due to how types are inferred. Here’s an explanation by the creator of Swift, Chris Lattner (from from his Mojo talk [Hacker News] and edited for clarity):

My experience with Swift is we tried to make a really fancy bi-directional Hindley-Milner type checker and it’s really great because you can have very beautiful minimal syntax but the problem is that A) compile times are really bad (particularly if you have complicated expressions) and B) the error messages are awful because now you have a global constraint system and when something goes wrong you have to infer what happened and the user can’t know that something over there made it so something over here can’t type check. In my experience it sounds great but it doesn’t work super well.

[…]

Swift 6 spends 42 seconds on these 12 lines on an M1 Pro, only to spit out the notorious error: the compiler is unable to type-check this expression in reasonable time; try breaking up the expression into distinct sub-expressions. In the same amount of time, Clang can perform a clean build of my 59,000 line C project 38 times. The Swift standard library has 17 overloads of + and 9 types adopting the ExpressibleByStringLiteral Protocol. This leads to an exponential combination of types and operators for the constraint solver to try.

Even very short snippets of code can trigger that error message, and compilation is also slow even for code that doesn’t trigger it.

Steve Troughton-Smith:

People seem to be blissfully unaware of just how many resources go into making yearly OS updates happen. An anecdatapoint I’ve heard thrown around is that the introduction of Swift into Apple’s codebases more than doubled the time it takes to build all of Apple’s OSes every night across their build farms, to the point where it now takes a day and a half to run a ‘nightly’ build.

Marcel Weiher:

Scrub a little earlier for more details on the problems with unpredictable performance.

Ben Cohen:

In May 2015 (so still in the Swift 1 days) I wrote a version of Peter Norvig’s simple spelling correction generator. I happened to think of it again and thought I’d try updating it to use all the improvements to Swift that have happened since then.

See also: Reddit, The Talk Show.

Update (2024-06-25): See also: Hacker News.

christophilus:

Ocaml is really fast to compile when I play with toy projects. It’s a fairly simple type system compared to, say, TypeScript (I’m not familiar enough with Swift to know how it compares to Ocaml in terms of type system complexity). I’d prefer the simpler language if it means faster compilation.

Helge Heß:

My protobuf schema now needs ~30 seconds to compile on the Swift side.⏳

Update (2024-07-15): Chris Lattner discusses progressive disclosure and Swift’s complexity (via Hacker News):

Swift, the original idea was factor complexity (…) massively failed, in my opinion (…) Swift has turned into a gigantic, super complicated bag of special cases, special syntax, special stuff

[…]

instead of fixing the core, what the team did, both when I was there, so partially my fault, but also subsequently, is they started adding all these special cases (…) a lot of this stuff got added under extreme time pressure to enable a feature like SwiftUI. And there’s a bunch of stuff that feeds into that, as well as just the language gets more and more and more and more complicated.

Update (2024-09-23): Chris Lattner:

Great to dive into PL with Richard, a legit language implementer! We explored a wide range of topics, incl lessons learned Swift=>Mojo, how the structure of integer types + overflow is more complex than it might look, approaches to safety, acceleration of novel HW with Mojo etc.

He talks about design decisions that led to Swift’s type checking being slow and its error messages being unhelpful, and how Mojo avoids these problems. Mojo also has much more limited support for custom operators because the fancy system developed for Swift ended up not getting much use to justify the complexity.

Sebastián Benítez:

After using Swift for more than 5 years I can confidently say that it’s getting worse with each addition, very similar to how C++ ended up being the monster it is. In comparison, Objective-C is simpler, somewhat minimalistic, and yet it did a great job for many Mac developers for a long time. I’ve heard that Swift code leads to less crashes and better performance, but that’s not what I’ve experienced. Well written Objective-C code can be easy to understand as much as well written Swift code. But overly complex Swift code is much more difficult to maintain and understand than similar Objective-C code.

SwiftData Issues in macOS 14 and iOS 17

Helge Heß:

Ugh, inverse SwiftData relationship updates do not seem to trigger Observation, that feels like a biggie 😳

[…]

This feels really bad, because the relationships are the thing which make an ORM worthwhile. I.e. you’d usually have a network of many objects being displayed in distinct views (not just the simple demo). Those will lack updates as connections change.

[…]

As far as I can tell CoreData does the right thing here and updates the inverse properly.

Tony Arnold:

SwiftData’s ModelContext.didSave and ModelContext.willSave don’t actually work in any current OS release, do they? FB13509149

Jon Duenas:

Trying to build a SwiftData predicate with even the slightest bit of complexity is a nightmare. I only have 4 properties to filter on and the compiler completely chokes when building the macro.

Tony Arnold:

Has anyone had much luck with non-optional one-to-many relationships in SwiftData?

[…]

I have the setup working, but I need to decode and insert the User entities prior to decoding and inserting the Place entities (and save!) so that I can lookup an existing User entity each time I decode and insert a new set of Places.

It seems like more effort than the rest of the framework would suggest is necessary.

Paul Darcey:

Yeah, it’s non-intuitive - you have to do it what I think of as “the wrong way around.”

Decode and initialise your User, but don’t insert it yet!

Decode and initialise your Place(s), and use the just-initialised User as the user for those Places

Then insert the Place(s).

Senor Ganso:

What I found is SwiftData is really finicky about relationships. The only reliable way is to make all of them optional, then first insert the base model and only the add the related models to it (preferably inserting them first too).

Helge Heß:

A SwiftData PersistentModel class stores the actual property data in an opaque BackingData thing which is created with the model. The interesting thing is that this seems to require a ModelContainer existing “somewhere” that has the model registered already.

[…]

Using the same type in multiple containers may be an antipattern. Though it shouldn’t be, they are global types.

I’m already running into crashes seemingly related to this in my test suite.

Sixten Otto:

I encountered this just a couple of days ago, and it makes me vaguely concerned that something’s going to end up inadvertently tied to the WRONG container stack, just because of the order in which things were initialized.

Helge Heß:

It is the bug where SwiftData doesn’t refresh the object when the underlying object changes. I think I can hack-fix that ;-)

Deeje Cooley:

Apple needs to start internalizing the idea that APIs need actual internal app customers before they can be ready for third-party developers. Looking at you, SwiftData.

Fatbobman:

With WWDC 2024 approaching, this article will evaluate the overall performance of SwiftData since its initial release during the Xcode 15 period (i.e., its first major version), and provide a forecast of its future development.

[…]

Although SwiftData’s design is highly visionary, its launch was clearly rushed, and its first version not only lacks some important features, but several key issues have also severely impacted its performance and usability[…]

[…]

SwiftData’s current performance in converting predicates that include optional values (transforming predicates into SQL commands) is poor, especially when handling “to-many” relationships with optional predicates. This deficiency not only severely impacts SwiftData’s usability but also significantly restricts the functionalities that applications using SwiftData can offer.

[…]

Appendix: Some Key Features Missing, Major Issues, and Partial Temporary Solutions in the First Version of SwiftData

Previously:

Monday, June 3, 2024

Privacy of Windows Copilot+ Recall

Kevin Beaumont (via Stephen Hackett):

Microsoft told media outlets a hacker cannot exfiltrate Copilot+ Recall activity remotely.

Reality: how do you think hackers will exfiltrate this plain text database of everything the user has ever viewed on their PC? Very easily, I have it automated.

[…]

Microsoft are going to deliberately set cybersecurity back a decade & endanger customers by empowering low level criminals.

Kevin Beaumont:

Every few seconds, screenshots are taken. These are automatically OCR’d by Azure AI, running on your device, and written into an SQLite database in the user’s folder.

This database file has a record of everything you’ve ever viewed on your PC in plain text.

[…]

In fact, you don’t even need to be an admin to read the database — more on that in a later blog.

[…]

Recall enables threat actors to automate scraping everything you’ve ever looked at within seconds.

During testing this with an off the shelf infostealer, I used Microsoft Defender for Endpoint — which detected the off the shelve infostealer — but by the time the automated remediation kicked in (which took over ten minutes) my Recall data was already long gone.

Tom Warren (The Verge):

This is the out of box experience for Windows 11’s new Recall feature on Copilot+ PCs. It’s enabled by default during setup and you can’t disable it directly here. There is an option to tick “open Settings after setup completes so I can manage my Recall preferences” instead.

Eric Schwarz:

This fact that this feature is basically on by default and requires numerous steps to disable is going to create a lot of problems for people, especially those who click through every privacy/permission screen and fundamentally don’t know how their computer actually operates—I’ve counted way too many instances where I’ve had to help people find something and they have no idea where anything lives in their file system (mostly work off the Desktop or Downloads folders). How are they going to even grapple with this?

Previously:

Update (2024-06-04): Zac Bowden (via Hacker News, MacRumors):

Microsoft has done the bare minimum to protect this data. It’s stored in a system directory that requires administrator and system-level rights to access and edit. However, these protections are easily bypassed, and an attacker could easily write a bit of software to ignore those permissions if they wanted.

[…]

With that said, I find the outrage about this discovery to be somewhat overblown. All your files are unencrypted when you’re using your PC, yet most people aren’t constantly concerned about malware potentially scraping their personal documents, pictures, downloads, videos, and synced cloud folders.

However, Recall would give it access to information that was deleted or that was shown on screen but never otherwise saved to disk.

John Gordon:

Windows Recall won’t be deployed in the enterprise.

Remember how much effort is put into archiving and deleting email to reduce legal discovery risks?

Update (2024-06-05): Kevin Beaumont:

If you want to know how Microsoft have got themselves into this giant mess with Recall, here’s what the documentation says between the lines: you, the customer, are a simpleton who doesn’t want to be an AI genius yet. Have a caveman mode.

Alternative view: Microsoft put their CEO in front of world’s media to launch a product customers largely don’t want, attached to their biggest brand, Windows, attached to new brand, Copilot, and didn’t handle security, privacy and AI safety properly while under massive scrutiny.

Charlie Stross (via Hacker News):

Use a password manager like 1Password? Sorry, your 1Password passwords are probably visible via Recall, now.

Now, “unencrypted” is relative; the database is stored on a filesystem which should be encrypted using Microsoft’s BitLocker. But anyone with credentials for your Microsoft account can decrypt it and poke around. Indeed, anyone with access to your PC, unlocked, has your entire world at their fingertips.

But this is an utter privacy shit-show. Victims of domestic abuse are at risk of their abuser trawling their PC for any signs that they’re looking for help. Anyone who’s fallen for a scam that gave criminals access to their PC is also completely at risk.

[…]

Microsoft “got serious” about security earlier this decade, around the time Steve Balmer stepped down as CEO, and managed to recover somwhat from having a reputation for taking a slapdash approach to its users data. But they’ve been going backwards since 2020, with dick moves like disabling auto-save to local files in Microsoft Word (your autosave data only autosaves to OneDrive), slurping all incoming email for accounts accessed via Microsoft Outlook into Microsoft’s own cloud for AI training purposes (ask the Department of Justice how they feel about Microsoft potentially having access to the correspondence for all their investigations in progress), and now this.

Rosyna Keller:

I’m not saying that it’s not possible to secure Windows Recall data stores from malware and other users.

I’m just saying that the features to secure it don’t exist on Windows.

See also: Andrew Cunningham.

Update (2024-06-07): Thomas Claburn (via Hacker News):

Asked to explore the data privacy issues arising from Microsoft Recall, the Windows maker’s poorly received self-surveillance tool, Jaime Teevan, chief scientist and technical fellow at Microsoft Research, brushed aside concerns.

Mark Hurst (via Hacker News):

Whatever blowback Microsoft faces if and when users are hacked because of Recall, there’s no chance the feature gets killed.

[…]

“Linux on the Desktop.” The free, open-source operating system of Linux is not owned by any company (Big Tech or otherwise), doesn’t contain any opaque surveillance code, and enjoys a worldwide community of developers who actually want to make the software better – not, as in Microsoft’s case, worse.

Pieter Arntz:

As a warning about how Recall could be abused by criminal hackers, Alex Hagenah, a cybersecurity researcher, has released a demo tool that is capable of automatically extracting and displaying everything Recall records on a laptop.

Kevin Beaumont:

If anybody is wondering if you can enable Recall on a machine remotely without Copilot+ hardware support - yep.

I’ve also found a way to disable the tray icon.

Andy Greenberg (via Hacker News):

On Friday, Microsoft announced that it would be making multiple dramatic changes to its rollout of its Recall feature, making it an opt-in feature in the Copilot+ compatible versions of Windows where it had previously been turned on by default, and introducing new security measures designed to better keep data encrypted and require authentication to access Recall's stored data.

Trent Harvey (screenshot):

This is their updated screen. It forces an absolute choice with happy language “Yes, save” as the choice in the default “continue/next” position - most likely to be selected by users who don’t read the screen or don’t have a fully informed context to decide.

As opposed to a more honest opt-in which would be a separate radio choice to Enable / Disable the feature with Continue/Next being it’s own action.

It’s better than Apple’s opt-outs that say “Later” and don’t even look like buttons.

Previously:

Update (2024-06-12): Zac Bowden (via Kevin Beaumont):

Microsoft has the Windows Insider Program, yet to maintain secrecy, it chose not to test this feature openly. I can’t think of a single feature that would have benefitted from public testing more than Windows Recall. This is the kind of feature that needs to be built in the open so that users can learn to trust you with it.

Had it been tested openly, these security concerns would have definitely been pointed out well ahead of general availability, and likely fixed before mass hysteria could ensue. Of course, the true reason Windows Recall wasn’t tested openly was because the company wanted to make it exclusive to new Copilot+ PCs, and you can’t really do that if you’re testing the feature on existing PCs where it works quite well.

Microsoft also wanted to keep Windows Recall a secret so it could have a big reveal on May 20. Except, it wasn’t really much of a big reveal. Many of us in the tech press already knew it was coming, even without being briefed on the feature ahead of time.

Update (2024-06-18): Reuters (via Hacker News):

Microsoft will not roll out “Recall”, an AI-powered feature that tracks computer usage, with its new computers next week and will instead preview it with a smaller group later, the tech giant said on Thursday, amid concerns of privacy risks.

digging:

This is confusing and vague to me, which I believe is exactly the intent. It focuses on security, reiterates that security is their top priority (and we know that this is untrue). What were the security problems? They don’t even allude to the existence or detection of any specific security problems.

It sounds to me like they’re figuring out a new marketing approach, or they’re softening the blow by “listening to users” and then rolling out more slowly, when outrage has died down and people will just accept it.

Joshua Nozzi:

What I really want to see is proper journalism around “how / why did this make it so far before Microsoft ‘realized’ how insecure and terrible an idea it is”.

AppleLeaker:

Joz’s answer [at The Talk Show] to Microsoft’s “Recall” failure is hilarious.

Update (2024-08-22): Andrew Cunningham (Hacker News):

Microsoft will begin sending a revised version of its controversial Recall feature to Windows Insider PCs beginning in October, according to an update published today to the company's original blog post about the Recall controversy. The company didn't elaborate further on specific changes it's making to Recall beyond what it already announced in June.

Update (2024-09-18): Cecily Mauran (via Hacker News):

It turns out Windows 11 users won’t be able to uninstall Microsoft’s controversial “Recall” feature after all.

[…]

But now, in a statement to The Verge, Microsoft clarified that that the uninstall option was just a bug.

Update (2024-09-30): Tom Warren (tweet):

A Recall uninstall option initially appeared on Copilot Plus PCs earlier this month, and Microsoft said at the time that it was a bug. It turns out that you will indeed be able to fully uninstall Recall. “If you choose to uninstall this, we remove the bits from your machine,” says Weston. That includes the AI models that Microsoft is using to power Recall.

[…]

The encryption in Recall is now bound to the Trusted Platform Module (TPM) that Microsoft requires for Windows 11, so the keys are stored in the TPM and the only way to get access is to authenticate through Windows Hello. The only time Recall data is even passed to the UI is when the user wants to use the feature and authenticates via their face, fingerprint, or PIN.

See also: Microsoft.

Update (2024-12-17): Avram Piltch (via Hacker News):

Microsoft’s Recall feature recently made its way back to Windows Insiders after having been pulled from test builds back in June, due to security and privacy concerns. The new version of Recall encrypts the screens it captures and, by default, it has a “Filter sensitive information,” setting enabled, which is supposed to prevent it from recording any app or website that is showing credit card numbers, social security numbers, or other important financial / personal info. In my tests, however, this filter only worked in some situations (on two e-commerce sites), leaving a gaping hole in the protection it promises.

“Lightning” Headphones That Require Bluetooth

Josh Whiton:

A crazy experience — I lost my earbuds in a remote town in Chile, so tried buying a new pair at the airport before flying out. But the new wired, iPhone, lightning-cable headphones didn’t work. Strange.

[…]

By now the gift shop people and their manager and all the people in line behind me are super annoyed, until one of the girls says in Spanish, “You need to have bluetooth on.” Oh yes, everyone else nods in agreement. Wired headphones for iPhones definitely need bluetooth.

[…]

With a little back and forth I realize that they don’t even conceptually know what bluetooth is, while I have actually programmed for the bluetooth stack before. I was submitting low-level bugs to Ericsson back in the early 2000’s! Yet somehow, I with my computer science degree, am wrong, and they, having no idea what bluetooth even is, are right.

[…]

True Apple lightning devices are more expensive to make. So instead of conforming to the Apple standard, these companies have made headphones that receive audio via bluetooth — avoiding the Apple specification — while powering the bluetooth chip via a wired cable, thereby avoiding any need for a battery.

Via John Gruber (Hacker News):

I think the problem these cheap manufacturers are solving isn’t that Lightning is expensive to license, but that it’s difficult to implement for audio. Actual Lightning headphones and headphone adapters have a tiny little digital-to-analog converter (DAC) inside the Lightning plug. It’s like a little computer. Doing it with Bluetooth and using the Lightning plug only for power is surely easier. It’s just lazy. But it’s kind of wild that the laziest, cheapest way to make unofficial “Lightning” headphones is with Bluetooth.

Previously:

The End of ICQ

ICQ (via Hacker News):

ICQ will stop working from June 26

You can chat with friends in VK Messenger, and with colleagues in VK WorkSpace

Wes Davis:

ICQ was started in 1996 by Israeli company Mirabilis, which AOL bought in 1998. ICQ grew to 100 million registered users at one point, at least according to a 2001 release from Time Warner, which had combined with AOL in a famously doomed merger. AOL sold the service to Digital Sky Technologies, the firm that owned VK, then known as Mail.ru, in 2010.

Via Mark Christian:

ICQ really was something special to me. I was absolutely glued to it for most of 1998 in particular, although I used it for years and years. I made some great friends on there[…] ICQ was the first social media platform I ever made a home on, and the uh-oh! notification sound will be etched in my mind forever. It’s hard to believe it’s been more than a quarter of a century since I was using it all day long; it’s even harder to believe that I’m still talking to some of those internet friends on a regular basis.

John Gruber:

Pre-mobile, “instant messaging” had a surprising number of popular platforms.

[…]

They all worked more or less the same way, and using any of these protocols was a lot like messaging today with iMessage, WhatsApp, or Signal. But there was one big difference: with the old “instant” messengers, you were only available while your computer was online. And even then, you could set your “status” — green for “sure, hit me up, I’m free”, and red for “I’m online, but don’t bother me right now”. And if you quit your messaging client or, you know, closed your laptop, poof, you were offline and unavailable.

If you wanted to contact someone asynchronously, you sent them an email. If you wanted to chat with messaging, you both needed to be online simultaneously.

The other key difference was that there used to be clients like iChat and Adium that worked with more than one service. It felt like you had some control and could use these services on your own terms. Now everything is all locked together. The only iMessage client is Apple’s. You can only use it on Apple’s platforms. And even then you can only log into one account at a time.

Previously:

AirTag Anti-Theft Successes

Elisha Fieldstadt (via Hacker News):

An Apple AirTag led to the arrest of an airline subcontractor accused of stealing thousands of dollars’ worth of items from luggage at a Florida airport.

[…]

Okaloosa County sheriff’s deputies investigating both suspected thefts cross-referenced Destin-Fort Walton Beach Airport employees who lived near Kathy Court and found De Luca at his home. He was arrested Aug. 10.

The items reported missing on Aug. 9 were recovered, and De Luca admitted to rummaging through someone else’s luggage and removing an Apple AirTag, the sheriff’s office said. The woman’s luggage has not been found.

Paul Duggan (via Hacker News):

Twice before, this Virginia carpenter had awoken in the predawn to start his work day only to find one of his vans broken into. Tools he depends on for a living had been stolen, and there was little hope of retrieving them. Determined to shut down thieves, he said, he bought a bunch of Apple AirTags and hid the locator devices in some of his larger tools that hadn’t been pilfered. Next time, he figured, he would track them.

It worked.

On Jan. 22, after a third break-in and theft, the carpenter said, he drove around D.C.’s Maryland suburbs for hours, following an intermittent blip on his iPhone, until he arrived at a storage facility in Howard County. He called police, who got a search warrant, and what they found in the locker was far more than just one contractor’s nail guns and miter saws. […] Seth Hoffman, a Howard County police spokesman, said investigators think most of the 15,000 or so tools were stolen in Northern Virginia and Pennsylvania. Howard County is just where they were stashed.

Previously:

Update (2024-06-06): Jeff Weinsier:

Now, an airport employee has been arrested and charged with grand theft, and the incident was caught on camera.

[…]

Garcia’s MacBook, two Apple watches, an iPad, jewelry and designer clothes were all taken.

[…]

The Apple watch signal was coming from a house at 1017 NW 11th Ct.

When she arrived, she said she saw suitcases all over the place, so she started to take video and called 911.

That was lucky since batteries for Apple Watch don’t last as long as for AirTag.

Update (2024-08-22): Ryan Christoffel:

The Los Angeles Times reports that a woman in Santa Barbara County used an AirTag to catch package thieves in her neighborhood.

After dealing with several instances of mail theft—with items stolen directly from her mail box—the woman decided to try a creative solution.

She mailed herself a package containing an Apple AirTag tracking device, on the off chance it would get taken. The bet paid off.