Archive for August 2024

Friday, August 30, 2024

Marathon Games on Steam

Malcolm Owen:

Bungie has finally brought all of the “Marathon” trilogy of games to Steam, with “Marathon Infinity” now playable for free on modern Macs.

[…]

Classic Marathon Infinity is a free game on the Steam storefront, playable on both Mac and Windows PC. It is a faithful re-release of the 1995 first-person shooter, using the original data files, but modernized.

These modernizations include widescreen HUD support, 3D filtering, positional audio, and 60+ fps interpolation, all under the Aleph One game engine.

Previously:

Cancellable withObservationTracking in Swift

Toomas Vahter:

This function works as a one shot function and the onChange closure is called only once. Note that it is called before the value has actually changed. If we want to get the changed value, we would need to read the value on the next run loop cycle. It would be much more useful if we could use this function in a way where we could have an observation token and as long as it is set, the observation is active. Here is the function with cancellation support.

[…]

The token closure controls if the change should be handled and if we need to continue tracking. Will and did change are closures called before and after the value has changed.

Previously:

Update (2024-09-18): See also: Marcin Krzyzanowski.

SwiftUI Breaks Continuity Camera

Wade Tregaskis:

If any view in the [active] window contains a Toggle – even one that’s disabled or hidden – then Continuity Camera (re. ImportFromDevicesCommands and importableFromServices) doesn’t work; all the submenu items under “Import from iPhone or iPad” are disabled.

I don’t know if this is truly specific to Toggle, that’s just the example case I happen to have isolated [first?].

What’s really weird is that once a Toggle has ever been displayed, even if you subsequently remove it from the view hierarchy entirely the “Import from iPhone or iPad” submenu items all remain disabled.

Previously:

macOS Firewall Slows DNS Queries

Jeff Johnson (Reddit):

I took packet traces of the DNS queries with the firewall enabled and disabled. What I found is that the DNS query response packet consistently arrives in under 20 milliseconds after the query packet is sent, regardless of whether the firewall is enabled. Thus, it appears that the extra query time added by the firewall is caused by on-device processing of the packets rather than by any network issue.

[…]

On my MacBook Pro running Sonoma, but not on my Mac mini running Sonoma, I frequently experience a bizarre issue where the dig command takes over 5 seconds to complete when the firewall is enabled.

DNS queries are several times slower, however this may be fixed in Sequoia.

Thursday, August 29, 2024

EditorConfig Files in Xcode

Pol Piella:

As a developer for Apple platforms, you probably work on multiple projects with different coding styles and conventions and have to find yourself adjusting Xcode’s editor settings every time you switch between projects. This can be a tedious process that you might forget to do or overlook and, if the project does not have a linter that enforces the coding style, you might end up with inconsistent code formatting across the codebase.

Thankfully Xcode 16 adds support for EditorConfig files, which allows you to define Xcode editor settings in a programmatic way on a per-project basis. In this article, you will learn how to set up EditorConfig files in Xcode and what settings are supported at this time.

They also work in BBEdit.

Previously:

Find Any File 2.5

Thomas Tempelmann:

Adds a “Name without Extension” rule.

[…]

Holding the Option key with the search location popup menu open will now also show the System and Data members of bootable volumes. If you choose a “(Data)” volume as the search destination, it’ll skip the original files installed by Apple, making the search faster. If you’re searching only for files you created, this is a useful method to speed things up.

[…]

Can now search on NAS and *nix server much faster by running the “find” command remotely.

[…]

The popup menus for the search location and the rules can now show the hidden (expert) items by holding down the Option key.

Via John Gruber:

Amongst other features, FAF supports regular expressions, and you can save frequently-used searches to easily re-run them.

Thomas Tempelmann:

A nice side effect of using FindAnyFile on your Time Machine volume is that it can alert you about structural errors on your TM volume, which might later prevent you from restoring all your data. FAF has alerted users hundreds of time about this in the past.

You could as well just run Disk Utility’s First Aid check on the TM volume, but many don’t ever think of that.

Previously:

Calling async Code Synchronously in Swift

Wade Tregaskis:

I find my hand is often forced by APIs I don’t control (most often Apple’s APIs). e.g. data source or delegate callbacks that are synchronous and require you to return a value, but in order to obtain that value you have to run async code (perhaps because yet again that’s all you’re given by 3rd parties, or because that code makes sense to be async and is used happily as such in other places and you don’t want to have to duplicate it in perpetuity just to have a sync version).

If that asynchronosity is achieved through e.g. GCD or NSRunLoop or NSProcess or NSTask or NSThread or pthreads, it’s easy. There are numerous ways to synchronously wait on their tasks. In contrast, Swift Concurrency really doesn’t want you to do this. The language and standard library take an adamant idealogical position on this – one which is unfortunately impractical; a spherical chicken in a vacuum.

Nonetheless, despite Swift’s best efforts to prevent me, I believe I’ve come up with a way to do this.

[…]

Do not call this from a thread used by Swift Concurrency (e.g. an actor, including global actors like MainActor) if the closure - or anything it calls transitively via await - might be bound to that same isolation context. Doing so may result in deadlock.

Previously:

Mobile Deployment Pipelines for $0

Jacob Bartlett:

Today, I’ll show you how to set up CI on your side projects. For free!

  • Part I: Fastlane

  • Part II: App Store Connect

  • Part III: GitHub Actions

[…]

Frustratingly, cloud-hosted MacOS runners on GitHub Actions cost 10x as much per minute as Linux runners. While public repos are granted 200 minutes of Mac runner time a month, this can be spenny for private or particularly-active repos.

[…]

You can set up a local machine — even your standard development laptop! — as a self-hosted runner.

Previously:

Wednesday, August 28, 2024

Updating Apple Developer Credit Card on File

Adam Tow:

I created my Apple Developer account many years ago, and I think I’m stuck in some kind of limbo state where my credit card information is stored in some forgotten part of Apple’s backend systems.

[…]

Yet, even after updating the one card that I thought was expired with the new expiration date and verification code, I was still seeing the warning atop the Apple Developer Account page.

[…]

After some more internet sleuthing and digging, I found this thread from 2019 on StackExchange which described a workaround. It involves going to an older Apple Store url.

I had a similar issue updating my address recently. The online forms didn’t fully work, and eventually someone had to fix it manually. I don’t understand how this site used by tens of millions of developers is still so rickety.

Matthias Gansrigler:

I can’t state how much I love when App Store Connect logs me out right after I reply to the App Review board, completely deleting everything I wrote.

Google Delayed Removing Yobit Pro Scam App

Zack Abrams (via Hacker News):

Google has been served with a lawsuit from a Florida woman who claims she lost $5 million to a scam cryptocurrency app downloaded from the Google Play Store.

Though Google received a complaint about the app from the Consumer Financial Protection Bureau, the lawsuit claims Google took three months to remove the scam app, and that at least five other users of the app had similar experiences while it was available on the store.

[…]

Vaca’s lawsuit says she only downloaded the app because she believed Google was successfully preventing scam apps from becoming available on the Google Play store.

There were 12,759 installations of the app.

Previously:

Making Shortcuts’ Action Editor Easier to Browse

Matthew Cassinelli:

In iOS 18.1 developer beta 2, Apple has updated how it organizes actions in the Shortcuts app to create a better experience for users, including a new ordering inside action and categories, as well as two new categories.

This a long overdue change to the Action Editor, which should make it easier for new users to learn how to use Shortcuts – categories are more distinct, important actions are easier to find, and there’s a logical sort order inside groups to help you progressively understand how to use them.

Previously:

Skip 1.0

SKIP.tools (via Abe White, Hacker News):

Skip brings Swift app development to Android. Share Swift business logic, or write entire cross-platform apps in SwiftUI.

Skip is the only tool that enables you to develop genuinely native apps for both major mobile platforms with a single codebase. Under the hood, it uses the vendor-recommended technologies on each OS: Swift and SwiftUI on iOS, Kotlin and Compose on Android.

Marc Prud’hommeaux:

It doesn’t embed a separate engine or runtime into your app, but instead lets you use pure Swift and SwiftUI to create the iOS side of the app (as per Apple’s recommended best practices for creating iOS apps), and transpiles it into a pure Kotlin and Jetpack Compose app for the Android side (which is Google’s recommendation for building Android apps). So your application will use platform-native controls and will automatically have all the affordances provided by the platform vendor: animations, accessibility, and future-proof evolution alongside OS updates.

Previously:

Update (2024-09-13): Craig Hockenberry:

I love what the folks at skip.tools are doing.

But the deal killer for us, and I suspect many others, is the inevitability of UIKit in your SwiftUI app. No matter how hard you try, you’ll eventually have a UIViewControllerRepresentable implementation and that’s all code that’s going to need a separate Kotlin/Compose code.

Worse, these views tend to be a core part of the performance/experience in the app. Like Tapestry’s timeline.

And when you try to implement UIKit as a cross-platform toolkit, you quickly realize that it’s a Sisyphean task.

Previously:

Update (2024-09-25): Helge Heß:

To be honest, I’ve long held the opinion that the @skiptools approach would work really well for doing a Web SwiftUI. I.e. having a Swift to JavaScript transpiler. This is on my long to do list, might be somewhat viable w/ SwiftAST / SwiftSyntax 🙂

Tuesday, August 27, 2024

Migrating KeyboardKit to Swift 6 Language Mode

Douglas Hill (tweet):

Over the weekend, I updated KeyboardKit to full data race safety with Swift 6 language mode. KeyboardKit is my open source framework that‘s the easiest way to add comprehensive hardware keyboard control to an iPad, iPhone, or Mac Catalyst app.

This is a great test case because KeyboardKit is a small UI framework that doesn’t perform any slow operations, so all its code is intended to be run on the main thread. It should be trivial to opt into strict concurrency. I didn’t want to spent more than about an hour on this.

Many issues were resolved simply by annotating types with @MainActor, but I wanted to share three interesting situations that came up in the migration, two of which seem like issues on Apple’s side.

[…]

No data race safety issues were exposed.

Previously:

Marlinspike on Agile and Security

Brandon Vigliarolo (Hacker News):

Marlinspike opened the second day of Black Hat with a talk that was ostensibly supposed to be a fireside chat with Black Hat founder Jeff Moss, but the Signal founder stole the show with an opening chat laying out a case for reclaiming the “magic” of software development that’s been lost after 20 years. That loss, he argued, was due to stuffing developers into “black box abstraction layers” that strip them of the freedom needed to be innovative.

[…]

Instead of allowing developers to operate from the bottom up in a way that lets them combine engineering expertise with the vision to see new capabilities in existing technology, agile teams end up siloed, working separately from each other, and without much visibility into what other teams are doing, he argued.

[…]

While software engineering has spent the past few decades struggling to become quicker, more flexible and, by extension, more abstracted, security researchers have been doing the opposite, said Marlinspike.

Irreal:

He blames its current deplorable conditions on Agile but what he really means is layers and layers of abstraction that prevent the developer from understanding what is really happening with their software.

[…]

The difficulty is that our corporate industry leaders love this stuff because it enables them to produce loads of software faster and easier. The problem is that no one, including the developers, really understand what it’s doing. The result is exploit after exploit. And, as Marlinspike says, a lack of joy on the part of those writing the software.

smokel:

Here's a theory on why (some form of) Agile is problematic: Subdividing work into smaller parts is typically beneficial. However, in computer programming, this approach often fails because even the smaller tasks require some creativity, and unexpected challenges are likely to arise.

The person who did the subdividing gains a lot of insight while breaking down the larger problem. However, when transferring a portion of the work to a developer, much of this knowledge is inherently lost. The developer must then devise a creative solution, and lacking the necessary information, may either come up with a suboptimal solution or need further communication with the original architect.

There is no clear-cut solution. Some might argue for more experienced developers who have all the necessary knowledge readily available in their heads. Others might advocate for better design diagrams and documentation to capture all the relevant information. Ultimately, it requires careful consideration, or luck, to strike the right balance. But the dogmas of Agile certainly aren't helping much.

See also: Peter Naur and ncharity.

Previously:

The NeXT IPO That Never Happened

Hansen Hsu (2017, via David Kopec):

Had Steve Jobs’ first company not bought his second, history likely would have been very different. Apple might not exist today. No iPhone. But what could have happened to NeXT? Former NeXT software leader and then-Apple Senior VP of Software Avie Tevanian has donated to the Computer History Museum a historic document that hints at this alternate history: a draft of a November 1996 S-1 SEC statement, never completed or submitted, declaring that NeXT was planning to issue an initial public offering of 5 million shares of common stock.

[…]

Although NeXT’s business in 1996 was about evenly split between its existing OPENSTEP business and WebObjects, Jobs and the NeXT executives believed the WebObjects business would grow much faster than the steadily growing OPENSTEP business and eventually become a majority of its sales.

None of this ever happened. While Jobs was preparing for the NeXT IPO by developing the S-1 disclosure, his first company, Apple, was sinking.

The Insane Engineering of the Game Boy

Real Engineering (via John Gruber):

The original Gameboy was launched in 1989 and was received with mixed reviews. While its success is ingrained in our cultural memory now, when it was launched it was a technologically inferior product. The Gameboy was designed to be a cheap, low-powered, portable gaming system. It was limited in many ways. No backlight for the screen and incredibly low installed memory available for coding games. Review magazines of the time viewed these features as a negative, but these compromises in design were exactly why the Gameboy succeeded. This was a console for the masses. Even with these limitations, engineers and programmers came up with ingenious methods to create games that have not only stood the test of time but launched some of the most valuable franchises in the history of the entertainment industry, TV shows, movies, toys, and even theme parks.

Previously:

Monday, August 26, 2024

Telegram Founder Arrested

Nadeem Badshah and Reuters (Hacker News, MacRumors, The Verge):

Pavel Durov, billionaire co-founder and chief executive of the Telegram messaging app, was arrested at the Bourget airport outside Paris on Saturday evening, TF1 TV said, citing an unnamed source.

[…]

Telegram offers end-to-end encrypted messaging and users can also set up “channels” to disseminate information quickly to followers.

John Gruber:

One-on-one chats in Telegram are not encrypted by default and group chats never are. Telegram employees have access to every single message ever sent to every group.

Nick Heer:

I believe it is best to wait until there is a full description of the crimes French authorities are accusing Durov of committing before making judgements about the validity of this arrest.

[…]

One can quibble with Telegram’s choices. How appealing it is to be using an app which does not support end-to-end encryption by default is very much a user’s choice. But one can only make that choice if Telegram provides accurate and clear information. I have long found Apple’s marketing of iMessage deceptive. Telegram’s explanation of its own privacy and security is far more exploitative of users’ trust.

Matthew Green (Hacker News):

This post is inspired by the recent and concerning news that Telegram’s CEO Pavel Durov has been arrested by French authorities for its failure to sufficiently moderate content. While I don’t know the details, the use of criminal charges to coerce social media companies is a pretty worrying escalation, and I hope there’s more to the story.

There are some details here (Hacker News), but I don’t have a good understanding of the charges. Some questions that come to mind:

Matthew Gault (Hacker News):

Telegram is a lot of things—a great place for open-source intelligence about war, a possible vector for child sex abuse material, and a hub for various scams and crimes—but it is absolutely not an encrypted chat app. Does Telegram provide an encrypted chat option? Yes, but it’s not on by default and turning it on isn’t easy.

[…]

Telegram is mostly about big group chats and channels where people share information with their fans.

Maybe the encryption issue is a distraction it’s mostly a Facebook-style social network. How would E2EE make sense there?

Previously:

Update (2024-09-09): Preston Byrne (via Hacker News):

Most countries do not have such a permissive regime. France is part of that group. In 2020, for example, the Loi Lutte Contra la Haine sur Internet (Law against hate speech on the Internet) in relation to which global Internet companies can be fined $1.4 million per instance, and up to 4% of their total worldwide revenue, for failing to restrict “hate speech” (which in the United States constitutes “protected speech”) from their websites. Similarly, Germany has its law, the Netzwerkdurchsetzungsgesetz or “Network Enforcement Act” (sometimes referred to as the “Facebook-gesetz” but more commonly referred to by its acronym, the NetzDG), in relation to which politically inflammatory content must come down or the government has the power to impose fines north of EUR 50 million.

[…]

If, however, the French are simply saying that Durov’s failure to police his users or respond promptly to French document requests is the crime (which I suspect is the case), then this represents a dramatic escalation in the online censorship wars. What it means is that European states are going to try to extraterritorially dictate to foreign companies what content those companies can and cannot host on foreign-based webservers.

If correct, this would represent a major departure from the U.S.-compliant approach most U.S.-headquartered social companies currently take, which has generally governed the global compliance strategies of most non-China social media companies, including any which offer greater or lesser degrees of full encryption on their services (Telegram’s “Secret Chats” feature, WhatsApp, and Signal among them). In brief, platforms thought that if they didn’t specifically intend their platforms to be put to criminal use, they’re unlikely to find themselves on the receiving end of criminal charges. That’s not true anymore, apparently.

[…]

Facebook’s popular encrypted messaging app WhatsApp has, famously, been used for years by the erstwhile non-state terror organization in, and now rulers of, Afghanistan, the Taliban. This fact was widely known by NATO generals and reported in the press during the Afghan war, and was even reported on again in the New York Times as recently as last year[…]

Zlatti71:

Pavel Durov said that he was lured to France by President Macron.

It turns out that the French president invited Durov to dine together. Pavel told about this during interrogation by the police, the French newspaper Le Canard Chainé claims.

But instead of lunch, Durov was met in France by local police.

Victor Goury-Laffont (Slashdot):

President Emmanuel Macron said Monday that the French government was not involved in the arrest of Telegram founder and CEO Pavel Durov.

Jon Brodkin (Slashdot):

On Monday, prosecutor Laure Beccuau issued a statement saying Durov was arrested “in the context of a judicial investigation” into a “person unnamed.” The wording leaves open the possibility that the unnamed person is someone else, but the prosecutor’s statement listed a raft of potential charges that may indicate what Durov could be charged with.

Barbara Surk and Angela Charlton (via Hacker News):

Preliminary charges under French law mean magistrates have strong reason to believe a crime was committed but allow more time for further investigation.

Telegram (via Hacker News):

Telegram abides by EU laws, including the Digital Services Act — its moderation is within industry standards and constantly improving.

[…]

It is absurd to claim that a platform or its owner are responsible for abuse of that platform.

Telegram:

Establishing the right balance between privacy and security is not easy. You have to reconcile privacy laws with law enforcement requirements, and local laws with EU laws. You have to take into account technological limitations. As a platform, you want your processes to be consistent globally, while also ensuring they are not abused in countries with weak rule of law. We’ve been committed to engaging with regulators to find the right balance. Yes, we stand by our principles: our experience is shaped by our mission to protect our users in authoritarian regimes. But we’ve always been open to dialogue.

Sometimes we can’t agree with a country’s regulator on the right balance between privacy and security. In those cases, we are ready to leave that country. We’ve done it many times. When Russia demanded we hand over “encryption keys” to enable surveillance, we refused — and Telegram got banned in Russia. When Iran demanded we block channels of peaceful protesters, we refused — and Telegram got banned in Iran. We are prepared to leave markets that aren’t compatible with our principles, because we are not doing this for money. We are driven by the intention to bring good and defend the basic rights of people, particularly in places where these rights are violated.

Jason Koebler:

We at 404 Media have seen and reported on much of the illegal activity on Telegram with our own eyes. Telegram is widely and blatantly used in the open by drug dealers who advertise their products on Facebook and Instagram, hackers who sell credit cards in public groups, hacking crews that have begun to commit physical violence against each other, widespread fraud rings, and people who make and sell nonconsensual, AI-generated sexual content of celebrities, ordinary people, and minors.

Crucially, much of this content is not encrypted, because group chats on Telegram are not encrypted and because encryption is not enabled by default. It would be more accurate to call Telegram a messaging app on which a version of encryption can be enabled for certain chats if you want. It is not really an “encrypted messaging app.” Many of these devices and groups are advertised in the open, and many of these groups have thousands of users. In our experience, Telegram does very little to remove this sort of activity, and in many years of reporting on them, we can think of only one instance in which Telegram actually banned a group we sent to them.

[…]

It can be simultaneously true that Pavel Durov has enabled some of the worst things on the internet via Telegram but that his arrest partially on the grounds of “providing cryptology services” should be more broadly concerning.

Mike Masnick:

The problem is, without more details, we have no idea what is actually being charged and what his alleged responsibility is. After all, we’ve seen other cases where people have been charged with sex trafficking, when the reality was that was just how law enforcement spun a refusal to hand over data on users.

On top of that, leaping to criminal charges against an exec over civil penalties for a company… seems strange. For that to make any sense, someone should need to show actual criminal behavior by Durov, and not just “his service hosted bad stuff.”

[…]

The other interesting point is how central Telegram has been to Russia’s war in Ukraine, for both sides.

Of course, Europol has also said that Telegram cooperates with its request for dealing with terrorism online. And other reports have talked about Telegram cooperating with German officials and handing over data on users.

[…]

Also, I have to remind folks that a little over two decades ago, France also put out an arrest warrant on Yahoo CEO Tim Koogle, charging him as a war criminal, because Yahoo’s auction site in the US (notably, not the French version) allowed people to sell Nazi memorabilia. Eventually he was acquitted.

jgarzik:

Most people really, really do not understand the large amount of military traffic on Telegram, and the consequence of that during wartime... and how valuable that is to multiple nation-states around the world.

Strategic comms, soldier command and control, battlefield drone command and control, intel asset management.

ProPublica:

Telegram’s ease of use, its huge public channels and the ability to encrypt private conversations have helped fuel its global appeal. Ukrainian President Volodymyr Zelensky used the app to rally his compatriots to repel the Russian invasion. Activists in Hong Kong turned to Telegram to organize demonstrations against a repressive law. In Belarus, pro-democracy forces used the platform to fight back against election fraud.

Mike Masnick:

I would bucket the list of charges into four categories, each of which raise concerns.

[…]

It says there was a “refusal to communicate, at the request of competent authorities, information or documents necessary for carrying out and operating interceptions allowed by law.” This could be about encryption, and a refusal to provide info they didn’t have, or about not putting in a backdoor. If it’s either of those, that would be very concerning. However, if it’s just “they didn’t respond to lawful subpoenas/warrants/etc.” that… could be something that’s more legitimate.

[…]

In the end, though, a lot of this does seem potentially very problematic. So far, there’s been no revelation of anything that makes me say “oh, well, that seems obviously illegal.” A lot of the things listed in the charge sheet are things that lots of websites and communications providers could be said to have done themselves, though perhaps to a different degree.

Ronny Reyes:

Among the charges was an allegation that he refused to help French authorities wiretap users of the site who were suspected of crimes, Paris prosecutors said.

[…]

Prosecutor Laure Beccuau accused Durov, 39, of showing a “near-total absence” of replies to legal demands from officials looking for Telegram to help crack down on crime tied to its services.

Lindsay Clark:

He has since been released on €5 million bail, is not allowed to leave France, and must report to the police twice a week.

Albert Wenger:

How much moderation should there be on social networks? What are the mechanisms for moderation? Who should be liable for what?

The dialog on answering these questions about moderation is broken because the most powerful actors are motivated primarily by their own interests.

Mike Rockwell:

Why should we allow governments to force companies to moderate the content shared through their services? Why should we be treating speech online any differently than speech spoken in person?

Should restaurants be forced to moderate the speech of their patrons? Should they be forced by their government to install microphones at each table to ensure their customers aren’t sharing misinformation or engaging in illegal activity? Of course not.

Should customers be told that they are only allowed to speak in a restaurant if they do so in code? Of course not.

Nick Heer:

It is important to more fully contextualize Telegram’s claim since it does not seem to be truthful. In 2022, Der Spiegel reported Telegram had turned over data to German authorities about users who had abused its platform. However, following an in-app user vote, it seems Telegram’s token willingness to cooperate with law enforcement on even the most serious of issues dried up.

I question whether Telegram’s multi-jurisdiction infrastructure promise is even real, much less protective against legal demands, given it says so in the same FAQ section as its probably wrong “0 bytes of user data” claim. Even so, Telegram says it “can be forced to give up data only if an issue is grave and universal enough” for several unrelated and possibly adversarial governments to agree on the threat. CSAM is globally reviled. Surely even hostile governments could agree on tracking those predators. Yet it seems Telegram, by its own suspicious “0 bytes” statistic, has not complied with even those requests.

Durov’s arrest presents an internal conflict for me. A world in which facilitators of user-created data are responsible for their every action is not conducive to effective internet policy. On the other hand, I think corporate executives should be more accountable for how they run their businesses. If Durov knew about severe abuse and impeded investigations by refusing to cooperate with information the company possessed, that should be penalized.

Max Read (via Hacker News):

But there are also limits to the “media company” as an analogy to explain them, or to understand their place in the world. More newsy coverage of Durov’s arrest has seemed to imply that the complaint underlying the specific charges is less the content viewable on Telegram and more his and his company’s unwillingness to assist French (and European) law enforcement in tracking down the people posting it, as the Times writes[…] If you accept this reporting of events, I suppose in somewhat indirect sense Durov’s arrest is a “free speech” issue, but it’s not really a “censorship” issue, as Carlson would have it.

Sean Hollister:

Twelve days after he was arrested in France, Telegram CEO Pavel Durov has broken his silence with a 600-word statement on his Telegram account that blames “growing pains that made it easier for criminals to abuse our platform.”

[…]

While the vast majority of his statement today paints his arrest as surprising and unfair, he also admits that policing Telegram has become harder. Durov says it’s now his “personal goal” to “significantly improve things in this regard.”

Mia Sato (Hacker News):

Telegram has quietly removed language from its FAQ page saying private chats were protected and that “we do not process any requests related to them.”

[…]

In response, Telegram spokesperson Remi Vaughn says the app’s source code has not changed.

[…]

Earlier on Thursday evening, Durov issued his first public statement since his arrest, promising to moderate content more on the platform, a noticeable change in tone after the company initially said he had “nothing to hide.”

Emma Roth:

Durov says the service has stopped new media uploads to its standalone blogging tool, Telegraph, because it was “misused by anonymous actors.”

[…]

Telegram has also removed its People Nearby feature, which lets you find and message other users in your area. Durov says the feature has “had issues with bots and scammers” and was only used by less than 0.1 percent of users. Telegram will replace this feature with “Businesses Nearby” instead, allowing “legitimate, verified businesses” to display products and accept payments.

Pavel Durov:

While 99.999% of Telegram users have nothing to do with crime, the 0.001% involved in illicit activities create a bad image for the entire platform, putting the interests of our almost billion users at risk.

That’s why this year we are committed to turn moderation on Telegram from an area of criticism into one of praise.

All this sounds like he was forced into some kind of deal, but it’s hard to say what’s changing in practice. Haroun Adamu notes a similar case with Telegram and Brazil in 2022.

Update (2024-09-25): Emma Roth (via Hacker News):

Telegram will now turn over a user’s phone number and IP address if it receives a request from authorities, according to its just-updated privacy policy.

Update (2024-10-03): Nick Heer:

I do not know what to make of this. There is a vast difference, in my mind, between “0 bytes of user data” — which would include things like IP addresses and phone numbers — and “0 bytes of user messages”. Perhaps this was just poor wording in the earlier version — if so, it feels misleading. If I were some crime lord, I would see that as reassurance Telegram reveals nothing, especially with its reputation.

[…]

I do not know whether I can believe him. From the outside, it looks like Telegram was habitually uncooperative with law enforcement on legitimate investigative grounds. It turned over some data to German authorities but realized users hated that, so it did one of two things: it deceived authorities, or it deceived users. […] I understand being skeptical of charges like these and I am not condemning Durov without proof. But I do not believe Durov either.

CarPlay Spinning Its Wheels

Dan Moren:

But even against this backdrop, CarPlay increasingly found itself squeezed by a variety of factors: automobile manufacturers who didn’t want to cede control to an outside force, internal Apple forces focusing on the nascent car project, and increased competition from Google, which not only debuted its own Android Auto feature a year after CarPlay, but also made a play for even deeper integration via Android Automotive a few years later. The future of the feature was far from assured.

[…]

Let’s be clear: CarPlay is far from dead. It continues to get new features with every major update to iOS. This year, it gains a few new additions, including a handful of design tweaks, the sound recognition feature for horns, and new accessibility options, including color filters. All features which are nice to have, even if none rise to the level of significant changes.

[…]

So where does this leave CarPlay? It’s ended up in a holding pattern: It’s good enough for most of what it does, but with the potential of next-generation CarPlay waiting in the wings, it’s understandable that the current version isn’t really being pushed forward.

I don’t think users really care about the next-gen stuff. Just focus on the basics. Improve the design of the existing screens. Actually show the full title of the song that’s playing. Show a history in Music. Make muting in Maps one-tap. Add basic features that are missing from the car versions of the built-in apps. Add more built-in apps, like Find My. None of this is blocked by the auto makers.

Previously:

Update (2024-10-31): One of the simplest and most useful potential improvements to CarPlay would be if I could actually use the Favorite Artists feature. This would save lots of drilling through menus and on-screen typing. After asking on Mastodon, the conclusion seems to be that Apple only lets you star artists as favorites if you subscribe to Apple Music.

Previously:

Using Codable and Enums in SwiftData Models

Fatbobman (Reddit):

In SwiftData’s default storage implementation, the method of persisting the people attribute is not by converting data into binary format through encoders such as JSONEncoder and storing it in a single field (similar to Core Data’s Value Transformer). Instead, SwiftData creates separate fields for each attribute of Codable data within the table corresponding to the entity (interpreted as converting to Core Data’s Composite attributes).

[…]

Such errors indicate that not all complex types conforming to the Codable protocol are suitable for SwiftData models. Although some complex Codable types may compile correctly, they can lead to inconsistent behavior and anomalies in practice (many developers have reported such issues without a clear pattern).

It’s odd how Codable is used as the marker for automatic destructuring, but then SwiftData doesn’t actually follow your Codable conformance (or even the CodingKeys names) to decide how to do it.

Due to the non-fully encoding and decoding nature of Codable types, altering their properties by adding, removing, or renaming can disrupt SwiftData’s lightweight data migration mechanism. This is particularly critical when the application employs SwiftData’s built-in cloud synchronization feature, as such modifications may not comply with the cloud synchronization rules, leading to sync failures.

[…]

Although using enum types directly as model properties is highly convenient, as of iOS 18, SwiftData still does not support using enum types as query predicates.

Previously:

Chrome’s Manifest V3 and uBlock Origin

Michael Crider (Hacker News):

A change in Chrome’s extension support — from the Manifest V2 framework to the newer V3 — is being billed as a way to make browser add-ons safer, more efficient, and compliant with modern APIs. But it’s also deprecating features that complex extensions reply upon.

One of those extensions is uBlock Origin, an ad-blocking tool with over 30 million users according to its Chrome Web Store page (and presumably many more users across other browsers).

Martin Brinkmann (Hacker News):

Note: these changes will also impact other Chromium-based browsers, including Microsoft Edge, Opera, or Vivaldi. Brave is special, as the developers announced that they will continue to support uBlock Origin and several other extensions (but not all).

[…]

There is a way to keep on using the classic extensions for longer. While Google turns off support for home users immediately, it is giving Enterprise customers an option to extend support by one year.

Previously:

Friday, August 23, 2024

Receiving RSS Feeds in E-mail

Adam Engst:

However, the real win in centralizing newsreading in email has come from RSS-to-email services. I’ve tried numerous RSS readers over the years but have never settled down with one because they require me to devote specific time to reading news. That requires remembering to do so and switching context. I actively want to see what’s new in my email every morning and throughout the day, but I never even think to launch an RSS reader. I have the same issue with Apple News, which languishes on my Mac and iPhone for weeks or months between launches. By employing an RSS-to-email service, new posts from blogs and other sites that provide RSS feeds can appear in my email automatically.

Which one to use? I’ve been testing three: Blogtrottr, Feedrabbit, and Follow.it. Although the interfaces vary a bit, the basics are similar—enter a feed URL, configure a few options, and then sit back and receive an email for each new post. Each of these services offers a free account with paid upgrades that remove limits and provide additional features. Here’s how they compare.

I prefer an actual RSS reader, since I find it more efficient for following large numbers of feeds. However, I can see the appeal of having both RSS and e-mail news in the same app, and e-mail is nice in that it naturally creates an offline archive that can be searched later.

Alas, it does not look like any of these services supports non-RSS sites like Facebook and Twitter.

Previously:

Takeaways From the Vision Pro After 6 Months

Matthew Ball (Hacker News):

The Vision Pro is arguably the highest-profile and most important device debuted by Apple since the iPhone in January 2007. The company spent more time (eight years versus the iPhone’s three) and money (see point #2) developing the device than any other in its history. The Vision Pro is clearly the most ambitious of their product launches since the iPhone, the first to be wholly developed under the purview of CEO Tim Cook (though various head-mounted display prototypes were underway as early as 2006), and reporting suggests that its viability was controversial internally (with some employees arguing that Head-Mounted Displays (“HMDs”) impart harm by isolating its wearers from other people and, ultimately, the world around them).

[…]

The very sentence before Apple announced the price of the Vision Pro at WWDC23, Rockwell explained—rationalized—that “If you purchased a new state-of-the-art TV, surround sound system, powerful computer with multiple high-definition displays, high-end camera, and more, you still would not have come close to what Vision Pro delivers.” Given this, we have to evaluate the Vision Pro with the fullest of expectations. And to that end…

[…]

A few months later, there is a wider understanding that while Apple has built some brilliant technology (inclusive of software and hardware), much of its relative spectacle stemmed from the high-end components Apple chose to use and which Meta has thus far opted against.

[…]

EyeSight was not a wholly unique—Meta had even publicly demonstrated a similarly minded prototype in 2021—but culturally, it seemed uniquely Apple. When marketing the Apple Watch, for example, Cook had emphasized the way it reduced digital isolation by keeping users from pulling out their phones and tilting their heads down to it. In time, we may come to consider EyeSight (or similar technologies) essential to the mainstream adoption (and, further, use of) HMDs. Thus far, however, the feature seems like a costly mistake.

[…]

The Vision Pro is best-in-class when it comes to “spatial mapping” of real-world environments. It’s passthrough functionality is also best-in-class in latency, precision, and image quality. It was also important to Apple that the device be seen as a “mixed-reality” or “spatial computing” device, not a virtual reality one. At the same time, the device is, functionally speaking, a virtual reality device.

Sylvia Varnham O’Regan and Wayne Ma (via Slashdot, MacRumors, Hacker News):

Meta Platforms has canceled plans for a premium mixed-reality headset intended to compete with Apple’s Vision Pro, according to two Meta employees.

Meta told employees at the company’s Reality Labs division to stop work on the device this week after a product review meeting attended by Meta CEO Mark Zuckerberg, Chief Technology Officer Andrew Bosworth and other Meta executives, the employees said.

Ryan Christoffel:

Apple’s Vision Pro seems to have scared Meta off from entering the premium headset market. But in this case, that’s not exactly a win.

Previously:

Update (2024-09-13): Adam Engst:

Nothing I’ve read about the Vision Pro, nor my in-person demo at an Apple Store several months ago, has made me wish I had bought one. The hardware is impressive, and it works largely as advertised, though I was highly perturbed by several of the spatial photos and videos that put me too close to their subjects, making me feel like I was invading their personal space. I’m sure others have different opinions and experiences, but I still can’t see where a Vision Pro would fit into my current world of computing and media consumption.

Ryan Christoffel:

It’s too early to call the Vision Pro a success or flop, but to mark six months, I’d like to explore what the device’s success ultimately hinges on. And I think it all comes down to Apple’s own words: ‘spatial computer.’

[…]

Apple needs to prove that the Vision Pro is actually a computer. And one that does computer-y things better than traditional alternatives.

Update (2024-09-23): Michael Love:

I’ve become convinced that the original sin of Vision Pro was not allowing developers access to the camera, not even with, say, a permission dialog every time the app starts using it.

I’m skeptical that the Vision Pro would have become a rousing success even if that wasn’t the case, but to the extent that the project was relying on developers giving it a reason to exist, a whole lot of potential reasons were closed off by that decision.

Previously:

Apple Podcasts on the Web

Juli Clover:

Apple today announced the launch of a Podcasts on the web feature, which works in Safari, Chrome, Edge, and Firefox on Macs, PCs, and other devices. Podcasts on the web allows users to search for, browse through, and listen to podcasts with access to the Up Next queue and library when signed in to an Apple Account.

John Voorhees:

The UI is essentially the same as Apple’s native app but with the added flexibility of working on non-Apple devices.

[…]

Links opened on Apple devices will open in the native Podcasts app and in the browser on other devices, although on the Mac, it is possible to play episodes in a browser if you prefer.

John Gruber:

The only use case for something like this is for users who spend a lot of time on Windows — presumably at work — and wish they could listen to their own podcast queue. That’s a big use case though!

I continue to use Overcast, but I’m considering adding Apple Podcasts as a second app to manage podcasts that we listen to in the car as a family. That would let me keep the subscription lists separate, and perhaps the Web version would make it possible to make additions from other devices (alas, not from iOS devices) that aren’t logged into my account. Of course, it would be better to have actual family sharing support within the Podcasts app. And it’s still clunky and doesn’t support OPML.

Adam Engst:

Those who don’t wish to sign in can listen to millions of free podcasts, browse Top Charts, and take advantage of Apple’s editorial collections. Signing in with your Apple ID gives you access to your Library, Up Next Queue, and subscriptions. Signed-in users can also follow shows and save play progress.

I must admit some curiosity as to why Apple has suddenly started producing Web versions of some of its apps and services. Nothing prevented Apple from doing this years ago—Google and Spotify have produced capable Web apps for ages.

Tim Hardwick:

Apple Podcasts, once the dominant platform for podcast listening, is experiencing a significant decline in popularity as competitors like YouTube and Spotify gain ground, according to a recent study by Cumulus Media and Signal Hill Insights.

[…]

YouTube is now the most popular platform for podcast consumption in the United States, with 31% of respondents reporting it as their primary choice. Spotify follows at 21%, while Apple Podcasts has dropped to third place with only 12% of the market share.

This is in stark contrast to Apple's position just a few years ago. In July 2019, 29% of weekly podcast listeners primarily used Apple Podcasts.

Previously:

Update (2024-09-12): M.G. Siegler:

Well beyond the obvious element – video, more on this in a moment – a big part would seem to be discovery. That is, YouTube, as you might expect given the parent company, is a great search engine for content. Apple is... well, Apple.

Update (2024-09-13): My initial experience using Apple Podcasts, the iOS app, was a mixed bag. It was nice to have a separate app with separate podcasts for family consumption. But the interface for browsing and downloading individual episodes is clunky, and CarPlay integration was unreliable, with the display of the playback position frequently getting out of sync with the audio and it sometimes restarting at the beginning of the episode. That has never happened to me with Overcast.

Previously:

Apple’s Hidden AI Prompts

Hartley Charlton:

A Reddit user discovered the pre-prompt instructions embedded in Apple’s developer beta for macOS 15.1, offering a rare glimpse into the backend of Apple’s AI features. They provide specific guidelines for various Apple Intelligence functionalities, such as the Smart Reply feature in Apple Mail and the Memories feature in Apple Photos. The prompts are intended to prevent the AI from generating false information, a phenomenon known as hallucination, and ensure the content produced is appropriate and user-friendly.

Andrew Cunningham:

The files in question are stored in the /System/Library/AssetsV2/com_apple_MobileAsset_UAF_FM_GenerativeModels/purpose_auto folder on Macs running the macOS Sequoia 15.1 beta that have also opted into the Apple Intelligence beta. That folder contains 29 metadata.json files, several of which include a few sentences of what appear to be plain-English system prompts to set behavior for an AI chatbot powered by a large-language model (LLM).

Wes Davis (Mastodon):

They show up as prompts that precede anything you say to a chatbot by default, and we’ve seen them uncovered for AI tools like Microsoft Bing and DALL-E before. Now a member of the macOS 15.1 beta subreddit posted that they’d discovered the files containing those backend prompts. You can’t alter any of the files, but they do give an early hint at how the sausage is made.

Nick Heer:

But, assuming — quite fairly, I might add — that these instructions are what underpins features like message summaries and custom Memories in Photos, it is kind of interesting to see them written in plain English. They advise the model to “only output valid [JSON] and nothing else”, and warn it “do not hallucinate” and “do not make up factual information”.

Dare Obasanjo:

I find it fascinating that what were science fiction tropes from Asimov’s “I, Robot” series of books are now real.

Telling AI to perform tasks and not make stuff up is the new programming.

Steve Troughton-Smith:

Apple’s system prompts for Apple-Intelligence-backed features show that the company’s ‘special sauce’ is just a carefully-crafted paragraph of text, hacked together just like everybody else is doing. Can’t wait to see the ‘you are Siri’ system prompt.

Tony West:

You are Siri. On HomePod devices, you pop up with “uhuh?” randomly. You start playing music without warning because you thought you heard someone ask for it. If someone asks you about a sports event on today, give them a detailed answer about the event from (perform random number calculation) years ago, but tell them you can’t display information on the current event.

Steve Troughton-Smith:

I guess this isn’t common knowledge, based on the reaction to the Apple Intelligence system prompts, but I read months ago that it was benchmarked that using ‘please’ and ‘thank you’ and telling an LLM not to hallucinate ‘improves results’. If that kind of language has made it into Apple’s own prompts, it’s likely not for no reason.

And no, telling it not to hallucinate isn’t going to stop it hallucinating. But if it on average improves a meaningful % of results, it’s worth including. This is how prompt engineering works.

Previously:

Thursday, August 22, 2024

iOS 18: Browser Choice and Default App Controls in EU

Apple:

Developers of browsers offered in the browser choice screen in the EU will have additional information about their browser shown to users who view the choice screen, and will get access to more data about the performance of the choice screen. The updated choice screen will be shown to all EU users who have Safari set as their default browser. For details about the changes coming to the browser choice screen, view About the browser choice screen in the EU.

For users in the EU, iOS 18 and iPadOS 18 will also include a new Default Apps section in Settings that lists defaults available to each user. In future software updates, users will get new default settings for dialing phone numbers, sending messages, translating text, navigation, managing passwords, keyboards, and call spam filters. To learn more, view Update on apps distributed in the European Union.

Juli Clover:

Along with setting new apps as defaults, Apple will let users delete core apps. The App Store, Messages, Camera, Photos, and Safari apps will be able to be deleted, so it’s essentially just the Settings and Phone apps that will not be able to be removed in the EU. If a user deletes the App Store app, it will be able to be reinstalled from the Settings app if desired, while the other apps can be reinstalled from the App Store.

[…]

With iOS 17.4, EU users were able to select a default browser from a randomized list of the top 12 browsers in their country. In a future update to iOS 18, the browser choice window will pop up again if a user has Safari set as their default. The new browser selection experience will include a descriptive line about the browser, as well as the option to set a default browser right from the choice window. If a user selects a browser that is already installed on their device, it will open automatically, otherwise there will be a downloading icon and the browser will open after it’s downloaded.

coffeemilktea:

Born too late to explore the seas, born too early to explore the stars, born just in time to… change the default messaging app on my phone thanks to government intervention?

What a time to be alive.

Federico Viticci:

My realization in 2024 has been that the DMA fork of iOS is the best iPhone experience. We can finally use our phones like actual computers with more default apps and apps from external sources.

Nico Reese:

They did not give a damn when creating these screenshots. Wrong device for the screenshot, even the Dynamic Island is stretched.

Damien Petrilli:

The Apple ecosystem benefit:

  • Let’s switch Safari to Kagi by default.
  • Wait I need a safari extension.
  • Wait it’s App Store only “to keep you safe”
  • Wait it’s not my computer and I need to put my personal id on a work computer to get it.

[…]

And you can’t do anything on iOS. You are stuck with the “official” list.

See also: MacStories.

Previously:

Update (2024-08-23): Nick Heer:

The way this works currently is the user taps on any app capable of being set as a default for a particular category, then taps the submenu for setting the default app, then picks whichever. If you want to set DuckDuckGo as your default browser, for example, you can do so from the Default Browser App submenu in DuckDuckGo, Safari, or any other web browser app you have installed.

I do not think this is particularly confusing, but I do think the version Apple is creating specifically for the E.U. is a far clearer piece of design. Not only is it what I would be looking for if I were trying to change a default app, it also tacitly advertises the ability to customize an iPhone or iPad. It is a solution designed to appease regulators and, in doing so, makes things better for users.

[…]

If someone were designing visual interfaces for clarity, they would end up with the European version of these screens. Which makes me half-wonder — and half-assume — the motives for designing them the other way.

Open Web Advocacy (via Hacker News):

Today, in a step forward for user choice and browser competition, Apple has adopted 6 out of 11 of our recommendations to comply with the EU’s Digital Markets Act in relation to browser defaults and choice screens. In addition Apple has fixed two severe and deliberate deceptive patterns that we campaigned to fix including at the DMA’s workshop.

difosfor:

I wish they’d focus on getting rid of whatever is still blocking Chrome, Firefox etc from actually porting their web engines to full browser alternatives. Installing WebKit with a different coat on is not what I want.

Update (2024-09-10): John Gruber (Mastodon):

Thus, Safari gets treated differently. It’s not just another browser in a list of 11. It’s the only browser whose users will be forced to choose again even if they’ve already chosen it in iOS 17.4 or later. It’s the only browser whose users will be forced to choose again whenever they migrate to a new iPhone or iPad. What exactly is the point of forcing this screen per-device rather than per-user, other than to repeatedly irritate Safari users who own multiple iOS devices?

At what point do these restrictions punish Safari users who want to use Safari? I’d say the EC has crossed that point by forcing these rules on Apple.

[…]

For 17 years, the iOS Home Screen has been consistently spatial. Wherever an app is placed on your Home Screen, it stays there. Now, obviously, the EC’s objection is that Apple has unfairly privileged Safari with default placement in the user’s Dock, and they are seeking to remove this privilege for any user who chooses a browser other than Safari on the choice screen. But surely some number of users will regret their choice. Or simply seek to open Safari while trying some other browser as their new default. But now, unlike the way iOS has worked for 17 years, the Safari icon won’t be where they left it. It’s also worth noting that apps in the iOS Dock don’t show their names, only their icons. There surely exist many satisfied Safari users who don’t even know what “Safari” is — they only know the blue-compass icon.

[…]

So who benefits from being able to outright “delete” the Photos and Camera apps? As far as I can tell, only people suffering from OCD who are bothered that after removing them from their Home Screen, that they’re still listed in the App Library. It’s unclear to me whether users in the EU will be able to delete apps like Photos and Camera even if they don’t have any third-party photography apps installed, which would leave their iPhone in a state where there is no way to take new photos or view existing ones. This is performative regulation. None of this deletable apps nonsense increases competition; it merely increases the chances of profound user confusion.

The browser choice stuff seems like a legitimately tricky problem to solve well. It’s no surprise that after so many years of Apple being anti-competitive there’s no clean regulatory fix. The stuff about deleting apps just seems dumb.

Steve Troughton-Smith:

The only people I’ve ever seen or heard complaining about iOS’ EU browser ballot are Americans who will never encounter it.

Apple implements vastly-more-intrusive/disruptive things in every single iOS update[…]

Previously:

App Store Business Reorg

Juli Clover (Hacker News, ArsTechnica, 9to5Mac):

App Store vice president Matt Fischer is set to leave the company as Apple prepares for an App Store reorganization to deal with regulatory changes, reports Bloomberg.

Apple plans to split its App Store group into two teams, one that handles the App Store and a second team that oversees alternative app distribution.

[…]

With Fischer leaving, App Store senior director Carson Oliver will oversee the App Store, and Ann Thai, a director who oversees App Store features, will head up the team that handles alternative app distribution.

Amy Worrall:

The former team should of course be subservient to the latter.

Andrew Grant:

It’s debatable who looked most looked like a cartoon villain after Apple’s recent public hearings, but Oliver was certainly in the running.

Colin Cornaby:

This feels like a precursor to third party iOS stores shipping in more regions, maybe worldwide.

Mark Gurman:

Phil Schiller, the Apple executive ultimately responsible for the App Store, is spearheading these changes.

Jeff Johnson:

That the marketing department is still in charge of everything tells you everything you need to know about the App Store.

Previously:

iOS 17 Search String Crash

Juli Clover (Slashdot):

There is a new character bug that can result in a respring on the iPhone or iPad, reports TechCrunch. Typing "":: in the search field after swiping over to the App Library will cause the Springboard to reset, dropping you back at the iPhone’s Lock Screen.

[…]

Typing the same characters into the Settings app search interface will cause the Settings app to crash, but putting it in a Spotlight search doesn't seem to impact anything.

This one doesn’t even require Unicode.

Buttered Jorts:

“”:X where X is any additional character will trigger it.

Previously:

Pair Networks Sold to Your.Online

ACCESSWIRE (via Hammer):

Liberated Syndication Inc. (“Libsyn”), the leading podcasting platform for creators and advertisers, announced it has signed an agreement to sell Pair Networks, its website hosting platform, to Your.Online, the online services platform of Strikwerda Investments, a family office based in The Netherlands.

[…]

As part of the greater Your.World group of online solution providers, Your.Online is the leading serial acquirer in online services, providing high quality managed online services to businesses of all sizes.

Customers have not been notified yet.

Previously:

Wednesday, August 21, 2024

Monument Valley 3 in Netflix Games

John Voorhees (Mastodon):

Yesterday, during Gamescom’s opening night ceremonies, Netflix Games released a trailer for Monument Valley 3. The franchise’s sequel from Ustwo Games, which has been in development for five years, will be published exclusively on Apple’s App Store and Android by Netflix Games on December 10th. Monument Valley 1 and 2 are also moving to Netflix Games on September 19th and October 29th, respectively. Both games previously launched on the App Store as paid titles and were later added to Apple Arcade.

Jason Snell:

Netflix has been slowly rolling out a big catalog of games, tied to a Netflix login. There are loads out now, including the excellent Lucky Luna and Laya’s Horizon (both from Snowman, developer of the excellent Alto’s series of iOS games).

Matt Birchler:

Out of curiosity, I checked out the full list of game they currently have available to subscribers, and it’s pretty good! It’s similar to Apple Arcade, but what stands out to me is that it has more of the sorts of games that appeal to me. Below are some standouts, some of which are on Apple Arcade as well, and some that were game-of-the-year contenders in the larger gaming space outside of iOS.

Joe Rosensteel:

Wow. I wonder what the story is behind the scenes that would lead to this (the story is “a truck full of money”). If there was a pantheon of iOS games, the previous Monument Valley games were surely in it.

See also: Filipe Espósito.

Previously:

Update (2024-08-22): John Gruber (Mastodon):

I think Netflix is doing what Apple claimed they were doing with Apple Arcade — except Netflix didn’t lose focus five minutes into the initiative.

[…]

Apple has botched this. It’s hard to believe, but they have. The general gist among game developers is that Apple is a hard-driving partner with whom, mostly likely, you’ll break even at best.

Sumocat:

The major flaw in Apple Arcade is revenue sharing. It’s complicated, pays out over time, and there’s no way of knowing how it will pay out. Netflix pays for content upfront. Easiest way to get paid for anything.

Moom 4

Many Tricks (release notes, tweet):

Moom 4 has a completely revamped user interface designed to help you get the most out of Moom. Gone is the multi-tabbed non-resizable window, replaced with this new resizable window.

[…]

The pop-up palette is both customizable and expandable, supporting up to 61 of your own custom actions.

You can use folders (and folders within folders) to organize your actions.

[…]

Every custom action can be renamed, not just saved layouts.

[…]

Any saved layout can be added to a screen edge in Moom’s snap feature. Once you’ve done that, drag a window onto that region, and the associated saved layout’s window locations become drop zone targets[…]

[…]

That Hover entry in the sidebar? It’s an entirely new way of working with windows. By defining some modifier key combos, you can move and/or resize any window—even one in the background—by simply holding down the defined modifier key combos and moving your mouse.

[…]

Chains—combinations of multiple actions—now have two operating modes. As before, they can run as one command (e.g., resize this window and move it to the other display), or they can run sequentially, executing each action in the chain each time the keyboard shortcut is used (e.g., move from one-third left to center third to right third).

This looks really great. With the launch sale, new licenses are $10 (vs. $15) and upgrades are $6. Apple never did add an entitlement for accessibility access, so with the major version upgrade Moom is no longer grandfathered and has to leave the Mac App Store.

Previously:

Update (2024-08-22): Rui Carmo:

The key highlight for me is the new “drop zones” functionality, which looks a lot like the Windows PowerToys’ FancyZones feature I have come to rely on.

Update (2024-09-10): See also: Mac Power Users Talk and Hacker News.

timenova:

The thing with most of these macOS window managers is they lack support for workspaces, an essential feature in WMs like i3.

An API for Spaces is long overdue.

Many Tricks:

But the big news in Moom 4.1 is the expanded access to drop zones: You can now activate drop zones in three different ways, including by holding a modifier key (Shift, Fn, Command, Option, and Control) down while dragging a window. This means you can quickly access any of five different layouts’ saved window locations simply by holding a key while dragging a window.

Update (2024-10-09): John Gruber (Mastodon):

What a perfect example of the shortcomings of the Mac App Store.

Stefan Arentz:

Everyone clicks Allow. Nobody can asses this properly. This is why the bar is so high.

dmitriid:

Indeed, and that is also on Apple: they made sure that no one cares about security popups and made sure that actual useful and pro apps cannot be distributed through the App Store.

The bar isn’t high. It’s crooked and twisted.

Swift Imposter Syndrome Meme

Jacob Bartlett:

While I recognise many of these words, I frankly didn’t know what most of these actually do. I don’t even know what these things are called.

It turns out the term is type attributes.

[…]

Today, we’re going to work together to understand type attributes in detail by recreating the meme step-by-step — you’re welcome to open a Swift playground and code along.

Previously:

Self-Hosted VPN App Rejected Due to IAP

Anders Borum (via Miguel Arroz):

Patreon being forced to pay creators through in-app purchase reminded me of a cool app I made two summers ago.

VPN clients on iOS lie on a spectrum between selling you out to data brokers or being expensive subscriptions.

Having prior experience with Digital Ocean my app made it easy to spin up droplets configured as VPNs ready to use from your iPhone.

It was so fast that droplets could be launched on-demand and shut down fast keeping costs extremely low.

The app used OAuth to act on behalf of users on their personal Digital Ocean accounts making the cumbersome task of setting up a truly personal VPN available to the less technical or less patient user.

App Review rejected the app because I didn’t collect payment to Digital Ocean through in-app purchase.

Tried to appeal and spoke to Apple on the phone arguing that the payment was outside my control and that my app was a privacy boon but they did not care.

Patreon was already collecting payments from supporters on behalf of creators, and Apple wanted a cut. You can think the cut is too high or disagree on principle, but it at least makes sense. In this case, Borum didn’t even want to be in the business of selling Digital Ocean hosting services. He just wanted to make a utility to help people use their existing accounts. At least Apple is not requiring him to become an AWS reseller

Previously:

Tuesday, August 20, 2024

EagleFiler 1.9.15

EagleFiler 1.9.15 is a maintenance release for my Mac information organizer app. This version greatly improves the quality of imports from X/Twitter and expands the import-tweet-via-hotkey support to more browsers. Preserving the selected text when capturing whole Web pages also works in non-Safari browsers now.

Some interesting bugs were:

Previously:

tvOS 17.6.1

Juli Clover (no release notes, no security, no developer):

We do not yet know what’s included in the update.

Previously:

watchOS 10.6.1

Juli Clover (no release notes, no security, no developer):

According to Apple’s release notes, the watchOS 10.6.1 update fixes an issue that could prevent access to the Apple Fitness+ service.

Previously:

Apple Maps on the Web

Apple (Hacker News):

Today, Apple Maps on the web is available in public beta, allowing users around the world to access Maps directly from their browser.

[…]

All developers, including those using MapKit JS, can also link out to Maps on the web, so their users can get driving directions, see detailed place information, and more.

Juli Clover:

Maps on the web is available in English at the current time, and it works with Safari and Chrome on Mac and iPad, and Chrome and Edge on Windows PCs. Apple plans to add support for additional languages, browsers, and platforms over time.

Niléane Dorffer:

Apple Maps on the web seems to be rather limited so far. The web app supports panning and zooming on the map, searching and tapping on locations, looking up directions, and browsing curated guides. However, it isn’t currently possible to tilt the map to view 3D building models or terrain elevation, and directions are limited to Driving and Walking. Look Around (Apple’s equivalent to Google Street View) is not available on the web either, but Apple says the feature will arrive in the coming months.

[…]

In my testing, performance across Apple Maps on the web isn’t stellar in Safari. I’m observing stutters in transition animations, as well as when panning the map. In Google Chrome, however, the web app feels significantly smoother.

Adam Engst:

However, it worked poorly in my testing in Microsoft Edge running in Windows 11 on my M1 MacBook Air via VMware Fusion.

[…]

With the beta of Maps on the Web, when you share the URL to a location from the browser’s address bar, the recipient gets a more full-featured mapping experience regardless of platform.

Daniel Andrews:

While I don’t anticipate this is going to put Google out of business any time soon, I’m hopeful that this does a few things. First, having this available on the web will hopefully drive more visibility into the hit-or-miss nature of some of the POI data on Apple Maps. I’m crossing my fingers that we see an improvement in the quality of data on the platform.

Joe Rosensteel:

There’s something funny about reading these stories on your iPhone and tapping the link to get an error that Safari for iOS is an unsupported browser. I know the app is a better experience, but this should be a little more graceful if you want to get the word out about Apple Maps on the web …

Juli Clover:

Apple updated its Apple Maps on the web feature to add support for the Firefox browser this week.

Previously:

Apple Maps in Sequoia and iOS 18

Ryan Christoffel:

Building on the existing Guides feature, Maps in iOS 18 lets you save places with a quick tap of the + button on their Maps listing.

Saved places are accessible from the new Library menu, where you’ll also find your Guides, Pinned locations, and more.

[…]

A great component of saving a place is that you can then add a personal notes to it.

[…]

A big focus of iOS 18’s Maps update is better serving hikers.

It will be interesting to compare this with the more specialized hiking apps, but I can’t see why I would prefer Maps. It’s not going to have the navigation features or the community.

Juli Clover:

Apple Maps supports custom routes in iOS 18, so you can plan out a specific hiking route that you want to take. At a trailhead, you can tap on the “Create a Custom Route” option to initiate the custom routing experience.

From there, you tap on the map to begin setting points for your route, and the Maps app will provide length and elevation details. You can also have the Maps app finish a route automatically by tapping on the Reverse, Out and Back, or Close Loop options.

Joe Rossignol:

These features are mostly limited to the U.S., but topographic maps are also available in Japan, according to fine print on Apple’s website.

John Gordon:

Apple blew away the saved places I set when Maps was young. They have a long record of destroying user data. Why would I trust their new “saved places”?

Chance Miller:

Hidden in iOS 18 is much-needed, long-requested update to Apple Maps. There’s finally a “Search here” button that makes it far easier to find what you’re looking for in places that aren’t your current location.

Tim Hardwick:

In earlier versions of iOS, if you search nearby for, say, gas stations or restaurants in Apple Maps, and then drag the map to another location with your finger, it will usually (but not always) auto-populate the new area with search results for the same request.

Norbert Doerner:

Did anyone watch WWDC 2024 session 10097 “Unlock the power of places with MapKit”?

Am I the only one who thinks that this was more of a really weird sales pitch, with very little actual developer value, and much less usable technical details?

Saagar Jha:

I think this is an iOS 18 thing but Maps actually has a very low-resolution offline map of the entire world stored on your phone. You might ask what a map that doesn’t work on viewports smaller than 100km would be useful for. Well, it gives you your own little flight tracker[…]

Previously:

Monday, August 19, 2024

Roblox: the Biggest Game in the World

Matthew Ball (via Hacker News):

During the average day, more than 80MM people log onto Roblox. As a historical point of contrast, this means that more people log onto Roblox every 10 or so minutes than used Second Life in a month at its peak. On a monthly basis, Roblox now counts more than 380MM users according to RTrack – 2x as many as PC gaming leader Steam, 3x that of Sony’s PlayStation, 3x the number of unique annual users of the Nintendo Switch in a year, and 5x as many as have bought an Xbox console in the last decade. After accounting for duplication across these platforms, as well as the gap between monthly and annual Switch users, it’s likely Roblox has more monthly users than the entire AAA gaming ecosystem combined. What’s more, NPD/Circana reports that Roblox is typically one of the 3–7 most played games on PlayStation and Xbox (Roblox is not available on Switch or Steam), and SensorTower says that in 2023, Roblox averaged more iOS/Android monthly active users than any other game (including Candy Crush!).

Compared to its most similar competitors—the social virtual world platforms, Minecraft and Fortnite — Roblox has about 5x and 2.25x as many monthly players. For non-gamers, Roblox has about two thirds as many monthly users as Spotify and half as many as Snap (though it probably has a lower share of daily-to-monthly active users) and is roughly as popular as Instagram circa Q4 2015, and Facebook in Q3 2009.

When you’re that popular, you don’t have to follow Apple’s rules about not having App Store–like interfaces, apps within apps, or downloading code.

So yes, Roblox is unquestionably “working.” Yet Roblox is also unprofitable. Very unprofitable. What’s more, Roblox’s losses continue to swell because its impressive rate of revenue growth has been outpaced by that of its costs. Over the last four quarters, Roblox’s income from operations was ($1.2B) on revenues of $3.2B, representing a -38% profit margin.

[…]

Unfortunately, many of these costs are outside of Roblox’s control. To start, an average of 23% of revenues are consumed by various App Store/platform fees (this sum is less than 30% because roughly 20% of sales are direct via browser or PC, where Roblox pays credit card processing fees but not 30% store commissions). Another 26% of revenues are paid out to Roblox’s UGC developers.

Previously:

Update (2024-09-09): Alex Heath:

CEO David Baszucki announced that creators of these games, which Roblox calls experiences, will be able to keep between 50 and 70 percent of revenue from their paid titles when they’re purchased in real currency on desktop computers. That’s significantly more than the roughly 30 percent revenue split Roblox gives developers for purchases made with its native Robux currency inside freemium experiences.

The move could help incentivize the creation of more premium games as Roblox looks to attract older users. Baszucki says the intention is to also bring these new economics to paid experiences bought on other devices, including mobile phones and consoles, though app store fees will likely get in the way on iOS and Android.

VPN Apps in Brazilian App Store

Proton (via Hacker News):

We have received multiple reports today from users in Brazil having difficulties installing the Proton VPN app on iOS devices via the Apple App Store. We can confirm that the issue is not on our side, but likely with the App Store itself, which is controlled by Apple. What makes this an extremely strange coincidence is that it is also impacting multiple other VPNs in the Brazilian app store.

Most likely, something has happened on the Apple side, and we do not know if it is accidental, or if Apple is secretly implementing a censorship order.

Previously:

Update (2024-09-06): Jack Nicas and Kate Conger (9to5Mac):

Justice Moraes issued multiple orders on Friday. In the first, he also ordered Apple and Google to prevent downloads of X as well as popular VPN apps.

People across Brazil quickly criticized the move against VPN apps, and about three hours later, Justice Moraes issued an amendment to the order, this time leaving out the directives to Apple and Google.

Even with that amendment, Carlos Affonso Souza, a Brazilian internet-law professor, called the order “the most extreme judicial decision out of a Brazilian court in 30 years of internet law in Brazil.”

Gui Rambo:

The original decision also banned all VPN apps and asked Google and Apple to remove all VPN apps from the stores, but he backtracked on that “for now”. Crazy stuff.

Mike Masnick:

I initially thought that first section couldn’t possibly mean that app stores also had to ban VPNs. But that’s what it pretty clearly says and what multiple Brazilian reports claim.

The end result is taking away VPNs from millions of Brazilians, which is an awful lot of collateral damage just because Elon Musk is a jackass. VPNs have many legitimate uses other than accessing ExTwitter after a ban in Brazil.

A few hours after the decision, Moraes seemed to walk back that section of the ruling, though perhaps only temporarily. In a second short ruling, he “suspended the execution” of that item “until there is a statement from the parties in the proceedings” in order to “avoid any unnecessary and reversible inconvenience to third-party companies.”

In other words, after Moraes hears from “the parties in the proceedings,” the VPN ban could come back.

Mike Masnick:

On Monday, the Supreme Court upheld the overall ban. Moraes said that the ban on personal use for VPNs would only be enforced for users who sought to “engage in conduct that defrauds the court decision,” which seems somewhat broad and open to interpretation. One other judge wanted to limit the individual fines only to users who got around the ban and used it to post racist or fascist supporting content, but that request did not receive the necessary support from the other judges.

Brazil vs. Twitter

Luana Maria Benedito (via Hacker News):

Media platform X said on Saturday it would close its operations in Brazil “effective immediately” due to what it called “censorship orders” by Brazilian judge Alexandre de Moraes.

X Global Government Affairs:

Last night, Alexandre de Moraes threatened our legal representative in Brazil with arrest if we do not comply with his censorship orders. He did so in a secret order, which we share here to expose his actions.

Despite our numerous appeals to the Supreme Court not being heard, the Brazilian public not being informed about these orders and our Brazilian staff having no responsibility or control over whether content is blocked on our platform, Moraes has chosen to threaten our staff in Brazil rather than respect the law or due process.

As a result, to protect the safety of our staff, we have made the decision to close our operation in Brazil, effective immediately.

The X service remains available to the people of Brazil.

Michael Shellenberger (in April):

They:

  • illegally demanded that Twitter reveal personal details about Twitter users who used hashtags he did not like;
  • demanded access to Twitter’s internal data, in violation of Twitter policy;
  • sought to censor, unilaterally, Twitter posts by sitting members of Brazil’s Congress;
  • sought to weaponize Twitter’s content moderation policies against supporters of then-president @jairbolsonaro

Previously:

Update (2024-08-21): Brian Mier (via Simone Manganelli):

Days later, Brazil’s former secretary of digital rights, Estela Aranha, unmasked the fraud. Confronting Shellenberger publicly on Twitter, she demonstrated that he had cut and pasted together paragraphs selected from the company’s internal communications on a variety of different issues to create a false narrative (FAIR.org, 4/18/24). The paragraph about criminal charges referred not to de Moraes, but to GAECO, the Sao Paulo district attorney’s office’s organized crime unit, which pressed charges after Twitter refused to turn over user data on a leader of Brazil’s largest cocaine-trafficking organization. Shellenberger apologized in Portuguese, admitting he had no proof that de Moraes had pressed charges against Twitter, then left Brazil.

The eight-page congressional report parroted Musk and Shellenberger’s criticism of the deplatforming of Twitter users, and claimed that ordering the removal of specific posts constitutes “censorship.” Surprisingly, for a report authored by a committee chaired by inner-circle Trump ally Jim Jordan, the most cited journalistic source for the document is the New York Times.

The Times is generally not sympathetic to Musk or Jordan, so this could be interpreted as if even the Times agrees with them, there must be something to this. However, Mier casts doubt on the Times’s reporting.

It is disputed precisely what Twitter was being asked to do, and I don’t have the time or expertise to dig into the claims and counterclaims. However, it does seem to be the case that Twitter received a secret order, that its local staff was threatened, and that it’s leaving Brazil.

Update (2024-09-06): Sophia com PH:

[Moraes] was the one who ordered the arrest for all of the insurgents and the one that, and this is important, ordered Elon to surrender the names and IP addresses of every Brazilian X account who used X to organize this coup attempt.

[…]

As such The Brazilian Constitution written after the end of the dictatorship in 1988 is very strict in regard to treason and coup attempts and such. So yes! By Brazilian laws Elon would have to comply and give this information to Xandão or else he would be obstructing justice.

X Global Government Affairs:

Soon, we expect Judge Alexandre de Moraes will order X to be shut down in Brazil – simply because we would not comply with his illegal orders to censor his political opponents. These enemies include a duly elected Senator and a 16-year-old girl, among others.

When we attempted to defend ourselves in court, Judge de Moraes threatened our Brazilian legal representative with imprisonment. Even after she resigned, he froze all of her bank accounts. Our challenges against his manifestly illegal actions were either dismissed or ignored.

[…]

We are absolutely not insisting that other countries have the same free speech laws as the United States. The fundamental issue at stake here is that Judge de Moraes demands we break Brazil’s own laws. We simply won’t do that.

In the days to come, we will publish all of Judge de Moraes’ illegal demands and all related court filings in the interest of transparency.

Tiago Rogero (Hacker News, Slashdot, Nick Heer):

He gave Brazil’s National Telecommunications Agency 24 hours to enforce the decision. Once notified, the agency must pass the order on to the more than 20,000 broadband internet providers in the country, each of which must block X.

Trey Alston (Hacker News):

“It is urgent to regulate social networks,” [attorney general Jorge Messias] wrote. “We cannot live in a society in which billionaires domiciled abroad have control of social networks and put themselves in a position to violate the rule of law, failing to comply with court orders and threatening our authorities.”

Mike Masonic:

The main argument is that it’s pretty clear that he is violating Brazilian law. First off, it involves disobeying orders coming from the Brazilian Supreme Court, which people insist must be obeyed. Also, the law in Brazil requires that to operate an internet service, you have to have an employee in the country.

But, here’s the thing: as we’ve argued for years, standing up and fighting back against unjust laws is what standing up for free speech and civil liberties is all about.

For example, lots of countries are now pushing for these laws that require internet companies to have local employees in order to arrest them if the company doesn’t do the government’s bidding. We have long pointed out how dangerous this is, as they are effectively “hostage laws” that enable authoritarian countries to put undue pressure on private companies.

[…]

When Twitter refused to pull down those tweets, the Modi government first threatened to jail Indian Twitter employees. Later, it raided Twitter’s offices in India. India threatened to ban Twitter in the country, and some politicians pushed Indians to move to a local competitor, Koo. Twitter fought back against those demands, and many people cheered them on for standing up for free speech and against undue pressure.

Mike Masnick:

In the battle between Elon Musk and Brazilian Supreme Court Justice Alexandre de Moraes, the biggest losers are Brazilians. They are now at risk of being stripped of VPNs while facing massive fines if they somehow get around a countrywide ban on ExTwitter.

[…]

As we noted, there was nothing particularly new about the second point. Brazil has done this in the past with WhatsApp and Telegram.

Jack Nicas and Kate Conger:

X began to go dark across Brazil on Saturday after the nation’s Supreme Court blocked the social network because its owner, Elon Musk, refused to comply with court orders to suspend certain accounts.

[…]

In a highly unusual move, Justice Moraes also said that any person in Brazil who tried to still use X via common privacy software called a virtual private network, or VPN, could be fined nearly $9,000 a day.

[…]

Justice Moraes also froze the finances of a second Musk business in Brazil, SpaceX’s Starlink satellite-internet service, to try to collect $3 million in fines he has levied against X. Starlink — which has recently exploded in popularity in Brazil, with more than 250,000 customers — said that it planned to fight the order and would make its service free in Brazil if necessary.

Starlink:

Earlier this week we received an order from Brazil’s Supreme Court Justice @alexandre de Moraes that freezes Starlink’s finances and prevents Starlink from conducting financial transactions in that country.

This order is based on an unfounded determination that Starlink should be responsible for the fines levied—unconstitutionally—against X. It was issued in secret and without affording Starlink any of the due process of law guaranteed by the Constitution of Brazil.

Jack Nicas (Hacker News):

On Sunday, Starlink informed Brazil’s telecom agency, Anatel, that it would not block X until Brazilian officials released Starlink’s frozen assets, Anatel’s president, Carlos Baigorri, said in an interview broadcast by the Brazilian outlet Globo News.

Mr. Baigorri said he had informed Justice Moraes “so that he can take the measures he deems appropriate.” Mr. Baigorri said his agency could revoke Starlink’s license to operate in Brazil, which would “hypothetically” prevent the company from offering connections to its Brazilian customers.

Yet Starlink could try to continue to provide service in Brazil without a license, though that would violate Brazilian law.

[…]

Mr. Musk has called the financial sanctions on Starlink “absolutely illegal,” saying that Justice Moraes was punishing shareholders of SpaceX for the actions of X, a separate company. Mr. Musk said he owned 40 percent of SpaceX.

Pascale Davies with AP (Hacker News):

Brazil’s Supreme Court voted unanimously on Monday to uphold the decision by one of its justices to ban Elon Musk’s social media platform, X.

Starlink:

Regardless of the illegal treatment of Starlink in freezing of our assets, we are complying with the order to block access to X in Brazil.

Brendan Carr:

Brazil’s decisions to ban X and freeze Starlink assets are part of a growing crackdown on free speech. But they also violates Brazil’s own laws.

Today, I wrote my regulatory counterparts in Brazil to address these unlawful actions.

[…]

The serious and apparently unlawful actions against X and Starlink cannot be squared with the principles of reciprocity, rule of law, and independence that have served as the foundation of the FCC and ANATEL relationship and the basis for reciprocal foreign investment.

Update (2024-09-17): Julia Shapero (via Hacker News):

Brazil’s Supreme Federal Court unfroze the assets of Elon Musk’s satellite communications company Starlink and social platform X after 18.35 million reais, about $3.3 million, was transferred to the government’s coffers.

Supreme Court Justice Alexandre de Moraes ordered the unblocking of Starlink and X’s bank accounts and assets after the funds had been transferred, covering X’s fines for noncompliance, according to a press release Friday.

Some 7.28 million reais, about $1.3 million, was transferred from X, while 11.07 million reais, about $1.99 million, was transferred from Starlink on the judge’s orders.

Is Starlink paying part of X’s fine or was it separately fined for something else?

See also: Alexandre Files.

Update (2024-09-20): Lora Kolodny (via Hacker News):

X faces steep daily fines in Brazil for allegedly evading a ban on the service there, according to a statement from the country’s supreme court Thursday.

The fines imposed by Brazil’s supreme court amount to $5 million in Brazilian reals, about $920,000, a day. The court said it would continue to impose “joint liability” on Starlink, the satellite internet service owned and operated by SpaceX, Musk’s aerospace venture.

[…]

Musk and X may be in the process of complying with Brazil’s takedown orders as well. Correio Braziliense, a Brazilian publication, reported on Wednesday that X has started blocking accounts as per suspension orders issued by the country’s supreme court.

[…]

Brazil’s national telecommunication agency, Anatel, has been ordered by de Moraes to prevent access to the platform by blocking Cloudflare as well as Fastly and EdgeUno servers, and others that the court said had been “created to circumvent” a suspension of X in Brazil.

Update (2024-09-23): Jack Nicas and Ana Ionova:

Now, X’s lawyers said the company had done exactly what Mr. Musk vowed not to: take down accounts that a Brazilian justice ordered removed because the judge said they threatened Brazil’s democracy. X also complied with the justice’s other demands, including paying fines and naming a new formal representative in the country, the lawyers said.

Update (2024-10-09): AP (via Hacker News):

The Brazilian Supreme Court’s Justice Alexandre de Moraes on Tuesday authorized the restoration of social media platform X’s service in Brazil, over a month after its nationwide shutdown, according to a court document that was made public.

Digital Services Act and Thierry Breton vs. Twitter

European Commission:

X designs and operates its interface for the “verified accounts” with the “Blue checkmark” in a way that does not correspond to industry practice and deceives users.

[…]

Second, X does not comply with the required transparency on advertising, as it does not provide a searchable and reliable advertisement repository, but instead put in place design features and access barriers that make the repository unfit for its transparency purpose towards users.

[…]

Third, X fails to provide access to its public data to researchers in line with the conditions set out in the DSA. In particular, X prohibits eligible researchers from independently accessing its public data, such as by scraping, as stated in its terms of service.

Via John Gruber:

Blue checkmarks were indeed used, “back in the day”, to indicate “verified” accounts. But upon purchasing Twitter, Elon Musk eliminated that program. They don’t advertise it as “Verified” any more; they just call it “Twitter Premium” and make it very clear that blue checkmarks indicate premium account status. That’s illegal under the DSA?

Mike Masnick:

I know that many Elon Musk supporters assume that my mockery of the many stupid things that Elon does means that I won’t give him a fair shake. But when he does something good, I’m happy to highlight it and give him kudos.

[…]

We’ve been warning for many years that the EU’s Digital Services Act (DSA) would be abused for censorship by the government. EU officials and supporters of the DSA kept insisting that we were overreacting. But, Thierry Breton has made it clear that while the DSA is under his purview as a Commissioner, it is his own personal censorship tool for anything he dislikes online.

[…]

Donald Trump joined Elon Musk for a conversation on “Spaces,” the extremely buggy real-time audio chat feature on ExTwitter. Before that happened, however, Thierry Breton posted one of his typically smug open letters that more or less warns Elon that if Trump said anything bad, the EU might seek to take action against ExTwitter.

Mike Masnick:

Elon’s response — posting a meme telling Breton to “fuck yourself in the face” — while not exactly a masterclass in diplomatic communication, at least made his feelings on the matter abundantly clear. It also made the point that Breton appeared to be using the DSA in a manner that Europeans insisted the DSA would never enable: to order companies to censor content.

[…]

Indeed, it appears that other EU officials agree that Breton went too far. The Financial Times covered the story by noting that other EU officials were wholly unaware that Breton was going to send that letter, and they sound displeased about it[…]

Mark Scott (via John Gruber):

Four separate EU officials, speaking on the condition of anonymity, said Breton’s warning to Musk had surprised many within the Commission. The bloc’s enforcers were still investigating the platform for potential wrongdoing and the EU did not want to be seen as potentially interfering in the U.S. presidential election. “The EU is not in the business of electoral interference,” said one of those officials. “DSA implementation is too important to be misused by an attention-seeking politician in search of his next big job.”

Previously:

Update (2024-09-17): Michel Rose and Foo Yun Chee:

France picked Foreign Minister Stephane Sejourne as its new candidate for the next European Commission as the incumbent, Thierry Breton, abruptly quit on Monday with tough words for the EU's re-elected executive chief Ursula von der Leyen.

John Gruber:

Translation from bureaucratese to English: “Faced with being fired for being a jackass or resigning, I resign.”

Previously:

Saturday, August 17, 2024

Epic Games Store for iOS in the EU

Thomas Claburn:

The latest addition, the Epic Games Store, now offers iOS-using Euro-folk access to entertainment titles like Fortnite, Rocket League Sideswipe and Fall Guys.

[…]

The process for installing the Epic Games Store on iOS in the EU is rather convoluted, requiring numerous steps as demonstrated in this video. Epic attributes this “to Apple and Google introducing intentionally poor-quality install experiences laden by multiple steps, confusing device settings, and scare screens,” and says it’s pursuing the issue in court.

Fortnite has been unavailable on iOS since 2020, when Apple banned the game in response to App Store Guidelines violations and Epic sued Apple in the US.

Tim Hardwick (Hacker News):

Going forward, Epic will have to deal with navigating Apple’s new fee structure, including a “Core Technology Fee” of €0.50 per install per year after the first million installs. This fee applies to both the Epic Games Store itself and the games within it, effectively doubling the charge for popular titles like Fortnite. The EU commission is currently investigating whether Apple’s new fee structure complies with the Digital Markets Act.

[…]

The Epic Games Store is only available on iPhones running iOS 17.4 or later, while iPad users will have to wait until the release of iPadOS 18 to access the store on their devices.

Stephen Totilo (via John Voorhees):

Epic’s efforts have been costly for a giant fighting even larger titans.

The company has spent hundreds of millions battling Apple and Google since 2020 to get to this point, Sweeney told Game File during an interview conducted earlier this week.

And, he added, Epic may have missed out on as much as $1 billion in Fortnite revenue in the process.

But Sweeney feels those costs have been worth it.

Samuel Axon (Hacker News):

It’s been a long, winding, angry path to get to this point. In the battle between Epic and Apple, there remains some debate about who really has won up to this point. But there isn’t much dispute that, whether you want to blame Apple or Epic or both, users sure haven’t been the winners.

Previously:

Update (2024-08-19): Brome:

After a lot of unsuccessful attempts yesterday, I finally discovered that the installation of the Epic marketplace has to be launched from Safari, not from a third-party browser.

See also: Hacker News.

Update (2024-08-22): Emma Roth and Jay Peters:

But it’s not clear whether Epic will be able to grow the store far beyond its own games. The company wants to welcome in a vibrant ecosystem of third-party developers, but moving to the Epic Games Store could be an impossible ask for any company that doesn’t make Fortnite-sized piles of cash.

“It just seems like a lose-lose-lose for Apple, developers, and consumers,” says Bob Roberts, the developer of Roundguard at the indie game studio Wonderbelly Games. “It just makes life more complex and confusing without really improving the situation the way folks imagined it would.”

Epic’s game store may offer better terms for developers, but every developer, Epic included, is still subject to fees from Apple, even outside the confines of the App Store. And Apple’s terms and fees for apps on alternative marketplaces are so onerous that Epic has a big hill to climb to convince developers that it’s worth the time and money to list their apps at all.

Via Jason Snell:

This is the thing about how Apple has constructed the rules for alternative app marketplaces in the EU: It has built a system of mandatory fees that reduce (or even entirely remove) any incentive about offering apps outside the App Store.

[…]

I would argue that this is all by Apple’s design. Whether the European Commission regulators think it fails to establish the competitive marketplaces that the Digital Markets Act was attempting to create, well, that’s for the EC to decide.

Helge Heß:

I don’t actually want to use an alternative App Store, but I still want them to exist for the peer pressure. Apple should do sth for its money, and not just stay stagnant and collect the money 🤷‍♀️ Competition is a good thing, lock-in is not.

Thursday, August 15, 2024

Epic Games Pays AltStore PAL’s CTF

Epic Games (tweet, MacRumors):

Epic also plans to bring our own mobile games including Fortnite to other mobile stores that give all developers a great deal. And, we will be ending distribution partnerships with mobile stores that serve as rent collectors without competing robustly and serving all developers fairly, even if those stores offer us a special deal for our own games.

[…]

In exciting news, we are announcing that our mobile games will come to AltStore on iOS in the EU, and we expect to announce support for at least two other third-party stores soon.

Jay Peters (Riley Testut, AltStore, Hacker News):

AltStore PAL, a third-party iOS app store that’s available in the EU, is dropping its annual €1.50 (plus tax) subscription after receiving a “MegaGrant” from Fortnite developer Epic Games. AltStore originally charged the subscription to help cover Apple’s Core Technology Fee (CTF), which is a fee third-party app marketplaces have to pay for each annual app install.

Tim Hardwick:

As for Epic, it has submitted the Epic Games Store to Apple for notarization under Apple’s alternative app marketplace policy in the European Union. The Epic Games Store will include Fortnite, which means iPhone users in the EU will be able to install and play the title without having to use a cloud gaming service. An iPad version of Fortnite is expected to follow this year.

Previously:

iPhone NFC Access Outside EU

Hartley Charlton (Hacker News):

Apple today announced that developers will soon be able to offer NFC transactions in their own apps for the first time – something that is mostly exclusive to Apple Pay at present.

Starting with iOS 18.1 later this year, developers will be able to offer in-app contactless transactions, separate from Apple Pay and Apple Wallet, using new APIs. This opens up new possibilities for in-store payments, car keys, closed-loop transit, corporate badges, student IDs, home keys, hotel keys, merchant loyalty and rewards cards, and event tickets, as well as government IDs in the future.

[…]

Developers will need to request the NFC and Secure Enclave entitlement, enter into a commercial agreement with Apple, and pay the associated fees.

It’s unclear what the fees and business terms are. I presume it will be like CarPlay where some developers get the entitlement and others never even get a response.

Matt Birchler:

So not only can other apps do this, other apps can take over the “double-press the side button” shortcut on iPhones. This means Google Pay, PayPal, ShopPay, or countless other existing, popular wallets could be your wallet and accessed in a moment to pay in stores (after they’ve added support for this, of course). Wonderful!

I’m sure Apple was going to do this anyway and this has nothing to do with regulatory pressures, right? 😉

Mark Gurman:

While Apple pushed back on opening up NFC for what it has called privacy and security reasons, let’s be honest: a huge driving factor has been $ as Apple takes a % of Apple Pay transactions. But, fear not! Apple will charge third-parties for the feature.

Previously:

Update (2024-09-23): Joel Breckinridge Bassett:

Open NFC is the payments version of DMA ‘open’ app store government regulation. The EU Marketplace Fairness Act (MFA) wants to forbid Apple from monetizing its Apple Pay IP and infrastructure from all developers who want to use the embedded secure element for NFC payments. iOS 17.4 Apple Host Card Emulation was Apple’s answer to EU demands that has now been formalized with a few more conditions.

Open NFC, HCE, is not about being open and never was. It is limited to EMV protocol payments and benefits EMV consortium member payment networks as they can use proprietary without paying for the privilege. It is also limited to EMV based payment app developers who have the necessary resources to deploy the necessary security protocols for cloud processing.

Joel Breckinridge Bassett:

Apple announced a new iOS 18.1 API for iPhone: the NFC & SE Platform, a new framework for in-app NFC transactions using iPhone XS and later Secure Element.

[…]

It sounds like fun, but it could be a headache for users when it comes to Wallet app Express Mode. Yes folks, despite all the excitement the potential downside is that we might have to deal with NFC-clash. Let’s take a look at in-App supported transactions broken out by Wallet app Express Mode and non-Express Mode categories[…]

[…]

There we have it, all in-app NFC transactions require double-click authorization, they don’t get Express Mode which remains a Wallet app exclusive.

FastSpring Store Unexpectedly Offline

Christian Tietze:

I think I will need to be leaving FastSpring as the sole shop for my apps and ebooks and stuff.

At the very least, I’ll need to set up an alternative as a fallback:

2 days ago I received an email that one of the shop backends was being ‘offline’d and no live transactions will go through.

No prior notice, no information as to why. Also, the reply email is automation@ so I needed to manually get in touch with support.

Still waiting for “risk team” reply after support “escalated” my inquiry.

Thankfully, this hasn’t happened to me, though I’ve recently had trouble logging into their admin interface. FastSpring’s communication used to be excellent, but as previously discussed they seem to have changed.

Rich Siegel:

FastSpring support has gotten really terrible. They had some kind of bug where one of my colleagues couldn’t log in for THREE DAYS. Each exchange cycle with their “support” took 24 hours, with no escalation path. We have no “relationship manager” or other direct point of contact.

Previously:

Update (2024-08-17): Christian Tietze:

Wait, my FastSpring store has been deactivated again?

On top of the other deactivation?

What is going on here?

Christian Tietze:

Tuesday I got the first email. Friday the second, same text.

It’s Saturday, I still haven’t heard from anyone.

DEVONtechnologies:

Unfortunately, we see the same thing happening with Paddle. They used to be excellent but customer support is now a chatbot and dev support also takes a day per exchange cycle …

Václav Slavík:

oh no, they started deploying the chatbot against vendors too something like a year ago. It seems to be on and off and if you complain, they turn it off, but it’s there. And the boilerplate replies usually take 2-3 tries to get past for me…

Update (2024-08-19): Christian Tietze:

Did I mention I haven’t heard anything helpful from FastSpring in 6 days now?

In the past I was pleasantly surprised when support would reply on Saturdays. Now that support is useless, I’m waiting for I-don’t-know when.

Update (2024-08-20): Logging into FastSpring stopped working again. I e-mailed them and got a quick reply, indicating that they needed to change the username on my account. Then it immediately started working again.

Halide 2.15: Process Zero

Ben Sandofsky (Mastodon, MacRumors, tweet, Reddit):

Today, we are launching something unlike any tech product in 2024: a product that uses zero AI and zero computational photography to produce natural, film-like photos. We call it Process Zero. It lives in Halide, and it turns your iPhone into a classic camera.

Process Zero is a new mode in Halide that skips over the standard iPhone image processing system. It produces photos with more detail and allows the photographer greater control over lighting and exposure. This is not a photo filter— it really develops photos at the raw, sensor-data level.

[…]

Because Process Zero does not fuse multiple shots, you are limited by the dynamic range of the sensor.

However, you can get sharper (albeit noisier) photos that don’t have the smooth, glowing, over-processed look.

Previously:

Update (2024-08-17): Ben Sandofsky:

We launched with support for RAW capture, no developing. The results looked awful, but useful for camera nerds.

We tried to fix this in 2020 with a button to auto-develop afterwards. It was an extra step, appealed to camera nerds, and results were hit or miss.

We threw that out and started over. This is just… our processing. An alternative to Apple’s.

See also: Hacker News.

Update (2024-09-13): Filipe Espósito:

A Process Zero photo is based on the RAW image captured from the sensor. Halide saves both RAW data and a JPG or HEIC image that can be easily shared with anyone. One downside is that third-party apps can only take RAW images at 12 megapixels on the iPhone, so there’s no way to capture 24 or 48 megapixel Process Zero images.

[…]

Naturally, since Process Zero images don’t take advantage of Night Mode, the pictures will look noisier. Halide suggests that users take pictures with manual controls to reduce the ISO for better results. Also, since Process Zero images don’t have HDR, you need to make sure which object in the scene you want to adjust the exposure accordingly.

See also: Lux.

Colin Devroe:

I want to use Halide’s Process Zero a lot more - perhaps all the time? But it only shoots raw and I’d prefer JPG for most things mostly due to size.

After trying out Process Zero for a while, I don’t think it’s really for me, though I will continue to use it for select shots where it’s really important to have lots of editing options. The two main issues:

Update (2024-09-25): Niko Kitsakis:

First picture is the mush that is Apple Pro RAW (what a joke). The second picture is RAW with @halidecamera Process Zero and Photoshop RAW denoiser (Level 40). Look at the gradient inside the window and generally at the lines in the image.

Previously:

Wednesday, August 14, 2024

Managing the Home Screen Using iPhone Mirroring

Chance Miller (MacRumors):

With the latest betas of these updates, Apple has added a new feature to iPhone Mirroring: the ability to enter “jiggle mode” and rearrange your iPhone’s Home Screen.

With iPhone Mirroring enabled you can now long-press on your iPhone’s Home Screen with your Mac’s mouse or trackpad to enter jiggle mode. The feature then works just as it does on your iPhone, allowing you to drag icons and widgets between different pages. You can also adjust widget sizes, manage the new icon tinting feature in iOS 18, and add new widgets.

[…]

There are a few things still missing from iPhone Mirroring in macOS Sequoia and iOS 18, including the ability to access Notification Center and Control Center and edit your iPhone’s Lock Screen.

It’s so much easier using a mouse. But this seems worse than the old way with iTunes where you could see all the home screens at once on the Mac.

Previously:

Update (2024-09-25): Mario Guzmán:

Apple really needs to develop an editor view for customizing home screens and Control Center. It’s so broken that the slightest movement can mess everything up in an instant. If they had a separate editor view, you can Apply it or Cancel it if you don’t like it and go back to what you had before.

Either develop this or fine-tune your current style of editing because I shouldn’t be afraid to add a widget to my Home Screen without messing up my current layout completely. LOL

Flickr Improves Album Management

Flickr:

The “Albums” tab now gives you the ability to search your albums based on keywords used in album titles and descriptions. Click on the search icon near your album covers to activate the album search.

[…]

You can now reorder your albums and create new ones directly from your profile’s “Albums” tab. You no longer need to go to the “Organize” tool to do so unless that’s your preference!

[…]

When viewing a specific album, you can now add new photos and sort them directly from the album page. And the most thrilling part is that Flickr will remember your preferred sorting method for each album individually, so new photos added to the album will be sorted according to your preference for that album.

These are all great improvements that I’ve been wanting for a long time. I wish there were a list view for albums and album search results because the thumbnails are far too small to see the full titles.

EU Pricing Information in Spotify App

Jess Weatherbed (MacRumors, Slashdot):

Spotify will begin showing in-app pricing information for iPhone users in the European Union starting today, following a yearslong legal battle against Apple. In an update to an old blog post, Spotify says that EU iPhone users will now see things like promotional offers and pricing information for each subscription tier — including how much a plan costs once a promotion ends.

One thing that’s missing is the ability to click a link to make those purchases from outside the Apple App Store. Spotify says it’s opting into the “music streaming services entitlement” that Apple introduced after being served a €1.84 billion (about $2 billion) EU antitrust fine in March for “abusing its dominant position” in music streaming, rather than accepting the complicated new developer terms Apple outlined last week.

Dare Obasanjo:

After being fined $2 billion by the EU for preventing Spotify from telling people they can subscribe on its website, it still took Apple four months to approve their app with those changes and they still can’t link to their website.

Apple has elevated rent seeking to a high art.

John Gruber:

For anyone who isn’t paying close attention to these arguments over Apple’s draconian anti-steering terms for apps, it is surely very surprising that it took years of legal wrangling and a $2 billion fine (which, it should be noted, Apple hasn’t yet paid, and which quite possibly will be reduced or thrown out upon appeal) just to allow Spotify to present this information to users. Just to tell them the price and tell them they need to go to Spotify’s website to sign up.

These anti-steering provisions are indefensible. They make Apple look bad in the court of public opinion, and they look even worse in actual courts of law.

Previously:

Creator Platforms and the App Store

Hamish McKenzie:

But creators aren’t Apple’s traditional customers. They’re not app makers or game developers. They don’t actually have a piece of real estate in the App Store. They instead find their distribution through media platforms, including the likes of Patreon and Substack. It might feel weird for someone who publishes a podcast through Patreon, or a publication through Substack, to receive the same treatment from Apple as Netflix.

The emergence of the creator economy presents an interesting challenge and opportunity for Apple, and some delicate questions for Patreon and Substack. We want creators and subscribers to benefit from the power of Apple’s in-app purchases. In fact, at Substack we have been working with Apple to bring in-app purchases into our app, because we believe that anything that reduces the friction of a subscription is great for creators. We’re doing everything in our power to make the implementation of in-app purchases as creator-friendly as possible.

How much is the ease of in-app purchases worth to creators? It’s a salient question.

For something like Substack (or Patreon), you give them your payment information once on the Web and then subscribe to multiple creators, with them helping you manage the subscriptions. They can provide better tools to do this than Apple’s generic solution. For these types of apps, it’s obviously great to be able to add a new subscription within the app. But this is mostly because you’re already in the app, not because of Apple’s IAP per se. The benefit of IAP is that it’s the only way Apple allows them to process subscriptions. If they could just use stored payment information, like with the Amazon app, they wouldn’t be clamoring for IAP. If you consider how the Amazon shopping experience could be improved by switching it to using IAP (were that allowed) the idea is ridiculous.

John Gruber (Mastodon):

How I got it wrong is that I checked, in the app, by looking at a publication to which I was already subscribed at the free tier, to upgrade to a paid account. That showed me a panel that read “You cannot manage your subscription in the app.” But that’s because I started the subscription on Substack’s website. For Substack subscriptions made on the web, you must continue to manage them on the web. This probably isn’t merely about avoiding Apple’s payment fees, but a practical requirement. I don’t think there’s any way, technically, that an individual subscription you started paying for on the web could be migrated on-the-fly to Apple’s payments, or vice-versa.

It sure seems like Apple’s restrictive guidelines and rigid payment system are hurting the user experience.

It seems obvious to me that creator-platform apps like Substack and Patreon ought to be in a new category of their own, the basic idea of which would be for Apple to take some sort of smaller cut of these transactions.

Christina Warren:

I think they should be a separate category but I also think they should have no fees. Amazon and Walmart and DoorDash and Uber and PayPal and eBay don’t pay fees to Apple for every transaction inside their commerce apps (and Amazon pays a much smaller fee for their digital purchases post Apple TV deal so that ATV could have Amazon content). If Patreon or Substack uses Apple as the payment processor, pay whatever those fees are. But not beyond that.

Personalized services should also be a separate category. It makes no sense to treat a therapy app with real humans responding one-on-one the same as an IAP loot box that has zero marginal cost.

Michael Love:

The idea of special treatment for ‘creator platforms’ is interesting, but I think at that point anybody selling e-books or other 3rd party content - anything in the “Reader app” category, basically - ought to get the same deal; there’s nowhere obvious to draw the line.

Apple has a much better case for taking 30% of Amazon’s cut of a Kindle purchase than they do of taking 30% of the whole thing; the problem of course is that this can’t be audited in a scalable way.

Jimmy Callin:

Adding additional special categories for certain app genres is just putting lipstick on a pig. The whole monopolistic app store business model is fundamentally broken and is damaging the whole ecosystem.

Previously:

Update (2024-08-15): Jim Rea:

Does anyone understand how Patreon can work with Apple’s in-app purchase system? […] Did Apple add some new capability to in-app purchases to enable this? 🤔

John Gruber:

Look at Substack. Each subscription for each creator gets its own SKU. Substack’s App Store listing exposes the most popular ones[…]

Nick Heer:

It feels like a particularly janky thing when you look at something like X, too, where each account’s subscription is its own SKU. I don’t know about now, but the App Store used to allow only some maximum number of SKUs (off the top of my head, maybe 10,000?).

My understanding is that there was a relatively low limit and that the SKUs had to be created manually. Now there seems to be an API, and I don’t know what the limit is.

A commenter reports that, on the Web, Substack has separate billing info for each subscription.

Tuesday, August 13, 2024

iDOS 3 in the App Store

Jay Peters (Slashdot):

But in July, Apple reversed course and approved UTM SE, and earlier this month, it added the words “PC emulator” to guideline 4.7, which is seemingly why iDOS 3 has now been allowed on the App Store.

Filipe Espósito:

As for iDOS 3, the app is available for iPhone and iPad on the App Store and costs just $0.99. It requires a device running iOS 12 or later.

Chaoji Li (via Craig Grannell):

It has been a long wait for common sense to prevail within Apple. As much as I want to celebrate, I still can’t help being a little bit cautious about the future. Are we good from now on?

Rui Carmo:

This is great fun–and I’m a bit sad that it took me all of 10 minutes to get Windows 95 running very snappily (if a little buggy) on it, and yet I still cannot “legally” run legacy Mac OS versions on an iPad.

[…]

Again, Apple is still, ironically, the main reason why we cannot have nice things on the nicest hardware on the planet.

See also: Mac Power Users Talk.

Previously:

Wrong About the App Store

David Barnard:

For almost 16 years now, tweet after tweet, blog post after blog post, I’ve implored Apple to do better by developers and App Store customers in a million different ways. And implied (if not said directly) that if they didn’t, the impact would, over time, lead to dire consequences. From developers abandoning the platform to regulation destroying it.

But quarter after quarter, year after year, services revenue grows. And that growth has added hundreds of billions if not a trillion plus to Apple’s market cap and given them the breathing room to continue building some of the best hardware and software (and more recently video content) on the planet.

Apple is doing exactly what Apple is supposed to do: create value for shareholders.

I think those of us who’ve been around for a while were so used to Apple being near death that we didn’t appreciate how durable its duopoly position actually was. We should have, because we were there for Microsoft’s bad behavior, poor products, and antitrust scrutiny and saw how it remained incredibly influential and profitable. Yet our commentating was not really about telling Apple how to maximize shareholder value. We expect more of the company. It says it’s about creating great products and being a good corporate citizen and has a history of doing so in many respects. It’s still worth thinking about how to do that and imagining how the world could be better, even if it seems like no one’s listening.

I’m not even sure anymore if the reputational damage I perceive actually matters. Sure there are grumpy developers, who, like me, are especially loud here on Twitter, but for every one of those there’s another teenager excitedly building their first app. Power users, pundits, and those terminally online might agitate here and there, but it’s not like they are leaving for Android in droves. And I don’t get the impression the average iPhone user knows or cares.

Part of me does still feel like this is the classic story of a company on the way to decline. More focused on profits than user/developer experience and building great products.

Laura Laban:

Where would we [developers] have gone to? We have no other viable options to have the people use our creations.

And the fact that it’s increasingly harder for users to switch platforms isn’t going to make this any better in the future.

Rob Jonson:

Gripping the app world in a vice makes sense for Apple. Monopolies are super-profitable.

It doesn’t make sense for society which is why we need government regulation.

David Barnard:

I didn’t say I was wrong about the potential for my suggestions to make the App Store a better experience for users and developers. I said Apple did a great job maximizing shareholder value, while still making some improvements to the App Store.

I didn’t say Apple shouldn’t be regulated. I said that the threat of regulation, which I have cited over and over, seems unlikely to have much of an impact given how masterfully they are maneuvering around regulation now that it’s actually happening. Though we’ll see how that plays out.

[…]

I’m going to keep advocating for App Store changes that I think will better serve both users and developers over the long haul. Apple cares more about their App Store revenue than I do, so of course they aren’t going to do many of the things I suggest, but that’s not going to stop me from making noise.

As I said in a follow up tweet, this was about me making some level of peace with the facts on the ground, not saying it’s the state of the world I prefer.

Ryan Jones:

Yep. I just find it sad, budging an irrelevant amount for them would be massive for the world. When is the time to budge a little – only once they reach the most valuable comp...? oh wait.

Wade Tregaskis:

What should Apple’s gross margin be? During their golden age (the return of Steve through the iPad) it was about 28%. For most of the Tim Cook era it was more like 38%, but since COVID it’s jumped up to closer to 48%. With Apple’s product price inflation at an all-time high (especially re. RAM & SSD), and given they apparently can’t find anything better to do with all that profit than just buy their own shares, why don’t they just lower their prices and have more & happier customers?

René Fouquet:

These new Pixel phones and the Gemini features look very tempting. If I weren’t this stuck in the Apple ecosystem I might have gone full Android for a year. But there’s just too much stuff I’m sharing with my wife: Find My, Shared Photos Library, Airtags, calendars & reminders …

It should give Apple executives pause that a once die-hard Apple fanboy has pivoted so much. Of course it won’t–they are too busy counting the money they’ve extorted from devs and creators. But in a couple of years we may remember this time as the beginning of the end of the once mighty Apple. I’m beginning to lose hope they’ll be able to turn this around.

Dimitri Bouniol:

As much as I enjoy doing it, Apple has gotten to the point where writing an app for their platforms is increasingly bad for our businesses. I’ve spoken with many potential users of my app who are on Android, and refuse to buy an Apple device due to how Apple portrays itself. Apple is doing itself no favors burning the bridge of the last few supporters of the company, which are likely the developers that helped propel it to where it is today.

Christina Warren:

People like me are too deep into the Apple ecosystem to ever reasonably leave. Until/unless they fully neuter macOS, I’m here for life. And I’ll realistically never use Android. But the next generation of users might use an iPhone, but they also rely on the web and services from other companies. They use Chromebooks. They don’t have a reason to “root” for Apple the same way I did as a kid. And that’s how platforms change and ecosystems fall off.

[…]

Already we see how these sorts of policies play out poorly for Apple: the Apple Vision Pro is so far, an expensive flop that has very few apps and has made its devs very little money (I’ve talked to many. Only a few have done “well”) and most are wholly unwilling to even build an app for it. These policies and decisions have downstream effects. There are consequences. Apple might not “see” them b/c they still print money, but they exist.

Microsoft has spent the better part of the 15 years trying to win back developers and users post Vista. Sometimes succeeding (VS Code, which is just good software), sometimes failing (Bing), often fumbling with bad decisions (Recall), but despite being THE platform for games, people use Steam, not the Microsoft Store. People buy PS5s more than Xbox (and I love Xbox but it’s true). When vibes shift, users find alternatives. And they find them fast. Winning people back takes much longer.

Damien Petrilli:

Well, there is another thing where developers were wrong: the native stack doesn’t matter.

Users don’t care which tech stack is used as long as your product works. They won’t ditch your app or service because you are using react or flutter or it’s a web wrapper.

You can’t change Apple but you can change your tech stack and make Apple platforms just another target.

Previously:

Update (2024-08-14): Louie Mantia:

Endless growth isn’t achievable, yet every step they take toward increasing profits does two things. It makes them less likable and more monopolistic. Apple was a better company when they were an underdog.

[…]

But since 2008, the services they provide in exchange for those recurring fees and percentage cut haven’t improved much. You’d think with all that services revenue, they’d invest it into making the developer program better.

René Fouquet:

So I thought about what kept me in the iOS ecosystem. Watch out - long post ahead!

Update (2024-08-17): Matt Birchler (Hacker News):

At first, it was fun and exciting to see the company that had been struggling finally showing everyone that they were legit, but somewhere along the way it stopped being as fun. Record revenues and profits felt like a form of validation for all of us for a while, but today they feel less like something to cheer about.

[…]

No single action makes them the bad guy, but put together, they certainly aren’t acting like a company that is trying to make their enthusiast fans happy. In fact, it seems Apple is testing them to see how much they can get away with.

[…]

And to be super clear, I think the vast majority of folks at Apple are amazing people doing amazing work, especially those in product, design, and development. There’s a reason that I use their products and there’s a reason I care enough to even comment on all this in the first place. The problems all stem from the business end of the company and I don’t know how to convince them that reputation matters.

[…]

It’s a pretty dark place to be when Apple’s biggest, long-time fans are hoping that the US government will step in to stop them from doing multiple things that they’re doing today.

Update (2024-08-19): Federico Viticci:

On the latest Connected, I argued that it almost feels like there are two Apples within Apple: the company that designs the hardware products and operating systems I still love using, which I find superior to most alternatives on the market today; and there’s the business entity, which is antagonizing developers, creators, governments, and, in doing so, alienating customers who have been supporting them for years.

Kyle Hughes:

I wonder if I have a blind spot by focusing on Apple platform development: does software quality really matter? The more I interrogate the idea, the more I think the answer is no. The iPhone is an all-time global status symbol, which is why we associate its flavor of software with success, not vice versa. Many inefficiencies can be overlooked by following in Apple’s wide wake. It may be a coincidence that the most valuable company is also the one craftspeople identify with.

They also identified with it when it was losing a billion dollars per year. And sometime in between then and now is probably when its software quality was the highest.

Monday, August 12, 2024

Apple Going After Patreon

Sarah Perez (MacRumors, Hacker News, Slashdot):

Apple has threatened to remove crowdfunding app Patreon from the App Store if creators continue to use unsupported third-party billing options or disable transactions on iOS, instead of using Apple’s own in-app purchasing system. In a blog post and email to Patreon creators about upcoming changes to membership in the iOS app, the company says it’s begun a 16-month-long migration process to move all creators to Apple’s subscription billing by November 2025.

Patreon also informed creators it will switch them over to subscription billing as of November 2024, but they will be able to decide whether to price their memberships at a higher fee to cover Apple’s commission or decide if they want to absorb the fee themselves.

[…]

Despite Apple’s rules and policies, Patreon had existed in an odd sort of gray area, as some of its subscription-based offerings could be consumed in its app while others could not. Another possible reason for the Patreon exception was due to the fact that many users didn’t come to Patreon itself to discover creators and content, Patreon CEO Jack Conte told tech news site The Verge in 2021. Instead, the discovery took place through other channels. Though the company admitted it didn’t have any sort of special contract with Apple to avoid the App Store fees, the app had been able to skirt Apple’s in-app billing requirements for some time.

The guidelines are famously unclear, so you have to look at the behavior of App Review, not just at what’s written. Patreon is a well-known app that’s been around for a long time. Apple likes to frame these sorts of situations as, “Patreon has been out of compliance for 10 years and we just want them to become compliant.” Left unsaid is that the App Store, which is supposedly protecting us, supposedly took a decade to notice that they were breaking the rules. So, no, I don’t think App Review is that out of touch. This is just what Apple says when it decides to change the rules. When the change is in favor of developers or customers or regulatory compliance, they announce it on their developer blog. When it hurts everyone other than Apple, it’s not officially a change—you were wrong all along.

The best that can be said of the change is that it brings some consistency, in that Patreon and Fanhouse are now treated equally poorly. If you are considering submitting anything in the creator space, now you know exactly what to expect.

Nick Heer:

If Apple promotes In-App Purchases from third-party developers at all, I could not find an example in the App Store. Even if it did, Apple would not be a bigger draw for people who make their living on Patreon than those individuals themselves.

[…]

This is both a naked attempt to take an outsized cut from independent creative professionals, and a more consistent treatment of In-App Purchases. There are so many unanswered questions. Why was Patreon allowed an exemption in the first place, and for so long? Why did Apple change its mind late last year but also permit a long transition period which Patreon will complete next November? What changed? It is not as though Patreon is untrustworthy, or that cancelling a subscription is a laborious Amazon-like or New York Times-esque process.

[…]

The 30% fee is also notable. As far as I can tell, only a handful of Patreon users would exceed the million-dollar annual threshold for Apple’s Small Business Program. That is, everyone who earns less than a million dollars per year through iOS Patreon pledges should, in theory, fork over a 15% commission rate to Apple. But it appears it is Patreon itself which is subject to the 30% rate.

[…]

Apple’s 30% commission is at least double the rate charged by Patreon itself, and only the latter has any material effect on the relationship between a creative professional and their supporters.

There are many different ways of using Patreon. AltStore PAL is using it to monetize apps sold outside the App Store, and I wonder whether this is what spurred the change from Apple. At the other end of the spectrum, sites like Heer’s and mine use it, not to deliver in-app content, but essentially to collect tips—which in other contexts, such as WeChat, Apple does not tax. Perhaps we are collateral damage from a one-size-fits-all approach.

It’s one thing to argue that Apple deserves to be compensated for its IP when someone is selling an app that heavily depends on frameworks that Apple developed. But yoga lessons through a webcam? Writing or making music or videos—possibly not even using Apple’s platforms? Apple wants 30% in perpetuity just because the user tapped a button in a third-party app vs. in Safari.

Patreon:

Any creator currently on first-of-the-month or per-creation billing plans will have to switch over to subscription billing to continue earning in the iOS app, because that’s the only billing type Apple’s in-app purchase system supports.

Steve Troughton-Smith:

Patreon has been around for a good ten years on iOS. Ten years in, Apple has come to them and demanded 30% of all transactional revenue in their app.

If you in the EU had left the App Store and were offering your app in an Alternative Marketplace and using Patreon as the monetization behind it, and your users are subbing in the Patreon app, now Apple will be taking the Core Technology Fee plus 30% of your revenue. They can tax both sides of the equation.

Casey Liss:

This is so gross. 👎🏻 × ∞

When is Apple going to realize that rent-seeking anywhere and everywhere is not only a bad look, but will get them regulated straight to hell?

(And at this point, it’s more than deserved. Bring it on.)

Craig Hockenberry:

When you start seeking rent on the livelihood of artists, I don’t think you get to claim you work at the intersection of Technology and Liberal Arts anymore.

Kyle Howells:

According to Apple’s logic they should be able to tax every single digital transaction that happens on or through any of their devices.

Except in 2024, the entire world runs on computers!

Apple wants to demand a global tax on all transactions ever made by anyone.

Steve Troughton-Smith:

If Apple isn’t stopped, there will come a point where Apple slaps a 30% tax on all VISA transactions made on iOS (unless you use Apple Pay, of course!)

Rich Felker:

So utterly stupid that they ever entered App Store. It’s completely unrelated to their purpose and was bound to screw over them, creators, and patrons.

Thom Holwerda:

I’ll obviously be adding warnings to my Patreon profile and tiers that if you use the iOS app to subscribe, you’ll be taxed by Apple for 30%, and advise people to use the web or the Android app instead to sub.

Steve Troughton-Smith:

I’m guessing Patreon won’t be allowed to tell its users [in the app] why they’re being gouged on iOS, because Apple doesn’t allow anything like that that could embarrass Apple.

“We’ve never raised prices” my ass. Swooping into other peoples’ markets and taxing them on revenue that has nothing to do with you is objectively worse than raising prices

Officially: “In the more than a decade since the App Store debuted, we have never raised the commission or added a single fee.”

Actually: Changed the rules and changed how old rules were interpreted so that more payments were subject to the fee, pushed apps down in search results if they don’t buy ads.

René Fouquet:

Someone at Apple must have an Apple Intelligence powered list, titled “disgusting things that we can do to our developers that raise our shareholder value” and they keep picking one item every week to keep the flow going.

Previously:

Update (2024-08-13): John Gruber (Mastodon):

This might epitomize the way Apple can be penny-wise but pound-foolish when it comes to the App Store. However much money they think they might get from these Patreon subscriptions once the Patreon iOS app switches to IAP, I refuse to believe it’s worth the further degradation of Apple’s brand that this dispute with Patreon is incurring. The paying users of Patreon are fans. They are such dedicated and devoted fans of certain creators and artists that they choose to pay those creators money. And now these users are being informed that Apple is putting the squeeze on these creators and inserting themselves into a relationship that these fans see as being between them and the artists they support.

[…]

How do you put a price on the number of Patreon iOS users — who are all, by definition, Apple customers — whose view of Apple will shift from “Apple is a company that supports small indie creators and artists” to “Apple is a company that uses its position of power to extract exorbitant rent from small indie creators and artists” because of this change?

Steve Troughton-Smith:

The dynamics of the Patreon thing are actually incredible. Apple, taking 30%, will be making effectively 6x as much as Patreon will on every transaction for creators who are on the grandfather plan. Whatever value Apple brings, does anybody think it’s six times the developer it’s stealing from?

Brendon Bigley:

Mere months after needing to apologize for an iPad ad in which they crush a massively valuable stack of instruments, cameras, typewriters, televisions and more with a hydraulic press, Apple is back again to callously insult the world’s creatives and startups in a brand new way. It seems like a glaringly obvious self-own.

[…]

The thing that frustrates me most is that this style of business is working for them, and for Google as well. If I wanted to put my money where my mouth is and bail from Apple’s iPhone or the entire ecosystem, turning to Android is no better for a whole slew of reasons which sometimes even overlap. We shouldn’t have to sit here and wait for governmental bodies to wake up and enforce their own laws, but what other option do we have?

Via Federico Viticci:

Is there any company more out of touch with creatives right now than Apple?

It feels incredibly weird to say this, but it sadly is true.

John Voorhees:

Patreon has created a tool for creators to pass Apple’s 30% fee on to their members who sign up using the iOS app, which it recommends doing. However, that’s bound to create some ill will with members, and it doesn’t solve the fact that certain kinds of billing like ‘per creation’ charges aren’t available as part of Apple’s payment system, meaning that many creators will need to change their financial arrangements with their members.

[…]

Patreon and creators built businesses that don’t fit neatly into Apple’s payment system, so it doesn’t strike me as fair that now, they have to find a way to fit that square peg into a round hole.

I wish this were an isolated thing, but it isn’t. Apple’s caring-for-creators engine seems to have run out of gas.

Andrew Abernathy:

I didn’t realize that Patreon is dropping first-of-the-month billing completely and forcing a switch to “subscription” which is a per-membership charge from the first-day-subscribed.

As a patron, I hate this. A big benefit for me is getting one charge for all my memberships, which I also assume(d) saves on credit card fees.

Jamie Zawinski:

That Patreon’s reaction to this was not: “Welp, I guess we’ll just have a web site instead of a weird iOS app, then” tells you everything you need to know about how they prioritize what is good for their members, versus “growth hacking” and “line go up”.

This is the big question. It certainly would have been easier, and it would arguably be better for both creators and supporters to eliminate Apple’s tax. On the other hand, contorting Patreon to fit Apple’s payment model arguably makes the product itself worse. They probably felt a duty to continue supporting all the people who were already using the app. And they may believe that Apple’s market power is such that not being in the App Store would reduce revenue for creators and potentially be a long-term threat to the entire platform.

Nick Lockwood:

I’m disappointed Patreon didn’t just respond by removing their app from the store tbh

Jeff Johnson:

The Patreon iOS app has millions of installs. Mass migration of users from the app to the web would be a logistical nightmare under the best of circumstances. And it’s unlikely that Apple would be helpful. Indeed, Apple could refuse to allow Patreon to notify users in-app, which would make migration infeasible.

Discontinuing the app could be much more harmful to creators than keeping it. That’s the power of the ubiquitous platforms.

John Gruber:

There’s really only room for one middleman in a relationship between a creator and their audience, and in this case that middleman has been Patreon. But now Apple is saying they’re required to be involved too.

[…]

The whole notion of a platform like Patreon just doesn’t fit with the App Store’s model of taking a fee out of every single transaction for digital goods or services. It could, perhaps, if Apple were willing to only accept a commission from Patreon’s own share — a commission on a commission — but they’re not.

Lastly, I suppose it’s implicit here that a lot Patreon users go through the iOS app. But I can’t help but think they should do what Substack does and just not allow paid subscriptions through the app.

Nick Heer thinks that the guidelines, as written, prohibit both Substack and Patreon from doing this.

Steve Troughton-Smith:

Some multimillionaire VP at Apple has decided that the best thing for the company, one of the biggest in the world, to do is introduce a new 30% tax on struggling artists and creators who have no business or professional relationship with it in the first place.

Nick Heer:

Business lingo is such a great way of drowning offensive policies in euphemism. For example, “monetise our I.P.” is dull grey sludge, but it means “take 15–30% of every transaction because we can”.

Steve Streza:

Apple demanding rent from Patreon subscriptions is particularly offensive. The people who Apple will be stealing money from, online creators, don’t have any relationship with Apple here. They didn’t ask to be here.

Mario Guzmán:

Apple is increasingly leaving a horrible, disgusting, vile taste in my mouth with all their cheap money grabs. It’s practically predatory.

Apple was an American Success Story, the underdog… now they’re just the bully.

From how they treat developers to how forcefully they push their services (no means no, Apple)… this isn’t the company I used to respect back in the day.

Steve Troughton-Smith:

There are folks who still, to this day, won’t touch Microsoft products because of Microsoft’s behavior in the 90s — nearly 30 years later. People have long memories. Apple today makes 90s Microsoft look like a saint.

John Gordon:

90s MSFT was pretty bad. Apple is worse, but maybe only 30% worse.

John C. Welch:

Whomever keeps doubling down on the rent-taking on the App Store really need to be smacked upside their fool heads.

Tyler Hall:

It’s hard to believe that on the engineering side, Apple is asking, “How can we be more like Windows Vista?” and on the policy side, they’re asking, “How can we be more like the mafia?”

Tom Harrington:

From this week’s Apple news it seems like they’ve decided to build a toll booth at the intersection of technology and liberal arts.

Perhaps symbolic of the new Apple, “Apple News” is now auto-capitalized, because of course any news about Apple has to use their trademarked term.

Craig Grannell:

I hate to do a “this would have never happened under Steve Jobs”, but there’s something very odd going on with Apple right now. It’s like money has become everything – the only thing that matters. And given that services are the only long-term growth sector, it’s doubling down on everything. But the amount of brand damage it’s doing right now is immense.

In some areas, Apple long ago shifted from “be good” to “be least bad” (eg skeevy ad upsells). But with its App Store shenanigans, it’s so far away from either of those right now.

Kyle Hughes:

The Apple that “we thought we knew” might just have been a product of low interest rates and hockey-stick growth in smartphone sales during the 2010s. 10+ years is long enough to feel permanent, so now folks are thinking, “what happened?” The answer might be nothing changed internally, same priorities, but the external environment changed and now they face significant headwinds across every product. Didn’t need to tighten the screws before.

Nick Heer:

Today, Apple spent big from its brand account. While there are some who are upset with Patreon for having an iOS app in the first place, the overwhelming frustration is justifiably directed toward Apple.

As upsetting as it is, I cannot say I am surprised by any beat in this story. First, Apple decided to, for years, treat Patreon pledges as something other than In-App Purchases against which it would normally levy a commission. But that could not last forever because Apple would — as it has several times before — want to reclassify pledges to get what it feels is its cut. It is now going to require Patreon treat them as subscriptions, similar to Substack.

Hamish McKenzie, Substack’s co-founder, is more positive toward Apple’s In-App Purchase system, but notes how it does not really fit with authorship by individuals or small teams[…]

Federico Viticci:

The thing about putting accountants in charge is that most of them either have no taste or don’t know how “goodwill” fits in a spreadsheet.

Tyler Hall:

I don’t remember who said this - Steve Jobs or Phil Schiller or some other Apple exec - but they spoke in an interview about how you could never put a price tag on the Apple logo - the brand. There’s no dollar amount you could buy it for.

But with every penny of IAP revenue Apple fights for and demands they’re owed - deserved or not - they are selling their brand. Biting off and chewing up pieces of the Apple logo.

Christina Warren:

The richest company in the world (congrats guys, you’re back on top) being fucking rent-seeking pieces of shit isn’t going to earn your precious services more $$$, it’s just going to convince a whole new generation of users to avoid the App Store for all payments and have a distaste towards your brand.

Shac Ron:

A lot of people angry at Apple this morning. I don’t blame them.

The original reason for taking a cut of IAP was simple. If they didn’t, every app would be free and require IAP to get the full version. If they didn’t take a cut of subscriptions, every app would be free and require subscription to use. You’d be paying a subscription for several app networks to use their apps now.

[…]

I am not offended that Apple wants to be paid, as some people are. I am offended that they seem to be overstepping what a reasonable take is. They should have been working towards lowering store fees as they scaled up.

Uli Kusterer:

When, in the coverage of the Patreon issue, people come to you with the argument that Apple deserves to be paid for the hosting and payment processing they provide, remember:

Nobody forced Apple to host everybody’s downloads, process everybody’s payments and not allow any other installations.

None of this would be a problem if Apple permitted “side-loading” (or more correctly, “installing software on my device, which I already dropped a cool thousand on”).

They don’t even host the Patreon content.

Kirk McElhearn:

Do you think that taking a cut from Patreon is going to make a difference in their profits? I don’t.

However, if this is only the first step of them taking a cut from services like Kickstarter and GoFundMe, then that could make a lot of money. And that would be seriously evil.

Tim Schmitz:

Apple is tiptoeing pretty close to the line of “You owe us 30% of all web transactions in Safari, because if it weren’t for us those customers wouldn’t have reached your site.” Not saying Apple is or will actually say that, but their logic is pretty close to claiming they COULD if they wanted to.

Ged Maheux:

Remember how pissed we all were when Reddit got greedy and killed Apollo? It’s business as usual now for Reddit. They just waited it out. It will be the same for Apple and Patreon.

Users have short memories and few choices.

See also:

Previously:

Update (2024-08-14): John Gruber (Mastodon):

What Patreon seems to be suggesting above is that if they offered a third option — not to allow subscriptions within the iOS app, controlled by each creator for their own subscriptions — that Apple has threatened to remove the Patreon app from the App Store.

[…]

From the perspective of creators, this clearly ought to be an option. They don’t want to charge their fans 30 percent extra just to pad Apple’s bottom line. They don’t want to earn less money themselves. Thus, they might not want to participate in App Store in-app payments at all. How is that not a perfectly reasonable choice for Patreon to offer and for some of its creators to make? And then just put right there in the app that this creator’s subscriptions are only available on the web. Dare Apple to strike that down on the anti-steering grounds that are in the bullseye of regulators around the world.

Jeff Johnson:

Why would anyone without Epic money play chicken with the most powerful corporation in the world?

Ged Maheux:

As someone who has an app in the App Store that is funded in large part by Patreon, I have a lot of opinions on what Apple is doing regarding the service.

I also know the giant bear should not be poked or we risk losing important revenue App Store revenue.

Update (2024-08-15): M.G. Siegler:

Patreon should do this. It’s so obvious that they must know they should do this. I suspect it’s simply fear that it would look like they were waging some sort of PR war that ultimately hurts their creators. But again, the creators are getting hurt regardless. Either they have to charge/eat more fees or Patreon does. The latter is bad for creators as well because it makes Patreon less sustainable as a business. So again, they absolutely should call Apple’s bluff here.

To be clear, I don’t think it’s a bluff. I just think Apple is so clueless to these types of optics these days.

Cory Doctorow (Hacker News):

Apple’s pristine execution of stage one of enshittification – luring in users, then locking those users in – mean that businesses can’t survive without reaching Apple customers, and they can’t reach Apple customers without abiding by the app store’s rules.

[…]

This is a shocking payment processing fee. For comparison, the highly concentrated credit-card sector charges 2-5% to process a payment – a tenth of Apple’s charge. What’s more, that 2-5% credit card fee is considered to be extremely high (it’s gone up 40% since covid started). Apple backstops this payment rule with more content-based rules: app vendors may not send customers to the web to complete their payments through a regular website with a 2-5% fee. Users have to figure this out for themselves.

[…]

Here we have Apple as the fully unfurled regulator of the digital economy. Apple decides what kinds of businesses are prohibited, based on three criteria[…]

Dave Nanian:

By using this Apple device, you acknowledge that it enables your productivity and workflow in ways that significantly benefit you.

As such, Apple requires that you tithe 10% of your earnings to it, payable on an annual basis, regardless of the activities said earnings were generated from.

Eric Schwarz:

This sort of reminds me of the news that Starbucks hired Brian Niccols as their CEO. He’s currently the CEO of Chipotle and has had that role since 2018. During that time, Chipotle modernized a lot, but lost so much of its soul—when the go-to complaints used to be the extra charge for guacamole or the occasional tainted produce, it’s now moved to price hikes, small and inconsistent portion sizes, and putting customers at odds with hourly employees. Sure, the company made lots of money and Niccols was considered successful, but burnt up a lot of goodwill. How many people moved on to alternatives? I know I did.

[…]

While Apple is plenty healthy right now, the amount of grumbling and lack of enthusiasm from its biggest fans have me a bit worried that they’re just going to keep pulling nonsense like this until governments regulate the heck out of them or their customer base erodes. Why not get ahead of both and do right by everyone?

Joe Rosensteel:

For Apple to pop up on the scene and make Patreon look like the generous soul is kind of a feat to behold.

Hey Patreon creators, what if there was another middle man? Also that middle man didn’t do anything but collect 30%, which is even more than Patreon collects? Patreon will provide you with services in exchange for their fee but the App Store will … uh … process payments that could be processed using the web system that Patreon needs to have anyway. So … uh …

[…]

The fees Apple collects should not be because it can rig a system in very specific ways to benefit them, but because without any artificial barrier it’s simply the best experience. They absolutely can’t say that right now.

Previously:

The Mac Is a Power Tool

John Gruber (Mastodon, tweet, Hacker News):

The Mac is a platform where you need to be able to shoot yourself in the foot. Increased protections that make it less likely that you’ll shoot yourself in the foot are, obviously, a good idea. Many of them are downright necessary. But such protections are only undeniably good ideas when they don’t get in the way of sophisticated users using software that requires a high level of system privileges. Then they become a trade-off. There are some power users who’ve been annoyed every step of the way as Apple has increased such protections in MacOS, but I think, until recently, Apple has managed this balance well. MacOS, on the whole, has been welcoming and safe for unsophisticated users while remaining powerful and efficient for experts. But in recent years MacOS has clearly started slipping down the slippery slope of being too protective.

[…]

It’s good to be reminded of the software you have installed that requests, or outright requires, access to private data and sensitive hardware APIs. It’s very good to be alerted to any software you might have installed that has acquired such permissions without your knowledge or recollection. […] But it’s infuriating to play whack-a-mole to dismiss a barrage of permission prompts to confirm the same permissions you’ve previously granted to the same software, and it’s even worse when you need to dig three or four levels deep into System Settings to do it.

As Jason Snell has said, partly this is offensive because the attitude is that you, the user, can never be trusted to know what you’re doing. You can click through the alert after every daily boot for a year, but it will never be enough.

But more important, I think, is that the system just wasn’t designed with much care. There is no place where you can go to see all the things that a given app is allowed to do. Nor can you see a log of when and how often the app is doing the things that you permitted. And when you do want to grant access, the steps are often obscure, as if to provide an additional hurdle to make sure you really mean it. (And good luck fixing the TCC database if it gets corrupted.) It feels like it was designed, not to help the user understand what’s going on and communicate their preferences to the system, but to deflect responsibility. You were warned, so it’s your own fault if you clicked the wrong button after being bombarded by repetitive dialogs interrupting your day.

Adam Engst:

It’s bad for usability, increases user frustration, and decreases security awareness.

[…]

The prompts recur weekly, whenever you reboot, or, as I discovered, when you log out and log back in.

[…]

We’ve already passed the point of security alert overload. The first time or two that the Sequoia beta prompted me to reauthorize, I admit that I didn’t read the text of the alert beyond determining that I should click Continue To Allow to capture the screenshot I needed for whatever I was writing.

[…]

In none of these cases would extra prompts have made any difference because users had no way of knowing that downloads were compromised or that an app had a new owner.

By prompting for continued permission, Apple is asking if we still trust previously trusted apps. What would change in any short period of time that would have us reconsider this action? We would need new information to make a different choice. […] The easy answer is that Apple’s security team believes that apps regularly go over to the dark side within a week and we will figure that out by getting a prompt to remind us that we have already granted it screen-recording permissions. But that’s patently stupid.

Christina Warren:

MacOS is still the best desktop operating system but Apple seems content on trying to change that every year as they make decisions that are bad and also diametrically opposed to anything a pro user would actually want.

Miguel Arroz:

One argument I really can’t understand in the whole permission dialog debate is saying this may be useful to detect software installed by an abusive partner.

Well, technically yes, maybe, but you all realize that if an abusive partner has administrative access to your computer, it’s game over, right? From that point on you need to assume nothing, absolutely nothing at all that goes through that machine is private. And the permission dialogs won’t change this.

See also: Accidental Tech Podcast, Craig Grannell, Luc Vandal.

Previously:

Update (2024-08-14): Pierre Igot:

I guess this is Apple’s way of (not) saying: “The OS update you installed a couple of days ago includes updated terms of service for the Mac App Store. Since we cannot be bothered to explain these changes to you and you won’t read them anyway, we’re just covering our asses by asking you to click on ‘Continue’ here, which implies that you agree with the changes.”

Still feels like Apple is treating me as an idiot, though, by simply repeating marketing copy that is of zero interest to me.

Apple Intelligence Foundation Language Models

Apple (PDF, Hacker News):

We present foundation language models developed to power Apple Intelligence features, including a ~3 billion parameter model designed to run efficiently on devices and a large server-based language model designed for Private Cloud Compute. These models are designed to perform a wide range of tasks efficiently, accurately, and responsibly. This report describes the model architecture, the data used to train the model, the training process, how the models are optimized for inference, and the evaluation results. We highlight our focus on Responsible AI and how the principles are applied throughout the model development.

Previously:

Susan Wojcicki, RIP

Juliana Kim:

Susan Wojcicki, a Silicon Valley visionary who helped shape Google and YouTube, died Friday after a two-year battle with non-small cell lung cancer, according to her husband. She was 56.

[…]

In 1998, Wojcicki rented her garage to Larry Page and Sergey Brin, a pair of Stanford grad students on the cusp of building the search giant Google.

Wojcicki quickly saw the company’s potential and left her job at Intel to become Google’s first marketing manager.

Laura Dobberstein:

Wojcicki’s tenure at Google saw her spearhead the development of AdSense, which revolutionized the monetization of the internet by allowing online publishers to display ads relevant to content, automatically matched by Google’s algorithms.

But the acquisition of small startup and Google Video competitor, YouTube, for $1.65 billion in 2006 – which she recommended – defined her career.

[…]

Wojcicki became YouTube CEO in 2014 and focused on refining the YouTube Partner Program – which allowed creators to earn revenue from ads.

Sundar Pichai (Hacker News):

Susan was one of the most active and vibrant people I have ever met. Her loss is devastating for all of us who know and love her, for the thousands of Googlers she led over the years, and for millions of people all over the world who looked up to her, benefited from her advocacy and leadership, and felt the impact of the incredible things she created at Google, YouTube, and beyond.

Marques Brownlee:

She took on one of THE most stressful positions and handled it with grace and vision and was incredibly gracious behind the scenes in ways most people never got to see.

Rene Ritchie:

Thanks to @SusanWojcicki, her vision, determination, leadership, and the unique partnership she sparked between YouTube and creators, we have all not only been given a voice and shown the world, but we’ve forged together opportunity, dignity, and legitimacy, set the foundations of the creator economy, and exemplified that true, meaningful, transformational success really is best achieved together.

Friday, August 9, 2024

Collect Cards Bypassing App Review via CodePush

Filipe Espósito:

A peculiar app called “Collect Cards: Store box” has been available on the App Store for over a year. The App Store description doesn’t say much about it, while the screenshots show a simple interface with what appears to be an app for managing photos and videos.

But in reality, when users download the app, it turns into a pirate streaming platform, with content from Netflix, Disney+, Amazon Prime Video, HBO Max, and even Apple TV+.

Although this app has gone unnoticed all this time, it recently reached the top #2 of the most downloaded free apps in the App Store in Brazil.

Filipe Espósito:

Following the publication of our article, Apple removed the app. However, it seems that the developers have once again tricked the company into approving not just one, but multiple pirate streaming apps on the App Store.

Filipe Espósito (via Hacker News):

In our original report, we explained that these apps use geofence to prevent anyone at Apple from seeing what the app is actually capable of. But by analyzing the code of these apps, we now have a better idea of how this happens.

As we guessed, these apps share the same code base – even if they are distributed by different developer accounts. They’re built on React Native, a cross-platform framework based on JavaScript, and use Microsoft’s CodePush SDK which allows developers to update parts of the app without having to send a new build to the App Store.

[…]

After Apple approves the app with its basic functionalities, developers use CodePush to update it with anything they want. The app then reveals its true interface in “safe” locations.

John Gordon:

200+ apps per reviewer per 40h. So basically 5-10min apiece. Most of the 100K are crap or worse.

Dave B.:

Why does Apple allow those fake games on the App Store?

It’s infuriating and gives Apple a really bad look.

Previously:

Deluge of Fake Mac App Store Reviews

Jeff Johnson:

There are a bunch of fake Mac App Store reviews for the Safari extensions Wipr, Dark Reader, and Vinegar. They are #1, 3, and 5 top paid.

Vinegar, at least, is a legit good app.

Jeff Johnson (Mastodon):

I’ve now checked the reviews for all of the current top 40 paid apps in the Mac App Store, and 8 of those apps have a large number of fake reviews during the period of June 11 through July 19. What the 8 apps have in common, besides the top paid list and the fake reviews, is that they’re all relatively cheap, from $1.99 to $4.99 USD in price. Note that only buyers can leave App Store ratings and reviews for upfront paid apps, which makes this deluge of fake reviews especially odd.

[…]

The question is, why are we seeing all of these fake reviews around the same time across multiple top paid Mac App Store apps? I don’t have an answer to this question. My pet conspiracy theory is that all of the fake reviews were purchased by a single developer as a cover for their app. If a bunch of apps have fake reviews, then the fake reviews for the developer’s one app don’t stand out as much, and there’s plausible deniability. But that’s only my theory, with no proof. I could be wrong. One thing is clear, however: Apple has completely failed to prevent, detect, or remove this deluge of fake reviews in the Mac App Store. There has been no curation.

Jeff Johnson:

The fake Mac App Store reviews continue. From Monday, there are now a bunch of fake reviews on the #1 top paid app Magnet.

Ric Ford:

Apple has proven unable (or unwilling) to reliably police its own proprietary App Stores for bad/fake apps as well as fake reviews. Thankfully, a few people outside Apple are at least flagging the problems.

Previously:

Update (2024-08-13): Christina Warren:

Meanwhile, while Apple enshittifes macOS and tries to force everyone to use the absolute ghetto that is the piece of shit Mac App Store, they also approve fake apps. So miss me with this “annoying and bad notifications are b/c Apple cares about user safety.” No. You cannot have it both ways. You cannot claim the only way to release safe and reliable apps is through a terrible App Store and also approve predatory fake apps through said App Store.

Chris Coleman:

I helped a friend run a Facebook page that we had built up to about 12,000 people — until my friend downloaded a fake “Pages Manager” app for iOS that stole his entire Facebook account and became the owner of the page.

Jeff Johnson:

The App Store, everyone.

Apple Pressures ByteDance and Tencent Over IAP

Tim Hardwick:

Apple is putting pressure on Tencent and ByteDance to make significant changes to two of China’s most popular apps in order to remove loopholes that circumvent Apple’s typical 30% commission, Bloomberg reports.

The loopholes are linked to mini-apps that allow users of Tencent’s social-messaging app WeChat and ByteDance’s short-video app Douyin to play games, hail taxis, and make online purchases without leaving the app.

Apple reportedly told both companies they need to prevent mini-app creators from including links to outside payment systems that circumvent its commission system.

They also want to ban in-app chats because they would make it possible to send payment links.

Tim Sweeney:

Apple divides “Super Apps” into several categories that it restricts differently, to force each to stay in its lane and not expand into a source of real competition to Apple: games with user generated content; apps containing mini apps; stores (EU only); and web browsers.

Games with user generated content are taxed and limited by ambiguous rules that require user content to not add functionality not in the base game, a hopelessly vague notion that would prohibit Roblox, if fully enforced.

The Super App junk fee change isn’t written in the terms. It’s a reinterpretation of a long standing policy described in Bloomberg and dozens of other publications today. (See Kodak-Newcal on the risks of acknowledging a significant adverse change in terms.)

Previously:

Update (2024-08-15): Chance Miller:

Speaking to investors this week, Tencent’s Chief Strategy Officer James Mitchell said that the company is in talks to enable in-app purchase support, but there are questions about whether the two sides will come to terms:

“We want to make it available on terms that we think are economically sustainable, that are also fair. And so that’s a discussion that’s underway, and we hope that the discussion leads to a positive outcome,” Mitchell said. “But in the event that discussion doesn’t progress, then the current status quo continues.”

Today’s comments from Mitchell mark the first time that Tencent has acknowledged its talks with Apple.

I guess “current status quo” refers to the current version of the app, since Apple won’t let them update it.

Update (2024-09-09): Tim Hardwick:

Apple has approved an update to WeChat for the upcoming iPhone 16, signaling a potential thaw in relations between the tech giant and Tencent, the Chinese company behind the massively popular messaging app. The development, reported by Bloomberg, comes as Tencent and Apple continue negotiations over revenue-sharing agreements for WeChat’s mini-games ecosystem.

Allowing iOS PC Emulator Apps to Download Games

Apple:

Updated 4.7 to clarify that PC emulator apps can offer to download games.

They’ve also changed the notarization guidelines:

4.7 Mini apps, mini games, streaming games, chatbots, plug-ins, and game emulators Apps may offer certain software that is not embedded in the binary, specifically HTML5 mini apps and mini games, streaming games, chatbots, and plug-ins. Additionally, retro game console and PC emulator apps can offer to download games.

[…]

4.7.2 Your app may not extend or expose native platform APIs to the software without prior permission from Apple.

4.7.3 Your app may not share data or privacy permissions to any individual software offered in your app without explicit user consent in each instance.

This fixes the problem where apps in the App Store were allowed to do more than those outside of it.

Juli Clover:

The guideline previously said that console emulator apps could include the option to download games, but it did not explicitly cover PC emulators.

[…]

UTM SE was the first PC emulator app to be allowed on the App Store , but the guideline changes today will streamline the approval process for similar apps.

See also: App Store Review Guidelines History.

Paul Hudson:

New app review guidelines – does this mean I can finally (legally) get a good DOS game emulator for iPad? Give me Detroit, Space Crusade, Theme Hospital, Dungeon Keeper, and more 🤩

Steve Troughton-Smith:

App Store policy changes re PC emulators are baby steps; I don’t think I want to buy another iPad that doesn’t have a way to robustly virtualize a desktop operating system. If Apple’s too scared to put macOS on it, just give us the frameworks and let developers virtualize Windows and Linux.

Davide Di Stefano:

It’s really sad to think that the M1 chips has powerful emulation capabilities that can’t be even accessed from iPadOS 😓

I’m also out of this platform for this and other reasons (zero development capabilities, no multi-user support)

Previously:

Thursday, August 8, 2024

DMA Compliance: Initial Acquisition and Store Services Fees

Apple:

We’re introducing updated terms that will apply this fall for developers with apps in the European Union storefronts of the App Store that use the StoreKit External Purchase Link Entitlement.

[…]

Developers can communicate and promote offers for purchases available at a destination of their choice. The destination can be an alternative app marketplace, another app, or a website, and it can be accessed outside the app or via a web view that appears in the app.

[…]

Developers may design and execute within their apps the communication and promotion of offers. This includes providing information about prices of subscriptions or any other offer available both within or outside the app, and providing explanations or instructions about how to subscribe to offers outside the application.

[…]

Developers can use any number of URLs, without declaring them in the app’s Info.plist.

Links with parameters, redirects, and intermediate links to landing pages are permitted.

Apple:

If your app communicates and promotes offers for end users at a distribution channel of your choice, pay an initial acquisition fee [5%] and an ongoing store services fee [20%].

Juli Clover:

Developers do not have to opt in to the new terms with the Core Technology Fee to take advantage of these link entitlement changes, but must agree to the StoreKit External Purchase Link Entitlement Addendum, which is coming this fall. These terms require developers to use the StoreKit External Purchase APIs, report external purchase transactions, and pay fees and commissions.

[…]

There is one other notable change that Apple is making, and that's giving customers an option to turn off in-app disclosure sheets. By default, Apple will still warn users when they are clicking a link that takes them to non-Apple purchase methods and options, but customers can choose to turn off these warnings when an app links to an external channel. An app that links to an in-app web view will only need to display the disclosure sheet once per session.

Benjamin Mayo:

However, for instance, if the user downloaded the app on their iPhone, but then initiated the purchase later that by navigating to the service’s website independently on another device (including, say, a Windows PC or Android tablet), the Initial Acquisition Fee and the Store Services Fee would still apply. In that instance, Apple still wants its cut as it sees the download of the iOS app as the originating factor to the sales conversion.

[…]

This results in a complicated matrix of eligibility and fee costs, that developers will need to carefully evaluate.

[…]

Apple says the new structure results in lower fees for developers in both the alternative and existing terms for linking out, especially for existing users. This is because previously Apple charged upwards of 17% and the Core Technology Fee, for the privilege of linking out to an alternative payment method.

Benjamin Mayo:

Imagine you are Spotify. You list your app in the EU on the Apple App Store, and link out to your website for payment.

Assuming a new user downloads the iOS app first, you will now be subject to a >20% commission on any new purchases; that includes if the purchase is made later on the web on an Android tablet.

Steve Troughton-Smith:

Here we go again. Fees upon fees upon fees.

Dare Obasanjo:

The interesting dance around Apple’s DMA compliance is that it seems clear that the EU wants Apple to stop taxing developers for IAPs while Apple’s compliance is to just rebrand the fee and keep the tax.

Kyle Howells:

This is insane.

Apple’s new rules aren’t any better either and aren’t going to be allowed either.

They are just dragging this out as long as they possibly can.

Previously:

Update (2024-08-09): John Gruber (Mastodon):

What many people want is for Apple to just give in, concede, and allow iOS apps in the EU to just collect payments however they want, in-app or through links to the web, freely. Where by freely I mean free-of-charge freely. No CTF for downloads, no tracking of purchases made after users tap a link in the app to the web. What Apple wants is to continue making bank from every purchase on digital goods from an iOS app. We’re left with a mess where no one is happy with the result.

M.G. Siegler:

Wait a minute. What’s that? At the bottom. The last bullet point: “Updated business terms for apps with the External Purchase Link Entitlement are being introduced to align with the changes to these capabilities.” What could that mean? Humorously and fittingly, there’s no link. And the link below to “learn more” about all these changes is broken.

Yep, I had to guess at the link I quoted above.

Apple, of course, will note that they’re okay with the changes they’re offering but have the right to be compensated for their IP and infrastructure usage. And that will be hard to argue with, legally, if nothing else. But you can’t help but feel that this is getting so impenetrable that it’s almost like Apple is doing it this way on purpose.

Nick Heer:

I am not sure what business standards apply here and whether it is completely outlandish, but it sure feels that way. The App Store certainly helps with app discovery to some degree, and Apple does provide a lot of services whether developers want them or not. Yet this basically ties part of a developer’s entire revenue stream to Apple; the part is unknown but will be determined based on whichever customers used the iPhone version of an app first.

[…]

None of these changes applies to external purchases in the U.S., for example. But what I wrote at the time applies here just the same: it is championing this bureaucracy because it believes it is entitled to a significant finder’s fee, regardless of its actual contribution to a customer’s purchase.

Matt Birchler:

Two, sometimes I propose some new feature I want Apple to implement, and there’s a weird vibe from some people who seem to think I expect Apple to implement that feature badly. Of course I would want them to do it well…that’s like the entire reason we use Apple’s stuff, right? Well, this DMA behavior is exactly what those people are thinking about: Apple is implementing features as poorly as they can so that people hate them.

[…]

Anyway, this is all really annoying and I wish they would treat these required changes the way they’ve treated things like adopting USB-C or RCS where they do them well and lean into how they make their users’ lives better. This whole affair looks so petty.

Juli Clover:

Spotify likewise didn’t have anything nice to say about the updated link rules. In a statement to TechCrunch, Spotify said the revisions are “deliberately confusing,” but “at first glance,” Apple is continuing to “blatantly disregard” the requirements of the DMA.

Jeff Johnson:

Developer tools are not charity. Apple platforms would never have achieved their current success without 3rd party software.

[…]

Apple monetized its IP to the tune of $60 billion in hardware sales last quarter.

[…]

Rogue Amoeba’s Airfoil sold countless Airport Express units for Apple. Did we get a cut of that? Hell no. Of course not. And that’s fine. Apple sold its hardware, and Rogue Amoeba sold its software for Apple’s hardware.

That was the mutually beneficial relationship between Apple and developers since 1977. But it all changed in 2008, when Apple greedily decided that it wanted to double dip: increased 1st party hardware sales from 3rd party software and ALSO a cut of that software revenue.

The Animal and the Machine:

I’ve started a hammer business. I’ve sold the hammers but I expect to be very rich now as I’ve deployed the Apple business model where I collect a third of the revenue from every builder and crafter.

We are so lucky that the Web was invented before the App Store.

Update (2024-08-13): Chance Miller:

It’ll be interesting to see how the European Commission responds to Apple’s latest changes in the EU, given that Google and Apple’s terms are more similar than ever before.

Steve Troughton-Smith:

It’s almost like the two duopolists are colluding on pricing.

Update (2024-08-14): Emma Roth:

But using the feature comes with fees so steep that it’s hard to imagine any developer using it.

[…]

Apple’s latest changes offer some improvements, but they come with the same caveats that make it more difficult for developers to do business.

Update (2024-08-15): Joe Rosensteel:

The part I’ll never understand is the assumption that the App Store is the reason a developer, or corporation, was able to acquire a sale. The days of people browsing the App Store are long gone. People hear about, or encounter ads for, apps and services in the real world or online and then have to download the app. The App Store serves as a hosting venue for static code. It’s Tucows. It’s not doing anything.

Sequoia Screen Recording Prompts and the Persistent Content Capture Entitlement

Matthias Gansrigler (Mastodon):

As a macOS engineer, what do you do when you’re told by Apple’s security team you have to turn it even more into Windows Vista and place even more useless alibi-security permission dialogs somewhere, but you’ve run out of new places to put them in?

Well, you get creative, and show multiple permission dialogs for the same permission.

Can’t innovate anymore, my ass!

Chance Miller (Mastodon):

With macOS Sequoia this fall, using apps that need access to screen recording permissions will become a little bit more tedious. Apple is rolling out a change that will require you to give explicit permission on a weekly basis to these types of apps, and every time you reboot your Mac.

[…]

While many speculated this could be a bug, that’s not the case.

William Gallagher:

There are accessibility apps that use screen recording, for instance. Keyboard Maestro can use it to look for specific buttons being shown on a screen, and even the Bartender app uses it as part of controlling menubar apps.

[…]

In each case, before the recording can be started, a prompt appears saying that a specified app “can access this computer’s screen and audio.” Curiously, it does not as yet offer the option to say that you don’t want this.

[…]

There does appear to be a bug in that sometimes there is a significant delay before the Continue to Allow button responds to clicks. It’s also inconsistent in how sometimes clicking that does allow the screen recording, but the screen recording shows that prompt.

Craig Hockenberry:

I’ve always been proud that xScope is a tool that sits quietly in the background, ready when you need it.

So much for the “quietly” part…

Riley Testut:

As someone who reboots my iMac every morning, looking forward to daily permission alerts 🙃

Miguel Arroz:

I’ve caught suspicious things thanks to macOS security warnings like games wanting global keystrokes (nothing evil going on, just shitty open source multi-platform libs).

But this seems excessive. Why not asking if I want the app to have this ability during the next 24 hours, or forever? Either it’s a one off, or if it’s not, I don’t want to have to answer every week.

Jon Gotow:

And if an app isn’t using Sequoia’s new “screen recording picker”, you’ll see this very technically worded warning. I’m not sure how your average Mac user will respond to this.

[…]

Of course, the reason I’m grousing about this is because Default Folder X is affected. In some situations, DFX captures an image of an Open or Save dialog and displays it on top the real file dialog as a “curtain” to hide what its doing while it manipulates the dialog. It doesn’t store or transmit the images – it just takes a screenshot of the file dialog, pops it up on the screen to obscure the dialog while it twiddles a menu, then throws away the screenshot.

Now Sequoia is throwing up scary weekly reminders about it recording “personal or sensitive information”. Sigh. Assuming that this new Sequoia “feature” is here to stay, I feel the only workable solution is to remove the screen captured façade and just put up a blank window to hide what Default Folder X is doing. This is … ugly.

Kyle Howells:

The privacy teams in Apple have way too much power.

Someone high up enough in Apple needs to start telling them NO.

My number 1 feature request for iOS and macOS is a big switch to turn ALL these “are you sure you want X to still have permission to do Y” off forever!

Every time one of those puts up it both: interrupts me; and presents an opportunity to break things!

Erik Schwiebert:

Yes, really, this Mac is under our full control (in fact, it gets paved and re-built multiple times a day) in a secure lab. WTH is it prompting for permissions all the time? There isn't even a TCC entry to suppress the alerts when you are full admin. Sigh.

Tuomas Hämäläinen:

I share my screen on Teams all the time, and I think drawing/design apps that want to sample colours outside of their windows with the eyedropper tool also need to use this API, so looks like I’m gonna be seeing this a lot…

Apple have made Mac OS into exactly the thing they made fun of Windows Vista for. After some time, no one is going to be reading these dialogues anyway, people will blindly click on “allow”, effectively working against the intent of better security.

Luc Vandal:

macOS: Gradually making your Mac more annoying each year because “security”.

Jason Snell:

It’s part of a general trend for Apple to continue placing barriers in the way of users who are trying to use software on the Mac.

[…]

For the past decade, Apple has been trying to tighten the screws on the Mac in order to bring it closer to the level of security offered on iOS. And on iOS, it’s also restricted software features, including a (supremely annoying) feature that repeatedly asks you if you want to continue allowing apps to track your location.

[…]

But what Apple’s testing in the latest macOS Sequoia betas is brutal because there’s no end to it. It’s a subscription you didn’t buy and can’t cancel.

[…]

Asking for permission a second time is not unreasonable for the reasons I mentioned above. But at some point the user must be in charge. […] Some users will make bad decisions. That’s just reality. The wrong reaction is to take the decision out of every user’s hands to protect the ones who might do something stupid.

[…]

Apple’s recent feature changes suggest a value system that’s wildly out of balance, preferring to warn (and control) users no matter how damaging it is to the overall user experience.

Steve Streza:

The Vista-ification of macOS is so incredibly sad to watch. It is going to grow harder and harder to convince people not to shut off security features because of how annoying they're getting. Apple is becoming the thing they mocked (and sold a lot of Macs on the back of mocking).

Sami Samhuri:

Can the macOS team please stop? This is worse than UAC.

Matthew Cassinelli:

Worst decision Apple has made in years.

John Brayton:

The excessive permission checking is probably the most frustrating aspect of using a Mac.

Martin Pilkington:

After winning an Oscar and an Emmy, Apple is moving onto the next step in getting an EGOT by going for the Tony Award in Security Theatre 🙄

Mike Rockwell:

I’ve been toying with Linux again on my 11-inch MacBook Air and I absolutely love how much control you have over the system. Maybe DHH is onto something with his switch away from macOS.

Jason Snell:

And you know what they’ll say if Apple just declares this a “beta bug” and addresses it before launch: “What were you guys all complaining about?”

But we know that if we don’t complain, this all just slides through and we’re stuck with it.

Nick Heer:

But relentless user confirmation is not a good answer for privacy, security, or competition. It merely kicks the can down the road, and suggests users cannot be trusted, yet must bear all the responsibility for their choices.

Matthias Gansrigler (Mastodon):

In macOS, when you want to, for example, create a screenshot app and want it to be able to actually take screenshots, you’ll have to get permission from the user for it. With the upcoming macOS 15 Sequoia, that is going to be upped to two dialogs. One: the initial permission request, and two: a weekly reminder, asking if you want to continue to allow this app to capture your screen.

[…]

I feel like apps on the Mac App Store should get some perks for being reviewed and vetted by Apple’s App Review.

[…]

A developer of a screenshot app that has successfully gone through App Review to be published on the Mac App Store should be able to request a default screen capture entitlement for it, which lets macOS know that no permission dialogs need to be presented, or asked for weekly, at all. It can just take screenshots right after download, because, you know, it’s a screenshot app, and that’s what the user downloaded it for.

And similarly for core permissions for other app types.

Guy English:

If adopting new APIs is what developers need to do in order to avoid these user hostile dialogs is what is needed then Apple should provide sample code showing how to move from the old to the new. If the App is on the Mac AppStore they could and should reach out to apps with that entitlement and point the developers in the right direction. For extra points allot Apple dev rel folks to do the conversion for them if needed. This helps the user.

Daniel Jalkut:

I think the problem is there is no new API to avoid the hostile dialogs. They occur with the newest APIs.

Craig Hockenberry:

You’d think that Apple would have figured out that letting developers know about Security changes ahead of time would be a good idea.

Craig Hockenberry:

A friend pointed me to this [Persistent Content Capture entitlement] the other day and it feels like a solution to the (justified) uproar over the screen sharing nag.

The issue here is that Apple has provided no documentation or any other guidance on how to get this entitlement and prevent an app from becoming nagware.

Isaiah Carew:

we’ve clearly hit an inflection point. the kickback from the macOS screen recording warning has been huge.

for years apple has slowly improved security, but at extreme detriment to usability, functionality, and developer pain.

i think this either means apple listens and changes course here right now or the groundswell will continue and accelerate.

i have trouble being optimistic in these cases, but they did eventually listen about the shitty keyboard. so hope is not entirely lost.

Jason Snell:

Here’s the thing. Apple should be making it harder for apps to do stuff without users understanding what they’re approving. But with great power comes responsibility. If you’re going to make these changes, you have to make the effort to mitigate the UX disaster. If you introduce new, better APIs, you need to evangelize them to developers and document them properly.

Too often for the last few years Apple does step one and then fails to do steps two and three. Step one is not the sin.

John Gruber (Mastodon, 2):

I think it shows just how much care and thoughtfulness went into turning up the dial on these nags that the button label incorrectly capitalizes the “to” in “Continue To Allow”. You can say, well, that’s a little thing. But that’s exactly the sort of little thing that almost never shipped from Apple, even in beta, until the last few years.

Having to click through these confirmation nags every week, for every such utility you use, is not a little thing at all. It’s the sort of thing companies do when decisions like this are made by people looking to cover their asses, not make insanely great products.

Craig Hockenberry:

The biggest win for the user experience would be to reorganize System Settings around the apps, and not the categories.

I want to see all the things that Google Chrome can access, not dig into Extensions, Privacy, Location, et. al. (and don’t get me started on search capabilities).

Harder than it is on iOS because there are more things to allow/deny, but it’s the way folks expect it to be.

Anything short of that is just a bandaid.

Jeff Johnson:

That info should be in the Finder Get Info window and/or preview pane. Also when you press and hold an app icon on the iOS home screen.

Juli Clover:

Apple’s User Privacy Engineering Manager Katie Skinner and Privacy Product Marketing Lead Sandy Parakilas recently sat down with YouTuber Andru Edwards for a wide-ranging discussion on Apple’s privacy policies.

Previously:

Update (2024-08-13): Craig Hockenberry:

The thing that really gets me about this screen capture situation in the next version of macOS is that it lays bare the hubris of security folks.

I bet they rarely take screenshots - all their work is low-level internal mechanisms. What good is an image of a SHA hash going to do them?

Meanwhile there are hundreds of thousands of developers working with designers, clients, managers, and other folks who want to see the current state of their work.

We take a shit-ton of screenshots.

Hagen Terschüren:

also … who is surprised when they use a shortcut they specifically programmed to be the shortcut to take a screenshot in a specific app that it then lets this specific app take a screenshot?

i would understand this for background screen recording. but yes, i actually do know what action i want to happen after purposefully pressed three keys at the same time.

Craig Hockenberry:

In fact, folks have noticed that CI workflows that build projects and take screenshots from the command line are also affected.

The only exception is Apple Remote Desktop (VNC) because it has some very specific private entitlements.

Gus Mueller:

Acorn “records the screen” to sample pixels in other apps when you use the color loupe. This is great if you see a color in a Safari window that you’d like to grab, even if you do have to deal with a scary warning (once) from MacOS. At least it was only once, until now.

[…]

This is sad, but not unsurprising given the trajectory of things lately. And if you look closely, you can still see bits of [the canary’s] yellow feather intermixed with the rest of the decomposing body.

John C. Welch:

Let’s assume we only have to give permission once. After that, an app wants to take screenshots, how does the user know when that happens, how often, and what is being done with those screenshots?

[…]

So how do you manage this? Because with a one time forever auth, and a bit of care, I can build an app that seems legit, but meanwhile happily takes screenshots of your Mac, then uploads them to wherever and you’d most likely never know.

So how do you prevent that for a non-technical user in a way that doesn’t make them have to be a sysadmin?

This is a good question. It’s not crazy that Apple wanted to do something in Sequoia, but it’s not clear to me that the solution they went with even helps at all.

Nick Heer:

In response to Apple’s increasingly distrustful permissions prompts, it is worth thinking about what benefits this could provide. For example, apps can start out trustworthy and later become malicious through updates or ownership changes, and users should be reminded of the permissions they have afforded it. There is a recent example of this in Bartender. But I am not sure any of this is helped by yet another alert.

[…]

I do not think this new prompt succeeds in helping users make an informed decision. There is no information in the dialog’s text informing you who the developer is, and if it has changed. It does not appear the text of the dialog can be customized for the developer to provide a reason. If this is thrown by an always-running app like Bartender, a user will either become panicked or begin passively accepting this annoyance.

The latter is now the default response state to a wide variety of alerts and cautions. Car alarms are ineffective. Hospitals and other medical facilities are filled with so many beeps staff become “desensitized”.

[…]

Even if you believe dialog boxes are a helpful intervention, Apple’s own sea of prompts do not fulfill the Jobs criteria: they most often do not tell users specifically how their data will be used, and they either do not ask users every time or they cannot be turned off. They are just an occasional interruption to which you must either agree or find some part of an application is unusable.

Christina Warren:

17 years ago, Apple rightfully skewered Vista for this same sort of behavior. I actually think the Sequoia stuff is worse.

Previously:

Update (2024-08-14): Chance Miller (MacRumors):

In macOS Sequoia beta 6, however, Apple has adjusted this policy and will now prompt users on a monthly basis instead. macOS Sequoia will also no longer prompt you to approve screen recording permissions every time you reboot your Mac.

[…]

A permission request on a monthly basis is certainly better than one on a weekly basis, but I still think there needs to be a way to permanently grant an app screen recording permissions.

Additionally, Apple’s lack of communication with developers about this change has only made things more confusing and frustrating. Likewise, I’ve reached out to Apple multiple times for clarification and have not received a response.

Federico Viticci:

I wanted to share something funny about Apple’s nonsensical permissions for macOS Sequoia, but then I realized that at least Mac users do have those options, so I grabbed my iPad and cried in a corner instead 🥲

Update (2024-08-19): John Gruber (Mastodon):

I continue to think part of the problem is thinking too small, and requiring what’s effectively whack-a-mole with multiple recurring permission prompts. Playing that game of whack-a-mole monthly instead of weekly is absolutely an improvement. But I still think there ought to be a way to grant a properly notarized app permanent permission.

Adam Engst:

Reducing the frequency of these repeated permissions prompts is a step in the right direction, but it is still a mistake. A monthly schedule is less annoying than weekly prompts, but it’s more irritating than what we’re currently accustomed to, with no indication from Apple of why the purported additional security is necessary.

[…]

Also, while specificity in interface language has its place, even I don’t know what “requesting to bypass the system window picker” means, so I can’t imagine that a user less involved in the technical details of macOS would have any clue. Allowing obscure technical language to creep into a user interface is problematic on its own; putting it in a dialog meant to inform ordinary users about a potential security concern exacerbates the feelings of ignorance many people already have. Nobody who would have approved usage the first time would find themselves denying it on a subsequent occasion because of this new language. It’s far more likely that people will tune out the dialog gobbledygook and reduce their overall system vigilance.

Update (2024-08-21): Apple has updated the documentation for the Persistent Content Capture entitlement, clarifying that it’s intended for Virtual Network Computing (VNC) apps and offering a form for developers to request the entitlement (via Luc Vandal).

Update (2024-08-22): Dr. Drang:

The writing of the permissions prompt is as bad as its frequency[…]

[…]

In the original Macintosh OS, warnings were conveyed to the user through a specific type of dialog box called an alert. Here’s an excerpt from Inside Macintosh (p. 401) introducing alerts[…] The last paragraph of this excerpt spells out how alerts could change with each occurrence and gives an example of how Apple expected this mechanism to be used.

Update (2024-09-09): Craig Hockenberry:

Here’s why the Sequoia screen capture stuff is such a worry:

I just got a permission prompt when launching xScope to debug a problem, I had to delete the previous permission to get it to take, authenticate using Touch ID, then quit and relaunch the app manually because it didn’t restart. Then I checked that the Loupe is working.

Now I can’t remember what I was going to debug in the first place.

Update (2024-09-12): Nick Heer:

Here is an excerpt from the release notes for the MacOS 15.0 developer beta[…] It turns out the “and” in that last sentence is absolutely critical. In last year’s beta releases of MacOS 14, Apple began advising developers it would be deprecating CoreGraphics screenshot APIs, and that applications should migrate to ScreenCaptureKit. However, this warning was removed by the time MacOS 14.0 shipped to users, only for it to reappear in the beta versions of 14.4 released to developers earlier this year. Apple’s message was to get on board — and fast — with ScreenCaptureKit.

ScreenCaptureKit was only the first part of this migration for developers. The second part — returning to the all-important “and” from the 15.0 release notes — is SCContentSharingPicker. That is the selection window you may have seen if you have recently tried screen sharing with, say, FaceTime. It has two agreeable benefits: first, it is not yet another permissions dialog; second, it allows the user to know every time the screen is being recorded because they are actively granting access through a trusted system process.

[…]

I think it is possible MacOS 15.0 ships without this dialog. In part, that is because its text — “requesting to bypass the system window picker” — is technical and abstruse, written with seemingly little care for average user comprehension. I also think that could be true because it is what happened last year with MacOS 14.0. That is not to say it will be gone for good; Apple’s intention is very clear to me. But hopefully there will be some new APIs or entitlement granted to legitimately useful utility apps built around latent access to seeing the whole screen when a user commands. At the very least, users should be able to grant access indefinitely.

Update (2024-09-18): Nick Heer:

It turns out this prompt, awkward language and all, made it into the public release.

[…]

In the latest beta release of MacOS 15.1, Apple added a new device management key, forceBypassScreenCaptureAlert, to override the monthly permissions request. […] However, my understanding is this cannot be used by more general users; it is only for managed devices.

Previously:

Update (2024-09-23): Miles Wolbe (via Hacker News):

Jeff Johnson credits Ricci Adams with discovering that ~/Library/Group Containers/group.com.apple.replayd/ScreenCaptureApprovals.plist stores screen capture approval dates. He reports that the file is protected by TCC and suggests granting Full Disk Access to Terminal, using defaults to read and modify the file, then logging off and on to permanently disable the prompt.

See also: Matthias Gansrigler.

Update (2024-09-25): Johan Steen:

Using the color picker to pick a color from my own document. ? Allow For One Month ? WTF, am I going to be nagged about this, once per month, per app, from now on? I've managed just fine without this baby sitting.

Matt Birchler:

“It’s one pop-up a month, that’s not so bad,” the apologists will say, but dear reader, this is 16 pop-ups at random intervals throughout the month, typically interrupting me in the middle of me trying to actually use these apps for my work. That’s damn near one alert every weekday of the month and I gotta tell you, I hated it during the beta.

Adam Engst:

These prompts are examples of poor user interface design in multiple ways[…] They’re also problematic from a security standpoint for three reasons[…]

Juli Clover (9to5Mac):

If you’re someone who prefers not to get these reminders for screen recording apps at all, you can use the Amnesia app for the Mac to get rid of them. The app basically changes the .plist file for the screen capture app access feature, and it’s a pay what you want situation.

Update (2024-10-08): Juli Clover:

In the release notes for the sixth beta of the macOS Sequoia 15.1 update, Apple says that users aren’t going to see as many popups for apps they regularly use.

[…]

There is no option to remove the popup permanently, but macOS Sequoia 15.1 may make the frequency of the popup more bearable for those who use screen recording apps on a daily basis.

Apple says the apps are using “using our deprecated content capture technologies” even though they don’t have modern replacements for many of the use cases.

macOS 14.6.1

Juli Clover (release notes, no security, no developer, no enterprise, full installer, IPSW):

macOS Sonoma 14.6.1 fixes an issue that prevented the enabling or disabling of Advanced Data Protection. Apple says there are also other “important bug fixes.”

See also: Mr. Macintosh and Howard Oakley.

Pierre Igot:

Updated my Mac from macOS 14.5 to macOS 14.6.1:

1) At login screen, first login with user causes black screen, then abrupt return to login screen. (It’s been the same after every update lately.) Next login works.

2) Elgato Stream Deck stays black. Unplugging and plugging device again just brings back “screensaver”. Device not seen by app. Only ANOTHER reboot of the all Mac brings things back to normal.

3) ForkLift asks for password for remote server again.

Previously:

Update (2024-08-13): Pierre Igot:

For the record, the macOS 14.6 update does NOT fix the hardware acceleration / graphics corruption bug that has been ruining my computing life for the last year or so.

My only remaining hope now is that Apple’s engineers might unknowingly fix the bug during whatever rewrite of whatever they might do in the next major macOS upgrade, i.e. in Sequoia.

Update (2024-08-14): Howard Oakley:

Sonoma reached version 14.6 without an excessive number of patch updates. The number of patch versions released between the x.0 and x.6 scheduled versions ranges from 4 (Monterey) to 6 (Bug Sur, Ventura), with Sonoma taking just 5, although 14.6 has been closely followed by 14.6.1 in what appears to be a bug fix rather than the first security update.

What has been surprising is that Apple has released no RSRs for Sonoma, not one. The last RSR was the second released for 13.4.1 more than a year ago, on 12 July 2023.

Update (2024-08-17): Pat Castaldo:

Some might say you should get to know at least a hint of what’s changing with an OS update, not this company.

Previously:

macOS 13.6.9

Apple (full installer):

This update addresses an issue that prevents enabling or disabling Advanced Data Protection.

Previously:

iOS 17.6.1 and iPadOS 17.6.1

Juli Clover:

According to Apple’s release notes, the iOS 17.6.1 update addresses an issue that could prevent the enabling or disabling of Advanced Data Protection.

[…]

Those who tried to turn Advanced Data Protection on and weren’t able to get it enabled saw an error message and it was clear it wasn’t active. Affected users who tried to turn it off saw it disabled in the interface, though it was actually still active for iCloud data.

Previously:

Update (2024-08-20): Juli Clover:

Apple today released an updated version of iOS 17.6.1, with the new software coming a week and a half after the launch of the original iOS 17.6.1 update. The new version has a build number of 21G101, up from 21G93.

[…]

It fixes an issue that could prevent access to Apple Fitness+.

Why not just call it 17.6.2?

Wednesday, August 7, 2024

Safari Distraction Control

Ivan Mehta (Hacker News):

Safari’s newest feature, Distraction Control, can remove distracting elements from a website. The feature follows Arc Browser’s addition of Boosts last year, which similarly lets users remove features from a site and further customize its appearance.

Apple is rolling out the early version of the feature this week through new developer betas of iOS 18, iPadOS 18 and macOS Sequoia.

Users can access the Distraction Control tool from the Page Menu in the Smart Search field. They then select the item on the website they want to remove. Safari will remember to remove the elements the next time they visit the site. The choice doesn’t currently sync across hardware, however, so users will have to hide the elements on each new device.

Chance Miller (Slashdot):

Apple also emphasizes that this feature is not meant to serve as an ad blocker. While a user can technically use Distraction Control to hide an ad on a website temporarily, that ad will re-appear when the page is refreshed or otherwise reloaded. In fact, the first time a user activates Distraction Control, Safari will display a pop-up that emphasizes the feature will not permanently remove ads or other areas of a website that frequently change.

If a user chooses to hide something like a GDPR banner or a cookies request pop-up, Distraction Control behaves in the same way as if the user manually clicked to dismiss that pop-up. This means Distraction Control will serve as neither an “Accept” nor “Decline” for that cookies request.

Jeff Johnson:

I discovered that if you hide distracting items in a private window, your settings will be preserved in memory after closing the private window and applied to other private windows, but your settings won’t be applied to non-private windows or saved to disk.

However, if you hide distracting items in a non-private window, your settings will be saved to disk and also applied to private windows.

Your hidden item settings are stored on disk in ~/Library/Safari/UserDefinedContentBlockers.db on macOS. This is an SQLite database.

[…]

It appears to be using the Safari content blockers API. The db saves a website domain, a CSS selector, and a binary plist containing various other data[…]

Previously:

Update (2024-08-08): Marko Zivkovic:

Web Eraser was Apple’s built-in content-blocker, found in pre-release development builds of Safari 18. In speaking with people familiar with the matter, we learned that Web Eraser allowed users to select any page element on-screen, and “erase” it.

[…]

We were told that Web Eraser enabled the removal of virtually anything on-screen, from distracting banner ads to articles or even entire page sections.

So, why did Apple remove a Safari feature that was fully functional?

[…]

After AppleInsider’s original article on the subject was published, it caught the attention of major industry associations in the publishing and advertising sector. Following our reveal of the feature, mainstream media websites The Financial Times and Business Insider reported that the UK’s News Media Association and a group of French publishers had both sent complaints to Apple about Web Eraser in May.

Update (2024-09-20): John Voorhees:

My concerns about Distraction Control are twofold. First, static ads – like the kind of ads we display on MacStories – are often chosen because they are less disruptive than dynamic ads. Effectively, Apple is penalizing sites that use less distracting ads by making them easier to block long-term than the dynamic variety.

[…]

Second, Distraction Control is not very precise. If you try to hide the banner ad at the top of MacStories, it will wipe out the masthead and site navigation along with the banner. That’s a potential support nightmare we (and I suspect other sites) will have to deal with.

Inside Apple Arcade

Neil Long:

  • Some studios now wait up to six months to get paid, which almost put one indie dev out of business
  • The Apple Arcade team do not respond to routine emails for weeks or even months, if they respond at all
  • One developer who had semi-regular meetings with the tech giant said that “half the Apple team won’t turn up and when they do they have no idea what’s going on and can’t answer our questions”
  • Apple’s tech support was also described as “miserable” and “the worst I have seen anywhere”
  • Vision Pro struggles to run “complex games” and developing for it is “like going back in time 10 years” due to the lack of tech support
  • Apple engineers are “unable to offer any insights” into how Vision Pro’s hardware or software works, or “how essential middleware is meant to work with it”
  • Discoverability on Arcade is so poor that one person said it was like their game “was in a morgue”

Amber Neely:

One particularly frustrated developer spoke out against Apple Arcade, saying, “It’s like an abusive relationship where the abused stays in the relationship hoping the other partner will change and become the person you know they could be.”

In April, Apple executive Alex Rofman said Apple Arcade was not set up to make the company money, but also insisted that game developers were getting fairly compensated.

Hartley Charlton:

Developers also pointed out issues with quality assurance and updates, claiming that a prolonged discussion with Apple over a single update cost their team two months of work. “Submitting updates is so painful our developers started trying to avoid it,” they said.

Steve Troughton-Smith:

Absolutely brutal. This is a microcosm of Apple’s developer relations in the modern era.

Jesper:

Apple does not get games. Apple does not respect developers. Apple ships a dictionary defining the word “symbiosis”, but chances are the many Apple employees who understand it are not in a position to effect it.

[…]

These reports are particularly interesting, since the perennial defense of app store-encumbered platforms are to refer to them as game consoles but for apps. Apple Arcade games are headliners flying closer to the Apple brand than other games; they should be getting ultra deluxe treatment compared to App Store apps, and yet it doesn’t measure up to the levels delivered by game consoles or independent storefronts like Steam.

John Voorhees:

It’s important to take the complaints of unnamed sources with a grain of salt. However, it’s impossible to look at what’s going on with Arcade and App Store gaming in general – which Brendon and I discussed on NPC: Next Portable Console this week – and not conclude that Apple needs to shake up its approach to videogames.

Federico Viticci:

I never thought I’d say that Netflix understands videogames more than Apple ever did, yet here we are.

Previously:

Update (2024-08-13): See also: Hacker News.

Twitter for Mac Dead Again

Zac Hall:

As noted by Vedant, the official Twitter for Mac app is currently missing from the Mac App Store. While it hasn’t been confirmed, the most obvious guess is that X, formerly Twitter, finally got around to delisting the abandoned software.

Twitter for Mac has been abandoned and rebuilt over the years long before Elon Musk acquired the platform now branded as X.

[…]

X for iPad is now available to run on the Mac. No timeline streaming, of course.

I never liked the Catalyst version of the Twitter app, nor the inability to turn off Universal Links, so I’ve been reading via the Web since Twitter broke Nitter. The main problem with the Web is that it doesn’t remember my position in the timeline. I’m pretty much forced to read reverse-chronologically and keep track of when to stop. The other issue is that, if I get several days behind, Safari can’t handle it. It will either stop loading older tweets or stop allowing text to be selected or stop loading any pages at all (even in other tabs). Google Chrome is much smoother and more reliable.

M.G. Siegler:

I’m both surprise and not at all surprised that nearly two years after Elon Musk took over Twitter, the native Mac client was still there seemingly forgotten about. And I do mean that literally. Not just neglected – as it had long been – but actually perhaps totally forgotten about. Thankfully, whatever API it was using continued to work even as the new Xitter ripped those away from other services. And actually, it continues to work even now, if you installed it previously.

Ricky Mondello:

In my very personal opinion, Twitter for Mac was a triumph. A group of Twitter employees leveraged Mac Catalyst to build an app that management at most companies wouldn’t have cared to build. And they did it by just doing it. They made it happen by making it cheap. And it wasn’t at all bad! Feature-rich, smooth scrolling, and definitely better than the website. I’ll miss ya, buddy.

Ryan Jones:

Don’t lie, why did you think I got suspended?

(Twitter botched their iPad app on Mac rollout is the real answer. 👏)

Christina Warren:

Trying to signal boost: @rmondello is still suspended because of problems associated with the shutdown of the old Twitter for Mac client and the failed iPad X client launch on macOS (@rjonesy and others were caught up but unsuspended)

Ricky Mondello:

Although lots of people have been unsuspended from Twitter, I have not been.

Previously:

Update (2024-08-09): Ricky Mondello:

I got unsuspended from Twitter.

Update (2024-08-19): Peter Steinberger:

The “new” X iPad-emulation app is crap. Doesn’t even have ⌘-N mappings for new tweet.

Discontinuing Spotify’s Car Thing

Chris Welch (via John Gruber):

Spotify’s brief attempt at being a hardware company wasn’t all that successful: the company stopped producing its Car Thing dashboard accessory less than a year after it went on sale to the public. And now, two years later, the device is about to be rendered completely inoperable. Customers who bought the Car Thing are receiving emails warning that it will stop working altogether as of December 9th.

Scharon Harding (via Hacker News):

Spotify will refund owners of Car Thing, its Spotify-playing device that mounts to car dashboards, Ars Technica confirmed today.

[…]

As reported by Billboard, on May 28, three people filed a lawsuit [PDF] that seeks class-action certification (and cites Ars) against Spotify. It claims that people “would not have purchased a Car Thing if they knew that Spotify would stop supporting the product within just a few months or years of purchase.” It also states that “Spotify has stated that it will not refund, or replace, the Car Thing.”

Timothy Geigner:

First, the company could have updated the devices it didn’t want to support any longer to open them up to third-party firmware so that these paid-for pieces of hardware had some sort of use other than taking up room at your local landfill, but Spotify is apparently unwilling to do so.

[…]

In fact, the company told tech publications days ago that the whole point of the Car Thing was to serve as market research for the company as to how people listen to content in their cars. In other words, those who bought the devices were paying for the pleasure of serving as Spotify’s lab rats, which is a horrible look for the company when it decided refunds wouldn’t be a thing.

Tuesday, August 6, 2024

Google Search and Ads Monopoly

Lauren Feiner (Hacker News):

A federal judge ruled that Google violated US antitrust law by maintaining a monopoly in the search and advertising markets.

“After having carefully considered and weighed the witness testimony and evidence, the court reaches the following conclusion: Google is a monopolist, and it has acted as one to maintain its monopoly,” according to the court’s ruling, which you can read in full at the bottom of this story. “It has violated Section 2 of the Sherman Act.”

Judge Amit Mehta’s decision represents a major victory for the Department of Justice, which accused Google of illegally monopolizing the online search market.

[…]

Mehta rejected Google’s arguments that its contracts with phone and browser makers like Apple were not exclusionary and therefore shouldn’t qualify it for liability under the Sherman Act. “The prospect of losing tens of billions in guaranteed revenue from Google — which presently come at little to no cost to Apple — disincentivizes Apple from launching its own search engine when it otherwise has built the capacity to do so,” he wrote.

Juli Clover:

Google has a search market share of around 95 percent on smartphones, in part due to the money that it pays.

In 2022, Google paid Apple $20 billion, an amount that incentivizes Apple to stick with the status quo.

Apple doesn’t let users configure custom search engines in Safari.

hugh_kagi:

We face a number of challenges simply letting our paying customers change their search engine:

  1. On iOS the list of allowed search engines is simply baked into OS, we have a fiddly extension that hooks outbound calls to /search and redirects them but I wish we didn’t need to.
  2. On Chrome, we use an extension to change the default search engine and enable search auto-complete etc, but Google has a policy that such an extension can do one thing and one thing only, and recently removed our extension on account of that. We rebuilt it to meet their needs but had a lot of back-and-forth because we included ‘search by image’ on a context menu item and the first reviewer felt that was a bridge too far. You’ll note that Chrome provides such a context menu item for Google Image search out of the box.
  3. On Chrome for Linux, the default search engine API is not available, so Linux users have to configure it manually through a series of silly steps. This is at least in keeping with most Linux experiences.

There are other issues, but I say all this to highlight how surprisingly difficult it is to change this setting in a practical, consumer friendly way. It is most certainly this difficult by design, that’s a lot of revenue to protect.

Casey Newton:

In a 277-page ruling, Judge Amit P. Mehta found that the massive payments that Google makes to Apple, Mozilla, and other companies to be the default search engine on their devices and browsers represents an unfair restriction on competition.

[…]

In his ruling, Mehta found that Google has an 89.2 percent share of search generally, and 94.9 percent of search overall. Google has used its monopoly to charge advertisers higher prices than they would in a more competitive market, he wrote.

[…]

The case now moves to a new phase, where Mehta will hear arguments about what remedy should be implemented to address the monopoly. But no major changes to the web are imminent; one law professor told the Associated Press that he expects the appeals process to take five years.

Matt Stoller:

Fifteen years after it was first investigated, search giant Google is finally going to be held accountable for unfairly thwarting competition. In this piece, I’m going to discuss the complaint against Google, why it lost, the next steps, and what this case means for American business going forward.

Ashley Belanger:

The verdict will likely come as a shock to Google, which had long argued that punishing Google for being the best in search would be “unprecedented” and frequently pointed to the DOJ’s lack of direct evidence. However, Mehta found the limited direct evidence compelling, especially “Google’s admission that it does not ‘consider whether users will go to other specific search providers (general or otherwise) if it introduces a change to its Search product.’”

Nick Heer:

The opinion is full of details about the precise nature of how Google search and its ads work together, Google’s relationship with Apple and other third parties, and how its business has changed over time. For example, the judge notes Google adjusted ad pricing to maintain a specific growth target, and increased it incrementally to mask it in the typical fluctuations of ad costs.

[…]

But two things can be true: Google can be the best search engine for most people, most of the time, because it is very good; and, also, Google can have abused its market-leading position to avoid competition and maintain its advertising revenue. Those are not inconsistent with each other. In fact, per the judge’s citation of how long it would take for Bing to amass the same information about user activity as Google does in a year, it is fully possible its quality and its dominance are related, something the judge nods toward. In fact, Google’s position is now so entrenched “it would not lose search revenue if were to significantly reduce the quality of its search product”.

[…]

Notably, Mehta did not sanction Google for failing to preserve evidence in the case[…] “Not because Google’s failure to preserve chat messages might not warrant them. But because the sanctions Plaintiffs request do not move the needle on the court’s assessment of Google’s liability.”

Matt Birchler:

The one thing that I am really curious about is what exactly that $20 billion-ish per year that Google pays Apple to be the default search engine in Safari is for. If Google really is what everyone wants to use, then way pay to achieve what customers would choose anyway? Is part of the deal that Apple won’t make their own search engine as long as Google keeps paying?

Genuinely, let’s say 2025 rolls in, Apple execs are expecting Google to write their annual mega-check like they have for years, and Google just says no. What happens? Does Apple leave Google the default since it’s what customers want? Does Apple make something else the default? If so, what? Does Apple fast track their own search engine?

Steve Troughton-Smith:

Apple’s about to lose a quarter of its services revenue 🤪

M.G. Siegler:

While Su suggest the revenue sharing would stop, I imagine it would just change. No more paying for default placement in lump sums and instead perhaps paying out a share for actual usage. The argument here might be that this would still give Google too much power because they could afford to pay more than anyone else, but an equalized market rate would incentivize product over payment.

Regardless, the Occam’s razor read of such a remedy suggests a situation that would perhaps not change all that much. Because it wouldn’t dictate that Android phone makers or Apple make another search engine the default, it would likely instead lead to more pop-ups asking people to explicitly make a choice. And Google would still have a huge market advantage there, simply thanks to brand awareness, if nothing else. And if companies were allowed to bid on placement in such a screen, the effect would likely be even more muted.

John Gruber:

It’s worth a reminder that under U.S. antitrust law, having a monopoly is not in and of itself illegal. It’s just that monopolies must operate under different rules, and Mehta has ruled that Google broke (and continues now to break) those rules.

[…]

One possible outcome is that Apple winds up paying a bigger penalty, effectively, than Google. Let’s say the remedies include Google being banned from paying for traffic acquisition. Then Apple changes Safari from making Google the default search engine to prompting users with a choice for default search, and 90 percent of Safari users choose Google — the search engine they’ve been using since forever ago, and for many people the only one they even recognize by name. Now Google gets that search traffic for free and Apple gets bupkis.

Dare Obasanjo:

This ruling might actually work out financially for Google since few people will choose Bing as default.

Jason Del Rey (via Slashdot):

Mozilla, the non-profit behind the Firefox browser, faces an uncertain future following Monday’s landmark antitrust ruling against Google. The decision, which found Google illegally maintained its search monopoly, puts Mozilla’s primary funding source at risk. In 2021-2022, Mozilla received $510 million from Google out of $593 million total revenue, according to its latest financial report.

Previously:

Update (2024-08-07): Ben Thompson:

I find Mehta’s opinion well-written and exhaustive, but the decision is ultimately as simple as the Sherman Act: Google acquired a monopoly in search through innovation, but having achieved a monopoly, it is forbidden from extending that monopoly through the use of contractual arrangements like the default search deals it has with browser developers, device makers, and carriers. That’s it!

[…]

Most importantly, has it been good for consumers? This is where the Apple Maps example looms large: Apple has shown it can compete with Google if it puts resources behind a project it considers core to the iPhone experience. By extension, the entire reason why Google favored Google Maps in the first place, leaving Apple no choice but to compete, is because they were seeking to advantage Android relative to the iPhone. Both competitions drove large amounts of consumer benefit that continue to persist today.

I would also note that the behavior I am calling for — more innovation and competition, not just from Google’s competitors, but Google itself — is the exact opposite of what the European Union is pushing for, which is product stasis. I think the E.U. is mistaken for the exact same reasons I think Judge Mehta is right.

[…]

This is why, ultimately, I am comfortable with the implications of my framework, and why I think the answer to the remedy question is an injunction against Google making any sort of payments or revenue share for search; if you’re a monopoly you don’t get to extend your advantage with contracts, period (now do most-favored nation clauses). More broadly, we tend to think of monopolies as being mean; the problem with Aggregators is they have the temptation to be too nice. It has been very profitable to be Google’s friend; I think consumers — and Google — are better off if the company has a few more enemies.

Nilay Patel and Sarah Jeong:

“I don’t believe there’s a price in the world that Microsoft could offer us,” Cue said at another point. “They offered to give us Bing for free. They could give us the whole company.”

For Google, this is a sign that they’ve earned their default status (which, incidentally, they pay Apple gobs of money to maintain). Judge Mehta says that this is an indication that the “market reality is that Google is the only real choice as the default GSE [general search engine].”

[…]

One Google analysis estimated “a query loss of 10–15% of Safari traffic and a revenue loss of 4–10% of iOS Safari revenue based on Apple Suggestions.” The new 2016 contract includes a specification that “Apple’s implementation of the Safari default must ‘remain substantially similar’ to prior implementations” so that Apple “could not expand farther than what they were doing,” lest Apple “bleed off traffic.”

[…]

Apparently, Apple has calculated that “it would cost $6 billion annually (on top of what it already spends developing search capabilities) to run a GSE.” Meanwhile, in “late 2020, Google estimated how much it would cost Apple to create and maintain a GSE that could compete with Google.” Apple would have to spend something “in the rough order of” $20 billion in order “to reproduce [Google’s technical] infrastructure dedicated to search.”

Update (2024-09-18): Ashley Belanger (Hacker News):

On Monday, the US Department of Justice’s next monopoly trial against Google started in Virginia—this time challenging the tech giant’s ad tech dominance.

The trial comes after Google lost two major cases that proved Google had a monopoly in both general search and the Android app store.

[…]

In its complaint, the DOJ argued that Google broke competition in the ad tech space “by engaging in a systematic campaign to seize control of the wide swath of high-tech tools used by publishers, advertisers, and brokers, to facilitate digital advertising.”

Matt Stoller (tweet):

One consequences was that Google charged high prices, keeping between 30-50% of every advertising dollar that went through its system. That take rate was bad enough. But Google also acquired surveillance capacity over every publisher and advertiser. It was as if every night Google could break into the offices of the Wall Street Journal and take its subscriber list, and then go to its own advertising clients and tell them that it could sell them access to Wall Street Journal readers for much cheaper rates when those readers opened Google owned and operated properties, like Gmail, YouTube, search, and so forth. In doing so, Google gained the ability to direct ad revenue away from third party publishers to itself.

To buttress its ability to target, in 2016 Google violated a promise it made when it bought DoubleClick. It had told enforcers it would guard user privacy and segment data. Instead, it decided to combine all data across all its different services, from Gmail to YouTube to search, into detailed dossiers of each user. Google now had a machine, where it could spy on users across the open web, and then use that data to manipulate ad auctions, both charging high prices when display ads went on third party sites, and simply moving broad ad demand to its own properties instead of third party sites.

Kagi:

The point here is that competitors can build competing cycles, but challenging a flywheel once it has gathered full momentum is very difficult. In Amazon’s case, they can be challenged by factors like price (which is non-zero), better choice, and user experience. However, with Google, the challenge is significantly harder because the nominal price is “zero,” while users pay in other currencies - personal data, attention, and changes in behavior. As a society, we are only beginning to recognize the importance of these currencies and the impact they have on our lives.

[…]

A fair observer must acknowledge that being the default search engine within the Apple ecosystem holds substantial economic value - a value determined by fair market forces, with Google agreeing to pay that price. This may come as a surprise, but from our standpoint as a search market participant, this arrangement between Google and Apple is acceptable. (and interestingly what is more problematic is that Apple users cannot choose Kagi as their search engine at all, which consumers see as a hinderance - that said, this issue is beyond the scope of this article).

[…]

Usually a relationship between a user and service provider is direct and the objectives of each are in alignment. In this case there are three parties involved – Google, the Advertiser and the user. Because of the three parties being involved, the objectives are misaligned. This misalignment arises because of the business model being used where Google and the Advertiser are aligned on pushing more ads to the users to generate more revenue while users would prefer to see fewer ads (or no ads) and information in their best interest.

[…]

Since search is a critical but essential resource for all users, the solution that can be considered is allowing fair access to the Search Index or take it a step further into known precedents, consider treating the Search Index as an “Essential Facility”.

See also: Nick Heer.

NetNewsWire and Conditional GET Issues

Brent Simmons (Mastodon):

I had thought that NetNewsWire’s conditional GET support was rock-solid — and so my first reaction was to be very surprised to learn that it’s not!

[…]

When a server returns a Last-Modified header, the client should return that exact same string in follow-up requests in an If-Modified-Since header. The server then looks at the If-Modified-Since header and decides to either return a 200 plus the feed — if it has been modified since — or return a 304 Not Modified response and an empty body.

It’s the same story with the Etag header. The client should save it and return it in follow-up requests in an If-None-Match header.

[…]

In some cases, NetNewsWire is not picking up and saving the changed Last-Modified and Etag headers. Sometimes it does, and sometimes it keeps using whatever it already had and ignores the new ones.

I had been meaning to file a bug about this because I’d noticed in my server logs that sometimes a lot more full requests were being served than I expected. That is, on a day when I didn’t make any posts, I would have expected the feed to be mostly cached by NetNewsWire, but it wasn’t. However, many other times it seemed like the conditions GETs were working. Simmons found a bug that perhaps explains this.

The other NetNewsWire issue I’ve been seeing is this one, where sometimes it stops syncing with Feedbin until it’s restarted.

Previously:

Google Chromecast to Google TV Streamer

Google (Hacker News):

After 11 years and over 100 million devices sold, we’re ending production of Chromecast, which will now only be available while supplies last. The time has now come to evolve the smart TV streaming device category — primed for the new area of AI, entertainment and smart homes.

[…]

We invested heavily in embedding Google Cast technology into millions of TV devices, including Android TV. Android TV has expanded to 220 million devices worldwide and we are continuing to bring Google Cast to other TV devices, like LG TVs. Thousands of apps support casting, making it easier than ever to watch your content from your phone and tablet on the big screen. So we are taking the next step in evolving how streaming TV devices can add even more capabilities to your smart TV, built on top of the same Chromecast technology.

Google:

Google TV Streamer offers an improved processor, double the memory and 32GB of storage for faster app load times and smoother navigation than previous generation Chromecast. And with 4K HDR with Dolby Vision and Dolby Atmos, every detail, sound and image feels like a cinematic experience.

You can connect your Google TV Streamer to a Wi-Fi network, or use an ethernet port for faster, buffer-free streaming with snappier navigation and app loading or switching. We designed Google TV Streamer to sit in front of your TV, rather than tucked behind it, to improve connectivity across your smart home devices.

Emma Roth:

While the Google TV Streamer is a major upgrade to the Chromecast — and may finally even rival the pricier Apple TV 4K — it’s a shame Google is getting rid of its dongle. With a price of just $29.99, the Chromecast with Google TV offers entry-level access to an all-in-one streaming hub.

Killed by Google:

lmao what an amazing end to my weeklong vacation.

Previously:

Update (2024-08-08): Rosyna Keller:

The new Google Streamer is advertised as having a 22% faster CPU than the previous generation Chromecast. That Chromecast had a ARM Cortex-A55, a CPU from 2017.

22% faster than a 7 year old CPU isn’t that much of an increase…

That’s one thing I absolutely love about the Apple TV. It’s extremely responsive. Every single other embedded TV device is so noticeably slow, as if UX responsiveness played second fiddle to the minimum ability to decode video.

Update (2024-08-13): Hartley Charlton:

While both devices support 4K resolution and advanced HDR formats, they differ in their storage options, connectivity features, and additional functionalities. The Google TV Streamer emphasizes an AI-powered user experience with personalized content recommendations and generative AI screensavers, whereas the Apple TV 4K offers ecosystem advantages like Apple Arcade and Fitness+ for a more integrated Apple experience. All of the key differences between the two devices are listed below[…]

M.G. Siegler:

This battle no longer matters. These boxes don’t matter. They’re all fine. They’re all roughly the same. There are different price points and different specs. It doesn’t matter. What matters is the unification of the content they’re meant to serve up. That’s it. That’s the game now. Build that and the users will follow.

Said another way: we don’t need the iPod of this space. We need the iTunes.

[…]

The only hope here may be that such a content aggregator amasses enough power to actually drive subscriptions (and reduce churn) thanks to solving discovery (and, importantly, recommendations). But it’s sort of a chicken-and-egg problem at the moment. No service can do this until the content providers buy in. And no one is going to buy in until a service proves itself.

SuperDrive Sunset

Filipe Espósito (MacRumors):

As noted by one of our readers, it’s no longer possible to buy an Apple USB SuperDrive online via the official Apple Store in the US. The product’s webpage says that it’s “Sold Out,” and given that it’s a product introduced in 2008, it seems very unlikely that Apple will ever produce new units again.

[…]

The MacBook Air was the first MacBook without a built-in CD drive, which led the company to introduce an optical drive sold separately. Apple completely phased out optical drives from its computers in 2013, when all the Macs available in the lineup no longer had a CD reader.

I still use mine now and then. It does work with Apple Silicon Macs. There are third-party alternatives, but I don’t know how reliably they work with macOS. The DiscRecording framework never got deprecated, but it’s been adding bugs for years. The documentation no longer shows up in Xcode or on Apple’s Web site.

See also: Mr. Macintosh.

Previously:

Update (2024-10-15): Joe Rossignol:

A few months ago, the SuperDrive went out of stock on Apple’s online store in the U.S., and it is now listed as sold out or unavailable in all countries. Given it has yet to return, it seems likely that Apple has discontinued the 16-year-old accessory.

Update (2024-10-16): Rosyna Keller:

The SuperDrive itself was never up to spec, it required more power than Type A allowed at the time, so it wouldn’t work well with non-Apple computers.

I use a portable, bus-powered Pioneer CD/DVD/BD drive for all my needs on macOS.

I found that, probably due to the power requirements, I had to directly connect the SuperDrive to my Mac. This worked fine with a MacBook Pro, but with my iMac the built-in USB cable wasn’t long enough for the SuperDrive to sit flat on my desk.

Monday, August 5, 2024

Beta for Apple Intelligence in Apple Mail

Cabel Sasser (Hacker News):

Apple Intelligence in 15.1 just flagged a phishing email as “Priority” and moved it to the top of my Inbox. This seems… bad

I’ve been trying to test the new features in Mail to make sure that they work properly with my apps, but Mail is not showing any categories or priority messages on my Mac. Based on this and on reports from other beta testers, I had thought that only iOS got the full Apple Intelligence features in the first beta.

(Maybe this has changed in beta 5, but it’s not available yet for me, and the release notes haven’t been updated yet. Apple’s announcement doesn’t say whether beta 5 is for the 15.0 track or the 15.1 track, and neither is showing an update right now. [Update: It seems that beta 5 is for 15.0.])

I do see the Summarize button, and it seems to work reasonably well, though I don’t really understand the use case for the feature. What kind of e-mails are important enough that I can’t skip them or quickly skim them, yet not important enough that I can trust an AI summary to be accurate and complete? Maybe I would be more likely to use the summary instead of skimming if it didn’t require an extra click.

Previously:

Update (2024-08-19): Cabel Sasser:

In a hilarious follow-up, my dad forwarded me a phishing email just to check with me if it was legitimate. I wrote back and said “Definitely not!”. He wrote back and explained, “I got suspicious.”

This is how Apple Intelligence summarized my dad’s email[…]

Update (2024-09-12): Cabel Sasser:

how does this help. i’m still opening the emails and the messages regardless of the summaries. in fact i’m MORE likely to open them more urgently, interrupting my work quicker, because the summaries can sometimes miss key information and i don’t want my brain to think i “read” them when i didn’t. the emails it prioritizes for me are often just emails about cancelled calendar events, already reflected on my calendar. so what is the… goal? to read my email less? how does this help that goal?

Mark Jardine:

Apple Intelligence summaries are so bad. There have been so many situations when I was shocked or confused by the summary of an email or text and it’s because it was summarized incorrectly or unexpectedly. I know it’s early days, but I’m already losing faith in it all and at some point will end up just turning it off.

Update (2024-09-17): Adam Bell:

Man, I know it’s only a beta but summaries in Apple Intelligence really need more time in the oven.

SO many times will I get summaries that completely get things wrong and flip sentences around.

See also: Joe Kimberlin.

Update (2024-09-25): Ezekiel Elin:

Apple Intelligence keeps flipping the direction of payments from Venmo receipt emails

Update (2024-10-07): Matthew Cassinelli:

This weekend I noticed that Apple Intelligence Summaries made me less engaged in a group chat & unaware of the details.

People were going back and forth about a bbq & a movie, and by the end I didn’t know it wasn’t at our house and which movie they picked, because I read the summaries and skimmed the messages in the moment.

Apple Intelligence Privacy Dark Patterns

After I got off the beta waitlist, I went to enable Apple Intelligence, and it wouldn’t let me do so without also enabling Siri. I don’t find Siri to be useful on my Macs and tend to restrict it to my iPhone to prevent accidentally triggering the wrong device. It also doesn’t seem to work well with Mac microphones—this time it failed three times to accept the training test phrase but then eventually let me continue, anyway.

Not only that, but it also forced me to enable sharing audio recordings with Apple. See how the Continue button is disabled until I select the (lone!) radio button:

Improve Siri Sheet

See how it says that you can change the privacy setting later in System Settings? Well, you still can’t do so from the Apple Intelligence & Siri pane. There are a button and a help link that seem to relate to privacy:

Siri Pane of System Settings

but they don’t let me control whether Apple stores my audio, nor explain where to do that. The relevant setting is in System Settings ‣ Privacy & Security ‣ Analytics & Improvements ‣ Improve Siri & Dictation.

Previously:

Update (2024-08-07): See also: Hacker News.

Update (2024-09-12): Jonathan Wight notes another Siri window layout problem:

Siri

Apple’s Q3 2024 Results

Apple (transcript, MacRumors, MacStories, ArsTechnica):

The Company posted quarterly revenue of $85.8 billion, up 5 percent year over year, and quarterly earnings per diluted share of $1.40, up 11 percent year over year.

[…]

“During the quarter, our record business performance generated EPS growth of 11 percent and nearly $29 billion in operating cash flow, allowing us to return over $32 billion to shareholders,” said Luca Maestri, Apple’s CFO. “We are also very pleased that our installed base of active devices reached a new all-time high in all geographic segments, thanks to very high levels of customer satisfaction and loyalty.”

Jason Snell:

And now, here’s what you’ve all been waiting for: the charts…

Adam Engst:

Apple’s Services and iPad segments increased significantly compared to last year, with Services up 14% and iPad up 24%. The Mac was also up about 2%, but the iPhone fell 1% and Wearables dropped 2%. Internationally, nearly all geographic segments reported modest increases apart from Greater China, which posted somewhat lower results compared to last year.

Jason Snell:

Another quarter, another record-setting total for Apple’s Services line—$24.2 billion in revenue. And yet, the more I looked at that number, the more I started to ask myself some fundamental questions about Apple’s business, today and in the future.

[…]

Apple’s Services line is powered by less glamorous businesses. The company’s cut of App Store revenue, AppleCare support subscriptions, Google’s payment for being the preferred search engine in Safari, Apple’s cut of Apple Pay transactions, and iCloud services are all a part of the category, and most of them contribute more to Services revenue than Reese Witherspoon and Adam Scott do.

[…]

Without good hardware and software, Apple’s services would be irrelevant. I hope everyone in a position of authority at Apple understands that. Services are a way to help make Apple’s hardware even more profitable than it already was. But services can never, ever take precedence over Apple’s hardware. If Apple ever begins to see its hardware as merely a vessel for selling more subscription services, the game will be over.

There are certainly areas where it seems like that’s how it sees software. And, to me at least, even Apple’s hardware business is just the way to access software (from both Apple and third-party developers). Software is what truly matters.

Nick Heer:

It would be disappointing if Apple sees its hardware products increasingly as vehicles for recurring revenue.

Ryan Jones:

I just want to see Apple Services revenue broken out!

  • Google search deal
  • App Store games commision
  • App Store apps commision
  • AppleCare
  • Apple Music
  • iCloud
  • Else

The growth must be games, Music, and iCloud?

Steve Troughton-Smith:

This is the launch year of Apple’s Vision Pro, but from their first six months of financial statements you wouldn’t know it. Much like their first-party software support, it’s just crickets and tumbleweed.

Benjamin Mayo:

Tim Cook says ‘we’ll see what the developers do’ with Apple Intelligence, omitting the fact developers currently have essentially nothing they can do … APIs for summarisation and the like are simply non-existent in the iOS 18 SDK.

Right now, as a developer, you can make your text fields compatible with rich image attachments for Genmoji support, and that’s about it. In-app actions for Siri with app intents are the first real ‘advanced’ integration point, which is a ‘next year’ thingy.

Robert Ilich (Hacker News):

Warren Buffett’s Berkshire Hathaway slashed its stake in tech giant Apple by nearly 50%, according to Berkshire’s second quarter earnings report released on Saturday.

Berkshire Hathaway disclosed its holdings in Apple were valued at $84.2 billion at the end of the quarter, dropping from 790 million shares to 400 million shares. The sharp selloff is notable for Buffett, who is known for holding onto stocks for long periods of time.

Jason Aten:

That timing thing is pretty important because even though Buffett didn’t specifically say why he’s unloading Apple’s stock, he has indicated in the past that he plans to hold onto the company’s shares “unless something really extraordinary happens.”

Previously:

Update (2024-08-07): John Gruber:

But another way to look at it is that services are just another form of software. Software that runs not on the personal computing devices Apple sells to customers, but which run on servers in the cloud. And, importantly, is sold to users via lucrative recurring subscriptions. Content often isn’t what we think of as software (like say music, movies, and TV shows) but content from the App Store is. But the key is that it’s all stuff that the users of Apple’s devices consume on those devices. Apple’s core business is designing, engineering, producing, and selling those devices. Services are just a huge, and growing, part of what users do and consume on those devices.

To extend Kay’s axiom for today’s world, I suspect Apple’s leadership sees things this way: People who are really serious about device platforms should make their own services. Viewed that way, Apple’s success with services is no more a distraction from their core business than their success with their own chain of retail stores has been. It’s just a necessary evolution.

I see this as more of a “success hides problems” situation. Do you look at the profit number going up? Or at the pattern that the software that touches Apple’s services businesses tends to be less reliable and well designed, often even regressing?

Also, stuff like CloudKit and the App Store are certainly more “core” than original TV content, though Tim Cook seems far more excited about improving the latter.

Previously:

“Find My” Privacy

Tim Sweeney (MacRumors):

This feature is super creepy surveillance tech and shouldn’t exist. Years ago, a kid stole a Mac laptop out of my car. Years later, I was checking out Find My and it showed a map with the house where the kid who stole my Mac lived. WTF Apple? How is that okay?!

John Gruber:

Thieves deserve privacy too is quite the take.

Rosyna Keller:

Sweeney is seriously angry that Find My, a service for tracking lost or stolen items, can track stolen items…

Tim Sweeney:

To state a thesis explicitly: if a device one person owns ultimately ends up in the possession of another person, then any process of detection and recovery should be mediated by due process of law and not exposed to the owner in vigilante fashion; and no sort of surveillance mesh network in these devices should be activated without a user’s clear and specific consent.

I can respect the consistency of the view that everyone deserves privacy, though in this case it would seem to infringe on the rights of the device’s owner. Involving the law is a high burden, and by the time it’s done the device may no longer be trackable. And how would Apple even know to switch the device from “lost” to “stolen”? His thesis just seems unworkable.

The other interesting thing about Sweeney’s comment is that it inspired a Twitter community note saying:

The location of Apple devices on the Find My network can’t be accessed by Apple. “The Find My network uses end-to-end encryption so that Apple cannot see the location of any offline device or reporting device.”

Mysk:

The community note is inaccurate. The claim “Find My is end-to-end encrypted” generally is misleading. Online devices report their location to Apple without end-to-end encryption even with Advanced Data Protection is on. This makes it possible to look up a device’s location through Find My by logging in to icloud[.]com. We intercepted the HTTPS traffic of Find My on icloud[.]com, and it clearly shows that Apple can see the location of every online device.

End-to-end encryption only applies when offline devices report their location through the Find My network, which relies on other nearby devices reporting their own location.

Find My is not even listed on the iCloud page about protecting your information.

I still don’t recommend enabling Find My Mac because then anyone who breaks into your Apple ID account can remotely wipe your Mac. Whereas, if you use FileVault and elect not to store the info with your Apple ID, your data is safe even if the Mac gets stolen. So I think this collection of features is not designed properly. I wish I could find my Mac without putting my data at risk.

Previously:

Friday, August 2, 2024

Securing Virtual Machines on Apple Silicon

Howard Oakley:

In addition to Sequoia VMs on Apple silicon Macs being able to use services such as iCloud using Apple ID, they now appear able to support full-strength FileVault when Apple ID is activated. This contrasts with FileVault supported by previous macOS guests, which appears comparable to that provided by Intel Macs without T2 chips, or on external disks of any Mac, in that the Secure Enclave isn’t involved in protecting their encryption keys, as explained in Apple’s Platform Security Guide. Thus an attacker who has access to an older VM could copy that and attempt to gain access by brute force.

[…]

The best that a VM has been able to offer before Sequoia is relative privacy, but little more protection than already available on the host’s internal SSD. That assumes you store your VMs on the internal Data volume, which isn’t good practice in terms of snapshots and backups, as those will be significantly larger as a result. Storing VMs externally benefits from encrypted APFS, but that’s not as robust as full-strength FileVault.

If you want to set up a private VM using lightweight virtualisation on Apple silicon[…]

Previously:

Unread RSS Reader for Mac

John Brayton:

Unread for Mac is a native Mac app. The user interface is built with AppKit and a touch of SwiftUI.

[…]

Like on iPhone and iPad, on Mac you can easily switch between showing feed text, webpage text, or both for an individual article.

The latter is for feeds that contain only a summary.

Unread is a free app. Premium features are available with a subscription.

The subscription is $4.99/month or $29.99/year. An interesting feature is “Save to Unread,” which lets you add random (non-feed) pages from your Web browser to read in the app.

It’s not AppleScriptable, so it can’t work with EagleFiler’s capture key, but it does work the share extension so that you can save articles after reading them.

See also: Niléane Dorffer.

Previously:

The Switch From File Paths to URLs

Quinn:

I don’t think we ever documented this officially, but to understand this choice you have to look at the history of macOS. Traditional Mac OS did not use paths a lot. Rather, files were identified by an FSSpec, which contains a volume identifier, a directory ID, and a name. The directory ID was an HFS [Plus] catalogue node ID (CNID), which is kinda like an inode number.

Additionally, starting with System 7 it was possible to track a file with a volume identifier and the file ID, that is, the CNID of the file itself.

This was quite tricky to support on a Unix-y platform like Mac OS X. At the lowest levels of the system you needed the ability to manipulate files based on CNIDs rather than paths. For an explanation of how this was done, see QA1113 The “/.vol” directory and “volfs” (note, however, that volfs is no longer a thing and the same functionality is now implemented in a very different way).

[…]

So far, so much obscure backward compatibility. However, since we made the decision to use file URLs we’ve exploited that to significant advantage[…]

Via Matt Gallagher:

There’s a lesson about attaching data (like security attributes) to an opaque interface (like NSURL). Because my mental model of NSURL is as plain RFC-3986 storage, these attributes are easy to lose and the security behaviours are easy to forget, when moving data around an app (I wish we received a bookmark type that made this explicit).

Jim Luther:

The original proposal was not to use a NS/CFString object encapsulating the path or a NS/CFURL object, and instead use a new object type to identify a file’s location, to cache properties, etc. That idea was vetoed in early API reviews because there were already API that took file locations as paths or URLs. We were told to pick path or URL. We chose URL objects over string objects.

I still think a new object type would have been cleaner and better in the long run. 🤷‍♂️

[…]

FSRefs were not objects so they didn’t fit into the Cocoa (or CoreFoundation)API memory model. They were also a fixed size glob of memory so expanding their functionality was very difficult. One of the things I did in my last year at Apple was to make the old Carbon File Manager work well with APFS and its 64-bit inode numbers. That meant making shoehorning 64-bit file and folder ids into FSRefs and translating them to 32-bit ids for the old File Manager API. Fun hacking 😀

Previously:

Snapshots Aren’t Backups

Howard Oakley:

What is different is that restoring a whole volume from a snapshot is a one-way trip, and there is no undo. This is because snapshots subsequent to that used to restore from will be removed, and you won’t then be able to ‘roll forward’ to a later snapshot. That contrasts with a normal backup, where items remain available from any other backup that is retained in the backup store.

[…]

Because snapshots share the same container as the current volume, and share many file extents with them, they are prone to common errors. In particular, common file extents make it more likely that faults occurring in extents and data storage will affect them both. This is particularly important as one of the most common file system errors that corrupts data in files occurs when extents for two separate files overlap. A snapshot is thus more vulnerable than a backup on a different disk, or even one in a different container on the same physical store.

[…]

Snapshots do have one specific advantage over backups when it comes to their coverage. As they include the whole file system metadata for the volume, no items present in that volume are excluded from its snapshots. If you want to restore an item that has been excluded from backups made of any volume, you can therefore do that from its latest snapshot, if that item was present in the volume at the time that was made.

The only disadvantage to this is that snapshots can be disproportionately large compared to volume backups.

Snapshots are a great tool, but they don’t replace backups. The combination can be powerful. All my clone backups are now to APFS drives that make a new snapshot for each backup. I would like to be able to restore previous versions of files or folders from a year ago or more. Every once in a while I archive a clone drive and stop updating it. But I don’t have enough drives in rotation to keep a version for each week or month. Snapshots make that possible, albeit with less redundancy. Unfortunately, Mac backup software has kind of regressed in that it no longer provides great tools for browsing and searching old versions, but at least with snapshots we can easily and efficiently store them.

Previously:

Thursday, August 1, 2024

iStat Menus 7

Marc Edwards:

What’s new? Everything. iStat Menus 7 is a full reboot, sporting an all-new design with hundreds of big and small improvements.

Bjango (version history):

New menu bar modes, including stacked labels and values. New menu bar items, like Wi-Fi name, and GPU frames per second. Frequency monitoring and additional sensors on Apple Silicon Macs. More theme options and menu background colors. Fan speeds can now ramp up gradually with complete control over the speed curve.

The time menu has 7-day and 14-day rolling calendar modes. Combined mode has been drastically overhauled, and can now display any item in the menu bar, with unique settings, and has more available menu sections in the dropdown menu.

I like the new design, the additional configurability, and the extra information that it shows, e.g. for disk and processor usage. (It appears that my Mac is almost constantly using both efficiency cores.) It’s a bargain at $11.99 or $9.99 to upgrade. It’s also on Setapp.

I hope that a future version will add support for recording process samples directly from the menu, as that would free me from having to leave an Activity Monitor window open at all times to quickly see what code is running when something weird happens.

See also:

Previously:

Update (2024-08-07): Matt Henderson:

This is kinda cool. The new @bjango iStat Menus v7 can show a flag where your VPN is connected to.

ContextMenu 1.4.3

Matt Sephton:

Many years ago I found ContextMenu ($4.99) which solves all of the issues I have with the Automator approach [to adding file commands to Finder’s contextual menu]. There’s also a free version, ContextMenu Lite, that supports up to 3 actions to give you a taste of the good stuff.

  • Submenu is optional
  • Apply to multiple types (files or directories; can be as granular as file extension)
  • Show output (sometimes you want to see the results of the command)
  • Confirmation before running (if it’s a potentially dangerous operation)

[…]

Here’s my repo of shared actions. Inside each .cmaction file is a main.sh file which contains the command that you can use in Automator if you’d like.

Previously:

FileUtils 1.0.1

ZigZag:

Still, no matter how often I use an alternate file manager and constantly tracking progress of development of most of them, I still find myself manipulating files in Finder very often. Finder is just convenient. It’s always there, ready to be put into action. There are also some things, for which Finder is practically a must, since alternative file managers cannot do them due to lack of Apple support (private APIs, undocumented features changing unannounced, even with minor OS updates). Working with files in iCloud Drive and using Time Machine are some of those things, which come to mind. If only Finder could do just a few additional and more advanced things, like proper and full POSIX permission setting, or Access Control List (ACL), maybe showing a checksum of the selected file…

That’s where FileUtils comes from. About a decade ago, Apple came up with official way and API to extend Finder functionality, in a way that developers could add additional actions performed on files selected in Finder, invoked with additional, custom contextual menu items (actually, adding contextual menu items was possible a long time ago, before macOS 10.6 Snow Leopard, but it required tons of Carbon code and was eventually deprecated when going 64-bits). FileUtils does exactly that. While the application is running, you will notice some additional menu items in Finder’s contextual menu (and dedicated FileUtils toolbar item menu too). Each additional item invokes a particular action on files selected in Finder, action Finder cannot do on its own.

I love this idea. The initial features include checksumming, compression, secure delete, permissions and ACLs, renaming, and file sizes (in columns, like OmniDiskSweeper). The current version has worked well for me except that it sometimes crashes when viewing a folder that contains a large number of archives. I’m hoping that a future version will add some more developer oriented features, like getting Mach-O and code signing information.

There are separate non-sandboxed ($9.95), sandboxed, and Mac App Store ($9.99) versions, with the former providing more direct access to files, as well as privileged file operations.

Previously:

Update (2024-10-15): See also: Adam Engst.

Kaleidoscope 5.0.3

Kaleidoscope 4.5 (tweet):

Recently, we have spent a lot of time on many aspects of the folder comparison feature for Kaleidoscope 4.4 and 4.5. We have overhauled some of the underpinnings and worked hard to improve reliability and speed. But we also added some major new features. It’s time to tell you a bit what they are and how you can benefit from those changes.

[…]

Now you can expand any folder, synchronously in A and B, without the need to open a new document. In addition, upon completion of the difference calculation, Kaleidoscope will automatically expand folders with changes in them and leave all the others collapsed. This means you’ll get an overview of all changes with no additional interaction required.

[…]

As you are making changes to folders you are comparing, Kaleidoscope will dynamically and quickly update the comparison, on any level.

[…]

When Date Modified or Size for an item is the same between A and B, a regular font is used. If there is a difference, the font style is bolder. In addition, the side with the more recent date or the bigger size is shown in blue, providing you with information at a glance.

I’ve been really impressed with the pace of improvements since they switched to the subscription model about a year ago.

Kaleidoscope 5 (Mastodon, tweet):

While we had started to integrate Git over the last few releases, Kaleidoscope 5 is reaching a new level, enabling you to dig into the history of your coding projects like never before.

[…]

Git Repositories are now an intrinsic part of Kaleidoscope. They show up automatically as you start comparing files that reside in git working directories.

[…]

From the sidebar of a git-backed changeset, you can now open the history or any file in that changeset. This lets you learn how that file evolved over time. And in the opposite direction, when finding interesting changes in the history of a file, you can now quickly see the changeset of an entire commit.

The new Git features are great. I’m finding myself using Kaleidoscope alongside Tower for certain tasks. Kaleidoscope doesn’t even attempt to do most of what Tower does, but there are times when it’s quicker or better to open up a comparison or file history in Kaleidoscope.

I really like how the main Kaleidoscope window keeps a history of recent comparisons, both globally and per-repository. In the initial 5.0 version, opening the Git file history was really slow, but this was quickly fixed, and now the speed is on-par with Tower, with Kaleidoscope tracking some revisions through renames that Tower missed. It’s very easy to select two specific versions of a file to compare, and you can quickly move down the list and see the commit messages for each version, but it’s awkward to quickly zip through the changes for the versions (which in Tower you can do just by pressing the Down Arrow key).

The subscription price has dipped slightly from $99/year to $96/year.

Florian Albrecht:

Kaleidoscope 5 introduces a groundbreaking feature that allows users to effortlessly open the changeset for any Git commit. This feature comes in two distinct forms tailored to accommodate all macOS applications: one leveraging a system service and the other integrated with Kaleidoscope Prism. Both options can be further optimized by adding a keyboard shortcut for swift execution.

See also: Filipe Espósito.

Previously: