Archive for October 2025

Friday, October 31, 2025

Combined Affinity Studio Now Free

Marcus Mendes (MacRumors, Hacker News, TidBITS-Talk, Mac Power Users):

Affinity has announced a complete overhaul of its design suite. Starting today, the company is unifying all its tools into a single app for vector, photo, and layout work, and making it permanently free.

[…]

Here’s Ash Hewson, CEO of Affinity:

“There’s no catch, no stripped-back version, and no gotchas. The same precise, high-performance tools that professionals rely on every day are now open to all, because creative freedom shouldn’t come with a cost.”

[…]

The all-new Affinity was completely redesigned to offer a seamless way to switch between vector, photo, and layout work.

Combining Affinity Designer, Photo, and Publisher into a single app is an interesting move. There was clearly duplication and extra friction from having them separate yet integrated, but it’s hard to get the user interface right in a mega app. I still prefer when Interface Builder was spearate from Xcode (though it matters less as I phase out my usage of nib files).

The immediate catch is that now you need to log into a Canva account to use the app, and there will probably be constant upselling UI, like with Apple’s services apps. Maybe that seems like a small price to pay for getting all these professional tools for free. But I have a bad feeling about this, both because it seems like the pro app functionality will no longer be the focus and because I don’t understand how they’re going to make money. Is the subscription with AI features that compelling?

Ernie Smith (via Hacker News):

Canva is well-suited for those smaller tasks, which is why they’ve convinced 24 million people to pay $120 per year or more for its offering, many in workplaces. Potentially, though, Canva Pro could be nearly as popular as Microsoft 365, which has an estimated 440 million paid subscribers. The pitch to employers: Rather than buying graphics software for one or two departments, everyone gets a Canva Pro subscription.

If only the market wasn’t so split because of all the professionals favoring Creative Cloud and looking down on Canva.

That’s where the make-Affinity-free logic comes into play. For years, Adobe’s Achilles heel has been its overwhelming high cost, which has left many early-career or freelance professional designers feeling sustained sticker shock, year after year.

[…]

If Canva can get more than 6 normies for every professional Adobe serves, they come out ahead.

[…]

Canva just flipped 40 years of design-business logic on its head, and if they pull this off, they look like geniuses. If they don’t, hopefully Affinity doesn’t get lost in the shuffle.

Jesus Diaz:

So, how does a free professional tool make business sense for Canva? Adams explains it to me with a simple mantra: “craft and scale.” The high-end, pixel-perfect “craft” happens in Affinity Studio. The “scale”—where that craft is used to generate massive amounts of content—happens in Canva. By making the craft tool free, Canva is betting it can grow the entire design ecosystem.​

The strategy is to build a frictionless bridge between these two worlds.

Craig Grannell (Mastodon):

All was good for a while. But fans got twitchy last year when Serif was snapped up by Canva, a company rather fond of subscriptions itself. Such concern escalated to full-blown panic this October when Affinity desktop apps vanished from sale, replaced by the cryptic slogan “Creative Freedom Is Coming”.

[…]

So what’s the catch? Well, the iPad version won’t be ready until next year, which explains why the iPad Affinity suite quietly went free rather than being pulled from the App Store. And there’s the integration of Canva AI tools, such as Generative Fill, Expand & Edit and Remove Background. GenAI is… divisive (let’s say) in the creative world. But those tools are entirely optional and Canva promises your work in Affinity “is not accessed to train AI features” anyway.

[…]

It does technically break Canva’s pledge to “offer perpetual licenses”, but given that the new price is literally zero, I think we can forgive the company for that. What I’m interested in now is not just how Affinity evolves, but also how Adobe responds.

Presumably, most of the future work will be on new features that require a subscription.

Brody Ford (Slashdot):

Adobe Inc. brought together 10,000 marketers, filmmakers and content creators to its annual conference this week to persuade them that the company’s software products are adapting to artificial intelligence and remain the best tools for their work.

But it’s Adobe’s investors, rather than its users, who are the most skeptical that generative AI technology won’t disrupt the company’s business as the top seller of software for creative professionals.

[…]

The company’s shares have lost about a quarter of their value this year as AI tools like Google’s video-generating model Veo have gained steam.

Previously:

Update (2025-11-03): Adam Engst:

Using the new Affinity app requires a Canva account, which is causing conniptions among a vocal subset of users in the Affinity Discord community who would prefer the promised perpetual license to a free app that requires an online account. You can choose not to share usage data with Affinity, and privacy preferences in your Canva account let you specify which other data-sharing and AI-training options you’re willing to allow. You must be online to download and activate Affinity with your free Canva account, but once activated, the app works offline. Features like help documentation, stock libraries, and Canva AI integrations require an Internet connection.

[…]

If you only need tools for one discipline, you can work entirely within a single studio (Pixel, Vector, or Layout) and ignore the others. My understanding is that the apps had extensive shared code, so it may have been efficient for the Affinity developers to combine everything into a single tool once there was no business advantage to selling three separate apps. The new app is 3.5 GB on disk, whereas each of the three previous apps was 2.88 GB.

From what I hear, the new Affinity app offers all the same features as V2 of Affinity Photo, Designer, and Publisher. The new app can open files from previous apps, but its files are not backward-compatible with older apps; those apps remain functional but will no longer receive updates.

Update (2025-11-04): Marc Edwards:

“When we made Affinity free, some people assumed there had to be a catch. Let me be absolutely clear. There is no catch.”

I do not think this comment will age well. You don’t spend USD$1 billion on something just to give it away.

Apple’s Q4 2025 Results

Apple (transcript, MacRumors, MacStories, Hacker News):

“Today, Apple is very proud to report a September quarter revenue record of $102.5 billion, including a September quarter revenue record for iPhone and an all-time revenue record for Services,” said Tim Cook, Apple’s CEO.

[…]

“Our September quarter results capped off a record fiscal year, with revenue reaching $416 billion, as well as double-digit EPS growth,” said Kevan Parekh, Apple’s CFO.

Jason Snell (podcast):

Now on to the charts!

The gross margin continues to climb and is now at 47.2%. I wish Apple reported separate numbers for hardware and services.

John Gruber (Mastodon):

Looking at Apple’s Consolidated Statement (PDF), the numbers look great across the board year-over-year: iPhone up 6%, Mac up 13%, iPad even, Wearables/Home even, and Services up 15%. Services now generates more revenue ($28.8 billion) than Mac, iPad, and Wearables/Home combined ($24.7 billion).

Manton Reece:

If iPhone revenue is essentially maxed out and flat, Apple will eventually become mostly a services revenue company. Very weird. 💰

As a fan of the devices but not the services, I don’t see how this can be good.

M.G. Siegler:

So yes, they’re well ahead of the $100B run rate. And so yes, that business – again, just Services – is now set to be bigger than Disney, Tesla, and all but around 40 companies in the Fortune 500, which is wild.

Jason Snell:

And to top it all off, Cook dropped the mother of all forms of “guidance,” which is what you call it when companies publicly predict their next-quarter results three months in advance: “We expect the December quarter’s revenue to be the best ever for the company and the best ever for iPhone.”

[…]

Just so we’re clear, that’s about $138B in total revenue and a minimum of $76B in iPhone revenue. (Check back in January to see if they were right.) Keep in mind that the results reported on Thursday only have a week or two of iPhone sales, while Apple now has an addition month of sales data with which to make projections. And if Apple is this confident, iPhone 17 sales data has to be really, really good.

One reason Apple is so confident is that it’s supply-constrained. In other words, for at least some iPhone models, it just can’t make enough to fulfill demand. Cook specifically called out Greater China revenue decreasing largely because the company faced iPhone supply constraints, and said that generally Apple was “constrained on several [iPhone] 17 models.”

The iPhone 17 is fine, but I have no idea why this is the model that’s setting records.

Mac revenue was a real highlight this quarter, with revenue up 13% over the year-ago quarter. That’s eight straight quarters of year-over-year growth, so it’s been two very strong years for the Mac after a year where it fell a bit off the heights of improved sales due to COVID and the advent of Apple silicon.

Adam Engst:

Apple warned that next quarter will be a “very difficult compare” because of the “mother of all Mac launches” from last year—the M4-powered MacBook Pro, Mac mini, and iMac (see “New MacBook Pros Gain M4 Chips, 12MP Center Stage Camera, and Thunderbolt 5,” 30 October 2024). While sales of the M5 MacBook Pro will boost next quarter (see “New M5 Chip Accelerates the MacBook Pro, iPad Pro, and Vision Pro,” 15 October 2025), Apple’s warning suggests we won’t see M5 models of the Mac mini, iMac, or MacBook Air until next year.

Juli Clover:

Apple is still on track to release an upgraded version of Siri next year, according to Cook. Apple is also planning for more partnerships like the ChatGPT integration in Apple Intelligence.

Previously:

Update (2025-11-03): Dr. Drang:

After [inflation] adjustment, the climb after the big work-from-home jump isn’t as impressive, although the non-Q1 quarters of fiscal 2025 are quite good. The just-reported Q4 revenue truly is the best Q4 ever, even after adjustment.

Update (2025-11-05): Jason Snell:

Let’s dig into the charts, starting with the big one, overall Apple revenue for the last 27 years[…]

[…]

Also, if you toss out those 2021 and 2022 outliers, this year’s $4B Mac increase is the biggest since 2011. What that says to me is that the Mac is doing really well, and that the effects of those two big years are largely out of the equation now. After a decade of hanging out in the $20s, the Mac is now firmly a $30 billion-plus business, and growing.

Swift 6.2: Observations

Holly Borla:

Swift 6.2 enables streaming transactional state changes of observable types using the new Observations async sequence type. Updates include all synchronous changes to the observable properties, and the transaction ends at the next await that suspends. This avoids redundant UI updates, improves performance, and ensures that your code reacts to a consistent snapshot of the value.

As with notification center messages, this is really part of the macOS 26 frameworks rather than Swift 6.2 itself.

Donny Wals:

Sequences created by Observations will automatically observe all properties that you accessed in your Observations closure. In this case we’ve only accessed a single property so we’re informed whenever count is changed. If we accessed more properties, a change to any of the accessed properties will cause us to receive a new value. Whatever we return from Observations is what our async sequence will output. In this case that’s a string but it can be anything we want. The properties we access don’t have to be part of our return value. Accessing the property is enough to have your closure called, even when you don’t use that property to compute your return value.

[…]

When iterating over our Observations sequence we’ll receive values in our loop after they’ve been assigned to our @Observable model. This means that Observations sequences have “did set semantics” while withObservationTracking would have given us “will set semantics”.

Keith Harrison:

The updates are transactional so multiple synchronous changes arrive as a single updated value.

SE-0475:

Observation was introduced to add the ability to observe changes in graphs of objects. The initial tools for observation afforded seamless integration into SwiftUI, however aiding SwiftUI is not the only intent of the module - it is more general than that. This proposal describes a new safe, ergonomic and composable way to observe changes to models using an AsyncSequence, starting transactions at the first willSet and then emitting a value upon that transaction end at the first point of consistency by interoperating with Swift Concurrency.

[…]

This proposal does not change the fact that the spectrum of APIs may range from favoring AsyncSequence properties to purely @Observable models. They both have their place. However the calculus of determining the best exposition may be slightly more refined now with Observations.

Jared Sinclair:

Apple has effectively deprecated the reigning paradigm of the ObservableObject protocol and @Published properties observed via the Combine framework, but they’ve only partially provided its replacement via the @Observable macro and the withObservationTracking free function. The gaps between the old way and the new way are worth careful consideration.

[…]

Observations is an Apple-provided way for one object to subscribe to long-running changes to some other, @Observable-macro’ed object. It is written to use the AsyncSequence protocol. Despite the fact that withObservationTracking was released in OS 17, Observations has not been back-ported and requires OS 26.

[…]

To implement cancellation you need to wrap the entire thing in a Task, store that task in an instance variable, and determine key points in the lifecycle of your object to cancel that task[…]

[…]

It is important that your Task and your Observations structs weakly-capture both self and whatever object you’re trying to observe. But it’s still easy to get it wrong.

[…]

You can’t access a mutable var property from the deinit. You would need to wrap that property in some kind of synchronization box, like a Mutex, which comes with its own kinds of hassles and boilerplate.

Combine was much more succinct, but it seems like this API is a work in progress so it may get better next year.

Paul Hudson (Mastodon, Hacker News):

There are a handful of important usage notes you should be aware of when using Observations:

  1. It will emit the initial value as well as all future values.
  2. If multiple changes come in at the same time, they might be coalesced into a single value being emitted. For example, if our Task code incremented score twice, the values emitted would go up in 2s.
  3. The AsyncSequence of values being emitted can potentially run forever, so you should put it on a separate task or otherwise handle it carefully.
  4. If you want iteration to stop – to end the loop – you should make the value being observed optional, then set it to nil.

Lucas van Dongen:

I built a simple demo app with both the new and existing stuff.

Previously:

Thursday, October 30, 2025

Swift 6.2: Subprocess

Holly Borla:

Swift 6.2 introduces a new Subprocess package that offers a streamlined, concurrency‑friendly API for launching and managing external processes.

SF-0007:

The existing Foundation API for spawning a process, NSTask, originated in Objective-C. It was subsequently renamed to Process in Swift. As the language has continued to evolve, Process has not kept up. It lacks support for async/await, makes extensive use of completion handlers, and uses Objective-C exceptions to indicate developer error. This proposal introduces a new package called Subprocess, which addresses the ergonomic shortcomings of Process and enhances the experience of using Swift for scripting and other areas such as server-side development.

It’s currently available as a package, rather than being built into the OS, so the API may not be fully stable, but you can use it on older OS versions.

One of the issues with NSTask/Process is that the simple API works for small amounts of input/output but (unbeknownst to many, even some experts) hangs once you exceed the OS’s buffer size. There are ways around this, but they are awkward (though you can hide them in a helper class). As Christian Tietze (Mastodon) writes:

Helge Heß pointed out that naive usage of Pipe in child Processes can break your program if you pipe too much data.

[…]

If the data is larger than the pipe buffer, you need to drain the corresponding FileHandle with repeated read calls. (Or provide data larger than 64KiB with repeated write calls, respectively.)

If you try to send/receive the whole buffer in one go, from a user’s perspective, your program will freeze, and the read call never return. As a CLI app, it’ll never terminate.

Subprocess seems to be designed to transparently handle this. You can specify the output size limit (and the encoding, if you want a string output), and it will collect the pieces of output as they arrive.

I’ve been using Swift to write scripts, and scripts often need to run shell commands. Unfortunately, Subprocess is currently cumbersome to use for scripting, as Jacob Bartlett writes:

These simple scripts have ludicrous amounts of overhead for what are trivial one-liner operations in the bash shell. Bear with me, because later we’ll look at where Swift subprocess can actually work well, in a more complex workflow.

The additional overhead of requiring a full SwiftPM project, compared to a Bash script, makes it incredibly cumbersome for simple workloads. Also, it’s still not an actual script, so it’ll always require a compilation (and potentially dependency resolution) overhead whenever your code changes.

On the other hand, the syntax, type safety, and composability of Swift code work pretty nicely when you have complex automation workflows to orchestrate, build, and run on demand.

Previously:

NeoFinder 9.0

Norbert Doerner:

New Cataloging engine with more speed and reliability

[…]

Ability to move files to new folders inside a Catalog

Text Replacements for the XMP Editor for faster annotations

[…]

Image Capture to import photos and videos from connected cameras, including adding XMP presets, and store them in a date based folder structure [guide]

[…]

QuickPerson panel to add persons with just a single click

QuickTags panel to add keywords with just a single click

[…]

Multi Renamer has ten more variables to be placed in the new names

NeoFinder (formerly CDFinder) is now 30 years old. The new version is $39.99 to purchase or $25.99 to upgrade.

Previously:

Wednesday, October 29, 2025

Swift 6.2: NotificationCenter Messages

Holly Borla:

In Swift 6.2, the Foundation library includes a modern NotificationCenter API that uses concrete notification types instead of relying on strings and untyped dictionaries for notification names and payloads. This means you can define a notification struct with stored properties, and observers can use the type without error-prone indexing and dynamic casting.

Apple:

In Swift, the Notification type is nonisolated, even in cases where it’s posted on a known isolation. To provide specific isolation information and better support Swift concurrency, NotificationCenter defines two message types. A NotificationCenter.MainActorMessage binds to the main actor, whereas a NotificationCenter.AsyncMessage uses an arbitrary isolation. Frameworks extend these types to define distinct messages, typically corresponding to an existing Notification.Name, that declare instance properties for their values instead of using a userInfo dictionary. As a result, messages can conform to Sendable when they either don’t use properties or contain only sendable properties.

If your project only needs to support Swift, you can just use the Message types. For projects with both Objective-C and Swift code, define a Notification as well as a corresponding Message type.

However, the new API is part of Foundation, not Swift 6.2, so even in a pure-Swift app you can only use it on macOS 26 and later. This is a bummer because notifications aren’t a new feature that you can make available in your app only on the latest OS. Rather, they’re central to the design of the app itself. You can’t even begin migrating your code to the new API until you drop support for all the previous OS versions.

You can post a message with the post(_:subject:) method, passing a message instance and optionally providing a subject. To receive messages, add an observer with the addObserver(of:for:using:) method. The overloads of this method allow you to observe either messages from a single object or from any object of a given type. Observation ends when you discard the token returned from addObserver(of:for:using:) or after an explicit call to removeObserver(_:).

You can also receive messages as an AsyncSequence with the messages(of:for:bufferSize:) methods.

SF-0011:

The optional lookup type, NotificationCenter.MessageIdentifier, provides an SE-0299-style ergonomic experience for finding notification types when registering observers.

[…]

Optional bi-directional interoperability with the existing Notification type is available by using the Notification.Name property and two optional methods, makeMessage(:Notification) and makeNotification(:Self)[…]

[…]

Observers called via the existing, pre-Swift Concurrency .post() methods are either called on the same thread as the poster, or called in an explicitly passed OperationQueue.

However, users can still adopt Message-style types with pre-Swift Concurrency .post() calls by providing a Message-style type with the proper Notification.Name value and picking the correct type between MainActorMessage and AsyncMessage.

See also: Fatbobman.

Previously:

Swift 6.2

Holly Borla:

InlineArray is a new fixed-size array with inline storage for elements, which can be stored on the stack or directly within other types without additional heap allocation.

[…]

The new Span type offers safe, direct access to contiguous memory. Span maintains memory safety by ensuring the memory remains valid while you’re using it.

[…]

Swift 6.2 introduces opt-in strict memory safety, which flags uses of unsafe constructs, so you can replace them with safe alternatives or explicitly acknowledge them in source code.

[…]

Swift 6.2 significantly improves clean build times for projects that use macro-based APIs.

Most of these proposals have been previously discussed here. Strict memory safety is in SE-0458:

This proposal introduces an opt-in strict memory safety checking mode that identifies all uses of unsafe behavior within the given module. There are several parts to this change:

  • A compiler flag -strict-memory-safety that enables warnings for all uses of unsafe constructs within a given module. All warnings will be in the diagnostic group StrictMemorySafety, enabling precise control over memory-safety-related warnings per SE-0443. When strict memory safety is enabled, the StrictMemorySafety feature will be set: #if hasFeature(StrictMemorySafety) can be used to detect when Swift code is being compiled in this mode.
  • An attribute @unsafe that indicates that a declaration is unsafe to use. Such declarations may use unsafe constructs within their signatures.
  • A corresponding attribute @safe that indicates that a declaration whose signature contains unsafe constructs is actually safe to use. For example, the withUnsafeBufferPointer method on Array has an unsafe type in its signature (self), but is actually safe to use because it handles safety for the unsafe buffer pointer it vends to its closure argument. The closure itself will need to handle the unsafety when using that unsafe buffer pointer.
  • An unsafe expression that marks any use of unsafe constructs in an expression, much like try and await.
  • Standard library annotations to identify unsafe declarations.

SE-0477:

A new string interpolation syntax for providing a default string when interpolating an optional value.

Keith Harrison:

One issue is that I’ve been unable to get this to work with localization. The problem seems to be that LocalizedStringKey doesn't’t support the default value parameter.

Paul Hudson (Mastodon, Hacker News):

SE-0451 dramatically expands the range of characters we can use to create identifiers – the names of variables, functions, enum cases and similar – so we can name them pretty much however we want when placed inside backticks.

[…]

SE-0459 makes the type returned by enumerated() conform to Collection.

[…]

SE-0479 extends Swift’s key paths to support methods alongside the existing support for properties and subscripts, which, along with SE-0438 introduced in Swift 6.1, promises to round out what key paths can do.

[…]

SE-0419 introduces a new Backtrace struct, which is capable of capturing data about the call stack of our app at any given moment – the exact sequence of function calls leading up to the current point.

[…]

SE-0448 expands Swift’s regular expression support to include lookbehind assertions, which allow us to check if a specific pattern appears immediately before the current position in the string, without including it in the matched text.

[…]

It’s SE-0476, which introduces a new @abi attribute that makes it easier for ABI-stable library authors to make changes to their libraries without breaking things.

Matt Gallagher (CwlDemangle):

It looks like Swift 6.2 will finally let us access the built-in Swift demangling so we can turn runtime mangled names into something human readable without resorting to half-assed third party libraries (like my own CwlDemangle).

Technically, the demangling is part of the new Backtrace API but it offers SymbolicatedBacktrace.Symbol with a lazily evaluated name that performs demangling on the rawName.

It doesn’t expose DemangleOptions but it’s a huge improvement.

Swift 6.2 also includes some other big features, which I’m going to write separate posts about:

Previously:

Imgur Blocks UK Users Over Age Verification

Imgur TOS Update (2021, via Hacker News):

No nudity or sexually explicit content.

Provocative, inflammatory, unsettling, or suggestive content should be marked as Mature.

No hate speech, abuse or harassment.

No content that condones illegal or violent activity.

Connor Jones (Hacker News):

The UK’s data watchdog has described Imgur’s move to block UK users as “a commercial decision” after signaling plans to fine parent company MediaLab.

It opened an investigation into various companies, including TikTok and Reddit, in March, focused on how these major platforms handle children’s data and verify their ages, which led to issuing a notice of intent to fine MediaLab in September.

[…]

Capel also hinted that even if Imgur continues to block UK users, the ICO may still seek to penalize its parent company.

[…]

The ICO said the investigation was instead related to its Children's code strategy, which it first published in 2021 [rather than the Online Safety Act].

Previously:

Update (2025-11-10): Preston Byrne (via Hacker News):

I am currently representing every single U.S. social-media enforcement target of the UK Online Safety Act, again pro bono,without exception. I will continue to do so until the Online Safety Act’s capacity to harm American citizens is destroyed, by America enacting a shield law.

[…]

SaSu is a tiny forum which didn’t have much of an appetite for a fight. Accordingly, when Ofcom came calling at the end of February, SaSu more or less immediately IP blocked the entire UK in hopes of avoiding enforcement action. (Ofcom claims this occurred in July; it in fact occurred in May.)

And, for a time, this worked. Today, however, I can reveal that Ofcom has reversed its decision and is going after the site anyway.

[…]

What might have happened is that a third party, understanding this, could have found SaSu’s mirror, hit SaSu’s mirror with one of these IPs, and then handed the file off to the regulator as some kind of “gotcha” demonstrating that the IP geoblock was ineffective, and using the fact of the access plus the fact that there was a mirror URL to claim that SaSu was somehow trying to dishonestly mislead the regulator about its compliance with the OSA through geoblocking.

[…]

Ofcom is trying to set the precedent that no matter where you are in the world, and no matter how much you try to keep UK users off your site, Ofcom believes you have to follow its rules – even if you’re American and you’re engaged in constitutionally protected speech and conduct.

Tuesday, October 28, 2025

AirTrafficDevice: Ignored, Reluctantly Fixed, No CVE, No Bounty

Rosyna Keller:

I wholly and utterly believe in the principle behind Apple’s App Tracking Transparency initiative. I therefore consider anything that is both

  • uniquely tied to a user and

  • available when “Allow Apps to Request to Track“ is disabled to be a gross violation of the spirit of App Tracking Transparency.

[…]

While Apple has fixed 3-4 (search for my name) of the 21 privacy bugs (and one kernel panic) I reported, Apple decided they weren’t eligible for the bug bounty.

[…]

When I first reported OE11020806152810, it was almost immediately closed as “Not to be fixed”. I had to gently poke a few bears to get it back to “we’ll fix this.”

However, Apple never assigned a CVE while reluctantly fixing this serious bug/privacy leak.

Previously:

Update (2025-11-07): Another example, from Joseph Goydish II:

A critical vulnerability in Apple’s iOS activation backend allows for the injection of unauthenticated XML .plist payloads during the device setup phase. The flaw permits arbitrary provisioning changes without authentication, signature verification, or error feedback—exposing devices to pre-activation tampering and persistent configuration manipulation.

He says this had already been actively exploited when he reported it to Apple back in May:

Forensic analysis on devices freshly reset and activated on iOS 18.5 revealed persistent entries in system caches such as CloudKitAccountInfoCache and CommCenter, as well as configuration drifts that could not be attributed to any user action.

However, Apple “continues to classify it as ‘hypothetical’ and has not acknowledged the evidence as sufficient to deem it a vulnerability.”

The lack of remediation leaves iOS devices, including those running the latest stable release, vulnerable to advanced post-exploitation tactics, warranting immediate attention from both Apple and enterprise security teams.

Update (2025-11-07): Jeff Johnson:

There’s an anonymous GitHub account that just joined a few months ago and this month posted a bunch of fake Apple vulnerabilities with no reproduction steps.

Reddit Sues SerpApi

Mike Isaac (PDF):

Practically overnight, a class of companies like SerpApi — known as “data scrapers” — found a new business selling data scraped from Google to companies looking to train their A.I. chatbots.

On Wednesday, the internet message board Reddit decided to fight the data scrapers. It filed a lawsuit in the U.S. District Court for the Southern District of New York claiming that four companies had illegally stolen its data by scraping Google search results in which Reddit content appeared.

Three of those companies — SerpApi; a Lithuanian start-up, Oxylabs; and a Russian company, AWMProxy — sold data to A.I. companies like OpenAI and Meta, according to the lawsuit. The fourth company, Perplexity, is a San Francisco start-up that makes an A.I. search engine.

Via John Gruber (Mastodon):

The entire premise of their business is crazy. SerpApi prints the crime right on the tin, describing their service as a “Google Search API” and “Scrape Google and other search engines from our fast, easy, and complete API.” What makes this so crazy is that Google doesn’t offer a search API. SerpApi is offering the Google search API that Google itself doesn’t offer, and charging companies money for it. Everyone, upon hearing the premise and nature of SerpApi, asks the same question: How is this legal? The answer is, it probably isn’t. But right on SerpApi’s home page they claim to offer customers a “U.S. Legal Shield”[…]

[…]

Why Google hasn’t sued them yet, I don’t understand.

This is a weird case. SerpApi is not like Common Crawl, building an index by scraping the Web. It’s scraping Google search results. Google actually does have legal access to scrape Reddit. And SerpApi is probably right that there’s First Amendment protection for indexing public search results, just as there is for indexing other public content. But, obviously, they’re trying to get at the Reddit data without paying to license it, and maybe the means for doing this violate the DMCA. On the one hand, hiring a hitman is illegal; you don’t get a legal shield by contracting out the crime. On the other hand, it’s not exactly clear to me which step of this chain is illegal, especially if Google seems not to object. Whatever, the result, I expect it to have far-reaching consequences for the Web.

Mike Masnick:

Reddit is NOT arguing that these companies are illegally scraping Reddit, but rather that they are illegally scraping… Google (which is not a party to the lawsuit) and in doing so violating the DMCA’s anti-circumvention clause, over content Reddit holds no copyright over. And, then, Perplexity is effectively being sued for linking to Reddit.

[…]

And, incredibly, within their lawsuit, Reddit defends its arguments by claiming it’s filing this lawsuit to protect the open internet. It is not. It is doing the exact opposite.

[…]

Reddit has a license to the content users post in order to operate the service, but they don’t hold the copyright on it. Indeed, Reddit’s terms state clearly that users retain “any ownership rights you have in Your content.” Because of Reddit’s agreement that it can license content, the deal with Google could sorta squeeze under that term, but that doesn’t give Reddit the right to then sue over users’ copyrights (as it’s doing in this case).

[…]

But here, Reddit is doing something even crazier. Because it’s saying that since these companies (allegedly) get around Google’s technological measures, then somehow Reddit can accuse them of violating 1201.

Nick Heer:

I am glad Masnick wrote about this despite my disagreement with his views on how much control a website owner ought to have over scraping. This is a necessary dissection of the suit, though I would appreciate views on it from actual intellectual property lawyers. They might be able to explain how a positive outcome of this case for Reddit would have clear rules delineating this conduct from the ways in which artificial intelligence companies have so far benefitted from a generous reading of fair use and terms of service documents.

Jeff Johnson:

OpenAI is blatantly ignoring my robots.txt User-agent: ChatGPT-User Disallow: /

ClaudeBot too, apparently.

John Gruber (Mastodon):

At the bottom of their “Use Cases” page, SerpApi lists the following companies and organizations as customers (“They trust us. You are in good company. Join them.”)

[…]

Was Apple removed from the list because they’re no longer (or never were?) a customer, or because they remain a customer but don’t want to be listed?

Previously:

“LG” Spotlight Indexing Bug

Howard Oakley:

There’s a bug in Spotlight that can prevent it from indexing any of the contents of susceptible text files. This has been present since macOS 13 Ventura if not before, and is still present in Tahoe 26.0.1.

[…]

To demonstrate this bug, all you need is a single UTF-8 plain text file, created by TextEdit or any other app capable of saving plain text. Start the text with the two characters L and G, both in capitals.

[…]

This isn’t the first bug in the RichText.mdimporter. In macOS Catalina 10.15.6, the same mdimporter (then build 319.60.100) introduced a bug that broke indexing of Rich Text (RTF) files.

Drew:

The same thing happens for ‘HPA’. I suspect this might have something to do with the magic entry for Arhangel archive data (/usr/share/file/magic/archive; see also HPA archive data), or something that is trying to make an equivalent check. Notice that ‘file’ reports such a text file as being ‘Arhangel archive data’.

Like Oakley, I wouldn’t expect this to matter. Spotlight uses the file extension to determine the UTI (and therefore the importer), rather than using “magic” to look at the contents of the file. But it appears the problem is occurring after that and that the importer itself is using “magic.”

Howard Oakley:

What happens is that saving a text file starting with forbidden characters correctly triggers Spotlight’s indexing service. That identifies the file as having the UTI public.plain-text and hands it over for its contents to be indexed. But the indexer inspects those first few characters, decides it’s a different type of file altogether, and promptly returns an error 4864 for an NSCoderReadCorruptError without going any further.

[…]

It turns out that files starting with the characters Draw were characteristic of a binary vector graphics format used by the !Draw app for RISC OS 2 in 1989. Rather than believing the file’s UTI for one of the most common types of files in macOS, Spotlight’s indexer therefore decided that it was trying to import file data that must now be as rare as hens’ teeth, and wouldn’t go any further.

Previously:

Monday, October 27, 2025

Line Wraps and the Zero-Width Joiner

I was reminded of this post from former Nisus developer Martin Wierschin:

How does does an emoji do that in text? By using a zero-width joiner character between its constituent characters. That way software knows to display all the codes together as a single glyph or image on screen. This joiner trick is used for a variety of purposes like skin tone and gender modifiers.

Now to the part where we explain how the zero-width joiner character can help your writing. In certain situations you might consider inserting a joiner character to change where line wrapping occurs. The joiner acts as a signal to the text layout engine that the adjacent characters should be joined. You can think of the joiner like a glob of glue that keeps its neighbors together. The characters won’t display a single image as with emoji, but rather they will be kept together on the same line.

Nisus Writer Pro has a built-in menu command to insert the zero-width joiner. There’s also a built-in way to insert it into any macOS text view, but it’s not obvious:

  1. Open the Emoji & Symbols inspector.
  2. If necessary, click the rightmost button to switch it to the full Character Viewer.
  3. From the menu, choose Customize List….
  4. At the bottom of the list, check the box next to Code Tables ‣ Unicode and click Done.
  5. Select Unicode at the left and then select 2000 General Punctuation at the right.
  6. Zero Width Joiner (U+200D) and related characters are in the first row.

You can add them as favorites. Unfortunately, even then, they do not seem to be searchable by name. For me, the easiest way to make unusual characters accessible is to add them as LaunchBar snippets. macOS text replacements would probably work, too.

Here are the characters from Wierschin’s “female chef” example if you want to copy/paste them to try it out:

👩 + U+200D + 🍳 = 👩‍🍳

Previously:

Update (2025-10-28): Thanks to Ralf for helping me to realize that searching for “joiner” does find the character. It looks like it only finds the letters “j,” “o,” “i,” “n,” “e,” and “r,” but there are actually invisible characters after that that only show up if you click on what looks like empty space.

Nisus Probably Moribund

Joe Kissell:

For more than a year, we’ve heard scattered complaints: problems with Nisus Software’s website, particularly the user discussion forum; slow or absent responses to support requests; assorted bugs; and other issues. But earlier this week, on 22 October 2025, the reports changed to: “Did you know the Nisus website is completely down, and that Nisus Writer is no longer in the Mac App Store? Does this mean they’re out of business?”

On the one hand: The site is back online as I write this. The app still works. I’m writing the first draft of this article in Nisus Writer Pro on a Mac running macOS 26 Tahoe, and it’s fine. You can still download it and buy a license. At least one person is actively involved in the company, to some extent. It’s (mostly) alive!

On the other hand: All available evidence suggests that development and support for Nisus Writer have ceased, and barring some new information, its future is doubtful. It’s (mostly) dead!

[…]

Martin Wierschin, Dave Larson, and Mark Hurvitz (each of whom was the public face of Nisus Software at one point) are no longer at the company. Jolanta is in her late 80s, and Jerzy is older than Jolanta. As best I can determine, Jerzy is not actively involved with the business anymore, and Jolanta’s involvement appears to be minimal. I don’t think there are any other employees left at Nisus Software.

The latest update to the app was on 12 November 2024, and it appears the last time a Nisus employee posted on their discussion forum was also in November 2024.

It’s an odd situation, with no public activity in nearly a year and the apps removed from the Mac App Store but still available for purchase from the Web site.

And a sad one. Nisus Writer was the coolest demo I saw at my first Macworld Expo in 1992 or so, and it remained a great app through all of Apple’s transitions: PowerPC, Mac OS X, Cocoa, Intel, 64-bit, Apple Silicon, etc. But over time it became my favorite app that I no longer actually use. And I suspect that usage declined for others as well. iOS and Markdown brought a revival of apps that use plain text. And most people who need rich text don’t need the power of Nisus Writer. The more basic use cases got squeezed by Pages, Microsoft Word, and Google Docs, which are free and/or ubiquitous. But for those who need it, there’s no clear replacement:

True, there’s no shortage of other Mac word processors. I’m sure that for many people, any number of them would be perfectly adequate. However, if you’re the sort of person who needs the tools that only Nisus Writer provides, none of that matters. Although I can’t speak for anyone else, I can definitely speak for Take Control Books, and we would be unable to do what we need to do in any of those other apps. Users who have built up libraries of complex macros in Nisus Writer, or who require find-and-replace based on style-sensitive regular expressions (to take just two examples) would be seriously hampered by another app.

Here are some forum threads discussing the state of things:

Previously:

Update (2025-10-28): John Gordon:

We are in the dark ages of word processing — Pages is buggy and incomplete and Word for macOS is eye-bleach.

John Gruber:

Seems like an ignominious demise for a once-great app. Nisus Writer has been an acclaimed Mac-only (and Mac-assed) word processor since 1989. I never got into it, but I could always see the appeal.

As he says, one way to think of it was like a BBEdit for rich text. (The developers had previously built a plain text editor called QUED/M.) But while I prefer BBEdit, there are many plain text editors that can do regex processing, and there wasn’t really anything else like Nisus Writer.

Update (2025-10-30): Eyal Redler:

In the 90’s I used to be a Nisus user and I liked it a lot. It’s true that as a Hebrew speaker, I had very little choice - nobody supported Hebrew well (or at all) except Nisus and Claris Works, but Nisus was also a very solid application.

Mac OS X rendered the classic Nisus (and many other apps) obsolete, and the complete lack of any Hebrew support on Mac OS X seemed like an opportunity, which I grabbed, and with my brother Ori started to develop what was to become Mellel.

It took a while for Nisus to introduce their version for macOS, and by that time we had made a lot of progress and were quite a bit ahead, but they caught up rapidly and, in some areas, went further. It is fair to say we drew some inspiration from the classic Nisus and, I think it is also fair to say, they draw some inspiration from us.

Mellel and Nisus share have quite a bit in common: we’re both what you might call a “traditional” word-processor, are geared towards academic and scientific writing, and we’re both small players in a world of giants, trying to compete as a paid product against products that are often licensed by institutions or given away for free.

Another thing we shared is a considerable chunk of customers who used both applications. It is always nice to know there’s room for everybody.

We’re not sure what’s going to happen with Nisus and we hope they recover - we can all flourish together. In any case, we would like to offer Nisus users the chance to get Mellel at a discounted price — $51.75.

Twitter to Show Link Content and Tweet Simultaneously

Nikita Bier:

We’re testing a new link experience, starting on iOS -- to make it easier for your followers to engage with your post while browsing links.

For creators, a common complaint is that posts with links tend to get lower reach. This is because the web browser covers the post and people forget to Like or Reply. So X doesn’t get a clear signal whether the content is any good.

To help get better signal, posts will now collapse to the bottom of the page so people can react while you’re reading.

As always, remember: the post should stand alone as great content so write a solid caption.

This seems like a better design, anyway. But my understanding is that, separate from naturally lower engagement, Twitter is still artificially deboosting posts with links, leading to an unfortunate pattern where people post the link in a reply to the main tweet. He insists that this is not the case.

Rosyna Keller:

Note that this new “feature” makes articles load slower and allows Twitter to see more of your browsing habits because it’s no longer using SFSafariViewController. That means no more fraudulent website warnings and no more content/ad/tracker blockers.

Léo Natan:

Part of the blame is on Apple for making SFSVC such a rigid and badly constructed API, that supports zero customization.

Previously:

Update (2025-10-30): Max Odnoletkov:

Don’t know about better design, but it is atrocious from performance, usability, privacy and security perspective. Had it on for a couple of days and now it’s back to normal SFVC. Hopefully the experiment is all negative and they’ll drop the idea.

Update (2025-11-05): stillatit:

I run an ecom store that gets a lot of its customers from Twitter. I was also shocked to see my traffic double or triple overnight and thought the algorithm had blessed me and my business. Soon realized what was actually happening. Thought other traffic-monitors might appreciate this explanation.

[…]

Meanwhile Nikita Bier is pretending they never suppressed tweets with links to begin with[…] A bit of a rewriting of history since Elon and his mom both tweeted about how it wasn’t fair to use his platform to promote other links/platforms, even banning people who shared profiles of other social networks (including Paul Graham for a period). They suppressed all links shortly after.

Aaron:

Here is the latest list of domains that X has excluded from using the new in-app link viewer on iOS

Friday, October 24, 2025

Sky Acquired by OpenAI

OpenAI (Hacker News):

We will bring Sky’s deep macOS integration and product craft into ChatGPT, and all members of the team will join OpenAI.

John Voorhees:

I’m not surprised by this development at all. OpenAI, Anthropic, and Perplexity have all been developing features similar to what Sky could do for a while now. In addition, Sam Altman was an investor in Software Applications Incorporated, the company behind Sky.

Samuel Axon:

That includes SAI co-founders Ari Weinstein (CEO), Conrad Kramer (CTO), and Kim Beverett (Product Lead)—all of whom worked together for several years at Apple after Apple acquired Weinstein and Kramer’s previous company, which produced an automation tool called Workflows, to integrate Shortcuts across Apple’s software platforms.

The three SAI founders left Apple to work on Sky, which leverages Apple APIs and accessibility features to provide context about what’s on screen to a large language model; the LLM takes plain language user commands and executes them across multiple applications. At its best, the tool aimed to be a bit like Shortcuts, but with no setup, generating workflows on the fly based on user prompts.

Rui Carmo:

Well, guess what: OpenAI did what Apple should have done and acquired them.

[…]

At the time it was announced I ranted on about how Apple had managed to mis-manage this kind of talent and vision for Mac automation so badly that they ended up leaving the company and not having any of what they showed at the time incorporated in Apple Intelligence, and I am sticking to my guns on that one[…]

Juli Clover:

OpenAI’s Sky acquisition comes just a day after OpenAI announced ChatGPT Atlas, a new browser that’s designed to compete with Safari and Chrome.

Ryan Jones:

It’s a chatbot.
It’s a browser.
It’s an OS.

Are you getting it yet @Apple?

Previously:

Europe vs. App Tracking Transparency

Marcus Mendes:

In its statement issued earlier this week to the German Press Agency, Apple said the following:

“Intense lobbying efforts in Germany, Italy and other countries in Europe may force us to withdraw this feature to the detriment of European consumers. (…) We will continue to urge the relevant authorities in Germany, Italy and across Europe to allow Apple to continue providing this important privacy tool to our users.”

Juli Clover:

Germany launched a probe into App Tracking Transparency back in 2022, and in February 2025, Germany’s Federal Cartel Office preliminarily ruled that Apple abused its market power with ATT, giving itself preferential treatment, even though Apple says it does not collect data from third-party apps. The cartel said that Apple’s restrictions made it “far more difficult” for app publishers to access user data relevant for advertising.

In March 2025, Apple was fined 150 million euros by France’s Competition Authority. French regulators said that Apple complicated the process for users to opt out of tracking and unfairly disadvantaged third-party developers and ad providers. Apple is facing a similar investigation in Italy, with a ruling expected later this year.

Steve Troughton-Smith:

Apple would rather disable app tracking prevention in Europe entirely than to have to conform to the rules in its own apps that it imposes on third party developers.

And then it tries to blame regulators and lobbyists for the situation.

At every turn, Apple is determined to prove that it’s a scummy company that can’t remotely be trusted

“Apple (…) holds itself to a higher standard than it requires of any third-party developer. [Just trust us, bro 🤞]”

Josh Calvetti:

Apple does LOTS of telemetry and tracking in their apps. They just believe that it’s okay because they are trustworthy because they said so.

Dare Obasanjo:

You can fool some of the people all of the time, and all of the people some of the time, but you can not fool all of the people all of the time.

Regulators are now catching on how Apple uses protecting users as an excuse for anticompetitive practices.

Previously:

Update (2025-10-27): Nick Heer:

I believe there are people within Apple who care deeply about privacy. However, when Apple also gets to define privacy and tracking, it is no coincidence it found an explanation allowing it to use platform activity and in-app purchases for ad targeting. This is hardly as sensitive as the tracking performed by Google and Meta, and Apple does not use third-party data for targeting.

But why would it? Apple owns the platform and, if it wanted, could exploit far more user information without it being considered “tracking” since it is all first-party data. That it does not is a positive reflection of self-policing and, ideally, something it will not change. But it could.

What E.U. authorities are concerned about is this self-serving definition of privacy and the self-policing that results, conflicting with the role of European regulators and privacy laws, and its effects on competition. I think those are reasonable grounds for questioning the validity of App Tracking Transparency. Furthermore, the consequences emanating from violations of privacy law are documented; Meta was penalized €1.2 billion as a result of GDPR violations. Potential violations of App Store policy, on the other hand, are handled differently. If Meta has, as a former employee alleges, circumvented App Tracking Transparency, would the penalties be handled by similar regulatory bodies, or would it — like Uber before — be dealt with privately and rather quietly?

What Happened to Apple’s Legendary Attention to Detail?

John Ozbay (Hacker News):

In my mind, “Apple” as a brand used to be synonymous with “attention to detail” but sadly, over the course of the last 8 - 10 years, their choices have become anything but detail oriented.

[…]

If you are privacy conscious like me, and don’t give the Reminders app permission to access your location, it will ask you for location permissions every single damn time you launch it.

[…]

For some reason, Mac OS X doesn’t have a standard and consistent design for tabs.

[…]

Here’s the iOS 26 Files app in dark mode, and light mode side by side. Notice anything missing? Like the folder name or the barely visible down arrow? It’s almost as if they haven’t tested iOS 26 in dark mode at all.

[…]

I fired up Settings to disable transparency, and none of the icons showed up there at first. […] Feeling frustrated beyond measure, I enabled “reduced transparency” mode, which fixed the icons but broke other things even further.

There are just a huge number of little problems, which really degrade the experience of Apple’s platforms. This morning, the “d” key on my keyboard stopped working. This has happened several times over the last few months. I know it’s a software issue because the problem also occurs with other keyboards (both Bluetooth and USB). Restarting the Mac always fixes it. When I tried that today, the Mac showed the login prompt on the wrong display and in the wrong resolution. After a few seconds it moved to the proper display. I started typing my password but, even though I use a USB keyboard, the first few characters were dropped, and I had to backspace and start again. There was a little glitch where nothing happened for a second or two after I pressed Delete. After booting finished, everything was extremely slow for no apparent reason. The cursor was jumpy. Moving between messages in Mail took several seconds even though it was otherwise idle. LaunchBar took a few minutes to finish launching. I clicked on iStat Menus to see what was going on, and it took 30 seconds for the menu to pull down. Activity Monitor showed little CPU use and disk activity, and samples just seemed to show various apps spending lots of time waiting. Eventually, everything returned to normal speed.

A few years ago, I started collecting links for a massive post about design paper cuts. I never found the time to write it all up, and many of the posts have since been deleted, but it seems worth including some of the relevant links here instead of letting them languish in a draft:

Joe Rosensteel:

One of the things that I think about from time to time is Apple’s collection of apps. Some are the crown jewels, like Apple’s pro apps, and others help an everyday consumer to tackle their iLife. All are pretty starved for attention and resources, outside of infrequent updates aligned with showing off the native power of Apple Silicon, Apple Intelligence, or demos of platform integration that never quite get all the way there.

Previously:

Update (2025-10-28): Sarah Reichelt:

It’s the software that lets down the hardware and the quality has been going downhill for some years now. We are way out of the “it just works” phase of using Apple products. I consider myself an expert and I have great trouble accomplishing some tasks.

The latest versions of all the operating systems seem particularly buggy, even if one ignores the obvious readability problems of Liquid Glass. Apple is a company that has always prided itself on its commitment to accessibility, so how they got this so wrong is a mystery. It seems like they wanted a major redesign just for the sake of it, and were prepared to put up with a huge reduction in usability in order to look different.

[…]

Move Craig Federighi from software to marketing.

[…]

Use the developer community which is full of people who want to help, but are sick of being treated like the enemy.

Update (2025-10-30): Nick Heer:

I promise that users notice these bugs all the time and, especially in products that do not have a more technically literate audience, they become sources of confusion and dissatisfaction. They make software feel brittle. Product managers, please encourage your developers to hunt down and resolve these bugs every single day. Chip away at the list until nothing remains, and you will end up with software that feels like users can rely on it.

Update (2025-11-04): Dave Wood:

I dropped iPhone and macOS and have switched to Android (Pixel 10) and Linux (Fedora). No issues at all. Fewer issues actually because iOS and macOS are so damn buggy now.

I do still have a mac as a build server since I still have to produce builds, but all my code etc is done on Linux now.

Bart:

It amazes me how Apple still fails to learn from the lessons they themselves inflicted on Microsoft.

Microsoft lost the developer battle a long time ago, and if they didn’t already have decades of irreplaceable business software no one was ever gonna rewrite, they would have gone out of business.

[…]

Apple doesn’t seem to want anyone to write proper native Mac apps anymore. They don’t even seem to be able to define for themselves what that actually means.

Sebastián Benítez:

Bit by bit, they are ruining it. It’s still good compared to Windows, but in a yearly decay. I find it comically sad how all the well known Indie developers complain and cry about the newest release, every fucking year. And still nothing changes. They will remain imprisoned by Apple, unable (and unwilling) to escape. As long as they make money, of course they will carry the flag.

Previously:

Excel for iOS Borked

Thomas Claburn:

Microsoft Excel for the past week has been hanging or crashing on iOS and iPadOS devices, to customers’ great annoyance.

The problems appear to have begun following the release of Excel version 2.102.1 for iOS and iPadOS on October 13, 2025. The release added support for Apple’s Liquid Glass design, which debuted with the September 15, 2025 release of iOS 26 and iPadOS 26 – also credited with dozens of bugs.

The Register downloaded Excel for iOS, version 2.102.2, released three days ago, and found the app non-functional. The “+ Create” icon did not respond to touch events, which prevented the creation of a new spreadsheet from the menu of provided templates.

[…]

Reports of problems began surfacing about a week ago and have continued since then.

Poor testing and communication from Microsoft, and because of the App Store customers have no way to revert to the last stable version.

Update (2025-10-24): Erik Schwiebert:

This has been addressed. It was unfortunately the intersection of a latent client-side bug (been there for a long time) and a change in a server-side policy that exposed the latent bug; the issue was not connected to the monthly update and Liquid Glass changes. It took more time than desired to identify the server-side change as the root cause.

Thursday, October 23, 2025

General Motors Doubles Down on Removing CarPlay

Juli Clover:

General Motors began phasing out support for CarPlay in its electric vehicles back in 2023, leading to complaints from iPhone users, but the company has no plans to back down.

In fact, GM is going further and plans to remove CarPlay from all future gas vehicles, too. In an interview with The Verge, GM CEO Mary Barra said that the company opted to prioritize its platform for EVs, but the change will eventually expand across the entire GM portfolio.

[…]

GM Chief Product Officer Sterling Anderson suggested that GM’s decision to embrace its own system is a “very Jobsian approach to things” that he likened to phasing out the disk drive.

I would just be laughing at this except I worry about getting stuck with a GM rental car.

John Gruber:

Someone should investigate whether Mary Barra is a mole planted at GM by Ford.

Joe Rosensteel:

Allow me to summarize this: Mary really wants to sell services, or have recurring revenue from partnerships and deals with companies in services to earn money over the lifespan of the vehicle. She cites how disorienting it is to jump in and out of CarPlay, but that’s hardly a hurdle that justifies the development work they’re putting into not supporting CarPlay and Android Auto projection systems.

[…]

The only salient point he raises is that there are features of the car that do not currently integrate with CarPlay, or CarPlay Ultra. It can’t do anything with Super Cruise. Apple, as far as I know, has no real plans for integrating Maps on a phone with any kind of assisted driving, or autonomous technology. I hope that they are working on something for that.

[…]

I do think Mary Barra would love to cut a deal with Apple to have Apple Music as an app on their own platform. Apple currently offers Apple Music apps for Tesla and Rivian and neither has ever supported CarPlay, because it is far more important to Apple to get the recurring services revenue than it is for them to use Apple Music as some kind of wedge issue for car shoppers.

[…]

I’m not going to sign up for a GM federated ID that stores my login credentials in their cloud. I’m not going to individually sign into apps in the car like Google Maps with my Google ID that I use for way more than just navigation.

Previously:

Update (2025-10-24): See also: Mac Power Users.

Dave Rahardja:

My interest in buying new cars is already at an all-time low. Now GM products are crossed off the list.

[…]

The main benefit for me is that I carry the state with me. Podcasts, for example, will pick up where I left off. Text messages read/unread state will update accordingly, and so on.

Update (2025-10-29): Andrew J. Hawkins:

But today, the company is clarifying that this won’t happen overnight.

“We are not making any changes to existing vehicles,” Malorie Lucich, a spokesperson for GM, said in a statement. “If your car supports Apple CarPlay or Android Auto, that will continue. Both will remain available in all GM gas-powered vehicles for the foreseeable future.

Update (2025-10-31): John Gruber (Mastodon):

If GM goes through with this abandonment of CarPlay, I don’t see how they’ll continue to sell any vehicles to rental agencies. I would never rent a car without CarPlay, and I would never consider signing up for a GM cloud service just to drive a rental car.

I hope so. I worry that all the rental agencies will just keep buying them and customers won’t have a choice.

Update (2025-11-03): Patrick George:

Although GM is the largest automaker that is ditching CarPlay, other car brands are also locking features behind a paywall. Toyota has some navigation tools that require a subscription, but CarPlay does about the same thing at no cost. I own an older Mazda with a remote-start feature that works every time I hit a button on my key fob; on my newer electric Kia, I have to pay up to $200 a year if I want to unlock that service. (I haven’t yet; in fact, study after study shows that consumers are broadly skeptical of more subscription features.)

Some automakers have made a point of proclaiming their allegiance to CarPlay, knowing that’s what buyers want. Toyota’s EVs tell CarPlay how much electric range they have left, so that Apple Maps can prompt the driver to stop at a nearby charger on a road trip. But the relationship between Detroit and Silicon Valley can be a tense one.

[…]

No matter what car you drive, the glory days of CarPlay may be numbered.

Update (2025-11-12): Chris Adamson:

One thing I don’t notice people talking about is how nice it is for CarPlay to be consistent across auto brands. We have a Ford and a Toyota, and our kid has a Honda. It really helps when maps, messages, music, podcasts, and notifications all work the same regardless of which vehicle we’re using.

Nick Heer:

I cannot imagine going back to a pre-CarPlay era. I like bringing my music collection seamlessly into my car, having Maps and Messages at my disposal, and not needing to sync anything with a different system. I wish I could replace Siri with something even borderline functional, though.

CarPlay Ultra, on the other hand, has not moved the needle for me, at least based on early reviews. The problem CarPlay solves is that it augments the infotainment system with the same environment I am used to elsewhere while still letting the rest of the car feel normal. CarPlay Ultra attempts to replace the entire dashboard, which has not so far been a problem I want solved. I worry that this could be a step too far for some automakers, too, and I hope it does not nudge more of them toward abandoning CarPlay in favour of a parasitic relationship with customers’ bank accounts.

I don’t like CarPlay Ultra, either. I’ve been concerned since it was announced that Apple would eventually force us to use it instead of regular CarPlay or that it would cause a rift with the automakers.

UK: Commission Lawsuit Ruling and Strategic Market Status

Sam Tobin:

Apple abused its dominant position by charging app developers unfair commissions, a London tribunal ruled on Thursday, in a blow which could leave the U.S. tech company on the hook for hundreds of millions of pounds in damages.

[…]

Thursday’s ruling comes after Apple was hit with a complaint to European antitrust regulators over the terms and conditions of its App Store under rules aimed at reining in Big Tech.

[…]

Rachael Kent, the British academic who brought the case, argued Apple had made “exorbitant profits” by excluding all competition for the distribution of apps and in-app purchases.

Sarah Perez:

The U.K.’s Competition and Markets Authority (CMA) said on Wednesday that it’s designating Apple and Google with strategic market status in their respective mobile platforms. The decision, which affects the companies’ operating systems, app stores, browsers, and browser engines, will enable the regulator to take targeted actions to enhance competition in the space.

[…]

Among other findings, the CMA discovered that U.K. mobile device owners are unlikely to switch between Apple and Google’s mobile platforms once they have adopted the ecosystem of their choice. It noted that both platforms require businesses to distribute apps through their app stores to reach consumers.

Notably, it also said that new technologies, like AI, were “unlikely to eliminate Apple or Google’s market power over the five-year designation period.”

Nick Heer:

Pretty soon it may be easier to list the significant markets in which Apple is still able to exercise complete control over iOS app distribution.

Previously:

Update (2025-10-24): Juli Clover (Hacker News):

According to the CAT, Apple had a monopoly over iOS app distribution and in-app payments. Apple’s argument that Android and other platforms were viable alternatives for consumers and developers was rejected. The Tribunal also did not accept Apple’s argument that its rules and fees were required for user security and privacy.

[…]

A damages trial is scheduled for November. Apple said it will appeal the ruling.

Update (2025-10-28): John Gruber (Mastodon):

Apple has approached all this regulatory conflict from a perspective that they’re right, and the regulators are wrong. That the App Store, as Apple wants it, is (a) good for users, (b) fair to developers, and (c) competitive, not anti-competitive, legally. But even if Apple is correct about that, at some point, after being handed loss after loss in rulings from courts and regulatory bodies around the globe, shouldn’t they change their strategy and start trying to offer their own concessions, rather than wait for bureaucrat-designed concessions to be forced upon them?

Update (2025-11-14): Hartley Charlton:

Apple was today denied permission from the UK’s Competition Appeal Tribunal to appeal a ruling that found its App Store commission practices to be unlawful and could result in damages of over $1 billion.

Regulatory Complaint About App Store in China

Hartley Charlton:

A law firm in China has filed a new antitrust complaint accusing Apple of abusing its control over iOS app distribution and payments, escalating a dispute that previously failed in civil court by seeking action from state regulators instead, Reuters reports.

[…]

Wang has now re-opened the case more broadly via a different channel, telling the media that the new administrative complaint is intended to prompt regulatory enforcement rather than a civil judgment. Unlike the 2021 filing, this complaint incorporates a comparative argument based on changes made in other jurisdictions. The filing asserts that Apple is continuing to operate a closed App Store in China while permitting alternative payment methods and sideloading in the European Union following enforcement of the Digital Markets Act and a U.S. court ruling that obliges Apple to allow outside payment links.

Previously:

Wednesday, October 22, 2025

ChatGPT Atlas

OpenAI (MacRumors, Reddit):

Today we’re introducing ChatGPT Atlas, a new web browser built with ChatGPT at its core.

[…]

With Atlas, ChatGPT can come with you anywhere across the web—helping you in the window right where you are, understanding what you’re trying to do, and completing tasks for you, all without copying and pasting or leaving the page. Your ChatGPT memory is built in, so conversations can draw on past chats and details to help you get new things done.

[…]

ChatGPT Atlas is launching worldwide on macOS today to Free, Plus, Pro, and Go users. Atlas is also available in beta for Business, and if enabled by their plan administrator, for Enterprise and Edu users. Experiences for Windows, iOS, and Android are coming soon.

Alas, it doesn’t support AppleScript and has System Settings–style preferences.

Nick Heer:

Atlas, like Perplexity’s Comet, is a Chromium-based browser. You cannot use it without signing in to ChatGPT.

[…]

The company says it only retains pages until they have been summarized, and I am sure it thinks it is taking privacy as seriously as it can. But what about down the road? What could it do with all of this data it does retain — information that is tied to your ChatGPT account?

Matt Birchler:

The new tab page is predictably a text box that intelligently does what you ask it to do, routing your queries to perform web searches, start a standard ChatGPT chat, or simply load a website from your bookmarks or history. You can, of course, also just paste in the URL and go.

[…]

I’m also a big proponent of the “show full URL in address bar” feature in all browsers, and I’m happy to see this is here as well. It’s a little thing, but I’m always worried it’s on its way out.

[…]

The app does not have an agent mode as of yet, but it sounds like that will be coming in the relatively near future. My experience with these modes in other browsers has been a major letdown, so we’ll see if OpenAI can do any better, but I’m not holding my breath here.

Nicolas Magand:

I use the ChatGPT app at work, and I actually like having a separate window for all A.I. shenanigans: I can switch apps quickly, I can close it, and I can call it with a keyboard shortcut. Sure, it’s way more limited, and I need to jump from one app to another more often, but I actually see this as a feature.

This is not just about Atlas; I haven’t read about any cool use case of an A.I. browser, whether it is Dia or Comet. Maybe this new browser will change things, maybe it will reach more people and we will see good examples, but so far, it feels like even folks at OpenAI struggled to find compelling use cases. Or maybe I was too bored by the video to pay attention?

Previously:

Update (2025-10-23): Lukas Valenta:

I can confirm there is an agent mode - alas, it is hard to find (at least to me) - it is hidden in “chat rectangle” preferences.

I’ve tried it for two tasks - finding ticket and filling the whole booking for me (worked great), and then create a new identifier + app in Apple developer / AppStore Connect. Had to manually step in once (didn’t change account), had to confirm once.

I think with correct prompts, this may be the way to optimize these tasks we don’t like anyway.

Certainly interesting, but I’m skeptical about giving an LLM this sort of access to my accounts.

Thomas Claburn:

OpenAI’s brand new Atlas browser is more than willing to follow commands maliciously embedded in a web page, an attack type known as indirect prompt injection.

Prompt injection vulnerability is a common flaw among browsers that incorporate AI agents like Perplexity’s Comet and Fellou, as noted in a report published by Brave Software on Tuesday, coincidentally amid OpenAI’s handwaving about the debut of Atlas.

[…]

A spokesperson pointed to a lengthy X post published Wednesday by Dane Stuckey, OpenAI’s chief information security officer, that acknowledges the possibility of prompt injection and touches on various mitigation strategies.

Update (2025-10-29): John Gruber (Mastodon):

After giving it a try over the last week, to me Atlas feels like … Chrome with a chat button bolted on. I do not see the appeal, at all, despite being a daily user of ChatGPT. Atlas offers nothing to me that’s better than using Safari as a standalone browser and ChatGPT’s excellent native Mac app as a standalone AI chatbot. But, for me, my browser is not “where all of [my] work, tools, and context come together”. I use an email app for email, a notes app for notes, a text editor and blog editor for writing and programming, a photos app for my photo library, a native feed reader app for feed reading, etc. My web browser is for browsing pages on the web. Perhaps this sort of browser/chat hybrid appeals better to people who live the majority of their desktop-computing lives in browser tabs.

Update (2025-11-05): Adam Engst:

Read Hart’s article for more details on the security and privacy concerns plaguing agentic browsers, but in short, they’re all somewhat vulnerable to “prompt injection“ attacks, in which malicious instructions are concealed within content read by an AI. These instructions could be hidden in HTML comments, white text on a white background, or in the page metadata. They might trick the chatbot into requesting personal information or instruct the browser to download and execute malware.

Radiccio 1.0

Crispy Crunchy Computerware (Mastodon):

I wanted to go back to a simpler time. I wanted a music app that gives me easy access to my music – organized the way I want – and provides a comfortable, peaceful environment to listen to it. I wanted an app that provides an abundance of useful tools, but doesn’t insist upon using them a certain way. I wanted an app that could help me remember the joy of collecting and listening to digital music.

[…]

Radiccio supports playing music from multiple types of sources, including files on your Mac, Apple Music, Plex, and Jellyfin. It includes features both new and familiar, including Librarian, pins, favorites, auto skip, journal, and more.

You can use Radiccio with one “On My Mac” source and an Apple Music source for free, with no time limit. If you want to add additional sources, we offer a paid subscription called Radiccio Plus!, and a free trial is available for eligible customers.

[…]

This is also important to me: Your files are yours. Your data is yours. Radiccio doesn’t modify your audio files. The Librarian data file also belongs to you; that’s why I put it out in the open, where you can easily find it. […] I designed Radiccio to be the opposite of lock-in; I want you to feel like you can leave at any time.

[…]

I have done my best to provide the best Apple Music experience I think I can. However, it was quite a challenge. In fact, Apple Music was the most difficult part of building Radiccio, by far. There were several times that I thought the Apple Music experience in Radiccio could not reach my personal standard of software quality, and I seriously considered shipping Radiccio without it. In the end, I was mostly able to make it work, but not without some significant limitations.

I’m really excited to see development in this space, and I’ll be following Radiccio with interest, but at the moment it doesn’t seem like the app for me. Radiccio seems to be at its best when using the Librarian feature and On My Mac sources, but I prefer to use an Apple Music source (i.e. music managed by the OS, even if you don’t subscribe to the Apple Music service) so that my music and metadata will sync to my iPhone and be available to third-party apps there such as Marvis. Apple Music sources rely on MusicKit. In theory, this is supposed to let Apple handle the syncing and other hard stuff while third-party apps focus on the user experience. But the reality is that MusicKit has all sorts of problems and limitations. I feel like I’m still locked into Music.app until either MusicKit improves or someone makes a complete system (Mac, iPhone, watchOS, CarPlay) that’s compelling enough to get me to leave Apple’s world (though I would still use Music.app for purchasing).

Previously:

Update (2025-10-31): dmd:

Other players seem like they want to take control of your files; to abstract away the details of the filesystem, so that you don’t have to think about it. Radiccio takes the opposite approach: It leans into the filesystem, expecting you to manage your files the way you want, while adding a layer on top that provides music-specific tools. As I mention frequently on this web site, Radiccio does not modify your files; that is a policy I intend to continue. In this way, Radiccio works alongside Finder, as a complementary tool, rather than a replacement for it.

[…]

The first thing most people notice about the UI is the large space set aside on the right side of the screen for album art, now playing info, and playback controls.

The biggest reason for this is that I wanted to see album art more clearly. For me, the album art is a significant part of the experience of enjoying music. I’ve never understood why most modern Mac music players relegate it to such a tiny, often literally thumbnail-sized area.

[…]

I also feel that the auto-scrolling, marquee-like effect that you see in some apps has usability problems. What reason is there for making me wait for an animation to complete just so I can read a few words of text? Moreover, what is it about a music player that justifies such unique treatment of a line of text, the likes of which you would find nowhere else in any software?

I love posts like this that explain why certain design decisions were made.

Tuesday, October 21, 2025

MailMaven 1.0

SmallCubed (Scott Morrison):

🎉 MailMaven Version 1.0 Official Release! 🎉 Joe Kissell’s Take Control of MailMaven is now available as a free download.

Previously:

Update (2025-10-24): See also: TidBITS-Talk.

Liquid Glass Toggle in appleOS 26.1 Beta

Juli Clover:

Even though we’re at the fourth beta of iOS 26.1, Apple is continuing to add new features. In fact, the fourth beta has some of the biggest changes that we’ll get when iOS 26.1 releases to the public later this month.

Juli Clover (Hacker News):

With the fourth betas of iOS 26.1, iPadOS 26.1, and macOS 26.1, Apple has introduced a new setting that’s designed to allow users to customize the look of Liquid Glass.

The toggle lets users select from a clear look for Liquid Glass, or a tinted look. Clear is the current Liquid Glass design, which is more transparent and shows the background underneath buttons, bars, and menus, while tinted increases the opacity of Liquid Glass and adds more contrast.

Juli Clover:

We tested the beta to see where the toggle works and what it looks like.

[…]

Apple’s new option looks different in both light and dark mode, increasing opacity in color consistent with each option. It works for Lock Screen notifications and within apps to make menu and navigation bars less transparent, but there is little to no change with other parts of the OS like Control Center, the App Library, and app icons and widgets on the Home Screen.

Stephen Hackett:

This toggle being in the display settings with things like Dark Mode is interesting to me. I would have thought that a control like this would land in Accessibility…

I guess they expect a lot of people to want this.

John Gruber:

I’m trying it out on iPhone, but for the most part, I really haven’t minded the Clear appearance. Clear feels more fun. But I’m glad Apple added this setting.

Nick Heer:

Here we are with yet another theme built around translucency, and more complaints about legibility and contrast — Miller writes “Apple says it heard from users throughout the iOS 26 beta testing period that they’d like a setting to manage the opaqueness of the Liquid Glass design”. Now, as has become traditional, there is another way to moderate the excesses of Apple’s new visual language. I am sure there are some who will claim this undermines the entire premise of Liquid Glass, and I do not know that they are entirely wrong. Some might call it greater personalization and customization, too. I think it feels unfocused. Apple keeps revisiting translucency and finding it needs to add more controls to compensate.

Francisco Tolmasky:

Liquid Glass has now transcended to Universal Allegorical Status in iOS 26.1, somehow managing to serve as an example of every possible bad design pattern. Fitting that the final puzzle piece was where all bad design eventually ends up: “If all else fails, make it a setting!”

Matt Birchler:

Apple’s never going to put out a press release that says we fucked up. So you have to look at their actions to see when they have made a miscalculation. For the Photos app, that meant seeing the company effectively completely revert the redesign from iOS 18 in iOS 26, and in the case of liquid glass, it’s seeing this new setting coming just weeks after the public got their hands on the new UI element.

Garrett Murray:

Think about how many collective millions of dollars in time and effort have been spent by developers and designers to try to adopt Liquid Glass in the past year, only to have Apple start to walk it back on the very first minor release since launch. This is an admission, and embarrassing.

Alan Dye told us this was the future of all platforms, critical, amazing, and beautiful. And here we are, at 26.1, allowing users to just totally opt-out. They didn’t even make it ONE CALENDAR QUARTER before starting to roll it back. Why would anyone invest in Liquid Glass now?

Marco Arment:

This is significant.

I bet iOS 27 drops this setting and adopts something very much like the right-side version as the new default look.

Evan Freeze:

I was almost thinking the opposite 😅 the presence of this gives them cover to make the default more glass-y like WWDC since people can opt out easily & gracefully

Thomas Clement:

Don’t get too excited about the Tinted option. I think it’s disappointing. This is just a slight change of material, not frost. There’s still distracting glass distortion effects, controls are still changing unexpectedly from light to dark to light when scrolling, etc… It’s still liquid glass.

Mr. Macintosh:

macOS Tahoe 26.1 Beta 4 introduces a new Liquid Glass toggle. You can now choose between clear or tinted.

Can you spot the difference?🤷‍♂️

Dimitri Novikov:

At this point, do we even need these square shapes on the background?

Howard Oakley:

So “tinted” actually means “slightly more opaque with increased contrast”? Just like “Reduce transparency” means “increased contrast”, and “increased contrast” means “lots of outlines”. And does any of them actually make the interface less bleached out?

Ethan J. A. Schoonover:

Liquid Glass out here getting me to consider moving back to desktop linux, good job apple design team

Previously:

Update (2025-10-22): Vidit Bhargava:

I think Apple can do better. I think they can take inspiration from their own pre-iOS 26 “Materials” design language and put them into Liquid Glass.

For Liquid Glass, IMHO Apple should provide a way to pick the type of Liquid Glass, Clear (i.e. the default Liquid Glass), Tinted (with greater blur and a color tint), and Frosted (a new type of material with even greater blur, but also a fun frost texture).

Steven Aquino:

Anyway, the fact the new Liquid Glass in iOS 26.1 Beta 4 is not a true accessibility feature is sensible in the same way the Display Zoom options (also under Display and Brightness) isn’t found in Accessibility. They’re more about personal preference than absolute necessities like, say, the PWM toggle for iPhone 17 models.

[…]

And for those who need the utmost contrast and visual fidelity, they can go into Accessibility and flip on Reduce Transparency to extend the Tinted look even further.

Update (2025-10-24): Adam Engst:

As you can see in the Notification Center screenshot from my previous article, the Tinted version on the right is far more readable. It places a light, opaque background behind notifications and swaps the white text for black. (That’s in Light mode; in Dark mode, they gain a darker background and retain the white text.) However, the Notification Center pane of glass is also lighter, which can make the Flashlight and ChatGPT buttons somewhat less readable than in the default Clear version on the left.

I also took a Clear/Tinted screenshot of a particular photo on my Lock Screen after updating to iOS 26.1b4. The Clear version on the left has so much white in the upper third that “Enter Passcode” and dots are completely invisible, and the 3 is difficult to make out. In contrast, the Tinted version reduces the overall brightness to make everything readable.

Matthias Gansrigler-Hrad:

I think a way that Liquid Glass could be improved is having “aggregate states”. Liquid when there’s movement, and frosted (“solid”) when static.

That way you get the cool effect when you’re scrolling, and legibility is better when you’re not.

Mario Guzmán:

Then it just gets bat shit crazy when you have content flowing behind the sidebar.

To Apple designers who made thins particular change, I promise you no one was getting lost because the UI wasn’t visually stacked this way. I promise you this change wasn’t needed.

XCSSET Is Back

Lawrence Abrams:

Microsoft Threat Intelligence reports that a new variant of the XCSSET macOS malware has been detected in limited attacks, incorporating several new features, including enhanced browser targeting, clipboard hijacking, and improved persistence mechanisms.

XCSSET is a modular macOS malware that acts as an infostealer and cryptocurrency stealer, stealing Notes, cryptocurrency wallets, and browser data from infected devices. The malware spreads by searching for and infecting other Xcode projects found on the device, so that the malware is executed when the project is built.

[…]

The malware also includes new persistence methods, such as creating LaunchDaemon entries that execute a ~/.root payload and create a fake System Settings.app in /tmp to masquerade its activity.

Previously:

Monday, October 20, 2025

AWS Outage

Amazon (Reddit, Hacker News, 2, 3):

We are investigating increased error rates and latencies for multiple AWS services in the US-EAST-1 Region.

I like how, unlike Apple’s status page, you can see a history of outages and updates.

Jess Weatherbed:

A major Amazon Web Services (AWS) outage took down multiple online services for several hours this morning, including Amazon, Alexa, Snapchat, Fortnite, ChatGPT, Epic Games Store, Epic Online Services, and more. Some of the impacted platforms, including Fortnite, Epic Games Store, and Perplexity had announced that they are fully recovered and back online earlier this morning, while others are still having issues.

The AWS dashboard first reported issues affecting the US-EAST-1 Region at 3:11AM ET, and eventually said that “The underlying DNS issue has been fully mitigated.”

I noticed this through problems with Amazon SES, which seemed to continue long after Amazon reported it as fixed. Also, the status page said the outage was confined to Northern Virginia, but I saw reports that other zones were affected, too.

caymanjim:

This is the real problem. Even if you don’t run anything in AWS directly, something you integrate with will. And when us-east-1 is down, it doesn’t matter if those services are in other availability zones. AWS’s own internal services rely heavily on us-east-1, and most third-party services live in us-east-1.

It really is a single point of failure for the majority of the Internet.

Normally, my site and store will failover to using Mailgun, but this ran into two problems:

See also: Dave Mark, Brain Webster, John Gruber, Ryan Jones, Christina Warren.

Previously:

Update (2025-10-21): The cause of my Mailgun problem was, apparently, that they disable your account if you haven’t logged in in a while. After logging into the Web interface, SMTP support was automatically reactivated.

Corey Quinn (via Hacker News):

And so, a quiet suspicion starts to circulate: where have the senior AWS engineers who’ve been to this dance before gone? And the answer increasingly is that they’ve left the building — taking decades of hard-won institutional knowledge about how AWS’s systems work at scale right along with them.

[…]

Once you reach a certain point of scale, there are no simple problems left. What’s more concerning to me is the way it seems AWS has been flailing all day trying to run this one to ground. Suddenly, I’m reminded of something I had tried very hard to forget.

[…]

You can hire a bunch of very smart people who will explain how DNS works at a deep technical level (or you can hire me, who will incorrect you by explaining that it’s a database), but the one thing you can’t hire for is the person who remembers that when DNS starts getting wonky, check that seemingly unrelated system in the corner, because it has historically played a contributing role to some outages of yesteryear.

Axel Le Pennec:

Should we have a fallback to plain StoreKit in case RevenueCat, Superwall or Adapty are down? 🤔

I guess apps that are only using StoreKit weren’t affected by the AWS outage.

Calum Patterson:

A major Amazon Web Services (AWS) outage on October 20 had the unexpected side effect of causing chaos in bedrooms across the US, as owners of Eight Sleep’s $2,000+ ‘Pod’ mattress covers found their smart beds had no offline mode and were stuck at high temperatures and odd positions in the night.

Dave Polaschek:

The outage today reminded me of July 28, 1995, when almost all of Minnesota fell off the Internet.

Update (2025-10-22): See also: Ashley Belanger, Ben Thompson, Matt Stoller.

Update (2025-10-23): Gergely Orosz:

Today, we look into what caused this outage.

Update (2025-10-28): Thomas Claburn:

Signal president Meredith Whittaker called attention to this massive dependency in a thread on the Mastodon social network, explaining how the concentration of power among cloud hyperscalers limits the options of services like Signal in terms of resiliency and network control.

Whittaker said that the concentration of power among cloud hyperscalers (AWS, Google, and Microsoft) is less widely understood than she expected, which bodes poorly for efforts to craft realistic strategies to change this dynamic.

She explained, “The question isn’t ‘why does Signal use AWS?’ It’s to look at the infrastructural requirements of any global, real-time, mass comms platform and ask how it is that we got to a place where there’s no realistic alternative to AWS and the other hyperscalers.”

Tahoe Won’t Unload Network Extensions

Norbert Heger:

Back in our pilot Deletion Impossible, you learned about a bug in macOS 15.3 where dragging an app to the Trash did not reliably uninstall its system extension. Despite macOS promising to “remove the associated system extension,” the extension often stayed behind.

With macOS 26 Tahoe, this problem has reappeared. Once again, moving an app to the Trash does not always remove its embedded system extension, even though the system dialog claims it will. The result: a system extension still running on your Mac long after you thought you had uninstalled the app.

[…]

You can confirm whether an extension is still present by opening a Terminal window and running the following command:

systemextensionsctl list

Little Snitch 3.3 has some improvements, though:

Connections made by an app on behalf of Password AutoFill (typically to fetch website icons) are now attributed to the Password AutoFill helper process instead of the app itself.

Connections from XPC helper processes used by app extensions are now attributed to their corresponding extension.

Previously:

Password Manager Browser Extension Clickjacking

Michael Simon (via Ric Ford):

If you use Firefox on a Mac or PC, Apple offers a handy browser extension that puts your iCloud passwords right at your fingertips without needing to open a separate app. However, a new warning might make you think twice before you use it next time.

As reported by The Hacker News, a new Document Object Model vulnerability has been discovered by security researcher Marek Tóth that could allow attackers to steal users’ credit card details, personal data, and login credentials through so-called clickjacking or UI redressing.

[…]

While some flaws have been patched, several popular password manager extensions are at risk, including 1Password, LastPass, and iCloud. With iCloud Passwords, researchers specifically point to version 3.1.25, which Firefox uses. Chrome uses a newer version, 3.1.27, though it appears as though the flaw still exists.

Ravie Lakshmanan:

To pull off the attack, all a bad actor has to do is create a fake site with an intrusive pop-up, such as a login screen or a cookie consent banner, while embedding an invisible login form such that clicking on the site to close the pop-up causes the credential information to be auto-filled by the password manager and exfiltrated to a remote server.

“All password managers filled credentials not only to the ‘main’ domain, but also to all subdomains,” Tóth explained. “An attacker could easily find XSS or other vulnerabilities and steal the user’s stored credentials with a single click (10 out of 11), including TOTP (9 out of 11). In some scenarios, passkey authentication could also be exploited (8 out of 11).”

I dislike this whole architecture of integrating password managers via browser extensions. I don’t want the page content to be able to fool the extension, and I don’t like the extension being able to read the page content.

Previously:

Update (2025-10-21): Paulo Andrade (Mastodon):

Secrets’ browser extension does not automatically drop down or insert credentials when a login or form field is detected. Instead, it requires the user to explicitly trigger a fill (click its icon, or invoke it via the toolbar or a keyboard shortcut) and select which credential to fill on the main app itself.

Such a “dumb” mode reduces the attack surface, especially for these kinds of UI/overlay, clickjacking, or pointer manipulation attacks. If autofill doesn’t happen automatically, there’s no invisible dropdown to trick. The attacker can’t overlay or capture clicks if nothing is shown by default.

By requiring consent in the main app, Secrets minimizes exposure. You hold back the credential until absolutely necessary. That reduces what malicious scripts on the page could grab.

Meta Allegedly Bypassed App Tracking Transparency

Ben Lovejoy:

A former Meta product manager has claimed that the social network circumvented Apple’s privacy protections, as well as cheating advertisers, and fired him when he repeatedly raised the issue internally.

[…]

It was quickly alleged that Meta was using workarounds to continue to track users who had denied permission, alongside other privacy violations. A class action lawsuit followed.

A fired product manager at the company, Samujjal Purkayastha, has now taken his case to an employment tribunal claiming he was unlawfully dismissed for raising concerns about the practice, reports the Financial Times.

Meta, of course, says this is nonsense and that he wasn’t fired for being a whistleblower. My takeaway continues to be that Apple should not be presenting privacy information to its customers that sounds authoritative but which it has no way to verify or enforce.

Previously:

Friday, October 17, 2025

Swift Profile Recorder

Johannes Weiss and Mitchell Allison (forum):

Swift Profile Recorder, an in-process sampling profiler for Swift services, is now available as an open source project.

[…]

Swift Profile Recorder enables you to:

  • Adopt profiling without extra privileges or system dependencies, allowing you to add profiling across a variety of compute environments with constrained permissions.
  • Collect samples using curl, allowing you to easily read profiler output via an HTTP endpoint without needing to learn specific tooling like perf, sample, DTrace, or eBPF (bpftrace).
  • Integrate with existing tools for visualization and analysis by supporting multiple industry-standard formats, including Linux perf script format, both the pprof file format as well as the /debug/pprof/profile endpoints, and also the collapsed format as used by the original FlameGraphs.

Apple has used Swift Profile Recorder at scale for several years as a tool for operating and debugging Swift services in production. Alongside the recent announcement of swift-parca, the Swift server ecosystem now has multiple profiling tools and approaches.

I’m intrigued by the idea of an app being able to profile itself.

Swift Proposal: Module Selectors for Name Disambiguation

SE-0491 (via Becca Royal-Gordon):

We propose that Swift’s grammar be extended so that, wherever an identifier is written in source code to reference a declaration, it can be prefixed by ModuleName:: to disambiguate which module the declaration is expected to come from. This syntax will provide a way to resolve several types of name ambiguities and conflicts.

[…]

That may sound like a farfetched edge case, but it’s surprisingly common for a module to contain a type with the same name. For instance, the XCTest module includes an XCTest class, which is a base class for XCTestCase and XCTestSuite. To avoid this kind of trouble, developers must be careful to give modules different names from the types inside them—the Observation module, for example, might have been called Observable if it didn’t have a type with that name.

[…]

We could allow a special token, or no token, to be used in place of the module name to force a lookup to start at the top level, but not restrict it to a specific module.

[…]

There is currently no way to add a module selector to a use of a subscript.

End of Support for Windows 10

Fight to Repair:

A coalition of businesses, nonprofits, and elected officials (including Fight To Repair’s parent organization, the Secure Resilient Future Foundation) has formally petitioned Microsoft to extend Windows 10 support, which is currently slated to end on October 14th.

With more than a billion Windows 10 devices operating globally, it is estimated that hundreds of millions fail to meet the minimum hardware requirements needed to upgrade to Windows 11.

Via Scott Larson (via Hacker News):

Microsoft’s design of Windows 11 is a concern because:

  1. Computer manufacturers, due to pressure from Microsoft, are designing new computers with artificial limitations like TPM and Secure Boot. These unnecessary add-ins push consumers to unnecessary hardware upgrades.
  2. In the setup of newly purchased consumer-grade computers, there is obfuscation in the installation language. Many of the default choices are aimed at confusing customers into selecting options that share data with vendors:
    • The process of setting up OneDrive to act as a backup of data. Without consent, the setup of this configuration moves all customers’ data to the cloud service, re-points all the user folders to a cloud-specific OneDrive folder that’s very difficult to revert.
    • The process of selecting a browser is obfuscated by Microsoft’s Edge Browser setup
  3. The AI tool Co-pilot is installed and enabled without consent. Removal is difficult or nonexistent.
  4. The history tracking tool “Recall” that is due to be released, sometime in the future, saves snapshots of your user experience into Microsoft’s OneDrive cloud. It looks great on paper, but in reality, this feature, along with others, will be used to move forward a surveillance state.
  5. Windows 11 prevents the complete uninstall of many of its built-in features. They can be removed from one user account, but they can be reinstalled during an update, or if you upgrade your computer, without your consent.
  6. Microsoft Edge is forced on users as a replacement by obfuscating choice in various ways.

Colin Cornaby:

One of the biggest values of my 2019 Mac Pro has been having a single machine that can run Windows and macOS. With Windows 10 losing support that’s basically the end of Boot Camp. Sort of grumpy Apple never added Windows 11 support.

Intel Macs are on the way out anyway. And I built an Intel Windows box last year. But what an inauspicious end for a killer setup. Can’t even repurpose it as a pure Windows box without hacking the Windows install to bypass the TPM check (which may not work forever.)

Previously:

Thursday, October 16, 2025

How to Turn Liquid Glass Into a Solid Interface

Adam Engst (Hacker News):

Apple’s new Liquid Glass interface design brings transparency and blur effects to all Apple operating systems, but many users find it distracting or difficult to read. Here’s how to control its effects and make your interface more usable. Although the relevant Accessibility settings are quite similar across macOS, iOS, watchOS, and tvOS, I separate them because they offer different levels of utility in each.

[…]

For those who take a lot of screenshots, like I do, Reduce Transparency is essential because it ensures that all screenshots have a consistent background. It would be highly distracting if screenshots had noticeably different colors due to being taken over different wallpapers or windows.

[…]

I find the Increase Contrast setting jarring, but it might be a significant help for those with low vision.

[…]

I can’t recommend turning off Liquid Glass entirely in this way. Although it does make macOS 26 look more like macOS 15, it suffers from several glaring mistakes that Apple has no incentive to fix. Stick to Reduce Transparency and add Increase Contrast if your eyes would appreciate it.

There are lots of good comparison screenshots.

John Gruber:

A useful guide for today — and, I bet, a useful look back at the first versions of Liquid Glass for the future.

Nick Heer:

A notable issue with these settings is that some properties of Liquid Glass are not truly the fault of transparency. Instead, a Liquid Glass element — like Control Centre — might be reflecting the colours around it, giving the impression of translucency without actually being translucent. This effect does not appear in window-specific screenshots when you have “Reduce Transparency” turned on so, as Engst writes, it makes it better for creating screenshots for documentation. But it does mean that, while the “Reduce Transparency” setting is literally true, it feels dishonest.

Rosyna Keller:

Don’t forget you can override and set Reduce Transparency on a per-app basis[…]

Craig Hockenberry:

If you think that turning on Reduce Transparency will fix all the problems with Liquid Glass, you’re wrong.

Here’s a standard bar button item drawn with reduced transparency. It goes from being dark (the system setting) to light the first time you use it.

Howard Oakley:

This still has no effect on controls below the toolbar, and fails to demarcate text entry fields or the list view below.

Mario Guzmán:

Ewww. When you enable reduce transparency in iOS accessibility settings, certain things are just so bad. Look how the back button touches the background border at the bottom now.

Sigh.

Apple really said “you don’t get world out class design if you enable any of the accessibility options.”

Der Teilweise:

It’s almost comical if you think about Apple marketing Liquid Glass to bring “more focus to content” and switch between [on] and [off].

The later one shows more content or the same content bigger in almost all parts of the screen: Look at the calendar in the top left (even the iCal icon shows the more useful “Wed” instead of “Oct”) or the sidebar.

Event the main content gets a few pixels extra space – obscured content behind the sidebar does not count IMHO.

Previously:

Update (2025-10-20): Pierre Igot:

No matter which version of this I am looking at (with or without reduced transparency, with or without increased contrast), I just don’t understand how, intuitively, I am supposed to understand that clicking on any of the three buttons in the top-right corner of the sidebar is going to affect not just the sidebar, but the whole window that the sidebar is a small subsection of.

Liquid Glass Is Cracked

Raluca Budiu (Hacker News):

One of the oldest findings in usability is that anything placed on top of something else becomes harder to see. Yet here we are, in 2025, with Apple proudly obscuring text, icons, and controls by making them transparent and placing them on top of busy backgrounds.

[…]

And then comes Apple’s boldest (or dumbest) experiment: text on top of text.

[…]

In iOS 26, controls insist on animating themselves, whether or not the user benefits. Carousel dots quietly morph into the word Search after a few seconds. Camera buttons jerk slightly when tapped. Tab bars bubble and wiggle when switching views, and buttons briefly pulsate before being replaced with something else entirely. It’s like the interface is shouting “look at me” when it should quietly step aside and let the real star — the content — take the spotlight.

[…]

Apple has also decided it’s time to crowd and shrink touch targets. The long‑standing guideline of at least 0.4cm between targets (and 1cm × 1cm tap areas) seems to have been tossed out the window. Either Apple believes our fingers are getting smaller, or it assumes years of practice with smartphones have magically trained us to hit tiny targets with perfect precision.

[…]

This signals another transition (this time for the worse) to Android-style design, where page titles are left-aligned (instead of center-aligned), thus displacing the breadcrumb next to the back button.

Nick Heer:

However, I found the argument against the more prominent Search button in many apps unconvincing[…]

Me, too. I don’t like that it floats on top of content, but I think people did have trouble discovering it when you had to swipe down. Maybe the placement at the bottom also makes it easier to tap.

What is disappointing is that the hidden search field still exists in a handful of places. Most notably, Music on iOS 26 still has two different kinds of Search: the one you can get to by tapping on the button in the bottom-right, and the locally-scoped one you will find at the top of views like Playlists.

Previously:

Liquid Glass: Content vs. Controls

Adam Engst:

Here’s where I take exception to Liquid Glass, and to Apple’s positioning of content as the most important aspect of our digital devices, and thus of our digital lives. Yes, many people are largely passive consumers of content, whether we’re talking about Web pages, podcasts, or streaming videos. For those people, there is little beyond content, and Liquid Glass’s deprecation of controls may allow them to continue their consumption with less distraction. But that’s not a lifestyle to aspire to, reminiscent as it is of the humans in WALL-E—perpetually reclined in floating chairs, mindlessly consuming entertainment.

[…]

But there’s an important point to make here: controls are not tools. Controls allow you to adjust settings—change channels, select colors, pause playback, and more. Tools enable you to create, modify, delete, or give a performance. It’s the difference between a volume knob and a violin.

[…]

So, no, I don’t want tools that “give way to content” or “shrink to bring focus to the content.” When I’m cooking, I want my knives, spatulas, measuring spoons, and the like exactly where they belong, so they’re instantly at hand.

Nick Heer:

Engst pointedly differentiates “productivity apps — real tools” from apps permitting a more passive consumption of media. It may make more sense for controls to fade away in something like a media player. In most of the apps I use every day, however, I want to have obvious and immediate access to the tools I need.

Here is another cooking analogy: a minimum requirement, for me, for a stove is for it to be equipped with physical knobs. I do not want to be hunting for the magic capacitive spot or pressing a +/– toggle to change a burner’s setting. The latter options seem more elegant; they give the impression of refinement. But they are less effective for the same job because they do not allow for real-world practicality.

Nick Heer:

Apple justifies these decisions by saying its redesigned interfaces are “bringing greater focus to content”. I do not accept that explanation. Instead of placing tools in a distinct and separated area, they bleed into your document, thus gaining a similar level of importance as the document itself. I have nothing beyond my own experience to back this up. Perhaps Apple has user studies suggesting something different; if it does, I think it should publicly document its research. But, in my experience, the more the interface blends with what I am looking at, the less capable I am of ignoring it. Clarity and structure are sacrificed for the illusion of simplicity offered by a monochromatic haze of an interface.

Jeff Johnson (Mastodon):

A customer recently contacted me to report that the “Show native video controls” feature makes videos darker on macOS Tahoe, and I was able to reproduce the issue myself. At first I believed that the phenomenon was some kind of Liquid Glass nonsense, because I couldn’t reproduce it on macOS Sequoia. On further testing, however, I noticed that the darkening of videos also occurs on iOS 18, which my iPhone still runs (for as long as I can hold out). Indeed, the darkening of videos has nothing in particular to do with StopTheMadness Pro and occurs even when the extension is disabled entirely. Safari itself darkens videos on iOS 18, iOS 26, and now macOS 26 when its native video controls are displayed.

[…]

Seriously, why??? I thought Liquid Glass was supposed to “bring greater focus to content”? Darkening videos brings less focus to content!

Previously:

Update (2025-10-21): Colin Cornaby:

If seeing content is so important I don’t know why Apple insists on adding corners to it. (This is the system video miniplayer which has no reason to have any rounded corners at all.)

Update (2025-11-12): Jeff Johnson:

A couple of months ago I blogged about how Safari darkens videos on macOS Tahoe. I’ve now discovered how to disable this change! For better or worse, Safari does not appear to allow CSS styling of its native video controls, so the custom CSS feature of my Safari extension StopTheMadness Pro is of no help here. However, it turns out that Safari has a built-in flag that you can disable in its hidden Debug menu.

[…]

The flag you’re looking for is called “Hosted blur material in media controls” in the “WebKit Internal Features” submenu of the Safari Debug menu.

Tahoe Window Corners

Mario Guzmán:

I can’t stop laughing at how comically large the corner radii are on #macOSTahoe windows. Clownish.

Dominik Wagner:

Preview? These are white, A4 PDF pages, they don’t have round corners. We are not on battlestar galactica. I need my pdf preview to show me my paper as it is, not with different rounded corners based on my zoom factor 😡

Marcin Krzyzanowski:

after I upgraded to macOS26 literally the only thing that annoys me the most is hikarious windows curvature. no content really fits in.

Rui Carmo:

I can see four five different sizes of window corner radius on my Mac desktop. The overall visual design for menus and dialogs is still a joke, and is so badly executed that Apple should be ashamed of shipping it.

See also: Rob Jonson.

Nick Heer:

Perhaps I am taking this too literally. Then again, Apple is the one saying application windows are no longer “configured for rectangular displays”, and that they now fit the “rounded corners of modern hardware”. Regardless of the justification, I quite like the roundness of these windows. Perhaps it is simply the newness, but they make applications seem friendlier and softer. I understand why they are controversial; the large radius severely restricts what can be present in the corners, thus lowering the information density of an application window. It seems Apple agrees it is more appropriate in some apps than in others — app windows in System Information and Terminal have a much smaller corner radius.

[…]

Even on a device with four rounded display corners, this dedication to concentricity is not always executed correctly. My iPhone 15 Pro, for example, has corners with a slightly smaller radius than an iPhone 16 Pro. The bottom corners of the share sheet on my device are cramped, nearly touching the edge of the display at their apex.

[…]

Then there are the issues caused by this dedication to concentricity. Look again at that Finder window screenshot above and pay attention to the buttons in the toolbar. In particular, notice how the icon in the item grouping button — the solitary one between the view switcher, and the group that includes the sharing button — looks like it is touching the rounded edge.

Previously:

Update (2025-11-12): John Gruber:

But my main MacBook Pro is still running MacOS 15 Sequoia — not because of any compatibility issues, but simply because I think the Tahoe user interface is goofy looking. I’ll probably bite the bullet and upgrade when 26.2 comes out next month, but for now, I’m luxuriating with a MacOS UI with well-crafted app icons and windows that don’t have Fisher-Price-style corner radiuses.

On Liquid Glass

Nick Heer (Mastodon):

I do not think all these effects necessarily help legibility, which is as poor as it has ever been in translucent areas. The degree to which this is noticeable is dependent on the platform. In iOS 26, I find it less distracting, I think largely because it exists in the context of a single window at a time (picture-in-picture video being the sole exception). That means there is no expectation of overlapping active and inactive windows and, so, no chance that something overlapping within a window’s area could be confused with a different window overlapping.

[…]

Though these animations are not nearly as fluid as they were first shown, they seem like they help justify the “liquid” part of the name, and are something Apple has enough pride in to be called out in the press release. Their almost complete absence on MacOS is therefore notable. There are a handful of places they appear, like in Spotlight, but MacOS feels less committed to Liquid Glass as a result. When menus are summoned, they simply appear without any dramatic animation. Buttons and menus do not have the stretchy behaviour of their iOS counterparts. To be sure, I am confident those animations in MacOS would become tiresome in a matter of minutes. But, so, if MacOS is better for being less consistent with iOS in this regard, that seems to me like a good argument against forcing cross-platform user interface unification.

[…]

I am spending an awful lot of words on the MacOS version because I think it is the least successful of the two Liquid Glass implementations I have used. MacOS still works a lot like MacOS. But it looks and feels like someone dictated, context-free, that it needed to reflect the redesign of iOS.

[…]

I kept asking myself “why?” as I used iOS 26 and MacOS 26 this summer. I wanted to understand the rationale for a complete makeover across Apple’s entire line of products. What was the imperative for unifying the systems’ visual interface design language? Why this, specifically?

[…]

These new operating systems do not feel like they are achieving that level of consistency despite being nominally more consistent across a half-dozen platforms. MacOS has received perhaps the most substantial visual changes, yet it is full of workarounds and exceptions. The changes made to iOS feel surface-level and clash with the visual language established since iOS 7. I am hopeful for the evolution of these ideas into something more cohesive. Most software is a work-in-progress, and the user interface is no exception. But all I can reflect upon is what is before me today. Quite simply, not only is it not ready, I am concerned about what it implies about Apple’s standards.

Eric Schwarz:

This is one of those posts that I recommend taking some time (perhaps cozy up with a coffee?) and simply enjoying the thoughtful analysis provided.

[…]

I’ve upgraded all of my devices, with the sole exception being my Mac at work. I’ll get around to it, but waiting for a lull. For the most part, everything works about the same and there isn’t a jarring change from when I’m at my desk at work and my desk at home. Contrast that with someone adapting from Windows 10 to Windows 11 across devices, as many interface elements work differently. Yes, there are visually differences between macOS 15 and macOS 26, and I think the changes to macOS 26 are my least favorite of all the updates. I’ve grown to actually enjoy the iOS/iPadOS 26 changes, especially the added depth in icons and buttons and little animations to make the entire operating system feel more fluid—it’s interesting and a bit of a shift away from the minimalism trend that we’ve had over the past decade and change.

Adam Engst:

I highly recommend reading Heer’s extensively documented criticisms of Liquid Glass. He offers numerous examples of what he likes and doesn’t like about Liquid Glass, though there is much more of the latter, leading to this delicious line, “I could keep going with my nitpicks, so I shall.” Nevertheless, it’s essential to acknowledge that Liquid Glass is here to stay, while also offering constructive criticism that can help push Apple to improve the user experience.

[…]

I’m also intrigued by Heer’s idea that Liquid Glass might signal a broader “Apple OS” branding, since I’ve been using OS as a shorthand for Apple’s stable of operating systems for some time now.

Nick Heer:

Twenty-five years after alpha channels began appearing in our user interfaces, I think many of us have taken for granted the soft shadows and smooth corners enabled by translucent pixels. Back then, there were plenty of people who were worried about the performance impact of all these effects, just as there are now about Liquid Glass.

Nick Heer:

This try-hard justification made me think of Johnson’s post. It is over a thousand words and I do not believe I view these icons differently after finishing it. The new icons are fine — very Microsoft, in that the company has produced some spectacular-looking 3D renders and illustrations completely unrelated to the actual icons I will be seeing on my desktop when this update is released.

Previously:

Shipping Liquid Glass

Jason Kottke:

I’m usually pretty go-with-the-flow as far as OS updates go, but iOS 26 / Liquid Glass is terrible: incoherent, ugly, and difficult to use. Obviously a massive design effort, but they missed the mark IMO.

Juli Clover:

It’s been two days since iOS 26 was released, and Apple’s new Liquid Glass design is even more divisive than expected.

Any major design change can create controversy as people get used to the new look, but the MacRumors forums, Reddit, Apple Support Communities, and social media sites seem to feature more criticism than praise as people discuss the update.

Craig Hockenberry:

Here’s my guess what happened in the lead up to WWDC25:

Apple realized it was deep in the weeds with Apple Intelligence (and associated PR) and needed a tentpole feature that wasn’t AI.

Liquid Glass was in development for some upcoming edgeless hardware. It needed another year of work, but management/marketing was fucked.

A thing that wasn’t ready got moved up. Bug fixing took a back seat. Everyone grabbed paint brushes, not screwdrivers.

The next year is going to be rough for EVERYONE.

Steve Troughton-Smith:

My review of Liquid Glass: generally, I love it.

It’s gorgeous on the right device in the right circumstances. iPadOS, in particular, on a large screen in windowing mode is, by far, my favorite.

But it also has a ton of problems with real-world content that weren’t fully accounted for in concepts before announcement, which has lead to a pile of fixes and hacks to try to make it work for all the edge cases. It’s this which brings the majority of bugs and major issues into all areas of the UI.

DaveyGravy:

What is the design thinking here for displaying the time over my wallpaper? Letting the wallpaper bleed through in this way makes it hard to see and in no way pleasant.

What is going on here exactly?

Also, what effect is the highlighting/shading meant to be achieving? I don’t see it - if it is a layer of something liquid I don’t feel it works at a basic level. What am I missing?

Norbert Heger:

Liquid Glass now also ruins screenshots under some circumstances. Compare the left margin of these two screenshots, which just include a slightly different portion of the sidebar.

Matt Gemmell:

I’ll say this for the macOS Liquid Arse update: the Finder windows are nicer to look at. Somehow they have more contrast rather than less. And coloured folders again; what a time to be alive and trapped in a Kaleidoscope theme.

Jeff Johnson:

Liquid Glass is not an aberration. It’s continuation of everything Apple has been getting wrong about UI for more than a decade.

Apple was never perfect, but they used to get things right more often than anyone else, and right or wrong they sweated over the details.

Louie Mantia:

Liquid Glass is perhaps the most getting-in-the-way user interface I’ve experienced in my lifetime. It never shuts up. It’s constantly vying for attention. Because it’s constantly animating, it never lets the content be the focus.

I don’t think I realized until now that UI could be so narcissistic.

Jesse Grosjean:

Are any of Apple’s larger productivity apps updated for Liquid Glass yet? Pages doesn’t seem to be.

Mario Guzmán:

I’ve been wondering when iLife, iWork, and Pro Apps are going to be released with Liquid Glass updates.

Or are they unable to ship something… suitable with the new design language? 🤭

Steve Troughton-Smith:

The Pro apps shipped with the new SDK, but they’ve opted out of the design language…

Mindaugas Rudokas:

Cultured Code’s Things says “no thank you” to the Liquid Glass’ sidebar and toolbar style.

Brent Simmons:

We’re hearing from folks eager for the Liquid Glass update to NetNewsWire. The bad news is that it’s not coming this week or next (who knows when, really) — but the good news is that it is very much in progress.

[…]

If you’d like a sneak peak of what NetNewsWire 7 will look like, check out these posts [1, 2] by Stuart Breckenridge, who’s done great work on our Liquid Glass adoption[…]

MacStories:

Today, we wanted to share some of our favorite implementations of Liquid Glass and other features debuted this fall by indie developers.

Pasi Salenius:

As far as I can tell all major iOS apps such as WhatsApp, Telegram and Spotify just enabled the compatibility Info.plist flag for Xcode 26 and went on with their life.

While indie devs sweated all summer trying to make Liquid Glass UI work in their apps, telling themselves they “need to be ready on day one”. The iOS dev echo chamber repeated this message to death.

I don’t think the general public cares one bit. Nobody gives a 5 star review because an app supports the new iOS UI. Nobody buys an app because of that.

Adam Whitcroft:

I think it’s sad we can’t make macOS icons like this anymore.

Sebastiaan de With:

I have seen very little grief for this but the sadness is very real. It’s the end of a really special era.

Louie Mantia:

So here’s my question: a lot of these things were pointed out for months—and besides how I don’t think Apple should be outsourcing bug reporting to the rest of us—do they just not have a good QA team anymore? Or is it just that they don’t care about the bugs they ship anymore?

JuniperPhoton:

Instead of spending the whole summer reworking my apps’ designs, I recently adopted the new design in some of my apps while maintaining the same look on older platforms. I’ve learned a few lessons and pitfalls along the way that might help.

Howard Oakley:

Even a few minutes exposure to a screenful of macOS Tahoe’s windows demonstrates how its new design goes out of its way to ignore those essential insights, and present us with controls that are either bleached- or blacked-out depending on our choice of appearance mode.

In light mode, with default transparency, tool icons and text are clearly distinguished tonally, as are some controls including buttons and checkboxes. However, text entry fields are indistinguishable from the background, and there’s a general lack of demarcation, particularly between the controls and the list view below.

Oddly, dark mode outlines some controls better than light mode, but text entry fields and the list view below still lack demarcation.

Mario Guzmán:

The inconsistency of Apple Music’s toolbar in #macOSTahoe is annoying. Sometimes you get the blur, sometimes you get the solid toolbar, and other times you get nothing.

Chris Pirillo:

Ȩ̵̣̹̗̥̳̩͇͌̎̀̋̄̈́͌̚͜͠n̵̢̢̧̛̦̫̘̜̞̻͍̫̆̐̀̐̃j̷̢̢̨̦͔̲͓̻̬͕̼̥̲͎̏̒̈́͐̈̓́ȫ̶̦͎y̴͍͐̉̌̒ ̷̢̛̤̖̺͓͉͓͔̜̥̑̅͐̈́͑̒̈́͐̌̚͝ͅḀ̴̡̘̝̊̈́̐̎̈́͒̊̅p̸̬̮͇̘̞̣̣̤̹͚̪͍̤̰͋̽͌̄̆̆̎̈́̑̍̈́́̌͘͜͠p̴͎̼͖̥͈̞̼͊̓̈́̿͗̂̾̌̚l̸̢̨͔͕̦͉͖͓͕̦̰̠̝̾e̴̙̹͛͑̊͌̅̓͒̏͛̀̊̓̕'̴̛͇̫̙͋̓͑͐͌̂͜ͅś̵̡̺̬͇̠̺͎͗ ̵̟̭̠̦̺͎̯̪̪͎͔̩̜̺͛̆͊̈́̓̏́̀͑̏͒͘̚͝N̸̺̟̳̙̝̺̪͉͋̈́͐̃̑͋̓̂̅̾ͅe̷̩͑̑w̶̗̫̱̥͓̳͌̾̿̅̾̌̊̅̕ͅ ̶̢̧̼̘̼͆̏̐̈́͝M̶̢̻̘̻̱͚͙̭̚5̷̡̛͔͇̭͚̯̞̪̍́͋̀̀̈́͋̏͑͛͆͘͝!̷̥̭̠̗͋̂͐̓͑͋͆͑̐̇

Jeff Johnson:

The debate over Liquid Glass needs to be put into context. It’s not just an isolated incident. Apple has been systematically wrecking the Mac UI for many years: System Settings, Big Sur, Catalyst, etc. To evaluate Liquid Glass “on its own merits” is to ignore history.

Any theory you formulate that Apple has some unstated “good” reasons for its UI choices now has to account for ALL of the data, i.e., the historical data, the history of obviously bad UI choices.

Steve Troughton-Smith:

Statistically, nobody cares about Liquid Glass. There has been no user revolt, no viral TikToks, no nothing. Nobody’s even complaining about the Music app. On the flipside, nobody is proclaiming its virtues, either. It just kinda… is, and everybody is moving on with their lives.

The only thing anybody seems to care about is transparent & tinted icons — which a certain kind of person seems to love

Previously:

Update (2025-10-17): JF Martin:

I started working on this website after Apple’s WWDC conference in early July with the following goals in mind.

  1. Demonstrate that the beta cycle that follows the initial release at the WWDC conference doesn’t bring substantial improvements.

  2. Demonstrate that Liquid Glass is a serious regression and that it will not age well over time.

  3. Apple painted itself in the corner with Liquid Glass and the desire for UI-unification across its platforms.

Lots of screenshots and videos.

Update (2025-10-20): Pierre Igot:

How these sliders are supposed to be perceived as not disabled and actually clickable, I simply do not know. It goes against all my intuitions and decades of experience using a Mac.

Update (2025-11-07): Juli Clover:

Apple is promoting the new Liquid Glass design in iOS 26, showing off the ways that third-party developers are embracing the aesthetic in their apps. On its developer website, Apple is featuring a visual gallery that demonstrates how “teams of all sizes” are creating Liquid Glass experiences.

Update (2025-11-14): Mario Guzmán:

I do not like the standard controls in #macOSTahoe. Why are they gray now instead of a brighter color? They look f’n disabled.

There is no consistency because some things are so pronounced (like the selected iCloud toolbar button) white other actual, enabled buttons are so de-emphasized they look disabled.

Wednesday, October 15, 2025

MacBook Pro (M5, 2025)

Apple (Hacker News, MacRumors, Slashdot):

With M5, the 14-inch MacBook Pro gets even faster, more capable, and delivers a huge leap in AI performance.

[…]

Additionally, it offers phenomenal battery life of up to 24 hours, so users can take their pro workflows anywhere. With the latest storage technology, the new 14-inch MacBook Pro with M5 brings faster SSD performance than the previous generation for tasks like importing RAW image files or exporting large videos.

[…]

Altogether, the 14-inch MacBook Pro with M5 delivers an industry-leading combination of capabilities for the same starting price of $1,599 — making it an even better value and upgrade for current and new Mac users.

[…]

Up to 2.1x faster build performance when compiling code in Xcode when compared to the 13‑inch MacBook Pro with M1, and up to 1.2x faster than the 14-inch MacBook Pro with M4.

Andrew Cunningham:

But unlike the last couple MacBook Pro refreshes, Apple isn’t ready with Pro and Max versions of the M5 for higher-end 14-inch MacBook Pros and 16-inch MacBook Pros. Those models will continue to use the M4 Pro and M4 Max for now, and we probably shouldn’t expect an update for them until sometime next year.

[…]

Aside from the M5, the 14-inch M5 MacBook Pro has essentially identical specs to the outgoing M4 version. It has a notched 14-inch screen with ProMotion support and a 3024×1964 resolution, three USB-C/Thunderbolt 4 ports, an HDMI port, an SD card slot, and a 12 MP Center Stage webcam. It still weighs 3.4 pounds, and Apple still estimates the battery should last for “up to 16 hours” of wireless web browsing and up to 24 hours of video streaming. The main internal difference is an option for a 4TB storage upgrade, which will run you $1,200 if you’re upgrading from the base 512GB SSD.

John Voorhees:

Although I’m impatient to see what an M5 Pro and M5 Max MacBook Pro are capable of, and I’m dying to see a Mac Studio configured with the M5 generation of chips, I’m glad Apple didn’t wait to release the M5 in the 14” MacBook Pro. If the chip is ready, why not?

Marcin Krzyzanowski:

MacBook Pro M5 comes without a charger in the Europe (not eu), and with a charger in the US. for the same base price 🤡

Tobi:

EU requires that buyers have the option to buy products without a charging brick. Apple just decided to remove it entirely to fulfill that requirement.

Rosyna Keller:

The new iPad gets the N1 but the MBP is stuck with Bluetooth 5.x?!

Previously:

Update (2025-10-16): John Gruber (Mastodon):

The base 14-inch model, with the no-adjective M-series chip, is for people who probably would be better served with a MacBook Air but who wrongly believe they “need” a laptop with “Pro” in its name.

These days, I think the base MacBook Pro seems less like an odd duck and more like a natural fit between the MacBook Air and the MacBook Pro with the Pro processor. Compared with the MacBook Air, you get a larger and better display, longer battery life, more ports, an SD card slot, better sound, HDMI. If you need one or more of these things, but don’t need more RAM or CPU cores, you can save $400.

Here’s a timeline of no-adjective M-series chips and when they appeared in the 14-inch MacBook Pro[…]

Update (2025-10-17): Nick Heer:

In Ireland, the MacBook Pro used to start at €1,949; it now starts at €1,849; in France, it was €1,899, and it is now €1,799. As mentioned, the adapter is €65, making these new Macs €35 less with a comparable configuration. The same is true in each Euro-currency country I checked: Germany, Italy, and Spain all received a €100 price cut if you do not want an A.C. adapter, and a €35 price cut if you do.

[…]

Countries with a charger in the box, on the other hand, see no such price adjustment, at least for the ones I have checked. The new M5 model starts at the same price as the M4 it replaces in Canada, Japan, Singapore, and the United States.

[…]

Maybe Apple was already planning a €100 price cut for these new models. The M4 was €100 less expensive than the M3 it replaced, for example, so it is plausible. That is something we simply cannot know. What we do know for certain is that these new MacBook Pros might not come with an A.C. adapter, but even if someone adds one at checkout, it still costs less in most places with this option.

Hartley Charlton:

Apple’s decision to remove the charger entirely from the EU boxes therefore goes beyond what the law requires. The company could, for example, offer customers the option to include a charger at checkout for no additional cost, as long as it also sells a version without one. The lack of charger in the UK is even more unnecessary, since it is not part of the European Union.

The move to charge separately for adapters is therefore a business choice by Apple, not a legal necessity. The company’s approach simplifies logistics and packaging, avoiding the need for separate SKUs in Europe, but it also shifts the cost to customers who do not already own a compatible charger.

Joe Rossignol:

Based on a single unconfirmed result uploaded to the Geekbench 6 database today, the M5 chip has pulled off an impressive feat. Specifically, the chip achieved a score of 4,263 for single-core CPU performance, which is the highest single-core score that has ever been recorded in the Geekbench 6 database for any Mac or PC processor.

Update (2025-10-20): John Gruber (Mastodon):

In my defense, I did say “probably” in my post. My understanding is that the base MacBook Pro is a huge seller for Apple. So of course some very well-informed users are buying them for good reasons. But I really do think an awful lot of base MacBook Pro buyers are spending an extra $600 and carrying 0.7 pounds of extra weight for features they don’t actually notice or care about. They just think they need a “pro” laptop, and underestimate just how incredibly capable MacBook Airs are.

It probably goes the other way, too. Once you get all the advantages of the base MacBook Pro over the Air, how many people really need the Pro or Max processor? The regular M4/M5 is really good. Before Apple Silicon, I had typically bought the fastest or second-fastest processor, but since then I’ve been getting the Pro instead of the Max and haven’t regretted it.

Update (2025-10-21): John Gruber (Mastodon):

I wondered why the U.K. — which left the EU five years ago — was affected. DF reader C.A. wrote, via email[…] Something similar (the EEA) is the reason why the power adapter isn’t in the box for Norway, either — a country that has never been part of the EU.

John Gruber (Mastodon):

The fact that the new M5 MacBook Pro costs less than the M4 models, even when paying extra to include a new power adapter, leads me to suspect that Apple was planning price cuts in these countries regardless.

[…]

The problem I see with the MacBook power adapter situation in Europe is that while power users — like the sort of people who read Daring Fireball and Pixel Envy — will have no problem buying exactly the sort of power adapter they want, or simply re-using a good one they already own, normal users have no idea what makes a “good” power adapter. I suspect there are going to be a lot of Europeans who buy a new M5 MacBook Pro and wind up charging it with inexpensive low-watt power adapters meant for things like phones, and wind up with a shitty, slow charging experience.

Jason Snell:

The biggest disappointment is probably wireless connectivity. The MacBook Pro still doesn’t support Wi-Fi 7 or Bluetooth 6 (it’s Wi-Fi 6E and Bluetooth 5.3). We all know that Apple doesn’t always rush to support new connectivity standards, but in this case, Apple is supporting those standards—on the iPhone and iPad, but not the Mac. Apple is justifiably proud of its new N1 chip, which provides that connectivity to those other products—and yet it’s apparently going to be another product cycle where Macs are lagging behind.

I’d be remiss if I didn’t also mention the fact that we’re now entering another Mac release cycle with no cellular option on Apple’s laptops. This has been a perplexing omission for years—tethering to a phone is not a cure-all, and Apple’s been offering cellular iPads since the very beginning. But it’s now officially extra baffling, because Apple is shipping its very own C1 and C1X chips in iPhones and iPads. Apple now makes its own cellular radios, but still refuses to put them in Macs. If not now, when?

Update (2025-10-22): Joe Rossignol:

The first reviews of the 14-inch MacBook Pro with the M5 chip have been shared by selected publications and YouTube channels, ahead of the device launching this Wednesday.

Max Weinbach:

With this generation and M5, I think it’s one of the larger changes in recent history for Apple Silicon! Let’s talk about it in 3 parts: CPU, GPU, and cache!

Juli Clover:

On Geekbench 6 tests, the M5 MacBook Pro earned a single-core score of 4220 and a multi-core score of 16781, while the M4 MacBook Pro earned a single-core score of 3834 and a multi-core score of 15453. Apple says that M5 CPU speeds are up to 15 percent faster than M4 speeds.

As for the GPU, the M5 earned an OpenCL score of 48101 and a Metal score of 75536, while the M4 earned a score of 38023 and a Metal Score of 57822. Apple says that GPU speeds are up to 30 percent faster.

SSD speeds have also improved, and Apple says it's up to 2x faster. That proved to be correct in our Blackmagic disk speed tests.

Update (2025-10-30): Carsten Frauenheim and Elizabeth Chamberlain:

An “important information” tooltip says, “The Top Case replacement part includes a battery. In the future, a battery replacement part will be available.” But for now, this tedious and insanely expensive process is the only offering they make for changing out a dead battery.

[…]

The good news? For the first time in a MacBook Pro, you don’t have to remove the trackpad to access the pull tabs that release the central battery cells. It’s a sign of some of the same sort of improvements we were excited to see in the iPhone 17 Air design, prioritizing access to components that will need to be replaced first.

Via Nick Heer:

I hate to be that guy, but the battery for a mid-2007 15-inch MacBook Pro used to cost around $150 (about $220 inflation-adjusted) and could be swapped with two fingers. The official DIY solution for replacing the one in my M1 MacBook Pro is over $700, though there is a $124 credit for returning the replaced part. The old battery was, of course, a little bit worse: 60 watt-hours compared to 70 watt-hours in the one I am writing this with. I do not even mind the built-in-ness of this battery. But it should not cost an extra $500 and require swapping the rest of the top case parts.

iPad Pro (M5, 8th Generation)

Apple (Hacker News, MacRumors, MacStories):

M5 unlocks the most advanced iPad experience ever, packing an incredible amount of power and AI performance into the ultraportable design of iPad Pro.

[…]

N1, the new Apple-designed wireless networking chip, enables the latest generation of wireless technologies with support for Wi-Fi 7 on iPad Pro. The C1X modem comes to cellular models of iPad Pro, delivering up to 50 percent faster cellular data performance than its predecessor with even greater efficiency, allowing users to do more on the go. Available in space black and silver, iPad Pro comes in 11-inch and 13-inch sizes, and features the Ultra Retina XDR display for an unparalleled viewing experience.

Dan Moren:

Other than the new processor and networking chips, the specs of the M5 iPad Pro remain largely identical to its predecessor, including its accessory support, physical dimensions and weight, color options (space black and silver, naturally), and 10-hour battery life for surfing the web on Wi-Fi or watching video. The M5 model, however, does support fast charging of up to 50 percent in 30 minutes with Apple’s 40W Dynamic Power Adapter with 60W Max or other compatible adapter.

Ryan Christoffel:

This year, it’s a similar story in terms of differentiated models, but Apple is actually disclosing all the details of the M5 iPad Pro SKUs up front.

[…]

As you can see, the two lower-tier storage options include only 12GB of memory and 9-core CPUs.

But if you go with a 1TB model or higher, you get a full 16GB of memory and 10-core CPU.

One other detail worth noting: just like on the M4, you can only order a nano-texture M5 iPad Pro if you opt for a 1TB version or higher.

Matt Birchler:

I couldn’t help but be struck by the hero image Apple used in their M5 iPad Pro announcement. In several ways, it laughs in the face of core tenets of the traditional iPad experience.

  1. It’s explicitly sold as a device you will use in a laptop form factor.
  2. Touch input may be implied, but the use case they’re demonstrating is keyboard and mouse.
  3. There are many windows.
  4. Those windows are overlapping each other.
  5. Several windows clip off the screen.

BasicAppleGuy:

Looks like Apple has removed the “iPad Pro” branding from the back of the iPads which appeared in 2022 with the M2 iPad Pro.

Previously:

Update (2025-10-22): Joe Rossignol:

The first reviews of the iPad Pro with the M5 chip have been shared by selected publications and YouTube channels, ahead of the device launching this Wednesday.

Jason Snell:

I did my testing across two days on AT&T’s 5G network, and while speeds were all over the place, on average, the M5 iPad Pro was a little slower at download and a whole lot faster at upload. Obviously, your mileage will vary depending on your carrier and geography. It’s certainly a viable chip, and that 6.8× improvement in upstream speed was especially surprising.

I do have to commend the little guy for actually getting a single bar of Verizon, something that no plumber or HVAC installer has ever managed at my house. It managed to download data at 30Mbps, though it could barely upload anything. Still, the fact that it managed to connect at all is pretty inspiring.

Apple’s N1 chip offers Bluetooth and Wi-Fi connectivity, including Wi-Fi 7. I tested the M4 and M5 iPads on my local Wi-Fi 7 network, and it went pretty much as you might expect: the M4, which only supports Wi-Fi 6E, lagged behind the M5 with its pure Wi-Fi 7 power.

[…]

There’s certainly more work to be done on iPadOS. But when I take the M5 iPad Pro out for a spin, powered by iPadOS 26, I am reminded that all my angst about the iPad’s hardware outpacing its operating system is beginning to fade away. The hardware is still amazing, to be sure, but it does feel like the operating system loves it back. […] I don’t know where this is all headed, but between iPadOS 26 and the M5 iPad Pro, it feels like the iPad Pro has finally fulfilled the promise it showed a decade ago.

Federico Viticci:

How do you review an iPad Pro that’s visually identical to its predecessor and marginally improves upon its performance with a spec bump and some new wireless radios?

[…]

Unfortunately, while Apple’s claims sound enticing, and the Neural Accelerators should improve AI tasks on a variety of fronts, such as token generation per second and prefill time (for time-to-first-token evaluations), these improvements have little to no practical use on an iPad Pro compared to a Mac right now. And it all comes down to the fact that, despite better multitasking and other features in iPadOS 26, there isn’t a strong app ecosystem to take advantage of local LLMs on iPad, beginning with Apple’s own models.

[…]

Naturally, I wanted to test these models myself and see if I would have any practical use cases for them with my iPad Pro workflow. But I immediately ran into a series of problems, for which only Apple is to blame[…]

[…]

The multitasking and windowing experience of the M5 iPad Pro is essentially the same as the M4, despite the improvements to the new chip and faster memory. I’m not ready to say that Apple has hit a performance wall with their new iPadOS windowing engine already, but at the same time, I’m not sure why Macs with 16 GB of RAM and much older chipsets could keep a lot more windows open at once back in the day.

Nick Heer:

Viticci’s frustration with the state of A.I. models on the iPad Pro is palpable. Ideally and hopefully, it is a future-friendly system, but that is not usually the promise of Apple’s products. It usually likes to tell a complete story with the potential for sequels. To get even a glimpse of what that story looks like, Viticci had to go to great lengths, as documented in his review.

Apple Vision Pro (M5, 2025)

Apple (Hacker News, MacStories):

Apple today introduced Apple Vision Pro with the powerful M5 chip that delivers a leap forward in performance, improved display rendering, faster AI-powered workflows, and extended battery life. The upgraded Vision Pro also comes with the soft, cushioned Dual Knit Band to help users achieve an even more comfortable fit, and visionOS 26, which unlocks innovative spatial experiences, including widgets, new Personas, an interactive Jupiter Environment, and new Apple Intelligence features with support for additional languages. There are over 1 million apps and thousands of games on the App Store, hundreds of 3D movies on the Apple TV app, and all-new series and films in Apple Immersive with a selection of live NBA games coming soon.

Victoria Song:

But aside from the chip upgrade, nothing about the Vision Pro’s design has changed. Instead, Apple’s press release claims that the M5 chip will bring faster processing and more detailed image rendering. Specifically, the M5 renders 10 percent more pixels on the OLED displays and can increase refresh rates up to 120Hz. Previously it maxed out at 100Hz. As for processing, AI-powered features like a Persona or spatial photos are up to 50 percent faster. Battery life is also improved by about 30 minutes, up to 2.5 hours of general use and three hours of video playback.

Dan Moren:

Those hoping for a price change will be disappointed: it still starts at $3,499 with storage tiers in 256GB, 512GB, and 1TB at the same prices as before. In addition to the new Dual Knit Band, it includes the same Light Seal, pair of Light Seal Cushions, cover, polishing cloth, battery, and USB-C cable. However it also includes Apple’s recently announced 40W Dynamic Power Adapter with 60W Max, though it seems like an expensive way to get that if you want it.

Joe Rossignol:

The new Dual Knit Band comes in small, medium, and large sizes. It is available to purchase separately for $99, and it is compatible with the previous-generation Vision Pro. You can find your preferred size by using the Apple Store app on the iPhone.

Apple says the Dual Knit Band features two straps knitted into a single piece. The upper strap goes across the top of the head, and the lower strap goes across the back of the head. The lower strap has tungsten inserts that provide a counterweight for additional comfort, balance, and stability. You can adjust the fit of both of the straps with the Fit Dial.

Another new accessory is the Logitech Muse spatial stylus, and Apple will begin selling the PlayStation VR2 Sense controller starting Tuesday, November 11.

Federico Viticci:

They literally did an official version of the custom "dual-knit" accessory for the Vision Pro from Etsy last year!

Mark Gurman:

The M5 Vision Pro is advertised as quite a bit heavier than the M2 Vision Pro -- Likely because of the new strap (which is clearly heavier but solves the comfort problem).

Jeff Johnson:

0.3% of Vision Pro apps are built for visionOS. And this is Apple’s own marketing!

Steve Troughton-Smith:

Vision Pro is rapidly coming on 2 years old now and Apple still hasn’t ported Pages or Numbers to it, and half the built-in apps on the OS are emulated iPad apps. It would be embarrassing if it weren’t so very desperately sad. They effectively halted all in-box-app progress the moment it was shown off at WWDC23 — nothing new has been announced since

Steve Troughton-Smith:

2 years on and Apple still hasn’t figured out a deal with Netflix for the Vision Pro?

Previously:

Update (2025-10-16): Matt Birchler:

Maybe I’m misunderstanding something here, but it seems like the original model was unable to take full advantage of the displays, otherwise how would we be getting better display “specs” with the same hardware?

John Gruber:

It’s a tacit acknowledgement that physical comfort has been a real problem for many people who’ve tried Vision Pro. (Me, personally, I find using it with the Solo Knit Band comfortable for as long as I care to use it — which is typically just 2–3 hours, tops.)

[…]

No price drop, no change to the form factor. But Apple’s interest in the platform is very much alive.

Update (2025-10-17): Juli Clover:

It appears M2 Vision Pro owners are eager for an accessory that makes the headset easier to wear, because the $99 Dual Knit Band is now backordered for at least a month. As of yesterday, new Dual Knit Band orders were delivering between November 7 and November 14, and wait times could get even longer.

Update (2025-10-22): Joe Rossignol:

The first reviews of the Vision Pro with the M5 chip have been shared by selected publications and YouTube channels, ahead of the device launching this Wednesday.

Apple M5

Apple (Hacker News, MacRumors):

Built using third-generation 3-nanometer technology, M5 introduces a next-generation 10-core GPU architecture with a Neural Accelerator in each core, enabling GPU-based AI workloads to run dramatically faster, with over 4x the peak GPU compute performance compared to M4. The GPU also offers enhanced graphics capabilities and third-generation ray tracing that combined deliver a graphics performance that is up to 45 percent higher than M4. M5 features the world’s fastest performance core, with up to a 10-core CPU made up of six efficiency cores and up to four performance cores. Together, they deliver up to 15 percent faster multithreaded performance over M4. M5 also features an improved 16-core Neural Engine, a powerful media engine, and a nearly 30 percent increase in unified memory bandwidth to 153GB/s.

Previously:

Update (2025-10-16): Dimitri Bouniol:

M5 seemingly only supporting Thunderbolt 4 ruins the hope I had that the base M5 Mac mini would support Thunderbolt 5 next year 😔

Update (2025-10-20): BasicAppleGuy:

Apple Silicon: M1 to M5

Update (2025-10-21): Hartley Charlton:

Compared to the M4 chip that Apple launched in May 2024, the M5 delivers[…]

Update (2025-10-22): Jason Snell:

It reminded me, though, that I have tried to build some charts to help visualize how Apple’s chip progress is going. I wrote about this for the A series of chips back in September. Here are the requisite M series charts[…]

[…]

So the very, very broad overview of what the M5 brings is a lot like the overview of the A19: In this generation, the CPU cores got a bit better, and the GPU cores took a much larger jump.

Federico Viticci:

Looking at Max’s benchmarks with Qwen3 8B and a ~20,000-token prompt, there is indeed a 3.65x speedup in tokens/sec in the prefill stage – jumping from 158.2 tok/s to a remarkable 578.7 tok/s. This is why I’m very excited about the future of MLX for local inference on M5, and why I’m also looking forward to M5 Pro/M5 Max chipsets in future Mac models.

Update (2025-10-31): Howard Oakley:

Thanks to your overwhelming response to my appeal for information about CPU core frequencies in M3 Ultra and M5 base chips, this article updates the data to cover those new models in addition to all previous M-series chips.

Tuesday, October 14, 2025

Neo Network Utility 2.0

Eric Böhnisch-Volkmann:

Here’s Neo Network Utility 2.0 with a refreshed yet familiar design for macOS Tahoe, including menu icons, pill-shaped buttons, and a modern tab view. It actually looks good in Liquid Glass.

Of course we didn’t just touch it up a bit. The new version lets you open multiple windows and run commands in all the tabs simultaneously. Switch between the tools from the menu or via key commands. On the Info tab, a visual link status indicator immediately tells you that the network connection is active, and with location services enabled, you can now see the interface’s SSID and BSSID. For looking up DNS data, Neo Network Utility uses the ICANN’s latest RDAP implementation.

This is a free replacement for Apple’s discontinued Network Utility.

Previously:

Juice Jacking Protection Setting Broken in iOS 26

Ric Ford (PDF):

Researchers at Graz University of Technology discovered severe, unpatched vulnerabilities in iPhones, Android phones and other devices that facilitate attacks and data theft via malicious USB chargers. Previously known and addressed as “juice jacking,” the effective new technique has been titled “ChoiceJacking.”

Adam Engst:

This vulnerability exists because USB ports can simultaneously transfer both power and data, potentially allowing a compromised charging station in an airport, hotel, or other public place to attack a connected iPhone.

Although there are no reports of juice jacking attacks in the wild, Apple added protection against this vulnerability years ago with a setting that explicitly prompts you to allow wired accessories to connect. You can configure iOS to handle accessories in four ways: ask every time, ask only for new accessories, automatically allow connections when the device is unlocked, or always allow connections.

[…]

Unfortunately, as a post on a private mailing list alerted me, there’s a bug in iOS 26.0.1 related to the accessory protection controls in Settings > Privacy & Security > Wired Accessories. The bug also affects iPadOS 26. For some iPhones and iPads, including both my iPhone 17 and fourth-generation iPad Air, the accessory connection control is locked to Always Allow, and a note below says, “This setting is managed by your organization and cannot be changed.”

Previously:

Apple TV, Apple TV, Apple TV, and Apple TV

Eric Slivka:

Buried in its announcement about “F1: The Movie” making its streaming debut on December 12, Apple has also announced that Apple TV+ is being rebranded as simply Apple TV.

[…]

Apple of course offers its set-top box hardware under the Apple TV name while also offering the Apple TV app across various platforms as a hub for Apple TV + and other content. As a result, offering Apple’s streaming service itself under the same name may lead to some confusion, and the reason for the change is unclear.

Christina Warren:

lol so I can watch Apple TV on the Apple TV app on Apple TV

Benjamin Mayo:

No normal person ever referred to it as “Apple TV+”. Most people just called it Apple TV, and now that’s what it is called. Way better.

I thought “Apple TV+” made sense in that there are other “+” services like Disney+ and Apple News+. But, as with iCloud+, I don’t think the name really caught on. People just call them “Apple TV” and “iCloud” and then maybe mention that they’re subscribed or which plan they have.

John Gruber (Mastodon):

Like, if you’re telling someone how much you enjoy Slow Horses and they ask how to watch it, it’s more natural and conversational to just say “It’s on Apple TV”. That’s what most people say.

[…]

But right there in Apple’s own “About Apple TV” description, you see just how overused “Apple TV” now is. You can watch Apple TV in Apple TV on Apple TV — the paid service in the free app on the set-top box. But you can watch any streaming service you want on the box, in that service’s own app. But many of those services are also available in the Apple TV app. And the Apple TV streaming service is also available on just about all other popular set-top hardware platforms. So you don’t need an Apple TV to watch Apple TV.

If anything, it’s the hardware that feels like it needs a new name now. But, as with the app, I guess people will just add a suffix (“box”) when they need to disambiguate.

Adam Engst:

While “Apple TV+” may not have been the most inspired name, removing the “+” hardly qualifies as creating a “vibrant new identity.” Craig Federighi’s WWDC jokes about Apple’s “crack product marketing team” being “fully baked” are starting to feel less like humor and more like accurate commentary.

I guess the “vibrant” is meant to refer to the new icon, but Apple did not make this clear.

Zac Hall:

The Apple TV app only just got a refreshed icon with iOS 26 and Apple’s Liquid Glass redesign.

Starting with iOS 26.1, Apple is adding a splash of color to the recently updated icon.

They’re also changing the hard drive icon again.

Previously:

Cultivated Task Cancellation

Max Seelemann (on his new blog):

So how do you tell if a task supports cancellation? That’s tricky to answer per-se because cancellation is voluntary behavior and needs to be represented in the task’s value or error type. If you’re lucky, cancellation support (or lack thereof) is documented.

[…]

The designated way to check for cancellation is to use static properties like Task.isCancelled. Using static properties may seem odd at first, but it’s clever: APIs called inside the task can check for cancellation without knowing where they’re running or taking task handles as arguments. In fact, such APIs are probably the best way to handle cancellation, as we’ll see shortly.

[…]

You might be thinking, “okay, nice and all. But why go to all this effort to explain something that’s baked into the system anyway?” Well, I fear here comes an inconvenient truth. Not many things in the Standard Library and Foundation have cancellation support built in. In fact, as far as I know, it’s just three.

Update (2025-10-15): Max Seelemann:

  • The Task initializer is declared as @discardableResult, which means you can create a task and let go of its handle without a warning, like Task {…}. This makes it too easy to unintentionally set up a task that’s forgotten and runs forever.
  • It’s too easy to forget to call the cancel method. Especially when the task is stored in an array or dictionary rather than a single instance variable. Every task handle would need to be cancelled individually when removed or replaced.

[…]

To solve number 2, we wrote a little wrapper called ScopedTask, which handles cancellation automatically.

[…]

I published the source for ScopedTask on GitHub—feel free to use or adapt it to your needs.

Update (2025-10-21): Max Seelemann:

The signature of the cancellation handler is @Sendable () -> Void—a synchronous sendable non-throwing non-isolated closure with no arguments and no return value. Which means:

  • You cannot “return” or “throw” out of the main operation from the handler; you can only influence its course of execution.
  • To achieve that, you must use only sendable (thread-safe) constructs.
  • And these constructs must be synchronously accessible.

[…]

The only standard library construct that fulfills all these requirements out of the box is Task itself. We’ll see an example shortly. But for anything else, you have no choice but to go to lower-level mechanisms…like locks.

[…]

So that is a simple function that suspends until cancelled. 😅 Only that, in my opinion, it’s not simple at all—it’s really complex with numerous pitfalls small and large. Should this keep you from implementing cancellable tasks? It shouldn’t, but you should sharpen your senses.

Sunday, October 12, 2025

Clips Discontinued

Eric Slivka:

Apple has essentially discontinued Clips, its video-editing app designed to allow users to combine video clips, images, and photos with voice-based titles, music, filters, and graphics to create enhanced videos that can be shared on social media sites.

The app has been removed from the App Store, and a support document on Apple’s site says that the app is no longer being updated and would no longer be available for download for new users as of yesterday.

Deeje Cooley:

I never understood who Clips was for.

Joe Rosensteel:

I would like someone at Apple to explain how the company that has the best smartphone video recording experience can’t make any good video editing apps for smartphones.

Alex Gollner:

The effects, transitions and even transcribing titles in Clips were made in Motion.

Apple didn’t enable third-party toolmaking for Clips.

Benjamin Mayo:

speaking of Apple video editors, iMovie hasn’t received new features for like three years …

Nick Heer:

Before it was pulled offline, it was most recently updated in May 2024.

I am truly curious about the likely lifespan of a few recent Apple apps. How much longer will Invites last? Sports seems like it could be around for longer, but I am a little worried about Classical, which still does not have a Mac app.

Steven Aquino:

I remember covering Clips at the time of its introduction because, as ever, there were accessibility ties. To wit, Apple was boastful of the fact the app could generate real-time captions for its short-form videos; the captions were useful, of course, to Deaf and hard-of-hearing people so as to make dialogue more accessible and inclusive. Back then, I remember thinking how inspired it was given TikTok and Instagram Reels had yet to pervade the mainstream consciousness. Nowadays, the vast majority of these videos I see all have live captions enabled by default, and it’s heartening to notice the change as a lifelong disabled person who, coincidentally, has a level of congenital hearing loss.

Previously:

Update (2025-10-14): Craig Grannell:

I always rather liked Clips. It was fun, simple and creative. I used it for a few YouTube shorts. But then I liked Music Memos too – another smart little app that was also unceremoniously canned.

Adam Engst:

I apparently recorded 19 seconds of test video in Clips in 2017, when it was introduced, but haven’t thought about it since editing Julio Ojeda-Zapata’s review (see “Apple’s New Clips App Is iMovie for the Social Age,” 26 April 2017). Although Julio liked Clips at the time, it didn’t seem to resonate with users, perhaps because it was never clear what you were supposed to do with the videos you created.

NSO Group Acquired

Lorenzo Franceschi-Bicchierai (via Hacker News):

NSO spokesperson Oded Hershowitz told TechCrunch on Friday that “an American investment group has invested tens of millions of dollars in the company and has acquired controlling ownership.”

Confirmation of the deal came soon after Israeli tech news website Calcalist reported Friday that a group led by Hollywood producer Robert Simonds agreed to purchase the surveillance tech maker in a deal valued in the tens of millions of dollars.

[…]

NSO has long claimed that its spyware is designed to not target U.S. phone numbers, likely to avoid hurting its chances to enter the U.S. market. But the company was caught in 2021 targeting about a dozen U.S. government officials abroad.

Soon after, the U.S. Commerce Department banned American companies from trading with NSO by putting the spyware maker on the U.S. Entities List.

Previously:

AI in Chrome, Neon, and Dia

Juli Clover:

Google today said that Gemini AI is being integrated into the Chrome browser for the Mac and PC. Chrome users in the U.S. will get the functionality first, with Gemini able to clarify complex information on any webpage.

There will be a small Gemini symbol in the upper right side of the browser that will offer options like learn about the page or explore a topic when clicked. By default, the Ask Gemini interface will answer questions about the tab that you have open.

There’s also a big AI Mode button in the address bar to initiate searches.

Tim Hardwick:

Opera today launched its subscription-based, AI-focused Neon browser, which joins a growing field of companies touting agentic browsing capabilities.

[…]

Available to early access users at $19.99 per month, Neon aims to go beyond traditional browsing by using AI to execute tasks directly within the browser. Neon can open and close tabs, compare information across multiple sources, and even complete transactions on a user’s behalf.

Central to Neon’s design is the Tasks feature, which creates self-contained workspaces for different projects. Each Task functions like a mini-browser with its own context, allowing the AI to act across multiple sources without accessing information from other parts of the browser.

Tim Hardwick:

The Browser Company’s Dia app is now open to anyone on Mac. It’s the first time the AI-powered browser has been widely available since its beta launch in June.

Dia is another AI-first browsing experience that’s centered around tab-based chat functionality. The browser includes Skills, which are a mix of user-created and built-in shortcuts for everyday tasks like planning, learning, writing, and coding. Current Skills include summarization, fact-checking, browsing history analysis, outlining, and productivity planning.

Previously:

Script to Detect Slow USB-C Cables

Kaushik Gopal (via Hacker News):

You have a drawer full of USB cables. Half are junk that barely charge your phone. The other half transfer data at full speed. But which is which?

[…]

The script parses macOS’s system_profiler SPUSBHostDataType command, which produces a dense, hard-to-scan raw output[…]

[…]

The first version was a bash script I cobbled together with AI. It worked, but was a mess to maintain. Because I let AI take the wheel, even minor tweaks like changing output colors were difficult.

But then he asked Claude to rewrite it to be easier to maintain.

That’s the real story. Not the script, but how AI changes the calculus of what’s worth our time.

Previously:

Update (2025-10-14): Ben Fry:

Quick hack to detect the speed of plugged-in USB devices on macOS, then write a simple HTML page with the info and open it in a browser. Very basic Python script now posted as a GitHub gist.

Friday, October 10, 2025

Evolution of Apple Security Bounty Program

Apple (Wired, MacRumors):

We’re doubling our top award to $2 million for exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks. This is an unprecedented amount in the industry and the largest payout offered by any bounty program we’re aware of — and our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilities discovered in beta software, can more than double this reward, with a maximum payout in excess of $5 million. We’re also doubling or significantly increasing rewards in many other categories to encourage more intensive research. This includes $100,000 for a complete Gatekeeper bypass, and $1 million for broad unauthorized iCloud access, as no successful exploit has been demonstrated to date in either category.

They’re referring to a Gatekeeper bypass “with no user interaction,” but I don’t really understand what that would mean. Doesn’t Gatekeeper only come into play when there is user interaction? If there’s no user interaction, that seems like it would be a zero-click exploit, which should be worth way more than $100K.

In addition to increasing reward amounts and expanding bounty categories, we’re making it easier for researchers to objectively demonstrate their findings — and to determine the expected reward for their specific research report. Target Flags, inspired by capture-the-flag competitions, are built into our operating systems and allow us to rapidly review the issue and process a resulting reward, even before we release a fix.

When researchers demonstrate security issues using Target Flags, the specific flag that’s captured objectively demonstrates a given level of capability — for example, register control, arbitrary read/write, or code execution — and directly correlates to the reward amount, making the award determination more transparent than ever. Because Target Flags can be programmatically verified by Apple as part of submitted findings, researchers who submit eligible reports with Target Flags will receive notification of their bounty award immediately upon our validation of the captured flag. Confirmed rewards will be issued in an upcoming payment cycle rather than when a fix becomes available, underscoring the trust we’ve built with our core researcher community.

Jeff Johnson:

A major evolution would be if Apple actually paid people who submitted bugs instead of arbitrarily deciding “nope”

The changes sound good, but this was my first thought, too. I think the problem with the bounty program wasn’t that it didn’t claim to pay enough or in enough categories. It was that Apple has a history of not counting exploits that seem like they should count, downgrading them to lower categories, delaying fixes and thus payments, and withholding payments until after being called out in the press. If you discover an exploit, it should be a no-brainer to write it up and submit it through the proper channels because you trust that Apple will take it seriously and that you’ll get paid. But that’s not the case from what I’ve seen.

Previously:

Update (2025-10-15): See also: Bruce Schneier.

Update (2025-10-20): Rosyna Keller:

I’m going to write a blog post about a privacy leak Apple fixed reluctantly, didn’t get a CVE, and then Apple decided wasn’t worth a bug bounty despite the very important information it leaked.

It’s gotta be responsible to disclose it by now. But it was damn hard to find a phone that’ll run iOS 18.7, because Apple decided not to fix it there.

DEICER Removed From the App Store

Pablo Manríquez:

Apple has quietly removed DeICER, a civic-reporting app used to log immigration enforcement activity, from its App Store after a law enforcement complaint — invoking a rule normally reserved for protecting marginalized groups from hate speech.

[…]

Apple told developer Rafael Concepcion that the app violated Guideline 1.1.1, which prohibits “defamatory, discriminatory, or mean-spirited content” directed at “religion, race, sexual orientation, gender, national/ethnic origin, or other targeted groups.”

Some people are upset about this part because government officers aren’t normally considered a protected class. But that’s not the language the guideline uses. And I see no reason to allow this sort of content targeted at any group, be it teachers, Supreme Court justices, people who look a certain way or live in a certain state, whatever. Apple’s reasoning isn’t bogus because it’s protecting the wrong people; it’s bogus because that’s not what the app is doing.

But Apple’s justification went further. “Information provided to Apple by law enforcement shows that your app violates Guideline 1.1.1 because its purpose is to provide location information about law enforcement officers that can be used to harm such officers individually or as a group,” the company wrote in its removal notice.

Since that’s not the stated (or designed) purpose of the app, the “that” should have been a “which.” And then Apple’s justification doesn’t make any sense.

Concepcion’s appeal to Apple emphasized that DeICER was “a tool for education and lawful civic engagement, not the targeting or tracking of law enforcement.”

“Users cannot follow, locate, or monitor officers in real time,” he wrote in his memo to Apple’s App Review Board. “Any observation entered in the app represents a single moment in time, not a persistent or live tracking function.”

Via John Gruber (Mastodon):

There’s not one story about any of these apps being used to harm ICE agents. And even if such an attack happened, that wouldn’t imply it’s the purpose of these apps.

I haven’t seen such a story, either. The Dallas gunman is reported to have used the app, but he didn’t it need to find the agents, as the attack took place at their office.

Mike Masnick:

And, yes, I’ll be the first to tell you that content moderation at scale is impossible to do well, and that applies to app stores as well. But when you see a pattern this consistent—and this convenient for state power—pointing to scale problems feels inadequate. This looks less like algorithmic confusion and more like Apple systematically bending its policies to accommodate government preferences while trying to maintain plausible deniability.

This reasoning is deeply problematic on multiple levels. First, it treats documentation of public officials’ public actions as equivalent to hate speech against marginalized groups. Second, it accepts law enforcement’s own assessment of what constitutes “harm” to them without any independent review. Third, it creates a precedent where any app that allows citizens to track government activity could be banned as “discriminatory” against public officials.

Reece Rogers and Lily Hay Newman:

While gone from Apple’s App Store, DEICER is also still available via Google Play and a website.

Previously:

Qualcomm Acquires Arduino

Qualcomm (Hacker News):

Qualcomm Technologies, Inc. today announced its agreement to acquire Arduino, a premier open-source hardware and software company. The transaction accelerates Qualcomm Technologies’ strategy to empower developers by facilitating access to its unmatched portfolio of edge technologies and products.

[…]

By combining Qualcomm Technologies’ leading‑edge processing, graphics, computer vision, and AI with Arduino’s simplicity, affordability, and community, the Company is poised to supercharge developer productivity across industries. Arduino will preserve its open approach and community spirit while unlocking a full‑stack platform for modern development—with Arduino UNO Q as the first step.

Andrew Cunningham:

Qualcomm didn’t disclose what it would pay to acquire Arduino. The acquisition also needs to be approved by regulators “and other customary closing conditions.”

The first fruit of this pending acquisition will be the Arduino Uno Q, a Qualcomm-based single-board computer with a Qualcomm Dragonwing QRB2210 processor installed. The QRB2210 includes a quad-core Arm Cortex-A53 CPU and a Qualcomm Adreno 702 GPU, plus Wi-Fi and Bluetooth connectivity, and combines that with a real-time microcontroller “to bridge high-performance computing with real-time control.”

David Groom:

During a press briefing last night, their commitment to remaining agnostic (i.e. not removing support for other silicon) was made clear, although my question of “for how long?” did not have a definitive answer. Optimistically, the new resources, access to other acquisitions like Edge Impulse, and ability to leverage Qualcomm’s own IP (the €44 retail price tag on the Q was another clue before the announcement that Qualcomm had a particular interest in this board!) may indicate an exciting new era for the now two-decade-old project.

Rui Carmo:

Lots of mixed feelings. Qualcomm has been promoting quite a few new development kits over the past year or so, and of course Arduino has tremendous mindshare, but that was built upon pretty agnostic and far-reaching microcontroller support, so it will be interesting to see how this evolves.

Hernando Barragán:

The history of Arduino has been told by many people, and no two stories match. I want to clarify some facts around the history of Arduino, with proper supported references and documents, to better communicate to people who are interested, about Arduino’s origin.

Thursday, October 9, 2025

Synology Reverses Ban on Third-Party Hard Drives

Hilbert Hagedoorn (via Hacker News):

Synology has backtracked on one of its most unpopular decisions in years. After seeing NAS sales plummet in 2025, the company has decided to lift restrictions that forced users to buy its own Synology hard drives. The policy, introduced earlier this year, made third-party HDDs from brands like Seagate and WD practically unusable in newer models such as the DS925+, DS1825+, and DS425+. That change didn’t go over well. Users immediately criticised Synology for trying to lock them into buying its much more expensive drives. Many simply refused to upgrade, and reviewers called out the move as greedy and shortsighted. According to some reports, sales of Synology’s 2025 NAS models dropped sharply in the months after the restriction was introduced.

Now, with the release of DSM 7.3, Synology has quietly walked the policy back. Third-party hard drives and 2.5-inch SATA SSDs can once again be used without triggering warning messages or reduced functionality. Drives from Seagate, WD, and others will work exactly as they did before—complete with full monitoring, alerts, and storage features.

John Voorhees:

The change of direction was revealed in a Synology press release announcing DiskStation Manager 7.3, the OS that runs the company’s Plus line of NAS hardware.

This is great news for Mac users who felt betrayed by Synology’s previous announcement. However, as Linder also points out it does not change the fact that the same “Plus” series of 2025 NAS hardware does not include hardware-accelerated transcoding of H.264 and HEVC video, which previous models supported.

Rui Carmo:

I’m happy that sanity prevailed, although not in time to prevent me from getting a second (non-Synology) NAS–which I suspect is what many serious customers went out and did, if only to test the waters.

This was an amazingly bad own goal, especially it being absurdly obvious that their target audience would be knowledgeable enough to see through a lock-in strategy[…]

Previously:

Eyes Up Removed From the App Store

Joseph Cox (Bluesky, Reddit):

Apple removed an app for preserving TikToks, Instagram reels, news reports, and videos documenting abuses by ICE, 404 Media has learned. The app, called Eyes Up, differs from other banned apps such as ICEBlock which were designed to report sightings of ICE officials in real-time to warn local communities. Eyes Up, meanwhile, was more of an aggregation service pooling together information to preserve evidence in case the material is needed in the future in court.

[…]

“Our goal is government accountability, we aren’t even doing real-time tracking,” the administrator of Eyes Up, who said their name was Mark, told 404 Media. Mark asked 404 Media to only use his first name to protect him from retaliation.

I’ve not seen an official statement from either Apple or the government. Perhaps there was a direct government request/demand about Eyes Up, but it’s also possible that there was a copyright concern (since the app collected content already uploaded to other platforms) or that Apple just took down everything related to ICE without specifically considering Eyes Up.

Wes Hilliard and Mike Wuerthele:

So, it’s not as if you can switch to another product or service in hopes of escaping these issues or voting with your wallet without going totally off grid. The problem doesn’t lie with the companies — it lies with those in power taking the actions, and making the “requests.”

Again, I think there’s a double standard here. If the government were requesting private customer data stored on Apple’s servers, you would blame the government (if the request were in fact unreasonable) but also blame Apple for not storing it securely. But design a system tailor-made for the government to control app distribution and it’s only the government’s fault for (ab)using it? This is not a recently discovered vulnerability. It was obvious in theory from the dawn of the App Store, and governments have been putting it into practice for almost as long.

Paul Haddad:

At the rate things are going, I expect an “Apple provides government with list of users who downloaded ICEBlock app” headline in a few more weeks.

It’s also a flaw in the system that Apple gets a list of all the apps everyone’s installed, even for free apps.

Richard Hyde:

It won’t just be a list of users though, thanks to “Find My” they’ll have their current location too.

Kyle Hughes:

I am complicit for having spent my career trying to make this platform attractive to users—drawing them out of places where their rights had more resilience.

[…]

I fixate on clear examples that make it easy to think about nuanced topics.

That it is federally illegal to distribute TikTok, yet it remains in the App Store, and that it is not illegal to host or share videos of law enforcement activity, yet these apps are being removed, is one such example.

Warner Crocker:

The Eyes Up website is still up and can be used for the same video archiving purposes with content uploaded from TikTok, Instagram or X and include “a mix of professional media reports and user-generated clips of ICE arrests.”

Previously:

Complying With Texas Age Verification

Apple (MacRumors, Slashdot):

Beginning January 1, 2026, a new state law in Texas — SB2420 — introduces age assurance requirements for app marketplaces and developers. While we share the goal of strengthening kids’ online safety, we are concerned that SB2420 impacts the privacy of users by requiring the collection of sensitive, personally identifiable information to download any app, even if a user simply wants to check the weather or sports scores.

[…]

Once this law goes into effect, users located in Texas who create a new Apple Account will be required to confirm whether they are 18 years or older. All new Apple Accounts for users under the age of 18 will be required to join a Family Sharing group, and parents or guardians will need to provide consent for all App Store downloads, app purchases, and transactions using Apple’s In-App Purchase system by the minor. This will also impact developers, who will need to adopt new capabilities and modify behavior within their apps to meet their obligations under the law. Similar requirements will come into effect later next year in Utah and Louisiana.

The way Apple wrote this, it sounds like they aren’t going to require verification of existing accounts. They also don’t say which “sensitive” information they’ll need to collect, and the legislation leaves this vague. I don’t like the idea of being forced to give Apple my driver’s license (or whatever), but neither do I like the longstanding system where Apple gets to see which apps I’ve installed on my iPhone or launched on my Mac.

Previously:

Update (2025-11-05): Apple:

To meet their obligations under the law, developers may need to adopt new capabilities to receive age category information, trigger consent for a significant change, and learn when a parent or guardian revokes their approval for a child or teen to use their app. Developers can use the following APIs available in the beta versions of iOS 26.2 and iPadOS 26.2 to help them meet their obligations. Sandbox testing is also available to help test the user experience when implementing these APIs to comply with Texas state law.

French Siri Spying Lawsuit

Océane Herrero:

The investigation, led by the country’s cybercrime agency OFAC, follows a complaint in February by the French NGO Ligue des droits de l’Homme, based on the testimony of a whistleblower and former employee of an Apple subcontractor Thomas Le Bonniec.

As an employee of Globe Technical Services in Ireland in 2019, Le Bonniec analyzed recordings made by Siri to improve the quality of the voice assistant’s responses. That involved listening to thousands of user recordings, which Le Bonniec said could reveal intimate moments and confidential information, and could be used to identify users.

[…]

The February complaint also paved the way for an ongoing class action in France. That was inspired by a class action in the United States, which saw Apple accused of recording private conversations without consumers’ knowledge. Apple agreed in December 2024 to settle the case for $95 million. The company denied any wrongdoing.

Via John Gruber:

Sending recorded Siri voice interactions to Apple is opt-in, and the opt-in screen is very clear and cogent.

That’s the case today, but it seems like this investigation is based on the same time period as the American lawsuit. Back then, it was not clear to customers that the recordings were retained and used outside of Apple, and the generic iOS opt-out control did not affect Siri recordings. Apple later added a Siri-specific opt-out switch, and then made it opt-in. Here Apple’s response from January. I wish Apple had not settled the lawsuit then because it made them look like they had something to hide. Le Bonniec is called a whistleblower. Does he have any new information, or is the French lawsuit just piggybacking and trying to get its own settlement?

Previously:

Wednesday, October 8, 2025

Customer Support Scams

Daniel Jalkut:

I’m seeing more of a scam directed at customer support addresses, where the scammer pretends to be a customer who is having trouble with the app, and asks you to look at a screenshot of the problem, which is a link to a page that coaxes you into running a nefarious program on your computer.

John Brayton:

I just got this one yesterday. It initially asked about a cookie consent dialog on my website. (Of course my websites do not have cookie consent dialogs.)

Other Mac developers have reported this, too. I haven’t gotten this one yet, but I’ve seen some targeted messages that seem to be AI-generated.

Previously:

Evolving AltStore PAL

Riley Testut:

In April of last year, we launched AltStore PAL in the European Union as one of the first official alternative app marketplaces on iOS thanks to the Digital Markets Act. We launched with just 2 apps — my Nintendo emulator Delta and clipboard manager Clip — yet Apple immediately changed their App Store rules to allow emulators worldwide for the first time ever.

[…]

By far our number one request, we’re planning to launch AltStore PAL in more countries later this year in response to various regulatory changes around the world. Specifically, we plan to launch in Japan, Brazil, and Australia before the end of the year, with the UK to follow in 2026.

[…]

Using ActivityPub, we plan to federate apps, app updates, and news alerts from AltStore to the open social web. Each AltStore source will receive its own ActivityPub account, which can then be followed by any other open social web account. You’ll be able to like, boost, and reply to everything, and most importantly all these interactions will appear natively in AltStore.

[…]

Pace Capital is investing $6 million USD in AltStore in exchange for 15% equity. We will use this money to hire a few employees and build out a team, giving us the necessary bandwidth to finalize Fediverse integration and expand AltStore worldwide, while also releasing betas and app updates on a more regular basis.

[…]

Alternative app marketplaces are needed more than ever now, with new reasons for them popping up every week. If there’s one constant though, it’s that Apple simply cannot be trusted to be the sole distributor of apps on the iOS platform.

Even with app marketplaces, though, Apple still controls distribution through code signing and notarization. There is no equivalent of the Mac’s Gatekeeper override.

Previously:

Lessons From San Bernardino and ICEBlock

Wiley Hodges:

I used to believe that Apple were unequivocally ‘the good guys.’ I passionately advocated for people to understand Apple as being on the side of its users above all else. I now feel like I must question that.

[…]

The event that represented a turning point for that skeptical view of Apple was the stand against the FBI over the San Bernardino case. You took a risky stand that was in keeping with the principles you had articulated for the company. The result was bigger than the one case: that act of lawful, principled defiance of government intimidation and jawboning helped to convince people that Apple’s actions and stated ideals were in alignment; that the company was walking the walk as well as talking the talk.

[…]

Acceding to a government ‘demand’ without demanding that the government follow legal process in order to back up its request (or at least shedding light on how the government did follow such process) raises the question of how easily Apple will accede to other requests.

[…]

Will Apple give data on the identities of users who downloaded the ICEBlock app to the government? Will Apple block podcasts that advocate points of view opposed to the current US administration? I imagine and hope that these are ridiculous questions, but without a clearer demonstration of Apple’s principled commitment to lawful action and due process, I feel uncertain.

Via John Gruber:

But, exactly as many critics of the App-Store-as-exclusive-distribution-point-for-native-software model have long warned, it’s proven to be a choke point that Apple was unwilling to defend.

I don’t think the problem is really Tim Cook or whoever at Apple made the ICEBlock decision last week. The current situation is just the symptom of a decision made long ago: for Apple to be a choke point for app distribution. If your solution to government overreach is to depend on the right person being in charge, who will say no, you’ve already lost.

Apple understands this with customer privacy. If you don’t want to have to give up user data, you design the system to store as little of it as possible, and you try to store everything else in such a way that you can’t actually access it. There have been flaws in the execution, but Apple has clearly articulated this principle and worked towards it. What you don’t do is upload the user’s most private data to iCloud, encrypt it with a password that only Tim Cook knows, and hope that he’ll never access it, because you trust him. Maybe he wouldn’t, but he won’t be there forever, and ultimately there’s not much Apple can do if it gets a legally valid request for something it can easily provide.

Yet that’s what Apple’s done with app distribution. They designed a system with a kill switch, and now people are surprised and upset that they used it. The problem is not that they pressed the button this one time when you didn’t want them to. The problem is that there is a button and Apple likes having it. They value it more than your right to use your own device as you see fit. They justify it by saying that the button is there for your protection.

Hodges is asking Tim Cook and his team to “more clearly explain the basis on which” they pressed the button, but I don’t think that’s the right question at all. If we were talking about privacy, would you be satisfied with a secure golden key accompanied by an essay about when it would be OK to use it? Would you even take such a proposal seriously?

The lesson of San Bernardino is not really that Tim Cook said “no.” It’s that he could say “no” because asking Apple to exploit an iPhone/iOS backdoor (build an “entirely new operating system,” as Apple put it) was different from asking Apple for data that it already had. (The FBI asked for that, too, and Apple provided it, as I believe it should have.) But Apple realized that the backdoor made the system insecure and removed it in subsequent iPhones. Now, at least in theory, no one has to rely on Cook saying “no” because he can’t say “yes.” Obviously, the analogy with app distribution is that the only way to prevent the kill switch from being used is to remove it.

Previously:

Tuesday, October 7, 2025

ToothFairy 2.8.8

ToothFairy 2.8.8 is a maintenance update of my Bluetooth menu bar utility.

As annoying as Bluetooth is as a user, it’s even more so as developer. Seemingly straightforward APIs don’t work as advertised. I don’t just mean that they can fail with an error. They can fail but say that they succeeded. They can succeed but say that they failed. Sometimes the synchronous API will work when the asynchronous one doesn’t or vice-versa. Sometimes the async API never calls back.

With each major new macOS release, I hope it will fix some of this, but each seems to add its own new wrinkle that requires a workaround. With Tahoe, the issue is that IOBluetoothDeviceSelectorController sometimes doesn’t show devices even though they are paired with the Mac. They work and show up in System Settings but not in the Bluetooth chooser dialog to add them to a third-party app. This never seems to happen with AirPods, perhaps because their pairing is handled differently and syncs via iCloud, but it seems to be reasonably common with third-party headphones and input devices (and even Apple’s own Magic mouse/keyboard/trackpad).

Previously:

iOS 26.1 Alarm Buttons: Slide to Stop

Juli Clover:

With the second beta of iOS 26.1, Apple updated the design of alarms set on the iPhone, making them harder to dismiss than before.

Stopping an alarm in iOS 26.1 beta 2 requires a new Slide to Stop gesture rather than a simple tap. You can continue to tap to snooze an alarm, but if you want to turn it off entirely, you need to use a swipe.

[…]

The new Slide to Stop button is still as large as the Snooze and Stop buttons, so Apple keeps its updated design, while solving the problem that it introduced.

Marco Arment:

The Alan Dye era: a new design creates problems, requiring more hacks and complexity to evade, ending up less usable and elegant than the old design.

Wensh:

Hard disagree, new design is much better than the old design. Makes it easier to hit the buttons, adding a slide action is good to avoid accidental hits.

Happy Striker:

Honestly, I hate the snooze feature and I wish for a setting, that will disable snooze for all new alarms i create once and for all 😅

zkarj:

I thought the old design was worse because I couldn’t read either button! I thought maybe I’d learn not to hit the bright orange thing, but no, I never did. I vastly prefer what we have in 26.0. Even if I can only read the orange button through bleary, just-woken eyes, I know it’s the wrong one to hit.

Previously:

Update (2025-10-09): Pierre Igot:

Why is there some kind of shadow that makes “slide to stop” almost impossible to read?

Testing CarPlay Ultra

Michael Teo Van Runkle:

Connecting to Ultra via Bluetooth takes a minute or two longer than traditional CarPlay and includes more consent screens to cover the additional legal ramifications of the operating system sharing data with the car, and vice versa. […] Once initiated, though, Ultra fired up straightaway every time. Much faster than the typical lag to boot up traditional CarPlay.

[…]

Call me old-fashioned, but I still enjoy seeing a tachometer, speedometer, drive modes, and fuel level versus range remaining and a digital speed—especially on an engaging performance vehicle like the DB12 Volante. Apple might be skilled at making new tech easy to use, but it’s hard to beat the power of millions of minds adapting to analog gauges over the past century or so. And in this case, Ultra’s tach(s) showed a bit of latency or lag while ripping that 671-hp twin-turbo V8 up through the revs, something I never noticed in the native UI.

[…]

Ultra’s biggest improvements over preceding CarPlay generations are in the center console infotainment integration. Being able to access climate controls, drive modes, and traction settings without leaving the intuitive suite of CarPlay makes life much easier.

[…]

Plus, over the course of my eight days with Ultra, I experienced one moment where both the infotainment and gauge cluster went totally black.

Fahadx:

Finally, someone tested what would happen to the CarPlay Ultra UI when your iPhone restarts or is shut down.

It’s what I expected, but a reboot still has annoying connectivity issues[…]

TheStraightPipes:

Yuri and Jakub Test Drive the 2026 Aston Martin Vantage Roadster[…]

They find that CarPlay Ultra is laggy, both switching between different modes and also just updating the gauges. They ask Siri to play music from channel 9, but it plays channel 18 instead.

William Gallagher (9to5Mac, The Verge, MacRumors):

The Ford Motor Company has previously committed to staying with the basic Apple CarPlay, but it won’t be adopting the newer CarPlay Ultra. Speaking to Joanna Stern on the Decoder podcast, CEO Jim Farley says he’s talked with Tim Cook many times about the future of integrated systems, but expects Ford may decide to make its own custom software.

Malcolm Owen:

Referring to a so-called “CarPlay myth” that drivers use it considerably, BMW SVP of UI/UX Development Stephan Durach insists that it is not true. Instead, BMW drivers really prefer using the car maker’s system.

[…]

Durach refers to BMW’s in-car data, collected from 10 million cars, as proof to bust the myth. “We can see what our customers are doing,” he adds.

Joe Rossignol:

On the latest episode of The Verge’s Decoder podcast, Rivian CEO RJ Scaringe told guest host Joanna Stern why the EV maker continues to pass on Apple’s CarPlay — both the standard version and the more advanced CarPlay Ultra.

Echoing his previous comments on the matter, Scaringe said Rivian is focused on offering a “seamless digital experience,” where customers do not need to switch between its own software and CarPlay. Instead, he said Rivian prefers to provide an à-la-carte selection of built-in apps, such as Apple Music, Google Maps, Spotify, and YouTube.

Casey Liss (Mastodon):

RJ is wrong: customers do not want a seamless digital experience within the apps on their car. Customers want a seamless digital experience with their smartphones. Everywhere.

CarPlay is the way you get it.

[…]

But what if RJ is wrong? There’s no reason Rivian can’t have their bespoke and seamless experience for those that prefer it, and offer CarPlay for those that want it.

Previously:

CarPlay in iOS 26

Jonathan Reed:

Apple brings much more customization to our in-car displays, mainly by letting the much heralded features of CarPlay Ultra trickle down to regular CarPlay.

[…]

CarPlay has taken on the visual qualities of Liquid Glass. Since CarPlay is essentially a mirror for your iPhone, this is to be expected, but it’s been done in a way that hasn’t created any legibility issues.

[…]

Legibility issues can be further improved with a new Large Text option. Quite simply, it makes text larger system-wide in 100, 110, 120, and 135% increments. While this is good to have, what’s stopped me from increasing my text size is that very implementation: system-wide.

I want to decrease the font size.

Lastly, Smart Display Zoom aims to resize elements of the UI to better fit your car’s screen. It’s unclear how it determines this, and I’ve seen as many people have their UI reduced as have their UI increased in size, which is what happened to me. Unfortunately, this made apps like Maps difficult to use, so I turned it off. It’s certainly worth checking out, but as with mine, you might not get the result you want.

[…]

CarPlay has created a new screen that you can access by swiping right from the multi-view layout. On this screen, you can have either one or two stacks of widgets (depending on your screen size).

This seems cool because it lets you see content from iOS apps that don’t have CarPlay versions.

Collin Allen:

Nothing but improvements here, particularly the adjustments to UI sizing. More like this, please.

On my particular display size, they got bigger and are much more tappable 😍

[…]

I think Smart Display Zoom is the feature that’s making the most difference for me.

Mario Guzmán:

Things on my display got way smaller and there’s way more density it seems.

Ric Ford:

Oligo Security discovered severe security flaws in Apple’s AirPlay and CarPlay software and Apple’s code embedded in third-party products. Apple eventually patched its own software after Oligo responsibly disclosed the security flaws to the company, but many millions of unpatched Apple devices and third-party devices remain vulnerable to wireless zero-click attacks and more.

Previously:

Monday, October 6, 2025

Epic Games Sees Benefits From Streamlined Install Flow

Epic Games (Tim Sweeney, MacRumors, The Verge, TechCrunch):

In response to ongoing Digital Markets Act enforcement, Apple has significantly improved the process for installing alternative app stores from the web in the European Union with iOS 18.6 in July. They’ve reduced the install flow from 15 steps to 6, eliminating their former scare screen and its misleading message, and eliminated a dead-end that left the user stranded in iOS Settings. As a result, we’ve seen a stunning 60% decrease in player drop-off during attempts to install the Epic Games Store.

Prior to Apple’s update, around 65% of users attempting to install the Epic Games Store on iOS were thwarted by Apple’s deceptive design. After the update, the drop-off rate has gone from 65% down to around 25%, and continues on a downward trend as users upgrade to the new version of iOS.

For the first time, we are starting to see iOS users install the Epic Games Store with a success rate approaching Windows users and Apple’s own Mac users.

They have screenshots of the new and old iOS install flows, as well as the Android one, which remains at 12 steps. Epic still doesn’t like Apple’s business terms for App Marketplaces.

Previously:

Helm 2.0

Modum (tweet):

The all-in-one iOS and macOS app that enhances App Store Connect, supercharging your app updates, localization, and ASO with AI-powered tools.

[…]

Using Helm is up to 12x faster than using the App Store Connect website.

[…]

It’s easier than ever to respond using templates, translations, and AI assistance. Additionally, Helm will automatically translate the review and generate a quick pros and cons list, so you’ll know exactly what to work on next.

[…]

Easily arrange & replace screenshots, auto-remove alpha channels, visionOS simulator support and Magic upload!

It’s $9.99/month or $49.99/year.

Helm 2.0:

The Launch List is one of our most used and loved features, as it gives users a quick overview of all the work they need to do before submitting their app. It also reduces friction with Apple’s services as you no longer need to keep trying to submit to see what’s missing.

[…]

Along with Screenshots, we have also taken the opportunity to improve the experience of one of our most used features, TestFlight. This is still an ongoing effort, but we have already made some wins in stability and streamlining the user experience.

[…]

More importantly, we didn’t just want to “support” iOS 26 and macOS 26. We wanted to rethink Helm for the new era of Apple’s platforms. The design system, the APIs, and the platform capabilities introduced in 26 have shaped how we approached this update. Starting fresh on the new baseline lets us focus on delivering the best possible experience without the complexity of maintaining older OS versions.

In fact, they’ve dropped support for previous OS versions.

Previously:

Bartender 6

Applause Group:

We’ve re-built Bartender from the ground up to be beautiful, performant, and reliable. Bartender has been a staple of Mac users for years, and that brought with it lots of old hacks & tricks. We’ve modernised everything, from the algorithms used to move your items, through to the design of the entire app.

The design seems to have been inspired by System Settings.

We’ve also brought our new movement system to Bartender 5, so you’ll get all the speed & reliability improvements for free on Sequoia. And yes, we’ve fixed the Apple menu bug.

[…]

We’ve maintained a strict commitment to privacy throughout the new Bartender. We know that granting screen recording permissions can be intimidating, so we’ve maintained our policy of the app not sending anything anywhere. Your menu item images are stored in memory to show them in Bartender Bar or the layout screen, and they aren’t persisted. We’ve also reduced the amount of times Bartender has to capture the bar too, so you’ll see the purple dot even less. For people who don’t want this at all, you can re-arrange your items once, then disable screen recording permissions and use Bartender in a locked-down mode.

I saw lots of speculation that after the acquisition it would switch to a subscription, but the new version is still a regular purchase at $20 ($12 for upgrades) vs. $16 ($8) for Bartender 5.

Roustem Karimov reports high energy use.

Previously:

Update (2025-10-09): Tommy Weir:

I don’t know if others on the latest Tahoe (non beta) have issues with Bartender 6, but it’s been the sole problem I’ve had since the upgrade. Endlessly re-indexing the apps, and slowing the Mac down to a crawl, only fixable by quitting.

Apple Files Another Anti-Steering Appeal

Juli Clover:

Startup accelerator and venture capital firm Y Combinator (YC) today filed an amicus brief supporting Epic Games in Epic’s continued legal fight with Apple. Y Combinator says that Apple’s “anti-steering restraints” have long inhibited the growth and development of technology companies that monetize goods and services through apps.

The company calls on the court to deny Apple’s appeal and uphold the order that required Apple to change its App Store linking rules in the United States.

Juli Clover (Hacker News):

The court order that required Apple to collect no fees from developers who link to purchases outside of the App Store is unconstitutional, Apple said today in a reply brief directed at Epic Games and filed with the Ninth Circuit Court of Appeals. Apple argues that it has been stripped of its rights to be compensated for its intellectual property in a ruling that sets a dangerous precedent for all companies.

[…]

Should the Ninth Circuit Court find the updated injunction lawful, Apple suggests that the recent Trump v. Casa Supreme Court ruling [PDF] needs to be considered. The ruling said courts do not have the authority to issue universal injunctions that are “broader than necessary to provide complete relief” to the plaintiffs in the case. Epic Games is the only plaintiff in the case, so Apple also argues that the injunction changing the App Store rules for all developers is too broad. Apple says that the injunction should be tailored to Epic and Epic’s interests alone.

Marcus Mendes:

The company also says that while the new injunction should be reversed because it relies on privileged documents (which we covered here)[…]

Previously:

Update (2025-10-28): Hartley Charlton:

Apple returned to court this week to argue that a federal judge exceeded their authority when they held the company in contempt and barred it from collecting any commission on external in-app transactions, Bloomberg reports.

Apple told the appeals court that a U.S. District Judge went further than their 2021 order allowed when they banned Apple from taking any commission on purchases made outside apps. Apple said the order only required it to allow links to outside payments, not to stop collecting fees entirely.

Friday, October 3, 2025

SpamSieve 3.2.1

SpamSieve 3.2.1 is a maintenance release of my Mac e-mail spam filter.

Previously:

EagleFiler 1.9.19

EagleFiler 1.9.19 is a maintenance release of my Mac digital filing cabinet and e-mail archiving app.

Previously:

ICEBlock Removed From the App Store

Ashley Oliver (Hacker News, MSN, The Verge, 9to5Mac):

Apple dropped ICEBlock, a widely used tracking tool, from its App Store Thursday after the Department of Justice raised concerns with the big tech giant that the app put law enforcement officers at risk.

[…]

Controversy surrounding ICE tracking apps intensified after last month’s deadly shooting at an ICE field office in Dallas, Texas, the latest in a series of attacks that appeared to be targeting immigration enforcement officers.

[…]

Apple said in a statement it removed ICEBlock and other apps like it.

“We created the App Store to be a safe and trusted place to discover apps. Based on information we’ve received from law enforcement about the safety risks associated with ICEBlock, we have removed it and similar apps from the App Store,” Apple said.

I’m surprised it lasted this long, since Apple also doesn’t allow apps for crowdsourcing DUI checkpoints, even though to my knowledge neither type of app is actually illegal. This is pretty much exactly how the HKmap Live situation played out, except that there Apple noted that the Web site could still be added to an iPhone user’s home screen. ICEBlock has no Web site (or Android app), so removing it from the App Store will eventually kill the service. I guess if you’ve already downloaded the app you can keep using it, but it won’t get any updates and can’t be transferred to new devices.

Previously:

Update (2025-10-04): John Gruber (Mastodon):

Fox, in its opening paragraph, describes Bondi as having “asked” Apple to remove ICEBlock from the App Store, but Bondi’s own statement uses the verb “demand”. The difference is not nitpicking. No one, not even Bondi, is claiming any aspect of ICEBlock is illegal.

[…]

Reporting and publishing where police are policing is free speech and fundamental to the civil rights and liberties of a free society.

[…]

We can all wish Apple had fought this “demand”. I certainly do. […] But I can also see why it’s not. Pick your battles.

You could look at this as a story about the Trump DoJ, and I don’t think that would be wrong. And you could argue that ICEBlock is more in the public interest than the DUI checkpoint apps, even though both are legal and both are free speech. But, zooming out, this is the same government-Apple pattern as before. Here, there were months of complaints from the administration about the app, then the recent shooting provided the justification for AG Bondi’s “demand,” after which Apple caved. Back in 2011, a group of Democrat senators, including the Majority Leader, “ask[ed]” Apple to remove DUI checkpoint apps from the App Store. Apple’s position at the time was that these apps were a “net positive” in terms of public safety. Then the government brought Bud Tribble before the Senate Judiciary Subcommittee, where Senator Schumer “demanded” and Senator Udall “lambaste[d],” and Apple changed its mind and banned the apps. The throughline is that Apple will stand up for customer privacy, unless that conflicts with a local law or Apple already has the requested data. But when it comes to apps that governments don’t like, it generally seems to remove them (as does Google).

dmitriid:

Imagine if there were independent stores on iOS or that users could install these apps from different sources.

Users should be able to just download and install the apps they want to run on their devices. Once, this was normal and expected, but now there’s a scary term for it: sideloading. The Web is sort of an escape hatch, but even its openness is in question, as both Apple and Google are working on attestation, which limits what users can do with their browser.

Previously:

Update (2025-10-06): Brent Simmons (Mastodon):

I can picture a future, as I bet you can, where RSS readers aren’t allowed on any app store, and we’re essentially required to use billionaire-owned social media and platform-owned news apps.

But there are issues with making NetNewsWire a web app.

[…]

A world where everything is on the web and nothing is on the machines that we own is a sad world where we’ve lost a core freedom.

[…]

What I want to see happen is for Apple to allow iPhone and iPad users to load — not sideload, a term I detest, because it assumes Apple’s side of things — whatever apps they want to. Because those devices are computers.

Cory Doctorow (Hacker News):

Apple does not permit its iPhone customers to install software unless it is delivered via their App Store. They claim they do so in order to protect their customers from their customers’ own bad choices about which apps to install. But time and again, Apple has shown that they exercise this control over their users to pursue their own ends, blocking:

  • A dictionary (because it contained swear words);

  • A game that simulated working in an Apple sweatshop;

  • An informative app that cataloged civilian casualties of US drone strikes;

  • The Tumblr app because some Tumblr blogs contained adult content; and

  • Working VPN apps for the entire nation of China.

Jeff Johnson:

Should anyone in the world be able to distribute iPhone apps? Yes.

Should anyone in the world be able to distribute iPhone apps with the explicit backing of Apple? No. Absolutely not.

[…]

The only reason this totally fucking nutty situation exists is that the purpose of the iOS App Store lockdown is NOT to protect Apple users but rather to extract money from developers.

I’ve always thought it was a mix of wanting money and control. But, in a way, Apple ends up with less control because, with no alternative distribution, it can’t really make the store the highly curated experience that you’d imagine it would want. Instead, the store is missing some apps that customers (and maybe Apple) would want but that governments don’t, and the store is also full of junk apps that customers don’t really want but that don’t really violate any rules so Apple kind of has to let them through.

Update (2025-10-08): John Gruber:

The only content ICEBlock contains is the location of law enforcement activity. Waze — and more notably, Apple’s own Maps app — do the exact same thing for highway speed traps.

This gets back to my earlier point that Apple has gone down a slope of policing apps based on how people choose to use them vs. based on what the binary actually does.

Previously:

Web Apps in iOS 26

Jen Simmons et al. (Mastodon):

For the last 17 years, if the website had the specific meta tag or Web Application Manifest display value in it’s code, when a user added it to their Home Screen on iOS or iPadOS, tapping its icon opened it as a web app. If the website was not configured as such, tapping its icon opened the site in a browser. Users had no choice in the matter, nor visible way to understand why some sites behaved one way while others behaved another.

On Mac, we took a different approach. When introducing Web Apps on Mac in Sep 2023, we made the decision to always open websites added to the Dock as web apps. It doesn’t matter whether or not the website has a Web Application Manifest. Users get a consistent experience. Add to Dock creates a web app.

Now, we are revising the behavior on iOS 26 and iPadOS 26. By default, every website added to the Home Screen opens as a web app. If the user prefers to add a bookmark for their browser, they can disable “Open as Web App” when adding to Home Screen — even if the site is configured to be a web app. The UI is always consistent, no matter how the site’s code is configured. And the power to define the experience is in the hands of users.

Previously:

Thursday, October 2, 2025

How to Export a Mac .icon File With the Proper Margins

Tahoe Mac app icons are supposed to have margins/padding so that there’s empty space around the edge of the squircle. The opaque pixels don’t touch the edge of the canvas. Icon Composer and Xcode handle this detail for you. You design your icon without having to worry about the margin, and Xcode automatically adds it when compiling your asset catalog.

The issue is, how do you get the proper margin on icon images used in other contexts (documentation, marketing, etc.)? If you export from Icon Composer, it generates PNG files with no margin, so the icon appears too large, even though the outer pixel dimensions are the same. For example, on the SpamSieve screenshots page, the Light icon is generated by Xcode, and the Dark/Clear/Tinted variants are exported from Icon Composer. The difference is substantial.

I posted about this on Mastodon and also found an old post in the Apple Developer Forums, but no one seemed to know the answer.

Back in June, I learned from John Brayton that you don’t have to manually export from the Icon Composer app. It has a command-line tool called ictool (formerly icontool) that can convert .icon files to .png. So I have a Makefile that generates all the different sizes and variants for all my apps using commands like this:

"/Applications/Xcode.app/Contents/Applications/Icon Composer.app/Contents/Executables/ictool" AppIcon.icon --export-preview macOS Light 128 128 1 AppIconLight.iconset/icon_128x128.png

Unfortunately, ictool, like Icon Composer itself, does not add the transparent margin.

I checked Xcode’s build log to see if there were other options it was passing but didn’t find anything. It looks like it’s not using ictool and instead compiles the icon directly into the asset catalog.

So far, the only solution I’ve found is to actually build my app with Xcode and then extract the icons it generated. You can view the contents of an asset catalog using Samra, but it doesn’t export. Asset Catalog Tinkerer has some export problems—it shows constituents of the .icon as having the same name and only exports one of them—but it’s fine for the purposes of extracting the fully rendered icons.

The method I prefer is to take the .icns file in the .app package and use iconutil to convert it to a folder of PNGs:

iconutil -c iconset -o AppIcon.iconset AppIcon.icns

Note that, by default, Xcode only generates the .icns file with sizes up to 256px. To get the larger sizes, you need to add to your .xcconfig file:

ASSETCATALOG_COMPILER_STANDALONE_ICON_BEHAVIOR = all

Unfortunately, relying on Xcode to apply the margins only works for the standard (Light) icon. This is the only one that it pre-generates. If you know how to get it to compile Dark/Clear/Tinted variants—or how to properly export those directly without using Xcode—please let me know.

Previously:

Sora App

OpenAI:

Today we’re releasing Sora 2, our flagship video and audio generation model.

The original Sora model from February 2024 was in many ways the GPT‑1 moment for video—the first time video generation started to seem like it was working, and simple behaviors like object permanence emerged from scaling up pre-training compute. Since then, the Sora team has been focused on training models with more advanced world simulation capabilities. We believe such systems will be critical for training AI models that deeply understand the physical world. A major milestone for this is mastering pre-training and post-training on large-scale video data, which are in their infancy compared to language.

With Sora 2, we are jumping straight to what we think may be the GPT‑3.5 moment for video. Sora 2 can do things that are exceptionally difficult—and in some instances outright impossible—for prior video generation models: Olympic gymnastics routines, backflips on a paddleboard that accurately model the dynamics of buoyancy and rigidity, and triple axels while a cat holds on for dear life.

Prior video models are overoptimistic—they will morph objects and deform reality to successfully execute upon a text prompt. For example, if a basketball player misses a shot, the ball may spontaneously teleport to the hoop. In Sora 2, if a basketball player misses a shot, it will rebound off the backboard.

Juli Clover:

The Sora app for iOS is available to download now, and it can be used in the United States and Canada. Those invited to the app will be able to use Sora 2 on the Sora website.

Amanda Silberling:

People on Sora who generate videos of Altman are especially getting a kick out of how blatantly OpenAI appears to be violating copyright laws. (Sora will reportedly require copyright holders to opt out of their content’s use — reversing the typical approach where creators must explicitly agree to such use — the legality of which is debatable.)

[…]

Aside from its algorithmic feed and profiles, Sora’s defining feature is that it is basically a deepfake generator — that’s how we got so many videos of Altman. In the app, you can create what OpenAI calls a “cameo” of yourself by uploading biometric data. When you first join the app, you’re immediately prompted to create your optional cameo through a quick process where you record yourself reading off some numbers, then turning your head from side to side.

Each Sora user can control who is allowed to generate videos using their cameo. You can adjust this setting between four options: “only me,” “people I approve,” “mutuals,” and “everyone.”

M.G. Siegler:

It’s been a long time since I’ve been this sucked into an app. Such was the situation I found myself in last night with OpenAI’s new version of Sora. Once I got access, I found it nearly impossible to put it down. I just kept wanting to remix everything I scrolled past. Yes, it was incredibly dumb. Yet highly amusing! And technically, very interesting, albeit in mildly troubling ways. But everyone else will write about that aspect, and rightfully so. My angle here is simply that OpenAI remains so good at creating these types of viral products. Underlying tech aside, that team continues to seem to know how to productize better than anyone else in the space.

Case in point: Meta launched a similar foray just days before in the form of “Vibes”. Now, did they rush it out the door to get ahead of this Sora 2 launch? Hard to say for sure, but it sure feels that way. The product, if you even want to call it that, is so half-baked and obtuse to use that it’s more like an employment quiz.

Dare Obasanjo:

Started using the Sora app and it’s like TikTok for AI generated videos.

I used to think it would take a year or two for AI videos to become as popular as influencer content on social media but I can see this app causing that to happen by the end of the year.

John Gruber:

Sora, though invitation-only at the moment, is currently #3 in the U.S. App Store.

[…]

Also, I’m sure Sora will eventually come to Android. But, to play with it now, you need an iPhone.

Previously:

Update (2025-10-06): Sam Altman:

First, we will give rightsholders more granular control over generation of characters, similar to the opt-in model for likeness but with additional controls.

[…]

Second, we are going to have to somehow make money for video generation. People are generating much more than we expected per user, and a lot of videos are being generated for very small audiences.

Nano Banana

Wikipedia:

Nano Banana (officially Gemini 2.5 Flash Image) is an artificial intelligence image generating and editing tool created by Google. “Nano Banana” was the codename used on LMArena while the model was undergoing pre-release testing, allowing the community to evaluate its performance on real-world prompts without knowing its identity. When the company publicly released it in August 2025, it was part of their Gemini line of AI products. The model became known for its editing skills and for starting a social media trend of styled “3D figurine” photos.

Google:

Imagine yourself in any world you can dream up. Our latest AI image generation update, Nano Banana, lets you turn a single photo into countless new creations. You can even upload multiple images to blend scenes or combine ideas. And with an improved understanding of your instructions, it's easier than ever to bring your ideas to life.

There are tons of apps called Nano Banana in the App Store, some of them with Google-style icons, but none seems to be an official Google app. Neither is the nanobanana.ai Web front-end from Google.

PicoTrex (via Hacker News):

We present Nano-consistent-150k — the first dataset constructed using Nano-Banana that exceeds 150k high-quality samples, uniquely designed to preserve consistent human identity across diverse and complex editing scenarios. A key feature is its remarkable identity consistency: for a single portrait, more than 35 distinct editing outputs are provided across diverse tasks and instructions. By anchoring on consistent human identities, the dataset enables the construction of interleaved data that seamlessly link multiple editing tasks, instructions, and modalities around the same individual.

Fstoppers (via Hacker News):

Google Just Made Photography Obsolete

Google (tweet):

Our state-of-the-art image generation and editing model which has captured the imagination of the world, Gemini 2.5 Flash Image 🍌, is now generally available, ready for production environments, and comes with new features like a wider range of aspect ratios in addition to being able to specify image-only output.

Gemini 2.5 Flash Image empowers users to seamlessly blend multiple images, maintain consistent characters for richer storytelling, perform targeted edits with natural language, and leverage Gemini’s extensive world knowledge for image generation and modification. The model is accessible through the Gemini API on Google AI Studio and on Vertex AI for enterprise use.

Previously:

Meta Ray-Ban Display

Meta (Hacker News):

The wait is over. Meta Ray-Ban Display hits shelves in the US today! Priced at $799 USD, which includes the Meta Neural Band, these breakthrough AI glasses let you interact with digital content while staying fully present in the physical world.

[…]

Today at Connect, Mark Zuckerberg debuted the next exciting evolution of AI glasses: the all-new Meta Ray-Ban Display and Meta Neural Band.

Meta Ray-Ban Display glasses are designed to help you look up and stay present. With a quick glance at the in-lens display, you can accomplish everyday tasks—like checking messages, previewing photos, and collaborating with visual Meta AI prompts — all without needing to pull out your phone. It’s technology that keeps you tuned in to the world around you, not distracted from it.

Juli Clover:

Meta placed the display off to the side to prevent it from obstructing the view through the glasses, and the display is also not designed to be on constantly. It is meant for short interactions.

The AI glasses are meant to be used with the Meta Neural Band, a wristband that interprets signals created by muscle activity to navigate the features of the glasses. With the band, you can control the glasses with subtle hand movements, similar to how Apple Vision Pro control works.

[…]

The AI glasses have a six hour battery life, but that can be extended to up to 30 hours with an included charging case. The Neural Band has an 18-hour battery life.

Juli Clover (Hacker News, Slashdot):

Apple has decided to stop work on a cheaper, lighter version of the $3,499 Vision Pro to instead focus its resources on smart glasses, reports Bloomberg. Apple wants to speed up development on a glasses product to better compete with Meta.

There were rumors that Apple was developing a a much lighter, more affordable “Vision Air” for launch in 2027, but Apple is now transitioning engineers from that project to its smart glasses project.

[…]

While work on a lighter version of the Vision Pro has been paused for now, Apple still plans to refresh the current model with an M5 chip later this year.

M.G. Siegler:

Anyway, admitting – again, even if implicitly – that the Vision Pro strategy to date has been a mistake is a good first step here. It’s too bad because they were starting to seesome success, making the device actually start to make some sense. But the hardware reality remains what it is. And what it is, remains far away.

[…]

With Meta now seemingly continuing to back off their VR strategy as well in favor of smart glasses, they’re sort of forcing Apple’s hand here. And Meta remains dangerous because they need this market to happen, whereas Apple does not.

Previously:

Wednesday, October 1, 2025

UK Again Wants iCloud Backdoor

Jess Weatherbed (Hacker News, Reddit, MacRumors, 9to5Mac):

The UK government is reportedly once again demanding that Apple provide it with backdoor access to encrypted iCloud user data, following claims that the effort had been abandoned in August. The Financial Times reports that a new technical capability notice (TCN) was issued by the UK Home Office in early September, this time specifically targeting access to British citizens’ iCloud backups.

[…]

While US officials raised concerns about the order during President Trump’s state visit to the UK last month, according to The Financial Times, the publication reports that two senior British government figures said the UK was no longer facing US pressure to drop its demands.

Matt Henderson:

Just returned from the UK, where a digital ID is about to be enforced on all adults. Soon, my Signal messages may be scanned. Financial policing co-opted to the institutions with KYC and draconian source-of-funds investigation.

Previously:

Update (2025-10-04): Nick Heer:

Reporters like Tripp Mickle, at the New York Times, and Annabelle Timsit and Joseph Menn, of the Washington Post, were too eager to claim the U.K. would wholly abandon its pursuit of customer data. Neither allowed for different interpretations of Gabbard’s tweet. Journalists like these have sources who could have offered clarity. It is unclear in either article whether they did reach out to their contacts; if they did, their stories were misleading even with — or perhaps because of — that information.

Apple:

Withdrawing Advanced Data Protection from the UK will not affect the 15 iCloud data categories that are end-to-end encrypted by default. Data like iCloud Keychain and Health remains protected with full end-to-end encryption.

Our communication services, like iMessage and FaceTime, remain end-to-end encrypted globally, including in the UK.

We’re back to the same situation as before, where Apple insists that iMessage is E2EE, which is technically true for the iMessage service. But unless you and everyone you message with opts out of iCloud Backup, Apple stores the encryption key and can access all of your message data.

For users in the UK who already enabled Advanced Data Protection, Apple will soon provide additional guidance. Apple cannot disable ADP automatically for these users. Instead, UK users will be given a period of time to disable the feature themselves to keep using their iCloud account.

So Apple is currently not complying in full, but it plans to.

0x0.boo:

󠀁󠁿It’s probably the TCN’s that are in place, that you don’t know about, that are the current biggest threat.

That’s not to take away anything from this new TCN, or make light of it, it’s a big deal.

But think about what’s likely already in place with other companies as you go about your business.

Previously:

Adobe Premiere for iOS and iPadOS

Adobe:

Adobe announced that the company is bringing its industry leading Adobe Premiere video editor to mobile in a powerful new iPhone app that empowers creators to make pro-quality video on the go. The Adobe Premiere mobile app makes it fast, free and intuitive for creators to edit their videos with precision editing on a lightning-fast multi-track timeline, produce studio-quality audio with crystal clear voiceovers and perfectly timed AI sound effects, generate unique content and access millions of free multimedia assets, and send work directly to Premiere desktop for fine tuning further on a larger screen. The new mobile app offers all the video editing essentials for free, with upgrades available for additional generative credits and storage.

This makes it sound like the upgrades are à la carte, but in the App Store listing there seems to just be a generic subscription available for different terms ($7.99/month or $69.99/year).

It’s unclear whether it has the same limitation as Final Cut Pro, where you can bring files from mobile to desktop but not back to mobile.

Hartley Charlton:

Adobe has also built in a speech enhancement tool that removes background noise to isolate voices, as well as automatic captioning with stylized subtitles. The app supports 4K HDR export and allows direct one-tap publishing to platforms such as TikTok, YouTube, and Instagram. Users can also generate sound effects and other creative assets using Adobe Firefly AI, the company's generative AI platform, which is fully integrated into the app.

[…]

The app is positioned as a replacement for Premiere Rush, the company's previous lightweight mobile editor. Existing Rush users will retain access only on devices where it is already installed until the service is fully discontinued on September 30, 2026.

Previously:

Electronic Arts Acquired by Private Equity

Juli Clover (2022):

Apple is one of several companies that have held talks with Electronic Arts (EA) about a potential purchase, according to a new report from Puck.

EA has spoken to several “potential suitors,” including Apple, Amazon, and Disney as it looks for a merger arrangement.

Nicholas G. Miller and Lauren Thomas (Hacker News, MacRumors):

Videogame maker Electronic Arts said it would go private in a $55 billion deal with a group of investors including Saudi Arabia’s Public Investment Fund, private-equity firm Silver Lake and Jared Kushner’s investment firm Affinity Partners.

[…]

Electronic Arts publishes The Sims, football game Madden NFL and FIFA, the soccer videogame now known as FC. It has been boosted by sales of its marquee sports games and is expected to release “Battlefield 6,” the latest edition of its popular shooting game.

Electronic Arts (Hacker News):

PIF, Silver Lake, and Affinity Partners bring deep sector experience, committed capital, and global portfolios with networks across gaming, entertainment, and sports that offer unique possibilities for EA to blend physical and digital experiences, enhance fan engagement, and create new growth opportunities. The transaction represents the largest all-cash sponsor take-private investment in history, with the Consortium partnering closely with EA to enable the Company to move faster and unlock new opportunities on a global stage.

Previously:

Kindle Scribe 2025

Andrew Liszewski (Hacker News):

Amazon announced new versions of the Kindle Scribe today, including the Kindle Scribe Colorsoft, which features a larger version of the customized E Ink screen technology that Amazon uses in its color e-reader. The new Scribes feature a major redesign that does away with the asymmetrical chin on one side, making the devices look sleeker and more like a tablet.

The new Scribes feature larger 11-inch, glare-free E Ink screens — up from 10.2 inches previously — but Amazon has managed to make the new versions lighter than the first two. They now weigh just 400 grams compared to 433 grams for last year’s version, and at 5.4mm thick, they’re thinner than the iPhone Air.

[…]

A new quad-core processor and additional memory improve the performance of the new Kindle Scribes, which now offer a writing experience and page turns that feel 40 percent faster than previous versions.

[…]

All three of the new Kindle Scribes come with steeper price tags. Last year’s Kindle Scribe started at $399.99, but the cheapest of the new additions is the Scribe without a front light, which will start at $429.99 when available early next year. If you plan to write or read at night, then you’ll want the standard Kindle Scribe, which starts at $499.99, and if you want a splash of color, the Kindle Scribe Colorsoft starts at $629.99, with both arriving later this year.

Aisha Malik:

The devices feature a new Home experience that lets users jot something down, and open recently opened and added books, documents, and notebooks. Amazon anticipates both devices being used for handwritten notes, and the devices include significant product integrations to enhance that experience. One feature will let users search their notes across their notebooks and get simple AI summaries. Next year, users will be able to send their notes and documents to Alexa+ and have a more involved conversation about them.

[…]

The devices will also feature new AI reading features. A new “Story so Far” feature will let users catch up on the book they’re currently reading up until where they have read. An “Ask this Book” feature will let users highlight any passage of text while reading a book and get spoiler-free answers to questions about things like a character’s motive or the significance of a scene.

These features will be available on books users have purchased or borrowed on the Kindle iOS app later this year and on Kindle devices early next year.

Previously:

Copyright © 2000–2025 Michael Tsai.