Tuesday, December 10, 2024

Suspicious Package Keeps on Tickin’

Brett Terpstra:

Suspicious Package has been around for as long as I can remember. It’s been steadily updated over the years, and runs perfectly on the latest macOS (Sequoia). It makes inscrutable Package Installers scrutable.

[…]

This tool will give you a Quick Look extension, so you can just select a .pkg file and hit Space to see what the Package Installer will do — how many files it will install, how many scripts it will run, etc.

[…]

Suspicious Package is free. It’s developed by Randy Saldinger (Mother’s Ruin Software), who doesn’t even accept donations. He says his apps are labors of love, created just because he wanted them to exist. If you want to know what’s going on with your .pkg files (even those you trust), it’s a killer app.

Previously:

Apple’s Use of Swift and SwiftUI in iOS 18

Alexandre Colucci (Mastodon, Hacker News):

iOS 18 contains 6800 binaries, up from 6030 in iOS 17. That’s 770 new binaries.

[…]

Unsurprisingly, the number of apps adopting SwiftUI continues to grow this year. Notable mentions include:

  • The new Passwords app
  • The Siri.app which now uses SwiftUI
  • The Calculator app, which received a notable overhaul
  • The new Journal app introduced in iOS 17.2

[…]

iOS 18 now contains 592 binaries using SwiftUI and the number of binaries containing at least one line of Swift code increased by 50% between iOS 17 and iOS 18[…]

In iOS 16, only 4 apps used the SwiftUI-based app lifecycle, and this number grew to 14 in iOS 17. In iOS 18, 19 apps are now using the SwiftUI-based app lifecycle[…]

Adrian Schönig:

Migrating an app from the SwiftUI life cycle to AppKit makes me appreciate many of the niceties in SwiftUI. So much more boilerplate code in AppKit. But it’s great to be 100% in control of my windows and the menu bar.

Previously:

Skype Credit Is No Longer Available

Skype (via Hacker News):

Skype Credit is no longer available. For new purchases, check out the monthly subscriptions or make a free Skype call to anyone anytime.

This a shame, as I liked to keep Skype around as a backup way to make calls and for devices that don’t have cellular plans. I was happy to pre-pay and let them take a little of the balance now and then as I had to tickle the account to keep it active. But I’m not going to pay a monthly subscription just to have it immediately ready to make a call.

Storing Times for Human Events

Simon Willison:

What’s wrong with calculating the exact UTC time the event is starting and storing only that?

[…]

It’s surprisingly common for countries to make decisions about DST with very little notice. Turkey and Russia and Chile and Morocco are four more examples of countries that can often cause short-term chaos for software developers in this way.

[…]

My strong recommendation here is that the most important thing to record is the original user’s intent. If they said the event is happening at 6pm, store that! Make sure that when they go to edit their event later they see the same editable time that they entered when they first created it.

In addition to that, try to get the most accurate possible indication of the timezone in which that event is occurring.

Previously:

Monday, December 9, 2024

Selling Outside of the Mac App Store

Matthias Gansrigler:

But once the Mac App Store hit, I transitioned all my apps to it pretty much right away. It’s just so convenient: no license creation, no license verification (apart from receipt validation, but that has become more convenient recently), easy updating, no handling of payments, invoices, refunds, and the potential of getting featured to lots and lots of users.

[…]

Besides all that, it was high time I set up a way to also sell my apps outside of the Mac App Store. Without a licensing system for my apps, I’ve been unable to participate in software-bundles and/or collections. Lots of companies and corporations cannot purchase apps from the Mac App Store due to policies. Individuals who want to purchase my apps for work are unable to do so because of those same policies. I also am unable to give individual discounts to customers when need be. And while I am a strong proponent of the Mac App Store, I also believe in giving people a choice.

[…]

A “Merchant of Record” is a company that handles payments, invoicing, refunds, taxes, etc for indie software developers and other businesses.

There are actually quite a few to choose from: FastSpring, PayPal, Paddle, Stripe, and Gumroad, just to name a few.

He went with Paddle.

Previously:

NetNewsWire 6.1.6

Brent Simmons (release notes):

The theme of this release is using less bandwidth (and, as a consequence, less battery). It fixes a conditional GET issue and it now pays attention to Cache-Control response headers and 429 response codes.

It also fixes an AppleScript bug I reported.

Previously:

FTC and CFPB Reining in Data Brokers

FTC (tweet):

The Federal Trade Commission will prohibit data broker Mobilewalla, Inc. from selling sensitive location data, including data that reveals the identity of an individual’s private home, to settle allegations the data broker sold such information without taking reasonable steps to verify consumers’ consent.

Under the FTC’s proposed settlement order, Mobilewalla will also be banned from collecting consumer data from online advertising auctions for purposes other than participating in those auctions, marking the first time the agency has alleged such a practice was an unfair act or practice.

CFPB:

The Consumer Financial Protection Bureau (CFPB) today proposed a rule to rein in data brokers that sell Americans’ sensitive personal and financial information. The proposed rule would limit the sale of personal identifiers like Social Security Numbers and phone numbers collected by certain companies and make sure that people’s financial data such as income is only shared for legitimate purposes, like facilitating a mortgage approval, and not sold to scammers targeting those in financial distress. The proposal would make clear that when data brokers sell certain sensitive consumer information they are “consumer reporting agencies” under the Fair Credit Reporting Act (FCRA), requiring them to comply with accuracy requirements, provide consumers access to their information, and maintain safeguards against misuse.

Karl Bode:

This time the FTC is taking aim at Gravy Analytics and its subsidiary Venntel, which the FTC announcement and complaint says violated the FTC Act by illegally selling sensitive consumer location data without obtaining verifiable user consent for commercial and government uses.

Nick Heer:

As usual, I am conflicted about these policies. While they are yet another example of Lina Khan’s FTC and other government bureaucrats cracking down on individually threatening data brokers, it would be far better for everyone if this were not handled on a case-by-case basis. These brokers have already caused a wealth of damage around the world, and only they are being required to stop. Other players in the rest of the data broker industry will either self-govern or hope they do not fall into the FTC’s crosshairs, and if you believe the former is more likely, you have far greater faith in already-shady businesses than I do.

Previously:

Tim Cook Interview About AI and AVP

Steven Levy (MacRumors):

We are here to discuss Cook’s big move in this high-stakes environment: the impending release of Apple Intelligence, the company’s first significant offering in the white-hot field of generative AI. Some consider it belated. All year, Apple’s competitors have been gaining buzz, dazzling investors, and dominating the news cycle with their chatbots, while the world’s most valuable company (as I write) was showing off an expensive, bulky augmented-reality headset. Apple has to get AI right.

[…]

[Apple Vision Pro is] an early adopter product, for people who want tomorrow’s technology today. Those people are buying it, and the ecosystem is flourishing. The ultimate test for us is the ecosystem. I don’t know if you’re using it very much, but I’m on there all the time. I see new apps all the time.

[…]

It’s clear to me that if you zoom out way into the future, and you look back and ask what Apple’s biggest contribution was, it will be in the health area. That’s what I really believe.

On the one hand, who could be against health? But I find it a bit disturbing that Cook focuses on an area where Apple is providing top-down, closed solutions, albeit seemingly good ones. It’s kind of the same deal with some of the newer services and Apple Intelligence stuff. Press a button to auto-generate a “personalized” Memories movie. Read the curated news in a siloed app. Ask HomePod to play songs from Apple Music but not your own library.

HyperCard this is not. The Apple I like is focused on making tools to empower users and making open platforms to empower developers (who in turn help empower users). I think of iLife, built-in scripting languages, RSS in Mail, and bundled developer tools that didn’t need a membership and permission to call certain APIs.

Apple invented the personal computer and the modern smartphone. Its platforms and their ecosystem are a multiplier for the work of hundreds of millions of people. If Cook meant health in that scientists are using Apple platforms to help cure diseases, that would be one thing, but he’s talking about stuff like using Apple Watch to tell you that you aren’t sleeping well and using AirPods to diagnose your own hearing loss. These are important but small ball. I guess the implication is that there’s much bigger stuff in the pipeline that will overshadow Apple’s pre-Cook accomplishments. I’ll believe it when I see it.

[Apple Park has] promoted collaboration even more than I thought. That was a key component of the design, but there are so many places here where you just unexpectedly run into people. In the cafeteria, at the coffee bar, outside when you’re going across the pathway.

Previously:

Friday, December 6, 2024

Key Repeat in Sequoia

Brett Terpstra:

But one thing I found frustrating was that setting key repeat delay and key repeat speed in System Settings was having no effect. Keys that had diacritics still just popped up the special character popover, and keys without didn’t do anything at all when held.

[…]

Run the following in Terminal:

defaults write -g ApplePressAndHoldEnabled -bool false

Then reboot your machine (simply logging out might do it). Now the key repeat settings in System Settings will actually have an effect.

Microsoft Discontinues Surface Studio 2+

Hartley Charlton:

Microsoft has discontinued its Surface Studio 2+, marking the end of the company’s only direct competitor to Apple’s iMac, leaving a gap in the Windows ecosystem for high-end all-in-one PCs.

[…]

First introduced in 2016, the Surface Studio formed an attempt to challenge Apple’s hold on the creative professional market. Its standout feature was a 28-inch 4.5K PixelSense touchscreen mounted on a unique hinge that allowed the display to tilt into a flat, drafting-table position. Paired with accessories like the Surface Dial and Surface Pen, the Studio was designed to attract graphic designers, illustrators, and video editors. Despite its innovative design, the Surface Studio struggled to gain significant traction due to its steep price point, which started at $2,999 for the original model, and its reliance on hardware components that were frequently a generation behind current industry standards.

It was an iMac competitor in that it was all-in-one, but given the price and marketing focus it seems like more of a professional-level product like the Mac Studio. Apple has since discontinued its own large-screen all-in-one and refocused the iMac line toward the lower-end, e.g. 24-inch displays and less connectivity and RAM.

Stephen Hackett:

For years, Apple fans have looked at the Surface Studio longingly, wondering what a version of a tilting Mac desktop could look like.

I guess if Apple makes something like this it will be an iPad.

Previously:

Update (2024-12-09): Sebastiaan de With:

RIP to the Surface Studio. I owned the first version and loved it, but Windows was a terrible OS for it. Incredible hardware.

Sören:

The Surface Studio, though, only ever used H-series CPUs; the 27-inch iMac and iMac Pro were much beefier. The difference is even more stark with RAM — 32 GiB ceiling on the Studio even in the 2022 model, whereas the iMac went up to 128, or even 512 for the Pro.

[…]

The other uphill battle, though, was software. The Studio came out at peak “UWP will be the new way to write apps, and they’ll run on desktop, tablet, phone, Xbox, HoloLens”, and that ecosystem simply didn’t materialize.

UK App Store Commission Lawsuit

Tim Hardwick:

Led by competition policy professor Sean Ennis, the suit alleges Apple’s 15-30% commission on App Store sales creates an anti-competitive tax on the UK technology industry. The lawsuit seeks £785 million ($995 million) in damages on behalf of UK app developers. The case could potentially benefit up to 13,000 developers who have sold apps or in-app subscriptions to iOS users since July 2017.

[…]

This latest legal challenge expands on a previous suit filed last year, which initially represented around 1,500 UK developers.

Previously:

RCS in iOS 18

Juli Clover:

This guide explains everything that you need to know about RCS, including how it works, how to use it on Apple devices, why you might not see it, why Apple decided to adopt it now, and the benefits that you can expect from RCS now that support for the feature is live.

[…]

Google’s implementation of RCS for Google Messages supports end-to-end encryption on Android devices, but it is worth noting that Apple is adopting the RCS Universal Profile created by the GSM Association and not a version of RCS modified by Google. RCS messages from iPhone to Android users are NOT encrypted at the current time.

iPhone-to-iPhone RCS messages don’t seem to be end-to-end encrypted, either. Unlike SMS, they do at least use TLS.

Charles Martin:

Videos, GIFs, and photos sent in messages between the two platforms now retain their original quality level, for example.

iPhone users also now see when an Android user you’re in a chat with is typing, prior to their finished message appearing, and they will see the same when you’re typing. Read receipts and delivery notifications between platforms now work as they have done when chatting with iPhone users.

It’s also now seamless for both iPhone and Android users to add and manage participants in a group chat originated on either platform. Scheduling messages to Android device users the way you can to Apple users is still not possible — but Apple claims that is a problem with RCS.

[…]

The ability to send a message to an Android user when using in-flight Wi-Fi or when the Wi-Fi connection is less than rock-solid doesn’t work properly.

Dan Moren:

Satellite texts work for iMessage and SMS—but not RCS, as Apple says that the packet sizes are too large.

Juli Clover:

RCS is also supposed to support emoji reactions from Android users, but it wasn’t working properly when iOS 18 launched. It’s not clear what changed, but The Verge says that something that Google or Apple tweaked made it work as of this week.

Tim Hardwick:

Apple introduced RCS support with iOS 18. However, full functionality will depend on carrier support. The good news is that major U.S. carriers like Verizon, T-Mobile, and AT&T already support RCS. Apple also has a list of carriers that support RCS on its website.

  1. Open Settings on your iPhone and select Apps at the bottom of the menu.
  2. Tap Messages.
  3. Under “Text Messaging,” select RCS Messaging.
  4. Toggle RCS Messaging to the green ON position if it isn’t already enabled.

Henry (via Hacker News):

I can’t help but feel RCS is almost indistinguishable from an OTT service at this point, controlled almost end-to-end by Google, who is driving the specification evolution, and both the only relevant server implementation and Android client.

[…]

On the iOS side, things are a bit more complex. Right now the RCS client is compatible with Universal Profile version 2.4, which is 5 years old.

[…]

On a more annoying note, RCS is still pretty far from being enabled worldwide. Like with other IMS configuration, the feature needs to be set up in iOS carrier bundles.

Due to unclear reasons, this is still not the case in many countries. Even in the US, some MVNO subscribers can’t use RCS yet.

It isn’t the first time Apple selectively delays standard IMS features. It’s a bit hard to believe carriers are at fault here, especially the ones that have been running their own Jibe deployment for years and have publicly communicated about the upcoming iOS support.

Stephen Schenck (via Hacker News):

Last year, Google announced its support for Messaging Layer Security (MLS), a new standard that promises to keep end-to-end encrypted (E2EE) messages secure across apps and platforms, in one-on-one and group chats alike. We’re finally starting to see the fruits of that effort, as references to MLS appear in the Google Messages app.

Developed by the Internet Engineering Task Force (IETF), the big problem MLS attempts to solve is E2EE group messaging. Google has already extended rich-communications services (RCS) to support E2EE for groups, and while it remains to be seen exactly how MLS will be integrated into Messages, we can hope to see it leading to more robust, secure communication across not just platforms, but supporting all your favorite apps.

Tim Hardwick:

The GSM Association (GSMA), the organization responsible for developing the Rich Communication Services (RCS) standard, announced on Tuesday that it is working to implement end-to-end encryption (E2EE) for messages sent between Android and iPhone devices, though no specific timeline for the implementation has been provided.

The news comes on the heels of Apple’s recent adoption of RCS with the launch of iOS 18, which replaced SMS with RCS messaging for texts sent to Android users. While the update brings improvements such as high-resolution media sharing, read receipts, and typing indicators, it notably lacks end-to-end encryption.

[…]

Currently, not all RCS providers offer E2EE. Google Messages, which enabled E2EE by default for RCS conversations last year, is one of the exceptions.

Nick Heer:

RCS rolled out in a relatively early beta release for my iPhone — perhaps in July — and I have appreciated both typing indicators and read receipts when chatting with friends who do not have iPhones.

[…]

However, I have at least two questions. The first: how will users be able to tell the difference between a private RCS discussion and one which is not end-to-end encrypted? Apple has several visual indicator options. For example, a message thread could have a persistent padlock or bubbles could use a different colour. Both add a layer of visual complexity which could raise questions or add confusion.

Perhaps a simpler choice would be better. The placeholder text in the compose box, for example, now says “Text Message • SMS” or “Text Message • RCS” depending on which protocol is being used. Surely it could also say something like “Encrypted • RCS” and, if Apple wanted to, it could make iMessage threads match with an “Encrypted • iMessage” placeholder.

An obvious answer would be to make encrypted RCS blue, like iMessage, since it’s far more similar to iMessage than to SMS, but no one seems to expect Apple to do that.

Louie Mantia:

There’s a huge disconnect when you meet anyone that doesn’t have or use the same communication app you do. When your only option to reach someone is through an app you rarely use, you’ll rarely reach out.

SMS exists on all cell phones. It’s not just a built-in app, it’s a built-in service through your telecom provider. It’s default functionality on a network level.

Eric Schwarz:

SMS is outdated, insecure, and sucks, but it works on everything. If you swore off Facebook Meta like I did? Anyone who lives on WhatsApp, Instagram, and Facebook Messenger are off-limits. Asking someone to sign up for a specific service because you’re the one person they know who uses it? Not gonna happen.

Previously:

Thursday, December 5, 2024

MIST (macOS Installer Super Tool)

Ric Ford:

MISTmacOS Installer Super Tool – is a remarkable Mac app from Nindi Gill that greatly simplifies the processes of downloading macOS and firmware versions that Apple itself complicates and makes difficult (especially with older releases).

See also: SUS Inspector.

Previously:

Update (2024-12-06): ednl:

There is also still the Python download script “installinstallmacos.py”.

And I saw this page that catalogues a bunch of options, including that script and MIST.

US Officials Recommend Encrypted Messaging Apps

Kevin Collier:

The hacking campaign, nicknamed Salt Typhoon by Microsoft, is one of the largest intelligence compromises in U.S. history, and it has not yet been fully remediated. Officials on a news call Tuesday refused to set a timetable for declaring the country’s telecommunications systems free of interlopers.

[…]

In the call Tuesday, two officials — a senior FBI official who asked not to be named and Jeff Greene, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency — both recommended using encrypted messaging apps to Americans who want to minimize the chances of China’s intercepting their communications.

Via John Gruber:

It seems kind of new for the FBI to call encryption “our friend”, but now that I think about it, their beef over the years has primarily been about gaining access to locked devices, not eavesdropping on communication protocols. Their advocacy stance on device encryption has not changed — they still want a “back door for good guys” there. Their thinking, I think, is that E2EE communications are a good thing because they protect against remote eavesdropping from foreign adversaries — exactly like this campaign waged by China. The FBI doesn’t need to intercept communications over the wire. When the FBI wants to see someone’s communications, they get a warrant to seize their devices. That’s why the FBI wants device back doors, but are now encouraging the use of protocols that are truly E2EE. But that’s not to say that law enforcement agencies worldwide don’t still fantasize about mandatory “back doors for good guys”.

Pieter Arntz:

Sophisticated state-sponsored campaigns from China are constantly targeting network appliances and devices. Among the culprits are four major APT groups: Volt Typhoon, Salt Typhoon, Flax Typhoon, and Velvet Ant. Volt Typhoon made headlines earlier this year when the FBI removed their malware from hundreds of routers across the US.

The infrastructure that the US government relies to communicate on is made up of the same private sector systems that everybody else uses. By abusing their components that make up part of the infrastructure, the Chinese are said to have been able to eavesdrop on political and industrial leaders in multiple countries.

John Gruber:

While writing the previous item regarding the FBI encouraging the use of E2EE text and call protocols, I wound up at the Play Store page for Google Messages. It’s shamefully misleading regarding Google Messages’s support for end-to-end encryption. As I wrote in the previous post, Google Messages does support E2EE, but only over RCS and only if all participants in the chat are using a recent version of Google Messages. But the second screenshot in the Play Store listing flatly declares “Conversations are end-to-end encrypted”, full stop. That is some serious bullshit.

I don’t see what the big deal is when the third sentence of the description says: “End-to-end encryption is on by default when you message other Google Messages users who have RCS enabled.”

Apple marketed iMessage as end-to-end encrypted for years, even though it really wasn’t if you had iCloud backup enabled. And it still isn’t, by default—you have to opt into Advanced Data Protection. Neither the App Store nor the Messages & Privacy page mentions this.

Tim Cushing (Hacker News):

The Government executed a search warrant at Defendant’s residence and seized fifty-two devices, including an iPhone and an iPad. Law enforcement identified contraband on several devices, but could not examine the iPad, which was passcode-protected, or the iPhone, which would not power on.

The Government retained the iPad and iPhone for over a year. Eventually, with the assistance of a digital forensics expert who had not previously been involved in the investigation, the Government was able to repair the iPhone and power it on. The Government then applied for, and received, a new search warrant. Pursuant to this authority, agents searched the iPhone and—thanks to intervening developments in digital forensics tools—the iPad.

The most logical assumption would be that a non-working device would be of limited evidentiary value. But the DHS (whose Homeland Security Investigations unit took point in this case) apparently felt otherwise.

What’s almost hidden here is that reviving the phone led to the government being able to crack it, despite the presence of a passcode. And, in case you’re still wondering about the value of walled gardens, cracking the iPhone immediately led to cracking the iPad, which suggests if the government has one Apple device owned by a suspect it can get into, it can probably get into the rest of their Apple devices.

[…]

This is another government party extensively modifying seized property to make it more receptive to phone-cracking efforts. One would think a court would need to be apprised of this opportunity before it became a reality, if for no other reason than the original warrant only authorized a search, not the literal cracking of a cell phone (or its casing, at least) to replace a circuit board and install new firmware.

This was apparently an iPhone 6, however.

Previously:

Swift Proposal: Precise Control Flags Over Compiler Warnings

SE-0443:

This proposal suggests adding new options that will allow the behavior of warnings to be controlled based on their diagnostic group.

  • -Werror <group> - upgrades warnings in the specified group to errors
  • -Wwarning <group> - indicates that warnings in the specified group should remain warnings, even if they were previously suppressed or upgraded to errors

[…]

Thus, for example, you can use the combination -warnings-as-errors -Wwarning deprecated, which will upgrade all warnings to errors except for those in the deprecated group. However, if these flags are specified in the reverse order(-Wwarning deprecated -warnings-as-errors) it will be interpreted as upgrading all warnings to errors, as the -warnings-as-errors flag is the last one.

[…]

We are also introducing a new compiler flag, -print-diagnostic-groups, to display the names of diagnostic groups along with the textual representation of the warnings.

I’ve linked to this before, but I wanted to give it a full post because I think it’s important. I’d still like to see even more control over warnings, e.g. a way to suppress a particular warning or deprecation only within a certain region of code, as was possible with Clang.

Previously:

Microsoft Still Unhappy With iOS Cloud Gaming Rules

Ryan Christoffel:

Back in January, when Apple first shared its new App Store guidelines that allowed cloud streaming apps, it was expected that these would pave the way for services like Xbox Cloud Gaming to debut.

Over half a year later, there’s been no news on Microsoft’s front about an upcoming release.

A new report by Tom Warren at The Verge helps explain why. It points to a late July submission Microsoft made to the UK’s Competition and Markets Authority (CMA).

As the public but redacted submission outlines, Microsoft believes that, despite January’s changes, Apple still makes it impossible for cloud gaming services to exist on the App Store.

Juli Clover:

Microsoft’s chief complaint is that the App Store rules require subscriptions and features to be made available on iOS devices with in-app purchase, which is “not feasible.” A consumption-only situation where content is purchased on another platform and played on iOS is not allowed for cloud gaming apps.

Apple’s 30 percent commission fee “makes it impossible” for Microsoft to monetize its cloud gaming service, and it is neither “economically sustainable nor justifiable.”

Microsoft also complains about Apple’s lack of support for alternative app stores and the limitations of web apps, such as an inability to access device hardware features.

Damien Petrilli:

I obviously agree with this.

However coming from Microsoft who charges 30% for all games on Xbox without any alternative allowed. And charging a monthly fee just to access your own internet just undermine their arguments.

[…]

However, like for the printers-cartridges business model, the only way to make [selling hardware at a loss] work is to forbid competition which is illegal.

Previously:

Wednesday, December 4, 2024

Google Page Annotation Links

Barry Schwartz:

When you are browsing a web page in the Google App native browser, Google can “extract interesting entities from the webpage and highlight them in line.” When you click on them, Google takes you to more search results.

I don’t think this is a new feature, I mean, I’ve heard of this before from Google. I just can’t find my write up on it. Maybe it was only Android before and it was named something else. That being said, this will lead to people going to your site, then Google injecting links on your site that will lead your website visits to Google Search.

[…]

Hate it? Well, Google added a new opt out form - the only issue, it can take up to 30 days for the opt out form to work.

This is for individual Web sites to opt out. I guess there’s no way for users to opt out for all the sites they visit.

Via Nick Heer:

The results from a tapped Page Annotation are loaded in a floating temporary sheet, so it is not like users are fully whisked away — but that is almost worse. In the illustration from Google, a person is apparently viewing a list of Japanese castles, into which Google has inserted a link on “Osaka Castle”. Tapping on an injected link will show Google’s standard search results, which are front-loaded with details about how to contact the castle, buy tickets, and see a map. All of those things would be done better in a view that cannot be accidentally swiped away.

Maybe, you are thinking, it would be helpful to easily trigger a search from some selected text, and that is fair. But the Google app already displays a toolbar with a search button when you highlight any text in this app.

This is not cool, though I have to say that I don’t recall ever hearing about anyone using the Google app instead of just Safari or a third-party browser. But now I see that it’s #1 in the App Store in the Utilities category (beating Chrome at #2). Are people really using it now? Because of Gemini?

Previously:

ReadKit 3.3

Balazs Varkonyi:

Added Smart Folder Actions, enabling matching items in a smart folder to be marked as read or starred and to be used for advanced content filtering.

Enhanced folder/tag selection in relevant management interfaces with powerful search capabilities. Filter folders/tags using a search field for quicker navigation, select matching items directly by pressing Return, and use ⌘ + Return on hardware keyboards to autocomplete partial matches or select the single match automatically.

[…]

Added an image viewer on macOS.

Previously:

CoreData Studio 1.5

Momentarium:

  • Easy Data Inspection: Quickly browse and inspect your CoreData data models with our intuitive interface.
  • Customizable Layout: Tailor the layout to your needs, with adjustable column widths, row heights, and more.
  • Relationship Visualization: Visualize complex relationships between entities with our interactive graph view.
  • Support for Multiple CoreData Versions: Compatible with CoreData versions from iOS 10 to the latest releases.
  • Powerful Search: Instantly find any record by searching its content, so you can quickly locate the data you need.
  • DB Live Editing: Ability to save update and changes
  • Data Track Changes. Track and trace changes in your SQLite database.

This sounds cool, and it’s only $4.99, but I wasn’t able to get it to work for me. It seems to need an uncompiled model file, which I don’t have for any of the third-party apps whose data I want to inspect or for my own apps (since they build the models in code). SwiftData apps would have the same problem.

Previously:

UK CMA vs. Apple’s Browser Rules

Tim Hardwick:

In its report, the CMA’s independent inquiry group determined that Apple’s Safari browser policies prevent competing browsers from implementing certain features, such as faster webpage loading technologies. The investigation also revealed that many UK app developers would prefer to offer progressive web apps as an alternative to App Store distribution, but Apple’s current iOS limitations make this impractical.

Adding to competitive concerns, the regulator highlighted a revenue-sharing agreement between Apple and Google that “significantly reduces their financial incentives to compete” in the mobile browser space on iOS. The CMA also found that both companies can manipulate how users are presented with browser choices, making their own offerings appear as the clearest or easiest options.

[…]

In its summary of provisional decision, the regulator is recommending that these findings be addressed through the UK’s upcoming Digital Markets, Competition and Consumers Act, which takes effect in January 2025. This legislation will give the CMA new powers to designate firms as having “Strategic Market Status” and impose appropriate interventions to promote competition.

Previously:

Tuesday, December 3, 2024

PPSSPP Emulator Stuck in App Review

PPSSPP:

PPSSPP is an open source PSP emulator, that lets you run your own PlayStation Portable games on your various devices. PPSSPP is officially available on Android through Google Play, PC, Mac, and recently iOS through the App Store. There is also a Linux flatpak build. The project is ongoing for more than 11 years now, and has been downloaded over 100M times. It has millions of active users on Android.

[…]

For some time now, I have simply not been able to update the paid iOS version on Apple’s App Store. The free version flies through review in a few hours, while the near-identical paid version is just stuck.

[…]

Below is an authentic conversation with App Store Review.

[…]

I tried appealing the previous conversation to the App Store review board, with no result.

It’s just so frustrating. I want to get a bugfix update out, and I can’t.

App Review is continually complaining about things that either aren’t true or that were allowed for other apps, including from the same developer.

Via Craig Grannell, who terms the situation “kafkaesque” (Mastodon):

Apple never wanted emulators on the App Store. I imagine it felt strong-armed into allowing them, due to EU regulators getting antsy, or as a means to attempt to derail third-party app AltStore, which an awful lot of people primarily cared about due to Nintendo emulator Delta. Even with that, Apple first authorised a terrible rip-off over Delta, and everything since has been at best a crapshoot.

[…]

These aren’t the only issues emulator authors have faced. Last I checked, MAME4iOS was in limbo. Several other emulator authors have given up. Meanwhile, Apple merrily approves emulators that barely work and are exploitative crap. A cynic might wonder whether this is intent, to showcase the worst of emulation and put people off.

Craig Grannell:

Increasingly feels like they were only allowed to blunt AltStore and Delta. Now that’s over with, several emulator authors are having trouble with approvals or updates.

Francisco Tolmasky:

Imagine you’re the most valuable company on Earth. Billions of dollars of cash on hand. Best engineers in the world. You could legitimately leave an impact on anything you work on. And one of the primary things you choose to focus on is stubbornly policing fucking game emulators. Like forget about whether it’s good or bad, it is just so unbelievably small minded. An Apple running on all 8 cylinders wouldn’t have time to give a shit about stuff like this.

Take a moment to wrap your head around the fact that Apple fought a multi-year court battle to try to prevent you from putting links in your app. I get that that may have significant revenue effects — but the point is that a company with Apple’s resources should have way more interesting and impactful ways of generating revenue. There is something deeply broken from a creativity perspective if “don’t let app devs talk to users” represents the state of the art in business strategy at Apple.

[…]

No one is even asking Apple to do anything. No one is asking Apple to make sure old apps run. There’s no maintenance burden being requested. Just don’t literally devote time to 1) stopping these projects and then 2) in an act of truly bizarre pettiness, approving a weird competing copycat emulator? Like honestly, would love to hear the reasoning on this move. Only shady ripoff emulators are allowed? This is all so clearly in bad faith that I can’t understand any defense of it.

Previously:

Losing “Podcast”

Dave Winer:

We’re losing the word “podcast” very quickly. It’s come to mean video interviews on YouTube mostly. Our only hope is upgrading the open platform in a way that stimulates the imagination of creators, and there’s no time to waste. If you make a podcast client, it’s time to start collaborating with competitors and people who create RSS-based podcasts to take advantage of the open platforms with no silo walls, otherwise having a podcast will mean getting distribution deals from Google, Apple, Spotify and Amazon. And they, as we know, are nuzzling up to the government leaders, who will want to impose severe limits.

Previously:

Update (2024-12-04): Ben Cohen:

But this year, YouTube passed the competition and became the most popular service for podcasts in the U.S., with 31% of weekly podcast listeners saying it’s now the platform they use the most, according to Edison Research.

Via Nick Heer:

Cohen omits key context for why YouTube is suddenly a key podcast platform: Google Podcasts was shut down this year with users and podcasters alike instructed to move to YouTube. According to Buzzsprout’s 2023 analytics, Google Podcasts was used by only 2.5% of global listeners. YouTube is not listed in their report, perhaps because it exists in its own bubble instead of being part of the broader RSS-feed-reading podcast client ecosystem.

But where Google was previously bifurcating its market share, it aligned its users behind a single client. And, it would seem, that audience responded favourably.

[…]

Of the top twenty podcasts according to Edison Research, fifteen have what I would deem meaningful and regular video components.

[…]

Also, YouTube channels have RSS feeds, though that is not very useful in an audio-only client like Overcast.

Previously:

Pat Gelsinger Out at Intel

CNBC (MacRumors, Hacker News):

Intel ousted CEO Pat Gelsinger over the weekend, capping a tumultuous nearly four-year tenure at what was America’s leading semiconductor company before its stock price and market share collapsed.

The company announced Gelsinger’s resignation Monday morning, which a person familiar with the matter said came after a contentious board meeting last week over Gelsinger’s perceived failure to respond to Nvidia’s competitive edge and a lack of confidence in Gelsinger’s turnaround plans.

[…]

Gelsinger set out an audacious plan when he arrived in 2021 to transform the languishing company into a chipmaking juggernaut. He sought to achieve parity with the two leading chipmakers, Samsung and Taiwan Semiconductor Manufacturing Co. He pursued big buildouts in the U.S. and around the world, a costly endeavor that weighed heavily on Intel’s free cash flow and increased the company’s debt load.

He also wooed government investment, positioning Intel as the single-largest beneficiary of the U.S. CHIPS and Science Act. Government money has begun to flow to Intel in recent weeks and will aid the company’s chip fabs in Arizona and Ohio.

Rui Carmo:

Pat Gelsinger’s abrupt exit from Intel raises more questions than it answers, especially given the timing right after securing CHIPS Act funding. It feels like a classic case of boardroom drama, where the lack of a smooth transition hints at deeper issues—-perhaps a clash of visions or a failure to deliver on ambitious projects.

Ben Thompson (Dithering):

It seems likely that the board has cold feet about the foundry business, and a split may be forthcoming.

John Carmack:

I’m concerned to see Pat Gelsinger ousted as Intel CEO. He wasn’t a firebrand visionary, and it wasn’t exactly going great, but he was deeply technical, and I don’t expect his replacement to equal him there. “Business harder” isn’t going to return Intel to greatness, only technical achievement will.

Previously:

Update (2024-12-04): Charlie Demerjian (Hacker News):

Our views that Gelsinger did turn the ship are unchanged. Intel had a cultural problem, not a technical one and the one thing Pat did was change the culture for the better. There are green shoots of this popping up here and there if you know where to look with more coming every day. As we described yesterday, the problem is that technical changes happen over a three year timescale, finance looks at one year or less.

[…]

Why was this mess allowed to not only fester but continue and grow? Because the internal incentive structure was so broken that it encouraged employees to lie for profit. Worse yet lies went unpunished. SemiAccurate has many emails, texts, and had conversations about meetings where this happened.

[…]

As SemiAccurate keeps saying, Intel had a cultural problem, not a technical one. The technical problems were a symptom of the underlying culture and could not be fixed without a cultural sea change. Pat did that, or at least did most of it, and it was working. Sure he made some serious missteps and at times cheesed off many folk in the financial world, but he did the right things to fix the company. And he was just fired for it. I don’t have words that can express my disdain for the Intel board that will pass muster in a family publication such as SemiAccurate.

Sean Hollister:

Gelsinger was a lifer who joined the company at age 18 and spent 30 years on the job, from 1979 to 2009, before returning to lead the company in 2021. Even some people who’ve left Intel as a result of Gelsinger’s layoffs tell me they believed he was the right person for the job. They believed in his strategy to regain silicon leadership, they liked that he was an engineer himself, and they liked that he was there to fix long-standing technology problems left (or ignored) by previous CEOs.

Remember the 486, Intel’s 1989 flagship CPU that was the first x86 chip with over a million transistors? Gelsinger was the lead architect. Later, he became Intel’s first CTO, helping push industry standard technologies like USB and Wi-Fi as well as Intel chip design.

[…]

Over a decade ago, Intel spent billions investing in Dutch multinational ASML, which is today the most important company in chips. It’s the only firm in the world that manufactures machines capable of pulverizing a ball of tin, using high-power lasers, such that it emits an extremely tight wavelength of ultraviolet light to efficiently carve circuits into silicon wafers, a process known as EUV.

Intel initially believed in the tech, even carving out a $4.1 billion stake in the company, then decided not to order the pricey machines. But Taiwan’s TSMC did — and went on to become the undisputed leader in silicon manufacturing[…]

[…]

His hunch: Intel’s board may want to split off its foundry business entirely, above and beyond the spinoff that Gelsinger already announced, turning Intel into a company that simply designs chips like its direct rivals.

Oxide Computer Company:

How did Intel get here? Some of the cultural problems may be deep in the DNA. Bryan and Adam have some ideas for what happens next, and who might be the next CEO.

They are anti-Gelsinger.

See also: John Gruber.

Update (2024-12-06): See also Gelsinger’s oral history with the Computer History Museum (parts 1 and 2) and the Acquired and Sharp Tech podcasts.

Update (2024-12-09): Alex Heath (via Hacker News):

I wanted to hear what [Rene] Haas thought should happen to his longtime frenemy. There were reports that he approached Intel about buying a big chunk of the company before Gelsinger was ousted. At the same time, Arm is also rumored to be eyeing an expansion into building its own chips and not just licensing its designs.

Haas and I touched on all that and more in an exclusive interview earlier today, which will air in full on a future episode of Decoder.

Doug O’Laughlin (via Hacker News):

Pat wanted to pursue the big, bold IFS bet, with 100s of thousands of wafers, when the reality is just getting 10s of thousands of wafers is a massive problem as is. Pat has a bit of an optimistic naivety that comes into play, and I am sure it was likely frustrating. But the reality is he’s the single best candidate for the company.

[…]

This begs the question—what the hell was the board doing? Today, I will talk about Pat Gelsinger, the Intel board, and an example of when boards and short-termism fail. Yes, maybe splitting up the company would result in a better result for shareholders, but it would be much worse for America.

I would liken firing Pat in the final hour of 18A to quitting the final round of chemotherapy in cancer treatment. Instead of seeing the long and painful process through, I think the board will let Intel die and be sold for parts. It’s the correct answer to maximize relatively short-term shareholder value, but it's a nearsighted move that the Intel board specializes in.

Bryan Cantrill (Mastodon, Hacker News):

The host CPU discussion ended up confirming our beliefs (befitting our writing-intensive culture at Oxide we wrote up our findings in RFD 12 Host CPU Evaluation), and the NIC discussion similarly was a dead end. The switching silicon discussion, however, was interesting: Tofino was TSMC-fabbed (the only Intel part at the time fabbed outside of Intel) and we found the programmable nature of it via P4 to be really compelling.

[…]

"Go PC" was an embodiment of the arrogance that I feared came from the top; how could anyone think that Intel’s biggest problem in 2021 was competing against…​ the Mac?!

[…]

Skepticism of Gelsinger’s plan for Intel aside, we at Oxide anxiously watched Tofino. At Intel, the team itself believed it was safe under Gelsinger, and things did indeed seem okay for a while. Fast-forward two years to 2023, and we got an urgent request for a call from the executive leading the Tofino effort. Fearing the worst, we were honestly somewhat relieved to learn that Tofino hadn’t been killed outright — but all future development of the part had been cancelled.

[…]

In the end, for all of the decisions that we made at Oxide — out of all of the companies and parts that we bet on, out of all the partners that we had sent RFD 68 Partnership as Shared Values to — only one had walked away from us, and it was the largest and best capitalized partner, who had repeatedly told us that they would not do exactly what they in fact did. How can Intel ever expected to be trusted when they treat partners this way?

See also: ksec and Ben Thompson.

Modern CSV 2.1

Adam Engst:

Because CSV is an interchange format, I usually import files into a spreadsheet, make any necessary changes, and then save, print, or export for whatever my next step is. I usually use Excel for processing because it can save an opened CSV without a separate export step, which Numbers requires. Google Sheets would also require exporting and would clutter my Google Drive with temporary documents that I need only briefly.

Please don’t interpret my usage of Excel as an endorsement, though. I have a fractious relationship with Excel, particularly when working with running times, which spreadsheets treat like times of day and often reformat in weird ways.

[…]

I ran across an intriguing app earlier this year that has become my go-to tool for working with CSV files: Modern CSV. When you launch it, it looks like a spreadsheet, displaying data in rows and columns, but it doesn’t require that you write formulas to manipulate data. Instead, it has an extensive set of data manipulation capabilities that you apply directly to the contents of a CSV file. In essence, Modern CSV uses CSV as its native format and lets you choose common data transformation, conversion, concatenation, and other actions from menus instead of pre-parsing files in a text editor or building formulas and juggling results columns in a spreadsheet app. With CSV as the native file format, you skip all that to work directly with tabular data.

If you need more than what Excel and BBEdit can do, this looks great.

Previously:

Monday, December 2, 2024

Microsoft-Trusted ICP-Brasil Certificate for google.com

Andrew Ayer (via Hacker News):

A Brazilian certificate authority trusted only by Microsoft has issued a presumably-unauthorized certificate for google.com.

This can used to intercept traffic to Google from Edge and other Windows applications (except Chrome and Firefox). Hug-ops to Google folks.

Microsoft are well aware of the extensive history of problems with this CA - I emailed them my concerns in 2021, and further issues were raised during a public CCADB discussion in 2022 - but they clearly don’t care.

Previously:

Microsoft at 50

Steven Levy:

[Nadella] tells a story from a few years ago, when a group of tech analysts came from China to take the measure of Silicon Valley. They attended all the key developer’s conferences: Apple’s WWDC, Google I/O, AWS Re:Invent, and of course, Microsoft’s own Build. “They said, ‘God, you know what? For anything that the United States has got, we’ve got equivalents in China. We’ve got ecommerce, search, hardware manufacturers, social networks of our own. But there’s this one company that we visited, Microsoft, that’s pretty different.’” As Nadella tells it, the delegation marveled at the company’s breadth, with everything from the PC operating system to Xbox: “It all comes together as this one systems platform.” And, he now implies, Microsoft’s breadth sets it up to seize the most propitious opportunity in the history of technology.

It was an odd choice of anecdote, considering that Microsoft’s history has been plagued by its eagerness to use its size as a cudgel—and that today it’s under investigation by the European Union and the US Federal Trade Commission for those same tendencies. Nadella skates past that and brings up his greatest triumph, AI. He tells the tens of thousands of Softies around the world that the new goal was to put Copilot—that’s Microsoft’s name for its AI—in the hands of people and organizations everywhere.

Nadella doesn’t say outright what everyone in the room knows: Just a decade ago, pundits had declared the company brain-dead.

[…]

“In a five-minute break, walking to the bathroom and back, we were able to completely change the company strategy around support for Linux and open source,” says Guthrie. When Nadella later told Ballmer, who was in his final days at the company, he simply informed him of the policy shift. Then, two months after Nadella became CEO, Guthrie suggested that they change the name “Windows Azure” to “Microsoft Azure.” It was done on the spot, sending a signal that Microsoft would no longer assess every move based on its impact on Windows.

Previously:

FTC Opens Microsoft Antitrust Investigation

Kyle Wiggers:

The FTC has launched an antitrust investigation into Microsoft, accordingtomultiplereports that corroborate earlier reporting by the Financial Times.

The agency is said to be looking into whether Microsoft violated antitrust law in multiple segments of its business, including its public cloud, AI, and cybersecurity product lines. Of particular interest to the FTC is the way Microsoft bundles its cloud products with its office and security tools, says The New York Times.

Via Dare Obasanjo:

Being “better together” has been Microsoft’s strategy in the enterprise forever and it’s escaped scrutiny mainly because consumer big tech companies like Amazon, Google & Meta took the regulatory spotlight.

Nick Heer:

Obviously, the FTC’s concerns with Microsoft’s business practices stretch well beyond bundling Teams. According to this Bloomberg report, the Commission is interested in cloud and identity tying, too. On the one hand, it is enormously useful to businesses to have a suite of products with a single point of management and shared credentials. On the other hand, it is a monolithic system that is a non-starter for potential competitors.

The government is understandably worried about the security and stability risks of global dependence on Microsoft, too, but this is odd:

The CrowdStrike crash that affected millions of devices operating on Microsoft Windows systems earlier this year was itself a testament to the widespread use of the company’s products and how it directly affects the global economy.

Previously:

Microsoft Donates the Mono Project to Wine

Mono (via Hacker News, Slashdot):

The Mono Project (mono/mono) (‘original mono’) has been an important part of the .NET ecosystem since it was launched in 2001. Microsoft became the steward of the Mono Project when it acquired Xamarin in 2016.

The last major release of the Mono Project was in July 2019, with minor patch releases since that time. The last patch release was February 2024.

We are happy to announce that the WineHQ organization will be taking over as the stewards of the Mono Project upstream at wine-mono / Mono · GitLab (winehq.org).

[…]

Microsoft maintains a modern fork of Mono runtime in the dotnet/runtime repo and has been progressively moving workloads to that fork. That work is now complete, and we recommend that active Mono users and maintainers of Mono-based app frameworks migrate to .NET which includes work from this fork.

Previously:

Wednesday, November 27, 2024

Amazon S3 Adds Put-If-Match (Compare-and-Swap)

AWS (via Hacker News):

Amazon S3 can now perform conditional writes that evaluate if an object is unmodified before updating it. This helps you coordinate simultaneous writes to the same object and prevents multiple concurrent writers from unintentionally overwriting the object without knowing the state of its content. You can use this capability by providing the ETag of an object using S3 PutObject or CompleteMultipartUpload API requests in both S3 general purpose and directory buckets.

This will probably enable some cool stuff.

Unlisted MindNode Classic

Markus Müller-Simhofer (via John Gordon):

Despite our best efforts, we encountered difficulties bringing our planned changes to MindNode. Providing seamless sync, live collaboration, and other new features was impossible when storing documents as files on disk. We revised our plans and started to develop a new app, “MindNode Next,” that now manages its documents directly in the app and synchronizes them using CloudKit.

[…]

With the release of MindNode Next, we will soon rename the current version of MindNode to “MindNode Classic.” This name change aims to better distinguish between the two versions of MindNode. We understand that MindNode Classic holds significant importance for many of our users, and we are committed to continue supporting it. Our team will continue to work on shipping enhancements and bug fixes for MindNode Classic.

[…]

Due to a request by Apple, we had to hide MindNode Classic on the App Store.

Markus Müller-Simhofer:

This is not great for our users who want to reinstall the app (they need to use the direct link or the purchased app dialog) and I’m sure we will get several bad reviews on the new app for this. However this is better than removing it from sale since we can continue to release updates for the app.

Ken Case:

This is what we’ve done with our older apps also. Definitely better than removing them from sale! Especially for business and educational customers who otherwise had no way to install their bulk purchases.

Previously:

Brazil Rules Against Apple’s Anti-Steering Rules

Reuters:

Brazilian antitrust regulator Cade said on Monday that Apple must lift restrictions on payment methods for in-app purchases, among other things, as the watchdog moved to proceed with an investigation into a complaint filed by Latin America e-commerce giant MercadoLibre.

[…]

MercadoLibre’s complaint, filed in 2022 in Brazil and Mexico, accused Apple of imposing a series of restrictions on the distribution of digital goods and in-app purchases, including banning apps from distributing third-party digital goods and services such as movies, music, video games, books and written content.

[…]

Cade ruled that Apple must allow app developers to add tools so customers can buy their services or products outside the app, such as through the use of hyperlinks to external websites.

Tim Hardwick:

Apple has 20 days to comply or face daily fines of $43,000.

[…]

The Brazilian case mirrors similar antitrust concerns raised in the EU. In March 2024, the European Commission fined Apple €1.8 billion ($1.95 billion) for restricting music streaming apps from informing users about cheaper subscription options outside the App Store.

Nick Heer:

It would look very silly to me if Apple continues to deal with these consistent findings in country after country after country after country in individualized ways instead of updating its rules globally. Very silly, indeed.

Previously:

Update (2024-12-06): Tim Hardwick:

A Brazilian federal court has overturned an antitrust ruling that would have required Apple to allow third-party payment systems in the App Store within 20 days.

[…]

The decision came hours after reports emerged of Apple appealing the original order, with the company arguing that the required changes were too complex to implement within the given time frame.

While the injunction has been overturned, the broader antitrust investigation into Apple’s App Store practices will continue. Cade is expected to appeal the court’s decision, and Apple could still eventually be required to implement changes to its App Store policies in Brazil.

Tuesday, November 26, 2024

Watch Out for Counterintuitive Implicit Actor-Isolation

Jared Sinclair:

I ran into some unexpected runtime crashes recently while testing an app on iOS 18 compiled under Swift 6 language mode, and the root causes ended up being the perils of using @unchecked Sendable in combination with some counterintuitive compiler behavior with implicit actor isolation.

[…]

What occurred to me instead was to find a way to use locking mechanisms to synchronize access to the static var mutable property. What happened next led me down a path to some code that (A) compiled without warnings or errors but (B) crashed hard at runtime due to implicit actor isolation assertion failures.

[…]

It turns out that the implicit Main Actor isolation is getting introduced by MyApp[…] Therefore that init() method is isolated to the Main Actor. But our Logging.sink member is not isolated to the Main Actor. It’s implicitly nonisolated, so why is the compiler inferring Main Actor isolation for the block we pass to it?

Matt Massicotte:

What’s happening here is the compiler is reasoning “this closure is not Sendable so it couldn’t possibly change isolation from where it was formed and therefore its body must be MainActor too” but your unchecked type allows this invariant to be violated. This kind of thing comes up a lot in many forms, and it’s hard to debug…

Mutex is a potential solution but requires iOS 18. He also shows how to protect the sink with a non-global actor.

Previously:

Mini vMac for iOS Rejected via Notarization

Jesús A. Álvarez:

Mini vMac for iOS won’t be coming to #AltStorePAL, it was just #RejectedByAppReview for notarization after an initial rejection and appeal.

You can of course still get it from GitHub and build it with Xcode or sideload the ipa with AltStore Classic.

Via Riley Testut:

Apple’s complete abuse of Notarization is going to be the reason the EC comes down hard on them, and it’s wild how ignorant they are 💀

[…]

Based on actual, real conversations we’re having with the EC rn, I am very confident that this is not going to end well for Apple — but it seems like they genuinely don’t realize this?

Apple’s rejection notice says:

Use of Apple’s software is limited to the terms of the license for such software. Apple does not license its Mac operating system software for use outside of an Apple-branded computer. Your app necessarily involves and promotes the use of Mac operating system software on devices other than Apple-branded computers and such use goes beyond of the scope of its license terms. Notarization of your app thus would contravene the terms of Apple’s software licenses. Additionally, your prominent use of Apple’s MAC mark in the app name; MACINTOSH in the subtitle, and a Macintosh graphic in the icon for an operating system software product improperly and confusingly suggests or implies that the app has an affiliation, endorsement, or sponsorship by Apple and is in contravention of Apple’s Trademark Guidelines.

However, even if it’s correct about these points, they do not seem to be violations of the notarization guidelines and should probably be adjudicated via a different process.

Khaos Tian:

Apple really treat Notarization process like an app review and explicitly call out the reason for rejection to be unrelated to what DMA permits is just providing written evidence of abusing process at this point…

Previously:

Update (2024-11-27): See also: Reddit.

App Store Search Queries Appear to Violate Data Minimization Practices

Mysk:

This is an example of what the App Store app shares with #Apple when you search for an app. Everything you type in the search field is recorded as an event and associated with your Apple ID before it is sent to Apple. When I search for “Google Authenticator,” events are recorded as I type character by character. The leap between rows 78 and 79 is when I picked a suggestion. The timestamp of every event is recorded, i.e. Apple can calculate my typing speed 🙃.

[…]

There is no way you can opt out of sending such app Analytics to Apple or request it be anonymous.

[…]

Apple Maps does the same, but it never associates the requests with the user’s ID when sending the search requests, and never records them as app analytics.

Nick Heer:

What I cannot understand is why Apple wants to record all typed text and completed queries and correlate those to millisecond-level time codes and attach all that to someone’s Apple ID. This is the very opposite of data minimization — a reality which is unfortunately common among Apple’s services. It is not “tracking” by the company’s definition, which is exclusively concerning third-party sharing, but it violates the spirit of user privacy.

Previously:

Apple’s Movie Theater Beef With Hollywood

Mike Fleming Jr.:

Jon Watts, the filmmaker who stepped out of the Spider-Man franchise with Tom Holland and Zendaya to script and direct George Clooney and Brad Pitt in the film Wolfs for Apple, created a press dustup yesterday when he let slip that he and they would not be doing a sequel, even though Wolfs became by far the most viewed feature film ever released on Apple TV+.

[…]

It is similar to when Doug Liman feuded with Amazon after his Road House remake went straight to streaming despite his deal for a theatrical release and huge test scores, and he is not returning for the inevitable sequel. It underscores the continuing dilemma between streaming bows and risky theatrical release deals with big P&A spends.

Via M.G. Siegler:

Look, on paper, in a vacuum, I’m not sure Apple didn’t make the right call in pulling back on the theatrical release and going straight-to-streaming. The reality of our current situation is such that a movie like Wolfs – especially and oddly when marketed by Apple – was unlikely to be a big hit at the box office. And that would have been a black eye. For Apple. For Clooney. For Pitt. For Watts. For everyone. So pulling it back made sense in this very practical regard.

But my god the intangibles here. First and foremost, risking pissing off two of the biggest movie stars in the world with the maneuver. Second, this was exponentially riskier because one of those movie stars, Pitt, was in the midst of wrapping up Apple’s biggest movie ever which will need to be a huge hit in theaters: F1. Third, risking pissing off one of the hottest directors in the industry right now with the maneuver. Which clearly happened! Honestly, all of the above probably happened, but Watts is the only one talking about it openly right now.

And it’s not just the move Apple pulled, it’s how they did it. A last-minute bait-and-switch. And done with not only no discussion but almost no heads up. And then the ultimate dagger in the back: trying to spin the move with the sequel talk (which immediately seemed fishy to everyone when paired with the pull-back news – obviously) after Watts explicitly asked them not to do that.

Wes Davis:

The New York Times reported in August that Apple pulled the theatrical run for Wolfs because it was concerned it was spending too much on films after suffering multiple high-profile box office disappointments.

Previously:

Update (2024-12-10): M.G. Siegler:

Now I feel like I fully understand why Apple shifted it from theaters to streaming. It’s not that the movie is bad, it’s not. But it’s not nearly good enough to transcend what it is and become a huge box office hit. It would have been a middling movie at the box office at best. Yes, even with George Clooney and Brad Pitt. And at worst, it would have been an outright flop.

It would have been the latest in a string of high-profile failures at the box office for Apple. But it wouldn’t have looked good for Clooney or Pitt either.

[…]

But as a launch on Apple TV+, it’s leveraging two of the biggest movie stars in the world teaming up for an Apple exclusive film to watch in the comfort of your living room.

[…]

In a vacuum, Apple made the right call. And it’s one that other studios will need to follow going forward. Of course, we don’t live in a vacuum.

Monday, November 25, 2024

Swift Vision: Improving the Approachability of Data-Race Safety

Holly Borla (via Mastodon, forum):

This document lays out several potential paths for improving the usability of Swift 6, especially in simple situations where users aren’t intending to use concurrency at all.

[…]

A key tenet of our thinking in this vision is that we want to drastically reduce the number of explicit concurrency annotations necessary in projects that aren’t trying to leverage parallelism for performance. This is important for many kinds of programming, such as UI programming and scripts, where concurrency is often localized and large swathes of the code are generally expected to be constrained to the main actor. At the same time, we want to maintain a smooth path for experienced programmers to opt in to concurrency and maintain the safety of complete data-race checking.

[…]

We believe that the right solution to these problems is to allow code to opt in to being “single-threaded” by default, on a module-by-module basis. This would change the default isolation rule for unannotated code in the module: rather than being non-isolated, and therefore having to deal with the presumption of concurrency, the code would instead be implicitly isolated to @MainActor. Code imported from other modules would be unaffected by the current module’s choice of default.

[…]

Adding a per-module setting to specify the default isolation would introduce a new permanent language dialect. […] On balance, we feel that the costs of this particular dialect are modest and manageable.

[…]

The most important of these for our model of single-threaded code is to be able to express global-actor-isolated conformances. When a type is isolated to a global actor, its methods will be isolated by default. Normally, these methods would not be legal implementations of nonisolated protocol requirements. When Swift recognizes this, it can simply treat the conformance as isolated to that global actor. This is a kind of isolated conformance, which will be a new concept in the language.

Marcin Krzyzanowski:

what I’ve been complaining about since when first Actors introduced to Swift is that it forces “async-first” instead of “sync-first” programming. I’m super happy the Swift Language Steering Group has finally noticed it.

Christian Tietze:

So much effort poured into this, and then the DX problem can be summarized like “you can’t easily write single-threaded code now anymore” 🤯

Max Seelemann:

That said, for such a broad vision, I’m missing coverage of the present issues with isolation behavior mismatches to Objective-C code and Objective-C system libraries.

To this date, much of Apple’s new platform development is still done in ObjC, and many – if not most – Apple platform developers can’t evade UIKit or AppKit in their day-to-day work. Yet this language does not know anything about strict concurrency and allows comfortably programming in very non-compatible ways. What I dearly miss are tools to bridge this gap, to make using those APIs from Swift 6 as comfortable as it is from Swift 5 or ObjC.

[…]

Most importantly, to me, we need more robust and flexible ways to declare dynamic MainActor isolation. Basically MainActor.assumeIsolated but for entire classes and without all the sendability-dance for passing things in and out of that closure. (#isolation being non-nil when called from the ObjC main thread would also be nice.)

[…]

I struggle to write this more precisely in abstract terms, so I’d like to give an example from my recent work with TextKit2 – a fairly new system iOS/macOS API, that’s thought and written entirely in ObjC.

Victor_Martins:

My understanding is that the document says that one of the reasons that analyzing the program as a whole is bad is because “it would make the first adoption of concurrency extremely painful”. Then, it goes on to say that a better approach is to make the single-threaded assumption in smaller parts of the program. Finally, the document proposes that these smaller parts are the modules.

Choosing the modules as the smaller parts have caught my attention because over the last 3 years I’ve interacted with a couple dozens of beginner Swift programmers and the vast majority of the apps I’ve seen them develop do not have the code they’ve written broken down in smaller modules. The apps are mostly composed by 1 module + dependencies.

Is breaking out of the single-threaded default on these projects with one big module possibly going to be quite painful?

Previously:

Update (2024-11-26): Rob Jonson:

I think you’re absolutely right to focus on these - but I would argue for a radically different approach.

[…]

Flip the default. The default should be that guaranteed data race safety is turned off. […] Moving to an opt-in model will change the dynamic. At the moment, it feels like we’re on a forced march to the promised land of Swift 6 safety. If safety is opt in, then developers will choose to use it as it becomes more ergonomic. If the feature has to be worth the pain to convince people to opt in, - the dynamic around design will focus more on real usage.

[…]

Analyse code was a great tool as we moved towards arc (and even later). Run the tool, examine warnings about memory safety, fix if needed. […] Concurrency could do the same thing. Analyse could warn me that returning an NSImage is potentially unsafe if the sender keeps and mutates the original - but I can choose to ignore that because I know I’m not doing so.

I’m not sure I agree with this, but it’s interesting to consider.

Tim:

I remember the exact same arguments about optionals when Swift was first released. “I know what I’m doing”. “The compiler is trying to baby me” etc etc. Understanding optionals is definitely far easier than concurrency, but it’s the same thing of a language feature tackling common programming errors and I think we can all agree that it’s been a great feature once understood.

I’ve always been in favor of optionals, but I think the other way of looking at this is that people quickly saw that optionals provided real benefits in reliability and code clarity at very little cost (cognitive or visual). Beyond the async/await sugar, Swift Concurrency’s costs seem much higher and its benefits less clear.

Update (2024-12-02): See also: Hacker News.

Jesse Squires:

I’m not on the Swift forums much, but occasionally I follow the links in the summary emails.

It is very interesting how much developer sentiment towards the language has shifted over the past few years.

I’m not here to be a hater, but I certainly feel the frustration.

The thread in question:

Swift is such a mess. How has it got to a point where returning an object from a function requires two undocumented language features?

Matt Massicotte:

And, believe it or not, this vision doc changes would fix most (but not all) of the technical problems this particular person has run into.

Tito Ciuro:

I think Alex echoes a wide sentiment: that people want to write software and not be a slave of the latest features. You say to not use Swift 6. Well, guess what, my project depends on Vapor and unless I’m OK being stuck with an older version (I’m not), I’m forced to use Swift 6. So there you have it. Structured Concurrency down our throats.

Sean Heber:

I feel like even with all of this, some of the most painful points are being missed.

For example, there’s the idea that programmers should start single threaded and slowly move to concurrency - but you can’t actually do that in real life, IMO. Libraries/frameworks constantly impose concurrency on you - either they have async functions or they’re using callbacks where stuff happens “later” and often on a different thread/actor or the function is marked nonisolated (for good reason), etc.

You can’t ease into it.

Apple Tends to Do Right by Apps It Acquires

John Gruber (Mastodon) has gone through the list of Apple acquisitions:

The bottom line is that what we, as users, hope for after a big company acquires a beloved app is for an outcome where the users of that app remain happy. That might mean just keeping the app going, like with Logic. Or it might mean scrapping the standalone app, but bringing the core features of the app into the OS itself, like with Dark Sky. Sometimes it’s a mix, though, like with Shazam.

[…]

But an examination of Apple’s acquisition history doesn’t give me any reason for alarm. Apple really does tend to do right by cool app acquisitions.

[…]

Pixelmator in particular is simply too good to scrap, and Apple hasn’t made its own bitmap image editing application since, I think, MacPaint. Something like Pixelmator really would slot right in next to Final Cut Pro and Logic Pro as an Apple “pro tool”. Whether they’ll keep the name, I don’t know, but I think the app will be released under Apple branding as a Photoshop competitor, for Mac and iPad.

[…]

I’m less sure if Apple has the appetite to keep Photomator going, to compete directly against Lightroom — a market Apple simply walked away from when they discontinued Aperture 10 years ago. But perhaps they now regret walking away from Aperture. I’m just not sure how close Photomator is to being a credible alternative to Lightroom.

[…]

I can see how the best of Photomator could make its way into Photos. That’s not true for Pixelmator. The acquisition just doesn’t make sense to me unless Apple wants to make Pixelmator an Apple-branded pro tool.

My immediate reaction is that acquisitions are almost always bad for fans of the original app, however, I think Gruber is right that Apple’s track record is better than average. On the other hand, looking at the list, most of the businesses that Apple acquired weren’t apps. It’s not a big sample size.

Two apps that were dear to me are Claris Emailer and ClarisWorks. Claris did a great version 2 of Emailer, after acquiring it from Fog City Software, and then killed it. Presumably, this was because Apple had acquired Mail.app in the NeXT acquisition. Unfortunately, it didn’t really try to integrate the things people liked about Emailer into Mail, and it lost some of the key developers to Microsoft.

Similarly, I guess ClarisWorks was killed in favor of iWork (itself based on an acquisition). The AppleWorks Carbon version that shipped after Apple resorbed Claris was not great. iWork is OK but never appealed to me in the way that ClarisWorks did, and it was missing the painting, drawing, and database modules.

More recently, the Dark Sky, Buddybuild, and TestFlight acquisitions were good in that they expanded Apple’s services, but I don’t think they were necessarily wins for fans of the originals.

Previously:

The End of Delicious Library

Wil Shipley:

Amazon has shut off the feed that allowed Delicious Library to look up items, unfortunately limiting the app to what users already have (or enter manually).

I wasn’t contacted about this.

I’ve pulled it from the Mac App Store and shut down the website so nobody accidentally buys a non-functional app.

Previously:

Update (2024-11-27): John Gruber (Mastodon):

20 years go by and there’s some inevitable nostalgia looking back at any art form. But man, Delicious Library exemplified an era of indie app development that, sadly, is largely over. And make no bones about it: Delicious Library was a creative work of art.

Update (2024-12-02): See also: John Siracusa in 2004 (via John Gruber, Mastodon).

Pieter Omvlee:

What drew me to the Mac initially was its industrial design. My uncle had an iMac G4, the floating screen, the swivelling arm – the one that looked like a lamp – and I thought it was a beautiful piece of art. What kept me on the Mac though was the software, the software from third party independent ‘indie’ developers.

These apps were made by small teams, individuals even, hand-crafted with a focus on the the beauty and the little details.

[…]

I had proof that it was possible. That realisation, that it was possible to build apps like this for a living while also focussing on beautiful design, user experience and customer delight was what motivated me in my own way to start building apps. Making a living selling software online could be done, and Delicious Library had shown the way and provided the inspiration. First with Fontcase and then Sketch, both of which I’m proud to say have won an Apple design award as Mac-assed Mac apps.

Update (2024-12-10): See also: Slashdot.

Black Friday 2024

My apps (DropDMG, EagleFiler, SpamSieve) are on sale for Black Friday, and here are some other good deals that I found:

Apps:

Accessories:

Books:

Photos and Video:

Stores:

Lists of Deals:

Previously:

Friday, November 22, 2024

The App Store Era Must End

Jason Snell (tweet, Macworld, podcast):

To a kid growing up in the 1980s, the idea that the maker of your computer would actively stop you from using software it didn’t approve of would have seemed beyond the pale. It certainly would’ve been a deal-breaker. And yet so many of today’s computing devices are locked down—for some good reasons, but also a lot of bad ones.

What do we want the world to look like in the future? Is the destiny of the most important invention of the last half-century, the computer, to become a series of locked-down devices controlled by the giant companies that designed them? Should the iPhone be the model for all future devices?

If Apple’s locked-down approach in the App Store era is our future, it’s a bleak one indeed. […] When we consider the future of computing devices, the Mac is the model we should aspire to, not the iPhone.

[…]

But over time, the inevitable happened: Apple used the exclusivity of the App Store and its total control over the platform to extract money through rent-seeking and to bar businesses from admitting that the web existed outside their apps. Perhaps worst of all, the App Store’s exclusivity allowed Apple to essentially treat app developers as Apple employees, forcing them to follow Apple’s guidelines and please Apple’s approval apparatus before their apps would be allowed to be seen by the public. Whole classes of apps were banned entirely, some publicly, some silently.

Stephen Hackett:

It’s not often I want to shout “Amen!” as I read an article, but here we are. I think I startled my sleeping dog.

Nick Heer:

I do not know that there is a new argument here. But to see them in a single document is compelling.

[…]

I worry the App Store model and the regulatory response has irreparably damaged Apple’s entire ethos. Not destroyed, but definitely damaged. Apple prides itself on making the entire widget: hardware, software, and services. No competitor has a similar model. It has gotten away with this through a combination of user trust, and not being nearly big enough for regulators to be concerned about. But the iPhone fundamentally upset both these qualities.

[…]

There are certainly plenty of people who believe Apple should be able to do with the iPhone what it wishes, and that — thanks to the power of the free market — people who do not like those changes will simply go buy something else. Perhaps. But perhaps, too, Apple’s influence over a billion users worldwide is something worth checking on. If Apple had responded more amenably to concerns raised over the past decade, maybe it would not find itself in this position today — but here we are.

Sarah Perez:

TV Time, a popular TV and movie tracking and recommendations app with more than 30 million registered users, disappeared from Apple’s App Store for several weeks, leading to questions about its future from the app’s avid fan base. Considering that 2.5 million users use the app every month to track what they’re watching and to engage in a social network where they can comment on individual episodes, vote for favorite characters, post images and GIFs, and connect with other users, its disappearance didn’t go unnoticed.

On November 1, the company announced via a post on X that it was aware the app had been removed from the App Store and that it was “working with Apple to get it back ASAP.”

[…]

After TechCrunch reached out to TV Time and Apple about the app’s removal, the app was reinstated on the App Store.

[…]

“Despite Whip Media having complied with the DMCA and explaining that to Apple, the complainant notified Apple that its claim was ‘unresolved,’ and Apple decided to remove TV Time from the App Store,” he says.

Malcolm Owen:

Musi believes Apple acted improperly, breaching its contract with the app removal before investigating the claims made by YouTube.

[…]

In many cases, it’s probably justifiable for Apple to boot the app, especially in extremely obvious instances of copyright infringement. However, an increasing number of developers believe that copyright claims are being handled poorly and that Apple’s power to kick apps is too much.

Joe Rosensteel:

That bureaucratic failure of a developer falling between the cracks is merely one of many that have happened over the years.

[…]

That old, and irrelevant inventory is a key problem. The apps people want to really use generally aren’t going to be found in the Mac App Store unless they’re apps Apple makes.

[…]

Surely, we don’t want this disinterest to fall on iOS? We don’t want another disused, gray, box of a store. If people aren’t held by force inside of this magical font of app development then no one will ever use it!

[…]

The reason that the Mac App Store gathers cobwebs is because Apple gave up on caring if it earns money when compared to its far more profitable predecessor. It couldn’t come close to the money the iOS App Store made, which is why Apple today expends so much effort arguing for iOS to remain as it is. It’s not because apps outside the App Store kill the App Store, it’s because the App Stores need to compete for business and if you don’t compete, well, you’re an office supply store owner hoping someone just doesn’t know how to shop on the internet.

Jeff Johnson:

“Yes, the App Store was a hastily rewritten version of the system Apple used for iTunes, a decision that sealed the fate of Apple’s software platform as a hit-driven marketplace backed by systems designed for record companies to upload music.”

I’m glad to see this acknowledged in the news media. It happens so rarely.

Christian Tietze:

“Once again, the only way forward is the Mac”

[…]

I wish that this would become the future. Fewer nag dialogs, fewer lock-downs. Maybe not for my tech-averse aunt, but for people who want to.

laotang:

The funny things is that this single move most likely would solve most issues with the iPad and the Apple Vision Pro instantly.

Simon B. Støvring:

Eye tracking isn’t available and access to the camera wasn’t available at launch. It is now, but it’s locked behind an entitlement only available to enterprise apps. This seems to neglect part of what makes the platform special.

You need the entitlement in order to try it out at all. You need to sell Apple on your use case before you can even start building.

Previously:

Update (2024-11-25): See also: Hacker News.

nilrog:

I have said it many times. The generations before us created these awesome computers that we played with and learned to make awesome stuff on. But we used that to create these locked-down, stupid, devices so the next generations can only consume stuff on.

Jeff Johnson:

If you were a Mac developer in 2006 and earlier, you didn’t have to do anything that Apple wanted.

You didn’t even need an Apple Developer account, or indeed an Apple ID (which was used primarily for iTunes Music Store purchases). The Xcode developer tools came on disc with every Mac.

I’m not sure that developers today can imagine such a world of freedom. They come in adopting a servile mindset.

Update (2024-12-10): Isaiah Carew:

nearly every other major negative change to software industry in the past ten years can trace some roots to app store ubiquity[…]

Apple Directly Selling Apple News Ads

Sara Fischer:

Apple has started selling its own advertising inventory for Apple News, two sources familiar with the effort told Axios. It’s pitching new ad units that it hopes will maximize revenue for itself and its publishing partners.

[…]

Beginning next year, Apple will sell premium sponsorships of editorially curated content for relevant events, such as the Met Gala, the U.S. Open, and more.

In addition to premium sponsorships, the Apple News team is also pitching banner placements and video ads across 17 different formats, including carousel ads that feature different products.

Advertisers will also be able to sponsor specific feeds within Apple News, should they wish to contextually align with certain topics.

[…]

While the company doesn’t break out its advertising revenue from its broader services revenue, analysts estimate advertising makes up roughly 10% of that business.

Via John Gruber:

Apple News+ is a really good product. Scanning its main Today tab in the morning has become my modern-day equivalent of scanning the front page of a printed newspaper — a way to get a sense of what’s going on in world news. There’s a level of editorial curation and presentation in Apple News that I don’t think has a peer. Apple News itself doesn’t publish or report anything, but there’s clearly a talented, level-headed editorial team that is picking and choosing the most important and most interesting (which are often very different things) stories from a wide variety of sources.

This is the highest praise I’ve ever seen for Apple News. Personally, I really dislike the app’s interface, so I wouldn’t use it in this way even if I liked the selection of stories. I still accidentally end up in Apple News from time to time after clicking a link. I wish there were a way to stop that. I’m offended that it doesn’t have a built-in keyboard shortcut to open the story in your browser and that the menu command says Open in Safari even if you’ve chosen a different default browser. (The Default web browser setting has moved over time and is now in System Settings but cannot be found by searching for “browser.”)

I don’t look to Apple News for anything related to tech. […] But for national, world, and general interest news, Apple News is really good. I don’t know what it’s like without a News+ subscription, but with one, it’s truly excellent.

[…]

But, my god, the ads suck — low-rent and highly repetitive.

Gus Mueller:

I really think Apple should get out of the ads business, starting with the App Store. I find it corrupting, ugly, distasteful, and most of all an anti-premium experience.

Guy English:

First: I agree with @gruber that “The economics for ad-free news just don’t work, and never have.”

Second: Apple at least claims to operate with one bottom line where units don’t carry their own profit and loss. So I find the first claim incongruous with that.

Previously:

Update (2024-11-27): Nick Heer:

The Google document is speculative and external to Apple, so it does not represent Apple’s actual strategy. This is what Google, an advertising company, thinks Apple could do if it wanted to really commit to selling ads. Does losing its Google revenue share tip Apple’s hand? I sure hope not, but I am not the person trying to figure out whether to take a massive financial hit for users’ trust and enjoyment. If Apple has good taste, I hope it will make the right call.

Previously:

Unreal on Internet Archive

Timothy Geigner:

But it just doesn’t have to be like this. Companies could be willing to give up their iron-fisted control over their IP for these older games they aren’t willing to support or preserve themselves and let others do it for them. And if you need a real world example of that, you need look only at how Epic is working with The Internet Archive to do exactly that.

John Walker:

Epic, now primarily known for Fortnite and the Unreal Engine, has given permission for two of the most significant video games ever made, Unreal and Unreal Tournament, to be freely accessed via the Internet Archive. As spotted by RPS, via ResetEra, the OldUnreal group announced the move on their Discord, along with instructions for how to easily download and play them on modern machines.

It’s hard to convey just what a significant moment it was, in 1997-98, when Quake II and Unreal came out within six months of each other. Marking Epic’s entry into the graphics arms race with id Software, the two games were both utterly brilliant shooters in their own rights, but also became the names behind the engines on which a generation of games would be built. Half-Life was based on the Quake engine, while Unreal’s was under the hood of Deus Ex.

OldUnreal:

Our installer supports Windows 7 and later. We are working on installers for Linux and macOS.

Previously:

Type to Siri

Tim Hardwick:

With the introduction of Apple Intelligence in iOS 18.1, communicating with Siri has become more flexible since you can easily type your requests instead of speaking them. It’s a subtle but powerful change that’s perfect for those moments when you need to be quiet or [discreet].

Enabling Type to Siri is straightforward. Head to Settings -> Apple Intelligence & Siri, tap Talk & Type to Siri, and make sure the Type to Siri toggle is switched on.

Apple:

To type to Siri, double-tap the bottom of the screen, then enter your request.

Dave Mark:

My one nit here is that tapping the microphone icon switches you back to plain old Siri.

No. When I tap that microphone, I want to dictate text that I can edit as I go. Perfect for complex queries, or for words/names that Siri gets wrong.

As is, feels like tapping the mic icon causes Siri to hijack my keyboard.

I had the same thought, expecting that I would be able to mix and match speech and typing. I also wish there were different ways of invoking Siri so that you could go right to typing or right to speech. Otherwise, if you enable typing, it always takes an additional tap to be able to speak. On the Mac, I can double-tap the Command key to activate Siri for typing, but then I have to take my fingers off the keyboard to click the little microphone icon. Hey Siri could work around this, but I have it turned off on all devices except my iPhone because otherwise it always seems to respond on the wrong one.

Leon Cowle:

It’s sad that not even these super-basic parts of Apple Intelligence are available on slightly older phones (14Pro is my case). Boo!😒

My 4th generation iPad Air doesn’t support Apple Intelligence, but it does support Type to Siri, though I’m unable to invoke it by tapping.

Filipe Espósito:

Code suggests that “AdBlocker” will download audio fingerprints from Apple’s servers and then use the Shazam API to match them against audio captured by the device’s microphones using the Hey Siri API. When certain audios match, the new framework will temporarily disable Siri’s trigger commands.

Presumably, Apple will use audio fingerprints from its TV ads and keynotes to prevent any mentions of Siri from triggering the virtual assistant on users’ devices.

Previously:

Thursday, November 21, 2024

EagleFiler 1.9.16

EagleFiler 1.9.16 is a maintenance release of my Mac files/notes/e-mail manager. This version improves the formatting of community notes and quote tweets when importing from X/Twitter and includes a bunch of other fixes (e.g. for the help viewer) along the lines of what was in SpamSieve 3.1.

Previously:

Privileges 2.0

Rich Trouton:

SAP has released a new major version of their open source Privileges app. This tool provides macOS standard user accounts with a way to request administrator rights. Privileges 2.x includes a number of new features not available in Privileges 1.x and in particular fulfills two particular long-standing requests from its user community:

  1. It provides a unified mechanism for time-limited admin rights.
  2. SAP now provides a signed and notarized installer package for deployment.

Rich Trouton:

The relevant preference domain and key values are listed below:

  • Preference domain: corp.sap.privileges
  • Key: ExpirationInterval
  • Value: Positive Integer

Previously:

Slopes Interactive Maps

Curtis Herbert et al.:

As of this season, Slopes is a team of seven full-time employees, two contractors, two interns, and me. 🤯 Everything you’ve seen in Slopes over the past few years around interactive resort maps is the kind of feature only an amazing team can pull off. I thought it’d be cool to start pulling back the curtain and allow others at Slopes to share the awesome stuff they’ve been cooking up directly with you, beginning with Jess and Lydia from our mapping team…

[…]

We’ve been consistently expanding our coverage of 3D interactive maps since they were first introduced in 2021. And now, we’re kicking off this season with over 1,500 new resorts added to the list, bringing our total coverage to 2,000+ resorts across the world. About 650 of these areas feature custom Slopes mapping meticulously crafted by our team, while the rest are sourced through a special integration with OpenStreetMap (OSM).

I’m pleased to see that Slopes is doing so well, even though many resorts now have their own free apps that offer some similar features as well as access to their own private realtime data.

Lydia:

Mapping ski resorts from scratch, we use GIS software to layer our data over high-resolution imagery and other spatial datasets. This imagery, often at 1-meter resolution in many parts of the world, comes from satellite and aerial sources. We use it as a reference to manually draw resort features (yup, that's right, we draw overlays by hand) in their correct geographic locations. The fine resolution of the imagery allows us to clearly map lifts and resort buildings.

[…]

We use fully anonymized data from Slopes recordings to improve the accuracy of our maps. We plot a subset of this data as a heatmap and layer it under the resort. Combined with official trail maps, we are then able to determine where to add run lines, and their orientations. This information removes the guesswork and provides us with good accuracy.

Previously:

Let’s Encrypt Is 10

Josh Aas (in 2014, via Hacker News):

For many server operators, getting even a basic server certificate is just too much of a hassle. The application process can be confusing. It usually costs money. It’s tricky to install correctly. It’s a pain to update.

Let’s Encrypt is a new free certificate authority, built on a foundation of cooperation and openness, that lets everyone be up and running with basic server certificates for their domains through a simple one-click process.

From my perspective, they delivered just what they promised.

Previously:

Wednesday, November 20, 2024

SpamSieve 3.1

SpamSieve 3.1 improves the accuracy of my Mac e-mail spam filter, amongst many other enhancements.

Some interesting issues were:

Previously:

Update (2024-12-09): Unfortunately, it turns out that library validation does not work around whatever macOS code signing bug is causing downloads to be incorrectly reported as damaged, so customers encountering this still need to use the Download Fixer tool. That’s easy enough to do, but some will probably give up before doing that because there’s no automated way to help them find it.

Overcast 2024.11.1

Overcast:

The price change goes into effect tomorrow (November 21).

Premium is going from $9.99 to $14.99, the first price increase since it was introduced 8 years ago.

Chance Miller:

The new 48-hour listening history feature builds upon the undo seek feature that Overcast introduced earlier this year.

  • 48-hour History and Undo: Accidentally seek too far, leave your phone playing overnight, or delete the wrong episode, podcast, or playlist? Just undo it!

The undo seek feature has been one of my favorite parts of Overcast’s big update from July, so I’m thrilled to see this new feature expand even further.

Meanwhile, the new Listening Stats feature gives Overcast users a great way of recapping their podcast listening on a daily, monthly, or yearly basis.

I like the history idea. Previously, the only Premium features that I used were uploads and ad removal.

I’m actually still using the old Overcast, though, because I’m still seeing bug reports, and I’m scared of ending up in a broken state if they bite me. The App Store won’t let me revert to the previous version. I could switch to Pocket Casts, but I don’t want to, and it would be a lot of work because, although I can import OPML, there’s no way to transfer the lists of which episodes are queued or already played, nor can I download the unplayed files that I’ve uploaded.

See also: Under the Radar.

Previously:

Update (2024-11-22): Marco Arment:

I’ve said a couple times recently that App Store subscriptions can only increase by $5/year if you want people to be opted-in by default.

That’s wrong!

[…]

(My IAP is sticking with $15 for now, though.)

Why Can’t iOS Have Smart Folders?

Collin Donnell:

The only apps I know about that have added them for both macOS and iOS are Reminders and Notes, although I’ve found the implementation of them to be a bit weird. In both of those, you can’t add sub-conditions, so you can say all or any of a list of conditions, but you can’t say “all of these conditions and any of these conditions.” It might sound like a small thing, but it’s not.

Anyway, back to the topic. I want this, and I want Apple to add it. Part of me wonders if it’s just a matter of there not being an equivalent to NSRuleEditor in UIKit or SwiftUI, and so every app would have to implement the control on their own.

I was just thinking about this yesterday when reading about News Explorer 2.0 and how its complex filters can sync and work on iOS but can be edited only on macOS.

Pinwheel 1.0

New Mac app from Bjango (Mastodon):

Convert between color formats and color spaces. Automate color contrast testing. Create beautiful gradients and palettes.

[…]

Pinwheel imports Design Tokens JSON, Figma documents, Sketch documents, CSS, asset catalogs, and other file types.

Once you’ve finished making adjustments, automated exporting can be set up to simultaneously export in multiple formats. Would you like SCSS, Design Tokens JSON, and SwiftUI color enums all at once? Sure thing.

$25, no subscription or Mac App Store version.

Update (2024-11-22): Sören:

Would love a comparison of Bjango’s Pinwheel and Steve Troughton-Smith’s Pastel. They look similar?

Tuesday, November 19, 2024

DOJ Wants Google to Sell Chrome and De-Google Android

Juli Clover (Hacker News, 9To5Google):

The United States Department of Justice wants Google to sell off its Chrome browser as part of an ongoing antitrust lawsuit, reports Bloomberg. Earlier this year, Google was found to have a search monopoly, and antitrust regulators have since been deciding on the actions that should be taken to address Google’s anticompetitive practices.

The DoJ plans to ask the court to force Google to sell Chrome, which is the most popular web browser in the world by a wide margin. Chrome’s integration with Google Search and other Google products has been cited as one of the factors limiting search competition.

Regulators also want Google to uncouple the Android operating system from other products like Google Search and the Google Play Store, both of which are apps installed on Android devices by default. It’s not clear how unbundling Android from Google Play would work as Google Play is the Android app store.

This doesn’t make sense to me, and I don’t even really understand what they think it would help with. If there are illegal behaviors, why not address them directly?

Christina Warren:

This was stupid when they tried to do this to Microsoft 25 years ago. It’s equally stupid to do this to Google.

John Gruber:

If Google were forced to sell Chrome, who’d make the default web browser for Android? Android can’t ship without a default browser. And the DOJ wants Google to “uncouple” Android from the Google Play store? Allowing Google to keep Android but not make its own web browser or app store is just nonsense.

[…]

Chrome is not a standalone business. Android is not a standalone business. They’re both just appendages of Google that serve only as distribution channels for the advertising Google shows in search results, and the money it makes from advertising and game commissions in the Play Store. It’s like saying I have to sell my left foot. It’s very valuable to me, but of no value to anyone on its own.

Dare Obasanjo:

This proposal is kind of nuts since the only business model for web browsers is revenue share from search results. That’s how Edge, Safari, Firefox and Chrome make money.

So the only way it makes sense for anyone to buy Chrome is to make Google the default search, otherwise it’s not worth the investment.

M.G. Siegler:

The idea that Google would be broken up as a result of their loss in the antitrust trial against their Search monopoly was never going to happen. Instead, as I wrote last month, it was more like Negotiating 101. Start by putting the biggest ask out there, see how the market (including, notably, Google) reacts and go from there. Having read that particular room, it seems like the DoJ is now closing in on their actual opening proposal.

[…]

The government would argue that consumers will benefit as they'll no longer be as locked into Google Search – especially if this is coupled with an order to end any default search agreements with other browser makers. But unless those other browser makers choose another search engine as the default, it feels like Google Search will not be impacted very much. It is interesting to think if that would impact the uptake and growth of Gemini and a few other Google products, such as their payment services, but that's not what is on trial here.

It's not clear who could pay what for Chrome. Bloomberg throws out the notion of OpenAI being one potential home, but would the government really want that? That would risk anointing – well, really entrenching – a king in a new field. OpenAI's main benefactor, Microsoft could acquire it, especially now that their own Edge browser is all-in on Chromium. But they would probably just use it to bolster not just Bing by also their own AI products and services. And that would be extremely awkward for the government as well.

Previously:

Update (2024-11-22): Michael Liedtke (PDF, Hacker News):

U.S. regulators want a federal judge to break up Google to prevent the company from continuing to squash competition through its dominant search engine after a court found it had maintained an abusive monopoly over the past decade.

The proposed breakup floated in a 23-page document filed late Wednesday by the U.S. Department of Justice calls for sweeping punishments that would include a sale of Google’s industry-leading Chrome web browser and impose restrictions to prevent Android from favoring its own search engine.

[…]

Although regulators stopped short of demanding Google sell Android too, they asserted the judge should make it clear the company could still be required to divest its smartphone operating system if its oversight committee continues to see evidence of misconduct.

Dare Obasanjo:

The DOJ’s proposed remedies to address Google’s search monopoly are far reaching and will definitely reshape the internet:

  • Google forced to sell Chrome
  • Android can no longer promote Google Search
  • Banned from default search deals on iPhones and other devices (Apple just lost $20B/year)
  • Must license search index data to competitors

M.G. Siegler:

The second is that unlike the default search placement and deal they’re (rightfully, I think) worried about within browsers, using Chrome itself is actually a choice almost all users on desktops/laptops make. That’s because beyond ChromeOS devices, most such devices are Windows or Mac machines. And these devices generally do not have Chrome installed out of the box. You have to boot up Microsoft Edge or Apple Safari and yes, search for Chrome in order to install it. This is sort of a pain. And sure, Google uses prompts on Google Search at times to try to ease such actions, but this is something many users explicitly do.

[…]

More broadly, the reality remains that what is going to break the dominance of Google Search is not going to be another search engine, it will be something tangential out of left field. As such, asking Google to sell/spin-off Chrome is seemingly irrelevant to the DoJ’s goal here. Perhaps if they forced a sale to a competitor that actually had the resources and will to support Chrome, but that would mean selling it to another tech giant, like Microsoft, or Apple, or Meta and there’s no way they want that – all of those companies are also under investigation for other forms of antitrust, market dominance, etc. Also, as the testimony from Apple and others has made clear in various trials, the main search competitor right now, Bing, simply isn’t good enough to replace Google even if they were offered more money to do so. Hell, even Microsoft admitted this! Perhaps after years of default placement and thus, usage, Bing would surpass Google, but the reality here remains that most people would probably just go back to using Google.

43920:

This has already been discussed extensively in prior threads, but the biggest question is, how does a spun-off Chrome get funded?

Chrome/Firefox/Safari all cost hundreds of millions of dollars a year to maintain. Currently, Safari and Firefox both make essentially all their revenue through default search agreements. Chrome, Edge, and now Brave are produced by companies that also own the search engines, so they’re essentially a loss-generating product, that exist because they cancel out distribution costs that Google and Microsoft would otherwise have to pay other browsers.

But the DOJ order is also asking to ban payments between search engines and browser makers[…]

Jeff Johnson:

Moreover, who would buy Google Chrome? It seems like the leading candidate would be Microsoft, who is still a monopolist on desktop, so that option might even be worse than the status quo.

It makes much more sense for Google to divest Android, which can make money via licensing and Google Play.

Dare Obasanjo:

OpenAI building a search engine and buying Chrome after the DOJ forces Google to sell it would fracture Google’s search business overnight.

Josh Sisco and Leah Nylen (Hacker News):

Alphabet Inc.’s Google would be forced to unwind its partnership with artificial intelligence startup Anthropic if a federal judge accepts the US Justice Department’s proposal to resolve a landmark antitrust case over online search.

Steve Troughton-Smith:

I know one person who might jump at the chance to snap up the world’s leading portal to information for $20B, and who has access to the levers of government to force the sale to happen…

Update (2024-11-25): Nick Heer:

The full proposal (PDF) is a pretty easy read. One of the weirder ideas pitched by the Colorado side is to have Google “fund a nationwide advertising and education program” which may, among other things, “include reasonable, short-term incentive payments to users” who pick a non-Google search engine from the choice screen.

[…]

The D.O.J.’s theory of growth reinforcing quality and market dominance is sound, from what I understand, and Google does advantage Chrome in some key ways. Most directly related to this case is whether Chrome activity is connected to Google Search. Despite company executives explicitly denying using Chrome browsing data for ranking, a leak earlier this year confirmed Google does, indeed, consider Chrome views in its rankings.

There is also a setting labelled “Make searches and browsing better”, which automatically “sends URLs of the pages you visit” to Google for users of Chromium-based browsers. Google says this allows the company to “predict what sites you might visit next and to show you additional info about the page you’re visiting” which allows users to “browse faster because content is proactively loaded”.

[…]

I do not think Chrome can exist as a standalone company. I also do not think it makes sense for another company to own it, since any of those big enough to do so either have their own browsers — Apple’s Safari, Microsoft’s Edge — or would have the potential to create new anticompetitive problems, like if it were acquired by Meta.

Update (2024-11-26): Casey Newton:

In a blog post today, Google argued that the opposite is true. Kent Walker, the company’s chief legal officer, called it “a radical interventionist agenda” and a “staggering proposal [that] would hurt consumers and America’s global technological leadership.”

[…]

As I wrote Tuesday, I’m not fond of forcing Google to divest Chrome: it was built in house, and earned its spot as the most popular browser in the United States fairly: by being meaningfully better than its competition. No matter who owns and operates it, most US users will probably set Chrome’s search engine to Google. It’s hard to see that shaking up the search market too much.

Requiring Google to license search queries and results, on the other hand, could be transformative. Suddenly, Google’s rivals would have a more even footing on which to attempt to build better search products.

Update (2024-11-27): Michael Kan (via Nick Heer):

“We strongly urge the Court to consider remedies that improve search competition without harming independent browsers and browser engines,” a Mozilla spokesperson tells PCMag.

[…]

“The proposed remedies are designed to end Google’s unlawful practices and open up the market for rivals and new entrants to emerge,” the DOJ told the court. The problem is that Mozilla earns most of its revenue from royalty deals—nearly 86% in 2022—making Google the default Firefox browser search engine.

Previously:

News Explorer 2.0

Ron Elemans (Mastodon):

Sidebar filters, or ‘Smart folders’ as Apple likes to call them, are now fully customizable. You can add as many filters as you like, and they are all synced across all your devices.

[…]

Article comments are automatically downloaded and displayed in the Inspector panel when the article has a comment feed, public comment API, or when the source webpage uses Open Web comments. Being able to read comments directly in the app besides the article is really a nice experience, especially for feeds whose comments are as interesting as the articles themselves.

[…]

The iCloud storage settings panel has a new setting, ‘Local iCloud sync modus’. With this, you can optimize your News Explorer sync infrastructure by assigning ‘Server’ modus to an always-running Mac, and using ‘Client’ modus on all other devices..

[…]

Prefilters allow you to control which articles from a feed are allowed to be downloaded and which are not.

Amazingly, this is a free update. New licenses are $9.99 for Mac and $4.99 for iOS.

Previously:

macOS 15.1.1

Juli Clover (release notes, security, no enterprise, no developer, full installer, IPSW):

According to Apple’s release notes, macOS Sequoia 15.1.1 includes security fixes.

Juli Clover:

With the JavaScriptCore vulnerability, processing maliciously crafted web content could lead to arbitrary code execution. The WebKit vulnerability had the same issue with maliciously crafted web content, and it could lead to a cross site scripting attack.

Apple says that it is aware of reports that these two issues may have been actively exploited on Intel-based Mac systems. While the vulnerabilities are only known to have impacted older Macs, other devices are vulnerable to attack because they have the same security flaws.

I’m not sure why, but this seemingly minor update took way longer than other recent ones to install on my Intel MacBook Pro—probably close to an hour, with the fans blaring for most of that time.

Jeff Johnson:

Getting an Apple Intelligence modal ad after installing macOS 15.1.1

Also, 15.1.1 wants me to store all my files in iCloud, enabled by default, WTF?!?

For me, it didn’t change anything with iCloud Drive, and (on a Mac that doesn’t support Apple Intelligence) it didn’t show any onboarding screens at all. I had gotten used to being asked to sign into iCloud again.

Previously:

Update (2024-11-22): Ryan Naraine (via Hacker News):

Raw details on the patched vulnerabilities:

  • CVE-2024-44308 — JavaScriptCore — Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.
  • CVE-2024-44309 — WebKit — Processing maliciously crafted web content may lead to a cross site scripting attack. Apple is aware of a report that this issue may have been actively exploited on Intel-based Mac systems.

iOS 18.1.1 and iPadOS 18.1.1

Juli Clover (no iOS/iPadOS release notes, security, no enterprise, no developer):

According to Apple’s release notes, the iOS 18.1.1 update provides important security fixes.

Previously:

visionOS 2.1.1

Juli Clover (no release notes, no developer, security, no enterprise):

Today’s update focuses on security fixes rather than new features, and it is recommended for all Vision Pro users.

Previously:

Monday, November 18, 2024

Swift Concurrency Proposal Index

Quinn (via Fatbobman):

This post summarises the Swift Evolution proposals that went into the Swift concurrency design. It covers the proposal that are implemented in Swift 6.0, plus a few additional ones that aren’t currently available.

The focus is here is the Swift Evolution proposals. For general information about Swift concurrency, see the documentation referenced by Concurrency Resources.

Marcin Krzyzanowski:

I really really dislike the state of Swift Concurrency knowledge

  1. check the year
  2. find appropriate version of proposal
  3. find how it is implemented
  4. find proposal that changes that proposal
  5. extract current state of expectation

Previously:

Update (2024-11-26): Rob Jonson:

The first step is to actually document what swift 6 does. This should be in the swift language guide.

For example - ‘sending’ solved a problem for me yesterday in swift 6 mode, but searching the Swift Language Guide finds no references to the term.

[…]

Once complete documentation exists, future changes should not be accepted unless they fully explain themselves fully in the documentation.

The complexity of writing user documentation will highlight a lot of the practical complexity.

Previously:

Why Is Lightroom Always Generating Thumbnails?

I really like working in Lightroom Classic except that—despite continually updating to newer versions that promise performance improvements and newer Macs with faster processors, SSDs, and more RAM—it still feels slow. Maybe it’s my imagination, but I don’t think it was always thus. I think I used to be able to import a thousand photos and do stuff in the app during that process. Now, the app almost locks up during the initial phase of the import, and it bogs down the entire Mac. Sometimes I can’t even monitor the CPU use with App Tamer because the XPC messages between its daemon and menu bar item get delayed.

Imports are not the main problem, though, because I can generally start them before I take a break and let the Mac chug away while I’m gone. What really gets in the way is that—unlike Apple Photos—it can’t smoothly scroll through a grid of thumbnails. Some of them are inevitably blank or blurry, and Lightroom shows three dots in the upper-right corner to show that it’s busy working. Sometimes a given thumbnail will load in a few seconds, but other times it takes more like minutes. It does not seem to do any pre-loading so that when I press Page Down the next screenful of thumbnails will already be ready. It seems to wait until they are in view before beginning the work.

I’d like to be able to tell Lightroom to pre-generate all the thumbnails, and keep them stored, so that scrolling is always fast. But my understanding is that there’s no such command. Thumbnails seem to be tied to the generation of previews. I have Lightroom set to auto-generate previews on import, but that doesn’t do the job. Choosing Library ‣ Previews ‣ Build Standard-Size Previews doesn’t seem to help. Choosing Library ‣ Previews ‣ Build 1:1 Previews does help somewhat, though I’m not sure why building huge previews vs. standard ones would help more with thumbnails. But, even then, if I scroll through a few thousand photos whose 1:1 previews I just rebuilt, I still see the indicator on some thumbnails. Many that don’t show that indicator are blurry for a few seconds. Browsing within a single collection, I can slowly scroll down to the bottom so that all the thumbnails are eventually loaded, but they don’t all stay loaded. Doing the same scroll again seems to cause some of them to be regenerated or at least reloaded.

Previously:

Does Apple Smell Blood in the Water?

Jaron Schneider (Hacker News):

In just the last year and a half, Apple launched Final Cut on iPad and Final Cut Camera, updated Final Cut Pro to a new version for the first time in 13 years, and moved to purchase Pixelmator. As Adobe’s public perception continues to struggle, Apple is making moves to take advantage.

Through the 2010s, Apple didn’t do much on the software front. Sure, it had Final Cut Pro X but the move from version 7 required a complete rewrite of the program’s code. The benefit of this was marked improvement in performance. The downside was a gutting of the app’s features. The negative response to Final Cut Pro X was so strong that Apple lost a large chunk of the professional video editing market and it has since never made up that ground. Most moved to Adobe Premiere which over the next decade would solidify itself as a major player in the professional space, both in small teams and feature-length productions.

But public perception of Adobe has dipped in recent years. The switch to a subscription plan has left many editors dissatisfied, especially considering how inflexible Adobe has been with its plans — the lack of an a la carte option leaves creative professionals either the option to only edit photos or pay for a large number of apps they’ll never use if they want to get Premiere Pro. Performance has also been a regular complaint across Adobe’s ecosystem with Lightroom and Premiere Pro the focus of most of the consternation.

Adobe does seem to have lost a lot of good will, its current offerings are not very good Mac citizens, and Apple doesn’t seem to be promoting them as much. On the other hand, we all remember Aperture and the other pro apps that Apple discontinued. Final Cut Pro and Logic are the anomalies where Apple’s heart stayed in it. With the other creative apps—even iMovie—it just seemed to lose interest.

See also: Accidental Tech Podcast.

Previously:

Update (2024-11-25): John Gruber (Hacker News):

Apple clearly understands the appeal of subscription bundles too, with Apple One. Despite the fact that Apple didn’t switch to subscription pricing for Final Cut Pro 11 for Mac, I still expect them to sooner rather than later, and if they do, I would further expect a bundle. Apple is never going to offer a swath of creative tools as broad as Adobe’s, but the biggest missing pieces right now would be alternatives to Photoshop and Lightroom. My gut feeling is that’s why they acquired Pixelmator and Photomator. They could sell a bundle for, just spitballing here, $20/month or $200/year that would include the Mac and iPad versions of Final Cut Pro, Logic Pro, Pixelmator, and possibly Photomator. Maybe throw in some extra iCloud storage.

Retrofitting Spatial Safety to Hundreds of Millions of Lines of C++

Google Security:

Based on an analysis of in-the-wild exploits tracked by Google’s Project Zero, spatial safety vulnerabilities represent 40% of in-the-wild memory safety exploits over the past decade[…]

[…]

A key element of our strategy focuses on Safe Coding and using memory-safe languages in new code.

[…]

However, this transition will take multiple years as we adapt our development practices and infrastructure. Ensuring the safety of our billions of users therefore requires us to go further: we’re also retrofitting secure-by-design principles to our existing C++ codebase wherever possible.

[…]

Hardened libc++, recently added by open source contributors, introduces a set of security checks designed to catch vulnerabilities such as out-of-bounds accesses in production. […] Hardening libc++ resulted in an average 0.30% performance impact across our services (yes, only a third of a percent).

Previously: