Sure wish Calendar would remember that I’ve turned off its notifications on the Mac.
Apple Music Connect: mjtsai.com/blog/2016/02/2… #mjtsaiblog
3 Months to Build, 3 Months of App Store Rejections: mjtsai.com/blog/2016/02/2… #mjtsaiblog
The iTunes Store’s Border Control: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Most Android Phones Are Not Encrypted: mjtsai.com/blog/2016/02/2… #mjtsaiblog
@landonfuller @ameaijou Was it because of the code or because they were not honest when applying for the cert?
@ameaijou @landonfuller Yep. I can’t imagine how they thought Apple would let this slide.
Apple Blacklists Own Ethernet Driver: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Apple Retail Changes: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Google AMP and Facebook Instant Articles: mjtsai.com/blog/2016/02/2… #mjtsaiblog
The End of Standardized Platforms: mjtsai.com/blog/2016/02/2… #mjtsaiblog
@leebennett I think I may have done so initially, before the current settings layout, and forgot about it.
@optshiftk It sounds like iCloud backups are encrypted on disk but that Apple can unlock them—not the case for iTunes backups.
@optshiftk Seems like you are right about what the backups include. I’m not convinced about the encryption, depending on what that means.
@jpohh It’s too bad, because this is something lots of people want, and it’s tricky to do it yourself. Good case to put it in framework.
@jpohh There have always been problems, and I keep hearing about more.
Apple Working on Removing iOS Backdoor: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Core Data Join Table Records Not Deleted in Ordered Relationship: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Turn Off Repeating Text Message Alerts: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Use iTunes, Not iCloud, to Back Up Your iPhone: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Introducing the B3 JIT Compiler: mjtsai.com/blog/2016/02/2… #mjtsaiblog
@radiofreelunch Yes, FogBugz is the reason I figured out this was happening.
@catlan @danielpunkass They use Apple Mail. No generator that I can see, but there are Apple or f.lux color profiles. Manually cropped.
Lots of customers are sending me PNG files with ".jpg" as the extension. Anyone know what causes this? Seems unlikely to be user error.
Pain Free Constraints With Layout Anchors: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Write Code That Is Easy to Delete: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Still seeing the iOS bug where Spotlight shows the search list on top of a grid of pixelated app icons.
iOS 9.3 Removes Pencil Interface Control: mjtsai.com/blog/2016/02/2… #mjtsaiblog
How ZergHelper Evaded App Review: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Use and Misuse of NSUserDefaults: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Amazon Increases Free Shipping Threshold: mjtsai.com/blog/2016/02/2… #mjtsaiblog
@morrick One of the best keyboards ever, except for the arrow keys.
@avidrissman Wait until you try Thunderbolt.
What Is the Secure Enclave?: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Priorities in a Time of Plenty: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Priorities in a Time of Plenty: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Priorities in a Time of Plenty: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Priorities in a Time of Plenty: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Priorities in a Time of Plenty: mjtsai.com/blog/2016/02/2… #mjtsaiblog
Apple Mail is not saving rule changes to disk because of an error loading metadata from iCloud.
The FBI/Apple story gets even weirder: mjtsai.com/blog/2016/02/1… (updates from @gruber and @rosyna)
I updated the Mac App Store certificate problems post with new info from Apple and @rbrockerhoff: mjtsai.com/blog/2016/02/1…
Swift Protocols With Associated Types: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Macs 10% Share of Notebook Market: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Not Too Late to Change: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@ameaijou I think that’s been happening to me, too.
@siegel @wadeco FWIW, TextWrangler for me has a receipt from 2015-11-12 and exits with 173. No system dialog about it being damaged.
@siegel @wadeco I thought it wasn’t supposed to matter which certificate you had when the app was built, only that validation code works.
Where Your iPhone Goes to Die (and Be Reborn): mjtsai.com/blog/2016/02/1… #mjtsaiblog
“Other” Storage on Your iPhone and iPad Explained: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Cupertino’s Chief Chipmaker, Johny Srouji: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@kerri9494 @notio More on the libraries/Tor story: vnews.com/news/21107757-…
@uliwitness Yeah, but why didn’t it download a new version automatically?
@mbcharbonneau Neither of Apple’s two pieces of advice—that the OS will tell me the app is damaged and that I should restart—worked.
@danielpunkass @ReadKit Restarting didn’t fix it, but delete and reinstall did. So I guess it was Apple’s fault.
Not sure whether it’s their fault or Apple’s, but @ReadKit no longer launches for me due to a receipt/signer issue.
FogBugz 8.15.267: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@FogCreekStatus The release date says 2015 instead of 2016.
@MacSparky Looks like the URL in your post should be: kitchensinkwp.com/podcast-e103-i…
@landonfuller @rosyna Whether the code exists doesn’t matter technically but does legally. Is that it?
@landonfuller @rosyna I thought you were just saying that the way it’s designed they *could* do what the FBI wants. Not that it exists now.
@landonfuller I suppose you’re right. Could it be any other way?
@Usr_NeXT Yes, it’s frustrating that some of the Post commenters don’t seem to understand what Apple is being asked to do.
FBI Asks Apple for Secure Golden Key: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@rosyna @drewthaler Perhaps security-scoped bookmarks are supposed to work in this case, but in practice they didn’t.
@rosyna @drewthaler Similar issue in that some AppleScripts don’t work from sandbox, even when run using NSUserAppleScriptTask.
@rosyna @drewthaler If it’s a Gatekeeper issue, it’s one that only applies when the launching process is sandboxed.
@rosyna @drewthaler Not handy. DTS eventually explained it to me; they were initially unaware, too. I fear more undocumented cases like this
@rosyna @drewthaler No, there are cases where the document can't be opened if the app for it isn’t sandboxed, even if you punch a hole.
@rosyna @ameaijou @drewthaler I don’t think the link that you posted offers blanket exceptions. Plus, those are temporary.
@Schwieb @rosyna @ameaijou @drewthaler The fact that it’s not documented makes it seem risky to rely on.
@rosyna @ameaijou @drewthaler Second issue is if I pare down to what’s supported, think things are OK, then run into bug or new restriction.
@rosyna @ameaijou @drewthaler First issue is what’s not possible, even with non-MAS entitlements, at least in a documented/supported way.
@rosyna @drewthaler For example, -[NSWorkspace openFile:]. The rules have changed several times w/ OS versions and are not documented.
@rosyna @ameaijou @drewthaler Yes, I’m saying there should be more. I don’t want to run into a road block *after* adopting sandboxing.
Swift Evolution Proposals: mjtsai.com/blog/2016/02/1… #mjtsaiblog
AppleWorks and the Capriciousness of Nostalgia: mjtsai.com/blog/2016/02/1… #mjtsaiblog
How to Fix the Safari t.co Twitter Problem: mjtsai.com/blog/2016/02/1… #mjtsaiblog
More Mac App Store Certificate Problems: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@DevMateApp Is your SDK open source?
@rosyna @ameaijou @drewthaler But only specific targets/ports that are known at compile time, right?
@rosyna @drewthaler I’m not just talking about file system access. But, re: files, really want to be able to fix ownership/permissions.
@rosyna @drewthaler And it doesn’t, AFAIK, address APIs that area available but behave differently when the app is sandboxed.
@rosyna @drewthaler If you’re referring to the big red button, that doesn’t sound like something that should be relied on.
@ameaijou @rosyna @drewthaler No, I mean the entitlements should go beyond what Apple would accept in the store.
@danielpunkass @michaelpryor Yep. I once got a refund for FogBugz. A few years later, tried it again. Now been using it for about 7 years.
@rosyna @drewthaler Even for things that would never be approved in the Mac App Store, so that every Developer ID app can be sandboxed.
@rosyna @drewthaler If that sort of thing is a major concern, Apple should offer lots more entitlements.
@rosyna In terms of actual problems affecting Mac users, I read a lot more stories about bugs and bad apps than this type of exploit.
@drewthaler @rosyna Agreed.
@rosyna I’m familiar with that, but it seems like a relatively small risk compared with plain bugs (like Adobe’s) and malicious apps.
@rosyna But, aside from your example of Flash, where is the code that’s exploiting these bugs?
@rosyna So you’re saying that the reason the Mac App Store requires sandboxing is to protect against Flash, which most apps don’t use?
@rosyna Where is that code running? And why wouldn’t it also be able to make the app ask the user which files to destroy, as you say?
@rosyna Macworld and others have reported it’s to protect against malicious apps that made it through App Review: macworld.com/article/293723…
@rosyna Apple’s docs says "Enable App Sandbox to Minimize Damage from Malicious Code". developer.apple.com/library/mac/do…
@rosyna I’m not sure how the original reason the technology was developed is relevant to the policy decision about using it now.
@rosyna I don’t remember that being presented as the main motivation. I don’t think anyone’s worried about apps accidentally printing.
@rosyna Why not? Isn’t that part of why the Mac App Store requires sandboxing, as a backstop against malware?
@jimmyjamesuk123 @rosyna The model is fine. The problem is the implementation and lack of documentation.
@jimmyjamesuk123 @rosyna One of the developers was talking about the UI problems a few days go. Also limitations for macros and AppleScript.
@jimmyjamesuk123 @rosyna No one is saying it doesn’t offer security when it’s used.
@jimmyjamesuk123 @rosyna You could blame the user. But I would say it’s a poorly designed feature that failed in the real world.
@jimmyjamesuk123 @rosyna Consider a feature that prompts for every FS access. No security in practice b/c users will turn off or not read.
@jimmyjamesuk123 @rosyna Kind of like how PGP doesn’t really make e-mail secure because it’s too much of a pain for most people to use.
@jimmyjamesuk123 @rosyna In this case it didn’t offer security because it failed to convince the developer that it was worth adopting.
@jimmyjamesuk123 @rosyna The point is that it’s perfectly understandable Adobe didn’t want to use the sandbox because of all its problems.
@rosyna A bug from a legit developer is not malware or an exploit. I think you’re misunderstanding what his point was.
@rosyna That's not what's happening here.
@danielpunkass That had happened to me in the cold as well.
Seems to have worked except that icloud.com says there were 19 contacts that failed to import, and it won’t tell me which ones.
Restoring Grandma’s contacts: download AddressBook folder from CrashPlan, open in VMware, export .vcf, import into icloud.com.
@mdhughes Fixing but not communicating is only really a problem if they close the issue and the fix ended up being for something else.
“Crashes are down” is not a response to “death of a thousand cuts.” It's a non sequitur.
And…I just got another password prompt after unlocking just a few hours ago—to purchase a free app.
It’s that developers have so little confidence that filing a Radar will lead to the bug being fixed at all.
The main issue with external Radar is not that developers aren’t notified about which release a fix will be in.
@pgor In my case, the phone is not plugged in a night, which is when this usually happens to me.
@mcelhearn Supposed to be 48, right? In any case, it often asks me after about 8 hours.
How many years has Touch ID been out, yet some mornings still wants my password to unlock for seemingly no reason? support.apple.com/en-us/HT204587
Apple Store genius messed up migration to my grandmother’s new iMac: contacts lost, Dock rearranged and apps removed, CrashPlan removed.
@leebennett Hope it’s not deleting your versions data. But maybe it doesn’t have privileges to do that.
@dafacto Did your cache update yet?
iCloud Is Too Opaque: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Removed the WordPress emoji JavaScript that cause causing bloat and validation failures: wordpress.org/support/topic/…
Adobe Creative Cloud Installer Deleting Hidden Files: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Testing NSURLSession With Swift: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Piezo Exits the Mac App Store: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Concurrent Memory Deallocation in the Objective-C Runtime: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@danielpunkass @gte @grynspan Right. I want TextExpander to be able to tap events. I don’t need it to access my whole hard disk or network.
@fzwob Thanks for the suggestion, however sending to a Gmail account did not work for me. Maybe there are multiple problems.
@CocoaKevin That worked. Thanks!
@danielpunkass Right now, must forego all sandbox protections if your app needs one thing that doesn’t work in the sandbox.
@fzwob What are you sending from?
@CocoaKevin How did you get 7.2.1 to work?
Still seeing occasional blank filenames in Finder column view after renaming. Maybe fixed in 10.11.4?
Using Xcode Bots: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Swift Mailing Lists Are Self-Selecting: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Google AMP Launch Looms: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Swift Struct Storage: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@ameaijou Thanks. Will probably post tomorrow.
Vector Networks, an Alternative to Paths: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Pragmatic Core Data: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Benign Neglect of Time Machine: mjtsai.com/blog/2016/02/1… #mjtsaiblog
Dates, Done Right: mjtsai.com/blog/2016/02/1… #mjtsaiblog
@dafacto It will do that if you tell it to Search All Fields from the search field menu.
The Secret Story Behind Apple’s “Lemmings”: mjtsai.com/blog/2016/02/0… #mjtsaiblog
The Flaws of KVO: mjtsai.com/blog/2016/02/0… #mjtsaiblog
El Capitan and tvOS Criticized by Vestibular Disorder Sufferer: mjtsai.com/blog/2016/02/0… #mjtsaiblog
The Flaws of KVO: mjtsai.com/blog/2016/02/0… #mjtsaiblog
El Capitan and tvOS Criticized by Vestibular Disorder Sufferer: mjtsai.com/blog/2016/02/0… #mjtsaiblog
The Flaws of KVO: mjtsai.com/blog/2016/02/0… #mjtsaiblog
El Capitan and tvOS Criticized by Vestibular Disorder Sufferer: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Google Deprecated “Security Questions”: mjtsai.com/blog/2016/02/0… #mjtsaiblog
How to Unlearn Misspellings: mjtsai.com/blog/2016/02/0… #mjtsaiblog
@bwebster I think they renamed Agile to Planner and also moved it to the other side.
The Evolution of a Haskell Programmer: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Mail searches are finding messages that don't match query and skipping ones that do. I guess it’s time to rebuild Spotlight again.
Stop Watch: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Error 53: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Mossberg Discovers the Functional High Ground: mjtsai.com/blog/2016/02/0… #mjtsaiblog
The MacBook Pro Tweener: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Apple Music Problems: mjtsai.com/blog/2016/02/0… #mjtsaiblog
@leebennett I think you’d be a great interview for @MacSparky.
Highway Gothic to Clearview—and Back: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Massive and Tiny View Controllers: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Massive and Tiny View Controllers: mjtsai.com/blog/2016/02/0… #mjtsaiblog
A Conversation With Erik Spiekermann: mjtsai.com/blog/2016/02/0… #mjtsaiblog
My iPhone Home Screen: mjtsai.com/blog/2016/02/0… #mjtsaiblog
czechboy0 ⚠️ Xcode Server users! There's an issue with Xcode 7.2.1, so if you at all can, don't update your Xcode Server and keep it on 7.2/7.3!
Updated to Xcode 7.2.1, and now can't get Bots to work. Select Xcode.app in Server, stuck at "Preparing to configure" sheet.
Bug with some HTML messages in Mail (10.11.x) where unable to scroll down in preview pane until first switching to another app or window.
I read about how AppleScript support is back in Numbers, but it doesn't seem to actually work. mjtsai.com/blog/2016/01/2…
@nickheer Seems only fair to give them a few bug fix releases to see if things stabilize.
@ccgus I finally had to recently.
@jsnell Thanks. Meant to link to that, but I must have closed the Safari tab prematurely.
Value vs. Reference in Swift: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Swift Optimization Tips and Reference Counting: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Kindle Update: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Switching to HTTPS: mjtsai.com/blog/2016/02/0… #mjtsaiblog
@bwebster @tweetbot Looks like there is in fact a bug where pressing F after right-arrowing into a conversation doesn't work.
Nate Cook, Drew Crawford, and others make some good points in favor of keeping “NS” for Foundation types in Swift: mjtsai.com/blog/2016/01/1…
@rosyna Thanks for that link.
@rosyna I get that, but I don’t understand why I would want my browser to be able to do that silently, especially via JavaScript.
@rosyna What I meant by that is, why is WebKit executing any non-JavaScript code?
@rosyna Did anyone imply otherwise?
Seven Swift Snares: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Sparkle Updater Vulnerability: mjtsai.com/blog/2016/02/0… #mjtsaiblog
The Futility of Pleasing All Users: mjtsai.com/blog/2016/02/0… #mjtsaiblog
Make Money Outside the Mac App Store: mjtsai.com/blog/2016/02/0… #mjtsaiblog