Category Archives: Apple

Off By One Half

A friend was complaining that his wrist size falls more naturally between two size holes on his Apple Watch sport band. The holes are spaced so closely together that they don’t really give you an option of improvising an extra hole.

To increase the odds of a good fit, Apple includes two “holey” band segments with the Sport product: one for “Small/Medium” and one for “Medium/Large”. The natural result of this for many of us is that we get to choose which of the band segments to use. If you’re a “medium” then you’re likely using one of the last four holes on the smaller band, or the first four holes on the larger one:

Small, medium and large watchband holes on Apple Sport band.

I thought it would have been a supremely “Apple thing” to do if the holes that overlap, at the medium-sized positions, were carefully offset such that they were in fact half-sizes on one band in relation to the other. So, I drew lines through each of the holes’ (rough) centers, to see where the lines correlate on the opposing band segment:

Apple Watch Sport band hole alignment

Putting aside my imperfect placement of the watch bands on the floor, this is pretty interesting! Maybe not precise enough to indicate Apple intentionally designed it this way, but it’s convenient that the holes line up offset from one another. If your wrist size lands in the “medium” zone on the Sport band, switching from the “Medium/Large” to the “Small/Medium,” or vice-versa, could be just the adjustment to help fine-tune the grip of the watch to your wrist.

Update May 20, 2015: Jörg Schwieder on Twitter offered an insight that I hadn’t considered: the way the holes line up linearly on the floor is not a sufficient comparison because, in the case of the longer strap, the excess overlap that then slides under the counterstrap narrows the overall diameter of the band, such that it squeezes slightly tighter on your wrist.

I’m not sure if this exactly counteracts the size discrepancy of the hole placement. It’s possible the discrepancy was itself an intentional design to counteract this phenomenon. In any case, if you try to switch up from a small band to a larger band, and it feels a little snug yet, you might try trimming (egad!) the long end of the strap so that it creates less volume under the band when you tuck it away.

Another sizing hack this brings to mind is that, if you find something comfortable to glue to the underside of the non-hole half of the band, you would effectively increase the volume and tighten up an otherwise loose fit.

Nineteen Years

Nineteen years ago today, I joined Apple as a full-time employee.

I was 20 years old, on the verge of 21. I dropped into a workplace filled with the most ambitious, most laid-back, most serious, most bizarre, most intelligent, least obsessed-with-intelligence people I have ever met. They made up, and were made from the culture that is Apple.

If you had told me 19 years ago that Apple would become the most successful company in the world, I would have believed you. Even at its lowest points, the place seemed to be teeming with latent success. It’s why I wanted to work there so badly, and why I’m so glad that I did.

The Risks And Rewards Of Criticism

Marco Arment responded to speculation by Eli Schiff that he and other Apple developers hesitate to criticize Apple for fear of retribution.

I was particularly surprised by the section of Schiff’s post that described Shifty Jelly developer Russell Ivanovic’s experience of being cut off by Apple from what had previously been a well-supported position. The way it’s described in the post, Ivanovic’s close marketing ties to Apple were severed when he decided to launch a version of his app on the Android Play store before Apple’s App Store. I haven’t listened to the podcast yet, but it sounds great, and may provide slightly more details about the situation.

Ivanovic’s experience sounds devastating, but it doesn’t strike me as treatment that many developers should live in fear of also suffering.

As a company, Apple doesn’t care about individual developers. This works both ways of course: they don’t go out of their way to help, but also don’t go out of their way to harm. When a developer benefits or suffers at the hands of Apple, I believe it’s always thanks to either a wide-sweeping corporate policy that affects all developers, or to an individual at the company whose everyday choices on the job can have a profound impact. An editor who chooses to feature an app on the store, for example, or a reviewer who chooses to notice and raise a fuss about a slightly non-compliant behavior in an app.

I’m confident that at the level of individuals within Apple, efforts are almost always in the spirit of helping developers. You don’t have to meet many Apple employees to form an opinion that, on the whole, the company is made up of good people. So, naturally, the majority of folks there are working to cause good outcomes for people both inside and outside of Apple. The culture at Apple leans towards building people up rather than tearing people down. This is, incidentally, why their products tend to be so great. And why in spite of some truly confounding decisions, the company tends to promote stellar third party products through its App Stores.

On the other hand, the company is huge, and you simply can’t have that many thousands of people in varying positions of power without having at least tens or hundreds of spiteful, angry, petty people in positions of power. Oops, that sucks. While I was trying to make sense on Twitter of Ivanovic’s unfathomably petty experience, another slighted developer chimed in. Matthew Drayton, who like Ivanovic lives and works in Australia, pins his own similar experience on an individual:

I can’t quite tell if the implication is that the same individual is likely to be responsible for the “blackballing” that both Drayton and Ivanovic say they’ve felt. But for the sake of Apple, I hope it is indeed down to one person. One person can often be fired, reprimanded, or simply decide to move on. It would obviously be much worse if there were a systematic policy of suppressing developers who fail to “walk the line,” to to speak.

The risks of being critical are usually not on the scale of upsetting an entire company and suffering its wrath. Instead they are on the scale of possibly upsetting, or merely frustrating, or even just vaguely losing attractiveness to an individual whose help you would otherwise have enjoyed. This is true both in the context of Apple and outside of it. For example, an off-hand remark about the bitterness of the coffee at your local shop might earn you a less professional effort on your next visit.

On the other hand, an astute barista may take the criticism to heart and become hell-bent on ensuring your next cup exceeds expectations. This is what happens when well-formed criticism meets the ears of a confident, competent individual: the facts are taken to heart and studied, perhaps grudgingly. But upon reflection and determination that there was merit in the complaint, respect for the source of provocation goes through the roof.

These are the risks and rewards of criticism: depending upon how far your opinions reach, you may garner either immense respect or massive disdain from the individuals who consider it. In that light, is it risky to be publicly critical of a company upon which you base your entire livelihood? Possibly. But it could be just as risky to remain meekly under the radar while the thoughtful professionals at that company go out of their way to reward the people whose meaningful criticism they value.

Crazy Apple Car Rumors

When I first heard rumors about Apple’s alleged development of a car, I disregarded them without thinking. The idea that the company would stretch its focus so far away from its current line of computer software and hardware products seemed ridiculous, and happened to overlap with countless jokes over the years about the hilariousness that would ensue if Apple entered this, that, or another market.

My head jerked to attention however when the Wall Street Journal recently added its weight to the rumors, giving a code name “Titan” for the project, and asserting that there are hundreds of employees already working on the team.

Even in the wake of this revelation I clung to my skepticism, sensing that it would simply be too “out there” for Apple to tackle the automotive market. I agreed with reasons cited by folks such as Jean-Louis Gassée, who dismisses the idea as fantastical based on comparatively low profits, challenging customer-service obligations, and the absence of Moore’s Law-style advances over time in automotive technologies.

But today’s report from Jordan Kahn of 9to5Mac, listing a variety of automotive-industry experts who are now working for Apple, has really got me doubting my earlier dismissiveness.

What does it mean that Apple has hired a significant number of people with expertise in the auto industry? To me it means that they are either making a car, or that they are making a product that they know will uniquely leverage the abilities of people familiar with cars.

Personally, I’ve flipped over to being cautiously optimistic that the Apple car will become a reality. My first inclination was to worry that it represented a deparature of focus for Apple, and that it would mean stretching their limited resources even thinner. But the 9to5Mac story drives home that a lot of the expertise required to pursue this dream, if that’s what they do, can be hired from outside the pool of software and hardware engineers that Apple has typically employed. I think it’s reasonable, for example, to be optimistic that a drive-train engineer’s efforts are not being wasted by working on a car instead of a MacBook Pro’s cooling fans.

Putting aside the significant effort of designing, manufacturing, marketing, distributing, and servicing a line of Apple-branded vehicles, having these products exist and in use by even a modestly large number of customers would offer some interesting benefits to Apple. Particularly, I’m curious to see how they might leverage the technological ownership of a whole car to serve their ambitions in mapping and navigation.

I thought it was a big loss for Apple when Google acquired Waze, the crowd-sourced navigation service that uses mobile phones to collect traffic data. Since then, I’ve been hoping that Apple might eventually offer a similar solution. With a suitably pre-rigged Apple car, the amount and quality of data collection might leapfrog even Waze’s impressive installed base. Imagine even 100,000 Apple cars in the US, equipped with built-in cameras on four sides, transmitting GPS and environmental graphics (anonymously and with user consent!) to Apple HQ. It might finally give Google something to worry about (assuming Google’s own cars haven’t already captured as much interest).

These rumors have fueled an enormous amount of speculation outside of Apple about whether or not they should build a car. Regardless of whether they do so or not, it’s clear from the amount of automotive-related hiring they have done that a great deal more speculation has probably been done inside of Apple, by minds that are now suited to make constructive decisions about whether Apple will build a car, what kind of car it will be, and when it will be available. I for one can’t wait to see what comes of it all.

The Siri Standard

John Gruber writes about his impression that Siri’s performance has improved over the past year:

Siri is noticeably faster than it used to be. Even just a year ago, I don’t think Siri could have held its own with Google Now pulling information like the current temperature or sports scores, but today, it does. Apple has clearly gotten much better at something everyone agreed was a serious weakness.

Michael Tsai chimes in with agreement, emphasizing improvements in reliability:

I had stopped using it because for years it would essentially throw away what I’d said. It was either unavailable (most of the time) or it didn’t understand me properly (less often). Now I regularly use it to make reminders while driving, and it pretty much always works.

I use Siri in much the same way that John and Michael seem to: for quick, relatively simple data inquiries, text messages, timers, and reminders. I share their impression that Siri has gotten faster and more reliable. It was most striking for me when I first updated to the iPhone 6:

I’m really impressed with the speed and accuracy of Siri on my iPhone 6. It’s exciting to know that Apple is making such progress on this.

Which is not to say Siri is perfect or doesn’t cause frustration to me and others. I use it frequently enough that I’m probably stymied by its misinterpretation of my command at least once a day. But the consequences of the misbehavior are usually not dire, and can be remedied right away. Usually it’s just a matter of sighing and rephrasing the command with a structure that I know will be “more Siri compatible.” And every so often, I say something instinctively before remembering “oh, that doesn’t work with Siri,” but before I’ve had a chance to cancel and restate it, I discover that in fact, it now does work with Siri. I know some people will have horror stories about Siri’s behavior, but for me, and apparently many others, It’s quietly improving all the time.

How many other Apple technologies are earning this kind of unsolicited praise right now? Especially in light of recent discussions about perceptions of a steady decline in quality, the progress by Apple in the Siri department is particularly noticeable.

What if all of Apple’s high-impact technologies were improving so demonstrably that folks were moved to praise the progress? What would the usually gripe-filled Apple blogging, Twittering, and forum-posting scene sound like? Let’s indulge the dream that these enthusiastic posts might grace the web someday soon:

It’s been weeks since I restarted any of my Airport routers. File sharing between my Macs “just works.” Great work, Apple!

Continuity and AirDrop have become so reliable, I actually worry more about data getting lost by emailing it to myself than by beaming it instantly with Bluetooth.

Just deleted Google Maps from my phone. Apple has work to do with placemarks, but these new transit directions are awesome! A huge step above what we lost years ago, and I’m so much more comfortable having Apple handle my private location data.

Tried to backup my phone to iCloud, and Apple says I’m 2GB over my storage limit. It’s cool that they do the backup anyway, and give you 30 days to decide whether to upgrade the plan or download the backup archive. Seems like upgrading is a no-brainer?

No serious complaints about my apps for a year, so Apple just updated my account to “Solo” status. It’s so great to publish updates immediately to my customers. This is a privilege and a responsibility!

OK, OK. Some of these may be a little over the top. But, a boy can dream, can’t he?

I don’t doubt that the groups at Apple responsible for these … less often praised … technologies are comprised of individuals striving to improve things as quickly as possible. It’s hard to say how much the impression of slow progress is due to internal challenges we don’t know about, Apple’s lack of knowledge about the breadth of defects, or the public’s perception being skewed by severity of the impact from problems that persist.

Whatever combination of luck, hard work, and pragmatism is powering the Siri team’s “year of good work,” perhaps it should serve as a model, or at least as a symbol of hope for these teams as they move forward adding features, fixing bugs, and finessing the public’s perception of the value of their work. A world in which every group at Apple somehow achieved the standard of apparent progress that Siri has achieved would be a very good world indeed.

The Functional High Ground

Marco Arment laments his perception that Apple’s software quality is in such a rapid decline that the company has “completely lost the functional high ground.” I like this turn of phrase, even if I don’t agree with the extremity of the sentiment. Marco expands:

“It just works” was never completely true, but I don’t think the list of qualifiers and asterisks has ever been longer. We now need to treat Apple’s OS and application releases with the same extreme skepticism and trepidation that conservative Windows IT departments employ.

I myself am particularly paranoid when it comes to Apple’s future. I spent the earliest years of my professional career working for the company, and to this day I consider the education I received at Apple to have been equal parts technical and philosophical. I learned not only how to build quality software, but why it should be done: to not only serve customers, but to delight and surprise them.

For years, my concerns about Apple’s future have been largely to do with my worry that those philosophical values are decreasingly shared by Apple’s engineering staff and management. And yet, over the years, I have been surprised and delighted by the steady stream of new, quality products that Apple releases.

The current state of Apple’s software does not particularly concern me. Are there embarrassing blemishes? Yes. Does the annual schedule for major OS updates seem rushed? Of course. Are there Apple employees in positions of power who do not share Marco’s and my enthusiasm for software that “just works?” I regret to surmise that, indeed, there are.

But I’ve indulged these doubts about Apple since shortly after I was hired … in 1996. The mysterious, seemingly magical nostalgic components of Apple’s past success have always seemed threatened by the rapid waves of change that undo and reconfigure the company’s priorities. After the NeXT acquisition in late 1996, many of my colleagues and I feared the influx of new engineers would spell the end of the Mac as we knew it. In fact it did, but the new priorities of Mac OS X meshed well with the old priorities of Mac OS 9, yielding what I believe is an undisputably better, more Apple-like operating system than Apple was likely to have come up with on its own. There were many fits and starts along the way, including questions about arcane matters such as filename extensions and case sensitivity. These were but a few of many questions that would seem to make or break the legacy of the Mac. Choices were made, hearts were broken, and the Mac lives on.

Since I left Apple in 2002, I have been no stranger to criticizing the company for its flaws. The mistakes they ship in hardware and software are sometimes so glaringly obvious, it’s impossible to imagine how any engineer, manager, or executive could suffer the embarrassments. And yet, sometimes these defects linger for years before being properly addressed.

The problem has also been a focus of popular geek culture at many, many times in history. Way back in 2005, Dan Wood of Karelia was so frustrated by persistent flakiness in Apple’s software that he encouraged developers to report an Apple bug on Fridays. It worked: myself, Brent Simmons, Wolf Rentzsch, Sven-S. Porst, and countless others were moved to file bugs not just that Friday, but for many weeks to follow.

Over the years I have never been at a loss for identifying problems big and small with Apple’s products, or with the way it conducts its business. I’m sure I had plenty of complaints starting in 2002, but I didn’t start blogging in earnest until 2005. Here are some highlights to remind you that things have never been fine with Apple:

  • 2005 – Keychain Inaccessibility. I lamented the poor behavior of Apple’s Keychain Access app, even after improvements that came in Mac OS X 10.4.3. Nearly ten years later, to the delight of the folks who make 1Password, this embarrassment remains largely uncorrected.
  • 2006 – We Need a Hero. I shined a light on the difficulty of implementing AppleScript support in applications. Things have steadily improved, but are still very frustrating and error-prone. At least now we have two automation languages to pull our hair out over.
  • 2006 – All Work and No Play… Apple’s first Intel portable computer was a sight for sore eyes, but a cause of sore ears. The maddening “CPU whine” persisted through several iterations of the hardware design until the machines finally became more or less (to my ears) quiet.
  • 2007 – Leopard Isn’t the Problem. Speaking of annual software release schedules, here’s my nearly 8-year old reaction to Apple’s failure to meet the planned release schedules for both Mac and iOS in parallel. Is Apple suddenly more fixated on marketing than on engineering? Not by my assessment that their statement way back then was “bluntly crafted, sleazy marketing bullshit.”
  • 2008 – NSURLConnection Crashing Epidemic. Wouldn’t it be embarrassing if Apple shipped a bug so pervasive that it could crash any app that uses Cocoa’s standard URL loading mechanism? That’s what they did in Mac OS X 10.4.11, and it took them months to fix it. When they finally did, I ended up receiving a security update credit!
  • 2009 – Is Apple Evil? Speaking of embarrassments, how pathetic is it that nearly 7 years after the iOS App Store debuted, capricious rejections are still a mainstay of iOS tech journalism? In 2009, I reacted: “Alongside the stubbornly perfected refinement of its products, marketing, and public image, the company has always worn blemishes such as these.” Some things truly never change.
  • 2010 – Surviving Success. From the midst of “antennagate,” in which Steve Jobs accidentally coined the famous anti-advice “you’re holding it wrong.” I fretted that Apple was losing its marketing cool, and that Jobs should chill out:

    He spins the truth in that barely plausible manner that used to be celebrated as the “reality distortion field,” but now comes off as purposefully dishonest and manipulative.

    We don’t have Jobs to blame any longer for Apple’s less tasteful distortions of reality.

  • 2011 – Huh. I couldn’t find any particularly cogent complaints in my archives. Maybe I was too busy reacting with panic to Apple’s new Mac Application Sandbox. I did complain in an interview with The Mac Observer about “having to come to terms with the vast amount of stuff that Apple’s doing,” but that “it’s been a persistent, joyous complaint … that Apple is doing too much.”
  • 2012 – Fix the Sandbox. Having fully digested the impact of the Sandbox on shipping apps, I drew attention to the many problems I saw in Apple’s approach to (allegedly) enhancing user security:

    Given the current limitations of sandboxing, a significant number of developers will not adopt the technology, so its usefulness to users and to the security of the platform will be diminished.

  • 2013 – Respect the Crowd. Oh, right, Maps. Remember when Apple used to have reliable driving directions, place data, and even public transit directions?

    It’s all about the data. It doesn’t matter how beautiful Apple’s maps are, or how quickly they load, if they consistently assign wrong names and locations to the businesses and landmarks that customers search for on a daily basis.

    Apple has made significant improvements to their mapping data, and there are rumors, based largely in their acquisition of transit-oriented companies, that they may restore transit directions at some point. But to this day, Google Maps remains my go-to app for transit directions, while Google’s other directions app, Waze, gets my business for driving directions.

  • 2014 – Breach of Trust. We’re getting so close to modern times by now that Apple’s tactless imposition of a U2 album on everybody’s iPhone, whether they wanted it or not, could be considered part of Marco’s current diagnosis of what ails Apple. The nut of my take on the incident:

    It doesn’t matter much that Apple inserts an unwanted music album into your purchased list. But even a little move in a direction that threatens the primacy of users is a relatively big move for companies like Twitter or Apple, whose track records have inspired us to trust that we retain more authority over the personalization of these products than perhaps we do.

And now it’s 2015, and in the immortal words of Kurt Cobain: “Hey! Wait! I’ve got a new complaint.” Don’t we all. A company like Apple, moving at a breakneck speed, will undoubtedly continue to give us plenty to obsess about, both positively and negatively. I’ve been following the company closely since my hiring in 1996. Since that time, the company has consistently produced nothing short of the best hardware and software in the world, consistently marred by nothing short of the most infuriating, most embarrassing, most “worrisome for the company’s future” defects.

Apple is clearly doomed. I think Apple is going to be okay.

Push Notification Traps

Recently Marco Arment bemoaned Apple’s use of push notifications for promotional purposes. Apple sent a notification promoting their project (RED) products for sale in the App Store, which Marco judged as user-hostile and in poor taste, even if it can be argued it was “for a good cause.” I tend to agree with Marco on this point.

In the latest episode of the Accidental Tech Podcast, Marco, along with co-hosts John Siracusa and Casey Liss, talked more about the problem of notification spam in general and the difficulty of enforcing it at app review time. They seemed to be in agreement that the only realistic tool at Apple’s disposal is to devise a crowd-sourced flagging system for inappropriate notifications, and to use that collective information to pinpoint the worst offenders, and then to use that information to impose consequences upon them.

They went on to lament that Apple is not very good at these kinds of crowd-sourcing solutions, and that in all probability the vast majority of iOS users are not concerned or aware that they should be concerned about notification spam. The lack of consumer awareness about the nature of the problem could itself be a limiting factor in any crowd-sourced solution.

But I propose that Apple does have tools at its disposal that could help flag the worst offenders immediately, without the cooperation of the public, and without violating any user’s privacy.

All remote push notifications are delivered from an app’s developer to an end-user’s device via the Apple Push Notification service. This is good, because it puts Apple in a position to intercept and e.g. immediately shut down a bad actor from delivering notifications to any of its intended recipients. However, the content of all these notifications passing through Apple’s service is encrypted. This is good, even required, because it protects developer and company data from being eavesdropped. But it’s bad from an enforcement sense because it thwarts possible solutions such as using a Bayesian filter on content to flag spam, similarly to the way an app like SpamSieve works on the Mac.

So Apple has complete control over the distribution mechanism, but zero ability (apart from metadata including the originating company and the target device) to examine the content passing through. Game over? I don’t think so.

Apple can still use its unique role as the center of all things iOS to devise a system through which they would themselves be virtually subscribed to all unremarkable notifications from a particular app’s developer. Think about the worst notification spam you’ve seen. In my experience it’s not super-personalized. In fact, it’s liable to be an inducement to keep using the app, to advance in a game, to become more engaged, etc. I think Apple would collect a ton of useful information about spammy developers if they simply arranged that every app on the App Store that is capable of sending push notifications included, among its list of registered devices, a “pseudo-device” in Cupertino whose sole purpose was to receive notifications, scan them for spammy keywords, apply Bayesian filters, and flag questionable developers.

Because Apple controls the namespace for device IDs, has access to the executables for all the apps in the store, and is technically equipped to run these apps in contrived environments, they could coax applications to perceive themselves as having been installed and run on a device with ID of Apple’s choosing. In fact, it’s probably simplest if this very thing happens while App Store reviewers are evaluating apps. It’s true that they won’t see the spammy notifications during review, but the mechanics of triggering an app’s registration for future notifications would ensure delivery to a “trap device,” actually a giant database against which arbitrary research could be conducted.

This would not be a violation of anybody’s privacy, because only the artificial App Store review team’s data (if any) would be involved. Most likely, it would not capture most bona fide useful notifications, because reviewers wouldn’t use the app to the extent that such notifications are generated. But it would capture all the “send a notice to everybody whose every launched the app” and “send a notice to folks who haven’t launched lately” type spam. That seems like a pretty big deal.

At the very least, such a system could serve as a baseline mechanism for flagging developers, and in the event that some future crowd-sourced solution was unveiled, it would layer nicely on a system in which Apple was already collecting massive amounts of data about the most humdrum, spammy notifications that developers send.

Insecure Keyboard Entry

If you use a passphrase to control access to your computer, as you probably should, then it has no doubt become second nature to type it quickly when you sit down to get to work. If you’ve set an aggressive lock-screen timeout, as you probably also should, then you have become blazingly efficient at typing this password. Perhaps too blazing, perhaps too efficient.

If this sounds like you so far, perhaps I can complete the picture by describing the heart-stopping horror of sitting down to your computer after a short time away, methodically typing your password in to unlock it, only to realize the computer wasn’t locked at all, and you just typed it into a chat window, or worse, posted it to Twitter?

I set out recently to address this problem on my computer by writing my own nefarious little tool, which would act as a global keystroke sniffer, looking for any indication that I am typing my password, at which point it puts up a helpful reminder:

Panel reminding me not to type my password in plain text fields.

The beauty of this tool is it catches me at the moment I type my password (actually just a prefix of it, but that’s a technicality), and by nature of putting up a modal dialog that jumps in my face, absorbs any muscle-memory-driven effort to complete the password and press return in whatever insecure text field I might have been typing into.

You may wonder whether this prevents the legitimate entry of my password, e.g. into fields such as the system presents when asking me to confirm an administrator task? The answer is no, because part of the beauty of those standardized password fields is that Apple has taken care to enable a secure keyboard entry mode while these fields is active. While a standard password field is focused, none of your typing is (trivially) available to other processes on the system. So my tool, along with any other keyboard loggers that may be installed on the system, are at least prevented from seeing passwords being typed.

I’ve been running my tool for a few weeks, confident in the knowledge that it will prevent me from accidentally typing my password into a public place. But its aggressive nature has also revealed to me a couple areas that I expected to be secure, but which are not.

Insecure Input Fields

The first insecure input area I noticed was the Terminal. As a power-user, it is not terribly uncommon for me to invoke super-user powers in order to e.g. clean up a system-owned cache folder, install additional system packages, kill system-owned processes that are flying out of control, or simply poke around at parts of the system that are normally off-limits. For example, sometimes I edit the system hosts file to force a specific hostname to map to an artificial IP address:

sudo vi /etc/hosts
Password:

The nice “” is new to Yosemite, I believe. Previously tools such as sudo just blocked typing, leaving a blank space. But in Yosemite I notice the same “secure style” bullet is displayed in both sudo and ssh, when prompting for a password. To me this implies a sense of enhanced security: clearly, the Terminal knows that I am inputting a password here, so I would assume it applies the same care that the rest of the system does when I’m entering text into a secure field. But it doesn’t. When I type my password to sudo something in the Terminal, my little utility barks at me. There’s no way around it: it saw me typing my password. I confirmed that it sees my typing when entering an ssh password, as well.

The other app I noticed a problem with is Apple’s own Screen Sharing app. While logged in to another Mac on my network, I happened to want to connect back, via AppleShare, to the Mac I was connecting from. To do this, I had to authenticate and enter my password. Zing! Up comes my utility, warning me of the transgression. Just because the remote system is securely accepting my virtual keystrokes, doesn’t mean the local system is doing anything special with them!

What Should You Do?

If you do type sensitive passwords into Terminal or Screen Sharing, what should you do to limit your exposure? Terminal in particular makes it easy to enable the same secure keyboard entry mode that standard password fields employ, but to leave it active the entire time you are in Terminal. To activate this, just choose Terminal -> Secure Keyboard Entry. I have confirmed that when this option is checked, my tool is not able to see the typing of passwords.

Why doesn’t Apple enable this option in Terminal by default? The main drawback here is that my tool, or other tools like it, can’t see any of your typing. This sounds like a good thing, except if you take advantage of very handy utilities such as TextExpander, which rely upon having respectful, trusted access to the content of your typing in order to provide a real value. Furthermore, if you rely upon assistive software such as VoiceOver, enabling Secure Keyboard Entry could impact the functionality of that software. In short: turning on secure mode shuts down a broad variety of software solutions that may very well be beneficial to users.

As for Screen Sharing, I’m not sure there is anyway to protect your typing while using it. As a “raw portal” to another machine, it knows nothing about the context of what you’re doing, so as far as it’s concerned your typing into a password field on the other machine is no different from typing into a word processor. Unfortunately, Screen Sharing does not offer a similar option to Terminal’s application-wide “Secure Keyboard Entry.”

What Should Apple Do?

Call me an idealist, but every time that tell-tale appears in Terminal, the system should be protecting my keystrokes from snooping processes. I don’t know the specifics of how or why for example both ssh and sudo receive the same treatment at the command-line, but I suspect it has to do with them using a standard UNIX mechanism for requesting passwords, such as the function “getpass()” or “pam_prompt()”. Knowing little about the infrastructure here, I’m not going to argue that it’s trivial for Apple to make this work as expected, but being in charge of all the moving parts, they should make it a priority to handle this sensitive data as common sense would dictate.

For Screen Sharing, I would argue that Apple should offer a similar option to Terminal’s “Secure Keyboard Entry” mode, except that perhaps with Screen Sharing, it should be enabled by default. The sense of separation and abstraction from the “current machine” is so great with Screen Sharing, that I’m not sure it’s valuable or expected that keyboard events should be intercepted by processes running on the local machine.

What Should Other Developers Do?

Apple makes a big deal in a technical note about secure input, that developers should “use secure input fairly.” By this they mean to stress that any developer who opts to enable secure input mode (the way Terminal does) should do so in a limited fashion and be very conscientious that it be turned back off again when it’s no longer needed. This means that ideally it should be disabled within the developer’s own app except for those moments when e.g. a password is being entered, and that it should absolutely be enabled again when another app is taking control of the user’s typing focus.

Despite the strong language from Apple, it makes sense to me that some applications should nonetheless take a stronger stance in enabling secure input mode when it makes sense for the app. For example, I think other screen sharing apps such as Screens should probably offer a similar (possibly on by default) option to secure all typing to an open session. I would see a similar argument for virtualization software such as VMware Fusion. It’s arguable that virtualized environments tend to contain less secure data, but it seems dangerous to make that assumption, and I think it does not serve the user’s expectations for security that whole classes of application permit what appears to be secure typing (e.g. in a secure field in the host operating system) that is nonetheless visible to processes running on the system that is running the virtualization.

What Should I Do?

Well, apart from writing this friendly notice to let you know what you’re all up against, I should certainly file at least two bugs. And I have:

  • Radar #19189911 – “Standard” password input in the Terminal should activate secure input
  • Radar #19189946 – Screen Sharing should offer support for securing keyboard input

Hopefully the information I have shared here helps you to have a better understanding of the exposure Terminal, Screen Sharing, and other apps may be subjecting you to with respect to what you might have assumed was secure keyboard input.

iPhone 5: A Form Factor Worth Keeping

Since I got my new iPhone 6 (not plus), my biggest concern has been the increased size. There are certainly things to like about the larger screen, but I am one of those people who looks at the phone primarily as something that empowers me to do great things with a minimum of extra weight or bulk. I don’t wear skinny pants, per se, but I don’t wear cargo pants, either. I like to have the phone at easy reach but I also like to travel light, and to move through life with a certain bounce in my step that makes me feel vulnerable with a larger phone.

With those biases in mind, I’ve noticed after a week of using the new iPhone 6 that in fact the pocket feel is not too much of a problem. The main time I recognize it is when I’m stepping over a baby gate in our house that requires me to lift one leg completely to the level of my waist. In this situation, the iPhone 6 in my pocket is stressed in a way that my iPhone 5 was not. I don’t think it’s going to bend or break, and sure, I could always just open the gate. But the point is this is impacting my life even if in a very minor way.

I am also an avid runner. Given my hesitation to carry bulky items, you might laugh when I admit that for years now I have been carrying my iPhone 4 and then 5 with me on all my runs. I used to carry an iPod mini but switched to the iPhone when my habit of listening to podcasts made it more frustrating to synchronize than to just carry the dang phone. Fortunately, a running belt like the Run Lite Pack makes this a relatively low-impact proposition. After getting in the habit of having the phone, of course it became both an occasional aid and a constant reassurance. I take sometimes long runs of up to 10 miles, and having access to the maps and phone for emergency purposes is a nice perk.

When the iPhone 6 arrived, one of the first letdowns I noticed was that it doesn’t really fit in the Run Lite Pack. I can fit it, but it’s awkward to squeeze in, and zipping the pouch feels like packing a suitcase where you have to sit on the top to get the zipper shut. Here was another real-life impact of the iPhone 6’s size. So I ordered this larger Nathan 5K running belt which I am assured will hold the iPhone 6 comfortably.

All of this finally got me thinking: why don’t I just use my iPhone 5 when I run? The original reason for carrying a phone was to make sure all my podcasts stayed in sync. With podcasting apps like Overcast that sync subscriptions and playback status, this should be possible across two iPhones. Unless I paid for an extra data plan for the old phone, I’d be stuck without maps when I get lost, but thanks to the emergency 911 support that carriers are required to provide even on deactivated phones, I would still have some reassurance of a lifeline in an emergency. It still fits easily in my running belt, and I am significantly less concerned about damages that might occur from impact or moisture.

But part of the rationale in upgrading to a new phone is often that the older phone can still be sold for some profit. There is probably at least $200 or more of value in my iPhone 5. Is it really worth hanging on to it just for the benefit of being able to easily fit a smaller phone in my running belt?

Now I start to think about the upcoming Apple Watch, and how I will almost certainly convince myself to buy one of those, as well. As you know, the Apple Watch is only moderately useful unless an iPhone is in close proximity. Importantly, the watch itself doesn’t have GPS support but relies upon the phone for this and other functionality. But these specific activities where GPS is valuable, are the same activities that tend to favor carrying a smaller phone. Thus, for sporting purposes, isn’t it lucky that the watch supports pairing with the iPhone 5?

Many of us have reacted with flip disdain for larger phone sizes, but as I said earlier most of the perceived problems have not turned out to be a problem for me thus far. The actual problems however are worth noticing, and will hopefully justify to Apple that a 4″ form factor is worth keeping for the long haul. I still haven’t decided whether to keep the iPhone 5 around “just” for the purposes of running and other sporting activities, but a theoretical 4″ iPhone 7 would certainly get my attention for all the benefits of a smaller size that I’ve described.

Breach Of Trust

There’s a spectrum, as with all things, to the reactions people have had to Apple’s promotional gifting of U2’s new album, “Songs of Innocence.” On one end you’ll hear ridiculous, conspiracy-minded talk about how Apple has violated customer privacy by, you know, giving them a free album. On the other end you’ll hear ridiculous derision of anybody who, even upon careful reflection, finds fault with the way Apple and U2 carried out this PR stunt.

I tend to agree with Marco Arment’s take, both about it being a mistake to overlook the nuances of this situation, and that the nut of the problem, the part especially worthy of scrutiny by Apple’s fans, is the extent to which this move, and the threat of more moves like it, erodes our trust that the company has our best interests at heart.

Hold up a minute, I hear you choking on your disbelief that I could actually believe a giant corporation has my best interests at heart. I get it: to them, in the big scheme of things, I’m nothing. We’re all “nothing.” But their actions over the course of many years tell a different story. Whether they ultimately care about our interests or not, it has been a primary business practice to respect not only customer privacy, but customer primacy. It’s important to Apple that we trust them to safeguard our personal data, but it’s also important that we trust them to let us choose the desktop picture, the system beep sound, and the computer’s name. The notion that Macs, iPhones, and iPads are personalized devices runs deep in Apple’s history and remains a powerful marketing message.

So, many of the people who complained about the U2 album suddenly appearing in their “Purchased” list weren’t outraged by a petty act of gifting an album that they may or may not like. They were instead annoyed, and perhaps a little scared by the implication that Apple doesn’t respect the boundaries that separate “customer stuff” from “Apple stuff.”

I can’t help but draw a parallel between the ongoing debate about the merits of Facebook’s algorithmic timelines vs. Twitter’s (up to now) more-or-less self-curated timelines. Over the course of years, Twitter has trained customers to believe that we have control over our timelines, while Facebook has not. Does it matter in the big scheme of things if Twitter injects an ad here or there, or treats a friend’s favorited tweet as a retweet? Not really. In the same sense that it doesn’t matter much that Apple inserts an unwanted music album into your purchased list. But even a little move in a direction that threatens the primacy of users is a relatively big move for companies like Twitter or Apple, whose track records have inspired us to trust that we retain more authority over the personalization of these products than perhaps we do.

Apple Watch Pricing

Since Apple announced the Apple Watch yesterday, one of the main points of contention among friends and colleagues seems to be whether or not the base price, $350, is too expensive for it be a massive success.

First off, I think there is some good wisdom in the argument that as a 1.0 debut for a product line that Apple no doubt currently expects to spend years if not decades refining, it doesn’t matter all that much if it’s “too expensive” for the mass market.

One challenge in determining what the watch should cost is determining what other products it should be compared against. Apple presents it as a “smart watch”, a “fitness watch” and as a “fashion watch,” but I’m sure that aficionados of each category will find plenty of faults.

It’s not exactly a “fitness watch” because even the special sport model doesn’t appear to be as rugged or water resistant as watches designed specifically for that market. It also doesn’t possess its own GPS, so unless you’re planning to carry your iPhone with you on every adventure, it’s a poor competitor to dedicated navigation watches from e.g. Garmin. On the other hand, its passive activity collection features such as monitoring vigorous activity, heart rate, etc., set it apart from relatively simpler sport watches such as this Casio which itself breaks the $200 mark. It might not be such a stretch that a significant subset of the sports/fitness market will pay the extra $150 for the purported advantages of Apple’s UX design, activity monitoring, and integration with other Apple products.

The elusive “smart watch” category is so new it’s hard yet to even know what a smart watch should or shouldn’t do. When Google announced its Android Wear platform earlier this year, the watches it presented included fancy features like turn-by-turn mapping navigation, voice recognition, and integration with Android devices and the apps on those devices. Apple seems to be aiming for the same targets, but also adding novel additions such as the “digital crown” as a usability enhancement, and touchy-feely stuff like the ability to send Taptic pulses to your friends and loved ones.

As far as fashion is concerned, it appears that this is the niche in which Apple probably sets itself farthest away other sports or smart watches. Frankly, the Apple Watch looks pretty good to me. And it’s meaningful that Apple will offer a wide variety of bands and designs, such that it will be difficult to write off the whole line as “ugly” without thoroughly evaluating the options. But as attractive as it is, it’s bulkier than most watches worn purely in an effort to appear sleek or stylish. This is probably something that will change over time. I agree with Manton Reece, who quipped on our latest Core Intuition episode that he had no doubt in a year or two’s time we will be looking back at this debut line of Apple Watches as the relatively clumsy 1.0 releases that they are.

But here’s the thing about fashion watches: they get really expensive, really fast. I don’t think anybody who would consider Apple’s watch purely for its fashion appeal would blink twice about the price tag at $350. So to the extent that Apple can itself influence what is or isn’t “in style” for a certain subset of fashionistas, it seems realistic to expect that Apple will sell an awful lot of these to folks who don’t particularly care about the finer points of their functionality as a sports or smarts enhancement device.

I was intrigued to read this review by Benjamin Clymer (via Ryan Nielsen), who evaluated the Apple Watch from the point of view of a self-identified “watch guy.” He gushes about many aspects of the watch’s design, and perhaps more importantly, appreciates Apple’s apparent attitude in approaching that design. He senses that Apple has respect for the art of watchmaking, and I guess by extension, respect for watch lovers as well. Early in his review he jumps to what I think makes a great summary of his findings when he appreciates the “feel” of the Apple Watch:

The overall level of design in the Apple Watch simply blows away anything – digital or analog – in the watch space at $350.

If Benjamin’s impressions are at all shared by other watch-lovers who get their hands on Apple’s watches, it seems likely to me that it will be an outright success as a fashion watch. Bear in mind that people who wear a watch for this reason do not typically limit themselves to one watch. I’m not even a watch-lover, per se, but I own two watches that are nice enough to wear when dressing up a bit, each more suited to a different style of apparel.

I suspect that at least for the 1.0 release of Apple’s watch, few people will buy it as an outright sports or fitness solution, but many will appreciate those features after buying the watch primarily for its “smart watch” or fashion appeal. As a satellite device to an iPhone, $350 seems in the realm of palatability for most people who value the thrill of owning and using cutting-edge technology. And for anybody who senses the watches will fill a fashion void on their watch rack, $350 will seem like a steal.

For everybody else, who will continue to feel that $350 is an absurd price to pay for something with such little proven utility, and with so many compromises compared to other solutions? I’m sure the $99 Apple Watch is only a couple years away.