March 20, 2015

The update involves iCloud Keychain and the IOSurface framework (for sharing graphics surfaces between applications).

From the security update release note page:

iCloud Keychain:
Available for: OS X Yosemite v10.10.2
Impact: An attacker with a privileged network position may be able to execute arbitrary code
Description: Multiple buffer overflows existed in the handling of data during iCloud Keychain recovery. These issues were addressed through improved bounds checking.


Available for: OS X Yosemite v10.10.2
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A type confusion issue existed in IOSurface’s handling of serialized objects. The issue was addressed through additional type checking.

Interesting discussion of the latest release of iMovie to show off the new MacBook and its Force Touch trackpad.

From this post by graphic designer Alex Gollner:

When I dragged the clip to its maximum length I did feel a little bump. Without looking at the timeline and looking at the viewer, I could ‘feel’ the end of the clip.

This feature presages the ability for UI pixels to be ‘bumpy’ – for user to feel the texture of application UIs without having to look at where the cursor is. This means that seemingly textured software keyboards and control layouts will be able to be implemented on future trackpads, iPhones and iPads.

And from this Wired piece on bumpy pixels and haptic feedback:

Where might bumpy pixels show up next? Hayward can imagine it accentuating interaction with all sorts of on-screen elements, like buttons, menus and icons. “It could make interaction more realistic, or useful, or entertaining, or pleasant,” he says. “That becomes the job of the user experience designer.” Other haptic research suggests more unusual possibilities. A project from a group of Disney researchers involved a touchscreen environment in which icons felt “heavier” based on their file size.

Another place the Taptic Engine might show up? The iPhone. The Wall Street Journal recently reported that Apple is considering Force Touch for the new device, and if it is included, it stands to reason that the Taptic Engine could end up in Apple’s phones in some form as well. (Once you play with a new MacBook, you’ll see why; having multiple layers of touch sensitivity doesn’t really make sense without different types of feedback to differentiate between them.)

Haptic touch research has been around for quite some time. This paper dates back to 1994. It’s amazing how long it took for this concept to make its way into the mainstream.

Daniela Hernandez, writing for Fusion:

“Imagine ten trials, several thousand patients,” said Friend, the founder of Seattle-based Sage Bionetworks, a nonprofit that champions open science and data sharing. “Here you have genetic information, and you have what drugs they took, how they did. Put that up in the cloud, and you have a place where people can go and query it, [where] they can make discoveries.” In this scenario, Friend said, patients would be able to control who could access their information, and for which purposes. But their health data would be effectively open-sourced.

Sitting in the audience that day was Mike O’Reilly, a newly minted vice president for medical technologies at Apple. A few months earlier, Apple had poached O’Reilly from Masimo, a Bay Area-based sensor company that developed portable iPhone-compatible health trackers. Now, he was interested in building something else, something that had the potential to implement Friend’s vision of a patient-centered, medical research utopia and radically change the way clinical studies were done.

This is a terrific story. But perhaps the best line of all was called out in John Gruber’s compelling Daring Fireball headline:

After Friend’s talk, O’Reilly approached the doctor, and, in typical tight-lipped Apple fashion, said: “I can’t tell you where I work, and I can’t tell you what I do, but I need to talk to you,” Friend recalls. Friend was intrigued, and agreed to meet for coffee.

Alex Rainert, writing for Medium, about using a Garmin Running Watch during a race:

During the race this past Sunday, being able to glance at my wrist for Current Pace/Average Pace/Distance whenever I wanted was fantastic (Note: I’ve found both the Garmin and the apps to have varying degrees of accuracy for distance covered). Seeing my live Heart Rate and Heart Rate Zones (coming via chest strap) also helped me know how hard I was exerting myself and when there might be a little more for me to give, even if I felt totally gassed. Finally, the fast & slow pace alerts were a total gamechanger as they provided actionable, contextual information in real-time, allowing me to make adjustments that saved seconds in the moment and crucial minutes over the course of the race.

This is a testament to one of the many health and fitness-related products you’ll be able to replace with an Apple Watch. Given that Apple Watch is a software and sensor platform, it can evolve to closely map to a user’s needs. The Garmin Running Watch is a stake in the sand, a product with a fixed design. What it does, it does very well, and will likely continue doing that job, and just that job, as long as its battery holds out.

The Apple Watch is limited only by the sensors it carries or connects to. Two things we know will be trackable with the combination of iPhone and Apple Watch are heart rate and distance traveled. Presumably, as the Apple Watch evolves, more sensors and, therefore, more health data will be added to the mix. The question is, who will control the access to that data?

From the quoted paragraph above:

I’ve found both the Garmin and the apps to have varying degrees of accuracy for distance covered

This is something I’ve heard from users of iPhone distance tracking apps, as well. Every app used (including Apple’s Health app) reports a widely varying measure of distance. Two different apps will give you two different measures of how many steps you took today, for example. This problem has a number of possible causes. Apps use different algorithms to calculate steps taken. Different sensors might differ in accuracy or, perhaps, require tuning to adjust to different stride lengths.

As reader Robert Davey points out, Apple bottlenecks this data via the CoreMotion framework. The question is, are developers not aware of the framework (I was not, as is evidenced by my original post)? Are they using it inconsistently? Incorrectly?

This is a quality control problem. As more sensors are added to the iPhone and Apple Watch, this problem will only get more complicated.

March 19, 2015

From an article I wrote for Fortune:

The fact that none of these guys brought up or seemed at all concerned about cybertheft may tell you more than any headline that contains the words Apple, Pay and Fraud.

There’s too much fear-mongering going around these days.


We’re super excited to finally let you know that the new and awesome Pixelmator for iPad update is out now.

Just to remind you—Pixelmator for iPad is the best image editor on the iPad and it is one of the most innovative and technologically advanced iOS apps ever built. And oh, if you are a Mac user and not that interested in iOS, just listen for a sec: All the cool things we now make for the iPad are coming to the Mac. But more on that later.

In the meantime, read on to find out what we’ve packed for you in Pixelmator for iPad 1.1 Aquarelle.

Along with Snapseed, Pixelmator is my go to app for editing photos on the iPad. I’m really excited to start playing with the new features in this version.


“The new MacBook’s single port comes with a major security risk,” proclaims The Verge. Gizmodo took The Verge’s story a step further with, “The NSA Is Going to Love These USB-C Charging Cables.” So what’s the big deal, and is there any fire behind all this hot air?

These articles are pure clickbait.

As always, when it comes to Macs and security, always wait for Rich Mogull to weigh in before going off half cocked. I’m looking at you, Tech Media.

On May 17, 2011 we reinvented calendaring; On March 25, 2015 we’ll reinvent Fantastical itself.

I’ll say this: you’re going to love this new version.

Mobile games maker Rovio reported its operating profit fell 73 percent last year due to a drop in its licensing business, a latest sign its breakthrough Angry Birds brand is losing its appeal.


Winclone 5 is the most complete solution for protecting your Boot Camp Windows system against data loss. Winclone is the most reliable cloning solution when migrating Boot Camp to a new Mac. The all new Winclone Backup feature provides scheduled, incremental snapshots of your files so you can retrieve earlier versions or accidentally deleted data.

Looks like a great utility if you have a Boot Camp partition.

Casey Liss lays out the reasons he chooses to use DuckDuckGo as his search engine.

Smile, the developer of productivity applications for Mac, iPad and iPhone, has released PDFpen Scan+ 2.0, a new version of their mobile scanning and OCR app for iPhone and iPad. This new version has a redesigned camera screen with auto-scan mode, which will take the scan, automatically crop, and assign editing presets—all without a tap.

I love Smile’s software.

The Atlantic:

Houshi Ryokan was founded in 718. It is one of the oldest family businesses in the world; 46 generations have managed the ryokan in its 1,300 years. Filmmaker Fritz Schumann profiles the current caretakers, Zengoro and Chizuko Houshi, as they struggle to determine the ryokan’s future after the death of their only son.

Such a sad story about a family seemingly trapped by the weight of their own history and traditions.

You had me at “Daddy Likey?”

The wheel is slowly, but inevitably, turning. Things started off with YouTube, then Netflix and House of Cards. Amazon rolled out Prime Video with original content like Transparent. More recently, we’ve seen the FCC move on net neutrality, rumors about a bundling service from Apple, HBO Now, and now Vue from Sony. Cord cutting is becoming easier and, I suspect, inevitable.

Sony Vue is limited to PlayStation 3 and 4, and is currently only available in Chicago, New York and Philadelphia. More interestingly, check this out:

For $50 a month, you’ll get 53 channels, including CBS, Fox, NBC, Bravo, CNN, Comedy Central, the Food Network, MTV, Nickelodeon and TNT. At $60 a month, you get access to a small handful of local sports networks, including New York’s YES and the Big Ten Network. And for $70 a month, you’ll be able to stream 26 more channels, such as FXM, Logo and Sprout.

Notably, Disney (DIS)-owned channels, including ABC and ESPN, are not currently available on the PlayStation.

That’s right, ABC and ESPN are not part of the package. As I argued in yesterday’s Amplified podcast, the days of network television ruling the roost are over.

We’re starting to see signs of splintering, with NBC said to be not yet part of Apple’s projected offering and now ABC being left out of Sony’s offering. To me, this fragmentation is the beginning of the end. A network without its constituent parts cannot stand.

One of the last unanswered questions about the Apple Watch is the question of upgradeability. Andy Faust, writing for WatchAware, argues that upgradeability is both not coming and not necessary.

The battery angle is credible and has some precedent. But the rest of this nonsense — and it is utter nonsense — has been making the rounds ever since the consumer tech world took it upon itself to justify or rationalize the cost of Apple Watch Edition in terms of a market segment that can’t afford it (and for whom the thing isn’t even designed). I can’t think of a single luxury brand that will offer to inexpensively and meaningfully upgrade part of something it sold you just because a new, better version of that something came out. That’s antithetical to how the luxury world operates. Luxury is disposable, and it is funded with disposable income. That is the entire point.

I understand this logic, but it does make me bristle. As if reuse was a quaint and foolish notion.

As for the more affordable versions of Apple Watch, the above reality is largely the same. Why would Apple change its well-established habits — never mind its fundamental guiding principles — to purposefully limit its capacity to generate huge manufactory profit margins? Apple Watch is already extremely complex to assemble, its much-hyped modularity notwithstanding. Does anyone actually believe it would make sound financial sense for Apple to add disassembly and selective component replacement to the equation? Also, why do people have the totally unfounded idea that Apple Watch’s design is finalized for the long term? How long has iPhone ever kept the same form factor? Or iPad? I’ll tell you how long: one upgrade cycle. Two years. That’s it.

I have no inside knowledge here, so Andy might be right about all this. But.

If Apple is going to offer battery replacement for the Apple Watch, might they not offer a way to upgrade the watch module inside to extend the life span of the watch? They could charge a pretty penny for the new module, make enough of a profit to justify the process. At the same time, Apple would deepen customer commitment to the ecosystem, maintain customer loyalty.

Or maybe it’s simply these new rose colored glasses I’m wearing.


Apple will introduce several major initiatives to ready its retail stores for the Apple Watch’s launch in April, according to sources briefed on the upcoming changes. Starting on April 10th, Apple will allocate 15 minutes per customer for in-store try-on appointments, using 10 or more try-on stations to manage what’s expected to be a steady flow of customers interested in having hands-on time with the Watch. While customers will not necessarily be required to have an appointment, they will be time-limited and guided during the hands-on experience. Additionally, they will be given the opportunity to place a reservation at the time of try-on for a particular model, and make a follow-up appointment to pick the watch up during the April 24th launch date. Stores will also have launch day stock for walk-in appointments.

Apple is one of the few companies in the world with this sort of experience managing customer demand.

If you spend any amount of time setting up affiliate links for the iTunes store, take a look at Blink.

If you are new to affiliate links or want to learn how Blink works before you spend your hard earned cash, Graham Spencer, over at MacStories, does an excellent job laying out all the details.

Perhaps my favorite part of all this is the voiceover on the first of the two videos at the bottom of the Blink page. That’s Myke Hurley, the voice of the excellent Inquisitive podcast.

March 18, 2015

Why the Apple Watch costs $10,000


Just like its predecessor, the new iRig 2 plugs directly into the mini jack input of a mobile device. It lets musicians send an instrument signal to apps, such as IK’s AmpliTube, while also providing on-board output for real-time monitoring.

iRig 2 now comes with gain control, which lets users precisely adjust the input gain of their instrument to match their mobile device. This means that it can be customized to always provide the best sound, no matter what type of guitar, bass or line-level instrument or device is used.

Its new 1/4″ amplifier output, in addition to its traditional 1/8″ headphone output, allows iRig 2 to be plugged directly into a guitar amplifier or powered speakers without an adaptor. This helps to keep all cable connections tidy and organized.

A new FX/THRU switch allows iRig 2 to send either a wet or dry signal through the device. This means that guitarists can play live with an amplifier and use their mobile device with a tuner app, such as IK’s UltraTuner, or a recording app, such as IK’s iRig Recorder, to record a dry signal for further processing.

I’ve been an IK Multimedia user for many years. From the Mac to my iOS devices, the company’s software and hardware has always been close to my guitars and ready to go. I’ve been playing around with the iRig 2 and like what I’ve seen so far, especially with the option to adjust the input gain and go out to an amp or speaker. I’ll have a more full-featured review in the coming weeks.

Website advertisement companies have found a way to circumvent the protections introduced in iOS 8 to stop users from being kicked to the App Store because of certain cleverly-coded JavaScript advertisements.

Ugh, watch the video. This would drive me crazy.

Cameron Moll:

I don’t know what to expect of Meerkat’s viability, permanence, or lasting utility. But if the hype is any indication, they’re ripe for acquisition. They’re also ripe for lawsuits and traditional media backlash, e.g. live-broadcasting televised events.

I feel like we are all in the same boat as Cameron with respect to Meerkat. We’re all fascinated, but we don’t know where it’s going yet.

Neil Hughes, reporting for AppleInsider, quoted an analyst saying the price would be $30 and $40 per month.

A key factor in pricing, of course, is exactly what channels Apple’s service would offer. Reports have suggested that Apple is in talks with broadcast networks ABC, CBS and Fox, as well as other cable networks owned by Viacom and Discovery, though apparently talks have stalled with Comcast-owned NBC.

Of course, the stations are an important factor, but just as important are the hoops—or lack thereof—that I have to jump through. I don’t want commercials, I want to be able to fast forward and rewind, I want it all in HD, and I want to be able to watch an entire series anytime my little heart desires, on any device I desire. I understand that a new, ongoing series will come out on a weekly basis, and I’m okay with that.

If I can get something usable, I’d subscribe in a heartbeat.

This sounds pretty handy if you have to test your new design.

Jim, Shawn and Dave talk about fitness, Steve Jobs, Apple rumors and riffing on the guitar!

Sponsored by (Start learning something new in 2015 by visiting the link to get a 10-day free trial and access their 2400+ courses)

Eddie Van Halen demos the new 5150 IIIs

I love watching Eddie play.

One major corporate user has banned Android devices on its network. “We simply cannot cope with managing the plethora of Android devices and apps on our network. We are happy to support iOS 8.x and Windows Phone 8.x – and apps from their stores but that is it!” This company uses a Symantec mobile management suite to control personally owned devices as well as access to company data and email.

There is no word on who the corporate user is, but we do know that fragmentation has been a problem in the past. The fact that older versions of Android are not updated, and older devices can’t update to the newest version of the OS, causes some concern.

Apple has removed the award-winning healthy eating app The Whole Pantry from the App Store and its featured Apple Watch apps page amid allegations that its creator Belle Gibson committed fraud, according to The Sydney Morning Herald. The report states that Gibson is accused of making false claims about her cancer diagnosis and failing to donate thousands of dollars collected during fundraisers to charities.

This is just awful in every possible way.

Under the final judgement, Comcast must treat online video services as essentially equal to cable companies. Comcast is required to give those services access to the same NBCUniversal content that it sells to cable providers, under the same terms and conditions.

Additionally, if an online video service strikes a deal with one of NBC’s peers — such as CBS — Comcast is obligated to license “comparable” content at “economically comparable” rates. For example, if Apple’s new service were to carry first-run CBS programming, Comcast must makes its own first-run programming available at roughly the same rates as those negotiated between Apple and CBS.

It looks like there is some leeway there, but I didn’t realize the details of Comcast’s deal to buy NBC. That will piss them off.

I will be getting this book.