🧵1/6 Notes from watching #WWDC22 “What’s new in privacy” from a Mac developer’s perspective:
🧵2/6 macOS Ventura finally adds a unified API for apps to manage helpers, agents, and daemons. When an app registers itself (or a helper) to launch at login, the user is notified about it. The panel in Settings clearly distinguishes login items added by the user vs. by apps
🧵3/6 Another change is that apps on macOS may no longer update/modify apps that are not signed by the same development team, unless the other app declares the third-party team ID in its Info.plist This will lead to some scary dialogs before everyone adapts to this new model
🧵4/6 I’m quite happy about these changes. The new login item management API makes it easier for apps to manage helpers, agents, or daemons, while increasing transparency and user control at the same time. The other change increases the overall security/stability of the system.
🧵5/6 On the business side of things, this gives me more confidence that Apple still cares about “traditional” Mac app behaviors such as the ability to register login items for Menu Bar helpers, and the distribution of Mac apps outside the App Store
🧵6/6 Speaking of macOS Menu Bar helpers, if you’ve been looking for how to make one, in macOS Ventura you can do it entirely in SwiftUI: developer.apple.com/documentation/…
Speculative side note: this is the sort of API improvement you’d expect Apple to make if they ever plan on bringing support for this sort of thing on iPadOS 👀
• • •
Missing some Tweet in this thread? You can try to
force a refresh
The Studio Display shows a little loading indicator on cold boot. It’s three dots that light up in sequence. Cold boot takes about 3-5s. No Apple logo, my guess is because that could be confusing given that macOS shows an Apple logo on boot.
It talks to macOS through the same mechanism that Intel Macs with the T2 chip use to talk to the coprocessor. You can take a sysdiagnose with “sudo sysdiagnose -c” and look up device information with remotectl
🧵 Thoughts on iOS sideloading. Apple (and people who defend Apple no matter what) make it out as being a big deal that’s going to completely destroy the security of the platform and harm a huge number of innocent users. The reality is way less exciting… 1/
First of all, just because an app has been installed directly, that doesn’t mean that it can do whatever it wants. iOS, just like macOS, has strong security measures to prevent apps from reading data from other apps, accessing resources such as camera and GPS, and so on 2/
Sideloading wouldn’t change a thing about the iOS sandbox, which every app lives within. Even running an app directly from Xcode with my iPhone plugged into my Mac, I can’t do whatever I want. I can’t access the camera without asking for permission, just to give an example 3/
🧵 AirBuddy 2.5 development trivia, tidbits, UI details, etc thread
Pretty much every major core component of the app was rewritten to some extent for 2.5. There was too much cruft from back when the app was a heavy mix of Objective-C and Swift, and too many things that didn’t make sense anymore after OS/API changes.
I don’t use the term “MVP” often, but you could definitely call AirBuddy v1 (released in January 2019) that. I had figured out how to talk to AirPods with some private API and ran with it. Decided to make the whole app in Objective-C back then because of that
(1/5) A couple of facts about Apple’s just-announced child safety initiatives:
(2/5) No, Apple is not gonna be reading children’s iMessages. The child’s device will locally detect a potentially sensitive picture being received/sent and give them guidance before sending/viewing the picture, notifying their parent if they decide to do it
(3/5) The image matching based on hashes is done on-device, but it only happens if you have iCloud Photo Library enabled. So if that bothers you for whatever reason, disable the feature.
🧵 A few things I’ve learned over the years about animations (in apps or otherwise)
If you’re animating something scaling up/down, never scale from/to 0%, most of the time that will not look right. Use a small value between 5 and 10% and animate the opacity alongside the scale to get the appearing/disappearing effect.
Design the final state that the objects will be in, then work backwards to figure out how to animate them towards that. The other way around is way more difficult.
Just had a poke at the Clubhouse app with a proxy, given the recent concerns about contacts usage. The bad part is that it uploads all of your contact’s phone numbers (surprise!). The good part is that that’s the ‘only’ thing it uploads about them.
The contacts on my test device were all fake, and included several pieces of data, including email, address, and picture, but Clubhouse only uploaded the phone numbers.
Another problem is that the API used to upload the phone numbers doesn’t seem to be using SSL pinning. Also, if they just want to match people based on who they have phone numbers for in Contacts, they could use one-way hashes.