Unofficial Accidental Tech Podcast transcripts (generated by computer, so expect errors).

512: Owned With a P

Major new iCloud security features, more App Store price tiers, updates on Mastodon and Blackbird, and the wonderful world of printers.

Episode Description:

Sponsored by:

  • Kolide: Cross-platform endpoint security for teams that value privacy and transparency.
  • Trade Coffee: Incredible coffee delivered fresh from the best roasters in the nation.
  • Backblaze: Backblaze makes backing up and accessing your data astonishingly easy.

Become a member for ad-free episodes and our early-release, unedited “bootleg” feed!

MP3 Header

Transcribed using Whisper large_v2 (transcription) + WAV2VEC2_ASR_LARGE_LV60K_960H (alignment) + Pyannote (speaker diaritization).


  1. Printers.
  2. Sponsor: Backblaze
  3. Follow-up: Mastodon
  4. Hive security shutdown
  5. “Sharrow” is real
  6. Sponsor: Trade Coffee
  7. Blackbird update
  8. iMessage Contact Key Verification
  9. 2FA with hardware keys
  10. iCloud end-to-end encryption
  11. New App Store price options
  12. Apple Music Sing
  13. Sponsor: Kolide
  14. #askatp: Mac Studio vs. Mac Pro
  15. #askatp: Backing up shared photo library
  16. #askatp: Can’t quit Finder
  17. Ending theme
  18. Post-show


⏹️ ▶️ Marco So I almost didn’t make the show tonight. Oh, no stuck on the sand

⏹️ ▶️ Casey no because he forgot to fill up with gas

⏹️ ▶️ Marco No, although I’ll tell you one thing man driving on the sandy Yeah,

⏹️ ▶️ John it’s kind of like running on the sand.

⏹️ ▶️ John, Marco Yeah,

⏹️ ▶️ Marco and you know cuz like, you know a I’m running on You know low tire pressure right and then driving on sand

⏹️ ▶️ Marco is like, you know walking through maple syrup like, you know It’s just it’s a very inefficient way to

⏹️ ▶️ Marco move. And so yeah, I mean that’s… I think like, I think my

⏹️ ▶️ Marco living here, you know, especially in a house that generates a very large quantity of solar power

⏹️ ▶️ Marco and not going to work every day, like I think overall my carbon footprint is probably not too bad.

⏹️ ▶️ Marco But certainly the… when I do have to drive here, oh my god,

⏹️ ▶️ Marco it’s embarrassing. know we recorded at 8

⏹️ ▶️ Marco p.m. at about 630 p.m. my son started

⏹️ ▶️ Marco a project that required having to print things to a printer.

⏹️ ▶️ Marco Oh no. Everything that could have gone wrong did go wrong along this process

⏹️ ▶️ Marco so you know we first of all we start out oh it’s out of paper all right go get paper and this is like

⏹️ ▶️ Marco you know because like okay this And so

⏹️ ▶️ Marco we don’t have large storage, you know, large closets.

⏹️ ▶️ Marco My office here is very small and it and and where this printer

⏹️ ▶️ Marco is is on a shelf in a closet. The water shelf, the well the one below the water.

⏹️ ▶️ John So

⏹️ ▶️ John, Marco it’s

⏹️ ▶️ John a nice day and damp stacks of paper right next to it.

⏹️ ▶️ Marco Yeah, exactly. I know actually it’s the same shelf. Yeah, so getting to like the paper trays and you know it’s

⏹️ ▶️ Marco it’s an ordeal with this printer you have to like you know take it out of the shelf it’s on oh and the whole time to

⏹️ ▶️ Marco reach it you’re like on a step stool anyway like you know so it’s it’s a whole thing stop putting

⏹️ ▶️ John electronics in closets can we just stop that that should have stopped as soon as devices required active cooling

⏹️ ▶️ Marco we hardly ever use it’s it’s an Epson all-in-one ink whatever printer it’s an inkjet it’s hardly

⏹️ ▶️ Marco ever even on like we so okay so number one to use this printer I have to pull out the step stool

⏹️ ▶️ Marco from the closet that it’s in step up and turn it on. Wait for it to make all of its noises. Why not just leave

⏹️ ▶️ Marco it on? Because if you leave Epson printers on all the time they keep their ink heads warm allegedly

⏹️ ▶️ Marco and it basically makes them permaclog in less time. If you have an Epson printer you will

⏹️ ▶️ Marco probably know that over time eventually it gets so like the head gets so clogged or

⏹️ ▶️ Marco otherwise messed up that you like that no cleaning cycle will fix it and you have to replace the printer.

⏹️ ▶️ Marco So I’ve learned a long time ago that if you don’t leave it powered on with Epson in particular

⏹️ ▶️ Marco you can make the printer last way longer because it apparently you know lengthens that process so anyway

⏹️ ▶️ Marco so you know we start printing get you know get the step letter out turn the printer on oh no paper oh gotta

⏹️ ▶️ Marco get paper oh it’s special photo paper well we have to the photo paper package we have is empty we have to open a new package of photo

⏹️ ▶️ Marco paper find that you know get this whole thing first couple prints go through at one point

⏹️ ▶️ Marco oh out of ink all right go get the box of spare ink.

⏹️ ▶️ Marco Now again, a printer that lives in a shelf, replacing the ink on it, you gotta like pull it out.

⏹️ ▶️ Marco It’s a whole thing. You shouldn’t be in a closet.

⏹️ ▶️ Casey Yeah, seriously. I think the shelf here might be the crux of the

⏹️ ▶️ Casey, Marco issue. There’s

⏹️ ▶️ Marco nowhere else to put it. Eventually, I

⏹️ ▶️ Marco replace all of the colors because one was out, and this is the kind of printer that if it thinks the

⏹️ ▶️ Marco ink is out, which I know it’s really not, it’s just based on page count or whatever, but if it thinks the ink is out, printer will

⏹️ ▶️ Marco not print anything except black and white and these are we’re printing photos so it’s like okay that’s not gonna work

⏹️ ▶️ Marco so replace all the cartridges fine get it back in there print a couple more then

⏹️ ▶️ Marco it starts complaining hey papers not in tray one well yeah

⏹️ ▶️ Marco I know it’s in tray two but there’s no option to tell it like just load it from tray two

⏹️ ▶️ Marco all you can do is either put paper in tray one which is the CD printing tray

⏹️ ▶️ Marco so you can’t or or cancel the print job. Okay, so go through, all right,

⏹️ ▶️ Marco try this, try this setting. Oh, and he’s printing it from an iPad. So, find out, is there something

⏹️ ▶️ Marco wrong there? Reboot everything. I even rebooted the router, like just reboot everything, trying to get it to

⏹️ ▶️ Marco say, it just would not draw from Tray 2 no matter what I did. Finally we got it to print

⏹️ ▶️ Marco to Tray 2, and it comes out and it’s tiny. It’s printing tiny now.

⏹️ ▶️ Marco, John Oh

⏹️ ▶️ Marco my God, eventually it took another like, you know, a half hour of troubleshooting and

⏹️ ▶️ Marco four or five, you know, wrong prints that are now just garbage before we finally realized that

⏹️ ▶️ Marco somewhere deep in the setting, something had turned to four by six size paper instead of, you know, letter

⏹️ ▶️ Marco size. It just, it took so long. And it’s like, printers, I hate

⏹️ ▶️ Marco printers so much. This is why like my giant HP, like tank that I

⏹️ ▶️ Marco, Casey have.

⏹️ ▶️ Marco It’s the only printer that’s ever, never let me down. Would

⏹️ ▶️ John it have been faster for you to print the other house and then drive and go get it? Maybe. By the time you got there,

⏹️ ▶️ Marco it would already be out. Yeah, like, I mean, it’s, you know, it’s a two-hour drive, but it might have been faster.

⏹️ ▶️ Casey So why is it an inkjet printer and not a color laser? I thought you were at least a

⏹️ ▶️ Casey black and white laser fan, hence the refrigerator printer at home, but I thought you also enjoyed a color laser,

⏹️ ▶️ Casey no? I have both. Why would you use inkjet for anything in modern society?

⏹️ ▶️ Marco printers are way better at photos than

⏹️ ▶️ Marco, John even

⏹️ ▶️ Marco very good color lasers. That’s

⏹️ ▶️ Marco, Casey why. It’s

⏹️ ▶️ Marco purely for photos.

⏹️ ▶️ Casey You bring that to like Costco or something or like you can’t bring them to Costco anymore because Costco photo center closed but you like

⏹️ ▶️ Casey have Costco print them and mail them to you or whatever. It’s not

⏹️ ▶️ Casey, Marco that expensive. Yeah, see

⏹️ ▶️ Marco also the living on the island situation. This is a good place to have like a little print shop in your house basically.

⏹️ ▶️ Casey Basically, past Marco made a bunch of really dubious choices and today Marco really paid

⏹️ ▶️ Casey the price.

⏹️ ▶️ John For photo printing, you can just send away and get, you know, real prints from someplace nice and

⏹️ ▶️ John even even on the island, you can get those. But yeah, if you need a thing for a school assignment tomorrow, you

⏹️ ▶️ John got to print it in your house.

⏹️ ▶️ Marco Well, yeah, that’s a yeah, it’s like it’s that kind of thing where like, this is why, you know,

⏹️ ▶️ Marco living here, you kind of have to like, because you know, there’s the situation with the ferries

⏹️ ▶️ Marco in the summer that you know, you might you might need something that’s past the last ferry departure time or something. And so

⏹️ ▶️ Marco you kind of have to be a little more self-sufficient here than you would in most places because you can’t just drive over to

⏹️ ▶️ Marco a Walmart real quick and get what you need at all times of day. Like it’s it’s more involved in that. And so

⏹️ ▶️ Marco like, you know, I have to be my own bike mechanic, for instance, like I’ve learned how to do all sorts of crazy, you know, maintenance

⏹️ ▶️ Marco and upgrades and stuff on bikes because I had to because there’s no one around.

⏹️ ▶️ Marco Tiff has has learned how to do like certain plumbing operations herself because she had to

⏹️ ▶️ Marco because there was no one around. It’s just, it’s an interesting place. You know, you kind of have to be,

⏹️ ▶️ Marco you know, independent in a lot of ways. And one of those ways for us is we keep both kinds of printers

⏹️ ▶️ Marco because printing photos on color lasers sucks. And I love lasers for

⏹️ ▶️ Marco anything else that isn’t a photo. They’re way better for anything else, but for photos, they are terrible.

⏹️ ▶️ Casey So Adam was printing photos?

⏹️ ▶️ Marco Yes, he was. Specifically, he was printing art that he drew in Procreate on

⏹️ ▶️ Marco the iPad for a school project. It’s a whole thing. but he was printing color illustrations

⏹️ ▶️ Marco he made.

⏹️ ▶️ Casey With utmost respect to both you and your child, perhaps in this

⏹️ ▶️ Casey one scenario, it might have been simpler and easier to simply print on the color laser printer and be done with

⏹️ ▶️ Casey it.

⏹️ ▶️ Marco No, but these had to look nice. It’s for a thing.

⏹️ ▶️ Marco, Casey So

⏹️ ▶️ Marco I have the glossy photo paper, the Epson

⏹️ ▶️ Marco, Casey paper and the Epson printer, like all that stuff.

⏹️ ▶️ Marco And if you want a nice, glossy, bright photo, you’re never gonna get it out of a laser. You just can’t, like the way toner

⏹️ ▶️ Marco works, it just doesn’t work that way.

⏹️ ▶️ Casey Mm-hmm, all right, all right, all right, I’ll allow it. Yeah, yeah, well, I’m glad you made the show. That would have been

⏹️ ▶️ Casey quite funny. Oh, I can’t make the show? Oh no, what’s wrong? Who’s sick? What’s happened? Well, printers,

⏹️ ▶️ Casey that’s what

⏹️ ▶️ Marco happens. Printers can make any 10-minute project take three hours. That’s

⏹️ ▶️ Marco what it means.

⏹️ ▶️ John We need like the OLED TV revolution, but for printers, because all these things with physical

⏹️ ▶️ John realities, we’re kind of like in the dark ages with printers still. there is no printer technology that

⏹️ ▶️ John is just like clearly better and more reliable. I guess it more like the LCD resolution. So it was sort of an

⏹️ ▶️ John LCDs took over all displays. We found a display technology that’s flat, low power looks good,

⏹️ ▶️ John you know, setting aside the old debate, just plain old high quality led backlit LCDs.

⏹️ ▶️ John We’re such a revolution that kind of made screens not be made screens ubiquitous and

⏹️ ▶️ John you know, and basically work to do their job. And we don’t have that with printers. We just have pick a crappy technology

⏹️ ▶️ John from ages ago, depending on what trade-offs you can handle, and then connect crappy electronics

⏹️ ▶️ John to all of them.

⏹️ ▶️ Marco Yeah, and take all of the profit margin out of it, basically, and so you have

⏹️ ▶️ Marco these mechanically, so I think this is why, this is mechanically very

⏹️ ▶️ Marco complicated. There is no way to make a printer that is not mechanically complicated, and that’s the

⏹️ ▶️ Marco kind of thing that’s very difficult to make good and reliable, and also super, super cheap.

⏹️ ▶️ John Yeah, there was one technology that was mechanically not as complicated. It was just crappy. I think it was

⏹️ ▶️ John one of the past technologies, instead of having like a print head, essentially, well, and laser printers do this to

⏹️ ▶️ John like my laser.

⏹️ ▶️ John, Marco Yeah,

⏹️ ▶️ Marco well, the LED ones, the Okidata LED ones, they were kind of cool. But

⏹️ ▶️ John that’s not not up to modern standards like we do. Yeah, we need the LCD screen resolution, something that with very

⏹️ ▶️ John few or no moving parts, the prints high resolution in color that doesn’t bleed when you get the paper

⏹️ ▶️ John wet, that looks good, glossy like we do. that just doesn’t exist yet. But someday, once that happens, I feel

⏹️ ▶️ John like we’ll finally cross printers off the list of technology that always sucks. Because

⏹️ ▶️ John it always sucks for reasons that are explicable, because printing is complicated, and because the business

⏹️ ▶️ John model is basically make the cheapest thing and then get people to buy your printer ink or whatever.

⏹️ ▶️ John But with the right technology, we can get there. Kind of like a fusion for

⏹️ ▶️ John energy. We have two big projects. One, a break-even fusion for energy.

⏹️ ▶️ John better than breaking infusion for energy production to save the planet, and also printers.

⏹️ ▶️ Marco It’s funny, you got all these tech bros who start all these companies, we’re gonna change the world. None of

⏹️ ▶️ Marco them try to change the world for printers. You can have your startups, we’re gonna connect

⏹️ ▶️ Marco people’s social graph to their self-driving cars, I don’t care.

⏹️ ▶️ Marco Fix printers, now I’m

⏹️ ▶️ John impressed. How about you put a camera in my toaster oven so you can tell how brown the bread is.

⏹️ ▶️ Marco Right, but

⏹️ ▶️ John didn’t the June oven do that? Yes. There’s a whole, there’s a whole class of products that does that now. It’s not just one.

⏹️ ▶️ John I still didn’t

⏹️ ▶️ Marco fix

⏹️ ▶️ John printers.

⏹️ ▶️ Casey Yeah. You know, and I was listening to the most recent upgrade, which we’re going to talk about, or at least make passing reference to later. And

⏹️ ▶️ Casey I was listening to you and, and, and, uh, Jason talk about good products and the Breville

⏹️ ▶️ Casey and Breville is basically late. Let’s give a modicum of a crap

⏹️ ▶️ Casey about how her products are. And that puts them light years ahead of everyone else. And

⏹️ ▶️ Casey, John I feel like we need

⏹️ ▶️ Casey the Breville of printers, you know, just care, just the tiniest bit, just the tiniest

⏹️ ▶️ Casey littlest bit. Care that much and we’ll all love you.

⏹️ ▶️ Marco No, that’s because like that is such a thing. Like there are so many product categories now where

⏹️ ▶️ Marco due to various, you know, globalization, market pressures, whatever, you know, consolidation, whatever it is,

⏹️ ▶️ Marco due to lots of like, you know, reasonable conditions that like, you know, there’s reasons why they are this way.

⏹️ ▶️ Marco The entire category of product just sucks. Like there’s no, there’s like all the quality has been drained

⏹️ ▶️ Marco out of it. And it’s like you can’t get something good at any price in a lot of categories.

⏹️ ▶️ Marco And I think printers are not, I wouldn’t say they’re all necessarily there,

⏹️ ▶️ Marco but certainly what we’re trying to do here is get something that is super reliable and

⏹️ ▶️ Marco also solves many different needs. Like, if you have just a basic

⏹️ ▶️ Marco laser printer, especially black and white lasers, they are so fast and simple.

⏹️ ▶️ Marco But once you start involving either ink or dye, like in this case of DyeSub, or even

⏹️ ▶️ Marco I once had a solid wax printer. That was fun. The Xerox phaser.

⏹️ ▶️ John Those things have the same problem as ink does though, is that wax can melt. That’s how they get it on the paper.

⏹️ ▶️ Marco Yeah, the wax was the worst of both worlds. It was the dull photos of color lasers,

⏹️ ▶️ Marco but with the non-permanence of

⏹️ ▶️ Marco, John ink.

⏹️ ▶️ Marco, Casey Yeah, I don’t know.

⏹️ ▶️ Marco That

⏹️ ▶️ Marco, Casey was

⏹️ ▶️ Marco not a good printer. I didn’t have it for very long. It was not very good.

⏹️ ▶️ John I mean, you might say that the solution is, you know, in the future, you know, your child’s assignment won’t ever need to be printed

⏹️ ▶️ John It’ll just be communicated electronically to the teacher for display, but yeah, we’re

⏹️ ▶️ John not there yet

⏹️ ▶️ Marco Well, I think that’s ultimately that’s the problem like the reason like who would who would innovate

⏹️ ▶️ Marco in the printer business today? There’s no growth in that category who is using printers anymore except

⏹️ ▶️ Marco me Using using a printer is like carrying around cash where I do it

⏹️ ▶️ Marco and in my life It seems very necessary very frequently but when you talk to anybody under the

⏹️ ▶️ Marco age of 30, they’re like, what are you talking about? What, you never need that. And I’m like, well, I kind

⏹️ ▶️ Marco of frequently need these things, but they’re like, no, no one needs it. And I have, I’ve never even touched cash.

⏹️ ▶️ Marco You know, it’s like, and you get a lot of that with printers too. Why would you have a printer? That’s so antiquated. You

⏹️ ▶️ Marco might as well have a fax machine. It’s like, no, there’s, there’s lots of reasons, but you know, what

⏹️ ▶️ Marco are you gonna do? The youth these

⏹️ ▶️ Casey days. The youths, what are we gonna do with them?

⏹️ ▶️ Casey, John I don’t know.

⏹️ ▶️ Casey I feel like I agree with what you’re saying, printers are to some degree a dying breed.

⏹️ ▶️ Casey But with that said, you would make money hand over fist. You could charge $11 billion

⏹️ ▶️ Casey for a printer that was reliable and worked every time and the ink lasted more than four minutes.

⏹️ ▶️ Casey There are advantages. That’s all I’m going to say.

⏹️ ▶️ Marco We are brought to you this week by Backblaze. Unlimited cloud

⏹️ ▶️ Marco backup for Macs and PCs for just $7 a month. I love

⏹️ ▶️ Marco Backblaze. First of all, cloud backup as a concept is something you really should have in your life because

⏹️ ▶️ Marco if anything happens to you know your computer, your office, your house, and any hard drives

⏹️ ▶️ Marco or whatever that are attached to it, if that’s your only backup, you’re out of luck. And that can be lots of things,

⏹️ ▶️ Marco you fire, flood, theft, lightning strikes, whatever. And so cloud backup is great for peace of mind

⏹️ ▶️ Marco like that, but then it can also offer incredible utility above the peace of mind. So for instance,

⏹️ ▶️ Marco if you’re out somewhere, you can just log into Backblaze and have access to all of your files

⏹️ ▶️ Marco from your home computer. So whether you’re on your phone, if you’re out somewhere and you’re like, oh, I gotta look up that document that I

⏹️ ▶️ Marco have like on my desktop, you know, at home, you can do that right from the Backblaze app on your phone.

⏹️ ▶️ Marco Or if you’re, you know, say you’re on vacation, you have a laptop or something, you want to download files

⏹️ ▶️ Marco off your home computer, you can do that again from Backblaze, you can pull whatever files you want right off.

⏹️ ▶️ Marco And of course, you can restore larger ones. If you actually have data loss, you can restore your files from the web interface.

⏹️ ▶️ Marco Or if you have like all the huge amount of data to recover, you can have the mail you a hard drive or a

⏹️ ▶️ Marco flash key with all your data right to your door. And if you return it, you get a refund on the cost

⏹️ ▶️ Marco of it. So it’s just an incredible service at Backblaze. You even have other features to like version history.

⏹️ ▶️ Marco And in In fact, for an extra $2 a month, you can increase your retention history to a year. So I love Backblaze.

⏹️ ▶️ Marco It’s a great backup service for not only peace of mind, but just really useful features as well.

⏹️ ▶️ Marco See for yourself at slash ATP. You can start a free trial

⏹️ ▶️ Marco there for 15 days with no credit card required. You can see how the whole thing works,

⏹️ ▶️ Marco see if it works for you. slash ATP. Go there now, get going.

⏹️ ▶️ Marco Don’t delay this until it’s too late and you lose something. get backblaze today

⏹️ ▶️ Marco slash ATP. Go there right now you won’t be sorry. Thank you so much to backblaze

⏹️ ▶️ Marco for being an awesome backup service and for sponsoring our show.

Follow-up: Mastodon

⏹️ ▶️ Casey One of you put in here Mastodon instances and an FYI that I’m not really sure why we

⏹️ ▶️ Casey need to share this, but somebody wanted to let you know, probably John, that you don’t need to be in the same instance as someone

⏹️ ▶️ Casey in order to follow them or reply to them.

⏹️ ▶️ John I kept getting people asking me on Twitter mostly, I heard you guys talk about Mastodon,

⏹️ ▶️ John I really want to try it, but says they’re not taking signups, so I guess I can’t do it. You don’t

⏹️ ▶️ John need to be a I think I’ve got like seven people who asked that same question.

⏹️ ▶️ John You do not need to be a You can be on any instance. Now this gets to our problem. The next

⏹️ ▶️ John question is always, okay, what instance should I use? And what I have to say is, I don’t know. I just want people

⏹️ ▶️ John to know, if you pick an instance, one, it’s not the end of the world because you can always move to another instance,

⏹️ ▶️ John right? And two, you do not need to be on the same instance as people that you follow. Like that’s

⏹️ ▶️ John the point of federation. And maybe we haven’t made that point strongly enough. Mastodon does not

⏹️ ▶️ John equal equal as Merlin would say, You can basically pick any instance. And if you go

⏹️ ▶️ John to any kind of mastodon thing, it will show you a list of instances. And how do you pick among them?

⏹️ ▶️ John I don’t know, find one where somebody you know is, right? I mean, I guess that’s how people are finding

⏹️ ▶️ John out about because that’s where we are. But you don’t have to be where we are. All the people I follow aren’t on the same

⏹️ ▶️ John instance as me. It’s just, that’s the point of federation. So don’t feel like it’s that big a deal. Yes, this is a

⏹️ ▶️ John weakness of mastodon. We’ve talked about it every time we bring it up. How do I pick an instance? I’m just kind of guessing.

⏹️ ▶️ John What if I pick the wrong instance? Like, it’s a problem, right? And I don’t know what the solution is,

⏹️ ▶️ John but at least it’s not a dire problem because if you do pick wrong or whatever, you can switch instances,

⏹️ ▶️ John or you could be like me and get an account on 50 different instances and use that as your hedge. But don’t

⏹️ ▶️ John worry if you’re not in the same instance as the hosts of your favorite podcast because you will be able

⏹️ ▶️ John to follow them no matter where you are, unless you’re on a server full of Nazis that got defederated.

⏹️ ▶️ John So don’t pick those instances. but other than that, you should be

⏹️ ▶️ Marco fine. There’s multiple reasons. Yeah, and overall, I would say, every time I keep going back

⏹️ ▶️ Marco to, what’s the good Friend Finder one, what’s it called? Move to Don.

⏹️ ▶️ Marco Move to Don, that’s it, yeah. I keep going back to Move to Don every couple of days. I have the tab open on my phone

⏹️ ▶️ Marco in Safari, and I just go back every couple of days and refresh it, and there’s a few more people there. And it’s

⏹️ ▶️ Marco happening. People are really moving there in large numbers. And again, I don’t think

⏹️ ▶️ Marco Twitter is gonna like lose to Mastodon, like in quotes. But certainly

⏹️ ▶️ Marco a lot of people who I follow on Twitter are now on Mastodon and

⏹️ ▶️ Marco are oftentimes posting more there. And so if you are the kind of person who might

⏹️ ▶️ Marco wanna follow nerdy people or people who care about that kind of stuff, check it out. I would also

⏹️ ▶️ Marco very strongly encourage everyone, John mentioned this last week, but the way Moved to Dawn and

⏹️ ▶️ Marco FedFinder work is they look in your Twitter profile for

⏹️ ▶️ Marco links to a Mastodon page. So if you have a question on the format, go look at my

⏹️ ▶️ Marco profile on Twitter. You can see the format of the link. It’s just, you know, instance name, dot whatever, slash at

⏹️ ▶️ Marco your username. That format, they look for that format. And so if you out

⏹️ ▶️ Marco there, if you have created a Mastodon account in your Twitter bio, go put that

⏹️ ▶️ Marco kind of link somewhere in the bio. It doesn’t even have to be like the URL field. It can be anywhere in the Twitter bio. put that

⏹️ ▶️ Marco link in there so these tools can find you. And then so that anybody who follows you can

⏹️ ▶️ Marco automatically find you over at Mastodon without having to ask and search and everything like that. So everyone

⏹️ ▶️ Marco please do that. And I think this is a big enough thing

⏹️ ▶️ Marco, John now

⏹️ ▶️ Marco that even if you’re not sure whether you’ll use it, you should probably go create an account somewhere. Like,

⏹️ ▶️ Marco and again, as John was saying, it doesn’t really matter which instance you pick for the most part, as long as it’s going to keep, keep

⏹️ ▶️ Marco existing in all likelihood. For now, that’s fine. but go create an account if

⏹️ ▶️ Marco you haven’t yet, because it seems like there’s a good amount of traction happening here. And frankly,

⏹️ ▶️ Marco I’m telling you, once I switched over to the Ivory beta, the tapas for Macedon

⏹️ ▶️ Marco thing, it’s really, I will oftentimes be using either Tweetbot or

⏹️ ▶️ Marco Ivory on my phone and forget which service I’m using. Because unless you look really closely

⏹️ ▶️ Marco at the design of the icons, you actually can very easily forget that. it really is like a drop in

⏹️ ▶️ Marco replacement at this point. And as soon as the Mac situation gets worked out, again, by Ivory probably,

⏹️ ▶️ Marco that’s gonna be even better. But again, stuff’s happening. And this is the time,

⏹️ ▶️ Marco if you haven’t yet jumped into Mastodon, go make an account. Even if you don’t end up using it, at least you’ll have

⏹️ ▶️ Marco a good username reserved somewhere. But, and it’s the worst case scenario. Best case scenario, you actually might

⏹️ ▶️ Marco use it. I have found that it is, in many ways, like Twitter is,

⏹️ ▶️ Marco Twitter is like, you know, our favorite bar that we hung out in every single day for 15 years. And

⏹️ ▶️ Marco now, a bunch of jerks keep coming in. And that’s always been a bit of a problem, but now like even more jerks are coming

⏹️ ▶️ Marco in. And the new owner now is like encouraging the jerks and letting them back in who have been previously

⏹️ ▶️ Marco kicked out. Who are like even the biggest jerks and the most, you know, ridiculous, outrageous kind of jerks.

⏹️ ▶️ Marco possible violent jerks. So our favorite bar,

⏹️ ▶️ Marco it’s going a little bit south and it’s not… Meanwhile, you can go down the street

⏹️ ▶️ Marco and go to a nice, cozy, friendly bar where all your friends are, basically, or at least

⏹️ ▶️ Marco many of your friends. And it’s like, wait, this is just kind of nicer. And

⏹️ ▶️ Marco that’s the experience I’ve had so far in Macedon because it is smaller. And that’s probably the biggest reason. But also

⏹️ ▶️ Marco because it’s a different vibe a little bit, a little a little bit different scene, but mostly because it’s smaller,

⏹️ ▶️ Marco it is just a nicer place to hang out for a lot of people a lot of the time. And it seems

⏹️ ▶️ Marco like it’s kind of a nerd haven in a lot of ways if you follow the nerdy scene like I do. There’s just a whole bunch of nerds

⏹️ ▶️ Marco there posting good nerdy stuff and I love it. So anyway, if you haven’t made an account yet on the Mass Adon

⏹️ ▶️ Marco thing, please go do it. Even if you don’t end up using it, you should at least try it.

⏹️ ▶️ John I just went to Move to Adon while you were doing that and I refreshed it, I had it open in a tab as well, and I found two new accounts and I click

⏹️ ▶️ John the follow button on them, I didn’t even look to see what instance they’re on. It does say, but now that I look, I

⏹️ ▶️ John see one of them was on One

⏹️ ▶️ John, Marco of them was on. Hackaderm, yeah.

⏹️ ▶️ John One of them was on But the point is, I didn’t even have to look at that. I just saw that they had a button

⏹️ ▶️ John that said follow because I wasn’t already following them. I just said click, click, done and done.

⏹️ ▶️ Marco Yeah, if I was starting new right now, I might go to Hackaderm because it seems like it’s a pretty

⏹️ ▶️ Marco cool group of nerds over there. I’ve got an account there.

⏹️ ▶️ John Yeah, of

⏹️ ▶️ John, Marco course. If I see a thing,

⏹️ ▶️ John when I tried to go, that server seems super overwhelmed. I don’t know if it still is, but when I was trying to create my account there to

⏹️ ▶️ John squat on my username, it was super slow.

⏹️ ▶️ Marco The admin made a post a few days ago saying they’re doing upgrades and stuff, because it’s run by

⏹️ ▶️ Marco a bunch of nerds who know what they’re doing, so they’re doing a lot of server stuff over there. And again,

⏹️ ▶️ Marco I do think the server scaling, cost management

⏹️ ▶️ Marco side of things, there’s a lot there that could go south in the future, But right now it’s a cool place

⏹️ ▶️ Marco to hang out and I hope it stays that way. So yeah, go pick a Massad instance. Hackaderms are pretty cool

⏹️ ▶️ Marco one I think. And go check it out because this is the time. Like this is like the early

⏹️ ▶️ Marco fun days before it gets crazy or turns south. Like this is when everyone’s

⏹️ ▶️ Marco still having fun. And you know, there’s not a lot of places like that left on the internet where, you know, new social

⏹️ ▶️ Marco networks where people are still having fun. Like that’s not really a thing. So

⏹️ ▶️ Marco anyway, yeah, check it out.

⏹️ ▶️ John I get it. It’s supposed to be like pachyderm, hackaderm. I was not reading it that way.

Hive security shutdown

⏹️ ▶️ Casey All right. The good news is if you don’t like Mastodon, you can go to HiveSocial. Shoot, nevermind.

⏹️ ▶️ Casey Nope. So HiveSocial is that startup that allegedly

⏹️ ▶️ Casey is being run by just two people. And Ars Technica reports that it

⏹️ ▶️ Casey basically self-terminated or self-suspended, I guess I should say, because a security

⏹️ ▶️ Casey research group or whatever said, hey, you guys have got a bunch of problems. So reading

⏹️ ▶️ Casey from the Ars Technica article, the issues we were, this is a quote, the The issues we reported allow any attacker to access all

⏹️ ▶️ Casey data, including private posts, private messages, shared media, and even deleted direct messages, the advisory

⏹️ ▶️ Casey published on Wednesday by Berlin-based security collective Zur Forschung claimed.

⏹️ ▶️ Casey This also includes private email addresses and phone numbers entered during login. Cool. Oh my god.

⏹️ ▶️ John They got all their security flaws out of the way and by just having one big one, which is like all access

⏹️ ▶️ John to all data, complete access to do anything as anybody all the time. Pretty much,

⏹️ ▶️ John you don’t need to ever have any other security problems. Because you’re like, we

⏹️ ▶️ John, Marco did

⏹️ ▶️ John it! We covered everything.

⏹️ ▶️ John, Marco Oh, also,

⏹️ ▶️ Marco the things that should have been deleted, they don’t actually get deleted. They’re soft deleted.

⏹️ ▶️ Marco, John Yeah, right. Bonus content.

⏹️ ▶️ John So, the Hive social thing, I said a couple shows back when I brought this up, that I didn’t understand

⏹️ ▶️ John how it snowballed. Like, how I suddenly saw everyone from the gaming

⏹️ ▶️ John community that I follow saying, come over to Hive! Everyone come over to Hive! and then looking at the numbers, like they crossed 1 million

⏹️ ▶️ John users, and the next day they crossed 2 million users. They were adding, you know, 500,000 users every 10 hours or something. And

⏹️ ▶️ John I was like, what is causing that? What made it snowball? What was the seed of this? Did

⏹️ ▶️ John some super popular influencer go there and tell all? Like, I still have no answer

⏹️ ▶️ John to that question. All I know is they were experiencing insane growth. And I don’t blame the people who made the app

⏹️ ▶️ John for the growth. I don’t think they did anything to make it happen in particular. But it was like, yeah, like one developer

⏹️ ▶️ John and two other people helping. And then the first sign of things being terribly wrong, other than just knowing

⏹️ ▶️ John the numbers I just told you, was that after I had gone through all the stuff of me trying to sign

⏹️ ▶️ John up with my email address and it wouldn’t let me, so I did sign in with Apple instead. It was I was

⏹️ ▶️ John like, I just wanted to get my username, right? Someone pointed out at that point, yeah,

⏹️ ▶️ John Hive doesn’t enforce uniqueness of usernames. And it showed a screen saying, hey, you search

⏹️ ▶️ John for at whatever. There was like 17 at whatevers. I forget what it was. was Genshin Impact, at Genshin Impact.

⏹️ ▶️ John It was a screen full of people, all of whom had at Genshin Impact as their handle. So they weren’t

⏹️ ▶️ John even enforcing uniqueness of handles, which seems like to me, a fairly

⏹️ ▶️ John fundamental feature of, you know, and apparently I was like, well, maybe that’s like a decision

⏹️ ▶️ John they made cause that’s, they don’t want that to be unique identifier, but no, apparently that was a bug. The other bug

⏹️ ▶️ John was that,

⏹️ ▶️ John, Casey the other bug was that it’s apparently

⏹️ ▶️ John trivially easy to get access to everyone’s messages everywhere, to be able

⏹️ ▶️ John to tweet as them, to be able to see the direct messages, to be able to like, their security problem that they had, they were like 100% hacked.

⏹️ ▶️ John Like, I don’t know what the bug was, but like, it apparently wasn’t too difficult for people,

⏹️ ▶️ John if you knew how, to just basically completely own them with a P. And

⏹️ ▶️ John so their response to that was, their response to that was not great, because they were aware of this bug

⏹️ ▶️ John for like 72 hours or something. before they did the only thing that was possible to

⏹️ ▶️ John do, which was we have to stop this service and regroup, which again, I don’t

⏹️ ▶️ John particularly blame them for. A three-person company makes this iOS app and they have 2 million users within a few days.

⏹️ ▶️ John They’re obviously in over their head. And so yeah, they shut down Hive. Will it rise again? We’ll

⏹️ ▶️ John see. But anyway, that is slash was Hive.

⏹️ ▶️ Marco Oh my God, what a mess. That’s like, I mean, look, I don’t wanna take too much joy in other people’s mistakes, but

⏹️ ▶️ Marco those are some big mistakes. That’s really outrageous.

⏹️ ▶️ John Yeah, it’s just like learning on hard mode for sure, but I still don’t understand or know why

⏹️ ▶️ John they snowballed the way they did, right?

⏹️ ▶️ Casey Who knows?

“Sharrow” is real

⏹️ ▶️ Casey I have good news and bad news. I’m mostly talking to our friend Merlin Mann. The good

⏹️ ▶️ Casey news is, Sharo is a real thing. Merlin is vindicated, baby!

⏹️ ▶️ Casey Except it doesn’t mean a box with an arrow coming out of it.

⏹️ ▶️ Casey, John Or does it?

⏹️ ▶️ Casey Or does it? So we got a bunch of different feedback about this. There was a great summary that was sent to us by

⏹️ ▶️ Casey Wes Davis. Wes writes, I’m sure you’ve gotten plenty of feedback on this, but in the event that I’m the only bike nerd listening,

⏹️ ▶️ Casey and I think at the time I read this, this was the first piece of feedback about it, but anyway. The first of many.

⏹️ ▶️ Casey The first of many. I wanted to point out that Merlin didn’t invent the term shero. It’s actually a term used by cyclists

⏹️ ▶️ Casey and city planners to refer to the double chevron symbols above a bicycle symbol you sometimes see on roads lacking bike

⏹️ ▶️ Casey lanes to indicate to cars that A, cyclists will be here, and that’s OK, and B, this is

⏹️ ▶️ Casey the general area that they will exist. It’s a special kick in the face when a cyclist is on a road with plenty

⏹️ ▶️ Casey of space for cars and bike lanes, and they’ve painted a shero near the right-hand side

⏹️ ▶️ Casey of the road where a bike lane could be, which I thought was quite

⏹️ ▶️ John funny. People do not like sharrows. Bike riders don’t like them. It’s basically like you did

⏹️ ▶️ John the minimum possible instead of making a real protected bike lane. And the studies have shown

⏹️ ▶️ John that it actually makes it more dangerous for bike riders, not less. So sharrows get a

⏹️ ▶️ John big thumb down from biking. And here’s the thing about this with respect to Merlin. Merlin has recently been in a little bit

⏹️ ▶️ John of a rabbit hole learning about road design and urban design. So he may have been exposed to this exact

⏹️ ▶️ John term in that context.

⏹️ ▶️ Casey That’s true, that’s true. From the first anonymous person, I’d like this to be kept anonymous, but

⏹️ ▶️ Casey I can confirm internally within Apple on Slack, I’ve absolutely seen Sharo

⏹️ ▶️ Casey in use. Just thought you’d appreciate knowing. So Merlin is vindicated from another anonymous person.

⏹️ ▶️ Casey Regarding the word Sharo, I don’t think Merlin invented it, but regardless if he did or not, I’m 95% sure I heard designers

⏹️ ▶️ Casey inside Apple use it when I was there. So it’s at least spread that far by 2019 or so. And

⏹️ ▶️ Casey then from our final anonymous birdie, Perhaps it will surprise you to know that when I began working in Apple

⏹️ ▶️ Casey retail eight years ago, the word Sharo was already in use taught to me by a coworker and used regularly

⏹️ ▶️ Casey by our creative team when teaching customers.

⏹️ ▶️ John Yeah. The people who talked about shower using being used for the share arrow often said that, yeah, we

⏹️ ▶️ John used it in this context or whatever, but like it hasn’t, I mean it, it hasn’t, it doesn’t seem

⏹️ ▶️ John to like have caught on. Lots of things are used inside Apple and not outside Apple. Uh, and,

⏹️ ▶️ John but if Apple retail is teaching it to people, you’d think maybe it would catch on in the wider community. Anyway, There’s still a chance it could

⏹️ ▶️ John happen. There’s still a chance we could circle back a year from now and everybody uses the term sharrow. We could be making it

⏹️ ▶️ John happen right now just by

⏹️ ▶️ John, Marco talking about it unintentionally.

⏹️ ▶️ John But yeah, it’s not on Merlin to make it happen is what I’m saying. Apple has been apparently trying to make sharrow

⏹️ ▶️ John happen for years. It just hasn’t broken through yet, like Hive.

⏹️ ▶️ Marco We are brought to you this week by Trade Coffee. Now look, I’m a huge coffee

⏹️ ▶️ Marco nerd. The secret to great coffee is very simple. Freshly roasted beans.

⏹️ ▶️ Marco And anything you get in a grocery store is not freshly roasted. It’s gone through the supply chain, it’s probably at

⏹️ ▶️ Marco least a few weeks old if you’re lucky, and probably much more than that. Trade Coffee

⏹️ ▶️ Marco sends you freshly roasted coffee right to your doorstep from local roasters around

⏹️ ▶️ Marco the country. It It is a coffee subscription service that makes it super easy to discover new coffees

⏹️ ▶️ Marco and make the best coffee you can make at home every single day. So they partner with the nation’s

⏹️ ▶️ Marco top rated independent roasters. They send you coffee that they know you’ll love fresh to your home on whatever

⏹️ ▶️ Marco your preferred schedule is. And whether you’re a coffee nerd like me or you are new to this and need some

⏹️ ▶️ Marco help, they make it easy and convenient to discover new coffees. So they have all these different settings and quizzes

⏹️ ▶️ Marco you can take so that you can really know like that you’re gonna be sent something that you like a lot. they’ll ask you how you

⏹️ ▶️ Marco brew it, how you want to ground if you want to ground all sorts of stuff like that. dark roast, light roast, different origins, different

⏹️ ▶️ Marco flavors, you can do all that with trade and it is just great. And it’s a great gift now to

⏹️ ▶️ Marco this is awesome for you know, if you have somebody in your life who’s difficult to shop for, but they drink

⏹️ ▶️ Marco coffee, go for trade. It’s fantastic. It’s a great gift for the holidays. Great for last minute

⏹️ ▶️ Marco shoppers to just, you know, quickly buy a gift subscription to trade and it’s just awesome. So

⏹️ ▶️ Marco I love trade. It’s a great gift and it’s great to use yourself too. It’s great for variety in your coffee.

⏹️ ▶️ Marco You get tons of variety and it’s all really, really great. So treat yourself or the coffee lover in your life

⏹️ ▶️ Marco with Trade Coffee. Right now they’re offering our listeners a total of $30 off a subscription and access to

⏹️ ▶️ Marco limited time holiday specials at slash ATP. That’s

⏹️ ▶️ Marco slash ATP for $30 off slash ATP.

⏹️ ▶️ Marco Thanks to Trade Coffee for sponsoring our show.

Blackbird update

⏹️ ▶️ Casey A couple of episodes ago, we were discussing a gift that Marco gave me, and I thought that was really fun.

⏹️ ▶️ Casey And then I was looking around at this piece of code, and this particular piece of code I was looking

⏹️ ▶️ Casey at, it’s a new open source thing. It has unit tests, just like the

⏹️ ▶️ Casey gift Marco gave me a couple of weeks ago. It has combined publishers. It has async

⏹️ ▶️ Casey await. It has all sorts of delightful things. I’ve almost fallen over.

⏹️ ▶️ Casey I am so excited. Even though this is code I don’t think I’ll ever use because it doesn’t really do anything for me personally.

⏹️ ▶️ Casey, John The fact that these things

⏹️ ▶️ Casey exist, the fact that these things exist is such a gift to me. And I want to use all sort of vulgar

⏹️ ▶️ Casey euphemisms about how happy I am about this, but I will refrain and I will keep them to myself. But anyways,

⏹️ ▶️ Casey Blackbird has been open sourced. And so you can check out Marco’s in progress

⏹️ ▶️ Casey sequel. What is it, ButtDB?

⏹️ ▶️ Casey, Marco Yes, nae ButtDB.

⏹️ ▶️ Casey you can see his in progress SQLite wrapper. And I have only taken but a few minutes

⏹️ ▶️ Casey spelunking through the code. But as much as I’m kind of being snarky about it, for real, there’s

⏹️ ▶️ Casey publishers, there’s unit tests, there’s async await, it’s all there, baby. I’m so excited. This is

⏹️ ▶️ Casey very cool.

⏹️ ▶️ Marco Thank you. And I even, yesterday, I put a whole big SwiftUI thing out

⏹️ ▶️ Marco with some fancy property wrappers for live updating instance groups and stuff like that. Yeah, so,

⏹️ ▶️ Marco so far it’s going along great. I even had a friend of the show in the world, Guy English, even

⏹️ ▶️ Marco already contributed a pretty substantial pull request for adding performance counters and stuff that show up in instruments.

⏹️ ▶️ Marco So that’s pretty cool.

⏹️ ▶️ John Did you also get something for like a, what was it, for the string literals with the inline interpolation thing?

⏹️ ▶️ Marco That, well yeah, that wasn’t a pull request, but it was a few people on Twitter who pointed that out, including I think one of the authors

⏹️ ▶️ Marco of a project that did that. I don’t know if I wanna do that. that feels

⏹️ ▶️ Marco a little bit like unexpected magic from the call site end. Like, I don’t think I would

⏹️ ▶️ Marco expect that to happen at the call site.

⏹️ ▶️ John It makes it look like you’re making SQL injection bugs, but you’re not. Exactly, yeah, that’s why I don’t,

⏹️ ▶️ Marco I see the advantage of it in terms of like, you’re putting the arguments right where they go.

⏹️ ▶️ Marco I see that value, but I think most people, including

⏹️ ▶️ Marco my own future self, like at the call site would not expect that to be the behavior. And so I don’t think

⏹️ ▶️ Marco I wanna do that. Unless custom string interpolation becomes a much more common pattern that’s used

⏹️ ▶️ Marco a lot in Swift But I don’t I don’t think it’s is or is going to be so we’ll see

⏹️ ▶️ John I think the cool the coolest thing about that Is if you if you were able to do it pervasively it essentially protects

⏹️ ▶️ John against people who don’t know how to avoid SQL injection attacks like they think

⏹️ ▶️ John you would look at the code and it’s like oh no this beginner made a sequel injection tech They have no idea that that

⏹️ ▶️ John custom interpolation is there. But that custom interpolation would, in fact, be protecting them against that

⏹️ ▶️ John injection attack. But I’m not sure you could ever get to that level of a safety net where you could say, you don’t

⏹️ ▶️ John even need to know about this. Just write any old code, and you’ll always be protected against injection.

⏹️ ▶️ Marco Yeah. Yeah, I don’t know. It doesn’t seem like it’s a good idea. I did also, I tried

⏹️ ▶️ Marco earlier today, somebody submitted a pull request that turned on the

⏹️ ▶️ Marco Swift concurrency warnings for all the sendable stuff. And I tried

⏹️ ▶️ Marco for a little while to get that to not show 88 warnings when I compiled

⏹️ ▶️ Marco the app. That’s a bigger project. I am gonna try to make

⏹️ ▶️ Marco that all correct, just for future looking stuff. But I tried doing it today,

⏹️ ▶️ Marco I’m like, oh, this is way bigger than a one day project. So I’ll work on that.

⏹️ ▶️ Marco But overall, I actually do intend to do stuff like that because again, this is

⏹️ ▶️ Marco my plan is for this to be what I write my apps against for the next X years where X

⏹️ ▶️ Marco is however long I’m writing Swift apps. I mean, that’s hopefully gonna be a long time. And so

⏹️ ▶️ Marco I do intend for this to be very forward looking, forward

⏹️ ▶️ Marco compatible, cover as many of my forward needs as possible.

⏹️ ▶️ Marco I’m gonna possibly write a Cloud Kit adapter for it, but I’m gonna see. I haven’t

⏹️ ▶️ Marco long story short, I haven’t yet fully decided if I’m even going to be using Cloud Kit for overcast. But if I do,

⏹️ ▶️ Marco then that’s going to be the next step here is going to make Cloud Kit wrapper for this probably. But anyway, yeah, so so Blackbird, yeah, it’s going

⏹️ ▶️ Marco pretty well. I you know, I don’t I don’t think anyone’s using it yet. And you shouldn’t I tell you right in the FAQ, like,

⏹️ ▶️ Marco don’t use it before I use it. Because

⏹️ ▶️ Marco, John if I

⏹️ ▶️ Marco use it, and it turns out something doesn’t work right, or the API is clunky in some way, I’m going to change it.

⏹️ ▶️ Marco And you know, that could break how you’re using it. So yeah, this is not ready for you. It’s open

⏹️ ▶️ Marco sourced only for people’s curiosity and possibly learning and

⏹️ ▶️ Marco me learning from you, not actually intended to be used yet.

⏹️ ▶️ Casey Yeah, I am super pleased that you are using all this new and fancy stuff,

⏹️ ▶️ Casey in part because this is, and this is gonna come out mean and I

⏹️ ▶️ Casey don’t intend it to, but that’s not typically your MO. You’re typically a little more conservative

⏹️ ▶️ Casey and I’m excited that you’re living more on the cutting edge than you typically do. And plus,

⏹️ ▶️ Casey I plan to dig through this with a more fine-toothed comb for my own knowledge, not because I want to be that guy that’s,

⏹️ ▶️ Casey wow, did you consider that you should do this? But no, I feel like I could learn from this. And so

⏹️ ▶️ Casey I’m very excited to dig into this and see more of it.

⏹️ ▶️ Marco Thank you. It fits my usual pattern. It’s just a pattern that has a very long cycle

⏹️ ▶️ Marco time. Like when we were first doing Tumblr, PHP 5, I believe, had just come out.

⏹️ ▶️ Marco It was like 5.2, which everyone added late static binding. That was like right in early Tumblr days.

⏹️ ▶️ Marco I think it was like 2007-ish, maybe 2006,

⏹️ ▶️ Marco but yeah, I think it was 5.2 that added late static binding. And that made a bunch of much more,

⏹️ ▶️ Marco I mean, by today’s standards, fairly primitive stuff, but for PHP in 2006 standards, some

⏹️ ▶️ Marco much more advanced object-oriented programming was possible thanks to that update. And it was it made such

⏹️ ▶️ Marco a big difference in how you would write an app like that, that we

⏹️ ▶️ Marco require that from all of our servers. And we jumped in and made all of like the most

⏹️ ▶️ Marco advanced PHP stuff you could do at that time. That was the basis for that. I

⏹️ ▶️ Marco am still using that PHP framework today, or at least a very, very, very distant

⏹️ ▶️ Marco derivative of it. Still using, you know, many of those basic structures and stuff today,

⏹️ ▶️ Marco because, you know, I jumped in when it was super advanced. And, you know, and it was very cutting edge at the time.

⏹️ ▶️ Marco And now I still have no reason to really change it. So that’s kind of how I see this, like,

⏹️ ▶️ Marco you know, like, I have a lot of ancient objective C code that that I wrote, you know, 10

⏹️ ▶️ Marco years ago that I’m still using today, because I wrote it a long time ago to be cutting edge then, and it’s still fine

⏹️ ▶️ Marco now. Well, this is gonna I hope this is gonna be one of those pieces of Swift code for me,

⏹️ ▶️ Marco that I’m writing this all to be cutting-edge now, so that 10 years from now,

⏹️ ▶️ Marco it’s not out of date or broken, hopefully not. And this is hopefully

⏹️ ▶️ Marco still a good way to do things 10 years from now.

⏹️ ▶️ Casey Steven Powell Before we leave this topic, I wanted to call out one thing. You put in your

⏹️ ▶️ Casey readme, wishlist for future Swift language capabilities. And I know you didn’t see

⏹️ ▶️ Casey it, but I gave the following, a standing friggin’ ovation because I could I could not agree with you more.

⏹️ ▶️ Casey Type reflection for automatic or cleaner schema definitions. Swift currently has no way to reflect a type’s properties.

⏹️ ▶️ Casey Mirror only reflects property names and values of given instances. If language adds type reflection in the future,

⏹️ ▶️ Casey I’d love to add an optional automatic table definitions that didn’t require repeating the column names and types

⏹️ ▶️ Casey in my static var table equals blah, blah, blah definition. It could also be based on property wrappers, e.g. you know,

⏹️ ▶️ Casey at column or at index column, et cetera. Amen, brother.

⏹️ ▶️ Casey I could not agree with you more.

⏹️ ▶️ John I think there’s a proposal for that already for type reflection, isn’t there?

⏹️ ▶️ John, Marco I

⏹️ ▶️ Marco can’t imagine there wouldn’t be. Yeah. It’s like it’s such an obvious thing.

⏹️ ▶️ John I think I read it recently. I know, but I’m not just like it’s on the list, but like someone already has a proposal

⏹️ ▶️ John for it. I think I’m trying to find it for the show notes. If not, someone will send it to us for next week. But yeah,

⏹️ ▶️ John that’s one of the things I read recently as a actual thing.

⏹️ ▶️ Casey Yeah, I couldn’t agree with you more.

⏹️ ▶️ Marco Yeah. This is another reason why you shouldn’t, you know, rely on this framework being stable where

⏹️ ▶️ Marco it is now. It’s like, if that comes out next year, I’m moving all this entire framework to it. Like that’s,

⏹️ ▶️ Marco I’m just gonna do it and I’ll update my code and you know, I hope yours works.

⏹️ ▶️ John It might not be sufficient for all the things that you want out of it.

⏹️ ▶️ John, Marco Yeah, probably not.

⏹️ ▶️ John But you’ll see. Yeah. Plus those things, those features like that tend to like, Apple like hoards them

⏹️ ▶️ John for each major Switch version. Like you can see them in the, like, you know, it’s all in the open. So it’s not like it’s a mystery,

⏹️ ▶️ John but when they come out with like, Oh, here’s the new version of Swift, it’ll be able to see. You know everything that’s gonna be in it. But

⏹️ ▶️ John Apple does tend to wait for those yearly Xcode releases to sort of package it all up and deliver it to

⏹️ ▶️ John their developers in a way that it’s safe to use with App Store stuff.

⏹️ ▶️ John, Marco Yeah, right, yeah. Like,

⏹️ ▶️ Marco yeah, even if they release that, you know, or somebody adds up to Swift, like in the spring,

⏹️ ▶️ Marco there’s no way we’d be able to ship code with it until the fall. And then it would probably, even then, probably

⏹️ ▶️ Marco require the latest releases to run too. Because that

⏹️ ▶️ Marco, John also involves some run time. That’s one of the

⏹️ ▶️ John cool proposal things. One of the things that actually is going in is, I think it’s going in, I’m assuming it will pass,

⏹️ ▶️ John is a way to backport APIs to older things. So you don’t

⏹️ ▶️ John just say, oh, I added this new method, but you only get it if you’re on Ventura, right? A way to basically, to

⏹️ ▶️ John back-compat things to previous versions. I mean, it’s another feature you’re looking at, and you’re like, oh, this is a feature Apple could use. Well, yeah,

⏹️ ▶️ John duh. It’s actually kind of clever how they did it. If you read the proposal, it’s built on a feature they already

⏹️ ▶️ John had, but just extending it a little bit, making it so, If you’re running on the older version

⏹️ ▶️ John of the OS, you’ll get the implementation copied down into you, but you don’t have to get the entire library copied down. Anyway,

⏹️ ▶️ John stuff like that makes me think that, you know, features that are useful to Apple will come sooner than features

⏹️ ▶️ John that aren’t. And I think type reflection would be useful for Apple. So I think that is a good shot of getting

⏹️ ▶️ John in for next year.

⏹️ ▶️ Marco Yeah, because we still don’t really have like Apple’s core data solution for Swift. Like

⏹️ ▶️ Marco core data is compatible with Swift, you know, but it’s not a very Swifty way to do things.

⏹️ ▶️ Marco And I still don’t think we have, what is Apple’s answer to the next generation

⏹️ ▶️ Marco of core data designed with Swift in mind? I don’t think we have that yet. And

⏹️ ▶️ Marco maybe they would use features like that to make that happen.

⏹️ ▶️ Casey Yep, we’ll see. I just would really like it. When I was heavy in.NET and C Sharp,

⏹️ ▶️ Casey this was when reflection was new to me and man, there was not a problem that could not be solved with reflection.

⏹️ ▶️ Casey And obviously I’ve grown up since then, and I think I would use it far more sparingly,

⏹️ ▶️ Casey but it is something very, very useful to have and something that I wish Swift had more than a

⏹️ ▶️ Casey passing implementation of. And even then, like you said in your read me, the implementation is

⏹️ ▶️ Casey half-butted, to use your term, if anything. So I’d really love a full-butt implementation of Mirror.

⏹️ ▶️ Casey Real-time follow-up, a one Jay Syracuse in the chat room seems to have found the,

⏹️ ▶️ Casey oh no, this is function back deployment. I was gonna say this is a reflection, but no, this is the function-backed deployment you were talking about,

⏹️ ▶️ Casey which is cool stuff

⏹️ ▶️ Casey, John as well. Yep,

⏹️ ▶️ John it’s Swift Evolution, function-backed deployment. Even if you don’t know too

⏹️ ▶️ John much about programming, the great thing about these proposals, Swift Evolution proposals, is they tend to explain things

⏹️ ▶️ John more or less in first principle, so you can just read it and kind of understand what they’re proposing, even if

⏹️ ▶️ John you have no idea about Swift or language design or anything. You have to know a little bit about

⏹️ ▶️ John programming, but they’re usually very clear.

⏹️ ▶️ Marco The other thing though, I do have one, I don’t know if it’s necessarily a concern or a complaint, but

⏹️ ▶️ Marco one kind of effect to notice is, as I’m diving into a lot of this,

⏹️ ▶️ Marco a lot of kind of deeper Swift functionality and Swift UI functionality as well,

⏹️ ▶️ Marco there is just so much here. It is a huge language and it keeps getting bigger.

⏹️ ▶️ Marco Like there are so many ways you can write things. There are so many capabilities

⏹️ ▶️ Marco down below everything. There are so many weird little at prefixes you can stick on things that change behavior

⏹️ ▶️ Marco in certain ways. It is a massively complex language and it’s getting more and more

⏹️ ▶️ Marco complex every year. And I do kind of worry about that from the point of view of

⏹️ ▶️ Marco just manageability of complexity. I heard somewhere recently that programming,

⏹️ ▶️ Marco the biggest challenge of programming is managing complexity and that is, first of all, insanely

⏹️ ▶️ Marco correct and wise and that’s so much bigger than cash and validation naming things and all that stuff.

⏹️ ▶️ Marco But managing complexity is by far our industry’s biggest challenge, always, from one coder

⏹️ ▶️ Marco all the way up to big teams. That’s just software development in a nutshell, is managing complexity in

⏹️ ▶️ Marco some kind of reasonable way. And the language itself, like

⏹️ ▶️ Marco Swift makes so much complexity possible that I’m concerned

⏹️ ▶️ Marco that it’s, first of all, not only extremely difficult for people to really learn and get

⏹️ ▶️ Marco a good handle on because all the stuff under the covers and behind the scenes that you eventually

⏹️ ▶️ Marco do have to deal with. But also, I’m concerned about just the

⏹️ ▶️ Marco language itself becoming so big and bloated. Are developer tools gonna

⏹️ ▶️ Marco still be fairly unreliable and bloated and slow forever with this language?

⏹️ ▶️ Marco How about documentation and community forums and Stack Overflow

⏹️ ▶️ Marco and stuff like that? There’s a lot of complexity in this language I think that’s going to ripple out in pretty significant

⏹️ ▶️ Marco ways that are probably already happening. Some of the complexity, I guess, is necessary to build

⏹️ ▶️ Marco what they want to build, but I do think there’s maybe not enough

⏹️ ▶️ Marco prioritization on saying no to certain features in the language. I don’t know.

⏹️ ▶️ Marco I’m not a language designer, so maybe I’m off base here, but it is just a way,

⏹️ ▶️ Marco way bigger language than anything we’ve used before.

⏹️ ▶️ John I

⏹️ ▶️ John, Marco think they’re

⏹️ ▶️ John mostly going in the right direction. the kind of proposals that I see a lot of that make sense again, being something useful for

⏹️ ▶️ John Apple, you’ll see a proposal and you’ll be like, huh, why do they care about this feature? And when you

⏹️ ▶️ John look at it and read it and start looking at some of the examples, what you learn is basically like the Swift standard library,

⏹️ ▶️ John like the part, you know, the big part of Swift is the library that it comes with that has all the stuff in it that are not quote unquote

⏹️ ▶️ John part of the language there, but they’re in a library. If you look at the code for the Swift standard library,

⏹️ ▶️ John some of it looks really awful. You’re like,

⏹️ ▶️ John, Marco ugh,

⏹️ ▶️ John ugh, why do they have this? It looks hacky and weird. and there’s some weird repetition of code and they have to do things

⏹️ ▶️ John in weird ways. And you’re like, boy, I’m glad I don’t have to maintain this code. And then you look back at the proposal and you realize

⏹️ ▶️ John the proposal lets them delete like all this code and replace it with like something simple and straightforward, right? And so when

⏹️ ▶️ John you look at the feature, like why are they adding new features? It’s because they wanted to do a thing, like a useful thing,

⏹️ ▶️ John because the standard library is not magic. Like it doesn’t do anything that regular code doesn’t do, but it’s super important.

⏹️ ▶️ John And they want it to be, you know, high performance, safe, you know, easy to use, have a nice API.

⏹️ ▶️ John And by doing all that, they’re like, boy, to make a good standard library, we have to do this ugly crap. Why do we have

⏹️ ▶️ John to do this ugly crap? And it’s like, oh, because you can’t do X, Y, and Z in Swift because of some limitation.

⏹️ ▶️ John So they add a feature that lets them basically jump into the standard library and just delete like pages

⏹️ ▶️ John of code and condense it down to like one concise paragraph. And you on the outside think, oh, they’re

⏹️ ▶️ John adding more features to Swift. But if you have a substantial Swift code basis that you try to write to be

⏹️ ▶️ John like the best it can be, you realize that by having this feature, it simplifies the code

⏹️ ▶️ John so much. Like you don’t have to do this weird hack. You don’t have to repeat yourself. You don’t have to do a workaround

⏹️ ▶️ John because you’re not allowed to do this one thing that you wanted to do. And a lot of the Swift proposals I see

⏹️ ▶️ John are like that. For example, reflection with type data. There are probably places in the standard

⏹️ ▶️ John library where that would come in so handy and save them a lot of time and energy where now they’re like, well, we can’t do

⏹️ ▶️ John that. So just, you know, repeat this code block 50 different times with different parameters on it because

⏹️ ▶️ John there’s no way for us to sort of programmatically figure out the answer to this question. We just have to sort of

⏹️ ▶️ John bake our knowledge into the standard library by repeating the code. So there are boondoggles here and there, but

⏹️ ▶️ John for the most part, I like the direction I see most of the proposals, because I think that the title of the proposal is they’ll

⏹️ ▶️ John let somebody, usually Apple, delete a lot of code and replace it with less.

⏹️ ▶️ Casey I think my favorite of this was the DSL stuff that landed before SwiftUI did.

⏹️ ▶️ Casey And so, you know, there’s all this, how do we make like, you know, a domain specific language

⏹️ ▶️ Casey for something? I don’t know what it could possibly

⏹️ ▶️ Casey, John be.

⏹️ ▶️ Casey And a few of us, you know, were smarter, smart enough to put together what

⏹️ ▶️ Casey this apparently would probably be and we’re right. And then it got used for stuff like their absolutely

⏹️ ▶️ Casey awesome Regex stuff, which is coming soon and is so much better than Perl. We can all agree. Right. So anyway…

iMessage Contact Key Verification

⏹️ ▶️ Casey Apple has dropped a bunch of stuff in our laps. Thank you, Apple, for doing it on a Wednesday and

⏹️ ▶️ Casey not a different day. We appreciate that. They’ve announced three new, quote, advanced security

⏹️ ▶️ Casey features, quote. And we’re gonna start with the things that are not that

⏹️ ▶️ Casey dramatic and then move to the dramatic one. First is iMessage contact key verification.

⏹️ ▶️ Casey This will be available globally in 2023. And from the

⏹️ ▶️ Casey newsroom, their announcement says, now with iMessage contact key verification, users who

⏹️ ▶️ Casey face extraordinary digital threats, such as journalists, human rights activists, and members of government, quick aside,

⏹️ ▶️ Casey it’s pretty sick that human rights activists are in the category of extraordinary

⏹️ ▶️ Casey digital threats, but that’s neither here nor there, can choose to further verify that they are messaging only with the people

⏹️ ▶️ Casey they intend. Conversations between users who have enabled iMessage contact key verification receive automatic alerts

⏹️ ▶️ Casey of an exceptionally advanced adversary, such as a state-sponsored attacker, were ever to succeed breaking

⏹️ ▶️ Casey cloud servers and inserting their own device to eavesdrop on these encrypted communications.

⏹️ ▶️ Casey And for even higher security, iMessage contact key verification users can compare a contact

⏹️ ▶️ Casey verification code in person on FaceTime or through another secure call. And they have a screenshot of this,

⏹️ ▶️ Casey and in the screenshot it shows a little warning triangle, and it says, this is within the context of an iMessage thread,

⏹️ ▶️ Casey an unrecognized device may have been added to such and such account, options, and then you can click

⏹️ ▶️ Casey on options or tap on options and it’s not clear what happens then. But basically, I guess

⏹️ ▶️ Casey it, I’m unclear how this works. I’m not sure if either of you two know, but does it just

⏹️ ▶️ Casey alert you when a new device is added to an existing thread? Because that seems-

⏹️ ▶️ John Yeah, I think this is like a human factors security enhancement rather

⏹️ ▶️ John than a sort of, you know, data-driven one to zero security enhancement. It’s basically,

⏹️ ▶️ John seems to me a combination of heightened awareness when things have changed. Because people

⏹️ ▶️ John get new devices all the time, but like sort of communicating that is something that good services have done for many years

⏹️ ▶️ John now. Like, did you know that a new computer was authorized to log into your iCloud account? Did you

⏹️ ▶️ John know that this, you just signed on to from a device we’ve never seen before?

⏹️ ▶️ John Those type of things where they would send you emails and stuff, that sort of increases awareness that someone couldn’t

⏹️ ▶️ John be doing something behind your back that you would have no way of knowing about, right? And so this is adding that

⏹️ ▶️ John to iMessage. Like, oh, you think you’re messaging with this person and it’s not like we’re telling you that you’re not messaging with

⏹️ ▶️ John that person, but it seems like they’re using a device they’ve never used before. And so maybe

⏹️ ▶️ John you’re not talking to them. Maybe you’re talking to someone else who has figured out how to hack into their iCloud account.

⏹️ ▶️ John And so they’re using a new device, but communicating with them. So there’s that, there’s the heads up thing. And then this other part

⏹️ ▶️ John is the key verification. I guess the idea is underneath that options thing, this is why I wish they’d shown

⏹️ ▶️ John a demo of this. I guess it’s not ready yet, underneath the options thing that would basically say, Hey, if you want to like

⏹️ ▶️ John validate that this person is who they say they are, like, here’s some kind of workflow whereby

⏹️ ▶️ John out of band in some place other than messages, you have a way to communicate with that person to

⏹️ ▶️ John exchange some information that only they would know. Or I mean, like, honestly, I guess you could like FaceTime them. And if you recognize

⏹️ ▶️ John their face, and there’s not a gun to their head, that it’s probably them. Or you could call them on the phone or you know, whatever. But

⏹️ ▶️ John this is sort of facilitating that. So it’s a combination of something might be weird. and Apple

⏹️ ▶️ John might have a way for you to check whether things are okay. You don’t need Apple

⏹️ ▶️ John to check whether things are okay. You could just, again, call them on a phone number or something or walk over

⏹️ ▶️ John to where they live if you’re nearby. There’s other ways that you can do that, but what you do need Apple to do is say,

⏹️ ▶️ John oh, we haven’t seen this person use this device before, so if you think you’re just messaging

⏹️ ▶️ John with DoChameau on their usual phone, you’re not, and what you want to do with that information is up to you.

2FA with hardware keys

⏹️ ▶️ Casey They also announced hardware two-factor authentication with security keys. This will be available globally in early 2023.

⏹️ ▶️ Casey Apple writes, today with more than 95 percent of Active iCloud accounts using two-factor authentication,

⏹️ ▶️ Casey it is the most widely used two-factor account security system in the world that we’re aware of. I just thought that was neat.

⏹️ ▶️ Casey Now, with security keys, users will have the choice to make use of third-party

⏹️ ▶️ Casey hardware security keys in order to enhance this protection. For users who opt in, security keys strengthens

⏹️ ▶️ Casey Apple’s two-factor auth by requiring a hardware security key as one of the two factors. This takes our two-factor auth

⏹️ ▶️ Casey even further, preventing even an advanced attacker from obtaining a user’s second factor in a phishing scam.

⏹️ ▶️ Casey And here again, they show a screenshot and there’s a little pop-up or sheet that says, sign in, insert and

⏹️ ▶️ Casey activate one of your security keys. If you have an NFC key, bring it near the top of this iPhone. All right, so

⏹️ ▶️ Casey I don’t personally have any of these hardware security keys. I used to many, many, many jobs ago and it

⏹️ ▶️ Casey was a little clunky, but it worked okay at the time. My my understanding is they’re very fancy now.

⏹️ ▶️ Casey I mean, heck, apparently you can get some that have like a lightning connector, which is kind of neat. I don’t know, John,

⏹️ ▶️ Casey you were the one with the most recent real job. Do you have, did you ever use one of these? Do you have any interest

⏹️ ▶️ Casey in using one of these? What’s the story

⏹️ ▶️ Casey, John here?

⏹️ ▶️ John I mean, like, I think, well, I would say we all have had, but Marco certainly hasn’t.

⏹️ ▶️ John, Marco Back in the day before authenticator

⏹️ ▶️ John apps were very common on smartphones, the ones that give you like the set of numbers that roll over every minute or whatever,

⏹️ ▶️ John right? back before those were common, and certainly back before they were built into iOS and MacOS, you’d get

⏹️ ▶️ John a little hardware dongle that had those numbers on it with a little battery in it or whatever.

⏹️ ▶️ John This is not that. What they’ve added is support for a hardware security key. So basically to log in successfully,

⏹️ ▶️ John instead of, you used to be like, oh, I’ll enter my password, and then I’ll get a text message, or enter my password, and then

⏹️ ▶️ John it will prompt me to enter one of those six digit codes from like an authenticator app or from this little

⏹️ ▶️ John dongle, right? This says to log in, you would need your password or whatever,

⏹️ ▶️ John and also a hardware thing that you own that has a secret on it, and you plug it in

⏹️ ▶️ John and say, if you don’t have that thing, even if someone knows your password, even if someone has somehow

⏹️ ▶️ John has access to your like six digit rolling authentication thing, like they somehow got access

⏹️ ▶️ John to that because they stole the QR code or whatever, right? They still need the little dongle-y

⏹️ ▶️ John thing, the little YubiKey is the brand name, but like, you know, they still need an actual hardware thing. It’s just like, it’s like

⏹️ ▶️ John a physical key kind of, right? But it’s just, you know, a drive with some, with a secret on it,

⏹️ ▶️ John right? That’s what this is. And for people who want that, it does add an extra layer

⏹️ ▶️ John of protection. This is where we get into the territory for this whole announcement. It’s like when you’re hearing all these things,

⏹️ ▶️ John just because a security feature exists does not mean you have to use it. Think

⏹️ ▶️ John about the trade-offs you’re making before you decide to do this, because having to plug in a physical thing

⏹️ ▶️ John into your phone or computer to get logged into your iCloud account is a big step up

⏹️ ▶️ John in security and a big step down in convenience, right? So if you are not

⏹️ ▶️ John a reporter, a human rights activist, an important politician, a celebrity, think about

⏹️ ▶️ John whether you wanna do this, right? And the other thing I’ll say about these increased security things is, the people,

⏹️ ▶️ John well, not the people should do it the most, but there are definitely large classes of people who probably should

⏹️ ▶️ John do this, like for example, celebrities who absolutely will not, because it’s too annoying. Like celebrities

⏹️ ▶️ John don’t want to be annoyed by technology, but people hacking celebrities phones to get their pictures is

⏹️ ▶️ John a thing that happens. So they should do it, but they won’t. But tech nerds, on the other hand, probably no one’s hacking

⏹️ ▶️ John your phone to get your photos of you because they’re not as valuable as the photos of celebrities.

⏹️ ▶️ John But tech nerds will do it and inconvenience themselves and everyone else. So I’m not saying whether you

⏹️ ▶️ John particularly should or shouldn’t do this, but think about the tradeoffs, because this is not a one sided thing.

⏹️ ▶️ John there is increased security and then the trade-off is decreased convenience. So choose

⏹️ ▶️ John widely. And to that end, related to things about like trading off security for convenience for protecting

⏹️ ▶️ John your account, Apple also has a way, I don’t know if this is new or not, but it was in one of the same documents and we’ll link to it,

⏹️ ▶️ John to make a recovery key. And this may sound like the recovery codes that you can send, but it’s

⏹️ ▶️ John not quite the same. If you get the recovery key, it means it turns off the other

⏹️ ▶️ John recovery process. Apple has an existent recovery process. It’s like, I forgot all my stuff. My phone is at the bottom

⏹️ ▶️ John of the ocean. I don’t remember anything. How can I get my account back? Apple has this complicated process

⏹️ ▶️ John where you try to prove who you are to get back into your account. That is exactly the venue that

⏹️ ▶️ John hackers would try to social engineer their way into because they may not know your password. They may not have

⏹️ ▶️ John your phone. They may not even be able to clone your SIM or whatever. But if they have a know enough about

⏹️ ▶️ John you, they can initiate Apple’s recovery protocol to try to get into your account by claiming,

⏹️ ▶️ John oh, I dropped my phone in the ocean and I don’t remember my password or whatever. So that process is there

⏹️ ▶️ John to help save your butt when you forget everything, but that process is also a way that people get hacked. So what they do is

⏹️ ▶️ John offer a thing and say, hey, we can turn off recovery for you and instead give you this 28 character

⏹️ ▶️ John code that you can use to reset your password that it’s up to you to put in a safe or something. But if you lose that 28

⏹️ ▶️ John character code, you can’t recover it the way we have for other people. We turn off recovery. We

⏹️ ▶️ John are securing your account by trusting you with this 28 character code. Don’t lose it

⏹️ ▶️ John because if you lose it, you’re out of luck. And that is one of the more dangerous, I think, trade-offs that a normal

⏹️ ▶️ John person can make. It’s the trade-off that you should make if you’re like a head of state or, you know,

⏹️ ▶️ John someone who’s in danger from an oppressive government or whatever, you should do it then. But the average person who just think

⏹️ ▶️ John it’s cool to have super good security probably shouldn’t do this because the chances of you

⏹️ ▶️ John losing all of your iCloud photos and we’ll get to that in a second, because you lost your 28 character

⏹️ ▶️ John recovery code probably higher than the chances that China’s going to hack you.

⏹️ ▶️ Casey Yep, I think that’s fair.

iCloud end-to-end encryption

⏹️ ▶️ Casey And then finally, and this is the real juicy stuff, advanced data protection for

⏹️ ▶️ Casey iCloud. It is available right now in beta for the rest of the US by the end of the

⏹️ ▶️ Casey year and the rest of the world in early 2023. So the TLDR on this

⏹️ ▶️ Casey is end-to-end encryption on iCloud almost everywhere with some gotchas.

⏹️ ▶️ Casey So from Apple’s newsroom announcement, for users who opt in, advanced data protection keeps most iCloud

⏹️ ▶️ Casey data protected even in the case of a data breach in the cloud. iCloud already protects 14 sensitive

⏹️ ▶️ Casey data categories using end-to-end encryption by default. For users who enable advanced data protection,

⏹️ ▶️ Casey the total number of data categories protected using end-to-end encryption rises to 23, including

⏹️ ▶️ Casey iCloud backup, notes, and photos. Boom, there

⏹️ ▶️ Casey you go. So there’s a KBase article or whatever, a support article that we’ll link in the show notes

⏹️ ▶️ Casey that shows a chart that is very, very helpful. And it has several columns. It has data

⏹️ ▶️ Casey category as one of the columns. So iCloud Mail, Contacts, Calendars, et cetera. And then it shows for standard

⏹️ ▶️ Casey data protection, where is it encrypted and who has the key? And then in advanced data protection,

⏹️ ▶️ Casey where is it encrypted, which generally speaking, is

⏹️ ▶️ Casey either the same or a little bit better. And then who has the key, which generally speaking, is

⏹️ ▶️ Casey no longer Apple and is now you. Again, there’s some caveats and gotchas.

⏹️ ▶️ Casey Do we want to talk about the specifics about this? Would you rather me continue with the overview?

⏹️ ▶️ John Yeah, well, let’s talk about, so, what we just said, oh, 14 categories of data, and now 23, it sounds like it’s a non,

⏹️ ▶️ John not a big deal, like, who cares, what are those categories? When we say categories of data, we’re talking about, like, things

⏹️ ▶️ John on your phone or on your Mac that are end-to-end encrypted, right? And mostly what we

⏹️ ▶️ John care about is, because we talk about this in the past, and we’d say, oh, Apple has everything encrypted, and everything’s safe, we’d say,

⏹️ ▶️ John oh, except for your photos and your messages. Which is kind of two

⏹️ ▶️ John really big categories of things that people might wanna protect, right? Because if the government comes knocking

⏹️ ▶️ John and says, Apple, please give us the contents of this person’s messages and the

⏹️ ▶️ John contents of this person’s photos, Apple had the ability to do that because they had the keys, right? And we

⏹️ ▶️ John said, oh, messages is end-to-end encrypted unless you enable iCloud backup because the backups

⏹️ ▶️ John aren’t end-to-end encrypted and Apple could just give them the backups, right? And so we were always wondering, like, when is Apple

⏹️ ▶️ John gonna finally get around to end-to-end encrypting this? And when they were doing the CSAM stuff, the

⏹️ ▶️ John child sexual abuse material stuff that we talked about many moons ago, we

⏹️ ▶️ John saw in the plumbing for that feature, that very controversial feature, we’ll go more on in a little bit,

⏹️ ▶️ John we saw in the plumbing of that feature preparing for the ability to do end-to-end encryption

⏹️ ▶️ John on photos. And now that day has finally come. The CSAM stuff is a different story, we’ll get to it in a little bit.

⏹️ ▶️ John But now finally, iCloud backups, and why do you care about that? Because that’s where your messages are backed up.

⏹️ ▶️ John iCloud backups are end-to-end encrypted. Photos are intended encrypted, notes are intended encrypted. The

⏹️ ▶️ John big categories of stuff that previously was, Apple could access, now if you

⏹️ ▶️ John enable advanced data protection for iCloud, Apple can’t access it. They literally don’t have the key. If the government

⏹️ ▶️ John comes to them and says, we need to see these people’s photos and you’ve enabled advanced data protection of iCloud, Apple

⏹️ ▶️ John literally can’t give them. They can’t see your photos, period. They don’t have the key, only you have it. And in the past,

⏹️ ▶️ John that hasn’t been true for like, what are those 14 categories? Your passwords. iCloud key chain has

⏹️ ▶️ John always been like this. Your health data, I think, has already been like this. And you’re probably looking

⏹️ ▶️ John, Casey at the triangle,

⏹️ ▶️ John Casey. But like a bunch of stuff was always like this. This is not Apple’s first time doing this. It’s just that there were these

⏹️ ▶️ John big categories of data that weren’t like that. And Apple sort of, you know,

⏹️ ▶️ John in the Craig Federighi interview, which we’ll get to in a little bit, was saying like, oh, we were, you know, we were using this

⏹️ ▶️ John feature and other things to sort of get good at it. And now we’re finally ready to roll it everywhere. Or almost

⏹️ ▶️ John everywhere.

⏹️ ▶️ Casey Yeah, just very quickly. So like you said, a lot of stuff was already end-to-end encrypted, including I’m happy

⏹️ ▶️ Casey to report your memoji, but the stuff, the categories of nine or whatever

⏹️ ▶️ Casey categories that would be end end encrypted that previously were not our wallet passes.

⏹️ ▶️ Casey I’m pretty sure it’s not your credit card, but like your your boarding passes and things like that. Voice memo, Siri shortcuts,

⏹️ ▶️ Casey Safari bookmarks, reminders, notes, photos, iCloud Drive, iCloud backup, including

⏹️ ▶️ Casey device and messages backup. And oh, I’m sorry. And that’s it. And then the three that remain that will never ever, ever

⏹️ ▶️ Casey be end end encrypted, or at least not as of right now, are calendars, contacts, and mail. And

⏹️ ▶️ Casey the shorter version on why is because, oh, we have to integrate with the rest of the world.

⏹️ ▶️ Casey And so we need to be able to insert data, remove data, et cetera, et cetera.

⏹️ ▶️ John Yeah, before we get to those caveats, I think there’s a question in the chat room that’s addressed by the Wall Street Journal article, which

⏹️ ▶️ John I think is behind a paywall, but snippets have been extracted. They said, the new encryption

⏹️ ▶️ John system will roll out as an option in the US by year’s end, and then worldwide, including China,

⏹️ ▶️ John in 2023. Because that’s the question, like, does this include China? And according to Federighi in his interview

⏹️ ▶️ John with the Wall Street Journal that we’ll link to in the show notes, he said, yeah, no, we’re planning on rolling out in China. He didn’t sound

⏹️ ▶️ John super confident. He’s like, I haven’t heard anything from the Chinese government, but I do wonder how this is going to work, because,

⏹️ ▶️ John you know, Apple had to make a lot of compromises with their security to be in China. That China gets

⏹️ ▶️ John to run the data centers or whatever. But China running the data centers matters a lot less if the

⏹️ ▶️ John data centers don’t have the keys to your data. And I somehow I don’t see

⏹️ ▶️ John this going well for Apple because once China realizes what features

⏹️ ▶️ John are in this, like maybe they could request that, okay, but in iOS

⏹️ ▶️ John in China, just don’t enable this feature. I don’t know what the plan is there, but stay tuned for more news in that.

⏹️ ▶️ John But as of right now, the intention is this will roll out worldwide, including China.

⏹️ ▶️ Marco Yeah, there’s no way this feature, there’s no way China gets this enabled for them for very long. Maybe

⏹️ ▶️ Marco it rolls out initially because the government hasn’t gotten wind of it yet. I guarantee you, as soon as they

⏹️ ▶️ Marco get wind of it, which has probably happened today, I guarantee you they’re going to have a problem

⏹️ ▶️ Marco with this. You look at the Chinese government’s history with data they can’t

⏹️ ▶️ Marco access being generated by their citizens, not a chance. There is

⏹️ ▶️ Marco no way this stays like this. Yep,

⏹️ ▶️ Casey I agree with you. And we should just make it clear that there was a article by Joanna Stern in The Wall

⏹️ ▶️ Casey Street Journal, and we’ll link that, both the raw version and the Apple News version, because I

⏹️ ▶️ Casey believe a lot of times you can get to the Apple News version if you’re, you know, what is it,

⏹️ ▶️ Casey Apple One subscriber, what have you. We’ll link that and both of them in the show notes. And she also had a YouTube video, which was in

⏹️ ▶️ Casey the article and also is on, excuse me, there was a video that was in the article and also on YouTube.

⏹️ ▶️ Casey It was like six and a half minutes, and there was an interview or a discussion between her and Craig Federighi. And that

⏹️ ▶️ Casey was very good, and we’ll put that in the show notes as well. Additionally in the show notes will be the Platform Security

⏹️ ▶️ Casey Guide, which is, I think, something that has existed for quite a while now, but it has new stuff for advanced

⏹️ ▶️ Casey data protection in iCloud. I took a quick spin through this earlier today, and

⏹️ ▶️ Casey I thought that there were some interesting pieces to this. So reading from various portions of that guide,

⏹️ ▶️ Casey I work collaboration, the shared albums feature in photos, and sharing content with, quote, anyone with

⏹️ ▶️ Casey a link, quote, do not support advanced data protection. When you use these features, the encryption keys for the shared content

⏹️ ▶️ Casey are securely uploaded to Apple data centers so that iCloud can facilitate real-time collaboration or web sharing.

⏹️ ▶️ Casey This means the shared content is not intended encrypted, even when advanced data protection is enabled. Now,

⏹️ ▶️ Casey quick note, point of fact, I had read this as shared photo library, which is not what

⏹️ ▶️ Casey it says. It

⏹️ ▶️ Casey, John said

⏹️ ▶️ Casey shared albums, which makes a lot more sense.

⏹️ ▶️ Casey, John A very

⏹️ ▶️ John unfortunately named feature that’s going to be a problem if and when Apple actually adds album sharing to shared photo

⏹️ ▶️ John library, because what the hell are you going to call it? All right, so unlike the thing that you said before, Like they said, oh, mail,

⏹️ ▶️ John contacts, and calendar aren’t end-to-end encrypted because they need to interoperate. Some of those,

⏹️ ▶️ John if you squint, make some kind of sense. Like basically, here’s the main thing

⏹️ ▶️ John that prevents them from doing an end-to-end is like, if you need to have a URL that anyone

⏹️ ▶️ John can load and get info, you can’t use end-to-end encryption unless you’re willing

⏹️ ▶️ John to force everyone who loads that URL to somehow get into your system

⏹️ ▶️ John enough that you can validate and share keys with them. You know what I mean? But a lot of this stuff, the way it works,

⏹️ ▶️ John like integration with other systems is, no, they just expect to be able to load the URL. So the anyone with a link thing is a great example.

⏹️ ▶️ John Whenever you see one of those like share this with anyone who has the link can view it, that means you’re using basically security

⏹️ ▶️ John through obscurity. If you don’t know the URL, you’re probably not gonna find this if we’ve done a good job. But anybody

⏹️ ▶️ John who knows the URL, they can just load it, right? Lots of things work that way. You can’t

⏹️ ▶️ John make an anyone with a link link that says, oh, well, yeah, I know what you wanna get at here,

⏹️ ▶️ John but you need to either sign into your Apple ID and then trade a secret key with the person who’s sharing this with you,

⏹️ ▶️ John or get an Apple ID if you don’t have one. And at that point, people are already leaving, right? Because the whole point of anyone with a link is,

⏹️ ▶️ John give it to someone, they don’t need to have an Apple ID. They don’t need to get an Apple ID. They don’t need to exchange anything with you. They don’t need to, like,

⏹️ ▶️ John you don’t even need to know who they are. Anyone with a link means anyone with a link. Some aspects of mail, contact,

⏹️ ▶️ John and calendar are like that. And it’s not just other people that interact with them, but there’s third-party software and services

⏹️ ▶️ John that expect to be able to interact with the various protocols that run mail contacts and calendaring

⏹️ ▶️ John that would break if they tried to roll this out. So I kind of understand that. And shared albums

⏹️ ▶️ John similarly, like you can make a shared album and there’s a web view of that. So if you wanna share pictures with someone

⏹️ ▶️ John in your family who does not have an Apple device, or maybe they don’t even have a phone at all, they just have a computer or whatever,

⏹️ ▶️ John unlikely, it’s probably the reverse. But anyway, those features don’t do end-to-end encryption because the whole point

⏹️ ▶️ John of them is for sharing. And then the iWork collaboration, that just seems like something

⏹️ ▶️ John that’s sort of,

⏹️ ▶️ John, Marco well,

⏹️ ▶️ John I guess it’s the anyone with a link thing. So the things that don’t use

⏹️ ▶️ John it are kind of the things that you would expect, but this is another caveat that people tend not to

⏹️ ▶️ John think about when we talked about, oh, now finally my messages will be encrypted, so I’m secure,

⏹️ ▶️ John right? Well, your messages kind of like your email, if you

⏹️ ▶️ John secure, if you had secured your email somehow using some secure email system, or you’d secure your messages,

⏹️ ▶️ John it doesn’t really matter because everyone you’ve ever emailed also has

⏹️ ▶️ John those emails. You know what I mean? Like half your email is not

⏹️ ▶️ John, Marco yours. And the same thing with

⏹️ ▶️ John messages. Everybody you talk to over messages, if they’re not also encrypting,

⏹️ ▶️ John your messages could be subpoenaed through them. That’s part of the nature of communication. You give them

⏹️ ▶️ John your half of the conversation and then it’s up to them to safely store that somewhere. So

⏹️ ▶️ John that’s true of email and that’s true of messages. So if you think, now I’ve end-to-end encrypted my messages, the government can never

⏹️ ▶️ John see what I write on messages. Has everyone you ever talked to on iMessage also

⏹️ ▶️ John enabled advanced data protection? If not, government can still get it. So just keep that in mind.

⏹️ ▶️ Casey Continuing from the same document, when advanced data protection is enabled, access to your data via

⏹️ ▶️ Casey is disabled by default. You have the option to turn on data access on, which allows the web browser

⏹️ ▶️ Casey that you’re using and Apple to have temporary access to data-specific encryption keys

⏹️ ▶️ Casey provided by your device to decrypt and view your information. Devices where the user is signed in with their

⏹️ ▶️ Casey Apple ID must be updated to iOS 16.2, iPadOS 16.2, macOS 13.1, tvOS 16.2, watchOS 9.2,

⏹️ ▶️ Casey and the latest version of iCloud for Windows. This requirement prevents a previous version of iOS, iPadOS, macOS, tvOS, or watchOS

⏹️ ▶️ Casey from mishandling the newly created service keys by re-uploading them to the available after authentication

⏹️ ▶️ Casey HSM, I’m not sure what that means off the top of my head, in a misguided attempt to repair the account state. Whoopsie-dupsies.

⏹️ ▶️ Casey So yeah, so another couple of caveats as well. Basically everything that you touch needs to be latest and greatest. And

⏹️ ▶️ Casey I hope you don’t like unless, and if you do, you have to turn it on explicitly.

⏹️ ▶️ John HSM is Hardware Security Module.

⏹️ ▶️ John, Casey Yeah, this

⏹️ ▶️ John is the thing that’s really gonna trip people up. You need to, just in case this isn’t clear, if you have

⏹️ ▶️ John like an old phone in a drawer that’s running an old version of iOS and it’s still logged into your

⏹️ ▶️ John Apple ID, you can’t enable this feature. You have to be updated everywhere. So

⏹️ ▶️ John what that means is finding the old devices and either erasing them or signing out of your Apple ID on them.

⏹️ ▶️ John They’re trying to basically prevent you thinking you’re secure, where really you have some old device that doesn’t

⏹️ ▶️ John have any of this code that’s leaking your information out or subverting it or whatever. And this

⏹️ ▶️ John is going to be, I think, the main barrier to adoption. So this isn’t enabled by default, first of all. And second of all, for all the tech nerds who are like, yeah,

⏹️ ▶️ John I’m going to try it, tech nerds are very likely to have a bunch of devices that haven’t been updated. You

⏹️ ▶️ John, Marco think, oh, tech

⏹️ ▶️ John nerds update their stuff right away. They’re going to have everything updated soon. No, it’s all the devices that are in drawers that

⏹️ ▶️ John you forgot about that are still signed into your Apple ID. So you have to go and hunt them down and

⏹️ ▶️ John sign out. And related to that, the last time I personally ran across this, and probably a lot of tech

⏹️ ▶️ John nerds did, is a feature that was laying the groundwork for this, which is the, I forget what Apple calls

⏹️ ▶️ John it, but it’s like the, hey, designate some other person to be like your backup if you forget everything.

⏹️ ▶️ John What is that one called? Recovery contact, right?

⏹️ ▶️ John, Marco Yeah,

⏹️ ▶️ John something like that. It’s a feature of iOS and Mac. You basically designate a person to say, I trust this person enough

⏹️ ▶️ John so that if I lose all my stuff and I lose all my recovery, this is part of the recovery process. I think you also give

⏹️ ▶️ John this up if you do that 28 character thing, so be careful. But anyway, for normal people who are wise and are not gonna do

⏹️ ▶️ John that, you would designate a recovery contact. But to even do that, you had to make sure everything

⏹️ ▶️ John was like updated. I figured what the requirements were, but you had to go through and update a bunch of stuff. So the first time I tried to go through it, it says

⏹️ ▶️ John you can’t use this feature until, you know, devices X, Y, Z, and Q are all like

⏹️ ▶️ John logged out of your Apple ID. So I had to go around my house and hunt those things down, or you can even go on the website. You can go,

⏹️ ▶️ John I think it’s either or You can delete devices from your Apple ID,

⏹️ ▶️ John which basically invalidates their keys, right? You would have to do that before you could even designate a recovery contact.

⏹️ ▶️ John Well, this whole process is gonna have to repeat, only now what you’re gonna need are a bunch of versions of OSs that aren’t

⏹️ ▶️ John even out yet. In particular, the one that might trip people up is macOS 13.1, because who

⏹️ ▶️ John updates their Macs, right? You gotta update everything. So if you’re excited about this feature, And I think

⏹️ ▶️ John unlike the hardware recovery key and unlike the hardware recovery device and the 28 character code,

⏹️ ▶️ John I think advanced data protection is reasonable for pretty much everybody to do. And it’s probably a good idea because you

⏹️ ▶️ John are still protected by Apple’s recovery procedure. And I think it will force you, I don’t know if this is in the notes

⏹️ ▶️ John or not, but I think it will force you to have a recovery contact like that to enable advanced data protection. It

⏹️ ▶️ John will either force you or strongly suggest that you have a recovery contact. So

⏹️ ▶️ John you’ll still mostly be protected And Apple’s customer support will still mostly not

⏹️ ▶️ John be totally destroyed by people locking themselves out of all their data, but you will need to update everything

⏹️ ▶️ John everywhere to get this to run.

⏹️ ▶️ Casey Yeah, it was in the video interview with Joanna Stern that she said to Craig,

⏹️ ▶️ Casey well, what took so damn long? And almost verbatim, I believe. And he said, well, one of the things we have to worry about

⏹️ ▶️ Casey is customer support, because you’re now putting the onus on yourself to be able

⏹️ ▶️ Casey to recover. And so I believe that Craig had said, you must choose a designated

⏹️ ▶️ Casey contact or alternatively print out this 28 character, whatever it is, recovery code. And

⏹️ ▶️ Casey they will compel you to do one or the other because if you lose your backup person

⏹️ ▶️ Casey and or your backup code, there is literally nothing Apple

⏹️ ▶️ Casey can do by design. The whole point is that they have no

⏹️ ▶️ Casey mechanism to get into your data. And it was interesting that for all of the different

⏹️ ▶️ Casey things that were said, naturally none of them involved, oh, well, and by the way,

⏹️ ▶️ Casey law enforcement also cannot get into your data. Like, this is all about, oh, just having good security

⏹️ ▶️ Casey practices. They never said either directly or indirectly. This is about preventing law enforcement from

⏹️ ▶️ Casey getting at your stuff if you don’t want them to, which I thought was kind of funny. Anyway,

⏹️ ▶️ Casey Jason over at Six Colors had a really good summary, and he made a few points I wanted to quickly read. Another reason

⏹️ ▶️ Casey Apple has fought against encrypting all the things is that it has some serious side effects for users, most notably that Apple can’t unlock your data

⏹️ ▶️ Casey if you no longer have the password to your Apple ID. Oh, here we go. To solve this problem. See, I should have read ahead my own show notes and I

⏹️ ▶️ Casey was the one to put them in. Hooray. Uh, to solve this problem, Apple is placing these new nine encryption services in

⏹️ ▶️ Casey a new feature called advanced data protection that is not by default. Just like John said a moment ago. And according to Joanna

⏹️ ▶️ Casey Stern of the Wall Street Journal requires that users generate at least one additional method of unlocking their account. Methods include a printout of a very long

⏹️ ▶️ Casey string that can be stored somewhere secure, or the designation of a different Apple ID as having the authority to unlock the account.

⏹️ ▶️ Casey Anything else about this before we talk about the other bomb that was dropped today?

⏹️ ▶️ John Yeah, I am interested, though, because based on what I had earlier in the notes about the fact that when you create that

⏹️ ▶️ John 28-character code, it turns off account recovery, I wonder if I either have that wrong or

⏹️ ▶️ John if that will be communicated clearly in the onboarding procedure.

⏹️ ▶️ John, Casey Because if it does turn off

⏹️ ▶️ John recovery, it’s like, all right, so obviously trusting someone else is also a risk, because now that’s another vector that

⏹️ ▶️ John they can get to you, like if someone hacks them because they don’t use good security and they’re a recovery

⏹️ ▶️ John thing for you, in theory, the person you designated as a recovery contact also needs you to participate

⏹️ ▶️ John to get access. But in practice, the whole point is that if you’ve forgotten everything, just them

⏹️ ▶️ John plus knowing enough about you, like your app, anyway, it seems like that is another potential vector

⏹️ ▶️ John for people to hack you is whoever you trust as a security contact. But on the other hand, if you just do the 28 character

⏹️ ▶️ John code, then you’re trusting yourself with that slip of paper. And if you lose that,

⏹️ ▶️ John you can’t go whining to anybody and say, but isn’t there some kind of recovery procedure where I can show who

⏹️ ▶️ John I am and this person will vouch for me. And they’d be like, no, you took the 28 character code. You don’t have that piece of paper,

⏹️ ▶️ John tough luck. And that’s not a place where I wanna be. So I’ve already designated

⏹️ ▶️ John the backup contact. I think I picked my wife or something, but like that seems much safer for me. Again, for normal people,

⏹️ ▶️ John those features that exist for like the 28 character code and the message verification.

⏹️ ▶️ John That’s for heads of state, journalists, celebrities, probably not you.

⏹️ ▶️ Casey Indeed. All right, then the other bomb that was dropped, which I don’t think was any like official announcement

⏹️ ▶️ Casey anywhere, but, oh no, I’m sorry, there was an official announcement, that’s right. So Apple has a statement,

⏹️ ▶️ Casey after extensive consultation with experts to gather feedback on child protection initiatives we proposed last year, we are deepening

⏹️ ▶️ Casey our investment in the communication safety feature that we first made available in December, 2021. We have

⏹️ ▶️ Casey further decided not to move forward with our previously proposed CSAMs detection tool for iCloud

⏹️ ▶️ Casey photos. Children can be protected without companies combing through personal data. And we will continue to working

⏹️ ▶️ Casey with governments, child advocates and other companies to help protect young people, preserve their right to privacy and make the

⏹️ ▶️ Casey internet a safer place for children and for us all. So in summary,

⏹️ ▶️ Casey Apple now says it’s stopped, stopped the development of their CSAM system following criticism, blah,

⏹️ ▶️ Casey blah, blah. Federighi said that Apple’s focus is related to protecting children, or

⏹️ ▶️ Casey their focus related to protecting children has been on areas such as communication, giving parents tools to protect children, and iMessage.

⏹️ ▶️ Casey This is a quote, child sexual abuse can be headed off before it occurs, he said. That’s where we’re putting

⏹️ ▶️ Casey our energy going forward. Additionally, Wired had a different article

⏹️ ▶️ Casey where they wrote, Apple has told Wired that while it

⏹️ ▶️ Casey is not ready to announce a specific timeline for expanding its communication safety features, the

⏹️ ▶️ Casey company is working on adding the ability to detect nudity in video sensory messages when the protection is enabled.

⏹️ ▶️ Casey The company also plans to expand the offering beyond messages to its other communication applications. Ultimately,

⏹️ ▶️ Casey the goal is to make it possible for third-party developers to incorporate the communication safety tools into their own applications.

⏹️ ▶️ John So this is a big retreat from the idea that Apple is going to scan the photos on your device

⏹️ ▶️ John looking for child sexual abuse material to changing

⏹️ ▶️ John to a very different posture, which is the whole heading it off before it happens, basically saying, as

⏹️ ▶️ John data is sent from or perhaps received by your device, we will look at it at that

⏹️ ▶️ John moment and try to, you know, like the feature that they told Wired, like, oh, well, maybe you’ll eventually have a

⏹️ ▶️ John third party framework where you can detect nudity, like detecting nudity and child sexual abuse

⏹️ ▶️ John material, two very different things, right? Because you could be sending a picture of yourself naked

⏹️ ▶️ John to your, you know, significant other, And that is not child sexual abuse material, but it would trip off

⏹️ ▶️ John the nudity filter. So I’m not sure what they’re trying to say there other than, hey, here’s a cool machine learning tool

⏹️ ▶️ John that we’ll package up that you could use in your application if you wanted. But end-to-end encryption

⏹️ ▶️ John combined with a retreat from scanning on device,

⏹️ ▶️ John kind of puts them back to where they were before, where, well, they said they weren’t scanning it on the

⏹️ ▶️ John server now they won’t be able to scan it on the server if you enable advanced data protection.

⏹️ ▶️ John And also, they’re not going to scan it on your device. All what they are going to do is the features they described

⏹️ ▶️ John of like, hey, if if if a minor tries to send a picture of themselves naked through messages, it will

⏹️ ▶️ John pop up a little thing and say, you sure you want to do this and try to educate them and have them off at the pass? And

⏹️ ▶️ John I’m not sure where they stand on the whole parental notification feature was like if they’re if they’re young, we’ll send a message to their parent and tell them

⏹️ ▶️ John they’re doing it. But I think they retreated from that as well. This is this message where they said they’re, quote

⏹️ ▶️ John unquote, deepening our investment in the communication safety features that we first made available.

⏹️ ▶️ John If by deepening our investment, you mean totally changing what you plan to do because people yelled at you,

⏹️ ▶️ John yeah. I guess you’re deepening something. We talked a lot about this when

⏹️ ▶️ John it was announced, but they’ve changed their position based on essentially criticism

⏹️ ▶️ John and consultation from lots of people, from security researchers, from privacy advocates,

⏹️ ▶️ John from lots of people who had scenarios where this feature could be abused by governments

⏹️ ▶️ John for nefarious purposes or used by hackers. So what they’re basically doing is for

⏹️ ▶️ John now playing it safe, which is we’re not doing any of those things that we thought might be risky.

⏹️ ▶️ John We are doing end-to-end encryption, which everybody wants and is good. But of course, that same feature can be used

⏹️ ▶️ John for nefarious actors to hide their activities, right? That’s the nature of security. If you do security right,

⏹️ ▶️ John it helps the good guys and the bad guys equally. There’s no, you know, despite

⏹️ ▶️ John what everybody in Congress and our country wants, There’s no way to magically protect all the

⏹️ ▶️ John good people’s data, but not the bad people. So we’ll just add a backdoor that only the good people know, but that’s not how security

⏹️ ▶️ John works. If you add a backdoor, it’s a backdoor for everybody. And there’s no way to have a backdoor and also have security.

⏹️ ▶️ John Uh, so Apple has opted to have security. And, and then the on-device scanning was a way to get around that was like, well,

⏹️ ▶️ John Apple won’t have the keys. Governments can’t get the keys. It’ll just be scanned on your device, which will try to make

⏹️ ▶️ John a secure hardware thing. And then people were not up for that. They said, no, we don’t want that to happen. So Apple said, okay,

⏹️ ▶️ John that won’t happen. Uh, but here’s your end end encryption. So I guess this is a pretty

⏹️ ▶️ John good outcome in terms of Apple proposed something. There was a lot of public feedback that it wasn’t a good

⏹️ ▶️ John idea, but they continued to pursue the end end encryption, despite the fact that

⏹️ ▶️ John that seemed almost tied to the CSAM stuff, they separated it. I said, end end encryption, good. Everyone’s

⏹️ ▶️ John going to get it. Here you go. Uh, and then the CSAM stuff, we’re still trying to figure that out.

⏹️ ▶️ Casey Anything else on all this? I am excited. I’m pleased that it’s happening.

⏹️ ▶️ Casey Of course, I wish it happened yesterday, but the next best time is now. And I do,

⏹️ ▶️ Casey I’d have to look at it more, but sitting here now, I do plan to turn it on once it’s out of beta and once it’s

⏹️ ▶️ Casey available to everyone. And I will probably advise Aaron to do the same thing. I don’t know,

⏹️ ▶️ Casey Marco, what is your, sitting here knowing what you know today, would you turn this on?

⏹️ ▶️ Marco Probably, but not yet. I want to wait until, you know, I mean, I’m sure

⏹️ ▶️ Marco they’ve been very careful and everything. But the stakes are so high, if things go wrong here,

⏹️ ▶️ Marco that I’m not going to jump on it like you know, on day one, I might wait, you know, I’m not even on Ventura

⏹️ ▶️ Marco yet. Like, you know, I’m waiting. I

⏹️ ▶️ Marco, John got

⏹️ ▶️ Marco Ventura, it’s fine. I would, you know, the point one is about to come out, I’ll probably jump on that when they when they do that.

⏹️ ▶️ Marco But

⏹️ ▶️ John you need the point one to do this. Anyway. That’s true. That’s true.

⏹️ ▶️ John, Casey Yeah.

⏹️ ▶️ John So for people who don’t know how to think about this, this all this data that we just talked about, it’s

⏹️ ▶️ John it’s already encrypted. So if you’re like, I want Apple to have an unencrypted version of my photos, they don’t, they have an encrypted

⏹️ ▶️ John version, everything they have is encrypted, the difference is that they also have the key. So this is not like, oh,

⏹️ ▶️ John this is going to scramble my data, your data is already scrambled on Apple servers, it’s already nonsense. Like if you were to

⏹️ ▶️ John break into Apple servers, and just grab your photos, you’d have a bunch of binary garbage, you need the key.

⏹️ ▶️ John Apple also currently has the key, all this feature is not all this feature is doing to minimize what they’re doing. But like,

⏹️ ▶️ John logically speaking, They’re just taking the key away from Apple. They’re really making a new key and you only have, but anyway,

⏹️ ▶️ John Apple will not have the key and you will have it. Right now you both have the key, but it doesn’t change the nature of your data. So there’s not gonna

⏹️ ▶️ John be some long process that goes through and re-encrypts all your data or whatever. It’s already encrypted in all places, right?

⏹️ ▶️ John The only difference is who has the key. And this move is changing it from you have the key and Apple

⏹️ ▶️ John has the key to just you and all your trusted devices and so on and so forth. And Marco

⏹️ ▶️ John was right that any change like this is a risk because if they have a bug or something and it screws up, now your

⏹️ ▶️ John key is in one fewer place, right? Apple used to have your key and now they don’t. So if they screw something up

⏹️ ▶️ John such that you lose all your keys or something and their backup solution doesn’t work, Apple doesn’t have one more copy

⏹️ ▶️ John of the key. I think that’s highly unlikely to happen, but if you’re listening to this and you’re worried, like, oh, I don’t wanna do this because I

⏹️ ▶️ John don’t want my data to be encrypted, it’s already encrypted everywhere. It is encrypted at rest, as they say. It’s just a

⏹️ ▶️ John question of who has the keys, how many copies of the key are there and who has them.

⏹️ ▶️ Casey So this is good news. I’m excited for it. I am sure China

⏹️ ▶️ Casey and other similar governments are going to be equally enthusiastic about it. And to be honest, I’m not so confident

⏹️ ▶️ Casey that the American government will be particularly enthusiastic about it, but we shall see.

⏹️ ▶️ John Yeah. I mean, the American government’s not. I mean, they’re, whatever, they’re always making noise. But Apple is not the first company to do this.

⏹️ ▶️ John Like, and encrypted backups, I think Android’s had it for years and years. Like, it is a common feature of all sorts. Like, keychain,

⏹️ ▶️ John your health data, like, this is not a new thing. They’re just extending it to more data. It was overdue.

⏹️ ▶️ John Like, Apple was behind the times. They had done it for a bunch of important data, and your Memoji,

⏹️ ▶️ John but they hadn’t done it for your photos and your backups, and now they finally have. Those are the two biggies that we really care about.

New App Store price options

⏹️ ▶️ Casey All right. Additionally, Apple has added 700 new price points. The App Store.

⏹️ ▶️ Casey Cool.

⏹️ ▶️ Casey, Marco No, this is good. Look,

⏹️ ▶️ Marco OK,

⏹️ ▶️ Marco, Casey I don’t know.

⏹️ ▶️ Marco First of all, this is a small deal, not a big deal.

⏹️ ▶️ John But I think I think they have to start by letting people know that there are price points on the App Store, because I think a lot

⏹️ ▶️ John of people think if you haven’t ever sold an app that you when you just sell an app, you decide what the price is going to be and you

⏹️ ▶️ John type it into a text field. And that’s not how it works.

⏹️ ▶️ Marco Yeah. Like so. So the way App Store pricing has worked to date with there’s a few exceptions around

⏹️ ▶️ Marco like subscriptions, stuff like that. But But for the most part, the way it has worked to date is, when you, you

⏹️ ▶️ Marco know, post your app to the App Store, you select a quote price tier. And that’s what it is everywhere.

⏹️ ▶️ Marco And the price tier is basically like every dollar in the US dollar

⏹️ ▶️ Marco with 99 at the end. So you know, that’s why you know, 99 cents was the was the base price. And that’s tier one,

⏹️ ▶️ Marco or like tier zero is like free, right? So then anyway, you know, you can see you can do tier two, all

⏹️ ▶️ Marco right, and that’s $1.99 or whatever. And there’s been

⏹️ ▶️ Marco limited to no ability so far to customize prices

⏹️ ▶️ Marco by region. Although, again, the subscription pricing has been

⏹️ ▶️ Marco a little bit different in that regard. They’ve had a few more options than straight up in-app purchases.

⏹️ ▶️ John But Apple does that for you. Like for the pricing, when you say, I want tier one, whatever that is, $1.99,

⏹️ ▶️ John Apple tells you, OK, here’s what tier one is in euros. here’s what tier one is in this country, here’s

⏹️ ▶️ John what tier one isn’t, like Apple decides that, you don’t get to pick that. So not only do you not get to pick the exact price,

⏹️ ▶️ John I want my thing to be a dollar and 23 cents. Nope, sorry, you can’t do that. But then after you pick the price tier,

⏹️ ▶️ John Apple says, okay, for that tier, here’s how much it is in all these currencies in other countries. And they adjust that

⏹️ ▶️ John from time to time.

⏹️ ▶️ Marco Yeah, exactly. There’s a number of reasons why this is actually very convenient for people

⏹️ ▶️ Marco like me who don’t know how things should be priced in the entire world. I, you know,

⏹️ ▶️ Marco I just, I know my own market and I can hear from a few people here and there about some of the other big markets, but for

⏹️ ▶️ Marco the most part, like, you know, hey, I want, like my annual Overcast premium purchase,

⏹️ ▶️ Marco which is my current, I think currently my only in-app purchase I offer in the App Store, it’s just 10

⏹️ ▶️ Marco bucks a month in the US, and roughly that same thing everywhere else, like

⏹️ ▶️ Marco whatever the equivalents are. And I don’t have to think about that for the most part. Like I just let it go, and I let Apple figure out what

⏹️ ▶️ Marco that means in each currency, and they deal with

⏹️ ▶️ Marco, John tax and everything, and that’s it. Oh, sorry, a year. Sorry, $10 a year.

⏹️ ▶️ John I don’t want you to people to get scared away. It’s not $10 a month. No, it’s $10 a year.

⏹️ ▶️ Marco And in fact, I think I actually am undercharging. This

⏹️ ▶️ Marco is just an unrelated side note. But if you look around, like, oh God, again, more app store stuff. The

⏹️ ▶️ Marco other day, Adam asked if he can get an app for his iPad that all of his friends are

⏹️ ▶️ Marco using. A quote, meme generator app. And what this means is

⏹️ ▶️ Marco an app that basically searches public databases of like, you know, Giphy and stuff for images unless you

⏹️ ▶️ Marco type impact text over them like that’s basically it’s the most simple app in the world.

⏹️ ▶️ Marco Five dollars a month.

⏹️ ▶️ Casey What?

⏹️ ▶️ John At least it’s not per week. Probably was in the past before they stopped letting you

⏹️ ▶️ Marco do that. I believe there was a weekly option, but the cheapest option was five dollars a month

⏹️ ▶️ Marco and and not just one app like every app that was popular that showed up in search results that

⏹️ ▶️ Marco that did this is some kind of monthly, at least, subscription of

⏹️ ▶️ Marco about that magnitude.

⏹️ ▶️ John What are they trying to find apps that kids wanna use and they’ll just ask their parents to do it and their parents will say yes and then not

⏹️ ▶️ John notice another $5 a month is coming out so they can literally type text over an image. That’s

⏹️ ▶️ Marco it. Like, I just, it makes me so mad.

⏹️ ▶️ Marco And I try not to show it too much because I don’t wanna discourage him from using stuff on his iPad and stuff.

⏹️ ▶️ Marco So I try to hide my anger. But the fact that this stuff exists in iOS and that it is doing

⏹️ ▶️ Marco so well, and these are apps that have tens of thousands of ratings. I’m sure they’re all legit. I

⏹️ ▶️ Marco know, right? But

⏹️ ▶️ Marco, John I bet some of them are.

⏹️ ▶️ Marco I mean, they’re high-ranking. And it’s like, if you look at what the App Store

⏹️ ▶️ Marco has generated, in order to rank highly on the App Store

⏹️ ▶️ Marco these days, you have to be able to put a lot of money into buying search ads,

⏹️ ▶️ Marco buying installs on Facebook and stuff, and paying people to

⏹️ ▶️ Marco review it probably. You have to put a lot of money into getting a higher ranking.

⏹️ ▶️ Marco And so what ends up getting the highest ranking is the stuff that has the most in-app purchase

⏹️ ▶️ Marco income from it. And so it’s a self-fulfilling prophecy. And so the

⏹️ ▶️ Marco prices of everything just goes up and up and up for common needs, for everything that’s actually

⏹️ ▶️ Marco ranking well. because it’s full of all these scams and they keep outranking everything else because they

⏹️ ▶️ Marco can afford to. And then the result is everything just costs more and sucks

⏹️ ▶️ Marco more for users, but Apple just makes more money. And so it’s gonna stay that way. Anyway, so

⏹️ ▶️ Marco going back to the subject. So when you’re designing an app purchase, oh, anyway, and I think Overcast

⏹️ ▶️ Marco is underpriced for what it is, because even if you look around other podcast apps that have in-app purchase stuff,

⏹️ ▶️ Marco I’m cheaper than all of them, and maybe I shouldn’t be, but I don’t know, I probably shouldn’t change it.

⏹️ ▶️ Marco But anyway, but yeah, it just makes me so mad. Like, wow, I can type text over

⏹️ ▶️ Marco an image for $5 a month, or I can pay like,

⏹️ ▶️ Marco if somebody can pay like 80 cents a month or whatever for my podcast app, like, anyway.

⏹️ ▶️ Marco So, yeah, so there’s been limited control by developers over what these price points are and how they

⏹️ ▶️ Marco are targeted in different markets, et cetera. And so, and there’s been weird

⏹️ ▶️ Marco awkwardness too, like because all the prices were forced to end in 99 in the US and whatever

⏹️ ▶️ Marco the equivalents are in a lot of other places, certain pricing didn’t make sense, like especially when you

⏹️ ▶️ Marco look at like bundles or you’d have like, you know, oh, you know, buy two months for the price of two or three

⏹️ ▶️ Marco or whatever. Like sometimes the math would work out in such a way that it didn’t really make

⏹️ ▶️ Marco sense. We’re like, oh, you’re actually paying like 10 cents more if you buy it this way because of the stupid 99

⏹️ ▶️ Marco pricing It should have been like 98 or 90 or something, depending on how the rounding would work out.

⏹️ ▶️ Marco So anyway, what they’re doing is adding a whole bunch more price tiers.

⏹️ ▶️ Marco Now, we’re not gonna notice much of this in

⏹️ ▶️ Marco the US market and in like the, you know, kind of North America, Europe. Like, most of the stuff

⏹️ ▶️ Marco is not gonna affect us that much because people are gonna keep charging what they’ve been charging because it makes sense and it makes the

⏹️ ▶️ Marco most sales. However, there are a few little tricks, one of which is at the lowest price

⏹️ ▶️ Marco point, instead of being 99 cents in the US, is now gonna be 29 cents in the US. That

⏹️ ▶️ Marco we’re gonna notice. That’s gonna become a thing. I

⏹️ ▶️ Marco don’t know to what degree. The idea of

⏹️ ▶️ Marco the rush to the bottom with pricing everything going to 99 cents in the App Store was mainly

⏹️ ▶️ Marco a problem, or rather an effect, of paid up front apps. And we don’t really

⏹️ ▶️ Marco live in that world anymore. very few apps are paid up front anymore. And although I did just buy one the

⏹️ ▶️ Marco other day for a stupid camera remote. Long story short, John, you were right. I should have upgraded the firmware

⏹️ ▶️ Marco on my Sony camera. It was 1.00.

⏹️ ▶️ John Not a reassuring number.

⏹️ ▶️ Marco Yeah, it is now like three point something. It’s yeah, it turns out the wifi didn’t work before.

⏹️ ▶️ John And it does, and now it does animal eye detection. You can take good hops pictures.

⏹️ ▶️ Marco Oh good. Yeah. I’ll go, I’ll look at that now because the autofocus performance really is not very good.

⏹️ ▶️ Marco Anyway, so I think what, one interesting thing about this is

⏹️ ▶️ Marco that, you know, people who wanna really fine grain control their pricing will now have more options to do that.

⏹️ ▶️ Marco I think the 29 cent thing could be more interesting in the sense that it’s almost

⏹️ ▶️ Marco a micropayment level now where you can now have in-app purchase

⏹️ ▶️ Marco of that price. So again, I’m not thinking there’s gonna be whole bunch of 29 cent

⏹️ ▶️ Marco apps, I think apps that are going to that are going to succeed the most are going to still have to be up free up front, just like they have

⏹️ ▶️ Marco been for a long time. However, 29 cents for in-app purchase,

⏹️ ▶️ Marco I think I think that that could actually really affect things. I don’t think for

⏹️ ▶️ Marco the worse, I think it’s probably just going to be additive in the world. Like I’m not I’m not

⏹️ ▶️ Marco thinking of any reason why this is a bad thing to have more options. You know, it’s up to up to developers

⏹️ ▶️ Marco how they use them. already rampant abuse of in-app purchase everywhere

⏹️ ▶️ Marco all over the App Store. There’s already tons of scams and frauds and, and tricks and, you

⏹️ ▶️ Marco know, exploits that people do with psychology and the App Store rules a little bit

⏹️ ▶️ Marco to do sleazy crap in the App Store. So this isn’t going to change any of that. Like, I think whatever, whatever potential

⏹️ ▶️ Marco for sleaziness in the App Store, this will, this will enable has

⏹️ ▶️ Marco already been enabled for years and is, you know, being let flourish by Apple, either by neglect

⏹️ ▶️ Marco or actively encouraging. So, I don’t think this is anything bad here.

⏹️ ▶️ Marco I think it’s only good. The reason they’re doing it are, you know, multifaceted. Part

⏹️ ▶️ Marco of the reason they’re doing it is they wanna make the App Store better. Part of the reason they’re doing it is they keep

⏹️ ▶️ Marco getting sued. And I believe this was actually part of a settlement, you know, to add more price tiers

⏹️ ▶️ Marco that they had to do as part of some suit. So the reality is

⏹️ ▶️ Marco the in-app purchase system is still very limited in its capabilities.

⏹️ ▶️ Marco It is still fairly overpriced in the market in terms of its commission of what we have to

⏹️ ▶️ Marco pay them to use it. And it is still competing by fiat instead

⏹️ ▶️ Marco of by actual merit in most ways because we aren’t allowed to use anything else on the iPhone.

⏹️ ▶️ Marco And so this is a sign of Apple making their system better.

⏹️ ▶️ Marco And that’s good. It shouldn’t have taken this long to do this. And their system

⏹️ ▶️ Marco is still not as good as it should be. But I’m glad they’re making progress. And I

⏹️ ▶️ Marco wish that they were more forced to compete on merit. Rather than

⏹️ ▶️ Marco you know, gracing us with occasional enhancements. You know, just out of the goodness of their heart

⏹️ ▶️ Marco slash lawsuits. I wish they were actually being forced to compete on merit. Because

⏹️ ▶️ Marco what they’re doing here is really trying to get like the bare minimum functionality that they can get away with.

⏹️ ▶️ Marco While if they had to actually compete on merit, you know, look, look at all their competitors

⏹️ ▶️ Marco out there, all the all the different payment processors and payment platforms and everything. And you know, this is this is a drop in the bucket compared to what they

⏹️ ▶️ Marco offer.

⏹️ ▶️ John They did increase the top price to up to 10,000. What was it before? What was the

⏹️ ▶️ Marco top before I believe 1000 before I could be wrong.

⏹️ ▶️ Casey And it’s 10,000 upon request.

⏹️ ▶️ John Yeah, well, I mean, 10,000 is so weird, because like enterprise software costs more than that. But regular the software costs less.

⏹️ ▶️ John So what the hell is 10,000? That’s just like in the middle of nowhere, kind of,

⏹️ ▶️ John, Marco anyway, whatever. It’s

⏹️ ▶️ Marco a lot of gems and loot boxes and candy crush.

⏹️ ▶️ John Speaking of doing things better and having competition, this is relevant to the discussion

⏹️ ▶️ John Jason and I had on the upgrade that I guess set on recently that we will link in the show notes. When

⏹️ ▶️ John I was using the, I tried out that Lenza app that everyone’s trying now with the AI image processing,

⏹️ ▶️ John and you can hear me get very angry about that app and upgrade but not for this particular

⏹️ ▶️ John reason one of the things that I was angry about not the main one but one of them when I was playing with this was

⏹️ ▶️ John it has in-app purchase to for everything and it’s you know it’s fairly expensive

⏹️ ▶️ John pay six dollars so they can illegally exploit the work of others to give you a bunch of avatar images

⏹️ ▶️ John but I did one and the you know I double tap the side button and face

⏹️ ▶️ John ID and put you you know in-app purchase went through right? And I saw on my Apple card the charge

⏹️ ▶️ John come up, but nothing ever happened in the app. It had no history of me doing that. It’s like, oh, you paid for

⏹️ ▶️ John a thing and it should be appear on the screen, but it’s not there. And so you go to their little help in the app. And

⏹️ ▶️ John it’s like, one of the fact items is like payment problem, whatever, like, oh, you know, I paid for a thing and I don’t see it.

⏹️ ▶️ John And they basically say, you know, we can’t give you a refund, which is true. You should know from listening to

⏹️ ▶️ John ATP that developers cannot give you a

⏹️ ▶️ John, Casey refund.

⏹️ ▶️ Casey That’s not entirely true now with StorKit 2 you can.

⏹️ ▶️ Marco Wait what?

⏹️ ▶️ Casey With StorKit 2 there’s an in-app refund flow.

⏹️ ▶️ Marco I thought it was just like a like request a refund kind of like you could like kick them to a certain screen

⏹️ ▶️ Marco right or is that?

⏹️ ▶️ Casey Maybe it’s been a while since I’ve looked at this but there was in with StorKit 2 which is the new like async await

⏹️ ▶️ Casey powered StorKit stuff there’s absolutely a way I think it

⏹️ ▶️ Casey kicks to an Apple provided screen which is I think what you just said. I forget, I’d have to look

⏹️ ▶️ Casey at it again. But there is absolutely a new way that you can tell Apple, hey, this user

⏹️ ▶️ Casey wants a refund, and I forget exactly how it’s processed from there.

⏹️ ▶️ John Right, well, the point is the request goes to Apple. The request, I mean, the developer can facilitate the flow, but in

⏹️ ▶️ John the end, Apple, and to most of the part, Apple will fulfill that request. They will give

⏹️ ▶️ John you the refund. But the cost of it, you know, the $6 charge that I got that

⏹️ ▶️ John I got nothing for, right, because probably because of a bug in their program or their servers are overwhelmed, or who knows what the problem was,

⏹️ ▶️ John right? I made the calculation that it would be more annoying than the $6

⏹️ ▶️ John that I would get back to try to go through the process. Because now I have to go through, they didn’t have that flow facilitated.

⏹️ ▶️ John So maybe if they had done that with Storkid too, I would have tried it. But I have to go through sort of the out of band,

⏹️ ▶️ John go to this form, fill it out and say, hey, I made an in-app purchase in this thing.

⏹️ ▶️ John It was for this amount. I made it roughly around this time and I didn’t get the thing for it, give me a refund.

⏹️ ▶️ John Well, I made a bunch of $6 purchases because I was playing with the program. Which one of them didn’t work?

⏹️ ▶️ John I don’t have even a way to identify it to say, like the fifth one for

⏹️ ▶️ John this amount made on this day was the one I didn’t get. And it’s just like, it just seemed

⏹️ ▶️ John like such a headache. I’m like, well, you win this time. You get my $6 and you didn’t get anything from it because of

⏹️ ▶️ John how annoying it is. In a competitive market, every purchase that you make through an in-app purchase

⏹️ ▶️ John system, you’d be able to go to a webpage and see a history of all your transactions and each line item would have a refund

⏹️ ▶️ John button at the end. Request refund, right? Like how hard is it to return something to Amazon?

⏹️ ▶️ John How hard is it to request a refund? Like basic e-commerce functionality from the 90s is

⏹️ ▶️ John I can see a list of all my transactions and I can do stuff to them right there. I can look at the

⏹️ ▶️ John details of the order. I can go link back to the pages of things. And if I want to get a refund, I don’t have to go to someplace else

⏹️ ▶️ John and dig something out right there. It should say, do you want a refund in this order? Do you want to initiate a return? That’s

⏹️ ▶️ John what the web is for. but in the world of Apple, it’s like, oh, go to a form on an Apple webpage and now I

⏹️ ▶️ John guess in StorKit too we’ll try to facilitate that flow. Forget about involving the developer in allowing you to do a refund

⏹️ ▶️ John or to do a refund programmatically or whatever, just give the user enough knowledge. Like all I had literally to know

⏹️ ▶️ John that this even happened is I can go to transactions on my Apple card and see a charge. But beyond that, there’s no

⏹️ ▶️ John record that this thing ever happened anywhere else and no way for me to identify it. There’s not even like an order number or a transaction

⏹️ ▶️ John ID that’s visible to me. So frustrating, definitely not. And this is like up to

⏹️ ▶️ John the standards of like, you know, maybe not 90s, like early 2000s era e-commerce platforms and the app

⏹️ ▶️ John store does not meet that line.

⏹️ ▶️ Casey Yeah, I couldn’t agree more. And it’s no good. But what are you going to do? But yeah,

⏹️ ▶️ Casey so apparently you can, you can define all new or you can’t define new price

⏹️ ▶️ Casey points, but you can use a bunch of new price points. They can end in various ending

⏹️ ▶️ Casey like decimal. So like nine, something 95, something 99. I was going

⏹️ ▶️ Casey, Marco to

⏹️ ▶️ Casey say, I think you can do zero zero, like all sorts of different stuff. And that’s kind of exciting, I guess.

⏹️ ▶️ Casey But yeah, I don’t know. I don’t know. This is this is nice, but it is far from revolutionary, which I guess

⏹️ ▶️ Casey I shouldn’t complain. still better than nothing.

Apple Music Sing

⏹️ ▶️ Casey And then finally, very briefly, Apple introduced Apple Music Sing, which I don’t

⏹️ ▶️ Casey think, yeah, it’s available later this month. But anyways, Apple Music Sing is an exciting new feature that allows users to sing

⏹️ ▶️ Casey along with their favorite songs with adjustable vocals and real-time lyrics. Apple Music Sing offers multiple lyric

⏹️ ▶️ Casey views to help fans take the lead, perform duets, sing back up, and more, all integrated within Apple Music’s unparalleled

⏹️ ▶️ Casey lyrics experience. Coupled with an ever-expanding catalog that features tens of millions of the world’s most singable

⏹️ ▶️ Casey songs, Apple Music Sing makes it fun and easy for anyone to participate, however, wherever they choose. Available

⏹️ ▶️ Casey later this month to Apple Music subscribers worldwide. You can do it on iPhone, iPad, and

⏹️ ▶️ Casey Apple TV. Viteci has, I think, taken a spin with this or has

⏹️ ▶️ Casey at least posted some screenshots of it one way or another. We’ll put a link to a tweet of his in the show notes.

⏹️ ▶️ Casey I don’t personally care for karaoke because I cannot carry a tune to save my life, but

⏹️ ▶️ Casey I think that’s kind of cool. I think it could be a fun party game. We actually, I think I might have mentioned, we recently dug out

⏹️ ▶️ Casey our Wii and our rock band equipment in order to play that with the kids from time to time.

⏹️ ▶️ Casey And that’s been quite fun. Although, as always with rock band, you never really find anyone

⏹️ ▶️ Casey volunteering to be the singer. What are you going to do?

⏹️ ▶️ Marco I mean, that’s a high risk move.

⏹️ ▶️ Casey What, being the singer? Yeah, it’s terrible.

⏹️ ▶️ Marco Yeah. You know, everyone else is having fun. You’re the singer. Like, you’re going to be under some scrutiny. Yep.

⏹️ ▶️ Casey No, I couldn’t agree

⏹️ ▶️ John more. But there are musical families, like the Von Trapps or whatever, where everyone wants to be the singer because they can

⏹️ ▶️ John all carry a tune. Must be nice. Must be friggin nice.

⏹️ ▶️ Casey Anyway, this is cool. I don’t personally have a lot to say about it, but I think it’s neat. And I’ll definitely at least check

⏹️ ▶️ Casey it out. And I’m curious what the the user interaction looks like for this. Obviously, again, we’ve seen some

⏹️ ▶️ Casey screenshots, but I think this is one of those things you’re gonna have to use it to really see how it feels. But hey, that’s kind of cool.

⏹️ ▶️ John Yeah, I think that’s really cool. When I saw this feature, my my first thought was,

⏹️ ▶️ John are Are they extracting the vocals using like machine learning? But the answer seems to be no. They’re just using

⏹️ ▶️ John the fact that they have multi-track versions of these songs for like their Dolby Atmos versions. Like

⏹️ ▶️ John they already have isolated vocals. That’s why they can just, you know, they’re not extracting the vocals.

⏹️ ▶️ John Vocals are already extracted. And that’s why I think it’s not going to be on every song in their catalog, but however only

⏹️ ▶️ John however many million they have these Dolby Atmos multi-track things for. But there are lots of really

⏹️ ▶️ John cool machine learning things that can extract vocals from You don’t need a machine learning machine learning

⏹️ ▶️ John such a term you got to put it on everything now to get VC funding or Whatever, but like you can extract vocals from songs

⏹️ ▶️ John like by subtracting from the left channel from the right channel If the vocals right in the middle or whatever like there’s very dumb digital

⏹️ ▶️ John signal processing things You can do to try kind of get the vocals out But machine learning things can

⏹️ ▶️ John do a really scary good job of doing it with even if you just have a mix thing But Apple

⏹️ ▶️ John doesn’t have to worry about any of that because they’ve got the individual tracks And yeah, this definitely looks fun and Apple’s lyrics

⏹️ ▶️ John thing are actually pretty good I don’t know if you ever accidentally tapped on that little double quote mark in

⏹️ ▶️ John a speech bubble in the bottom of Apple Music on your phone and see the words come up. But they do a good job of like

⏹️ ▶️ John scrolling them. They almost always look like a karaoke thing because they would scroll the lyrics and highlight the ones as they’re saying them.

⏹️ ▶️ John And the timings are really good. The lyrics are usually pretty good. The screenshot that DJ

⏹️ ▶️ John put in there, he put in, I’ve had the time of my life from dirty dancing, which is like a duet. And it shows one person’s

⏹️ ▶️ John vocals on the left side and the other person’s vocals on the right side. So two people can sing at the same time. Again,

⏹️ ▶️ John not advanced technology, but a fun feature that they basically had all the pieces of an Apple Music and now they have the final

⏹️ ▶️ John one. So I give this a thumbs up for all those people out there who can actually carry a

⏹️ ▶️ Marco tune. Yeah, and I think if the catalog is actually

⏹️ ▶️ Marco broad enough that you can find stuff in there that you wanna sing where they actually do have the vocals isolated out, that’s really

⏹️ ▶️ Marco cool. And that’s, I don’t know, like if Spotify has the same feature, I don’t really pay attention to the karaoke world,

⏹️ ▶️ Marco but that’s a cool thing to do and you have the position they have in the music business

⏹️ ▶️ Marco where they can actually get all these mixes with the vocals isolated out. That’s a really cool thing to

⏹️ ▶️ Marco offer. And now anybody who has an iPhone can anywhere

⏹️ ▶️ Marco do a karaoke party or whatever. That’s a pretty cool thing.

⏹️ ▶️ John And I like the fact that you can control the vocal volume because if you’re not confident enough in your

⏹️ ▶️ John singing, you can have the real vocals like 50% and it’ll be a little bit more like you’re singing in the shower and

⏹️ ▶️ John you just, it’s a mercy that you can’t even hear yourself over the sound of

⏹️ ▶️ Marco the actual vocals. I mean, just think about how much parents can torture their kids in the car with this.

⏹️ ▶️ Casey, John Oh my.

⏹️ ▶️ John Yeah, some people are pointing out in the chat, like you read the thing before that’s available on Apple TV

⏹️ ▶️ John 4K. Is it not available on the previous Apple TV 4Ks and on the

⏹️ ▶️ John pre 4K Apple TVs? I don’t know, that’s a good question. And of course the Mac, no one cares about the Mac, but

⏹️ ▶️ John the Mac was not mentioned. I guess you can’t do this on your Mac, you can only do it on. iPhone, iPad,

⏹️ ▶️ John and the new Apple TV 4K. That Apple TV 4K thing seems suspect to me, but

⏹️ ▶️ John the lack of Mac seems very clear.

⏹️ ▶️ Marco We are brought to you this week by collide an endpoint security solution

⏹️ ▶️ Marco that uses the most powerful untapped resource in it, your end users. Whether you’re

⏹️ ▶️ Marco trying to achieve your security goals for a third party audit, or for your own compliance standards, the conventional

⏹️ ▶️ Marco wisdom is to treat every device like Fort Knox, old school device management tools like MDMs,

⏹️ ▶️ Marco force disruptive agents onto employee devices that slow down performance and treat privacy as an

⏹️ ▶️ Marco afterthought at best. And that way of doing things turns IT admins and end users into enemies.

⏹️ ▶️ Marco And it creates its own security problems because users turn to shadow IT just to do their jobs. So collide

⏹️ ▶️ Marco does things differently. Instead of forcing changes on users, collide sends them security recommendations

⏹️ ▶️ Marco via Slack. It’ll automatically notify your team if their devices are insecure and give

⏹️ ▶️ Marco them step-by-step instructions on how to solve the problem themselves. By reaching out to employees

⏹️ ▶️ Marco via a friendly Slack DM and educating them about company policies. Collide can help you build a culture

⏹️ ▶️ Marco in which everyone contributes to security because everyone understands how and why they do it. And for

⏹️ ▶️ Marco IT admins, Collide provides a single dashboard to monitor the security of your entire fleet, whether

⏹️ ▶️ Marco they’re running Mac, Windows, or Linux devices. You can see at a glance which employees had their

⏹️ ▶️ Marco disks encrypted, their OS up to date, their password manager installed, making it easy to prove compliance

⏹️ ▶️ Marco to your auditors, customers, and leadership. So that’s Collide. user centered cross

⏹️ ▶️ Marco platform endpoint security for teams that slack. You can meet your compliance

⏹️ ▶️ Marco goals by putting users first. Visit slash ATP to find

⏹️ ▶️ Marco out how. If you follow that link to hook you up with a goodie bag including a t shirt just for activating your free trial.

⏹️ ▶️ Marco Once again collide spelled K o l i d e slash

⏹️ ▶️ Marco ATP. Thanks so much to collide for sponsoring our show.

#askatp: Mac Studio vs. Mac Pro

⏹️ ▶️ Casey All right, let’s do some Ask ATP and

⏹️ ▶️ Casey Daryl Thornton writes, now that he has had a Mac Studio running under his desk for some time, can John give us an update

⏹️ ▶️ Casey of how it compares to his ideal computer, the Mac Pro, and what things a new Mac Pro should have

⏹️ ▶️ Casey that the studio does not, above and beyond a separate video card, of course.

⏹️ ▶️ John I mean, the new Mac Pro doesn’t need a separate video card, but it needs more of everything, right?

⏹️ ▶️ John What does the Mac Studio not have that I want? More GPU, right? Right, it can be built in, but

⏹️ ▶️ John it just needs more of it. A lot more of it, and it’s gonna have a lot more of it. Right? And then also things, boring things, more

⏹️ ▶️ John RAM. The Mac Studio maxes out at what, 64? I’ve got more than that in my Mac Pro. You can’t get more than

⏹️ ▶️ John that in a Mac Studio. The Mac

⏹️ ▶️ John, Casey Pro-

⏹️ ▶️ Casey I thought the Studio could do 128. I thought- With

⏹️ ▶️ Casey, John the Ultra maybe? Anyway. I think that’s right. Yeah, the Mac Pro

⏹️ ▶️ John can go up to like 1.5 terabytes, right? So it’s in a different league there. Now the new Mac Pro probably won’t go that high,

⏹️ ▶️ John but what does it need over the Mac Studio? More than that. Maybe even simple things like more storage. It might max

⏹️ ▶️ John out at the same size because it’s not like SSDs take up that much room. And I think the Studio maxes out at

⏹️ ▶️ John eight terabytes, maybe?

⏹️ ▶️ John, Marco Yeah,

⏹️ ▶️ Marco eight terabytes and it is 128, by the way. Yeah, all

⏹️ ▶️ John right, anyway. The Mac Pro could go higher than that. And then obviously

⏹️ ▶️ John there’s expansion. We don’t know where they’re gonna go in that direction, but the Mac Studio kind of doesn’t have much of any, it’s

⏹️ ▶️ John really small. The Mac Pro could have expansion to add even more stuff.

⏹️ ▶️ John But even setting aside expansion, just ignore expansion entirely. it should just have the capacity for

⏹️ ▶️ John more stuff, more CPU cores, more RAM, more GPU cores, more power.

⏹️ ▶️ John So there you go, that’s a Mac Pro.

#askatp: Backing up shared photo library

⏹️ ▶️ Casey Mark Romerman writes, how are you backing up the shared photo library from your Mac? Does it create another

⏹️ ▶️ Casey accessible photo library on the Mac or is it hidden away in a library directory directory somewhere?

⏹️ ▶️ Casey For me, I don’t do that much to the to the library. Like I don’t

⏹️ ▶️ Casey I Favorite some stuff. I don’t really make many albums. So I don’t really bet I

⏹️ ▶️ Casey don’t actively I Don’t do anything specific to back this stuff up. I have back plays I

⏹️ ▶️ Casey have Time Machine, but I don’t do anything explicit or specific to back this stuff up, in part

⏹️ ▶️ Casey because I consider the one true copy of my photos, the files on the file system on my Synology.

⏹️ ▶️ Casey But I suspect that, John, you have some sort of opinion and or strategy about this.

⏹️ ▶️ John Yeah, I think that what this is asking is like, all right, so say I’m participating in a shared library.

⏹️ ▶️ John When I back up my photo library, like if I go to where my photo library is, you know, whatever dot I

⏹️ ▶️ John photo library file or whatever, are the shared library photos in there? Or are

⏹️ ▶️ John they only in the cloud? Right? And I tried to answer this question as best I could without an official Apple answer,

⏹️ ▶️ John by just looking inside that package file and seeing what’s in there. As far as I can tell,

⏹️ ▶️ John on my computer, I have the shared library, you know, the being shared,

⏹️ ▶️ John participating the shared library on my wife’s account on my computer set to download originals

⏹️ ▶️ John and the iCloud, the iPhoto library package thing is the size I would expect

⏹️ ▶️ John it to be if all the photos are in there. Because when you go to like view my wife’s personal library on her

⏹️ ▶️ John account or anything, there’s nothing in it. And yet the library thing is like over a terabyte, right? So I think

⏹️ ▶️ John when you do that, it doesn’t make a separate library somewhere in your in your existing iPhoto

⏹️ ▶️ John library package thingy. That’s where it will download all of the photos from the

⏹️ ▶️ John shared photo library into that package. And then it’ll be backed up just like

⏹️ ▶️ John it has been in the past I’m not a hundred percent and certain of that if anyone can get an official answer

⏹️ ▶️ John from Apple that would be great But as far as I can tell that’s how it works So whatever your backup procedure was like you were saying Casey. I’ll back

⏹️ ▶️ John it up a time machine. I back it up with backblaze It’s the same rules as before if you set

⏹️ ▶️ John it to download originals and you use any backup software on that package you’ll have backups of everything.

#askatp: Can’t quit Finder

⏹️ ▶️ Casey And finally, Garemy Aleis writes, I’ve been a Mac user for about 10 years. One thing that I’ve never understood

⏹️ ▶️ Casey about the Mac is why I can’t properly close the Finder app. Is it the only, it is the only app I can think of

⏹️ ▶️ Casey that just refuses to accept a command queue command. And I can’t figure out why it, why, since it

⏹️ ▶️ Casey is quote unquote, just a file manager. Why is Finder so stubborn, John?

⏹️ ▶️ John I remember one of the very early things I did with ResEdit on the classic Mac OS

⏹️ ▶️ John was added command queue quit menu item to the Finder. And then you could just hit command queue

⏹️ ▶️ John in the Finder to quit. I mean, there is a interface reason why it’s always running

⏹️ ▶️ John because back in the original Mac the Finder was kind of that that was your computer kind of when you turned it on there it was

⏹️ ▶️ John and it didn’t make sense for it to go away because what would be in its place. In the modern era

⏹️ ▶️ John the dock has taken over a lot of this but still a lot of things in the system

⏹️ ▶️ John expect the Finder to be running and they expect to be able to send messages to the Finder

⏹️ ▶️ John through for Apple events and have things work. So there are Mac applications that you may use, probably older

⏹️ ▶️ John ones at this point, that may just expect to be able to fire off an Apple event to the Finder

⏹️ ▶️ John and expect it to already be running and to be able to process it. I believe the Finder will launch in response to that if it’s not running,

⏹️ ▶️ John but it’s just what the rest of the system expects. So you can quit the Finder. It will

⏹️ ▶️ John relaunch automatically, but there are ways to sort of make it stay dead. But you don’t wanna do that

⏹️ ▶️ John because every other part of the system expects it to already be running and will ask it to do things

⏹️ ▶️ John as if it’s running and will relaunch it if it’s not running. And it’s there because that’s sort of

⏹️ ▶️ John like, that’s what’s on the computer when you aren’t running any applications. That’s just the way the Mac works. It’s not just

⏹️ ▶️ John a file manager. Again, the doc has taken over a lot of stuff. Like the doc runs, I think the doc runs mission control.

⏹️ ▶️ John The doc does all sorts of things that you wouldn’t expect it to do, but the finder also does lots of important

⏹️ ▶️ John jobs. In particular, I think a lot of things that launch services do may

⏹️ ▶️ John not require the Finder to be running, but expect it to be running, and that may also trigger it to launch when it’s

⏹️ ▶️ John not running. But yeah, it’s mostly historical, and the historical

⏹️ ▶️ John stuff has ramifications in your life. So don’t try to quit it and kill it. Hopefully Finder is not using all your RAM or grinding

⏹️ ▶️ John your disk. Just let it be there in the background. I think, what runs the desktop background? Is that the Finder? That’s probably also

⏹️ ▶️ John the Dock. The Dock has really taken over a lot of stuff from the Finder. You kinda can’t quit the Dock either. I

⏹️ ▶️ John mean, you can, but it pops right back up. So don’t quit either one of those things. Just let them run.

⏹️ ▶️ Marco Yeah, I kind of consider Finder to be the shell, even though I know kind of like the dock process kind of is,

⏹️ ▶️ Marco but to me, like Finder is like the shell process of Mac OS. Like it’s always there. It

⏹️ ▶️ John really, log in window is the shell process. Don’t kill log in window, Ben. Yeah.

⏹️ ▶️ Marco All right, thank you to our sponsors this week, Trade Coffee, Collide, and Backblaze.

⏹️ ▶️ Marco And thanks to our members who support us directly. you can join at slash join and we will talk to

⏹️ ▶️ Marco you next week.

Ending theme

⏹️ ▶️ John Now the show is over, they didn’t even mean to begin Cause

⏹️ ▶️ John it was

⏹️ ▶️ Casey accidental, oh it was accidental

⏹️ ▶️ John John didn’t do any research, Margo and Casey wouldn’t let him Cause

⏹️ ▶️ John it was accidental, oh it was accidental

⏹️ ▶️ Casey And you can find

⏹️ ▶️ John the show notes at And if you’re

⏹️ ▶️ John into Twitter, you can follow them

⏹️ ▶️ Marco at C-A-S-E-Y-L-I-S-S So that’s Casey Liss,

⏹️ ▶️ Marco M-A-R-C-O-A-R-M, Auntie Marco Armin,

⏹️ ▶️ Marco S-I-R-A-C-U-S-A

⏹️ ▶️ John Syracuse It’s accidental, they

⏹️ ▶️ John didn’t mean to Accidental, accidental, tech

⏹️ ▶️ John podcast so

⏹️ ▶️ Marco long.


⏹️ ▶️ Marco I killed a mouse. Like not the, you know, running around-y kind.

⏹️ ▶️ Marco The

⏹️ ▶️ John harpoon-y belly kind?

⏹️ ▶️ Marco Yeah. I’ve never like worn out a magic mouse before, but. What part of it wears

⏹️ ▶️ Marco out, the button? No, the button is actually totally fine. I’ve worn out like, you know, all the

⏹️ ▶️ Marco crappy Razer gaming mice. No, it started tracking badly. Like it was,

⏹️ ▶️ Marco like the vertical tracking was okay, but the horizontal tracking for some reason, like it kept juddering and everything. And

⏹️ ▶️ Marco at first I thought like interference, low battery, whatever. I tried it on different Macs in different rooms.

⏹️ ▶️ Marco I tried, you know, obviously charging it, turning it off, turning it on. It just is breaking.

⏹️ ▶️ John That sounds like what happened to my Microsoft, my two Microsoft mice. It was the same thing. The tracking started getting all wonky and I

⏹️ ▶️ John thought it was all sorts of other things and eventually realized this is what it was. I wonder, I wonder what causes that. I mean, it could be like you have to

⏹️ ▶️ John clean the plastic lens or whatever, but I think it seems like some kind of hardware failure inside the thing.

⏹️ ▶️ Marco Yeah, you know, I tried obviously, you know, blowing out the sensor, you know, putting nothing appears to be in there. I mean,

⏹️ ▶️ Marco I have, this was the mouse, this is the mouse that came with my iMac Pro, which is what, 2017?

⏹️ ▶️ Marco And I’ve used it heavily as my main desktop mouse for that entire time.

⏹️ ▶️ Marco So I’ve used the crap out of this mouse. So, you know, if something is going to wear out over time,

⏹️ ▶️ Marco that’s a fairly reasonable thing to wear out after whatever it’s been, five, six years.

⏹️ ▶️ John But it’s weird, isn’t it weird that the electronics and the optical sensing parts of things with no moving

⏹️ ▶️ John parts would be the things to wear out? Yeah, for

⏹️ ▶️ Marco, John real. Yeah,

⏹️ ▶️ Marco that’s why it was very surprising to me that it died in that way. Anyway, I feel like

⏹️ ▶️ Marco I’ve achieved something. I don’t think I’ve ever killed an apple mouse before. We can hang it up on the wall. Yeah.

⏹️ ▶️ John It’s your trophy.

⏹️ ▶️ Casey Actually, you could just hang it on a nail, because if I remember right, I haven’t used one in a while, but the little…

⏹️ ▶️ John Hang it on the lighting port.

⏹️ ▶️ Casey, John Yeah. No, that’s true. No,

⏹️ ▶️ Casey I meant the optical sensor. You could just stick the nail or the optical sensor, that little circle, that hole

⏹️ ▶️ Casey right on the nail, and it’s perfect. Beep, beep, beep.