In an interview given to RT, software legend John McAfee claims that unlocking the iPhone is a “half-hour job.” This part of the interview is just wrong: it may have been the case that passwords were stored in memory in the past, but I don’t believe that’s the case any more. For instance, if I were Apple and I was implementing the iPhone unlock system, I’d encrypt the disk without storing the password, and when the user enters the password I’d attempt to decrypt the disk with that key. I’d then check to see if some known (and non-sensitive) value in memory was correctly decrypted or gibberish.

He does raise an interesting dilemma, however, and that’s that either:

1. The FBI does not know how to access the iPhone’s information, and they should because there a well-funded federal agency;
2. The FBI does know how to access the iPhone’s information, and so they’re deceiving the American people.

I find (1) much more likely in this scenario, or rather, that they do not know how to access the iPhone’s information easily, and would prefer that they have a precedent to get Apple to do it in the future. I find this more likely because iPhone’s have zero day exploits: I don’t have one, I wouldn’t know one if I saw one, but it’s a massive user base with a large attack surface area, they undoubtedly exist and the FBI undoubtedly have access to people that can get them. But it’s hard, costly, and the best hackers smoke weed and don’t wear suits.

When a company markets a product as perfect and constantly re-invents it, there will be growing pain. There are some issues that should almost never exist with even a modest QA process however, which includes proofreading, and here’s Stephen Hackett describing a grammar problem in Disk Utility:

1. The first sentence should read “….destroy all of the data.” It currently transposes “all” and “of.”
2. “Enter a name, choose a format” is a comma splice. Break it into two sentences or use a semicolon.

Even given Apple’s software woes, this is an unfortunate misstep for a core system utility.

Bill Gates weighs in on what he thinks about the Apple v. FBI showdown with regards to the San Bernardino massacre:

“This is a specific case where the government is asking for access to information. They are not asking for some general thing, they are asking for a particular case,” Gates tells the Financial Times, disagreeing with Apple CEO Tim Cook that the FBI’s request would create an iPhone backdoor.

How shamefully wrong. If this were in fact just a singular request for information, the FBI would not have done it so publicly, they would not have invoked the All Writs Acts, and if I’m to speculate a bit, they would not have purposefully sabotaged their chances at legal access to the phone’s information. What more, but the Wall Street Journal is reporting that the FBI already have twelve iPhones they would want Apple to compromise.

An app which allows users to pirate apps snuck onto the App Store by changing the UI based on a user’s locale, location, IP, or something akin. Macworld:

A Chinese iOS application recently found on Apple’s official store contained hidden features that allow users to install pirated apps on non-jailbroken devices. Its creators took advantage of a relatively new feature that lets iOS developers obtain free code-signing certificates for limited app deployment and testing.

Coincidentally, Apple have released some news a couple days ago of an upcoming certification renewal:

How will customers be affected by the certificate renewal?
Customers who have purchased and installed iOS apps, tvOS apps, or Safari Extensions will not be affected by the certificate renewal. Users running OS X El Capitan (v10.11 or v10.11.1) may receive a notification that your Mac app is damaged if it utilizes receipt validation to request a new receipt from Apple. They can resolve this issue by restarting their Mac or updating to OS X El Capitan (v10.11.2) or later.

It seem I’m not the only one that finds certification, provisioning, and code signing confusing …

As a side note, I ran into this bug this weekend.

Apple has launched ApplePay in China:

You can now support Apple Pay for your customers in China, providing an easy, secure, and private way for them to pay using their China UnionPay credit and debit cards. Apple Pay lets users buy physical goods and services within your app without having to enter payment or contact information.  Learn more.

The O2O market in China is massive, and if Apple release a Venmo-like service for Apple Pay, this could change the way people do business.

Tim Cook has published a heroic defense of American’s right to privacy in the face of a court order Apple has been served by the FBI:

The government would have us remove security features and add new capabilities to the operating system, allowing a passcode to be input electronically. This would make it easier to unlock an iPhone by “brute force,” trying thousands or millions of combinations with the speed of a modern computer.

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Apple is doing this because this is the right thing to do: there may be not a lot a stake in unlocking this particular phone, but the precedent that the government wants to set is clear. There’s a lot of excellent journalism you can find on this topic, and I may publish a round-up post with some analysis later. But for now, I want to be absolutely clear about my support for Apple and my condemnation of any technology company which doesn’t stand with Apple on this.

Writing about Apple software quality woes, Michael Simon makes some really good points in his latest piece for Macworld. There’s something really problematic about the opening paragraph however:

Twice over the past month I’ve had to erase and restore my iPhone. Both times were related to an attempted install of the iOS 9.3 Public Beta; instead of upgrading my phone with Night Shift, secure Notes, and better News, I got stuck in an endless Apple logo loop that required plugging into the dreaded iTunes and wiping my drive.

Craig Federighi and Eddy Cue were recently on The Talk Show with John Gruber and argued that because more people are installing the software on day one more than ever, that this is one of the challenges that Apple has to contend with with regard to software quality. That was nonsense because it’s Apple themselves that are releasing more than ever, being more aggressive with upgrade prompts than they’ve ever been, and arguable seeking more users than ever. What Simon has to say about the betas being an indication of software quality is equally nonsense because they’re betas: the fact that his install failed is actually what betas are supposed to do. It’s fine that these problems crop up in the betas, the problem is that they also make it to the final build.

Everyone, even Apple, still seems to be trying to figure out what people want or need to do on their wrist. Prominent WatchKit developer David Smith muses:

What doesn’t work is easiest to say. Apps that try to re-create the functionality of an iPhone app simply don’t work. If you can perform a particular operation on an iPhone, then it is better to do it there. The promise of never having to take your iPhone out of your pocket just isn’t quite here yet. The Apple Watch may advance (in hardware and software) to a point where this is no longer true but the platform has a ways to grow first.

In response, Federico Viticci:

[…] As I tweeted yesterday, my favorite Watch apps aren’t trying to mimic iPhone apps at all. If the same task can be completed on the iPhone, I don’t see why I would try on a smaller, slower device.

Something you might not hear elsewhere: I’m rather interested in the possibilities of fleets of watchOS devices in enterprise. I’ve heard of a real, albeit crazy, case of a company deploying a fleet of iPhones that workers wear on their wrists to inform them of certain events as they happen. Of course, the Apple Watch would be perfect for this, but it’s been billed and tooled to be such a personal device, I don’t think the platform is quite ready for enterprise needs like multi-user of deploying many of them.

But perhaps one day.

Sync is still hard. Versioning documents, resolving conflicts, and issues of connectivity still cause every cloud storage solution trouble. Even for high-profile software like iCloud and Dropbox. Consider that Federico Viticci just tweeted:

Just lost 1.5k words I had prepared for tomorrow because I wanted to try iCloud sync instead of Dropbox this week.

In response, Manton Reece writes that iCloud is too opaque:

I hear that people love iCloud Photo Library and Notes, and that the quality of these apps and companion services has significantly improved. That’s great. (I also think that CloudKit is clearly the best thing Apple has built for syncing yet.)

But to me, it doesn’t matter if it’s reliable or fast, or even if it “always” works. It only matters if I trust it when something goes wrong. Conceptually I’m not sure iCloud will ever get there for me.

This is absolutely right. I used to be “all-in” on Apple’s software when iPhoto was around, because I could back up the managed folder and still access that data in a directory structure that made sense to me. I migrated to a Dropbox and Adobe Lightroom based workflow because of performance, reliability, power, and predictability. Perhaps Photos is simpler and more convenient for most consumers, but it just is too risky and too opaque for me.

This discussion reminds me somewhat of why Marco Arment and David Smith use their own Linux servers instead of BaaS.

The iPad Pro was reviewed by Amanda Summers on Medium, titled “A UX Designer’s Review of iPad Pro”:

We are confident in saying we are able to sit down with iPad Pro and Apple Pencil and create something just as good, if not better, than sketching traditionally using pencil and paper.

Apple Pencil feels completely natural in our hands. There’s no latency and the shading and pressure points feel all too real. The palm rejection technology works great, allowing us to rest our palm on the screen without worrying if it will mess up our drawing.

This is the most consequential review I’ve ever read of the iPad Pro, all of the reviews which came out on the first day were mostly to the tune of “Yeah it’s a big iPad, and the Pencil is cool but rather expensive.” If creatives are successfully using professional grade software to get real work done, this is an excellent sign of the potential of the platform. I do wonder though: is this a good sign for the form factor of the iPad Pro, or is it a good sign for the utility of a stylus on tablets generally? I suspect the latter, and we’ll see what Apple have to say in March about it.

Unrelatedly, I found the article’s placement and production interesting as a published piece. It’s under Amanda Summers’ name, but it’s “published in” her employer’s “organization” entity. I suspect that what MindSea Development get from having their employee’s publish to Medium is status and marketing, and it’s yet to be seen how Medium will make money from this.

Right on the heels of Parse shutting down, Apple have announced they’re expanding the capabilities of their similar API, CloudKit:

In addition to providing a web interface for users to access the same data as your app, you can now easily read and write to the CloudKit public database from a server-side process or script with a server-to-server key. Learn more about generating a server-to-server key and composing web service requests.

Now users of CloudKit can interact with the data from their own server. To be a serious replacement for Parse, however, there needs to be a way for non-Apple clients to interact with it.