TidBITS#1378/24-Jul-2017

Apple has issued point releases to all its operating systems to address bugs and security vulnerabilities, notably the BroadPwn flaw that could allow an attacker to hijack the Wi-Fi chip in your devices. Adam Engst invites Apple consultants to join him at MacTech Pro New York this week, and we have a special discount for TidBITS readers. Our previous survey about word processors revealed that many of you prefer writing in a Markdown-capable text editor, so this week we’re asking for your input on the Markdown editors you’ve used. To wrap up the issue, Josh Centers explores the magic of powerline Ethernet adapters, and Marc Zeedar examines the growing problem of abandoned apps in the App Store. Notable software releases this week include Moneydance 2017.4, Logic Pro X 10.3.2, 1Password 6.8, Transmit 5.0, Safari 10.1.2, iTunes 12.6.2, and Security Update 2017-003 (Yosemite and El Capitan).
 
Articles
 

This issue of TidBITS sponsored in part by:
Help support TidBITS by supporting our sponsors!

Apple Releases macOS 10.12.6, iOS 10.3.3, watchOS 3.2.3, and tvOS 10.2.2

  by Josh Centers: josh@tidbits.com, @jcenters
  2 comments

Apple has released bug fix and security updates for all of its operating systems. The company didn’t list any new features in the release notes. These updates fix the BroadPwn vulnerability (see “iOS 10.3.3 Patches High-Profile BroadPwn Flaw,” 21 July 2017), so we recommend updating as soon as possible. As always, back up your data first!

macOS 10.12.6 -- macOS 10.12.6 Sierra is available via Software Update, where it’s an 819 MB download. Alternatively, you can instead download a 1.98 GB combo updater to update from any version of 10.12.

In addition to unspecified bug fixes, 10.12.6 includes the following enterprise-focused changes:

macOS 10.12.6 includes 24 security fixes.

iOS 10.3.3 -- You can install the iOS 10.3.3 update via Settings > General > Software Update or through iTunes. It too features 24 security fixes and ranges in size from 80 MB to 140 MB.

watchOS 3.2.3 -- watchOS 3.2.3 is a 26.1 MB update that you install via the Watch app on your iPhone (in Watch > Settings > General > Software Update). Remember that the Apple Watch must be on its charger, charged to at least 50 percent, and within range of your iPhone, which itself must be on Wi-Fi. Don’t start installing if you’ll want to use the watch again within an hour or so — watchOS updates take surprisingly long to load. watchOS 3.2.3 includes 10 security fixes.

tvOS 10.2.2 -- Finally, Apple released tvOS 10.2.2, which includes 15 security fixes. If your fourth-generation Apple TV isn’t set to update automatically, you can get tvOS 10.2.2 via Settings > System > Software Updates > Update Software.

Read and post comments about this article | Tweet this article


iOS 10.3.3 Patches High-Profile BroadPwn Flaw

  by Adam C. Engst: ace@tidbits.com, @adamengst
  7 comments

The ThreatPost blog has called out the fact that Apple’s recently released iOS 10.3.3 patches a high-profile flaw known as BroadPwn. The BroadPwn vulnerability, which affects Broadcom’s BCM43xx family of Wi-Fi chips, allows an attacker within Wi-Fi range to execute code on the Wi-Fi chips of affected devices. Exactly what an attacker could do from that point remains unknown, but said code would be running underneath the operating system.

(Everything we’ve seen talks about BroadPwn only in the context of iOS and Android, but Apple’s recent operating system updates all say that they fix the same bug, and Apple uses the affected Broadcom BCM43xx Wi-Fi chips across all of its hardware lines. So it seems likely that all of Apple’s platforms are vulnerable unless they are running the latest versions of their operating systems (see “Apple Releases macOS 10.12.6, iOS 10.3.3, watchOS 3.2.3, and tvOS 10.2.2,” 19 July 2017). However, the security update for OS X 10.11.6 El Capitan and 10.10.5 Yosemite does not reference the BroadPwn bug.)

The practical upshot of this is that you should update to iOS 10.3.3 soon. Most security vulnerabilities are either limited in what they can do or how attackers can use them, but our security editor, Rich Mogull, said that BroadPwn looks to be one of the worst vulnerabilities he has seen in a while. So hey, just go to Settings > General > Software Update and update your iOS 10 devices right now.

What counts as an affected device? According to Nitay Artenstein, the Exodus Intelligence researcher who discovered BroadPwn, the vulnerability “is found in an extraordinarily wide range of mobile devices — from various iPhone models to HTC, LG, Nexus, and practically the full range of Samsung flagship devices.” Artenstein will be presenting a session on BroadPwn at the Black Hat USA 2017 Conference.

In its security notes about iOS 10.3.3, Apple says that the update patches the flaw on the iPhone 5 and newer, the fourth-generation iPad and newer, and the sixth-generation iPod touch. But that’s just because those are the only devices that can run iOS 10.

Older devices remain problematic. For instance, the iPhone 4 and iPhone 4S, among others, also use vulnerable Broadcom Wi-Fi chips, and because they can’t run iOS 10.3.3, they are likely vulnerable to BroadPwn.

As far as I can remember, Apple has never released a security update to a previous version of iOS. Unfortunately, since about 8 percent of iOS devices are still running an earlier version and there are well over 1 billion iOS devices in active use, that policy puts millions of people at risk. We’d like to see Apple follow the same policy it has with macOS, where two previous versions of the operating system receive security updates. We don’t know why Apple didn’t address BroadPwn for Yosemite and El Capitan; perhaps there’s other some reason they aren’t vulnerable.

Of course, risk is relative. Most people with everyday data on their devices have little to worry about, particularly with BroadPwn, which requires an attacker to be within Wi-Fi range. However, if you use an older, BroadPwn-vulnerable iOS (or Android) device to communicate about sensitive government, corporate, or medical topics, now would be a good time to switch to a newer device.

Read and post comments about this article | Tweet this article


Join Adam Engst for Support Essentials at MacTech Pro New York

  by Adam C. Engst: ace@tidbits.com, @adamengst

I will be attending the MacTech Pro event in New York City on 26 July 2017 to network with attendees and chat about the TidBITS Content Network. If you’re an Apple-focused professional in the New York metro area and are looking for a technical seminar to take your consulting or support knowledge to the next level, it’s well worth it. As a TidBITS reader, you can save $200, dropping the price to just $299.

The speakers at MacTech New York include Allen Hancock of Watchman Monitoring, Jack-Daniyel Strong of Strong Solutions, Jeff Gamet of the Mac Observer, Derek Braunschweiger of Call Andy! Macintosh Consulting, James Taylor of BestMacs, Leon Lincoln of VF Corporation, and Ed Marczak of Google.

Sessions in New York, as at all MacTech Pro events, will include:

Although I won’t be able to make it to any other MacTech Pro events this year, the remaining ones are:

Although each MacTech Pro event normally costs $499, TidBITS readers can register for just $299 and get a free subscription to MacTech Magazine as well. Educational and non-profit pricing is $199. All registrations include lunch.

As with the add-ons at MacTech Conference, if you are interested in the Watchman Monitoring Proactive Support Professional Certification, that course takes place the evening before each MacTech Pro event and costs an additional $249.

Read and post comments about this article | Tweet this article


Vote for Your Favorite Mac Markdown Editor

  by Josh Centers: josh@tidbits.com, @jcenters
  47 comments

We recently asked TidBITS readers to vote for their favorite word processors (see “Vote for Your Favorite Mac Word Processor,” 10 July 2017). Although the results were useful, many people made it clear that they have traded traditional word processors for apps that support the Markdown text markup language, originally designed by John Gruber of Daring Fireball fame.

Markdown, which took some of its design cues from the setext markup language that Adam Engst helped Ian Feldman develop 25 years ago (see “TidBITS in new format,” 6 January 1992), has become popular over the last decade. It’s plain text, which keeps files small, easily manipulable, and portable across multiple apps on every computing platform. Because Markdown is relatively straightforward and standardized, Markdown files can easily be converted to other formats, including HTML for posting on Web sites, RTF or Word’s .doc for importing into word processors, and even LaTeX for scientific writing.

Clever Mac developers have created numerous editors that go beyond the basics to assist in writing and editing in Markdown, and that’s where we’re going to direct our attention in this week’s survey. As always, we have to focus, so we’re considering only apps that meet these criteria:

While Microsoft Word was unquestionably the 800-pound gorilla of word processors, we have no sense of which Markdown editors will stand out in this survey. BBEdit is likely the best-known text editor on the Mac, and it can colorize and preview Markdown-formatted text files, but it’s probably used more commonly by programmers and Web developers.

Byword and iA Writer have been darlings of the Apple community, but have recently been overshadowed by Bear and Ulysses. All four of these apps have iOS siblings, which adds to their popularity.

We also included Mac adaptations of two Unix mainstays: Emacs for Mac OS X and MacVim. We bent the rules slightly to include MacVim. While Emacs has a plug-in that adds Markdown previews, MacVim’s plug-in adds only Markdown syntax highlighting.

You may be as surprised as we were by some of the apps that made the list. Microsoft’s Visual Studio Code can apparently be transformed into a top-notch Markdown editor. Likewise, we think of Coda and Espresso primarily as Web development apps, but they turned out to be decent Markdown editors in their own right.

Now it’s time for us to turn to you, the TidBITS reader, and ask you to share your opinions about the Markdown-capable text editors you have used on the Mac. We’ll collect and summarize the results, as we’ve done for other software categories in the “Your Favorite Apps” series. The survey is embedded at the bottom of this article on our Web site or you can navigate to it directly.

Notes on Ratings -- A few important notes before you start clicking your answers:

You can see the current results below the survey, and we’ll report on them next week, calling out those apps that garner the most votes and have the highest ratings. Thanks for the help!



Read and post comments about this article | Tweet this article


Powerline Ethernet Adapters Are Everyday Magic

  by Josh Centers: josh@tidbits.com, @jcenters
  5 comments

We live in an era of everyday miracles, though we don’t always appreciate that fact. As comedian Louis C.K. puts it, “Everything is amazing, and nobody is happy.” Not only is broadband Internet nearly ubiquitous, you seldom even need to plug into a network, thanks to the penetration of Wi-Fi throughout the developed world. And heck, you might not even need broadband or Wi-Fi, since 4G LTE cellular Internet access is also widely available.

None of these mundane miracles would be possible without the even less remarkable miracle of the electrical grid. But did you know that you can combine these two to turn your home’s electrical outlets into Ethernet connections? It’s the chocolate and peanut butter of networking.

Running Ethernet over electrical wires isn’t a new technology by any stretch. I remember reading about powerline broadband regularly on Slashdot in the early 2000s, as well as Kevin van Haaren’s overview here a decade ago (see “Trading In-Home Wi-Fi for Powerline Networking,” 9 July 2007). It was once touted as the solution for last-mile broadband connectivity, while simultaneously being derided by ham radio operators who claimed that its RF interference would kill the hobby.

Ultimately, both claims were overstated. Powerline networking evolved quietly but was overshadowed by Wi-Fi, cellular broadband, and fiber-optic networks. Although powerline networking never made it to the big time, it didn’t vanish. Rather, it has become reliable, readily available, and shockingly cheap.

When Wi-Fi Fails -- As I wrote in “How to Ensure High-speed Internet Access When Buying a New Home” (18 May 2017), our home’s TV service works via IPTV. So instead of the traditional coaxial connection, our “cable box” uses an Ethernet port for the TV signal.

The problem is that our fiber-optic connection comes in upstairs, and running Ethernet cable to the below-grade TV room would be a pricey proposition. So I didn’t have to pull wire, the ISP’s installers leased me a pair of AirSonics Wi-Fi bridges designed specifically for IPTV.

In my initial testing, everything seemed to work fine — cue the miracle music. But at night, the TV signal would freeze every few minutes. Watching a live baseball game became increasingly frustrating.

After I missed a game-winning home run one night, I went to work troubleshooting the issue. First, I ran Speedtest on my iPhone repeatedly. Whenever the TV connection flaked out, I noticed that the Internet connection had slowed to a crawl, which was distressing.


I initially thought that the AirSonics Wi-Fi bridge boxes could be the problem, but it was something my wife said that caused a light bulb to flash in my head: “This only happens when you’re in the room.” It turned out that she was right.

Most routers on the market today offer two Wi-Fi networks: 2.4 GHz and 5 GHz. 5 GHz is faster and is less prone to interference, but 2.4 GHz has greater range.

I knew the AirSonics boxes communicated via a 5 GHz Wi-Fi signal. As a test, I forced every iOS device in our TV room to connect to the 2.4 GHz network on our router. The interruptions stopped almost instantly! I waited 30 minutes and then connected my iPhone 7 Plus to the 5 GHz network. Almost immediately, the TV signal started acting up again. Bingo.

The common-sense approach would have been to just leave all devices in the TV room on 2.4 GHz. But given that iOS seems to connect to networks at random, that’s a tough solution to manage. Nor does it account for other devices entering the room, like when we have guests. “Hi, thanks for coming over to watch the big game. Can you please set your iPhone to connect to the 2.4 GHz Wi-Fi network?”

In a vain attempt to work around the problem, I changed the channels on the router to reduce the interference. That may have helped, but only a little, and the TV dropouts continued.

I decided that a hardwired connection was our best bet.

Enter the TP-Link AV200 -- I wanted to avoid drilling through the ceiling if at all possible, so I checked to see if powerline Ethernet is still an option — it is! A quick search on Amazon pointed me toward the best-selling TP-Link AV200 — a $25 kit consisting of a pair of 200 Mbps powerline Ethernet adapters.

If you need more speed, you can pay modest amounts more for the AV500 ($35), AV600 ($50), AV1000 ($40), or the AV1200 ($60). The model numbers correspond to their top throughput, so the AV1200 provides up to 1200 Mbps, which should be enough for gigabit Ethernet. But for my IPTV purposes, the 200 Mbps AV200 is more than sufficient, given that my Internet connection is only 100 Mbps at the moment.

When you get these adapters, it is absolutely crucial that you install them correctly. Pay careful attention to these highly technical instructions:

  1. Plug one adapter into a wall outlet.
  2. Plug the other adapter into another wall outlet.
  3. Connect an Ethernet cable from your router or network peripheral to each adapter.

It is literally plug and play.


There are three minor caveats:

You can also pair the adapters to encrypt the data link with 128-bit AES. I didn’t see any need to use this feature given that I’m just transferring TV, but it’s as easy as pressing a button on one adapter and then pressing a button on another.

If you need additional Ethernet drops around your house, you can buy more adapters and plug them in wherever you need them. If you use the optional pairing feature, you’ll have to pair them to the existing adapters, but otherwise installation remains plug and play.

Overall, I’m happy with using the TP-Link AV200 adapters to create an Ethernet network. It’s far more reliable than the AirSonics boxes, and it will be a lot cheaper than leasing them from my ISP for $6 per month.

But it’s not perfect. My TV signal still freezes occasionally, though for far less time than before. I haven’t yet been able to determine why, but it may not be the AV200’s fault. Plus, about once a week I have to reset both adapters by unplugging them and plugging them back in. Annoying, but not much more so than having to power cycle a Wi-Fi router to work around Internet problems, which I’ve also had to do over the years.

As much as Wi-Fi is truly magical when it works — and it does most of the time! — it’s still not as reliable as a direct Ethernet connection between devices. But where pulling wire through walls and floors is difficult or expensive, it’s worth trying a powerline Ethernet adapter like those from TP-Link.

Read and post comments about this article | Tweet this article


The Problem With Abandoned Apps

  by Marc Zeedar: zmarc@designwrite.com
  33 comments

I’ve used iOS apps since the App Store first opened in 2008. As a software developer, the market fascinated me. There was the initial flurry of simple apps, followed by more sophisticated apps. Then the iPad came along, providing a bigger screen for even more powerful apps. The future for apps seemed bright.

Today things have become vastly more complicated: multiple devices with different screen sizes and hardware capabilities, different operating system versions, and many more software APIs. (And that’s just iOS.)

Along the way, we’ve seen changes in business models. At first, most apps charged a fee up front. Then, some apps explored the ad model, while others had separate free “light” and paid “pro” versions. Later, when Apple added in-app purchases, the freemium model became commonplace, with the app being free to download but certain features requiring payment.

The gold rush of those early days — complete with stories of lone developers becoming millionaires overnight — quickly dried up as developers raced to the bottom to see who could charge the least. Today, more money is being made on the App Store, but the lion’s share of that money goes to a small group of large software companies.

Throughout its nearly ten years of existence, the App Store has had a turbulent upbringing. While the App Store may be a senior citizen in Internet time, as a marketplace, it’s barely out of diapers. But we’ve now reached a point where I believe the App Store will either morph into something genuinely useful or fade away as a fad.

I don’t mean that the App Store itself will go away — it won’t — but it could disappear as a business opportunity for most developers. In this dystopian future, the only profitable apps left will be a handful of entertainment apps by huge companies and “business essential” apps, such as those made by banks or news organizations for their customers.

The looming threat that I see is abandoned apps. They have always been cluttering the edges of the App Store to an extent, but the number of abandoned apps has grown lately for three reasons:

Individually, none of these factors would be cause for undue alarm. But bringing all three together could result in a catastrophic tsunami for smaller developers.

Good Intentions, Grave Consequences -- Apple’s intentions are good. Customers downloading apps that haven’t been updated in years is bound to create a poor experience, and lack of developer support undoubtedly generates complaints to Apple.

Getting rid of 32-bit code is also sensible: it reduces app sizes, iOS can drop old APIs and 32-bit-only code, and everything new runs smoother and better. It’s also a good way to “encourage” customers to upgrade to more recent hardware (older devices are 32-bit-only and will not run iOS 11).

However, Apple’s solutions to these issues have serious problems.

The biggest is that, starting with iOS 9, performing a backup with iTunes no longer copies apps to your computer. To restore an app, you must redownload it from the App Store. But if Apple has removed the app for being too old or not 64-bit, the app is gone — there’s no way to download it again!

On the Mac, if a developer abandons an app you rely on, you can easily make backup copies and reinstall it if needed. If an app won’t run on a new version of macOS, you can theoretically boot from an older version or run the app in a virtual machine. Worst case, you can usually find a way to at least migrate your data to another app.

In iOS, the situation is different. Because Apple exercises total control over which apps are allowed to run and how you get and install them, there is no way to get abandoned apps to work (short of jailbreaking, which introduces its own set of non-trivial problems).

And because iOS doesn’t give users access to the file system, and apps themselves are sandboxed (meaning that one app can’t access another app’s data), if you have data in an abandoned app, that data is most likely inaccessible.

To get your data out assumes:

Even if all those assumptions turn out to be true, exporting is rarely simple.

For example, I have an old iOS drawing app with about 50 drawings I made in it over the years. To get those out, I have to open each drawing and email it to myself, setting several export options each time. It will take me hours to export all my pictures, and I’ll lose aspects of the data in the process, such as text no longer being editable, layers being merged, or parts of the drawing being rendered differently in another app.

A different type of problem is that many iOS apps don’t involve data creation but instead run as a service, downloading data from the cloud. A perfect example of this is the Check The Weather app, which requires an Internet service to show you the current and projected weather in your area. Unfortunately, Check The Weather’s developer recently decided to shut down the weather network as it was costing too much. Thus, an app that I paid for and worked great for me for years, suddenly stopped working, with no warning.

Obviously, it’s not inherently Apple’s fault that Check The Weather’s developer couldn’t afford to keep paying for the weather network. Indirectly, though, Apple’s policies play a role, most notably by promising users that all app updates will always be free. When developers can’t charge for updates, that eliminates a common source of revenue that could fund ongoing development and operations. Plus, the App Store doesn’t provide developers any way to contact their customers to alert them to untoward situations or alternative apps.

I found out about Check The Weather when I contacted the developer to see why it had stopped working. He pointed out that he’d written a blog post on his Web site months earlier. How was I supposed to know that? I have nearly 600 apps on my iPad: I’m supposed to check all those developers’ blogs?

A Professional Environment? -- Apple likes to promote the idea of iOS as being capable of professional work. In particular, Apple would like us to see the iPad Pro as a laptop replacement for many workers. For the purposes of argument (if only that), let’s assume that Apple’s contention is true.

What kind of professional environment allows apps to vanish with no way to reinstall them and potentially loses data you’ve accumulated for years?

For a casual home user, losing data to an abandoned app may be no more than an annoyance, but for a business or professional, it could be hugely damaging.

Businesses tend to be slow to change (don’t fix what’s not broken), especially if there are migration issues. Just look at how many companies still use Windows XP!

Apple’s policy, which encourages abandoned apps, is going to cause a lot of businesses to delay or avoid upgrading to iOS 11 for fear that they’ll lose access to apps and data.

As ever more software falls by the wayside this year with Apple’s forced march to 64-bit, more people will suffer the consequences. For many people, that may not be much of an issue, but for others, it could be a serious problem.

Looking at my iPad and iPhone, I currently see 101 and 58 obsolete 32-bit apps respectively. That’s about 25 percent of all the apps on my devices!


(To see the above list on your iOS device running at least iOS 10.3.1, go to Settings > General > About > Applications.)

Yes, a number of these are little games I haven’t played in years, and some are apps that have new versions as replacements (either I deliberately didn’t upgrade or didn’t know there was a new separate version).

A few of these apps were abandoned years ago, such as Zite and Bento. But if an abandoned app still works for me, shouldn’t it be my choice to stop using it or not?

Some of these apps may get new versions before iOS 11’s mandatory 64-bit cutoff, but short of checking with each developer, I have no way of knowing until that happens.

More problematic is the fact that roughly a quarter of my obsolete apps contain data. The list includes lots of writing and drawing apps, six photo editing apps, several news apps, and a number of “content” apps (language databases, apps with books in them, and so on).

These aren’t rare or uncommon apps, either. Many are from major developers or big businesses. I see apps from Fox, HGTV, Sci-Fi Channel (I refuse to use their new inane spelling), Adobe, and many others.

I have an app called Martha Stewart’s CraftStudio that I use for making my own greeting cards. Martha abandoned it a while back (I like to imagine her using Xcode), though the version I have still works fine. Unfortunately, when I upgrade to iOS 11, it will die and I’ll lose all the greeting card designs I’ve made.

What’s most disturbing is that I paid for many of these apps. Although I didn’t pay that much for any given app, in aggregate I spent hundreds of dollars on apps that I anticipated would have longer lifespans.

Worst of all, some of my obsolete apps are linked to hardware. For instance, years ago I bought a toy car that’s controlled via an app on my iPhone. That app is on my obsolete list. When it goes, the car is useless. Good thing it’s not a $1500 drone!

Another 32-bit app lets me use tiny flash memory “hard drives” wirelessly for additional iPad/iPhone storage. (When I travel, I store movies on these for watching on the plane.) Once I update to iOS 11, I won’t be able to use those drives anymore, and they were quite a bit more expensive than the average app. Not good.

I’ve heard other horror stories of hardware that stopped working when its app was abandoned. But actually experiencing it is making me think twice about buying any device that requires an app, whether it’s a security camera, kitchen gadget, toy, or whatnot.

All this means I’m going to be a lot more cautious about spending money on apps in the future. When the App Store first launched, I was accustomed to desktop prices, and as a programmer myself, I was happy to throw a few bucks to developers for their work. Now that I’m seeing so many developers abandoning apps and Apple rendering other apps artificially obsolete, I doubt I’ll be buying much from the App Store.

If my memory is accurate, I used to spend $10 to $25 per month on apps. In 2016 that probably dropped to an average of less than $5. For 2017, it will be even less.

Mac Apps May Be Next -- While getting rid of 32-bit cruft on iOS makes some sense, resources aren’t as constrained on the Mac side. Plus, most apps aren’t from the Mac App Store, so Apple has less control over what is installed.

Despite that, at Apple’s WWDC developer conference in June, Apple made an announcement about the next version of macOS, High Sierra, that makes it sound like 32-bit support on the Mac may be disappearing soon.

Apple’s statement is clear about the Mac App Store requiring 64-bit, but it’s more vague about apps distributed outside the Mac App Store. There Apple “highly recommends” developers go 64-bit and concludes with: “macOS High Sierra will be the last macOS release to support 32-bit apps without compromise.”

I interpret that to mean that some apps will work and others may have problems, though I have no clue what such problems would be. If “without compromise” means old 32-bit apps run slower, similar to PowerPC emulation during the switch to Intel processors, that’s very different from not being able to run them at all.

Whatever version of macOS succeeds High Sierra is over a year away, however, so there’s time to figure out a solution. For most apps, making them 64-bit is just a matter of recompiling, but that doesn’t help for ancient apps that aren’t still under development.

What’s the Solution? -- So far I’ve been focusing on the problems, but what about solutions?

While I realize that Apple has an interest in culling unsupported apps from the App Store, and I agree that getting rid of 32-bit ones is a valid engineering goal, the way the company is going about it is draconian.

Why not put the old apps in a special “old” section of the App Store? Mark them with an Obsolete tag. Set the default App Store search to ignore those apps unless the user selects an “Include obsolete apps in search results” option. Provide a warning upon download that an app is obsolete and unsupported, but let me download and use it if I want.

While it seems unlikely that Apple will ever let developers communicate directly with all their customers through the App Store, Apple could contact app users on behalf of the developers. It would go a long way if Apple could provide users with information about obsolete apps, such as a link to new versions, instructions on how to export data, or suggestions of replacement apps. On reflection, I can’t see Apple ever doing that either.

But Apple could notify us when apps we buy have been removed from the App Store. This would provide a warning that the developer may be abandoning the app and would encourage users to check for more information.

(For instance, I’ve noticed a few apps disappearing when I migrated to a new iPhone. It was a shock to learn those apps were no longer on the App Store and therefore couldn’t be restored. If I’d known, I could have prepared, but I wasn’t warned.)

Apple should also do more to encourage the financial success of developers other than the big boys: better discovery of apps, allowing paid app upgrades, removal of “clone” and garbage apps, and more. If apps are being abandoned because they aren’t making money, anything Apple can do to address that problem would be a help.

To be fair, Apple has been making improvements to the App Store, notably a faster review process. And in a change to a long-standing policy that hurt developers and customers alike, Apple finally allows developers to respond to customer reviews. iOS 11 will bring a new look to the App Store; we’ll see if that improves app discovery or improves sales in any way, or if it’s just rearranging the deck chairs on the Titanic.

What You Can Do -- How you respond to Apple kicking apps off the back of the train is up to you, of course. But here’s my approach — feel free to copy or modify it to suit your needs.

While I think iOS is highly capable and could be a person’s only computer, I’ve already been hit so many times by abandoned apps that I’ve become wary. I no longer think of iOS as a “professional” environment.

Since apps can disappear at any moment, I’m not going to devote much money to buying them nor will I invest significant time and energy into learning and using an app. And yes, I realize that this behavior will result in reduced sales and lowered developer interest in creating “professional” apps.

When evaluating iOS apps that I might use for real work, I’ll avoid those with proprietary data storage. I’ll actively seek out apps that let me store data in the cloud — preferably Dropbox — and apps that use standard data formats.

Before committing to an app, I’ll always check to see that it has export capabilities — and I’ll immediately test those features to make sure they actually work.

My next project is to start going through my list of abandoned apps and seek out replacements for the critical ones. For many, though, I plan to look for a Mac replacement, not just another iOS app. After losing so many favorite iOS apps, I just don’t trust the App Store anymore.

(A version of this article originally appeared in xDev Magazine in May 2017.)

Read and post comments about this article | Tweet this article


TidBITS Watchlist: Notable Software Updates for 24 July 2017

  by TidBITS Staff: editors@tidbits.com

Moneydance 2017.4 -- The Infinite Kind has released Moneydance 2017.4, fixing a bug that prevented Dropbox syncing from working properly when the sync folder grew beyond 2000 updates. The personal finance manager also improves detection of duplicate downloaded transactions, restores the “best match” indicator to the downloaded transaction confirmation interface, and fixes a bug in Python scripting. ($49.99 new from The Infinite Kind with a 40 percent discount for TidBITS members, free update, 96.8 MB, release notes, 10.7+)

Read/post comments about Moneydance 2017.4.

Logic Pro X 10.3.2 -- Apple has released Logic Pro X 10.3.2, adding three new Drummers who play percussion in the styles of Pop, Songwriter, and Latin. The professional audio app also enables you to add new Drummer loops to your song and then customize them with performance controls, lets you transpose or fine-tune the pitch of an audio region, enables adjustment to the lengths of individual steps in the Arpeggiator’s pattern grid, and adds a keyboard shortcut to remove fades. ($199.99 new in the Mac App Store, free update, 1.35 GB, release notes, 10.11+)

Read/post comments about Logic Pro X 10.3.2.

1Password 6.8 -- AgileBits released 1Password 6.8 — dubbed “The Picnic Edition” — adding the capability to create vaults for 1Password.com accounts (without having to visit 1Password.com) and enabling one-time passwords to copy themselves to the clipboard automatically whenever you fill an item that has a one-time password. The password management utility also now displays seconds remaining in the One-Time Password expiration indicator, improves signing into a 1Password.com account on a new Mac, fixes a crash that occurred when editing date values, and changes the keyboard shortcut for quitting both 1Password and 1Password mini to Command-Control-Option-Q. ($64.99 new from AgileBits and Mac App Store or free with a $2.99 or $4.99 per month subscription, free update, 48.2 MB, release notes, 10.10+)

Read/post comments about 1Password 6.8.

Transmit 5.0 -- Panic has released Transmit 5.0, the first major update to the popular file transfer app since version 4.0 in 2010. Transmit adds the free Panic Sync service for synchronizing files across all your devices and apps, boosts overall speed with improved multithreading, and supports 10 new cloud services (including Backblaze B2, Box, Google Drive, DreamObjects, Dropbox, Microsoft Azure, and Rackspace Cloud Files). Other changes include a new Get Info sidebar, batch renaming capabilities, a Places Bar for quickly jumping to favorite folders, and the capability to generate and manage secure keys without leaving Transmit. (For more about Transmit 5.0, read Glenn Fleishman’s full review at Macworld.) While there is no upgrade pricing (remember, it has been 7 years since the last major update), Panic is offering Transmit 5.0 at $35 (a $10 discount) through 25 July 2017. Transmit is no longer available on the Mac App Store. ($45 new from Panic, free update, 30.2 MB, release notes, 10.9+)

Read/post comments about Transmit 5.0.

Safari 10.1.2 -- Apple has released Safari 10.1.2 for OS X 10.10.5 Yosemite and 10.11.6 El Capitan (macOS 10.12.6 Sierra also includes it; see “Apple Releases macOS 10.12.6, iOS 10.3.3, watchOS 3.2.3, and tvOS 10.2.2,” 19 July 2017). The update is focused solely on patching security vulnerabilities, resolving an issue where maliciously crafted Web content could lead to an infinite number of print dialogs, and addressing several memory corruption issues in WebKit. Safari 10.1.2 is available only via Software Update. (Free, 10.10+)

Read/post comments about Safari 10.1.2.

iTunes 12.6.2 -- Apple has released iTunes 12.6.2, which once again includes only unspecified “minor app and performance improvements.” (That was also the case with the previous version; see “iTunes 12.6.1,” 18 May 2017.) If you find anything new or funky with the user interface or behavior, let us know in the comments. (Free, 270 MB via direct download or Software Update, release notes, 10.9.5+)

Read/post comments about iTunes 12.6.2.

Security Update 2017-003 (Yosemite and El Capitan) -- Apple has released Security Update 2017-003 for OS X 10.10 Yosemite and 10.11 El Capitan, patching security vulnerabilities that the company also addressed in macOS 10.12.6 Sierra (see “Apple Releases macOS 10.12.6, iOS 10.3.3, watchOS 3.2.3, and tvOS 10.2.2,” 19 July 2017). The security update addresses a variety of memory corruption issues that affected kernel and system privileges and could lead to arbitrary code execution. It also improves bounds checking to prevent a maliciously crafted XML document from disclosing user information. However, it does not address the BroadPwn bug (see “iOS 10.3.3 Patches High-Profile BroadPwn Flaw,” 21 July 2017). Apple recommends it for all users. (Free. For 10.10.5 Yosemite, 431.6 MB; for 10.11.6 El Capitan, 763.9 MB; security content release notes)

Read/post comments about Security Update 2017-003 (Yosemite and El Capitan).


ExtraBITS for 24 July 2017

  by TidBITS Staff: editors@tidbits.com

In ExtraBITS this week, Apple teams up with Dwayne “The Rock” Johnson to promote Siri, and Google Glass (remember Google Glass?) hits the industrial scene.

The Rock X Siri: Don’t Try This At Home -- Want to see how well Siri works when it’s backed up by a full team of video production editors? Apple has produced an amusing “film” with Dwayne “The Rock” Johnson in which he manages to use Siri repeatedly while doing everyday made-up movie star stuff. We believe all the actual Siri commands he issues could work, although many would require that the iPhone be unlocked. And when we tried to duplicate his commands, Siri failed to understand our words much of the time. Happily, when Siri misheard “read my last email” as “delete my email,” we learned that Siri isn’t allowed to delete emails. Which is a good thing.

Read/post comments

Google Glass Returns… In Factories and Warehouses -- Google Glass, the tech giant’s augmented reality eyewear that flopped in consumer usage due to buggy behavior and privacy concerns, may have found its niche. Companies like agricultural equipment manufacturer AGCO and shipment company DHL have discovered that an upgraded version of Glass radically improves productivity for workers who need product assembly instructions or are picking items in a warehouse. The Wired article’s money quote: “In the enterprise world, Glass is not an outgrowth of the intrusive and distracting smart phone, but a tool for getting work done and nothing else.” We may see more movement toward eyewear from Apple if the company’s new augmented reality ARKit technology takes off because it’s a lot easier to see digital data overlaid on the real world through glasses than on an iPhone.

Read/post comments


This is TidBITS, a free weekly technology newsletter providing timely news, insightful analysis, and in-depth reviews to the Apple Internet community. Feel free to forward to friends; better still, please ask them to subscribe!

Non-profit, non-commercial publications and Web sites may reprint or link to articles if full credit is given. Others please contact us. We do not guarantee accuracy of articles. Caveat lector. Publication, product, and company names may be registered trademarks of their companies. TidBITS ISSN 1090-7017.

Copyright 2017 TidBITS Publishing Inc. Reuse governed by this Creative Commons License.
TidBITS Publishing: 50 Hickory Road, Ithaca, NY 14850, USA 607-216-8248