Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals
Show excerpts

#1438: Siri Shortcuts, SMS 2FA autofill, make your own Dynamic Desktops, Apple News anywhere

Lots of practical how-tos this week! Want to make your own Siri commands with the new Siri Shortcuts feature of iOS 12? Josh Centers explains it. Prefer a faster way to enter two-factor authentication codes sent via SMS message? Glenn Fleishman covers how to do that in iOS 12 and macOS 10.14 Mojave. Annoyed that you can’t use Apple News in your country? Adam Engst provides a partial workaround. And if you’ve wanted to make your own dynamic desktops for Mojave, Adam also shows you how to do so with GraphicConverter 10.6.5. Notable Mac app releases this week include CleanMyMac X 4.0.4, Quicken 2018 5.8.1, LaunchBar 6.1.0, Airfoil 5.8.3, OmniFocus 3.1, and Bookends 13.1.4.

Adam Engst 12 comments

How to Use Apple News in Mojave Regardless of Where You Live

Every time I’ve written about Apple News recently, I’ve received comments from readers outside of the US, UK, and Australia expressing annoyance that Apple restricts Apple News to just those three English-speaking countries. Even Canada is left out!

Why should this be? Part of the problem could be technical—Apple News does a lot of text parsing to recommend articles, and it would be understandable if that was currently too difficult for Apple to expand beyond English. But again, why not Canada? Could the issue be wound up in French language requirements in Quebec?

The point is now partially moot for anyone running macOS 10.14 Mojave because there’s an easy workaround for people in unsupported countries—kudos to TidBITS reader fahirsch for alerting me to this trick. Regardless of where you live, 30 seconds of work will let you run the News app and read TidBITS and many other news sources, albeit only in English.

Unfortunately, several international readers say that the News app won’t allow them to access Apple’s special channels or certain other publications. I suspect that News is using IP address sniffing or another method of geolocation since I haven’t experienced any restrictions while using it in the US while the region is set to Canada. It would be interesting to see if using a VPN to acquire a US-based IP address made a difference.

Hacking Apple News Region Tracking

It turns out that News.app exists in all versions of Mojave; it’s just invisible if your region isn’t set to United States, United Kingdom, or Australia in System Preferences > Language & Region. If you change your region to one of those countries, the News app appears in the Applications folder and you can launch and use it normally. That works in iOS as well; just change the region in Settings > General > Language & Region and you’ll be able to use News there too. Unfortunately, setting a different region may have a variety of undesirable side effects.

Here’s where Mojave has one up on iOS. Once the News app is active, if you move it in your Dock so it takes over a permanent spot (or Control-click it and choose Options > Keep in Dock), you can change the region back to your original country, and you’ll still be able to launch the News app from the Dock and use it. I tried simulating this approach with the Shortcuts app in iOS 12, but the shortcut I created to launch the News app there worked only as long as the region was set to a supported country.

For some people, changing regions causes the News app to disappear from the Dock. However, you can instead launch News with a simple Terminal command without changing regions:

open /Applications/News.app

If you don’t want to keep the News app in your Dock or keep returning to Terminal, you could build that command into a Keyboard Maestro macro or an AppleScript. Or, in another simple bit of Terminal hackery, here’s how to make a symlink that gives you a News icon in the Finder:

ln -s /Applications/News.app "/Applications/Apple News.app"

You can name the symlink however you want and you can locate it wherever you like—just change the second pathname inside the quotes.

Needless to say, I can’t test this trick as thoroughly as someone who lives in another country, so let me know in the comments if there are other unexpected downsides to this method of opening Apple News to the rest of the world.

Adam Engst 3 comments

How to Create Mojave’s True Dynamic Desktops with GraphicConverter

At some point during the betas of macOS 10.14 Mojave, I became curious about what was behind Mojave’s new Dynamic Desktop feature that slowly changes the desktop picture throughout the day. A quick trip to /Library/Desktop Pictures revealed that Mojave’s two dynamic desktops—called “Mojave” and “Solar Gradients”—were HEIC files instead of JPEGs. I double-clicked one and it opened in Preview, showing that the main HEIC file was, in fact, a container for 16 individual HEIC images.

16 images of the Mojave landscape. 16 gradients.

HEIC is the filename extension for High Efficiency Image File Format, which is an image container format—for more details, see Glenn Fleishman’s “HEVC and HEIF Will Make Video and Photos More Efficient” (30 June 2017). I played briefly with trying to duplicate Apple’s file and replace the images, but those experiments proved fruitless, so I turned to an expert. Not just any expert, but the guru of image conversions and author of GraphicConverter, Thorsten Lemke.

When I pointed out that the Dynamic Desktop feature seemed to be a relatively simple collection of images, Thorsten promised to look into it more. A beta of GraphicConverter arrived soon after, and we went back and forth a few times before he figured out both the image requirements and the necessary metadata to make it all work. GraphicConverter 10.6.5 is now available with this feature when running in Mojave.

(You may see tutorials for making dynamic desktops merely by putting photos in a folder, selecting that folder in System Preferences > Desktop & Screen Saver > Desktop > Folders, and then enabling the Change Picture checkbox and choosing an interval. This approach may provide much the same effect, but it has been available for many years—feel free to give it a try if you’re not yet running Mojave.)

Building and Testing a Dynamic Desktop

The first step in making your dynamic desktop is acquiring the necessary images. You’ll need 16 separate images. At one point in the betas, GraphicConverter wanted them all to have a resolution of exactly 5120 by 2880 pixels, but that doesn’t seem to be necessary anymore. Just make sure they’ll look good at the full size of the screen. The file format of those images also isn’t important but put them all in a folder for easy access. Regardless, collecting your images will be the hardest part of creating a dynamic desktop.

As you can see in the screenshots of Apple’s dynamic desktop files above, you’ll want to name your images so their order starts at the beginning and continues through to the end—whatever beginning and end mean to you. Both of Apple’s examples map to hours in the day, but I could easily imagine a dynamic desktop image of a sunflower tracking the sun across the sky or a construction project progressing over many months.

Once you have your 16 images, open GraphicConverter 10.6.5, choose File > Browse, and navigate to the folder that contains your images.

The 16 images in GraphicConveter.

Select all the images, Control- or right-click one of them, and in the large contextual menu that appears, scroll way down and choose Export > Dynamic Desktops. Name your file, navigate to /Library/Desktop Pictures as the destination folder, click OK, and wait a bit, since it takes GraphicConverter some time to convert all the images to HEIC and assemble them into the container file.

Export from GraphicConverter.

After GraphicConverter finishes saving the HEIC file in /Library/Desktop Pictures, open System Preferences > Desktop & Screen Saver > Desktop. You’ll notice an additional Mojave icon in the Dynamic Desktop section; select it and you’ll see the name of your file above. Apple told Thorsten that the API needed to set the icon and preview aren’t yet public, so he doesn’t know what’s necessary to get them to display properly.

Your custom dynamic desktop in System Preferences.

Despite this cosmetic confusion, Mojave will display one of the images from your file on the Desktop itself. To confirm that your file is truly dynamic, open System Preferences > Date & Time > Date & Time, disable “Set date and time automatically,” set the time back a few hours, and click the Save button. Keep changing the time by a few hours and saving to see different images appear on the Desktop. When you’re done, make sure to turn on “Set date and time automatically” again.

Date and Time settings.

That’s all there is to making a true dynamic desktop with GraphicConverter. If you’re interested in learning more, Marcin Czachurski has written a two-part article about his explorations into the Dynamic Desktop file format as well.

Glenn Fleishman 29 comments

SMS Text Message Login Codes Autofill in iOS 12 and Mojave, but Remain Insecure

Many Web sites and apps now offer two-factor authentication (2FA), which requires you to enter a short numeric code—the so-called second factor—in addition to your username and password. These temporary codes are either sent to you via text message or are generated by an authentication app. In iOS 12 and macOS 10.14 Mojave, Apple has streamlined entering such codes when sent via an SMS text message, reducing multiple steps and keyboard entry to a single tap or click.

I explain just below how this new feature works, but I also want to raise a caution flag. SMS is no longer a reliable way to send a second factor because it’s too easy for even small-time attackers to intercept those messages (see “Facebook Shows Why SMS Isn’t Ideal for Two-Factor Authentication,” 19 February 2018). It’s time for Web sites that use 2FA to move away from SMS.

Passthrough SMS Codes in iOS 12 and Mojave

When you log in to a site with 2FA enabled that offers SMS-based codes, the sequence usually goes like this:

  1. You complete the standard password-based login and are prompted for a code.
  2. A text message with a code, typically six digits long, arrives in Messages.
  3. If you use notifications to show incoming texts and you’re fast enough, you enter the code as you see it into the Web form and submit it. Otherwise, you switch to Messages, either memorize the code or select and copy it, and return to the site to enter it. (In iOS, you can’t easily select part of a message, making that additionally frustrating.)
  4. Submit the form to login.

In iOS 12, Safari, Messages, and the QuickType bar above the keyboard work together, in a process that looks like this:

Screenshot of SMS code automatically filled into the iOS QuickType bar for entry.
2FA codes sent via SMS automatically fill into the QuickType bar in iOS 12.
  1. Enter your username and password as in step 1 above.
  2. Tap in the second factor field.
  3. When the text message arrives, iOS 12 extracts the code and displays it in the QuickType bar. Tap it to enter the code in the field.
  4. Submit the form to log in.

Here’s a quick video demonstration.

Mojave works almost identically. Instead of the QuickType bar in step 3 above, however, the autofill entry appears below the code field when you click in the field. It’s labeled From Messages and reads Fill Code followed by the short code. Click it to enter it in the field.

Screenshot of SMS code shown in Mojave’s dropdown autofill menu
In Mojave, the code appears in a dropdown autofill menu.

Annoyingly, I found that Mojave listed all previous codes texted—in this case, for my Twitter login—and I had to scroll way down in the dropdown list to find the From Messages item. Selecting that item also proved difficult unless I clicked it and then quickly clicked away from the form field. Otherwise, macOS interpreted pointer movement that hovered over the dropdown list as scrolling and selection! Apple needs to refine this user experience and flush previous entries.

These shortcuts shave a few seconds and a little aggravation off the process, so they’re not a major productivity win, but they do make 2FA less of a roadblock for more people. By reducing friction and making it a simple workflow that feels nearly the same as entering a password from the iCloud Keychain, Apple hopes to encourage more of its customers to enable 2FA at more sites.

Unfortunately, there’s a cloud hanging over Apple’s optimism: SMS-based codes aren’t a reliable security method and should have been eliminated over the last few years.

It’s Easy to Hijack SMS Codes

You have probably seen headlines along the lines of, “Cryptocoin investor has entire holdings stolen with account hack!” Such thefts start with an attacker gaining control of a phone number. This is unfortunately surprisingly easy. Mobile phone numbers are portable, which means they can be easily moved from one physical phone to another, and even transferred among carriers. The basic approach works like this:

Step 1: Obtain personal information. “Background check” sites and stolen information floating around the Internet make it trivial to obtain someone’s phone number, Social Security number, bank account number, and other personally identifying details.

Step 2: Hijack a phone number. To take over a phone number, the attacker then generally uses social engineering, another term for scamming someone with words. They call a phone carrier and explain how they need the number transferred, provide the identity information required to verify themselves, and give the technical details for the new receiving phone.

Although major carriers have started letting customers set an additional PIN for account changes, news stories have revealed that hackers have sometimes managed to talk their way around not having the PIN. And since that additional PIN isn’t required, it’s unclear how many subscribers use one.

(Some hijackers have also shown they can insert themselves into the public switched telephone network to sniff information or hijack a phone number. If a lone attacker can do that, governments obviously can as well.)

Step 3: Take over an account with a password reset. Once the attacker can receive text messages for someone’s hijacked number, they can visit a site at which they expect someone has an account and take it over. Many sites that offer 2FA also allow password resets via SMS, making the assumption that physical possession of a phone is sufficient security.

For instance, it’s common to see text like this on a password reset page:

If you don’t have access to the email address on file for your account and need to reset your password, you can use your verified phone number to update the email address that receives the password reset email.

At many sites, the attacker would also need to know the original email address, which is trivial for someone who has hijacked a phone number.

Thus, an attacker requests an email address change and receives a link via SMS to complete it. On that page, they provide the new, illegitimate address, and verify its receipt to finish associating the account with the new email address. Then they can complete a password change, which sends a link via email to the new address, and with the new password set, they can log in—using the SMS code for 2FA.

Each of these steps is benign, but it all adds up to effectively requiring just one credential—the phone number—instead of two.

With full access to an account, the attacker can drain cryptocurrency, send out email, and carry out other financially or reputationally damaging attacks.

It’s Time to Stop Using SMS for 2FA

Sites originally chose to use SMS-based code validation for 2FA to lower the barriers to 2FA—more people understand SMS than authentication apps. And, regardless of the vulnerabilities of SMS, it’s far better to use a second factor than not, because it deters wholesale attacks against accounts. Even if an attacker gained access to all the decrypted passwords for a service, every account with 2FA enabled would still be able to resist unauthorized logins. But SMS-based 2FA is vulnerable to targeted attacks and identity theft.

Apple’s proprietary 2FA system for macOS and iOS remains extremely robust, but it still allows the use of SMS and voice calls as a backup when trusted devices aren’t available. Many other systems rely on authentication apps that generate time-based one-time passwords (TOTPs), including 1Password, Authy, Google Authenticator, and LastPass, among others. When you use this app-based approach, a service typically also issues you emergency one-time use backup codes that are static—they don’t expire over time, like TOTPs.

Despite Facebook’s routine hiding of new policies that are invasive of people’s privacy and personal information, the company does allow you to use 2FA without a phone number. (This is more significant now that researchers have discovered Facebook has been exploiting people’s 2FA-associated phone numbers for marketing purposes.) Google doesn’t make this fact explicit, but after setting up 2FA, you can remove phone numbers, too, and rely on a combination of other second factors.

While it’s admirable Apple has streamlined SMS code entry, it would be even more so if the company would kickstart the move away from SMS. Such a move doesn’t have to be forced: it could begin with Apple and others providing education and offering a switch to disable SMS codes as backups. It’s inevitable that we’ll have to stop using SMS-based 2FA codes, and it would be better to work toward that before a wide-scale hack makes it a crisis.

If you’d like to learn more about managing security features in iOS 12, as well as understanding and configuring networking and privacy, check out my new book, “A Practical Guide to Networking, Privacy, and Security in iOS 12.” TidBITS readers get 25% off with the coupon code TIDBITS.

Josh Centers 9 comments

Inside iOS 12: How to Create Siri Shortcuts

Have you ever wanted to create your own commands for Siri to extend its capabilities? In iOS 12, that’s now possible, thanks to the addition of “shortcuts,” which Apple describes as providing “a quick way to get things done with your apps.” You can assign spoken phrases to these shortcuts, enabling you to invoke them with Siri.

Unfortunately, Apple has caused some level of confusion with its terminology surrounding shortcuts. The terms include:

  • Siri Suggestion: When Siri notices that you perform the same action repeatedly or can base a suggestion on other data it knows, it puts a notification on the Lock or Search screen. Tap it to run the associated shortcut and perform that action. You can’t do anything else with these shortcuts.
    A Siri Suggestion to call Tonya on her birthday.
  • Siri Shortcuts: If you navigate to Settings > Siri & Search, there’s a Suggested Shortcuts section that lists three shortcuts that Siri thinks you might want to create. If you tap All Shortcuts, you’ll see a lot more suggestions. You can also create this sort of shortcut in apps that support shortcuts, either by tapping an Add to Siri button or using the app’s custom interface. You invoke these shortcuts with a custom spoken phrase.
  • Shortcuts: This standalone app, which was called Workflow when Apple acquired it in 2017, lets you make shortcuts that are significantly more complex than Siri Shortcuts. They can include multiple actions (the building blocks of shortcuts) and control multiple apps, and they support variables, flow control, and other programming language concepts. You can launch these shortcuts with Siri as well.

For this article, I’m going on focus on Siri Shortcuts, which offer the most bang for your time invested. You have little or no control over Siri Suggestions, and creating shortcuts with the Shortcuts app is much more involved (check out the Police shortcut, which sends your location to a contact and starts recording video).

Although Siri Shortcuts lets you create new commands for capabilities that are in iOS or built into Apple’s apps, you’ll most appreciate its power once you see it work with third-party apps. Unfortunately, it’s not easy to figure out which apps support Siri Shortcuts. Try the following to figure out if an app supports Siri Shortcuts:

  • Add to Siri button: Look for an Add to Siri button somewhere in the app’s interface. The travel planning app Kayak sports such a button, but the weather app Dark Sky doesn’t.
  • App Store: Look in the app’s description or version history in the App Store. Dark Sky mentions the addition of Siri Shortcuts, but there’s no requirement that an app must do this. And who’s going to scroll through older entries in the version history to see if the feature might have been added in the past?
    Siri Shortcuts mentioned in App Store listings.
  • App interface: Look in the app’s interface, especially in a settings screen. The podcast player Overcast offers such an interface.
  • Siri & Search: Go to Settings > Siri & Search > All Shortcuts and scan through the list. It won’t necessarily list all apps—Kayak didn’t appear here initially—but it may list apps that you didn’t realize could have Siri Shortcuts.
    Siri Shortcuts in the Settings app.

Unsurprisingly, given developer Marco Arment’s predilections, his podcast player Overcast offers deep support for Siri Shortcuts (I still think Overcast is the best podcast player for iOS despite some fierce competition—see “Overcast Refines the iPhone Podcast Experience,” 16 July 2014). In Overcast, tap the button in the upper-left corner to open the Settings screen, and then tap Siri Shortcuts to see a full list of supported actions. With them, you can use Siri to play, pause, seek back or forward, set a sleep timer, get URLs, access specific podcasts, and much more.

Recording a Siri Shortcut in Overcast.

Another app that supports Siri Shortcuts is CARROT Weather, which is still my favorite weather app (see “CARROT Weather Predicts Cloudy with a Chance of Snark,” 22 January 2018). Again, go into Settings and tap Siri Shortcuts to make shortcuts for actions like getting the current weather, an extended forecast, or a weather map. You can also choose Interact, which lets you talk with CARROT directly through Siri.

Creating a Siri Shortcut in CARROT Weather.

To create Siri Shortcuts for apps that don’t expose their shortcuts or for Apple’s apps, go to Settings > Siri & Search > All Shortcuts. There you’ll see suggested shortcuts for apps like Health, Mail, Maps, and Messages, as well as some third-party apps. Tap See All next to an app name to see more shortcuts for that app, separated into Suggested Shortcuts and Recent Shortcuts.

Unfortunately, there’s no way to predict what you’ll find here either. Some apps, like Fantastical, Overcast, and Twitter, show general command-and-control shortcuts you can create in Suggested Shortcuts—such as “Check weather” in CARROT Weather or Play in Overcast, whereas others, like Google Maps, Messages, and Phone, only offer content-specific shortcuts—like directions to a specific place or sending a message to a contact. You may be able to get a shortcut to appear here by performing the task you want in the app several times and then coming back to this screen.

CARROT Weather shortcuts in the Settings app.

No matter how you discover a particular shortcut, the process of adding your own voice command is the same:

  1. Tap the shortcut in the list.
  2. Tap the big red record button.
  3. When you hear the ding, record the phrase you want to use to trigger that shortcut.
  4. Tap the stop button.
  5. Review your phrase. If Siri didn’t get it right, tap Re-Record Phrase to try it again. (You may also see Edit here, which lets you edit the phrase as text.)

    Recording a rain report shortcut for CARROT.
    I found the suggested “Rain report” cold and impersonal, so I changed it to a question: “Is it going to rain?”
  6. Tap Done when you’re finished.

Now you can use your new phrase just like any other Siri command. Two of my favorites are “Play the Menu Bar on Overcast,” which plays the latest episode of the Menu Bar podcast in Overcast, and “Give me a CARROT Weather report,” which gives me a weather report from CARROT right in the Siri interface. I’m also digging the aforementioned “Is it going to rain,” because it gives me a quick and accurate rain forecast.

CARROT delivering a rain report in Siri.To see all the Siri Shortcuts you’ve set up, go to Settings > Siri & Search > My Shortcuts. (This list also includes any shortcuts you’ve created in the Shortcuts app and assigned a spoken phrase.) Tap a shortcut to re-record its command phrase or delete the shortcut. You can also swipe from right to left on a shortcut to delete it.

I’ve published a video demonstrating how to create and use Siri Shortcuts.

We’re just starting to see the potential of Siri Shortcuts. Beyond what I’ve already shown with Overcast and CARROT Weather, Philips Hue has added Siri Shortcuts support to its app. This support initially seemed redundant because HomeKit already lets you control Hue lights with Siri, but it turns out that the Hue app supports actions that HomeKit does not, like scenes that change throughout the day. Also, the Apple Store app lets iPhone Upgrade Program members create a Siri Shortcut to complete iPhone XR preorders—the option appears during the preapproval process. We’ll all have to keep checking back with our favorite apps to see what they provide—Adam Engst is hoping for Siri Shortcuts support in the Libby ebook reader, so he can tell Siri to play his current audiobook for 15 minutes while going to sleep.

As potentially useful as these built-in Siri Shortcuts are, the Shortcuts app is where the real power is. We’ll be covering it here in TidBITS later on, but if you’re impatient, you can read the chapter that I dedicated to it in Take Control of iOS 12.

Watchlist

CleanMyMac X 4.0.4 1 comment

CleanMyMac X 4.0.4

To mark the 10th anniversary of its all-purpose cleaning and maintenance app, MacPaw released version 4 of CleanMyMac in September with a new name—CleanMyMac X. In addition to a refreshed user interface and speedier cleaning, CleanMyMac X 4 introduces Smart Scan, which combines Cleanup, Protection, and Speed scanners in one action. (MacPaw is currently a TidBITS sponsor.)

The new version also now includes malware removal, a reinvented menu bar app that alerts you to system status and applications that are hogging resources, and an updater tool that monitors app updates and provides access to the latest available versions. MacPaw recently issued CleanMyMac X 4.0.4 to fix a problem with Health Notifications that could not be disabled or ignored in macOS 10.14 Mojave.

MacPaw offers two pricing options for CleanMyMac X—a $39.95 annual subscription or a one-time $89.95 purchase. If you have a license from a previous version, you’re eligible for a 50% discount ($19.98 or $44.97). Additionally, CleanMyMac X is included in MacPaw’s $9.99-per-month Setapp subscription service. ($89.95 one-time fee or $39.95 for a 1-year subscription for new purchases, $44.97 one-time upgrade or $19.98 for a 1-year upgrade subscription, free update from version 4, 66.6 MB, macOS 10.10+)

Quicken 2018 5.8.1 No comments

Quicken 2018 5.8.1

Quicken Inc. has released version 5.8.1 of Quicken 2018 for Mac, adding a new Help menu item to access Quicken on the Web, where you can enter transactions, assign categories, view spending, track budgets, and more. The financial management app also improves the performance of exporting or copying a report (removing the 5,000 transaction limit); fixes a bug where reports copied to the clipboard wouldn’t paste into Numbers correctly; resolves sync issues related to the reviewed flag, balance adjustments, and transfers; and eliminates a crash that could occur when viewing the account income or spending tabs in macOS 10.14 Mojave. ($34.99/$49.99/$74.99 annual subscription, free update for Quicken 2018, release notes, macOS 10.11+)

LaunchBar 6.1.0 No comments

LaunchBar 6.1.0

Objective Development has released LaunchBar 6.1.0, adding compatibility with macOS 10.14 Mojave—but with some caveats. Due to improvements in Mojave’s privacy protection, you will need to grant LaunchBar additional permissions in System Preferences > Security & Privacy > Privacy to enable some features, including indexing of Safari Bookmarks, Instant Send, Get/Drop Finder Selection, and Clipboard History—see the release notes for details. LaunchBar also adds support for Mojave’s Dark mode, while letting you select one of LaunchBar’s dark themes. Finally, version 6.10 now requires 10.10 Yosemite or later. ($29 new with a 20% discount for TidBITS members, free update, 14.5 MB, release notes, macOS 10.10+)

Airfoil 5.8.3 No comments

Airfoil 5.8.3

Rogue Amoeba has released Airfoil 5.8.3, updating the Audio Capture Engine (ACE) to version 9.1.2 for compatibility with macOS 10.14 Mojave and to fix capturing audio from Voice Memos and other apps that have been ported from iOS to macOS (for more on these apps, see this section of Ars Technica’s review of Mojave). The wireless audio broadcasting app also improves handling of error reporting when attempting to capture audio from apps that require the ACE component. Airfoil now requires a minimum of 10.11 El Capitan. ($29 new with a 20% discount for TidBITS members, free update, 12.2 MB, release notes, macOS 10.11+)

OmniFocus 3.1 2 comments

OmniFocus 3.1

Several weeks ago, the Omni Group released version 3.0 of its OmniFocus task management app for the Mac (and iOS), a major update that added new features. In addition to updating the toolbar, sidebar, outline, and inspector to a more modern look, OmniFocus 3 replaces contexts with tags, enabling you to organize tasks and assign multiple tags to any item. It also provides more options for repeating tasks, improves the Forecast view with calendar events interleaved with your actions, and adds common actions to the MacBook Pro’s Touch Bar.

The Pro edition of OmniFocus offers the capability for adding a specific tag to display in Today’s Forecast, which is great for highlighting daily rituals or important items that don’t have explicit dates. OmniFocus Pro also brings custom perspectives, with simple yet powerful filtering rules that enable you to combine rules with all, any, and none.

The Omni Group has now released OmniFocus 3.1, updating it so its interface matches macOS 10.14 Mojave’s Dark mode setting automatically, while also adding a preference option for a light sidebar appearance. The update also hides declined calendar events and past events in the Forecast view, resolves problems with the Columns layout and narrow windows, fixes a bug where copying a parent task with child tasks selected would result in duplicate child tasks, eliminates crashes, and adds several localizations.

The Omni Group continues to price the Standard edition of OmniFocus at $39.99 and the Pro edition at $79.99, with an upgrade from Standard to Pro priced at $39.99. If you previously purchased a license to OmniFocus for Mac, you are eligible for a 50% discount for the same edition (Standard or Pro) of OmniFocus 3 for Mac as long as it’s from the same store (Mac App Store or Omni Group Web site). A free two-week trial is available. ($39.99 new for Standard and $79.99 for Pro from the Omni Group Web site, $39.99 for Standard from Mac App Store with in-app purchase option to upgrade to Pro, upgrade pricing available from previous versions, 45.4 MB, release notes, 10.13+)

Bookends 13.1.4 No comments

Bookends 13.1.4

Sonny Software has issued Bookends 13.1.4, enabling users to import similarly formatted references from multiple files at once via drag and drop. The reference management tool now preserves styled text information in the Abstract and Notes when importing EndNote XML, enables copying of hypertext links from the floating citations window, removes the rarely used PDF viewer (PDFs still display in the more versatile PDF annotation view), and fixes a bug where some Google Scholar searches could generate an error message. Bookends now requires macOS 10.10 Yosemite or later. ($59.99 new with a 25% discount for TidBITS members, 49.4 MB, release notes, macOS 10.10+)

ExtraBITS

Five Ways Google’s Pixel 3 Advances Computational Photography No comments

Five Ways Google’s Pixel 3 Advances Computational Photography

Google has announced its latest iPhone competitor, the Pixel 3, and Digital Photography Review’s Rishi Sanyal outlines five ways it pushes the boundaries of computational photography:

  • Super Res zoom, which uses burst photography to create sharper zoomed photos
  • Computational raw capture, which merges up to 15 frames for the so-called “raw” image
  • Automatic synthetic fill flash, which relights people who are set against bright backgrounds
  • A new machine-learning approach that promises to improve portrait mode photos
  • Night Sight, which lets the Pixel 3 take clear images in dim lighting without a flash

Most impressive is that the Pixel 3 supports such capabilities with only a single rear-facing camera. It will be interesting to see how these features work in the real world when the Pixel 3 ships next week, and to compare them with what iPhone XS users can do today and with whatever new computational photography features Apple adds to next year’s iPhones. (Digital Photography Review also published an article about the computational photography capabilities of the iPhone XS, by our own Jeff Carlson.)

Privacy Glitch Gives Google an Excuse to Trash Google+ 1 comment

Privacy Glitch Gives Google an Excuse to Trash Google+

It’s no secret that the Google+ social network never proved particularly popular with users no matter how hard Google tried to promote or integrate it. Now Google has an excuse to shut down Google+ while saving face: an API bug that could have exposed private user profile data to developers. However, Google says that it “found no evidence that any Profile data was misused.” Google will keep Google+ around for businesses in need of private social networks but will shut down the consumer-facing service in August 2019.