Skip to content
Thoughtful, detailed coverage of everything Apple for 32 years
and the TidBITS Content Network for Apple professionals
Show excerpts

#1596: OS updates, Apple Q1 2022 outpaces supply constraints, Yahoo POP bug, Apple Personal Safety User Guide, Simply Piano

Last week, Apple updated all its operating systems with unspecified bug fixes and important security updates. The company also posted record-breaking financials for Q1 2022 despite supply constraints and weak sales in Japan. Adam Engst has solved a mystery for some TidBITS readers, discovering that Yahoo’s POP3 email service occasionally garbles TidBITS articles by deleting periods. Glenn Fleishman draws on his experience writing books about privacy and security to evaluate Apple’s new Personal Safety User Guide website and PDF. Finally, Josh Centers reviews Simply Piano, explaining how it helped his 8-year-old son pick up the instrument. Notable Mac app releases this week include macOS Big Sur 11.6.3 and Security Update 2022-001 Catalina, Safari 15.3, URL Manager Pro 5.9, Zoom 5.9.3, and BusyCal 2022.1.1 and BusyContacts 1.6.4.

Josh Centers 15 comments

Apple Releases iOS 15.3, iPadOS 15.3, macOS Monterey 12.2, watchOS 8.4, tvOS 15.3, and HomePod Software Version 15.3

It’s time once again to fire up Software Update. Apple has released updates for all of its shipping operating systems with bug fixes and security updates but no new features, apart from Siri on the HomePod learning to recognize two new languages. Apple says that one of the security vulnerabilities addressed may have been actively exploited in the wild, so we recommend updating soon.

iOS 15.3 and iPadOS 15.3 feature frustratingly vague release notes: “bug fixes and security updates.” However, Apple does provide more details for the ten security fixes. You can install the updates in Settings > Software Update. iOS 15.3 is a 1.06 GB download for an iPhone 13 Pro, and iPadOS 15.3 weighs in at 663 MB on a 10.5-inch iPad Pro.

The release notes for macOS 12.2 Monterey are equally vague. It includes 13 security fixes. You can install the 1.94 GB update (on an M1-based MacBook Air) from System Preferences > Software Update. Alongside macOS 12.2, Apple also released Security Update 2022-001 Catalina with five security updates and macOS 11.6.3 Big Sur with seven security updates.watchOS 8.4 release notes

watchOS 8.4 has some of the more specific release notes of the lot, promising a fix for chargers not working as expected (this seems to be a recurring theme, see “watchOS 8.1.1 Fixes Apple Watch Series 7 Charging Issues,” 18 November 2021). watchOS 8.4 also includes eight security fixes. You can install the 184 MB update in the Watch app in Settings > General > Software Update. The Apple Watch must be on a charger and have at least a 50% charge to install the update; it took less than 10 minutes to install on an Apple Watch Series 5.

Unsurprisingly, Apple didn’t include any release notes for tvOS 15.3 but does describe nine security fixes.

Finally, Apple has released HomePod Software Version 15.3, adding Siri voice recognition for up to six users in Indian English and Italian. The update should install on its own soon enough, but you can force it to install right away by opening the Home app, tapping the Update Available button at the top of the screen, and then tapping Update.

Michael E. Cohen Josh Centers 15 comments

Apple Posts Record-Breaking Q1 2022 Despite Supply Constraints

As the world wheezes its way into the third year of the global pandemic, Apple has remained healthy. Reporting on its fiscal Q1 2022 financial results, Apple announced profits of $34.6 billion ($2.10 per diluted share) on record-breaking revenues of $123.9 billion. The company’s revenues were up 11% compared to the year-ago quarter, with profits up over 20% (see “Apple Weathers the Storm to Shatter Records in Q1 2021,” 27 January 2021).

Not all was sunshine and rainbows: iPad sales revenues were down 14.1% from last year’s results, and revenues in Japan also fell by 14.2% compared to last year. Nonetheless, revenues from every other geographic segment rose, and Apple posted all-time revenue records for its iPhone, Mac, Wearables, and Services categories. Here’s how things broke down by category.

Apple Q1 2022 revenue share

As to why iPad sales slumped compared to Apple’s otherwise stellar results, the company repeatedly blamed supply constraints in “legacy nodes,” whatever those are. Apple CEO Tim Cook noted that the problem was not largely due to shared components with other devices—Apple wasn’t prioritizing iPhones over iPads—but he didn’t elaborate. In any case, Apple expects that supply constraints should ease somewhat in the current quarter.

Q1 iPad sales over time

Otherwise, Apple’s sales were tremendous. iPhone revenue was up 9.2% year-over-year, raking in $71.6 billion. Single-digit growth is fairly low for the iPhone, but Apple barely missed double-digits. Cook and CFO Luca Maestri blamed supply chain issues for the iPhone revenues not being higher, with Cook noting that demand for iPhones was very strong.

Q1 iPhone revenue over time

The Mac saw an astonishing 25.1% increase in revenue growth—apparently, it’s less susceptible to those nasty legacy node supply constraints—topping off what Apple called the Mac’s six best quarters ever. In fact, this quarter was the first ever in which Mac sales exceeded $10 billion. Cook attributed much of this success to the new M1-based Macs.

Q1 Mac revenue over time

Apple’s Services sector continues to be one of the fastest-growing, seeing a 23.8% revenue increase year over year and bringing in $19.5 billion. Active subscriptions (which provide a steady revenue stream) reached 785 million.

Q1 Services revenue over time

Apple likewise saw strong growth in Wearables, with a 13.3% increase over the year-ago quarter. Apple said that two-thirds of Apple Watch purchasers last quarter were new to the Apple Watch.

Q1 Wearables revenue over time

Aside from the revenue decline in Japan, which was likely due to the Japanese economy struggling throughout 2021, Apple continued to see growth in every other geographical segment. Greater China, in particular, brought in 21% more revenue than it did last year. Cook noted that the percentage of switchers to iPhone in Greater China had reached double-digits even in the face of a strong market for domestic devices.

Q1 regional revenue over time

Overall, Q1 2022 was yet another incredibly strong quarter for Apple, and it’s particularly gratifying to see the Mac on such a prolonged upswing. That’s a testament to the attractiveness of M1-based Macs, and with professional-level desktop models like the iMac and Mac Pro hopefully making the jump to Apple silicon this year, Mac revenues should remain strong. Supply constraints are clearly Apple’s top concern, but the fact that all product categories other than iPad managed significant growth despite shortages suggests that the company is largely doing a good job of managing those constraints.

Adam Engst 16 comments

Yahoo-Backed POP Connections Cause TidBITS Formatting Error

A few months ago, I wrote about a quirky, sporadic problem that readers would report to us on occasion (see “LittleBITS: TidBITS Formatting Bug, Ransomware Protections, More OCR in Images,” 15 November 2021). For these readers, an article in the TidBITS issue would occasionally be formatted as a column of text that’s a single character wide. I tracked down the cause of each problem to corruption in the CSS styling for the issue that caused style="padding: 0.25em" to change to something like style="padding:25em". That corruption transformed a slight indent into a massive one.

Example of the TidBITS one-character column formatting bug

If the problem had happened once, I could have chalked it up to a communications error somewhere along the way. But it was happening to multiple users, and some of them saw it multiple times, so there had to be some other commonality.

Our support whiz Lauri Reinhardt and I received reports from multiple ISPs, but upon closer examination, they weren’t as separate as they might have seemed. That’s because Verizon bought AOL in 2015 and acquired Yahoo in 2017. At some point, Verizon transitioned both aol.com and verizon.net email accounts to the Yahoo Mail backend. (Yahoo and AOL were acquired by Apollo Global Management in May 2021 and are no longer part of Verizon.) At some point, Frontier Communications also entered into a partnership with Yahoo for its email, adding its primary frontier.com and frontiernet.net domains to the list of those that rely on Yahoo Mail behind the scenes, along with earlier domains like citlink.net, ctaz.com, ctaz.net, and newnorth.net.

That was the first piece of the puzzle, but we have over 2100 subscribers from those domains plus yahoo.com, so if that’s all there was to it, we would undoubtedly be receiving more reports of the problem. After some back and forth with the people who reported the error, I figured out the remaining piece of the puzzle—they all used POP to download their email from the server. The vast majority of Internet email app users rely on the server-focused IMAP protocol for accessing email because it makes working on multiple devices much easier, but POP remains available at many ISPs.

TidBITS reader Bill Gruber provided a possible explanation. He had encountered a similar problem with periods disappearing and discovered that a line that contains just a period would terminate the transaction. (I can’t quickly parse POP3’s RFC 1939, but there is mention of CRLF.CRLF terminating a multi-line response.) Bill found that some ISPs were incorrectly stripping leading periods from a wrapped line, presumably to protect against an inadvertent termination. So if a line were broken such that it started with a period, the ISP would strip that period. The problem was impossible to reproduce because email headers are of random lengths, so the point where a line would be wrapped could change on every send. Needless to say, removing periods can play havoc with formatting, as we experienced, and Bill pointed out that it could be problematic in other ways, such as changing an instruction to administer .25 ml of medicine to 25 ml.

If POP were widely used and if it was easy to connect with Yahoo Mail support, I would report this bug. (Here’s an example of the difficulty of connecting with Yahoo support. Earlier this week, an acquaintance’s email account was compromised, and the attacker sent me multiple emails trying to fool me into sending him an Amazon gift card. After the first message, he tried to redirect our conversation to a similar-looking Yahoo account that wasn’t controlled by my acquaintance. After alerting my acquaintance to the attack via a text message, I looked for some way to report this obvious abuse to Yahoo but could find no appropriate support channel.)

Instead, for those who experience this problem, I suggest you switch to IMAP. If that’s not something you wish to do for technical or philosophical reasons, you can read TidBITS articles that get corrupted in email on our website instead—just click the article title in the issue to load it in your browser.

Glenn Fleishman 4 comments

New Apple Guide Offers Personal Safety Advice

Apple’s new Personal Safety User Guide, a website and downloadable PDF, provides detailed recommendations and advice for Apple users that span numerous Apple services, apps, hardware, and websites. As the author of multiple books about staying safe, private, and secure in iOS, iPadOS, and macOS, you can imagine I had feelings about it—and they’re largely positive!

It’s a great move for Apple to offer a single comprehensive, readable, and searchable place for settings and advice surrounding personal safety. (The version I examined was dated January 2022.)

Apple makes the purpose of the guide very clear—there’s no deflection of the potential for risk here:

Offering quick checklists and in-depth feature tasks, this resource is designed to help customers experiencing technology-enabled abuse, stalking, or harassment understand the options available across the Apple ecosystem that can help you protect your personal safety

The Personal Safety User Guide doesn’t entirely meet that target, but it does provide more readily available and centralized information on the topic than the company has previously released. Primarily, it offers help in finding all the places across operating systems and apps you might be sharing media, location, personal information, or other data.

A Summary of the Personal Safety User Guide

The first section of the Personal Safety User Guide helps you review how your devices and software are set up. The guide walks you through modifying sharing settings and removing people or stopping sharing, as well as determining if you’re sharing things about yourself you didn’t intend to.

Several excellent pages provide in-depth advice on documenting suspicious behavior or settings. “Document suspicious activity with a screenshot or video” could be useful if you don’t know the ins and outs of capturing screenshots and videos on an iPhone, iPad, or Mac.

Apple's instructions on documenting suspicious activity with screenshots

Apple even admits that someone might have installed third-party apps for malicious or unknown purposes:

If you’re concerned someone you once trusted installed an app on your device without permission, you can review a list of all apps installed on the device and review or change how each app accesses information.

The guide also highlights identifying and removing profiles, which enable one of the few ways people can be fooled into installing something on an iPhone or iPad that could easily monitor them. (Profiles can affect network traffic and other settings, and they make it possible for users to install developer-produced, non-App Store apps.)

You might also find useful “Manage Family Sharing settings,” a solid chunk of good advice on managing members, removing members, and getting yourself removed from a Family Sharing group.

Apple shirks the Personal Safety User Guide’s main duty by not digging more deeply into stalking and other unwanted tracking with “Stay safe with AirTag and other Find My accessories.” It’s a quick overview that doesn’t even address even all the features Apple offers, much less add additional insight. It also links to an Apple support note instead of providing that detail directly.

Likewise, the section “Avoid fraudulent requests to share info” is both somewhat off-topic and frustratingly brief at just two paragraphs and a one-line note. Apple could have provided much deeper and more useful information.

Apple tips on avoiding fraudulent sharing requests

The second section, “Safety and privacy tools,” feels much more generic than the first. It offers instructions on updating your devices regularly, configuring your devices for secure access (with passwords, Face ID, and Touch ID), setting up your Apple ID safely and with two-factor authentication, and enabling iCloud Data Recovery Service. (That awkward name is what it’s called, but Apple doesn’t use it in this guide, referring to it only indirectly in the “account recovery contact” section.) This “Safety and privacy tools” section ends by walking readers through the new App Privacy Report feature that is more about apps invading your privacy than other people.

Apple ends the Personal Safety User Guide with three checklists:

  • See who has access to your device or accounts
  • Stop sharing with someone you previously shared with
  • Control how someone else can see your location

The guide should instead start with these checklists, which could act as a verbose table of contents to everything in the document, much like the Quick Start section in a Take Control book. Instead, they’re relegated to the end, and only the first of them offers many links within the guide.

Room for Improvement

As a whole, the Personal Safety User Guide doesn’t hew as closely to its mission statement as I hoped it would. It offers useful advice on safety related to data access and physical tracking, but then it somewhat wanders into the weeds with much broader advice related to remote hacking attempts and other efforts associated with criminals and identity thieves. Apple could make this latter information more directly relevant to those concerned about personal safety issues.

Nonetheless, this version of the Personal Safety User Guide is a first edition, and there’s room for it to grow and mature into something that holds together better as a complete work. It doesn’t have to be literature, but having stated its thesis, it should follow through more completely.


Glenn’s current books covering safety, privacy, and security are Take Control of iOS & iPadOS Privacy and Security, Take Control of Find My and AirTags, Take Control of Securing Your Mac, and Take Control of Wi-Fi Networking and Security.

Josh Centers 7 comments

Learn to Tickle the Ivories with Simply Piano

My wife is a great piano player and has been teaching piano her entire adult life, so she’s been dying to teach our 8-year-old son Harris to play for ages. Predictably, he’s shown no interest and is all about sports, unlike his parents.

That’s why we were floored when Harris begged to try Simply Piano by JoyTunes. We were even more puzzled since we hadn’t let him watch YouTube in weeks, which is where he usually sees ads for such things. All I can figure is that it was a combination of an old YouTube ad and a desperate ploy to get access to some kind of screen.

Simply Piano doesn’t provide a virtual piano. Instead, you park an iPhone or iPad running the Simply Piano app near a real piano. The app gives a lesson, the student plays along with it, and the app uses the device’s microphone to pick up on what’s being played and score the exercise accordingly.

Simply Piano requires a non-trivial subscription fee, but it offers a few introductory lessons for free. Harris had never played piano before but quickly breezed through the free lessons and asked to do more. The pricing fluctuates greatly depending on the time commitment. Three months costs $74.99 (~$24.99 monthly), six months is $112.90 (~$18.82 per month), and 12 months is $149.99 (~$12.50 per month). That’s not cheap for an app subscription, but piano lessons from a real teacher like my wife are more like $50 per lesson (and that’s on the cheap end).

Harris playing Simply Piano

Partially because of the promise of a 7-day trial, I signed up for 3 months because I have no idea how long he’ll stick with the program. We are talking about an 8-year-old’s attention span here. But it wasn’t until after I had paid the money that I realized the 7-day trial was only for the year-long subscription. D’oh!

Tricksy business practices aside, my wife and I have been impressed with Simply Piano. It structures each lesson like a video game. You start by learning the new notes and then playing them at your pace.

Learning new notes in Simply Piano

Then the lesson moves on to timed drills where a bar moves across the screen and you have to play the note when the bar moves over it. It’s akin to games like Dance Dance Revolution or Guitar Hero, where you have to press a button at the correct time, except you’re using an actual piano. After you’ve worked your way through all the levels in a lesson, you play a song along with the app, or as Harris calls it, “fighting the boss.”

Rhythm drills in Simply Piano

There’s no “Chopsticks” here, happily. The song selections are all relatively modern pop hits like:

  • “Imagine” by John Lennon
  • “Don’t Worry, Be Happy” by Bobby McFerrin
  • “Dance Monkey” by Tones and I
  • “Perfect” by Ed Sheeran

As you can see, there’s a lot of variety, and it’s refreshing to avoid the 19th- and early 20th-century music that’s commonplace in piano tutorials, perhaps because it’s out of copyright. (“Chopsticks” dates to 1877, so it’s easy to see why modern kids might not identify with it.)

Simply Piano lessons

So far, we’ve been impressed with Simply Piano’s lessons. In just a few days, Harris has learned a handful of notes and simple songs, and he kept playing through songs over and over until he got perfect scores. Harris regularly asks for the iPad to play Simply Piano without us having to hassle him to practice.

Overall, Simply Piano’s subscription is a good value compared with piano lessons, and there’s no telling if he would respond as well to a teacher or would put in the practice time on his own. Plus, the app supports multiple profiles, so in theory, my other kids or I could learn to play with Simply Piano as well (though six-month-old Betsy would have a hard time reaching the keys). Making it an even better deal, the subscription also includes the company’s Simply Guitar app.

I wish I could say more about Simply Guitar. Harris tried it, but his fingers aren’t quite strong enough to press the strings against the frets. Based on what I’ve seen, it uses a very similar approach, first helping you tune each string as you learn it and then listening as you pluck the notes to a song along with Simply Guitar’s cues.

If you want to take up piano, have a child or grandchild who might be interested in learning, or would like a virtual tutor to augment in-person lessons, Simply Piano is well worth checking out, and Simply Guitar may be as well.

Watchlist

macOS Big Sur 11.6.3 and Security Update 2022-001 Catalina 2 comments

macOS Big Sur 11.6.3 and Security Update 2022-001 Catalina

Apple has released macOS Big Sur 11.6.3 and Security Update 2022-001 for macOS 10.15 Catalina, patching seven security vulnerabilities in Big Sur and five in Catalina. Both updates address a buffer overflow issue with improved memory handling to prevent malicious applications from executing arbitrary code with kernel privileges, improve PackageKit validation to prevent access to restricted files, and improve checks in TCC (Transparency, Consent, and Control) to prevent applications from bypassing certain privacy preferences. We recommend installing the Big Sur update soon, in particular, since Apple says it’s aware of one of the fixed vulnerabilities actively being exploited in the wild. If you notice any problems after updating, please let us know in the comments. (Free, various sizes, Big Sur release notes, Catalina release notes, macOS 11 and 10.15)

Safari 15.3 1 comment

Safari 15.3

Apple has released Safari 15.3 for macOS 11 Big Sur and 10.15 Catalina with patches for four WebKit vulnerabilities. The update improves memory management to prevent maliciously crafted Web content from executing arbitrary code, addresses a logic issue that could prevent a Content Security Policy from being enforced, and improves input validation to prevent a Web page from being able to track sensitive user information. You can download Safari 15.3 only via Software Update. (Free, various sizes, release notes, macOS 10.15+)

URL Manager Pro 5.9 No comments

URL Manager Pro 5.9

Alco Blom has released version 5.9 of URL Manager Pro, adding support for drag and drop from the Search Results window. The bookmarks management utility also adds the Control-Tab keyboard shortcut to Show Next Tab in all windows, adds support for importing and exporting Safari’s Reading List, improves the Share extension for Firefox, and adds a preference that enables you to use the Return key to dismiss windows. ($29.99 new, free update, 20.5 MB, release notes, macOS 10.13+)

Zoom 5.9.3 No comments

Zoom 5.9.3

Zoom has updated its eponymous video conferencing app to version 5.9.3 with new and enhanced features and bug fixes. The release improves the capability of blurring your background without needing to access Zoom client settings; lets hosts create, remove, and rename breakout rooms while they are open and in use; allows hosts to require webinar and meeting registrants be signed-in to the Zoom account associated with their registered email; improves low-light video settings; resolves an issue with joining different meetings simultaneously; fixes a bug that removed imported contacts; and addresses a problem with slides not advancing for viewers. (Free, 25.8 MB, release notes, macOS 10.9+)

BusyCal 2022.1.1 and BusyContacts 1.6.4 4 comments

BusyCal 2022.1.1 and BusyContacts 1.6.4

BusyMac has released BusyCal 2022.1.1 and BusyContacts 1.6.4 with added support for iCloud’s CardDAV servers in China. BusyCal also now enables you to add Google Meet and GoTo (LogMeIn) conference calls to events, enhances the mini-month view, enables you to batch assign default alarms (or remove existing alarms), brings back multiple timezone support for Google accounts, ensures that the menu bar app refreshes properly, and resolves an issue with Microsoft Teams conference call detection in notes.

BusyContacts improves handling of an iCloud error that would prevent sync from completing, resolves an issue where group name changes from Fastmail would not sync, and fixes a bug that prevented profile photos from updating in iCloud. ($49.99 new for BusyCal from BusyMac or the Mac App Store, free update, in Setapp, 53.1 MB, release notes, macOS 10.12+; $49.99 new for BusyContacts from BusyMac or the Mac App Store, free update, in Setapp, 23 MB, release notes, macOS 10.12+)