By John Gruber
Secure and manage your Apple devices with
At the end of January, Jason Snell published his annual Six Colors Apple Report Card for 2018. This year 55 voters (hand-selected by Snell) graded Apple in 11 areas. I was one of them, and thought it only fair to publish my grades and remarks here at Daring Fireball. Comments in [brackets] are additional commentary I wrote now, and were not included in what I submitted to Snell.
I’d say it’s been an OK year at best. On the MacBook front they had decent MacBook Pro updates and the third-gen butterfly keyboard seems to have fixed the reliability problems with the previous keyboards. But these keyboards are not great. A few people really like them, but most people agree they feel worse than the old keyboards. I may be biased as a writer and a keyboard aficionado, but it used to be the case that Apple’s notebook keyboards were widely hailed as the best in the world — that’s no longer the case, and I think that’s a problem.
I like the new retina MacBook Air a lot, but it was overdue by at least a year.
The new Mac Mini is great, but we still didn’t get a new Mac Pro and none of the iMacs were updated. That’s not good.
Mojave seems fine overall but I personally don’t care about Dark Mode, and the new “Marzipan” apps — Home, News, Stocks, Voice Memos — range from “not great and a little weird” (Home) to “downright terrible” (the other three).
[A “D” may seem harsh here, but the more I think about these MacBook keyboards the more unacceptable I find the whole situation. Apple makes a great keyboard today — the standalone Magic Keyboard 2 has a terrific feel and is completely reliable.
I heard a story years ago about Steve Jobs after the release of the original iPad. Jobs had been on medical leave in 2009 and when he returned to Apple, he was focused almost entirely on the iPad. In 2010, after the iPad was introduced, he had a meeting scheduled with engineers on the MacBook team. The meeting was big picture — What’s the future of the MacBook?, that sort of thing. These engineers had prepared a ton of material to present to Jobs. Jobs comes into the meeting carrying an iPad. He goes to a then-shipping MacBook on a table and wakes it up. It takes a few seconds. He says something like “Look at how long this takes.” He puts it to sleep, he wakes it up. It takes a few moments each time. Then he puts the iPad on the table and hits the power button. On. Off. On. Off. Instantly. Jobs said something like “I want you to make this” — and he pointed to the MacBook — “like this” — and he pointed to the iPad. And then he walked out of the room and that was that.
Is this story true? I don’t know. But it sounds true — and MacBooks do wake up a lot faster than they used to. I’d like someone at Apple to go to the MacBook team with a Magic Keyboard and do the same thing. “I want you to take this keyboard and put it in these MacBooks.”
The MacBook keyboards, lack of iMac updates, and still-missing Mac Pro would’ve led me to give Apple a “C” for the Mac. I took off a whole grade for how embarrassingly bad the “Marzipan” apps are.]
On the hardware front, the iPhone XS and XS Max are great flagships, and months later I continue to be amazed by the quality and capabilities of their camera systems, both for stills and especially for video. There are some Android phones that are arguably as good as the iPhone for still photography but Apple is years ahead on video.
The iPhone XR is way more XS-comparable than I expected. The compromises Apple chose — LCD instead of OLED, a single rear-facing camera, aluminum instead of stainless steel — aren’t noticeable by most people. And the XR gets better battery life — noticeably better. After spending a few weeks using a XR full-time, I honestly question whether its LCD isn’t better than the XS’s OLED for my needs.
iOS 12 is one of my favorite iOS updates for iPhone in years. Apple promised back at WWDC that they were focusing on performance and they delivered. It’s faster and more reliable, and the new grouped notifications are a joy to use. iOS 12 on iPhone is Apple at its software best.
I really wish this were two categories, hardware and software. On the hardware front Apple had an “A” year. The new 9.7-inch iPad at a sub-$400 starting price is a terrific mass market tablet, now with Apple Pencil support. The new iPad Pros are, quite simply, the best portable computers ever made by anyone. They are astounding in every regard — display quality, performance (CPU and GPU), size and weight. They feel like artifacts from a few years in the future.
Software-wise, I’d be tempted to rate this year for iPad as “N/A”. It wasn’t good, it wasn’t bad — it was nothing. Which, effectively, is bad, because I think the iPad needs an “iPadOS” overhaul. The iPad has always been great for simple use cases. “It’s just a big iPhone” is, for many people and many use cases, a compliment, not an insult. But the iPad needs to scale better for advanced use cases — without complicating simple use cases — and iOS 12 wasn’t an advance on that front in any meaningful way.
I don’t think Apple gets enough credit for its expertise in miniaturization. They’ve long been the best company in the world at making ever-smaller ever-more-powerful tiny personal computers, and their lead seems to be growing, not shrinking. Apple Watch exemplifies that.
My only beef with Series 4 hardware and WatchOS 5 is that there’s an aesthetic mismatch between new hardware and watch faces and old hardware and watch faces. The new WatchOS faces only look right on the new Series 4 watches, and the old faces only look truly right on the older watch hardware.
I don’t think Apple needed to come out with new Apple TV hardware this year, but they should have dropped the price on the existing hardware.
iCloud Photos is now one of the best sync services I’ve ever used. It’s fast and reliable, and it handles data that I consider invaluable — my family’s photos and videos. iCloud overall has gotten very good. But the 5 GB free tier is just ridiculous at this point.
[No remarks. ]
[No remarks submitted, but I wish now that I’d made mention of Lisa Jackson’s remarks on stage at the September iPhone XS/XR introduction. Given all the conspiracy theories about Apple and planned obsolescence, it was fascinating to see Jackson on stage touting the durability and longevity of iPhone hardware. Apple promised that iOS 12 would run faster than iOS 11 on older hardware and they made good on that promise. Apple is right to be proud of this, and it’s good for customers and good for the environment. And in the long run, good for Apple.]
In between Snell’s release of the 2018 report card and my posting this piece, Apple has announced that Angela Ahrendts is leaving in April. In the wake of this, there’s been a lot of commentary about the state of Apple’s retail stores, which, in turn, makes me think that “Retail” should be one of the categories on the Six Colors report card. If it were, I’d have given Apple a “C”.
The two best things Apple has done in retail during the Ahrendts era are opening architecturally amazing new flagship stores around the world, and the “Today at Apple” program in every store. But for me, personally, I don’t care about huge new flagship stores in Dubai or Paris, and I don’t partake in the “Today at Apple” classes. I care about two things: buying stuff and getting service at my local Apple Store here in Philadelphia.
I’ve disliked the experience of buying stuff at the Apple Store ever since they did away with queues for checking out. I just want to get in line, wait my turn, pay, and leave. Instead, the way to check out at an Apple Store is to wander around until you get the attention of an employee who has one of the handheld checkout iPod Touches. This can be maddening. My wife refuses to shop at an Apple Store for this reason. I know you can use the Apple Store app to check yourself out, but I don’t like it. Part of the reason Apple’s stores are too crowded is that people are wandering around trying to pay for things.
And getting technical support at Apple Stores is terrible now. In the old days you could just walk in with a broken or otherwise problematic device and get an appointment at the Genius Bar within the hour. Now, the Genius Bar is booked for days in advance — sometimes close to a week. In some ways that’s inevitable — Apple is way more popular now than it was pre-iPhone. But inevitable or not, the result is that getting support at an Apple Store now stinks. And frankly, the technical acumen of the Genius Bar staffers is now hit-or-miss.
“Today at Apple” is nice, but the primary purposes of an Apple Store should be shopping and service — and I think both of those experiences should be a lot better. ★
I’m a big fan of Joanna Stern — she was in fact just on my podcast and it was one of my favorite episodes in a while. At the end of the episode, she mentioned that she was working on a piece about webcam security for her Personal Tech column at The Wall Street Journal. That column dropped yesterday, and I found it half enlightening, half maddening.
How secure are these tiny eyes into our private lives? The bad news is, it was possible for Mr. Heid to get into my Windows 10 laptop’s webcam and, from there, my entire home network. He also eventually cracked my MacBook Air. The good news is that both operating systems were initially able to thwart the hacker. It took me performing some intentionally careless things for him to “succeed.”
Key words there: intentionally careless.
Here’s how he got into her Windows 10 laptop — admittedly using only “off-the-shelf hacking tools”:
When I opened the attached Word doc, Microsoft ’s built-in, free anti-virus software, Windows Defender, immediately flagged it. When I clicked the link to the “reel,” the file that began downloading was identified as a virus and deleted. The system worked, but I wanted to see what would happen if I were someone who didn’t have anti-virus turned on in the first place, or who turned it off because it got annoying.
Here’s how the security expert got into her MacBook (again, using only “off-the-shelf hacking tools”):
Hacking a 2015 MacBook Air running the latest MacOS version, Mojave, also required a multistep process (and some missteps by the “victim”). This time the malware was embedded in an .odt document, an open-source file format.
To open it, I downloaded LibreOffice. The free version of the popular open-source office suite isn’t in the Mac App Store, however, so I had to disable the Mac security setting that prevents unverified developer software installation. […]
Once I installed LibreOffice, I turned off its macro security setting, per the hacker’s instructions. There are scenarios where you might do this — say, for instance, because your company used a specially designed inventory spreadsheet or sales form — but for most people, it’s a bad idea. […]
I did get a pop-up asking for camera access, and I clicked OK, like we might do when we’re in a rush. Because Mr. Heid was only snapping stills, the webcam LED only lit up for a second.
So she had to download LibreOffice (weird), disable LibreOffice’s macro security (really weird), and then still had to grant explicit permission for LibreOffice to access the camera. If you open a document that prompts you for access to the camera, aren’t you expecting it to be able to access your camera?
Stern’s advice to Mac users:
Installing those nagging security and OS updates are a must — on your phone, laptop, router, thermostat, really anything that connects to the internet. They include the latest attempts to patch the holes that hackers use to get in. Mac users should install Malwarebytes or other malware-fighting software — and don’t turn off any security features just because someone asks you to.
I’ve long argued that third-party anti-malware software on the Mac causes more problems than it solves. If someone is willing to ignore the warning from MacOS that an app isn’t from a verified developer, and is willing to disable the security settings in that app at the behest of a social engineering hacker, why wouldn’t that same person be gullible enough to also disable their anti-malware software?
Stern also claims she’s now using a physical stick-on camera cover. But why? In both cases — Mac and PC — the built-in system software did its job and issued clear warnings that she had to ignore for the attack to proceed. And even then — on both Mac and PC — the light next to the camera went on when it was in use.
There’s nothing in Stern’s story that makes me worry in the least bit about the security of my Mac webcams, and I don’t see anything that should worry someone running Windows 10 with Windows Defender (Microsoft’s built-in security software). The path to compromising Stern’s cameras was like a test of your home security that starts with a request that you leave your door unlocked and turn off your alarm system.
I have never understood the mass paranoia over laptop webcams — which have in-use indicator lights, which I’ve seen no evidence can be circumvented on Macs from the last decade — and the complete lack of similar paranoia over microphones, which cannot be blocked by a piece of tape and which have no in-use indicator lights. And I don’t see anyone taping over the cameras on their phones. This story is only going to feed that paranoia, because the takeaway is going to be “The Wall Street Journal says you should cover up your webcam.”
Security researchers at Johns Hopkins released a paper in 2013 revealing that the indicator lights on Macs released prior to 2008 could be circumvented by software. I linked to this in 2016, wondering if the same exploit was possible on more recent Macs. Here’s an answer I received from a former engineer at Apple who was intimately familiar with the software drivers for Mac webcams:
The original cameras had the problem that the JHU researchers detailed in the article that your linked to. Problem was that the firmware was downloaded on every boot and there was no security/encryption mechanism for verifying it. The part used was fairly common and the firmware was just in RAM (hence the loading after a cold boot), as oppose to flashed.
All cameras after that one were different: The hardware team tied the LED to a hardware signal from the sensor: If the (I believe) vertical sync was active, the LED would light up. There is NO firmware control to disable/enable the LED. The actual firmware is indeed flashable, but the part is not a generic part and there are mechanisms in place to verify the image being flashed. […]
So, no, I don’t believe that malware could be installed to enable the camera without lighting the LED. My concern would be a situation where a frame is captured so the LED is lit only for a very brief period of time.
The still photo problem — where the light only turns on for the instant the image is being captured — is interesting. But I would wager real money that the camera indicator light cannot be circumvented by software on any Mac released this decade.
I think this is nonsense. Malware that can surreptitiously engage your camera can do all sort of other nefarious things. If you can’t trust your camera, you can’t trust your keyboard either. Follow best practices to avoid malware in the first place — don’t install Flash Player, and don’t install software from sketchy sources — and you’ll almost certainly be fine.
The problem isn’t your camera, it’s malware. Don’t install any software from unknown or sketchy sources, keep your OS up to date1, and you should be fine. And if you do have malware on your Mac, the webcam is likely the least of your problems. ★
MacOS 10.14 Mojave, in particular, has made some significant improvements to identifying and disabling malware automatically. I got a fascinating email from a Genius Bar tech recently, who said that his time the last few years had been consumed more and more by Mac malware problems. Then Mojave shipped, and malware problems dropped noticeably, and when he does see a malware problem these days, it’s almost always on a Mac that isn’t running Mojave. ↩︎
Adam Engst, writing for TidBITS from Macworld Expo 25 years ago:
RAM Doubler is a single small extension that literally doubles your RAM. It’s not guessing at a 2:1 compression ratio, like Salient’s AutoDoubler and DiskDoubler (now owned by Symantec) — you actually see your total memory being twice your built-in memory. Since RAM Doubler is an extension, there are no controls, no configuration. You just install it and it doubles the amount of application RAM you have available.
A number of people have expressed disbelief that such a feat is possible, saying that they’d avoid anything like RAM Doubler because it’s obviously doing strange things to memory, which isn’t safe. […] > Needless to say, since RAM Doubler has only been out for a few days, we haven’t been testing for long, but I can honestly say that neither of us have noticed anything out of the ordinary during this time.
This is the start of a series TidBITS is running, looking back at old articles from their archive.
I couldn’t use RAM Doubler on my Mac LC, because it required a 68030 processor and the LC only had a 68020. But I used it on other Macs, and it really did work as advertised — it doubled your RAM in exchange for a negligible cost in performance. The most amazing thing, in hindsight, isn’t that compression and clever virtual memory techniques could double your memory — it’s that Mac OS was so open that something as low-level as RAM Doubler was even possible. Effectively, a Mac running RAM Doubler was running a fork of the OS — not just a subtle fork but a fork where the entire memory manager was written by a third party.
In hindsight, the lack of protected memory and disk permissions in classic Mac OS are generally only looked back upon as severe deficiencies. And there certainly were deep problems with that architecture — one app or extension crashing often resulted in the entire machine going down. But that anything goes openness also resulted in tremendous opportunities for third-party software.
From a low-level computer science operating systems perspective, the classic Mac OS was dangerously primitive. But from a high-level user interface perspective, it remains amazing. To install RAM Doubler — software that radically changed the way the OS worked — all you had to do was copy one file to the Extensions folder in your System folder. To uninstall, you just moved it out of that folder. That’s it. One file in one special folder and then restart the machine.