Category Archives: Non-Programming

A short rant about Error 53 and why it exists

So I went on a bit of a tear at some people I know when they were complaining about Apple’s implementation of Error 53, which (to the best of my understanding) bricks iPhones which have been detected as having a third-party repair performed on the Touch ID sensor. Here are the highlights, slightly edited for language.

EDIT: A number of people have asked why Apple didn’t disable just Apple Pay and leave the rest of the phone functional. Technically speaking, I can’t do more than guess at the details, but it’s my presumption that this is the only way they could prevent jailbreaks and other “the user will do any stupid thing rather than actually listen to security warnings” (the effect of user arrogance on security is a whole separate issue from user ignorance that I’m not going to get into) from getting around the error, which would have rendered it useless. If there was any workaround for the error, the protection would effectively not exist, and then all Apple’s done is made themselves the target of more “annoying popups” complaints. It’d actually be worse PR for them than Error 53 is now! Once again, I am 100% in agreement that the user experience is abysmal and could have been dealt with far better, even within these technical constraints. But it’s still my guess (and again, I do not speak from any position of actual knowledge whatsoever) that disabling just Apple Pay wasn’t a viable option.

And let’s not forget, the data that’s being guarded here is in the Secure Enclave. That means your fingerprints, which are biometrics you can’t (practically) change, and your financial data, which one typically suffers from exposure of even in the best case.


Here’s what gets Apple to do things like this: USERS ARE STUPID! Given the choice, users will do the wrong thing almost every time, especially with respect to security. It’s the same reason Windows Update is now mandatory in most Windows 10 setups despite the screaming about it!

Now granted, I do agree that error 53 should not cause an absolute brick, as it seems to. But I absolutely 100% believe a measure like it is absolutely reasonable.

Here’s the problem – Let’s say Apple doesn’t do this, and someone does break the system and steal a bunch of money. Who are users most likely to blame? Apple, of course, for making a weak system. ​Any one person might individually think to blame the malicious third-party, but I will tell you now it has been proven through harsh experience that the overwhelming majority of users will blame the manufacturer for not making the device more secure!

Apple can suffer the blame for being secure more than it can suffer the fallout from not being secure. Same is true of MS and Google.

I know just enough about how iPhones work to wonder if maybe bricking is literally all Apple can really ​do​. For all I know, if Apple lets the device boot ANY level of the OS, even with passcode security enabled, a compromised sensor could very well then have enough to work with to trick data out of the secure enclave/element (whichever it is!).

At this point it was suggested that Apple could add a slider on the Error 53 screen which warned the user that Apple was not responsible for the consequences if the user chose to continue. To which I said:

No.

Because every single user will instantly slide the slider. And you’re back to “well Apple didn’t actually do anything”.

In fact, the malicious third-party will just say “you’ll get this warning after the repair, don’t worry about it” And ​legit third parties would have to the say the same! So you’re back to the problem of trust model.

You must predicate everything you do in the name of security on the presumption that users are hopelessly lacking in knowledge.

They ​WILL​ be socially engineered into giving up credentials.

They ​WILL​ be socially engineered into turning off security features that give them even a moment’s annoyance even just once.

They ​WILL often do these things without any need to be prodded into it.

They ​WILL follow arcane, complicated, meaningless-to-them instructions to disable some critical safety features just to get a happy kitty running around on the lock screen instead of a static wallpaper. Don’t think so? What do you think jailbreaking ​is​?

The only way to fix this is to deal with the ​FUNDAMENTAL​ failures of the entire model of tech. Tech is not designed for people who don’t understand it. It never has been, it still is not. That includes the iPhone and all things like it.

Look at a different field, like finance – credit card debt is companies designing an entire industry around the predication that users are stupid.

Look at, say, being an electrician. I personally don’t know more than the basics of electronics; I couldn’t tell a three-phase power line from a one-phase with an illustrated freaking diagram. BUT I DON’T HAVE TO, because the person who wired up my apartment didn’t leave all the wires hanging around outside the walls, and there’s insulation on my power cables!

Computers, right up to and including the iPhone and similar, are effectively designed with all the live wires hanging out.


So that’s basically my opinion. All of my opinions are very much specifically my own, they don’t represent those of anyone I have ever before, do now, or ever will work for. If they did, I’d probably be a lot more critical, because I’d have to worry more about looking biased. I’d be pointing out more forcefully how Apple has a lot of problems about listening to what users want, same for Microsoft.

But when you get down to it, none of it is a problem with any one company or piece of technology. Apple is just the latest scapegoat in a debate that has more to do with the fact that society as a whole has a broken trust model than anything about who owns what. Could Error 53 have been handled better? You better believe it could have. But it’s a relatively reasonable solution in an overly complicated world where you effectively can’t trust anyone to know what they’re doing.

Rosyna Keller

By now, many of you have no doubt heard of Rosyna Keller and the problems that he’s suffered. He wrote about them today; the full post can be found on Medium at https://medium.com/@rosyna/the-horrors-of-extended-stay-debilitating-depression-and-a-plea-for-help-c450425fb9ec. (If you can help him, please take a moment to go to Paypal and send what you can spare.)

As Michael Tsai’s blog post on the subject shows, there are many of us who know Rosyna and what he’s done for the Mac developer community. But there are also many who don’t, so I’d like to explore it for a moment from my own perspective.

Michael Tsai writes that Rosyna is “an enigma”, and that’s certainly true. I was only barely aware of him at the time when I benefited most from his work. He was the brilliant mind behind APplication Enhancer (known in the dev community as APE) and the outstanding haxies made by Unsanity. (He was not, to my knowledge, the sole person involved in the development of those projects, but his role was considerable.) My personal favorite had to have been ShapeShifter, a tool which allowed users of Mac OS X back in the 10.5 and earlier days to heavily theme their installations. WindowShadeX, Xounds, and Mighty Mouse were also staples of any Mac install I used. I credit the availability of these haxies with keeping me from souring entirely on development in general at that time in my life- they allowed me the chance to get used to OS X, without losing the sense of flexibility that the older MacOS had.

Those of you who were around for the pre-OSX era are probably scratching your heads about now and wondering what I’m talking about. The truth is, I was simply much younger, and the ability to make my screen change to the colors I wanted after getting stuck with the stupid that was Aqua was really important to me!

Even more than that, the very existence of APE grabbed hold of my imagination – and let me remind you that I would never have known what it was if not for the haxies and all the work Rosyna put into Unsanity. At the time, I was a great amateur as a developer; I knew very little about what was really going on in the system. Many who know me may find that surprising, given the study I’ve made of exactly that subject and in light of my work on OS X Internals, but it was things like APE which put me truly on that track.

In short, while Rosyna can’t be said to be solely responsible for my career, his work was a major factor in making what I’ve accomplished so far possible.

Of course, all I knew about this “Rosyna” back then was that it was a name associated with Unsanity. I never really read the blog, I had no knowledge of the history of the person or the company, and when the haxies stopped coming, a lot of it all faded from my memory. It wasn’t until several years after that I ran into him.

And even then, I didn’t know who he was for a long time yet. All I saw was someone who, despite his obvious misery, reminded me a lot of myself in many ways. It’d be a lie to say I’ve ever been through what he has, but he was a person who made sense to me on a personal level. There aren’t a great many of those; the majority of my relationships are largely or entirely professional.

Imagine my amazement when I finally learned he was the (to me, at least) legendary Rosyna of Unsanity! The symbol of the magic that could be wrought within the machines before me, if you’ll allow me the conceit. Again, while he wasn’t the only inspiration I ever had, he was certainly an important and memorable one, even if I didn’t realize it for a long time.

I learned in that time that it wasn’t just Unsanity that Rosyna was known for. He is a diligent researcher, a person of great insight into the workings of these machines. He has solved problems no one else could. He has helped any number of fellow developers and fellow people when he could, and with more patience and compassion than some of the most famous minds of our generation.

And for this, he has ended up with the burdens he’s described.

In the time that followed, I lost touch with him for a while. When I was lucky enough to connect again, I found him in the precursors to the troubles he described in the Medium post.

Through everything, Rosyna has remained a person who keeps hold of the things that, to my limited knowledge, fascinate and cheer him. He has his eyes on the things that are happening, and while his choices of what matter may seem strange to some, he has rarely if ever Tweeted or otherwise remarked on something that I didn’t find at least momentarily worth my attention. And for me, that’s saying a lot.

In depression, he’s never lost hope. In turmoil, he’s reached out for help, a strength that I’ve failed to find in myself many times over. In the extremity of fear and oppression, he’s spoken out for himself and risked asking the kindness of a community infamous for narcissism and elitism, and in doing so, proven that that very infamity is undeserved.

I can only hope I would have half the strength in me that he does if ever I found myself in his position.

If you are reading this, I ask you to reach out to Rosyna and help him. Even if all you have is a kind word – they do not fall on deaf ears.

Musings

It’s been a long time since I wrote here – well over a year, in fact. I imagine most of those who still follow this feed are expecting the answers to some pretty obvious questions. I’m not here today to talk about those, but at the same time, I think it would be unfair to leave them unacknowledged. Therefore:

  • Yes, I’m still working on the OS X Internals book. For various reasons there have been some delays (to say the least!), but the project is not dead or forgotten. More will be said on this subject soon.
  • Yes, I’m also still intending to finish my port of Missions of the Reliant. For several of the same reasons, that got very back-burnered, but I haven’t left that project behind either.

With that in mind, I turn to the subject that first inspired this post: C.S. Lewis’ famous Chronicles of Narnia. WARNING: SPOILERS FOLLOW! If you are one of the unlucky souls who hasn’t read the books but wishes to, don’t continue!

I had occasion of late to run across the debate regarding whether the original Narnia books should be published in story-chronological order (based on the timeline of events in the novels) or original publication order (based on the order in which Lewis wrote them). I therefore did a little research on C.S. Lewis’ own opinion on the subject, and it seems to be generally accepted that he said they should be read in chronological order.

That, as close as I can understand the information I’ve found, is not what he said.

What he said (again, limited to what information I’ve found with my lackadaisical efforts) was that he personally liked that order, but that it doesn’t really matter. That it’s a matter of preference on the part of the reader. There’s also some mention that the idea of putting a numbering on the books in the first place was based on the demands of American publishers, and never intended by him at all.

I like that point of view. Personally, I’m ecstatic that my first copies of the books were presented to me in publication order, and that I read them in that way. It is my opinion that everyone should read the novels that way the first time, so that they can experience the gradual sense of revelation that culminates only in The Magician’s Nephew, rather than coming into it (as one Amazon reviewer quite astutely put it) already knowing about the lamppost and the Professor and the manner in which Narnia began. After you’ve seen it that way, you can read it after that however you like – I’ve gone back and read it both ways, and I’d be hard-pressed to decide which I prefer now that I already know the secrets.

But then that brought me to another point of contention I find often with Narnia. This is one that I encounter in many other series as well (Wheel of Time, in particular, comes to mine), and it’s another one to which any answer must be considered subjective at best: How to interpret the story.

It’s largely accepted as fact that Narnia is an allegory for various events described in the Christian faith – that Aslan, the magical lion, the Son of the Emperor-Over-the-Sea and the one who both calls Narnia into being and sinks it into its final eternal night, is meant to represent Jesus. That the progression described of how the children experience that world is representative of growing up, and there’s a whole separate debate as to what’s intended by Susan’s absence in The Last Battle.

I am not here to stir up a religious debate. I have no interest at all in questioning the allegory, any meaning it might carry, or anything of the kind. What I do want to comment upon is the oft-seeming requirement that the existence of that allegory be acknowledged by all readers.

As a child, one who was not raised in the Christian faith, I had no understanding of the allusions made in the text. Aslan was to me simply a kindly, if often stern, magical creature. The mysterious Emperor-Over-the-Sea was only a name, one about which we never learned anything. And when Aslan closes the door at the end, what I saw was a world whose time had come, and that they’d gone to another. In short, I accepted the universe of Narnia on its own terms, without reference to anything else at all. It had never occurred to me to consider that it was similar to any other story. Indeed, even now, many years later, I only barely understand a very few of the references!

No one has forced me to accept that this was not C.S. Lewis’ intention. It’s not, in fact, clear to me what his intention was! But nonetheless, it’s cited so often that I tend to feel like the idea of enjoying it by itself is lost in the noise, and I find this disappointing. I think there’s great value in both ways of seeing the story, and I only hope that the people who speak so much about its likening to Christianity feel the same. I prefer – and remember, this is my own opinion, with which no one else has to agree – to see Edmund’s betrayal and redemption stand on their own, to see the coming of Father Christmas as simply a manifest of the joyful spirits that come with such a world. For Susan’s absence to be simply a matter of luck (good or bad), and not say anything about who she was or what she did (am I the only one who spared a thought for the pain she’d end up living through, back in the so-called “real” world?). And for Aslan’s description of the relation between him and the vulture-like Tash to be significant only of a particular way of working magic.

That’s not to say I want to set aside the meaning of the story, or sidestep the issues it raises. It just means I want to be able to appreciate it for itself in addition, and I hope that there are others who agree.

This has been my rant about Narnia. I hope you will find it not entirely foolish.

Addendum: I always adored the Wood Between The Worlds. I’ve yet to ever encounter a more appealing representation of the concept of a De Sitter Space.

Twitter just said “stalking is okay by us”

UPDATE: Twitter reverted the change to blocking after the immediate backlash. I’m not the least bit impressed – their post shows no awareness of the problems with their approach, and continues to make the case for letting harassers harass. It’s clear they reverted purely for PR reasons, and I have no respect for that attitude.

My Twitter feed has been abuzz with the comments of people (including friends) unhappy and even terrified by Twitter’s new changes to the “block” function.

A lot of people have replied, claiming that the changes are for the better and don’t change anything. They couldn’t be more wrong.

By changing “block” to “ignore”, Twitter is effectively saying, “if someone’s bothering you, we prefer that you just ignore what they’re saying, rather than making even a minimal effort to make them stop.” As any victim of sexual harassment of any severity, not to mention any child who was ever told “just don’t react to the teasing and they’ll stop”, could tell them, this doesn’t work. It makes the abusers, the stalkers, and the harassers more bold.

Yes, they could still sign out or make secondary accounts to get around the block, but there was at least a first line of defense before. A lot (I won’t say a majority, but in my experience many) of these people will not go to any great effort if you block them, out of laziness or lack of caring. Those who do can be blocked on secondary accounts, and their mischief is limited when they’re not signed in. But now, they’re free to just stare at what you’re doing all the time, and your only recourse is to not be aware that they’re doing it.

Twitter, this is dangerous. It is victim blaming. It encourages abuse, and it apologizes for the abusers. Revert these changes before there’s a story about some poor soul who was successfully assaulted because they thought “block” meant what it said and couldn’t see the warning signs.

For more information and thoughts on this subject, please check Ashe Dryden‘s blog and Twitter feed. No one has said it better than she has, certainly not me.

Full disclosure: I have never been a victim of harassment on Twitter, before or after these changes. But now, if I ever am, there’s less I can do about it.

OS X Internals

It’s been pointed out to me recently that my blog has nothing at all on it about my work on the book Mac OS X Internals: A Systems Approach, by Amit Singh. So, here’s all the info I have that I can give right now, in the form of a FAQ:

Is it true you’re updating the book?

Yes. As of November 2012, I was contracted by Pearson to author a second edition of Mac OS X Internals, which in keeping with Apple’s change in naming, will now be titled “OS X Internals: A Systems Approach”. A big shout-out and thanks to Michael Ash for letting me guest-write on his blog and to Kirby Turner for putting me in touch with Pearson!

What is the release date?

Update: It’s taking quite a while to get this book into its proper shape. I’m sorry to everyone for the delays, but it’s important to make it the best reference it can be in an era when the material can change faster than it can be written down. My current target for release is late 2014 – as always, this is not a promise; only a guess.

At this time, I have no solid release date to offer. My best guess for a release is late in 2013.

Are you working with Amit Singh on the second edition?

No. To the best of my knowledge, Amit is not involved in the second edition in any way as of this writing. Should he change his mind about having a role, I will be nothing but grateful for his help!

Are you working with anyone else?

Update: Yes! As of September 2013, Sam Marshall has signed on to co-author the book with me. Their enthusiasm for the project is as great as mine, and I hope to bring you an even better book with their help!

Not at this time.

Will the second edition contain information about iOS as well?

Yes, I am planning to include information on iOS. Some details of iOS’ implementation are, of course, internal to Apple and unavailable, but I will be adding as much public information as I can.

Will the second edition cover the latest OS releases?

Update 2: As time moves forward and more possible OS releases come forward, a more generic answer is needed to the original question; see the (edited) original answer below.

Update: Yes!

I will do my best to include any changed information from any OS versions which are publicly released before the final manuscript delivery date. I can’t make any guarantees, and due to NDA restrictions, I can not include information on versions which are still in beta at the time of delivery.

If I’ve left out anything, don’t hesitate to shoot me an email and ask!

Rant: Security Questions Are Stupid

We’ve all heard this bit before, especially the avid readers of Bruce Schneier’s security blog, but after seeing the security questions available on a new account I created today, I just had to do my own rant.

Security questions are considered by some to be a form of “two-factor authentication”. They’re no such thing. If used to further secure login, they’re just an extra password which is almost guaranteed to be much more guessable than your usual password. If used to recover a lost password, they function to replace your password with something almost certainly less secure.

Some suggest giving nonsense answers to security questions for this reason. Of course, then you’re back where you started: You’ll never remember your answers. That’s when you could’ve remembered your answers if you answered them honestly, which is often just as impossible. And now we’re back to writing it down on paper, which negates the entire point.

Yet these stupid things are required on a majority of secure sites now. Can security auditors please stop trying to please their clients and tell them the truth about how security questions just make things worse?

The questions which prompted this rant:

  • “What was your favorite color in elementary school?” – Now, let’s assume I remember that time of my life in the first place. At which point in elementary school? Let’s say I just pick one, and let’s even more fantastically say I somehow stick to remembering which one. Most children will have said one of the colors of the rainbow. Say it with me now… “Dictionary attack”!
  • “What is the nickname of your youngest sibling?” – Suppose I don’t have any siblings. Suppose I am the youngest sibling. Suppose my youngest sibling doesn’t have a nickname. And even aside from all this, names suffer from relatively low entropy, though admittedly not as low as colors.
  • “What was your first job?” – Have I ever had a job? Am I young enough that I remember exactly which thing I did first? Do I count doing chores as a child? Do I count shoveling snow for my neighbors? Do I count internships? How do you define a “job”?
  • “What breed of dog was your first pet?” – I’ve never had a dog as a pet in my life. And that’s even after the assumption that I have a pet at all. If I did, was the first one a dog, and did I only get one dog at that time? By the way, the entropy of dog breeds is even lower than that of colors when you include all colors.
  • “What is the nickname of your oldest sibling?” – See youngest sibling.
  • “What is the name of your first pet?” – Again, suppose I have no pets. Suppose my “first” pet was one of a group. Suppose I picked an arbitrary one out of a group. Also, low entropy again.
  • “Who was your childhood hero?” – What constitutes a hero? Suppose there wasn’t someone I looked up to in childhood? Suppose there was more than one? Suppose I just don’t remember? And the entropy of a hero’s name is likely to be rather lower, on average, than that of a regular name.
  • “What was the model of your first car?” – Where do I even begin here? Did I ever own a car? Am I even old enough to drive? Do I remember its model? Do car models have any kind of entropy at all?
  • “What was the name of your earliest childhood friend?” – I had lots of friends as a child. Didn’t everyone? Suppose, more morosely, that I had none. Am I going to know which one was the earliest? And yet again, the low entropy of names.

Now, I grant, most of these are pretty silly nits. They don’t have to be accurate answers, just ones to which I can remember the answers consistently. Unfortunately, the more likely I am to remember the answers, the less likely they are to be remotely secure passwords.

Password strength doesn’t count when the answers are only one word long and chosen from a limited pool, people.

The dangers of games

As a programmer, I have the dubious pleasure of enjoying overcomplicated, highly technical games such as EVE Online. For those who don’t know, EVE is an MMORPG that functions essentially on the opposite premise from World of Warcraft. Pretty much nothing is done for you in EVE. There’s a million ways to screw up and nothing you can do once that’s happened. It’s rather like real life in that way. Despite its poorly-done Python UI and downright pathetic Mac port (it’s the cider wrapper layer on top of wine emulation), I enjoy the game, primarily because it exposes so much of the “nitty-gritty” details of how its universe works. A player has control over very detailed numbers and data relating to the functioning of their spaceships and even their bodies. Often it’s too much data; it’s very easy to forget one tiny thing and lose millions of ISK (in-game money) and a great deal of time because of it. Neglecting to bookmark a wormhole exit comes to mind. EVE also does nothing for you. To install implants or activate jump clones, you have to manually pause your skill training queue, for example, even though this is something the game could very easily do for you, and there’s no apparent reason to make the player click the extra four buttons.

In any case, the thought behind this whole bit is, games are addictive. This is not a new discovery, for the world or for me, and I don’t expect anyone to be astonished by the revelation. For people such as me, who fall in love very easily with inane technical details and exacting numbers and gated progression (the need to finish task X before being able to learn the details of the task Y that follows), EVE is particularly so. It’s easy to say “I’ll just do one mission and then get to work,” and in a game like World of Warcraft where quests or even group dungeons are typically short these days (vanilla WoW notwithstanding), that would mean an hour of playing a game and then several hours of productive time. Setting aside the question of the “well just one more” syndrome, which is another problem altogether, the same comment made about EVE usually involves suddenly realizing I’ve spent six hours I meant to use for coding just finishing the one task! It always takes longer to blow up NPC ships than the mission description suggests (even using the Cliff Notes available online). Then there’s travel time between areas of a complex to consider, especially in a slow ship like most of the more powerful ones, and time spent salvaging wrecks (an extremely profitable activity well worth the effort if you have the time to spend, especially on more difficult missions), and then there’s organizing and selling/using whatever you gained from the mission and the salvage.

EVE unfortunately has the problem that for some play styles (including mine), play consists of paying intent attention to the same thing happening over and over for an hour or three, most of that time spent with no user input (and what input there is is also repetitive). Taking one’s attention off for a moment lends itself to finding the entire effort wasted. This would be a spectacular thing for some forms of autistic, but I’m not one of them! Oh well. I still like the game, because there’s a very real sense of accomplishment to completing various tasks.

The upshot of it all is that the existence of such games tends to sap the time I’d otherwise spend making progress. Yet, if asked if I’d rather the game be taken away, I have to say no, because I still need the distraction. What I want, really, is more control over the length of the distraction. “Just do it” doesn’t work for everyone, people!

I would recommend EVE Online to compulsives and the technically minded. I would not recommend it for those who don’t have the patience to wait before being able to explore facets of the game. Some of the higher-end stuff takes literally months to gain the skills for.

This post didn’t really have a conclusion, or a solid point. I just kinda felt like getting all that out. :-)

Tic-Tacs

With apologies to Pete Seeger and Malvina Reynolds…

Little Tic-Tacs in the boxes
Little Tic-Tacs made of sugar gum
Little Tic-Tacs, little Tic-Tacs, little Tic-Tacs all the same
There’s a white one, and a white one, and a white one, and a white one
And they’re all made out of Ticky-Tacky
And they all look just the same

This came to me when someone said “Tic-Tacs” and “ticky-tacky” to me. That is all.

What does the subtitle of my blog mean, anyway?

I’ve gotten this question once or twice already. I didn’t realize I even had that many readers yet! But the ones I do have don’t seem to get the reference.

Sa souvraya niende misain ye.

The line is written in the Old Tongue language from the excellent Wheel of Time series by the late Robert Jordan, and its exact translation into plain English is “I am lost within my own mind.”

Continue reading

The last remnants of the old Republic have been swept away.

“Impossible! How will the Emperor maintain control without the bureaucracy?”
“The Regional governors will have direct control over their territories. Fear will keep the local systems in line; fear of this battle station.”

“Guinan, I need your help. Could you sit over there?” – Riker
“Seems simple enough…” – Guinan

Yet another blog

Well, why not. It took 40 minutes to shut off all the useless crap WordPress installs and turns on by default, and then another 15 minutes to kill the extra stuff DreamHost decided to install on top of that. This is what I call the overproliferation of Web technology; this application is an absolutely perfect example of the evolution of the Web into the single application used for everything you do on a computer. A stateless ancient protocol like HTTP, a twisted screwy markup language like HTML (yes, including XHTML and HTML5), a dangerous and badly misused active content language like JavaScript, absolutely ZERO standardization on audio and video formats (HTML5 lost its focus on Ogg when Apple turned up their noses at it), and even more “operating systems” (Safari, Firefox, IE, all the variants on them, and all the niche browsers) than a real computer (which is at least limited to Windows, Apple, and the *NIX variants). Sure, turn the world into one big network, I have no objection to that, but do it with modern technology instead of clinging to the ARPAnet!