Web Excursions 2021-06-17
He Warned Apple About the Risks in China. Then They Became Reality.
In 2004, Apple decided to expand in China with a factory making the iPod.
On a trip to scope out the location for the factory, the head of Apple’s manufacturing partner pointed to a small mountain and told two Apple executives present that the factory would be built there.
The executives were confused; the factory needed to be up and running in about six months.
Less than a year later, the executives returned to China.
The mountain was gone and the factory was operating, the executive said.
The Chinese government had moved the mountain for Apple.
To measure the success of their lobbying, Apple executives looked to the government’s annual corporate social responsibility scores,
a proxy for the CCP’s view of a company.
Apple had struggled for years in the rankings.
Ahead of the scores in 2017, Apple published a report that promoted the company’s contributions to China.
The report was a collaboration among several departments at Apple,
and the government’s praise of the report was celebrated inside the company
Apple’s score steadily improved.
From 2016 to 2020, its ranking among all companies in China rose from No. 141 to No. 30.
[Cryptography] Apple's iCloud+ "VPN"
The full details aren't known yet but the description makes it clear that it's actually an Apple onion router.
The routing uses two hops;
Apple provides the first, and
"independent third parties" (not yet specified) provide the second.
There are some interesting tradeoffs.
The service only works in Safari, Mail, and a few other applications.
It's not clear if the API will be public for other browsers or applications to use.
As part of it, they are also doing some kind of "private" DNS; it's not clear if that routes through the onion layers.
All in all, a very Apple approach:
They deny themselves any knowledge of a customer's DNS queries and Web traffic, so if served with a subpoena they have very little to respond with.
works completely transparently (and presumably very simply for the end user)
An big tradeoff: the exit node is always chosen to be in the same geo location as the entry node.
a sop to the various on-line video providers, who insist on their geo restrictions;
a concession to eality: If Apple didn't do this, the video providers would block their exit nodes
How this will interact with a VPN - especially with a VPN implemented in a middle-box rather than on the Apple device - is unknown.
In one move, Apple has taken onion routing from a specialized tool for hackers to something that will be in daily use on billions of devices.
It will be interesting to see how the rest of the industry responds.
Rather than simply saying they do no logging, why don't VPN providers implement a onion router - perhaps partnering with other VPN providers - so that they simply have nothing to log?
Nushell
Control your system with powerful pipelines: Pipelines let you command your system like never before. Your system belongs to you, and it awaits your command.
Everything is data. Rather than having the need to remember all the parameters to all the commands, we can just use the same, regardless of where it came from.
Powerful Plugins: Nu can't come with everything you might want to do with it, so you can extend using its powerful plugin system.
oilshell/oil
This is a big list of alternative shells! (As opposed to the common POSIX-ish shells like bash and zsh)
macOS 12.0 -where oh where is PHP | Apple Developer Forums
jwestveer asks: PHP seems to be missing from this release.
Developer Tools Engineer: PHP has been removed in macOS Monterey.
Michael Tsai: Perl, Python 2, and Ruby are still there. Python 3 is only available if you install Xcode. Emacs was removed a release or two ago.
华为全新品牌定制字体 HarmonyOS Sans
基于华为全球化视野以及多元复杂的应用场景,汉仪字库字体设计团队聚焦于 HarmonyOS Sans 的功能性和普适性,呈现出一款多语言的无级可变字体****。
支持包含简繁中文、拉丁、西里尔、希腊、阿拉伯等 5 大书写系统,105 种语言全球化覆盖,助力构建万物互联的智能世界。
Michael Tsai - Blog - Tightening the Mac App Store Screws Again
[Timo Perfitt, the developer of several MDM applications, complained on Twitter: caching server utility is henceforth REJECTED from the app store. calling an apple command line tool to call another apple tool via XPC is FORBIDDEN and just because we have a TEMPORARY EXCEPTION it does not it should be USED.
MJ Tsai comments: I can see where Apple’s coming from because it probably didn’t intend this XPC interface to be public API. But it would be nice to have a clearer policy of when you can use the com.apple.security.temporary-exception.mach-lookup.global-name
entitlement and when you can’t. There are definitely apps in the store that use it (including Microsoft Word). This particular use seems harmless, and the app sounds useful.