Hacker News new | comments | show | ask | jobs | submit login
Apple’s Guidelines Now Allow Executable Code in Educational Apps and Dev Tools (macstories.net)
407 points by tempodox 13 days ago | hide | past | web | 253 comments | favorite





I've just submitted an update to Codea[1] that allows for the importing of user projects[2]

It has been "In Review" for a suspiciously long time now. So I think it might be testing the application of these updated policies.

I have often submitted updates to App Review which include the ability to download and install executable code (along with review notes detailing my reasoning) with the knowledge that they would be rejected. I have also appealed Apple's rejections in order to effect a change in policy for the App Store. At some point during phone calls with the reviewers they told me they were "advocating for policy change internally on my behalf" even if they couldn't approve my app right now. I'm so glad policy has changed now.

[1] https://codea.io

[2] https://twitter.com/twolivesleft/status/873692454947442688


This thread is getting beastly but I want to weigh in to comment that The Web is an interesting alternative to this problem.

Rather than allowing dangerous apps and requiring them to undergo corporate review, The Web just assumes the app is nefarious, lets anyone at all run anything they want, but architects the runtime so that apps can't do anything unsafe.

There is heavy debate about what constitutes "unsafe"... privacy-wise, security-wise. And features like graphics shaders and camera stream take longer to diffuse. And different devices make different choices on these subjects.

But choosing to target the browser as The Computer is a vote against app stores. And a vote for bringing the safety and freedom of the sandbox closer to the metal, rather than going straight to the bottom while forfeiting our freedom.

Do you accept a class-based system where the privileged class gets "full" device access and hope the class divide gets fairer.... Or do you accept limited device access in exchange for a truly egalitarian distribution landscape, while hoping device access will improve? To me that's the choice for developers, and I choose the latter.


I feel like you are conflating two issues in your comparison. Building code for devices, and distributing that code on the App Store.

We (programmers) have great device access without undergoing corporate review. And this has only gotten better for the Apple ecosystem. I can go to Github, download an open source iOS project and build it for my device. They removed the $99/year barrier. An Apple ID is still needed, but the direction has been positive.

Publishing on the App Store is not really relevant. I can experiment, write code, and publish that code without Apple's blessing.

Any curated stores (stores for web apps are no exception — like the Chrome store) are going to put limits on what can be published. That is where their value lies. The curation entices users which creates demand that developers can service. Good curation is hard, and doing it well builds user trust. Developers can leverage that trust if they are willing to submit their work for review. And in the case of the App Store, developers can make income from that trust.


Publishing on the App Store is not really relevant. I can experiment, write code, and publish that code without Apple's blessing.

Any curated stores (stores for web apps are no exception — like the Chrome store) are going to put limits on what can be published. That is where their value lies.

Here's the dilemma: To have a degree of openness and accessibility for developers while also maintaining convenience for end-users, you have to accept the submissions of new developers that meet a certain (in practical terms, low) bar of standards. So to curate such an ecosystem, while being relatively open to new developers and users at the same time, the below-par apps have to be punished through discover-ability. This is what Apple has done, and it explains why their ecosystem is painful in exactly the ways it it painful. (It's not as painful if you are working at a good company with sharp marketers, or if you have an in with a community that exists outside the app store.)

The web simply has its 'knobs' set differently to mediate the curation/openness dilemma. Discover-ability is better. Curation is DIY/free-market. Caveat emptor.


Given the $99 limitation has been lifted it seems reasonable to make general federated "App Store App" that downloads source and puts a build of an app on the phone, wrapped with a pretty UI and clever control channel to your "dev" machine. Value of a particular "store" would be in its own curation. Seems Apple developer portal has enough API to get provisioning keys for Fastlane, might have more generally interesting stuff to make other features like APNS seamless.

If you're jailbroken, check out Saurik's app Extender. He's active on HN, so maybe he'll chime in.

Except, the runtime is based on standards that are entirely class-based because of which vendors control the runtime, and can bully their way into standards bodies and push their agenda.

Yes, political systems are fractal and always contain and are contained in other political systems.

It's anarchism at the top and bottom, but there are many layers in between.


I was only disputing the "truly egalitarian" part. Seems like you didn't mean it then?

I would say there is a space in the web world which is truly egalitarian, and then surrounding that are non-egalitarian structures.

The same is true in iOS development, with xCode you can put whatever you want on any phone, so if you ignore digital distribution, there is a space where iOS development tools are truly egalitarian. I could sell iPhone software to you by having someone physically attach your phone to a development machine and install my app.

But for most purposes, the egalitarian web space includes a means for reasonable distribution, whereas the egalitarian iOS space doesn't so I am rounding those off to "exists" and "doesn't exist" for the purposes of discussion, because I don't really think a software platform without a legal means of distribution is a "real" platform.

But sure, true egalitarianism is an impossible dream that can never exist? I agree, but I don't see how it changes the conversation.


Thanks - both for the app and for trying to improve the world for users and other developers!

By the way, thanks for Codea! Two of my kids learned to code using it and I just got a third started with it yesterday.

Wow, thanks for sharing that!

Honestly, I try to write code on iOS all the time, and it's not really the absence of tools that can execute that code that really stands in the way. Instead, it's:

- The absence of a really good typing story. The 12.9 iPad Pro with smart keyboard is nice for typing text but terrible for moving the cursor around. It's agonizingly slow to do it with keyboard (highlighting is worse, for some reason) and inaccurate to do it with finger/fiddly to do it with Pencil.

The only text editor with vim keybindings (an absolute must in an environment where it's hard to move the cursor normally...) of which I'm aware is Buffer, while the only text editor with both good syntax highlighting and good github integration (via Working Copy) is Textastic. Honestly, I really wish one of those two would just buy the other so that I could have both.

- The absence of a really good ssh story. Prompt is nice, but for some reason, whenever I try to SSH into anything, there's so much latency that it is really painful to actually do anything. Maybe I just have slow network connections? But anyway, so much for just coding on a linode or something in vim.


I'm not sure why Prompt is slow for you but as a suggestion, I really like using Blink. It supports Mosh and it might help with your latency problem

\+1 for this. Mosh solved all problems an iPad ssh client may have. It allows the client to go offline and reconnect in no time when the client is back online, which is a common case on iOS (apps get killed when being in background for a short time). Lower latency (thanks to local echoing) and seamless switch between networks (cellular and wifi roaming) are also definitely nice to have. I tested Blink (a client on iOS with Mosh support) on a high-speed-rail trip from Shanghai to Beijing and it was rock solid.

That is reaaalll nice. I like it a lot.

(Although I'm a little embarrassed that I paid 20 bucks for an app in the app store that's open source. But that's totally worth it to not have to fight with xcode...)


Don't be embarassed for paying for open source.

Thanks! I'll totally give it a try.

Just checking... the Emacs + standard macOS shortcuts don't work for you?

Ctrl-A/E or Cmd+left/right arrows for start/end of line

Option+left/right for prev/next word

and more here: http://jblevins.org/log/kbd

Disclaimer: I use an Apple Wireless Keyboard or other BT keyboard, not the Smart Keyboard. YMMV.

(Edit: line breaks)


oh, interesting! I didn't know those would work on iOS, but at least some of them do. That's a nice tip.

I did a little dance around the room when I first learned about them. They were so ingrained from my Mac usage (because as that link said, they're common across any standard text box control), that I think I didn't even notice that I was using them for the first few minutes.

My son has been going through Swift Playgrounds, and I think the text selection and editing has been one of the things slowing him down.

Does he know the two finger drag on keyboard gesture? This lets you drag the text cursor around like the keyboard is a giant trackpad - it's game-changing for typing on an iPad if you weren't aware of it before, and makes navigating text significantly better.

I use Blink (which means setting up Mosh, but Mosh is awesome)

Been doing Prompt2 to Linode on an iPad Air (the first one) for a couple of years, mostly over 3G or LTE and haven't noticed much of a lag.

Perhaps my expectations are deflated because of the mobile connection...


I agree, the one thing I was hoping for with the new 10.5" and other iPad announcements was some sort of indirect cursor input for the Smart Keyboard.

It doesn't even need to be a full trackpad, even just a nub would work - the idea is it would just be used to move the text cursor around the screen. The on-screen keyboard does it really well...but typing on the on-screen keyboard isn't great (and obstructs half the display.)


> The only text editor with vim keybindings

Vim also has Vim keybindings. ;)

Sadly, the iOS version has a number of other issues that make it impractical for real use, which is probably why you overlooked it.

(Apologies for the pedantic derail. I couldn't stop myself.)


Wait, why?

I actually appreciate that Apple stipulated "apps must make the source code... editable by the user". I personally think this helps with the educational spin to this currently, as it assures users are able to see source code but also tinker with it and learn. This is something I wish I would have had when I was in school - there were some editors at the time, but none of them could run any at that time to my knowledge.

I think this could really help a lot of students for what it is, and I hope it does well in that regard.


Let me give a courtesy remainder that it is "... until Apple change their mind".

Whatever the provider, I really hate those walled gardens where what you can deliver or not is at the whims of a company whose interest is not always aligned with yours. I understand being on them is necessary due to how large their market are, but this is really not where I hoped we would be fifteen years ago.

I guess I'm merely venting, and daydreaming about what could have been, "if only"...


>I understand being on them is necessary due to how large their market are, but this is really not where I hoped we would be fifteen years ago.

Depends on who "we" are. Some people also wanted a hassle free device, which only runs curated apps, and that keeps the whole experience more secure, unified, private, etc that a "open for all" environment.


> Depends on who "we" are. Some people also wanted a hassle free device, which only runs curated apps, and that keeps the whole experience more secure, unified, private, etc that a "open for all" environment.

To serve this kind of users I think what Apple does is perhaps all right. What I criticize strongly is that there is no option for experienced users (besides jailbreaking) to free themselves (also completely) from this walled garden - ideally in a way that allows users to free themselves only for certain security aspects so that they still have the security advantages of the prohibitions that they don't deactivate.


If you know how to use Xcode, you can install any software you like on iPhone, without Apple reviewing it, and without jailbreaking it.

I have not looked at Xcode since the time it was a requirement to have a paid account to install apps via Xcode. I know this has changed in the last couple of years.

Are there other restrictions on apps installed via Xcode today? E.g do they work for a limited time? Or work only on devices approved in some way?

Thanks!


If you have a free account, you can install an app from source and it will remain valid for 7 days.

That's obnoxiously short and probably intended to discourage people from using that as a distribution channel for developer-focused apps.

That's the point. It's meant for testing your apps, not distributing them.

What is the validity for paid developer accounts?

Until your certificate expires, so a year.

I'm glad I'm not the only one who thinks this way - with a few exceptions, like SMS and phone cal handling, you can write an app to do anything on the iPhone if you're so inclined. There are always going to be the Power Users who want more out of the system but won't code, but my experience with my iPhone has been that if I ever ran up against a wall I wanted changed, I could write an app to do so, even if I didn't publish to the store.

> you can write an app to do anything on the iPhone if you're so inclined.

Is it now possible to allocate executable memory (e.g. for development apps or writing a JIT compiler)? Is it now possible to write apps that have root permissions?


If you want to do these things, you need to jailbreak it. But the iPhone is probably the wrong phone for you if you are into these kinds of things.

The iPhone offers a safe environment for you to play in. Root access is fundamentally incompatible with that idea. If you want a device that lets you shoot yourself in the foot, get something else.


Why would I want an app, even one I write, to have root permissions? Do you operate your computer as root all the time? I know I don't, if for no other reasons than I sometimes make mistakes, and I'd to write an app that can wipe out my phone just because I made a mistake.

> Do you operate your computer as root all the time?

Not all the time, but sometimes - both under GNU/Linux and Windows - I want to/have to run an application with root/admin permissions.


That's often a sign of poor OS design not really a goal on it's own.

You are not a hacker. :-(

And you are probably not an engineer.

As a passenger I suspect you would expect different standards from an Aircraft autopilot than a cellphone. But, there is a lot to be learned from system that just work.


> But, there is a lot to be learned from system that just work.

From the hacker ethics by Stephen Levy:

> https://en.wikipedia.org/w/index.php?title=Hacker_ethic&oldi...

"Access to computers—and anything which might teach you something about the way the world works—should be unlimited and total. Always yield to the Hands-On Imperative!

Levy is recounting hackers' abilities to learn and build upon pre-existing ideas and systems. He believes that access gives hackers the opportunity to take things apart, fix, or improve upon them and to learn and understand how they work. This gives them the knowledge to create new and even more interesting things. Access aids the expansion of technology."


There's definitely a vanishingly-small proportion of hackers around here, relative to the reputation the site tries to encourage. Lots of people who might be branded "prescriptive social engineers," but not many hackers.

What are some examples of applications that you typically run as root?

Besides the usual suspects that you run as root because of the "limitations" of the OS, like installing applications/binaries etc.: All the kinds of debugging/tinkering tools needing special permissions, such as Wireshark, attaching a debugger to a running process, tools for generating and handling raw network frames (a capability that I need surprisingly often), ...

This is what spontaneously comes to my mind. But if I reflected for some time probably more things would come to my mind.


These are the kinds of tasks that I would expect to require root access. I don't want some random rogue application sniffing my network packets or attaching debuggers to other processes. While peoples use cases certainly vary, I've also never needed to or cared to do these things on my phone, so lack of root hasn't bothered me. YMMV.

> I've also never needed to or cared to do these things on my phone, so lack of root hasn't bothered me.

You are not a hacker.


There are many definitions of hacker and sniffing packets on your phone or attaching debuggers to apps on your phone are only one narrow definition of many.

> There are many definitions of hacker and sniffing packets on your phone or attaching debuggers to apps on your phone are only one narrow definition of many.

The willingness to look under the hood or desire to at least be able to do so is a rather universal property of hackers.


But doing so on your phone isn't necessarily.

You're putting me into a category (or excluding me from one) based on your own subjective opinion on the meaning of "hacker".

I don't really care for the label, but I think you are probably still wrong. Just because I have no interest in doing this with my phone, doesn't mean I don't elsewhere in my life. For example, you don't know about the time I took a MIDI controller apart and nodded it to add more functionality (both physical hardware and software). Or the time I spent reverse engineering the Diameter protocol with wireshark (yes I have used it) so I could figure out how to talk to another system (technically this was for work, but I didn't have to inspect the packets to learn how to use it), or any time I've stepped through a binary in a debugger to see what it does, or inspected some source code, or the time I tried to fool RF sensors with a home-made EMP device, or written some utility or otherwise hacked the world to do what I wanted it to. Yes, I am willing to look under the hood if it helps achieve my goals or if it's fun to do so.

Yet somehow all of that is irrelevant because I have no desire to do any of that on my cell phone. Or maybe the world isn't as black and white as you're making it out to be.


You can make changes for yourself, but you can't effectively make changes for others. You can improve your immediate environment, but you can't improve the world for everybody.

Is there anything that would prevent someone to clone your project and then compile and install it on he's own device?

This is a great question. I'm actually surprised that there isn't a tool available for doing this easily today...

I'm not sure if you were being sarcastic, but there is: it's called Xcode.

LOL! I meant more like a one click thing for regular users to use, not people familiar with development tools.

I can publish an app, and then I can make the world better for other people. The comment I replied to was focused on one user's experience, so I answered it similarly. Look at email clients - Apple ships one, but the market suggested that people wanted alternatives, and we have them. The world was made better for everybody.

If you want to grab the system audio stream to apply DSP effects such as dynamic compression on it, is it allowed by XCode? Last time I checked it was not allowed, presumably because a user could rip music from iTunes to mp3 - yet by banning it they are limiting interesting audio effect apps.

The plethora of audio effects apps on the app store completely renderers your point null.

I doubt the amount of people selling audio apps on Apple devices feel any kind of limits on their creativity.

When I first heard it, I thought it was a very big new that finally apple allowed to sign the apps for their devices without $100. Now I don't know why, I see almost no one is using it.

Last time I checked the "free" provisioning profiles it generates are valid for something like 7 days. It's not really convenient for anything but experimenting with iOS development.

Plus you still can't do it if you don't have a Mac.

I don't know the license terms, but I can imagine that there are some terms that disallow people to distribute apps for users to self-sign them on the web.

I agree, but for me there's Android which will let you load any app you want. The latest Galaxy is also IMHO a much better phone, and even includes a headphone jack.

I wish there were more than two options, but the modern mobile market is still only about 10 years old.


What makes you think our options will increase as time passes? The history of modern operating systems is a decrease in viable operating systems over time. Along with iOS and Android, webOS, BlackBerry OS, and Windows Mobile all used to be major OSes.

Oh of course I'm aware of that, that's why I said the whole thing as my own wishes ("I hoped we would be"). I can also see the value in such a device, my main gripe is the total lack of realistic alternative in the smartphone market right now.

>my main gripe is the total lack of realistic alternative in the smartphone market right now

Isn't Android (at least stock) more open, if one so wishes?


Isn't Android a realistic alternative? Certainly it has its own problems, but the ability to 'side-load' whatever app I want far out weights those, at least for me.

Android's becoming more of a walled garden as well. More and more stuff depends on the opaque blob that is Google Play Services and an increasing number of apps (even games ffs!) only want to run when SafetyNet says the device is save.

The SafetyNet stuff is somewhat understandable for banking apps but it means rooting, Xposed modules and custom Android builds is out of the question, taking away a lot of freedom.


It's a choice of developers, not Android's failure. I suspect that game developers are trying to protect from piracy. I doubt that they implemented those checks just for fun.

... or for multiplayer, to avoid cheating.

I haven't looked into this at all, but isn't the point of Xposed to hook into APIs and fake the result? Or otherwise modifying apps? Isn't there a module that just fakes SafetyNet? Probably not, or this wouldn't be a problem, just curious if anyone knows why not?

Yes, there's modules to fake SafetyNet but Google's really invested in it and it is kind of a losing battle on the side of the Xposed module writers[1][2]. (tl;dr It's quite a hassle to get a workaround on your phone and it's pretty trivial for Google to update SafetyNet.)

Xposed is a bit like torrents, jailbreaking, etc. A lot of people use it to pirate stuff or to cheat in games but there's also genuinly useful usage like:

• why does my banking app not allow me to take a screenshot?

• root permissons for Greenify and Amplify so I can make my battery last for days

• better privacy management than what Google only recently implemented

[1] https://phoneia.com/google-updated-safety-net-and-there-is-n...

[2] http://phandroid.com/2016/08/30/chainfire-suhide-root/


I don't know about SafetyNet specifically, but it could be that it has to authenticate itself to the apps that call its APIs.

E.g., I guess it could be code-signed and that the apps that use it have to check the signature. That uses a private key that "FakeSafetyNet" couldn't duplicate (well, assuming the SafetyNet people could keep it a secrect). It also incorporates a hash of the binary being signed so that FakeSafetyNet couldn't get away with just swiping the signature from SafetyNet to present as its own (the binary hash of FakeSafetyNet wouldn't match the signature).

I'm just speculating here, though.


I'm running a CopperheadOS that I built myself with microG added, and I've found it implements enough of the Google services (including push and SafetyNet) that everything I care about works well, including banking apps. YMMV.

my main gripe is the total lack of realistic alternative in the smartphone market right now.

That's my main gripe as well. I'm currently using a Nexus 5 with Sailfish OS as my daily driver, but it's hard. I really do not have the time anymore like I did in the past to make it all work.

I'm running it with Alien Dalvik so that I can run WhatsApp and some other Android apps that do not have a native version yet. Without that it wouldn't really be possible.

(The reason I'm testing SFOS out is that Jolla (the developer of Sailfish OS) has a deal with Sony to release it on their Xperia X on the near future. Also Jolla's got a deal with Russia as well, because more entities are worried about the walled gardens.)


You don't need a walled garden to have a hassle free experience. Apple could easily allow sideloading and only the people who enable would be asking for "trouble".

If Apple allowed sideloading then you could have what you want and I could have what I want too.

They do 'allow' that 'side loading'... it's already there. You can already do that with a free developer account and free Xcode. Anything you download or write you can then send to your iPhone, iPad, iPod etc. and you can use it.

Yeah, for a week, then it turns into a pumpkin, and you're limited to three apps at a time. This is not a realistic solution.

Free*

* If you pay them $500+ for the computer


So you got your whole Linux/Windows computer for free? Where are they giving them away?

Well, I paid $1 for my Raspberry Pi. (Would take a few more dollars to get it operational, of course. I haven't bothered yet.)

No, but Linux isn't limited to a single (massively overpriced) brand.

This is roughly along the lines of the vast majority of the people that would happily vote in a police state if it meant that they were safe.

Freedom is a good thing, even if it comes at the price of some risk, no matter what the context.


>This is roughly along the lines of the vast majority of the people that would happily vote in a police state if it meant that they were safe.

Or how about it's along the vast majority of the people merely wanting the police to guarantee safe cities?

You don't live in your mobile phone: you use it.

>Freedom is a good thing, even if it comes at the price of some risk, no matter what the context.

"No matter what the context" is BS. I presume you lock your house doors or wear a safety belt -- sacrificing freedom of movement for more security.


I don't see the Linux eco-system as being more prone to malware and trash than the so-called curated app-store.

> Or how about it's along the vast majority of the people merely wanting the police to guarantee safe cities?

Which more often than not includes being safe from the police, and that's where the problem lies. This sort of power is bound to be abused.

> "No matter what the context" is BS. I presume you lock your house doors or wear a safety belt -- sacrificing freedom of movement for more security.

Interesting. I've lived in places where unlocked doors were the norm, the village where I live (20 Km from Amsterdam) still has plenty of unlocked doors. People wear safety belts because there are no downsides and because they are required by law so that stretched analogy doesn't hold.


"I don't see the Linux eco-system as being more prone to malware..."

Did you count Android amongst Linux? It is after all...


Only developers without Android experience think that.

Android is all about Java.

The NDK is there as layer for implementing Java native methods, games and high performance audio, and general purpose native libraries from other OSes.

This is what you are allowed to call from C and C++ on Android:

https://developer.android.com/ndk/reference/index.html

https://developer.android.com/ndk/guides/stable_apis.html

Trying to call anything else terminates the application as of Android 7.

https://developer.android.com/about/versions/nougat/android-...

As of the upcoming Android 8, calling syscalls outside of what libc requires leads to application termination as well.

https://developer.android.com/preview/behavior-changes.html#...

Basically nothing really UNIX specific and could be implemented with any other kind of kernel (hence Fuchsia).


"Only developers without Android experience think that."

Think what? That Linux is malware-free? If you're addressing me only, I'm just asking for clarity on the dataset in question, not expressing an opinion about the safety of the platform.


No, that Android having Linux as kernel is actually relevant to Android programming.

Given the OS architecture Google can easily announce a version using other kernel, given that there is very little UNIX specific on what can be done with public NDK APIs.

Only those customising Android builds would be impacted.


I meant to say irrelevant, edit does not work any longer.

That's disingenuous. The fact that the Linux kernel powers Android is totally besides the point.

The Android eco-system does everything it can to bury the fact that it uses Linux under the hood, and it is relegated to the role of a fancy HAL.


The main reason Android has more malware than other kinds of Linux is because Android is extremely popular. Malware writers just target the systems with the most users so they can have the biggest impact.

> I don't see the Linux eco-system as being more prone to malware and trash than the so-called curated app-store.

What was it people used to say about Apple and he perceived lack of viruses and malware issues? Security through obscurity.

> I've lived in places where unlocked doors were the norm, the village where I live (20 Km from Amsterdam) still has plenty of unlocked doors.

Arguably that experience is an edge-case, at best annecdata.

> People wear safety belts because there are no downsides and because they are required by law so that stretched analogy doesn't hold.

If they are required by law, does that not limit your freedom of choice? Does this not stretch your own limited analogy?


>I don't see the Linux eco-system as being more prone to malware and trash than the so-called curated app-store.

An estimate 99.99% of the Linux software I use is from a curated repository. Yes, I could just download src.tar.gz and ‘make install‘ but I prefer the safer more convenient alternative.


Meanwhile curl | sh appears to be trendy.

Not only curated, but likely curated with a bias more restrictive than Apple's own bias with the App Store.

And yet, I can install stuff from anywhere on Linux.

It is the inability for mortals to install stuff from anywhere but the App store that causes the curation policy to be an issue.


Every human can install any code they want on their iPhone for quite a while now.

Every human is mortal.

Thus unless you were implying non-human mortals, your point is stale and no longer valid.


Somewhat off topic but I would consider seat belt laws to be part of the police state. Shouldn't it be my personal choice to wear it or not?

It's debatable.

When you are in a collision with out a seat belt more often than not your body becomes a 100 pound plus projectile going at non trivial speed that could easily kill some one.

Consequently even libertarians might be for seat belt laws (unless of course you are on private roads).


I'm not sure of the accuracy, but I've also heard it argued that you're much more likely to regain control of a vehicle after an evasive maneuver, since you will stay in your seat.

It's not. A federal/state law is a law. You are compelled to do something that may be against your wishes. Whether or not it is a good thing is neither here nor there! To spin the debate, apply the same for drug laws, or substance control.

There is a huge difference between police state and letting dodgy products on some store's 'shelves'. Do you support Amazon allowing sellers of counterfeit goods on Amazon Marketplace?

Besides the walled garden of Apple is not so walled - you can install any app you want on your iDevice, as long as you have access to Xcode (which is free). It is the access to the marketing and reach of App Store that Apple denies.


> There is a huge difference between police state and letting dodgy products on some store's 'shelves'.

Yes, but the point was that people do not always realize the consequences of their choices, not that there were no differences.

> Do you support Amazon allowing sellers of counterfeit goods on Amazon Marketplace?

I don't support the Amazon 'marketplace' at all, Amazon should take full responsibility for anything sold through Amazon.com and if they allow counterfeit merchandise on their store that should be their problem, not the problem of their end users. And there is plenty of counterfeit merchandise on Amazon so I do not get what the point is, unless you wanted to make the point that in spite of being curated Amazon fails horribly at keeping their store in good shape.

> Besides the walled garden of Apple is not so walled - you can install any app you want on your iDevice, as long as you have access to Xcode (which is free).

That's fine, but for your regular end-user this has been made so difficult that it is something only developers will use.

> It is the access to the marketing and reach of App Store that Apple denies.

No, it goes much further than that. To all intents and purposes if your app is not in the app store then it doesn't exist because iDevices users think that that is the only way apps can go on their devices.


You are looking at my point and refusing to see it, and then go on to make the same point yourself.

You want Amazon to take full responsibility for their merchandise, but yet okay with Apple not doing the same thing.

Amazon has to take the same responsibility with goods, as Apple has with apps.


I have 100's if not many thousands of options to buy from when it comes to Amazon, but yes, Amazon is ultimately responsible for what they sell and - surprise - we have laws against counterfeit merchandise sold as if it were the original brand. So yes, Amazon has some duty here.

Apple does not have the same kind of duties when it comes to apps in the Apple app-store, they have created a de-facto monopoly on the channel between the people programming applications for ios and their customers.


Apple's duties might be partially self imposed, but that's part of their value proposition. I don't want to sift through reviews to find out whether the app is safe to use, like my friends with Android phones have to do.

And comparisons with police states or monopolies are just ludicrous. With police state you have no choice, but with app ecosystems you are free to choose another (yes, with a different phone - but you don't buy a $700 phone by mistake or chance). And Apple is not a monopoly, there are plenty of other viable options.


> This is roughly along the lines of the vast majority of the people that would happily vote in a police state

This kind of hyperbole isn't helpful. The differences between voting in a police state and using a walled garden app ecosystem run by a private company should be obvious.

> Freedom is a good thing, even if it comes at the price of some risk, no matter what the context.

What about the freedom to choose an application platform?

Since I'm sure I need to make this disclaimer, I don't own any Apple (or Windows) devices aside from my work-issued macbook.


> This kind of hyperbole isn't helpful.

It is helpful in the sense that it points out that people will often do things that have far reaching consequences out of their free will because they do not realize the long term effects.

> The differences between voting in a police state and using a walled garden app ecosystem run by a private company should be obvious.

Yes, but in the one case people vote with their ballots, in the other the vote with their dollars. In both cases the long term effects are negatives but since those effects are still safely over the horizon we can pretend that they don't exist. By the time those effects are felt it is too late to change course.

> What about the freedom to choose an application platform?

That would be fine with me, but only if the hardware were 'open' enough by default that third party application platforms would have a chance of making it to single digit percentage penetration.

> Since I'm sure I need to make this disclaimer, I don't own any Apple (or Windows) devices aside from my work-issued macbook.

I don't care what you use or why, what matters to me is that there is - at least in the mobile space - the choice between Google on the one side and Apple on the other and that both of those have substantial shortcomings when it comes to the freedoms they afford their users.

With Google you'll be tracked from here to kingdom come and with Apple you're going to be handed a smart terminal. Neither of those choices appeals to me.


Freedom is a good thing, even if it comes at the price of some risk, no matter what the context.

That's a shallow quote, though. You're right, on the face of it – freedom is a good thing. But we accept compromises on absolute, unbridled freedom all the time, in order to trade of some other desirable outcome.

I would be concerned if computers generally were locked-down. But they aren't – competitors to iPhones are freely available, and desktop & laptop computers are ubiquitous. I will continue to oppose restraints on what can be done with them, but the freedom to choose a curated garden is also a freedom that should be respected.


Apple is also removing the freedom developers had to give users the options of track location even when in the background or never track location, but not the option to only track while using the app. They're also restricting the freedom developers had to ask for reviews.

One could argue that no one was forced to install those apps that always tracked them, or that they could manually switch between the options. However the small minority of people who care about the privacy of their location will now have a lot more apps available to them with less hassle, because Apple is deciding to enforce a rule.

I don't think these new guidelines about executable code in education apps will be a problem, but I can imagine dropping the restriction altogether allowing developers to take advantage of users who aren't vigilant, or simply making people have to be much more suspicious about everything they allow on their phone.


I used to advocate a similar philosophy to you on this. Now, I'm in a bit of a transition phase, although I'm not sure exactly where I'm transitioning to.

This article [0] has made points that I'm not certain I completely agree with, but has done enough for me to suggest that my original position might need updating.

The point being, essentially, that at some point we might need to consider the trade off of who we're actually afraid of and where we can get the best protection as part of a trade-off, since things like "freedom", "risk", "security", and "privacy" aren't absolutes in any meaningful way.

[0] http://www.newstatesman.com/2015/11/coming-anarchy-john-gray...


Freedom is a trade off, like everything else. For example, more freedom means more responsibility. Also, if everyone is perfectly free, then we're all forced to accommodate the least worthy among us. It's all trade offs all the way down.

It's like playing a game. There's more actual freedom when people follow a defined set of guidelines than there would be if anyone could do whatever they liked.

I see there are similarities, but there are probably also a lot of people fine with using an App Store that are also big advocates of Freedom of Speech, Press, Privacy, etc. when it comes to the government.

Did they? Or did the industry quickly lock hardware devices into little gadgets for generating income?

I don't think most people know what they want. They've never understood the trade-off. Instead they just go to their local electronics supplier and take something off the shelf.


That's plain insulting to the people even on here that use iOS. Some of us have owned competing devices. Some of us ran, and still run, Linux on our main PCs.

What is your suggested alternative: Android? Functionally speaking, how is Android different? That's all consumers care, and should care, about: How does the difference affect my life. They don't care about your grand philosophical argument. If Apple's walled garden actually affected people's lives, they would care. It doesn't. They don't.


>Did they?

I know I did. And I'm a techie. I just don't like fiddling with my hardware.

>Or did the industry quickly lock hardware devices into little gadgets for generating income?

Well, considering that Linux as a Desktop OS is totally open but it's still at very low single digits for desktop use, and that all the "comes with Linux pre-installed" ventures failed to gain any traction, I'd say lots of people don't care for that kind of openness at all over use of use, practicality, polish, etc.

Not to mention that mobile devices are now far less locked than they used to be for the average user. For the first 10 years of mobile phones, they came just with the apps that the vendor offered and no APIs, or very limited crapware (e.g. in mobile Java) -- now there are 1.5 million apps to chose from, many of incredible quality.


For the first 10 years of mobile phones, they came just with the apps that the vendor offered and no APIs, or very limited crapware (e.g. in mobile Java)

The first ten years were 1983 (release of the DynaTAC 8000x) to 1993. I don't think they came with any apps at all.

If you mean pre-iPhone, then it's not true; I was running my own Python scripts (which could use the GPS, camera, etc) on my S60 before that, using an interpreter provided by Nokia itself.


As Nokia owner from several feature phones and having had J2ME dev experience, I did had quite a few useful J2ME applications here in Germany and Switzerland.

One of those mobile crapware Java applications was Google Maps actually.


There is no trade-off for most of the users. Time to drop that notion that the whole world consists of wannabe developers. Peope have other activities they want to spend time on instead of tinkering with their devices.

People buy cars that they are free to repair or modify. We've even guaranteed some of those freedoms in law[1], such as 15 USC § 2302(c) which prohibits[1] warranty conditions that forbid using 3rd party parts or independent repair services. (the FTC even clarified[2] a couple years ago that deceptively implying that such a condition exists is also forbidden).

Having the freedom to repair or modify your car does not mean you are a "wannabe mechanic". It may mean that in rare situations, but most people utilize that freedom when they take their car to for maintenance or repair at an independent mechanic. Locking down a device isn't necessary to provide a curated market. Apple could achieve a similar limited-market by including some kind of warranty with apps purchased through their curated store to increase confidence that their curation guarantees a minimum level of quality/security)

This isn't about people wanting to be developers (or mechanics); it's about property rights. Are you buying your phone, or are you leasing it? Apple says[3] "buy" in the page title (and the URL!). The software industry - and recently John Deere - like to pretend that copyright law and carefully worded contracts of adhesion give them de facto ownership over anything by adding software. This misuse of copyright[4] is an attack on property rights. There are many ways to provide convenience, security. Guaranteeing some amount of quality in products or services does not require giving up your ability to own modern goods.

[1] https://www.law.cornell.edu/uscode/text/15/2302#c

[2] http://www.taftlaw.com/news/publications/detail/1247-ftc-cla...

[3] https://www.apple.com/iphone/buy/

[4] https://apps.americanbar.org/litigation/litigationnews/pract...


All economic exchange is some form of trade. The parent was assuming the buyer was making an informed trade. I disagree.

You don't have to be a lawyer to know that if a person enters a contract that's cheating them? They probably wouldn't do it if they knew. You don't have to want the world to all be lawyers. All that's happening here is that one person is saying folks are happy with a trade and another person is saying most folks don't understand the trade. Professions, skillsets, or how I'd like the world to be have nothing to do with it.


Absolutely right. There is an implied trade where the user trades control, configurability, etc to get reliability, simplicity, ease of use. The trade is really one-sided though, since most people don't value the former qualities. Consumers frequently trade away anything that isn't part of "consumption". Things that change the ability to spend, acquire, use, and rely on matter a lot, so when they trade money to get those things most consumers take it as a benefit that it won't be self-service. We've practically all made this choice with cars, bikes (lots of custom tools that keep the cycle shops in business), etc.

I'd agree there is a trade, I disagree that it is uninformed. My experience with consumers says that they just do not value the loss of control within the same order of magnitude as they value convenience and reliability.


What I observe is that in the business if platform vendorship, you either get big players to port or fail. If one of Jolla, Ubuntu Phone or Firefox OS had at least WhatsApp, that would have gained some traction.

This is a chicken and egg problem, though. The big app makers want some guarantees of numbers before they port, but you'll only have those numbers once they've ported.

Yet we saw in a story last week how this protection doesn't amount to much when an app can generate 80k a month fraudulently because Apple isn't policing their store to the level many believe them to be doing.

Is't this is an argument for a better walled garden, not an argument against them?

> Some people also wanted a hassle free device, which only runs curated apps

But Apple fails to meet this wish, too. If the curation consists of barely keeping out the absolutely worst of abysmal stuff, but allows regular crap apps, that does not count as "curated".


> But Apple fails to meet this wish, too.

Well, it does, within reason.

If they put out apps just because they were crap (subjectively) then devs and press would be shouting bloody murder.

But they do stop the riff raff -- at least better than the "anything goes" camp.

http://www.computerworld.com/article/2475964/mobile-security...

https://arstechnica.com/security/2017/03/preinstalled-malwar...


Plenty of complete scam apps on the App Store, even in the top 10 grossing:

https://medium.com/@johnnylin/how-to-make-80-000-per-month-o...

https://news.ycombinator.com/item?id=14526156


> Some people also wanted a hassle free device, which only runs curated apps, and that keeps the whole experience more secure, unified, private

https://news.ycombinator.com/item?id=14526156

In fact, app store is opposite of all these qualities. Secure? It's provided by sandboxing, not app censorship. But almost every popular game in app store will read your contacts and send to its server. Unified? No one, except for top companies are able to follow UI guidelines, and most apps has weird UI. Even good apps have over-use of arcane swipe actions which makes them un-unified. Private? Most apps are very privacy-invasive. Even you are making app as a hobby, you will likely use privacy-invasive ad networks in order to pay back $100/year ad store fee.


> But almost every popular game in app store will read your contacts and send to its server.

Only if you let it.

> No one, except for top companies are able to follow UI guidelines, and most apps has weird UI.

Hmm, I'm not a top company but I try to follow the UI guidelines. In fact, by default, if you use native controls, you're doing that for free!

> Even you are making app as a hobby, you will likely use privacy-invasive ad networks in order to pay back $100/year ad store fee.

That's only if you want to make money. Some people don't; they do it just for fun.


I think some people need a walled garden. Genuinely - the reason why I gave my Mum a MacBook was because I was fed up of having to deal with the mess of the Windows machine every time I went home.

What would be better is is if in the device settings I was able to say "I know I downloaded this, and I know it's not signed, and I'm OK with running it", just like I do on macOS and have done for some time.

The walled garden approach was there for some time because of carrier concerns initially, but now it's purely commercial: Android has shown a more liberal attitude with better security around key pieces of hardware can still protect the carrier network from malicious attack.

Apple now have such huge value-add in terms of the app store - Apple Pay, discoverability, ratings and so on - that most developers would happily pay to be there. However, yes, it would be nice if I could choose what goes onto my device if I agree it's on me if something goes "wrong".


I doubt carrier concerns were the motivation for the Apple iPhone App Store - they'd have mandated some kind of AT&T and Sprint App Store (with $2 ring-tone and wallpaper downloads...). Besides, Windows Mobile, Nokia and Blackberry all had their own respective ecosystems long before Apple - I say this as a user of PocketGear since 2001.

I hate to say it, but Apple is right: the use-cases for truly unlocked computing on constrained mobile devices are very limited and, given our experience with the Windows tech support scammers a massive liability for everyone: if non-expert users have any access to a button on their phone that will drain their bank accounts, no matter how clearly labelled, then there will be rampant attacks to make them press it; the only solution, therefore, is to make it completely impossible to both run unsigned code, and for code to execute outside of a sandbox.

In the early days of iOS - there was a much stronger justification for jailbreaking because iOS was just so aneamic - useful features like a Widget Dashboards or "Today" summary screen, data tethering, and ad-blocking were all conspicuously absent. But now we've got them and since iOS 8 or 9, it's been perfect for me.


The fact that all the same restrictions still apply to the iPod Touch and the WiFi-only iPads shows that Jobs's infamous "Cingular doesn’t want to see their West Coast network go down" excuse was bullshit.

Definitely wearing my Apple fanboy hat here, but...

> Let me give a courtesy remainder that it is "... until Apple change their mind".

I'm going to propose that there has been ~1 legitimate case of this in iOS history. Maybe 2?

I feel like for the most part, the original guidelines were pretty solid. While they weren't complete and have been changed significantly since the original publication, most of this has been to add guidelines around new features (like push notifications), and to clarify rules. This clarification could be read as Apple changing their mind, but I reckon almost every instance has been 'obvious' and that it would almost always be apps that were knowingly skirting way too close to the rules, and not acting within the spirit of the guidelines, that got burned.


I suggest you check out http://www.appstorereviewguidelineshistory.com/

Sure, you may agree with most of them, but what if you're the developer of an app such as a cryptic watch app for the Apple Watch, and then Apple decides to block all apps on the watch who's main function is displaying the time (like they did)?


Thanks for the link, very useful!

I would say that the cryptic watch app was 'obvious' in my mind though. Watch faces are a well defined concept on the watch, and the lack of third party watch faces was about as explicit as one can expect from Apple. I'm not surprised at all, and ignoring the fact of whether they should be allowed, I feel they were skirting too close to the boundary to be able to complain about being removed, but that's just my reading of the situation.


Windows is getting there very very fast too.

I made a fresh install of the latest windows 10 pro this week end, and it is now very difficult to do simple things like changing the default program for an extension. I wanted to use Irfanview for jpg files but the primary menu for allocating an app to images will now only allow you to select a windows store app, not a local app (and you cannot change the default program from a contextual menu on the file anymore). Otherwise you have to go through a list of thousands of extensions to find manually the correct one (of course no search). Needless to say I didn't bother to change png, bmp, gif & others.

Windows is more unappealing by the minute. It will become the same locked down OS than iOS, unsuitable for developpers and power users.


I want a sandboxed OS where random app X doesn't access my $HOME data just because it feels like it.

As for developers, iOS is quite suitable as the set of developer sessions last week at WWDC 2017 proved, and I do have lots of fun targeting UWP.

Many of us, developers, are quite ok with following the rules of the platforms we target.


> I want a sandboxed OS where random app X doesn't access my $HOME data just because it feels like it.

You should check out XFENCE[1], formerly known as Little Flocker, and made by Jonathan Zdziarski who sold it to F-Secure after he was hired by Apple as a security guy.

[1]: https://beta.f-secure.com/key/XFence


I want full, real Firefox on iOS but that doesn't look like being an option any time soon. I want a real choice of browser on the platform.

I also find file management deeply annoying on iOS, but maybe that will improve with iOS 11 and the new file management stuff.


> it is now very difficult to do simple things like changing the default program for an extension

Do this:

1. Go to Windows Settings -> Apps -> Default Apps

2. Scroll down and select "Set defaults by app"

3. Choose IrfanView and then "Choose defaults for this program"

4. Select all the file types you want associated with IrfanView (JPEG, PNG, GIF, etc).

5. Click Save.

That should do it.


If only. Windows 10 has this annoying habbit of changing the defaults after updates. It's so frustrating that I would never choose Windows 10 for dev work unless I had to.

When I click the little quotes that pop up on my login screen after the creator's update it always pops up in Edge instead of Chrome even though Chrome is my default browser.

My money's on this happening due to an internal power struggle within Microsoft. The Windows division was historically the top dog within Microsoft (probably on par with Office).

They can't maintain that status: PC renewal cycles are long and the PC market is decreasing, both in terms of market share and in absolute values. I guess they're trying to get more money from this stable or even shrinking market share.

My guess is that at some point Microsoft bosses will really start butting heads and Azure/developer tools + Office/enterprise applications won't budge, especially since they're on the rise. Windows damaging Microsoft's reputation hurts all their businesses and I doubt they will let this happen for long.

I believe big parts of Windows will become more and more open and even Windows itself could open sourced within 10 years, at most.


Actually I believe that now with OS X on one side, and GNU/Windows on the other, the year of desktop Linux will definitely never happen.

And while ChromeOS and Android make use of the Linux kernel for the time being, for a browser, ART and the quite constrained NDK APIs, whatever talks to the underlying hardware is kind of irrelevant.


> My money's on this happening due to an internal power struggle within Microsoft.

No, it's pretty easy to set defaults but it is different from, say, Windows 7. See my other comment.


It's not just different. It is intentionally meant to make it more difficult to deviate from the defaults. Like making it impossible for a browser to change the default browser and forcing a user to go through the settings.

I'd say that's good. I wouldn't want some rogue software changing my settings on me, like how Chrome has been included in the installers of other software in the past. I wouldn't want to install Skype and then find that Chrome is now somehow my default browser.

Skype. It's funny that a microsoft app has become another example of an installer behaving like malware. It used to be that the java installer was the primary offender. Now it's also skype and the .net framework installers. The new Microsoft...

Nevertheless I don't buy the "it's for my own good" argument. "Use Edge, don't use chrome, it's for your own good". "Use store app where we collect a toll from developers, not an app you installed directly, it's for your own good". Sure...


> It's funny that a microsoft app has become another example of an installer behaving like malware.

It behaved that way before Microsoft bought them. It doesn't behave that way anymore. Microsoft improved the behaviour.


Microsoft Skype acquisition (2011): http://www.bbc.co.uk/news/business-13343600

Introduction of the bing bar in the skype installer (2012): https://blogs.bing.com/search/2012/03/27/bing-and-skype-bett...

As I said. The new Microsoft...


First you argued that the setting system was too strict, but now you're arguing that it's not strict enough.

Anyway, Firefox protects itself from the Bing Bar. It warns you that an add-on has been installed and disables it by default. This is the type of settings protection behaviour I like.


> the primary menu for allocating an app to images will now only allow you to select a windows store app, not a local app

I don't know what you consider "the primary menu", but Settings | App | Defaults lets you choose any app that's registered for the purpose - e.g. for me it shows Chrome for web browser and mail, and Paint.NET for photo viewer.

> and you cannot change the default program from a contextual menu on the file anymore

Sure you can. If you click "Open With" in Explorer, you get the list of several most used apps registered for this file type, both Store and non-Store. If you then click "Choose another app", you get a dialog with the complete list of apps (again, both Store and non-Store), and at the bottom it has a checkbox to always open this type with the selected app


"Open with" in explorer will not change the file association and I believe the checkbox you are referring to has disappeared as of build 15063.

In the Default App panel, if I go into Photo Viewer and click choose a default, I will only see Paint, Pain 3D and "Look for an app in the Store". No choice for a dialog with a complete list of app. Again you are probably referring to an earlier version of Windows 10.


> I believe the checkbox you are referring to has disappeared as of build 15063.

I'm on build 15063, and it is there.

> In the Default App panel, if I go into Photo Viewer and click choose a default, I will only see Paint, Pain 3D and "Look for an app in the Store".

It shows the apps that are registered as photo viewers. The fact that IrfanView doesn't show up there means that it doesn't do that. For me, that dialog lists Paint.NET and other non-Store apps. Again, this is on build 15063.

Indeed, even per your description, it lists at least one non-Store app - that being Paint. So it's clearly not locked to the Store.

Now, I don't know exactly what it takes for the app to be considered a "photo viewer", but it seems that you need to have it registered (not as a default, but just generally as a handler) for .jpg and .png? I googled a little bit, and the discussion here indicates that after people did that association in IrfanView settings, it did show up in the app list for Photo Viewer for them:

https://www.tenforums.com/software-apps/35248-cant-add-defau...


Might the difference be different localities too? MS has had several large fines in Europe for swinging too hard with their monopoly, perhaps they've changed this option except in Europe? It sounds pretty anti-competitive.

I struggle to comprehend the arguments against Apple's way of doing things, it clearly works very well for the people in the ecosystem. If it's not your style then perhaps some other platform is?

Possibly scarier than the fact that crap like this even exists is the amount of ecosystem aligned zealotry that you see even on places like HN, vehemently defending anti-developer policies purely because of the amount of personal investment in the ecosystem.

>vehemently defending anti-developer policies purely because of the amount of personal investment in the ecosystem

Well, some consider them pro-user or pro-ecosystem policies.

Not everybody agrees in the "open for all" as the best option for every tech.


This is a pretty unnecessary straw man. There are a lot of people who defend particular ecosystems in spite of anti-developer policies for defensible reasons.

Instead of questioning the motives of people who disagree with you, how about a concrete example with citation? This comment sides with yours but makes the point better: https://news.ycombinator.com/item?id=14536374

> vehemently defending anti-developer policies

Developers do some pretty shitty things. Lots of us using Apple stuff came from more open ecosystems and are here at least partially because Apple restricts what developers do.

My video game console is very closed. My phone is fairly open. The controller on my weekend project is a Raspberry Pi - very open. It's not a question of zealotry really.


Sunk costs are a real thing.

I don't think it's so much the sunk costs that matter. It's the dividend you get back every day from that investment which keeps you hooked. That's what you don't want to lose.

I think his point wasn't that sunk cost are a myth, but rather that they shouldn't make you blind to the problem of the platform you're bound to.

Whether or not that's something that happens here or elsewhere can be argued and I don't necessarily agree with him, but that's where he was going with it I believe


My statement was more a reflection on the reasons than asserting he was saying they weren't. It was a commiseration.

I feel like we are inching closer to being able to write code on iOS. Swift storyboards on the iPad kind of opened the door and I hope we can keep chipping away at this.

The day I can run and write Python natively on iOS is the day I buy an iPad Pro. Right now there are some good ssh clients and I can write code from a terminal, but pros of the device are not worth that tradeoff right now IMO.


You've been able to write and run code on iOS for a very long time. Since the first iPad was released.

Pythonista came out quite a long time ago now, and it's easy enough to write your own script to download and install projects from a git repository or elsewhere. Same for my app, Codea. What Apple has never allowed was an easy way for users to transfer / download / install code onto their device that was built into the app. If the user was willing to write (or copy and paste) someone else's code then Apple were kind of OK with it.

Both Pythonista and Codea have the ability to export Xcode projects for publishing on the store (though regardless of whether they have that feature, you were never prevented from writing and running code on your iPad).


Keep an eye on Pythonista. I expect there'll be an update based on this change soon making it a lot more usable.

http://omz-software.com/pythonista/


It's already really useful. You can create local apps with home-screen icons on it. You can install whatever packages you want (download and run StaSh inside Pythonista to get a command line with pip). You can even use git with it, again through StaSh. For me it's a first-class Python development environment that I can use when away from my main computer.

The only shortcoming today is that you can't get code into it except by grabbing it from a git repo or pasting it in from the clipboard. Today's policy change should directly address that limitation.


There are scripts you can put into Pythonista for pulling files in from Dropbox and a Gist, etc, but if you are working on a multi-file, multi-module app then syncing file by file is just way too painful. The way I do it is to run an FTP server app on the phone/iPad, connect in from my Mac and manually copy the whole directory tree. You can also export and email a zip of a directory. Snapshotting like that is survivable, but proper built-in sync or Git support is the holy grail.

You can already do quasi-pip installs on it., provided you're dealing with pure Python modules.

(I do that by syncing files from my Dropbox via the API, but there are other ways)


I already have an iPad Pro 12". It's seriously capable of being a laptop replacement if the software vendors push real products onto it. (looking at you Adobe Illustrator!)

Anyways, how soon can I expect it to run a native Xcode or Visual Studio IDE editor, with a local Python interpreter running Django on uWSGI and a web server, backed up a Postgres database and Redis caches, with Git?

Is Apple reserving actual development for Macs only?


+1 for Illustrator. Béziers curves are such a match with touchscreens

Also Autodesk Graphic. It's by far the best iOS vector drawing app, despite being a bit buggy in places. Combined with iCloud I can start an illustration on my iPhone, continue on the iPad and then finish off on the Mac.

Shameless plug – this is an ongoing collection of vector doodles I've made using Graphic on the iPhone: https://www.instagram.com/shapeslinescolours/


I haven't used the iOS version, but you should check out Affinity Designer. The Mac version is amazing (better than Illustrator IMO) and I'd have high expectations on iOS. The Mac version is well worth the $50 license.

yes please. Especially for image tracing, coupled with the ability to take photos straight from the device. PLEASE!

Native Xcode or VS run on mobile is not possible by multiple hardware/software issues.

I'm using iPad for developing in Xcode using ACPU remote control of my Mac from 2014. I was made special ACPU-bot for touch control of remote Xcode execution and low bandwidth connection.

http://acpul.tumblr.com/post/116464494150/xcode-on-ipad


For a year or so I've kicked around the idea of building a dev or data science environment based around iPad backed by cloud computation.

That said, I'm pretty sure there's a new sort of "code" based around the iPad's interaction paradigm that is different from a desktop.


One of my favorite apps is Raskell, basically Haskell 98 ported to iOS. It uses Dropbox for storage so it is possible to move small Haskell applications in and out of iOS. Pythonista is also very cool.

I like the safety of the iOS walled garden but I also see real value in complex IDEs like IntelliJ running on iPad Pros.


Technically any program which loads a file is executing loaded code - the file is interpreted as a set of instructions about what data structures to create. This is more explicit for things like vector formats, and reaches its logical conclusion with things like postscript files.

PS and JS are heavily sandboxed though. With this exception an app's user will be able to code up integrations with other apps, additional push notification handlers, or load remote code like native OCR modules or drone controls.

Anyone know how Swift Playgrounds work? Do they interpret the Swift code or compile it against a set of mock APIs?

It has a full Clang/LLVM built in, and runs Playgrounds in a separate process. Most of this uses private app extensions and XPC, which other developers are not able to use.


The code is compiled on-the-fly and dynamically linked.

What I find absolutely incredible is that this is accepted at all. You really have to wonder how we went from a computer with a bunch of slots and open schematics to one that is so closed you need permission from the manufacturer to run whatever code you desire.

The degree of paternalism is astounding.


> You really have to wonder how we went from a computer with a bunch of slots and open schematics to one that is so closed you need permission from the manufacturer to run whatever code you desire.

Yet look what happened to sales after they debuted the closed hardware and OS. At the end of the day the mass customer prefers devices that are easy to use and hard to break.

I'd personally love an iOS with a little more flexibility, but considering it's a device that knows so much about me I am OK with the trade offs. Things like Apple forcing[1] the location permission option "only while using the app" is awesome for the end user. I end up trying out way more software on iOS than OS X because I have a reasonable expectation that whatever happens I can just delete it in one standard operation.

[1] https://www.theverge.com/circuitbreaker/2017/6/7/15757774/io...


> Yet look what happened to sales after they debuted the closed hardware and OS. At the end of the day the mass customer prefers devices that are easy to use and hard to break.

I don't think the locked-down device had anything to do with this. You could hack the old iPods with custom firmware to do all sorts of fun things and those things were still the most popular devices on the market.


There is a huge difference between "you could hack" and the default. In a system that defaults allowing users to get into trouble, most users get themselves into trouble.

Not a Apple apologist, but I do own a bunch of iThings.

Apple's made a very opinionated choice in choosing what software to allow on the AppStore. On the Mac this isn't a fatal problem for developers due to the ability to side load applications. It’s the fact that apps can't be side loaded on iOS that causes the real damage (imo). But I also think Apple should be able to run their app store as they see fit.

Apple seems to be trying to figure out a way to have it all. They want a vibrant developer community without the all of the hairy cruft that comes with true choice, like viruses and malware. Again, imo, they lose something by forcing this choice down everyone's throat. They create too much friction for developers. There is that bottom-line terror every time a dev thinks about writing an app for iOS: will Apple allow this app to exist? To me, this is a horrible and limiting thing to have to even consider and the reason that in the long run Apple will have to give this idea up or see their platform slowly fade over time.

I'm torn, because I am glad that my Mom can be relatively safe when running her iPad with its limited selection of apps. But the idea that I have to think about whether or not an arbitrary person working at a huge multi-national can terminate my idea for an application is just too much freedom to give up.

Not sure what the answer is, but official app side loading would go a LONG way (for me) towards reducing that friction.


Apps can be sideloaded on iOS really easily. There's a whole community of people (https://reddit.com/r/sideloaded) around modifying apps and sideloading them. https://ipasigner.io is an example - just click the app you want to install, go into iOS settings and give permissions to the cert, and boom you have a new sideloaded app installed. Takes less than a minute, no computer required.

It used to be even simpler in iOS 8, but Apple complicated the process a little bit for valid security reasons: https://blog.lookout.com/ios-9-sideloading

The only friction is that the sideloaded apps will only work for 7 days unless you (or someone else like on ipasigner.io) have a paid developer account.

If you want to sideload your own apps, Cydia Extender is a great tool.


"Really easily" and "only works for seven days and you can only have a few of them installed at once" are mutually contradictory. Getting a paid developer account doesn't eliminate the restrictions, either, it just raises the limits some.

Sideloading does not exist on iOS except as a gimmick, an annoying workaround for people who really need it and are willing to spend a lot of time maintaining it, or an unsanctioned use of enterprise signing certificates that go against Apple's terms and can be shut down at any moment if they notice what's going on. (ipadsigner.io is the last one.)


> Getting a paid developer account doesn't eliminate the restrictions, either, it just raises the limits some.

The day limit is raised from 7 days to 365 days, and the max installed sideloaded apps is raised from 3 to unlimited. I agree with you that there shouldn't be limits at all, but the limits for the developer account are quite generous.

Sideloading on iOS works great overall, if you agree that even sideloaded apps should be required to be signed.


If you want to see what "sideloading works great" experience looks like, as a baseline, look at Android and Win10.

There is that bottom-line terror every time a dev thinks about writing an app for iOS: will Apple allow this app to exist? To me, this is a horrible and limiting thing to have to even consider and the reason that in the long run Apple will have to give this idea up or see their platform slowly fade over time.

I'm not convinced. We all know the rules: "Don't take the piss".


Where "take the piss" includes things like "have a toggle to hide NSFW subreddits in your Reddit client," "track drone strikes," "feature Buzz Aldrin with his enthusiastic permission," "mention the existence of Android on your support page on your web site," and "a lock screen widget that lets you take notes."

And most importantly: don't compete with anything Apple did, does or intends to do at some undefined point in the future.

> I'm not convinced. We all know the rules: "Don't take the piss"

Where the definition of "taking the piss" is determined by Apple alone and is subject to change.


You are free to build and run your own apps on your devices with whatever code you desire.

Now, talking about MY devices, I don't think you should run whatever you want. That's why I like that there is someone making sure that whatever I run on my device from a 3rd party is safe.

If you have an iPhone, what anti-virus are you using? Exactly.


What astounds me is the extent to which these restrictions provide tangible benefits. If someone had described the iOS walled garden to me in 2005, then explained how Android was so much more open, I'd have assumed I would never even consider using an iOS device. It would have seemed simply inconceivable that a locked down system could be so attractive and provide so many benefits for users. And yet iOS is a slick, professional, highly productive environment and Android is a junky horrrible mess. I've dipped my toes in Android a few times and always retreated back to the comfortable safety of iOS in horror.

So here we are. With steps like this iOS is getting better at a very steady clip. We might even have Dropbox or even Github synchronisation built into Pythonista soon. Can't wait!


While that's true, having seen how frequently my parents and grandparents would bring their computers to a grinding halt by installing stuff they didn't understand, I get it.

It's worth pointing out that I can still install whatever I want on my phone. Apple just protects its official distribution channel.


Agreed. And it's interesting how many people think this is a good thing.

I am sympathetic to your complaint, but it's like saying we went from general-purpose computers to toasters you can't program.

iPads aren't computers in the sense you're talking about. They are appliances that run a limited set of software titles to do a limited set of things that the manufacturer allows.

It's frustrating because they could be really interesting general-purpose computers. But they aren't, and never have been.


> but it's like saying we went from general-purpose computers to toasters you can't program.

Give it a few more years, we're getting there.

> iPads aren't computers in the sense you're talking about.

Of course they are.

> They are appliances that run a limited set of software titles to do a limited set of things that the manufacturer allows.

No, that's just packaging and marketing.

> It's frustrating because they could be really interesting general-purpose computers.

For want of a single bit switch they are. And that's no accident.

> But they aren't, and never have been.

Of course they are. It was a conscious decision made by someone somewhere to not allow their use as general purpose computers, in other words something was added in order to take away the rights that you would come to expect.

This causes tons of these devices to end up in landfills at the end of their obsolete-by-design life-span and forces people into eco-systems they might not be using out of their free will if there was a choice to do so.

As I get older I feel I'm more and more in Stallmans' camp, I used to see him as on the money for the long term but that in our lifetimes it likely would not get that far. Now I'm starting to think that Stallman might have been an optimist after all.

There is an outside possibility that there will be a point in the future when suddenly old hardware that allowed you to run any program (just imagine!) will become very valuable.


Well, I think our difference is just semantic. You're right that it's just Apple's marketing decisions that make iPads "not general-purpose computers". But they still aren't, unless Apple reverses those decisions, which they won't.

Personally, I don't like this, either. I wish this wasn't the direction things are moving. But it is.

I'm not as pessimistic as you are about the future of computing, because I think there will always be a demand for general purpose computers — and therefore there will always be a bunch of companies selling them. So I doubt that we won't be able to get them, or that they will sell for crazy premiums — if they did, somebody would make them and sell them for less.

What I do think though is that the "general-purpose, arbitrarily capable" computer device segment is a small sliver of what it seemed like it was back in the old days when most computers were unrestricted.

I think 95% (or more) of the total "computing devices, including both general-purpose and locked-down appliances" market is happy with shitty locked-down devices, maybe even with ads and invidious tracking.

That's just the way it is. And it would be very hard to change that, because you'd have to change the people who are the market for these devices, and make them care that Apple doesn't allow software lets you see porn, or compile code, or learn about civilian casualties of US drone strikes, or any other thing that they don't want to let you do.

I don't see that happening.

So I think we are indeed headed for a world where the vast majority of computing devices are arbitrarily restricted, less-capable appliance-type devices like Apple's iPad.

That sucks for those of us who want unrestricted devices, because it means we become part of a niche market, one that isn't so interesting to the big multinational corporations like Apple with their huge budgets and economies of scale. So we can get an unrestricted, general purpose table computer, for example — but the hardware probably won't be as nice as an iPad, and the OS might have more rough edges.

It would be way better, for us, if computers really were inherently open by default, or if a most people cared about this stuff. But that's just my fantasy scenario (and apparently yours), not the world as it actually is.


Am I mistaken in believing that the Windows tablets offer the open ecosystem everyone here is asking for?

Even if they do, as far as I know all the dev tools on windows are desktop software and don't have a tablet interface. That just flat out doesn't count. The problem with Windows Tablets is that they have always been intended as and marketed as 'consumption* devices' in tablet mode.

* That word always makes me think of 19th century paupers dying of pulmonary tuberculosis.


It's better to think of iThings as semi-flexible embedded devices instead of general purpose computers.

Just imagine what the PC landscape would look like if the various big entities active in that space had figured out this trick before we - thankfully - got Linux on the server, meaning that if they try to take it away there will be a huge roar.

That's roughly what stands between us and losing our ability to compute with whatever hardware we want, whatever we want.

Cory Doctorow had it right all along, I'm just surprised with how fast we are getting there.

http://opentranscripts.org/transcript/coming-war-general-com...


Easy, it would be as Atari, Amiga and Apple systems were.

The PC landscape only happened thanks to IBM's mistakes.


> Easy, it would be as Atari, Amiga and Apple systems were.

None of those were locked down, none of those required manufacturer cooperation in order to run other operating systems or whatever application their users desired.


Sure they were, ever tried to use a Zorro board on a NuBus slot?

What about using MPW Object Pascal for doing Workbench MUI apps?

Ever bothered buying the developer manuals or SDKs from them?


Ah, but now we need to be able to spawn processes (at least one extra), otherwise we app developers can't secure the user's data in our own app...

How would an extra process protect your app's memory? Also, I'm sure those apps will not be allowed to execute code outside their own process.

If you're going to run arbitrary user code, you really want a sandbox, ideally in a separate address space for added protection. An interpreted language has an easier time isolating itself via its runtime (though it's just a bug away from code execution or data access), but any kind of compiled or JITted language desperately wants a completely separate address space.

I haven't seen anything that indicates iOS apps will be allowed to map memory as executable, though. Traditionally, only a few Apple apps like Mobile Safari have been blessed with these types of code signing entitlements to enable JIT. So I'm assuming applications running code must do so via an interpreter?

Apple should just do a Darwin/macOS ARM VM on the iPad so developers can have ARM Homebrew and other Unix tools they are used to.

I rather use XCode and other nice GUI tools.

They don't have to. People have been compiling to arm for years now on macOS. Apple just needs to make the standard + Foundation + Cocoa touch libraries visible and linkable on iOS and then you'll have everything you need to run any unix tools and compile iOS apps on iOS.

Dear VSCode team... now is the time for VSCode for the iPad!

The irony of people defending apple because its "safe" and doesn't let you "shoot yourself in the foot" in a forumn named Hacker news.

What is happening to hacker culture? I think as influx of new programmers increase, awareness on the culture's ethos of freedom, liberty, anti-authoritarianism, anti corporatism has to be increased.

Or we will have people loving to be jailed by their benevolent overlords in "apple/google/facebook/etc"


Not everyone shares your _exact_ ideals, even amidst those sharing the hacker ethos. In the same way that not everyone sharing the hacker ethos is as extreme as Stallman. In the same way that not everyone here uses linux distros exclusively. Clearly there's a spectrum of beliefs/ethos. Otherwise, you could pedantically point out something that's not purely hacker-focused about almost every single post on HN.

Amazing! I've been waiting for this.

Animation CPU Studio will be published soon.

https://twitter.com/AcpuStudio


One step closer to Emacs on iPad.


> Apple’s Guidelines Now Allow Executable Code in Educational Apps and Dev Tools

This title is somewhat confusing - it makes it sound as though educational apps and dev tools somehow weren't allowed to execute code before, which doesn't make any sense.


Funny coincidence: I just downloaded Scratch Jr. for my nephew this past weekend, only to be disappointed that we couldn't view the other projects from within the app, nor could he share his.

I hope that we can now expect to get this feature, soon.


Silly question, but how does WeChat get around this? Does custom code for Official Accounts just work on Tencent's server and basically work in a WebView?

I suppose the custom code is just custom JavaScript code. It has always been possible to execute arbitrary JavaScript code, including those downloaded remotely. No WebView needed.

yay, pico-8 should be allowed now

I hope this mean I can easily load scripts onto Pythonista. It's a real pain right now.

If it's any help to you, I've had great success using StaSh and git for getting stuff into it.

That what I've been using. It works pretty well.

Could they just start supporting the new Files app in iOS 11?

so something like xcode on ipad is now possible, as they won't build it themselves.

I suspect this change is intended to pave the way for Swift Playgrounds, which already has a full LLVM implementation built in, to become a full dev environment. Or to spawn off a professional sibling App. I think they don't want to be accused of favouring their own dev tools too much compared to other options, so are making this possible for the existing dev tools pre-emptively to their own full-sized offering.

Good step in right way !

Just an FYI, I use a cheap Android device with a Bluetooth keyboard and mouse and use Termux which is a Linux emulator with support for many packages including vim, python, jupyter, task warrior and much more

Did they ever consider that any number of web browsers can already execute javascript?

On iOS there's basically only one browser available.

Besides, Javascript has been allowed for quite a while for things like React Native.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: