394 comments

[ 3.4 ms ] story [ 324 ms ] thread
Isn't this a spam blocking technique?
It should send the messages to your spam folder, then.
ya I agree. I don't like that behavior at all (I hate false positives more than I hate spam).

I just remember there being debate/discussion about this before.

http://blogs.msdn.com/b/tzink/archive/2011/08/09/why-silentl... http://en.wikipedia.org/wiki/Non_delivery_report#Silently_dr...

"As discussed in Section 7.8 and Section 7.9 below, dropping mail without notification of the sender is permitted in practice. However, it is extremely dangerous and violates a long tradition and community expectations that mail is either delivered or returned. If silent message-dropping is misused, it could easily undermine confidence in the reliability of the Internet's mail systems. So silent dropping of messages should be considered only in those cases where there is very high confidence that the messages are seriously fraudulent or otherwise inappropriate."

It could be server side spam filtering (not all spam messages make it to your spam folder with any provider - the worst offenders are often just thrown out).

Just saying it is possible that this is an over-aggressive spam filter vs. Apple taking such an invasive measure. Although, Apple has done similar crazy things before, so who knows.

"not all spam messages make it to your spam folder with any provider - the worst offenders are often just thrown out"

This is news to me. Citation needed?

Greylisting, for one.

You could also reasonably configure a filter to not land emails over a spam threshold.

Given the amount and type of spam in my Gmail Spam label, I'm quite sure there's a hard filter in place there too.

Greylisting does not throw anything out. It does the exact opposite. The mail server simply says, "I have a temporary problem, so I can't take this right now. Try again later" Mail servers are supposed to (and do) try again, at which time a greylisted message will be delivered. Accepting a message for delivery In Go Faith and then dropping it on the floor, is poor, lazy, cheap, RFC-breaking spam filtering.
What I mean is that greylisting is a trick mechanism where some mails, declared spam based on an unrelated and technical criteria, never reach the user's spam folder. This contradicts the 'spam should go to spam folder' point.
Postini.com (Google), Forefront (Exchange), and Barracuda Networks are some products/vendors in the space - its a whole industry. Just Google around a bit for "server side spam filtering" and such.

Anecdote: we use hosted Exchange from Microsoft. I tried to setup a cron job to email us all at 4:57 with the subject line "Get The Fuck Out". Those don't come through either.

Yahoo (particularly when providing services for BT) silently delete some spam, even mail with a raw SA score < 1.5.

And they don't respond to complaints, even from their own users.

I've been running the same pukka mailing list for 12 years, I'm in their abuse feedback loop, have proved exclusive ownership of the mail server, all mail is DKIM signed with valid SPF records, mail is accepted with a 250 OK, you name it.

Still they bin my emails, but only to some accounts. No rhyme or reason, no bounce, no spam folder. Just never arrives.

Russian mail provider Mail.ru did that, maybe still does. I blame white-listing, as perfectly valid mail from custom domains could become missing.
That's the thing though. Apple has never filtered emails before or even hinted that they would.

I'm going to take a guess that this is just a misconfiguration in the spam filters.

> I'm going to take a guess that this is just a misconfiguration in the spam filters.

A misconfiguration in your email server that results in emails being silently dropped is about as bad of a misconfiguration as you can have. That shouldn't even be an option to configure.

Isn't that generally done on the receiving end? In this case, the message is simply never sent.
It depends what email account he sent it to. It seems like at least Apple and Google are both using F-Secure.

So it could be a bug in their definitions files.

That is the wrong way to run a mail server. I know how common it is at big providers, but it's still wrong.

You should REJECT a message if you won't deliver it. If it was a legit message inappropriately REJECTed, then the server that's relaying it can generate a bounce back to the sender, and something can be figured out.

Dropping a message on the floor like that, after you have promised to deliver it is almost always the Wrong Way.

I imagine the reason that it's done is because rejecting it gives spammers more information that could possibly be used to get around the rejection. It's much harder if they aren't sure whether or not the message was received.

Whether or not that's appropriate is another thing, but that is probably the rationale behind it.

More likely the rationale is that it's easier to filter stuff asynchronously after it is sitting in queue, and there's no longer a TCP connection hanging off it, waiting for a response. In other words, it's cheaper.
That doesn't conform to RFC 2821:

  4.2.5 Reply Codes After DATA and the Subsequent <CRLF>.<CRLF>

   When an SMTP server returns a positive completion status (2yz code)
   after the DATA command is completed with <CRLF>.<CRLF>, it accepts
   responsibility for:

   -  delivering the message (if the recipient mailbox exists), or

   -  if attempts to deliver the message fail due to transient
      conditions, retrying delivery some reasonable number of times at
      intervals as specified in section 4.5.4.

   -  if attempts to deliver the message fail due to permanent
      conditions, or if repeated attempts to deliver the message fail
      due to transient conditions, returning appropriate notification to
      the sender of the original message (using the address in the SMTP
      MAIL command).
If it's spam, the email should be rejected while the SMTP connection is still established with an error code (4XX or 5XX). If the email was accepted for delivery, there are really only two options: deliver the email or bounce it back to the sender.
Is there a spam folder for outgoing mail?
The sent folder still works as expected. Oddly enough, offending emails even sync in the sent folder across devices. So Apple doesn't delete your original work (they'll even sync it for you), they just won't send it.
This looks like a hint that the mechanism works at the SMTP level (which affects both ingress and egress).
The OP mentions that it doesn't go to spam, it's deleted entirely and unretreivably. It should also be possible to turn it off.
Isn't this Mobile Me all over again?
Solution: Don't use iCloud.
This is wrong. It goes beyond this. There are various clear examples of Apple exercising far too much authority.

It's not a question of whether you should use certain products. It becomes a question of whether you should trust Apple at all.

You shouldn't trust any company. Not Apple, not Microsoft, and not Google. Which is why "the cloud" is a stupid idea.
>You shouldn't trust any company. Not Apple, not Microsoft, and not Google

Agreed. It's very difficult to convey this point, however. People don't really listen once you say these sorts of things. Even if they do, they don't change the way they work with those companies. This is especially true with Facebook. I've shown a lot of scary practices of Facebook to various people. All agree that Facebook is therefore pretty dangerous but continue to use it on a daily basis.

>"the cloud" is a stupid idea.

I do take issue with "the cloud" regarding the issues of your things not belonging to you, privacy issues, etc. There are benefits to e.g. hosting providers. I also would love Dropbox if my files were encrypted and impossible to view by staff.

The bottom line is that we need more companies who insure privacy rather than just claiming to respect it even though they store large quantities of personal information. Other such companies should work to avoid vendor lock-in.

The NSA should provide a cloud service. They collect the data anyway. Cut out the middleman.
> You shouldn't trust any company.

Trust them with what, exactly?

There are some things you shouldn't trust them with, but there are also things you _can_/should trust them with.

It all depends on what we mean by "trust." Realistically, you should be cautious when trusting any company with anything.
Exactly - since when has 'trust' ever been absolute?

Do I trust Apple to make awesome laptops and cell phones? Yes.

Do I trust Apple to keep OS X open to third party development? Yes, I do. Mostly.

Do I trust Apple to keep my personal email, email that might contain passwords and account names, secure and safe? Probably not, which is part of the why I don't use my iCloud email account.

Do I trust Apple to not sunset iCloud email in a few years, invalidating my @icloud.com address that I would have handed out to everyone, leaving me high and dry? No, I don't - and I think that's a much more potent danger for anyone using their @icloud.com email account.

You're doctor's medical practice is a company. Do you trust your doctor?
It depends on your definition of trust.

I would trust my doctor to some extent, but I wouldn't blindly assume that anything s/he said was correct.

Which is why "the cloud" is a stupid idea.

People said the same thing about the internet and insisted that only direct-dial communications made any sense. This is one of those cases where I think the market will take care of things.

Solution: Don't email anyone who might be using iCloud. Wait, that doesn't work.
Problem: Problem.

Solution: Avoid problem.

Everything about icloud - from the terrible design to the clunky interface - is as Steve Jobs liked to say, "shit". I have icloud and I'm not even sure what it's for; is it a backup service, an e-mail provider, or a way to find my phone? None of these have much in common, so the fact that they're all bundled together really confuses me. And its name is a bit of a misnomer, you can't even do standard cloud stuff like share photos (like you could with mobileme).

I don't mean to stray off-topic, but this article just confirms my intuition to avoid anything with icloud in the name.

iCloud is a collection of services which includes all of things you mentioned. The web interface is horrible but it works pretty well for me syncing between the desktop and mobile apps.

>> "you can't even do standard cloud stuff like share photos"

You can, shared photo streams which came with iOS 6 I think. You can also create shared photo journals in iPhoto (on iOS) which I presume work through iCloud.

>You can, shared photo streams which came with iOS 6 I think. You can also create shared photo journals in iPhoto (on iOS) which I presume work through iCloud.

Thanks for letting me know. I tried to do a mobileme style photo album about six months ago and was amazed that they had removed such a useful feature. Glad to hear it's back, even if it's in a slightly different form.

> I have icloud and I'm not even sure what it's for

It's a syncing service first (and you can optionally opt in to get an email-id). The website provides you webapps for your synced iCloud contacts, calendars, notes, reminders and iWork documents and for "Find your iDevice". For other applications it serves as cloud "storage" but there's no web interface for those.

The app icons are equivalent to iOS app grid and the little cloud button serves as the home button for the "Apps"

iCloud is first and foremost just a bit of service glue to make the native email/calendar/etc apps 'work' without sending people to Google or assuming they have a work Exchange account. In that capacity, it's as good as it needs to be. [1]

Similarly the file sharing is just to set a third-party baseline so that file/save sync'ing between Apps on the mobile devices 'works' without sending people off to Dropbox. And in that capacity it also works just fine.

Sure, it resists power-user use. But that's just because, in true Apple fashion, it's not built for it and doesn't care too much about it. But that only makes it 'shit' inasmuch as about 90% of Apple's services are 'shit' and places it distinctly outside the way Jobs defined 'shit'.

[1] Though filtering this crude is cause to reassess that.

"True Apple fashion" has only recently been about resisting power users. Before about five years ago, they were all about enabling power users while still being friendly to regular people. This was much more compelling than their current direction. Remember, this is the company that built their OS on top of UNIX and shipped a terminal app with it standard. It all changed around when the iPhone came out, though.
While we're keeping history in context, let's also not forget this is also the company that was borderline irrelevant prior to their current direction.
I won't dispute that they're far more relevant today, but I disagree that they were borderline irrelevant circa 2005. They were quite successful selling Macs and had a credible alternative to the Windows monopoly.

The iOS stuff certainly moved them to a whole new plane of success, but I don't have to like it.

As a power user I don't 'like' it either. But I don't 'hate' it. I just use third party services when Apple's offerings don't fit.

The only bit I took issue with, is holding up Apple as having 'failed' simply because their focus is on other types of users. Particularly when they're serving those users at least as well as any alternative. And when those users are far, far more numerous than users like myself and their needs far, far easier to meet in an engineering and support sense.

I got a 17" Macbook Pro in 2009 (when they were still riding the wave of the iPhone) because it was a solid piece of hardware and gave me a sweet spot of down-the-road-choice (I exchanged the cd bay with another hdd, added Ram, installed Linux). I was looking forward to buying further Macbooks in the future.

All that was shattered with their new Macbook lineup (which are pretty much just beefier MB Airs). They flat out killed the 17" (which I still consider the perfect on-the-go workstation).

I considered Apple very relevant around the iPhone release. The current direction is not the iPhone direction. It is the iPad direction. That's when they started to go somewhat batshit on driving away professional users. They could have maintained both camps pretty handily in my opinion. Both camps were quite happy and got along great. Why they decided to kill off one is beyond me. Sure, there is more money in everyday clients, but I doubt they were actually hurting their business with power users.

Consider this: When I - a staunch defender of FOSS, user of Kubuntu, Free Software programmer, ardent antagonist of everything Microsoft - got my Macbook, I actually started recommending Macs as a choice to others. It actually did seem to me a better choice than going with Microsoft Windows. These days, I recommend Windows 7.

That's what they have accomplished.

I also got a 17" MacBook Pro around the time you did. I really wish I hadn't though, it's way too heavy to really be useful for anything but using around my apartment. I've tried to travel with it a few times and really regretted it.

While I don't relish the idea of a non-upgradable system, I do appreciate Apple trying to shave off every last possible gram from their laptops. My next laptop will probably be a 13" Air for that reason.

My boss and I both had Early 2008 MBP 15". He spilled a large cup of coffee into the keyboard. He turned the machine upside down and it was pouring out.

I sprung into action and opened that machine up and started dousing all of the parts with distilled water then drying them. I didn't need any special tools or even a service manual.

That generation MBP had the most beautiful design inside and out that I have ever seen. It was the pinnacle of geekdom beauty and it only lasted a year or two.

As somebody that owns (and has upgraded) a 2011 Unibody MBP and has recently upgraded a friends 2006 MBP I have to disagree and say that the unibody design is vastly better.
Bah, the old IBM Model M keyboards had holes in the bottom, specifically for coffee draining!
You can still get 13" and 15" "traditional" (non Retina display) machines which are part of the "new" lineup. My early 2011 15" with matte display, SSD, and 16GB RAM seems to be a good compromise of still being under my control, yet gaining most of the performance benefits of the 15" rMBP.
Wow, I'm in almost exactly the same boat. I'm on my third and apparently final 17" MBP. I have started resigning myself to switching back to Ubuntu but I'm not enjoying being forced off a beautiful platform after having made friends and family switch. I had been an ardent Linux user for a long time before I went Mac and it looks like I'll be returning sometime in the next few years.
>While we're keeping history in context, let's also not forget this is also the company that was borderline irrelevant prior to their current direction.

You're retconning. Apple hasn't been 'borderline irrelevant' since before they launched the iPod in 2001. There's a six year gap there in between the iPod and the iPhone, and imho they didn't really change their direction until 2010 or 2011, with the release of OSX Lion, neglect of the Mac Pro, and the killing off of the 17" MBP.

I partially agree with you, but I'd like to point out that, from some points of view, launching the iPod was Apple's first step in their current direction.
I would venture to say that launching the iMac was turning point A, the iPod was turning point B, and the iPhone was turning point C.

The TiBook was also quite nice, though I wouldn't call it as significant as the iMac in pushing Apple toward stylish and well designed consumer devices.

And I would argue that the very OS he just described (combined with the switch to Intel) is what set them on the path towards relevancy.
Can you point out an OS that did not come with a terminal app standard?
Mac OS, prior to Mac OS X.
That was when Mac users used to mock Windows for being a GUI perched on top of a character-based operating system.

They generally dropped that line when Mac OS X became a GUI perched on top of a character-based operating system.

Oddly, Mac users have also stopped mocking Windows users for having Intel processors, for not using SCSI and whatever else made Macs special before they turned into a variant of Windows PCs.... ;-)

Every OS has chauvinistic users, but there's nothing to be gained by trotting them out for strawman arguments.
Sense of humor failure?
(comment deleted)
No, this is HN, where you have to be careful with your Godwin's Law. Particularly when it comes to humor wrapping a weak point.
I don't think so. I just believe, from long observation, that this line of thinking goes nowhere, but generates a lot of words on the way. (e.g., look around this thread ;-)
Pah. I'm old enough to remember DOS users mocking mac users for using GUIs and mice.
Actually, some DOS users would mock Windows users for the same reason... ;-)
I've heard tales of woe from old geezers of having to toggle their pdp8 bootloader in with panel-switches, in the snow, uphill, both ways. In a related matter, I have it on good authority that this very website runs on a computer only slightly more modern than the pdp8. http://news.ycombinator.com/item?id=5229488
Thanks for posting that, I hadn't seen that thread... Best pg response ever :-)
Pours out a beer for PowerPlant.
Counter narrative: nothing has changed. Apple has just expanded their business. If Apple made toasters, whether they were locked down or not wouldn't affect my opinion of what was likely to happen to my Mac. iPhones are toasters, not computers.
I can buy the idea that iOS being locked down doesn't tell you what's likely to happen to your Mac. But once Apple started bringing iOS-like features across, then it becomes pretty reasonable to compare the two to guess at what they might do next.
OS X and iOS share a lot of the same core code base, so of course there is going to be cross-pollination features-wise. Why should the migration of features to solve problems common to both platforms indicate you should start worrying about Apple locking down the Mac?

Guess what: when Macs get touch screens, more Launchpad is going to make more sense, and full screen is going to be even better. That doesn't mean that Apple is going to start locking down the Mac. Indeed, as time goes on and their less technical users migrate to iOS instead, they have even less incentive to further lock down the Mac.

When one of the features they migrate makes it so that the default state of a Mac is to obstruct running any software not approved by Apple, it starts to make sense to think in this direction. Full screen/launchpad are irrelevant.
You know that Windows and (some) Linux desktop environments also have that feature, right? It's not "obstruct running any software not approved by Apple," it's "obstruct running any software marked with the 'downloaded from the Internet' taint flag, unless signed with a certificate in the OS's keychain."

It's a very sensible default for people who can't be trusted to not click on banners telling them to download a "FREE CAT SCREENSAVER", thus the universal adoption. And it doesn't hinder anything like software development at all, since programs you compile yourself aren't marked as tainted. (And you can just pop open a Terminal and drop the taint xattr from any file.)

Nevertheless, in all cases, in all these OSes, the Gatekeeper/Smartscreen-like system can be turned off, and always will be able to be. Otherwise, how would programs get deploy-tested? [You can't require signing with individual device deploy keys like for iOS deploy testing, because IBM-compatible PCs have structural identity--there's nothing equivalent to the UDID to tell them apart by. You could try using a fingerprint with the CPU model, MAC address, etc--but all those can be faked. Unless we get something like a TPM-based PC UDID, trying to do device keying on PCs is moot, and no OS vendor will bother.]

---

Actually, come to think of it, Linux also has this at an even more fundamental level: you can't install a DEB/RPM from the Internet as an automatic dependency unless its signing key is in your keychain, fullstop. There are actual programs I've installed (for example, ESL's distribution of Erlang) which require the user to "curl http://example.com/key.asc | sudo apt-key add -". Ubuntu's PPA system (using apt-add-repository et al) doesn't get around this, it just automates it with a prompt for whether you trust the key.

You are talking about something different than what most people are worried about. Sure, locking down what can run at the behest of the administrator is a feature.

What people are talking about is locking down what can run at the behest of the vendor. Like how iOS is. Like how Mac OS X would be, if you couldn't disable Gatekeeper.

You think users "always will be" able to disable Gatekeeper, but I don't think there is any evidence to support that. It's entirely up to Apple, and if they want to implement a TPM-based (or other) Mac UDID and lock Macs down to Apple-approved software, they will go right ahead and do whatever the fuck they want to do.

> lock Macs down

But that's the thing. OSX, Linux, Windows--they're PC operating systems, and they run on PCs. Any PC. Which also includes virtual machine environments that emulate PCs. Apple could lock Mac hardware down, yes, but they can't stop a Hackintosh from running whatever it likes--because you wouldn't build a TPM chip into your Hackintosh.

Now, if your argument is that Apple is going to take OSX and make it into something that doesn't run on generic PCs, but rather a specific, closed environment that loosely resembles PCs [thus killing all ability to do Hackintosh builds, run OSX in a VM, etc.], I agree that there's a very slight possibility of that.

But Apple has a heavy incentive to keep OSX running on generic PCs. For one thing, it's required to maintain backward compatibility with all the current hardware that are just generic PCs. For another, it gives them the ability to test their software using generic VM products, rather than a specialized "simulator." For a third, it allows them to just construct a new prototype Mac in the lab out of the newest off-the-shelf components (picture an empty Mac Pro case with random hardware inside), and then use it to write and test drivers for those components, instead of waiting for a specialized mobo to be produced for them that supports all those technologies and carries their special, needed OSX TPM chip.

Sure, Apple could push the industry to standardize a UDID-carrying TPM chip for all devices (this is basically the dystopia everyone was scared would happen with Palladium), so that Apple could use off-the-shelf hardware and still do device-key deploys to it.

And sure, Apple could write their own machine simulator.

And sure, Apple could just make the device-deploy-keys feature optional until an OSX release where all the old hardware is no longer supported.

But why? What advantage does this give them? It sounds like a lot of hassle to create a world where it's harder for everyone--including Apple's own in-house developers--to develop, test, and distribute Mac software. A world where fewer developers want to develop for OSX. A world where it's impossible for enterprises (yes, Apple has enterprise customers) to deploy their own internal software over their networks.

Now, look out below, for :itisacaranalogy: --

If you're a car company who makes sedans [iOS devices] for "consumer driving", and trucks [Macs] for "utility driving", what purpose would it serve to turn all your products into cars? Especially if your own employees require a truck, as part of their job, to haul loads around the workplace?

As far as I can see, Macs are going to diverge from iOS, not converge. The more consumers who buy sedans [instead of buying a truck they don't need and then complaining when it doesn't have heated seats], the more "trucky" the trucks can become without impacting sales. Macbook Pros and Mac Minis--both "trucks"--are here to stay.

On the other hand, iMacs and Macbook Airs--both "sedans"--might just get locked down, run iOS, and probably have touchscreens one day. But that's just fine, isn't it?

The MBP looks like it's going to keep getting lighter until there's no need for a separate "Air" category any more; if they keep the brand after that, it'll be for an iOS device with a keyboard attached.

And the iMac is already a redundant competitor to (Mac Mini + Cinema Display); so it will probably make more sense as a big iOS touchscreen "kiosk." Instead of having a Mac built in, it'll have an Apple TV built in. (I imagine the Cinema Display would also get touchscreen capabilities, and then you'd get the same experience as an iMac by hooking an external Apple TV up to it instead of a Mac Mini.)

---

...and note that everything I just said could apply equally well to Microsoft. They have all the same choices available to them, and there's already the same "nervousness" surrounding the Surface RT. It's just simpler to do the analysis with Apple, ...

In short: I hope you are right, because since 2006, Macs have been far and away the best general-purpose PCs ('trucks' in your parlance) on the market, and migrating off of the Mac and/or jailbreaking and bootlegging the OS and then running it on my own unsupported hardware, will be a major pain in the ass. Either options sucks.

But yep, Apple could do every single thing you say. Without breaking a sweat.

As for why? I think Apple would prefer that OS X not run on commodity PCs. They already take halfassed measures to control running OS X in a VM, and to prevent booting OS X on non-Apple hardware. If they could do that more reliably, they woudln't care about their slightly higher internal costs, and they definitely don't care about making life miserable for their developers (as I've witnessed being one for the past 12 years). But it's just a hard problem for them and a hard sell to existing users used to PCs being wide-open. But with every single iOS user they add, that sell gets one user easier.

I'd bet that within five years, the percentage of users running unapproved software [EDIT: somehow deleted 2nd half of this sentence:] on new Mac hardware will be about the same as it is on iOS today. It won't probably be impossible, just hard enough to not be feasible for most normal/busy people.

OK, that wasn't short, but in summary: The fact that Mac OS X has been the best power user OS for the last several years wasn't by design, it was just an accident of history and where they got their OS from. Apple doesn't give a fuck about power users, and Apple doesn't give a fuck about trucks. That market is just way too small for Apple to care about -- which is sad for those of us currently in that market.

Because if/when Apple finally abandons Intel and power users (timing that makes sense to me) it will be years before Ubuttnu or any other plausible player is anywere near as good as Mac OS X 10.7. 10.8 still has too many bugs and stability issues, but it will get there. Probably 10.9, too. But after that? I don't think anybody knows, but I am very skeptical.

(I think Microsoft will move in this direction, too, so those Surface RT users are probably right to worry.)

> What people are talking about is locking down what can run at the behest of the vendor. Like how iOS is. Like how Mac OS X would be, if you couldn't disable Gatekeeper.

Apple doesn't control what is signed by devs, though they do control handing out certs to devs. If Gatekeeper were permanently on, it wouldn't mean you could only use Apple-approved apps (ie, the app store), it just means you can only used signed apps (ie, random stuff you download from the internet).

To be fair, in Windows it's called IESC and it is a joy to have when your an administrator. Like gatekeeper it's simple to deactivate if you know what you are doing.
Seriously, why don't macs have touch-screens yet?

Ubuntu is going all touchy, Windows 8 (although confused) is touch-enabled, the new ChromeBook Pixel looks very touch-centric; It seems that Apple are really falling behind the eight-ball on something they purportedly pioneered.

I can only assume they'll release their new OS (OSXI, OSX.I, X.I.OS, etc.) fairly soon as OSX in it's current form is about as touch friendly as Windows 7 or KDE.

Typing whole day while looking into a figerprint-stained screen is no fun. And no touchscreen can replace a keyboard in foreseeable future. Those who don't write much are happy with iPads.
I think the idea is that GP computers are trucks, iOS devices are cars, and not everyone needs a truck.
I don't see how power users have been left out. If you mean they try to keep you out of the OS itself I wouldn't consider that being unfriendly to power users. That's just how they've always been. If you mean the whole dumbing down of the UI, I'd say that's pretty irrelevant. As a power user there's no reason why you couldn't just turn certain stuff back on. Plus it's still the same BSD underneath and they still give you the terminal. I keep hearing that they're being unfriendly to power users but power user's are the ones who don't really need friends. I've been using Macs since 10.4 and since that time each time the OS is upgraded it's maybe a little annoying for an hour but then I remember I'm a power user and I know how to open a terminal window and do whatever the hell it is I want to do.
My iPad disallows me to do tethering, functionality that's available on the iPad but that can be enabled/disabled by the career. My Android phone, from the same career, allows me to do pretty much whatever I want.

iOS doesn't have a terminal. And considering the recent moves with the Mac app store, how long before terminals will stop shipping with OS X?

> iOS doesn't have a terminal. And considering the recent moves with the Mac app store, how long before terminals will stop shipping with OS X?

Why not take this illogical train of thought even further? iOS tries to hide the filesystem from the user, so how long will it be before OSX does the same? iOS doesn't allow generic USB devices like 3G modems, so when can we expect that support to be removed from OSX?

I purchased an iMac for my mother two years ago, and she never could quite get the hang of it. The iPad that replaced it last Christmas has been working out much better. The same qualities that make iOS shitty for power users make it simpler and easier to use for the average populace.

The problem with this line of thought is that you're talking about the older generation (our mothers and grandmothers).

Teenagers today are power users, except for those who have much bigger problems than poor technical skills (like being freaking illiterate).

So shouldn't we optimize for our children instead? Isn't it plain stupid that we spend so much worrying about our mothers and grandmas?

The side effect is that we, as a society, are making efforts in keeping people dumb. Reading, as a skill, is hard to learn and it was considered optional and for power users even in the 17th century. Even today, I find it so stupid that movies are dubbed around the world, as if people can't be bothered to read freaking subtitles. That's how I learned English btw, something which would have never happened if I lived in Spain or Italy.

Do you really think teens today are power users? Every generation since I was a kid thought their kids were tech geniuses; having interacted with them, I know it wasn't true. So kids today use Facebook and Instagram and Snapchat. And Tumblr. I haven't seen any kind of trend for teens using Terminal or rolling their own. They appear to be proficient because the tools for normal people have gotten so much better.
Yes, I really think teens today are power users. I also interact with plenty of teens and also my wife works at a kindergarten - she has 4-year olds that know their way around a PC, enough to open their game or a browser.

Being a power user doesn't necessarily mean usage of a terminal, especially since most teens today use Windows on their PC, which has the shittiest terminal experience of them all. Heck, when I was a Windows user I wasn't using the terminal either, even though I was doing programming. Even if you are using the terminal in Windows, you don't really have much need for it since the whole freaking OS is anti-terminal and you can't do much with it. It's easy to forget this if you're a Mac or a Linux user.

This is not about teens being smarter btw. Older people simply don't have the patience to learn anymore, unless they see the real value in doing it. My folks also have a huge language barrier - they never learned English, as they were taught Russian and French in school and they forgot everything due to a lack of practice. For my mother, it doesn't matter how easy to use the device is, if it isn't localized.

Our tools definitely got better, but the only truly meaningful thing that changed since the late 90 is the availability of the Internet. When I was in high-school, in year 2000, we had no Facebook or Twitter, but I still had classmates that were communicating a lot over IRC and email. But they were doing so from school, because home Internet connections were expensive and shitty.

OS X already hides the ~/Library folder, it's not far-fetched to think they might hide everything but the Photos, Documents, etc. folders.

I wouldn't say iOS is a terrible product, just that it's terrible for someone that knows how to use a computer. Apple is trying to get users that don't know what they are doing at the expense of the experience for users that do. I know I shall never buy another Apple computer if the trend continues.

You'd have a better argument if they got rid of the Library folder completely. Just because it's not a single click away anymore doesn't justify the slippery slope argument. OS X is not Linux. It's targeted to the general computer using populace and happens to be quite popular and useful for a very small minority of people like us. They still allow us to do everything we used to, it's just that they've hidden a few things that confused the normals out there. Big whoop.

Hold down Alt while clicking the Go menu to see your Library folder.

Your assertion that it isn't a slippery slope is subjective, as is my assertion that it is. Both viewpoints are valid.

However, I reject your solution. It's my machine, I want it to be a pleasant experience to develop on, I don't want to memorize a workarounds for a bunch of trivial problems that I have to apply to every machine I use.

I'm taking the defensive position of not investing too much of my time in their products because I think they will remove access to those folders, or lock down on application installs, or otherwise make the experience wretched for me sometime in the future.

> Hold down Alt while clicking the Go menu to see your Library folder.

or

    (sudo??) chflags nohidden /Library
    chflags nohidden ~/Library
in Terminal (to make it visible all the time)
It has been my experience that this doesn't persist for whatever reason. I did it before and now it's hidden again.
That's because point releases (10.8.1, etc.) hide it again!
Ah, I thought that might be it. How irritating.
Seriously? iOS doesn't have a terminal? What are you going to do with a terminal on an iPad? Run operations on the non-existent file system? The iPad is not meant for computing. It's an entertainment device. That statement is almost like saying "TV manufacturers are forgetting about the power users! My new Sony flatscreen doesn't even come with a terminal so I could... uhh... adjust the picture, color, brightness, etc. from the command line instead of just using the real simple buttons on the side".

The Mac App Store doesn't really have any relationship with the terminal. There's no reason to believe that its in Apple's interest in any way to take away the terminal. It's still Unix underneath, they still provide developer tools, and they still need developers to write applications for them. In addtion Macs are still huge in the design/developer community because they're well suited to graphic design work with their appearance, focus on large screens and high resolutions, and performance. They're pretty big in the developer community too as you get a great "point and click" kind of OS with full and easy access to the terminal and most of the goodies you get with a full-fledged Linux machine.

Finally, your argument is that Apple is ignoring power users but you use an example where it's actually your carrier that's stopping you, not Apple. You said it yourself, the iPad does support tethering but your carrier is the one who enables/disables it. Seems more like your carrier is against power users, not Apple.

In the end, just because Apple makes the OS more "point and click" friendly and comes with a pretty opinionated set of defaults for non-power users doesn't mean they're trying to keep power users out. By definition, if you're a power user, these things they're doing should be a minor annoyance when you get a new Mac and after a couple of hours you should have your machine how you like it because... drumroll please... you're a power user and know how to do that stuff! I personally don't see much difference between OS X and some of the more "user-friendly" Linux distros. They've both got the same underlying tools and are working hard to make it so your grandma can pick it up and get emails of her grandchildren within an hour. What I think the real problem people have, which maybe they just don't see, is that they just don't like change in general. New versions of OS X come out and they hid an option somewhere and everyone goes nuts and says "Who moved my cheese! This is the worst computer ever!"

> Run operations on the non-existent file system?

Actually the iPad does have a file system. You just don't have access to it.

> That statement is almost like saying "TV manufacturers are forgetting about the power users! My new Sony flatscreen doesn't even come with a terminal so I could... uhh...

Consequently, one of the reasons TV is dying is because it's just a dumb consumption device. I use my laptop, my Android and my iPad for 10 to 12 hours per day. I use my enormous flat-screen that's sitting in my room only for streaming movies from my laptop and yes, while connected to it sometimes I open the terminal.

> it's actually your carrier that's stopping you, not Apple

BULLSHIT. This is a device-level configuration setting that the career can remotely send to you. The device wasn't even bought from that career. It wasn't on a contract or anything like that.

It's my device and I find it unacceptable that the career can tell it what it can and cannot do. It's Apple's fault for giving them the option.

> By definition, if you're a power user, these things they're doing should be a minor annoyance

Actually it's a big annoyance because I'm the customer that pays money and why in the world would I pay for devices that are defective by design when I could be supporting companies that respect me and my needs? My current retina-enabled and shiny iPad is the last Apple product I'll ever buy.

OS X is going down the same path as iOS, too: Mountain Lion scolds users for downloading apps without going through the App Store; this can be disabled by digging around in the system settings, but I can envision a day where you'll need to open a terminal to set a system property from the command line, and then a day when they simply disable unsigned binaries from running altogether.
Sadly, there's a very real possibility that this could happen as Nanny Computing (anyone coined a better term?) is proving to be quite profitable.
The switch from x86 to ARM for their entire computing line -- if it happens, as has been rumored -- will be what closes the door on power users.
What is Apple going to use for their own work? Their developers and designers are power users.

It's certainly possible that the Macbook Air would switch to ARM in the next few years, but until you can write software for an iPad on an iPad, there's no getting away from OS X and serious processors.

Why?

What makes an architecture (ARM) more suited "for the elite" than another slightly more complex architecture (x86)?

If anything, power users can just recompile their open-source software for ARM and that will be that.

I see your pun: since ARM uses less power the power users will in fact not be power users anymore!
My girlfriend's iPhone has been complaining about iCloud storage being full with some cryptic lockscreen message and she has no idea what it's complaining about or how to fix it. The "just works" narrative is a lie.
And my microwave door handle fell off the other day. That doesn't mean GE needs to include a disclaimer for that edge case in every 30 second advertisement, nor that they're liars because they fail to do so.
(comment deleted)
Wow that analogy is way off in left field:). The two things are very, very different.

Running out of storage is an expected occurance. Your microwave door falling off is not expected to happen:)

If it's anything like my friend, it's because their phone has every single photo they've ever taken, it's set to do an iCloud backup, and it's over 5 GB. Very easy to do.
If the default behavior is to keep uploading photos until shit hits the fan, then it doesn't "just work" does it? You need to be told when to start cleaning up photos from your iCloud and how to do that properly (eg without deleting photos from your phone, so you can still show them to your friends).
Or it is possible if someone gets a new phone and doesn't restore off the current backup in iCloud it will make a separate one which will go over 5gig.

To be fair most services have to force you to do something one you have ran through your free space.

Or if you have an iPhone and an iPad, it's very easy to use up all your free space.
"Just works" is a great concept when you don't have any complexity to not work.
Tell her to turn off the total phone backup and do it to a laptop. Settings>iCloud>Storage&Backup>iCloud Backup set it to off. She will still have her photo stream if she leaves that on.
Are the people at Apple actually using their own services? I cannot really imagine them using these dumbed down interfaces...
iCloud is also way to communicate bits of data between apps running on different devices for same user. Which works well as available/reliable key-value store without rolling your own.

Read book on iPad at page 20. Open book on macbook or iPhone and book left open at page 5 when last exit turns to 20.

Cloud is a hip word. Amazon's got a cloud. Google's got a cloud. Apple couldn't be left with just an iTools/.Mac/MobileMe now could they?

I think Apple's inability to run web services is going to really come to pass in the near future. Everything is moving towards that way and Apple is still left in the "just sync with iTunes" world.

Apple does actually know how to run web services.

They run the world's largest media store and one of the world's busiest online stores in addition to iCloud. Just because MobileMe was a piece of junk doesn't mean they are completely clueless.

For most of its existence it was the only store compatible with the far and away market leader for audio players. The store did not win because of its technical chops. To boot their media store is still almost completely cut off from the web (they did try and juice some SEO and have landing pages, but iTunes likes to pop up most of the time). They sure love relying on iTunes...

iTools/.Mac/MobileMe and iCloud were all pieces of junk. As was Ping. As is GameCenter. And iMessage.

They have a lot of work to do.

Sorry but do you understand technology at all ?

iTunes Music Store is a web service. Whether it delivers HTML or XML to a thick client is irrelevant. It still needs to deliver a tremendous volume of them in addition to managing the downloads. And by and large it has worked tremendously well.

iTools/.Mac etc are all the same thing just rebranding. Ping was a product failure not a technological one. And GameCenter/iMessage use iCloud so not sure why you listed them.

I'm sorry, but successfully running a digital download store in a desktop app does not impress me. Apple's innovations with the store were not technical but contractual (originally getting record labels to agree to flat per song pricing).

iTools/.Mac/MobileMe/iCloud are all the same thing, but signify the number of reboots they have had over the years. Each time they say "it's fixed!" and then yea, it's not.

Be my guest if you want to believe Apple is great at the web. Meanwhile Google will be feasting.

http://www.apple.com/pr/library/2013/01/07App-Store-Tops-40-...

http://www.apple.com/pr/library/2013/02/06iTunes-Store-Sets-...

Hater be hatin', but what have you done that handled 65 billion multi-megabyte downloads, securely? And we haven't even talked about movies yet.

They have had lots of security problems, but yes it is successful. It's also slow and outdated. I have not built anything that size, but I'm also not the second most valuable company on Earth. My point was simply that other companies are better at the web than Apple is and that shouldn't be the case considering their resources and the importance.
LOL at taligent. Did you experience that particular Apple disaster? I think that also went in for a certain amount of pleading along the lines of "crap isn't really crap, you just aren't smart enough to understand how superior we are".
> Apple does actually know how to run web services.

No, Apple can run a centralised download store where the content comes from a limited number of sources.

Which is an example of a web service. Are you sure you're on the right web site ?
It's a category of web service. Other examples are services which take huge numbers of photos from lots of different users and process them, or files from millions of devices for backup. These Apple cannot do well.
They know how to run them in that they have web services running, but I'd contend that they're not run very well. They are consistently slow, slow, slow, not to mention buggy.

I just opened the Mac app store application, clicked the "updates" tab/button, and waited 15 seconds to be told that there are no updates available.

When I install app updates on my iPhone (5, running iOS 6), the badge icon does not go away until I re-open the app store app, on a consistent basis (greater than 50% of the time). When the badge icon does show updates, tapping the updates tab produces a wait similar in magnitude to the Mac app store example above, even though the app already knows there are updates available, since it showed me via the badge icon!

Apple's web services, in my experience, are comparatively slow when viewed alongside other major providers of web services.

On the "slow, slow, slow" point, I didn't realize how slow iTunes was until just now.

I recently got a couple of HD movies for my Nexus 7 from Google. I didn't really think that much about downloading them, just stuck the pin and they were downloaded reasonably quickly and painlessly in the background.

But now that I think about it, the contrast with my wife's experience downloading HD TV shows and movies from iTunes could not be more stark. The downloads take hours. She'll often check and be frustrated about how little had downloaded. She'd sometimes end up reshuffling her downloads. Until our recent wireless upgrade, she'd worry about where to place her laptop, sometimes resorting to a network cable. And probably more frustrations I'm forgetting.

To top it off, this is in a country Apple officially supports and Google doesn't. From my (admittedly limited, external perspective) I'd say Apple still has a long way to go with web services, including iTunes.

Their media stores take hours, sometimes a day, to propagate metadata changes. Any time an App Store app gets released or updated, there's a fun game where you watch it slowly propagate to visibility among your friends and acquaintances.

Their store for physical goods goes down every time they make a significant change to the product offerings.

Both are highly successful, but all this tells us is that a web service doesn't have to be particularly well run in order to be successful.

> Their store for physical goods goes down every time they make a significant change to the product offerings.

That still amazes me. No wonder why WebObjects never took off...

WebObjects never took off because of pricing.

And by the time they ported it to Java there were plenty of open source alternatives.

>Their store for physical goods goes down every time they make a significant change to the product offerings.

Many years ago it used to go down for technical reasons.

Now it is purely PR/Marketing. They get massive traffic spikes whenever it goes up and it instantly results in thousands of web pages going up with free PR. Why would you give that up ?

According to Gruber a few months ago, it is legit a technical issue: http://twitter.com/gruber/status/264135810566209537
How does he know? He's not a WebObjects programmer and the tweet is quite vague ("certain types of changes") which implies he's not privy to any real information.
Obviously I can't be 100% sure of the validity, but I am inclined to believe it for a multitude of reasons:

-Outside of Apple employees, you would be hard pressed to find a person with better inside information on Apple than John Gruber

-Additionally, in the tweet, he is corroborating another Apple journalist's similar claim

-Saying it is a technical flaw reflects somewhat poorly on Apple, and Gruber isn't exactly one to go out of the way to claim Apple is doing something poorly without a real reason to say so

-"It is for the PR!" always struck me as pretty weak post hoc reasoning. Sure, it drums up some interest in the tech blogs, but it also means the store just does not work for a period of time for everyone. Including people who don't care and just want to hand Apple money. I presume Apple wouldn't go out of their way to frustrate customers and possibly lose money.

If John Gruber makes an objective claim like, you can bet he has some real information. He may be an Apple shill, but he is a very well informed shill who values his reputation for providing accurate inside information. He isn't a WebObjects programmer, but dollars to doughnuts that info comes from someone who is.
"Any time an App Store app gets released or updated, there's a fun game where you watch it slowly propagate to visibility among your friends and acquaintances"

Are you sure that is for technical reasons? I don't see a big advantage of pushing such updates to all customers in one go, and I can see an advantage of staggering updates (say 1% every hour over a couple of days): if your update breaks something, it gives you a fighting chance to at least adjust your web site before all your customers send you mail at the same time.

I'd say that's far outweighed by users complaining that they get odd errors when they try to install the app when it's in a half-propagated state. Heck there was a 5-page macrumors thread of people keeping each other updated on what fun error the Mac App Store was telling them for each country when Mountain Lion was being released. Took a day for it to propagate.

If Amazon CloudFront worked that poorly at replication, everyone would rightly tear them a new one.

Apple's cloud is based on Amazon and Azure... Apple doesn't have an "own" cloud.
This set of comments alone is one of the best examples of the ambiguity of the word "cloud" I've ever seen.
That's not quite true, Apple offloads some of its static assets to Amazon, MS's (Azure-based) & Akamai CDNs. There's as yet no evidence that Apple's cloud-based software (like iCloud) runs off anything but their own datacentres.
I have icloud and I'm not even sure what it's for

As far as I can tell, you pay $99 or whatever, and it periodically sends a text to your iPhone telling you it hasn't actually backed up anything in XX weeks.

Kind of a weird business model but then they didn't ask me.

iCloud's free* now, actually. It became a free service when they transitioned away from the MobileMe branding.

* You need a Mac or iOS device to join, though. And you can pay for additional storage if you want ($20, $40, or $100 per year), but that's not necessary.

Free for a year. If you register it from an iDevice or some hardware bought from Apple.

And then next year to keep iCloud "free", you need to buy more overpriced goods from Apple.

Oh OK. Hey, just out of curiosity, could you link me to the page that lists the iCloud pricing scheme?
Well. What do you know? Maybe they've actually, for once in their lives, created a product not exclusively designed to suck money out of your wallet. (1)

Must have been a pretty recent change though.

(1) http://support.apple.com/kb/ht4874

I think you've lost your credibility on Apple's design goals, sorry.
100% false. Always free unless you pay for additional storage.
On this topic, Microsoft actually provide an awesome platform in the form of windows live. It does everything and actually works
I'm with you. I have a total love-hate relationship with it. I love how it keeps me in sync across all my iStuff (4 total) but when something goes wrong, even as a developer, I have no clue what it's trying to tell me. And when it comes to email I've really seen absolutely no use for it beyond keeping my Google, Exchange, and other calendars/email accounts in sync. And no, I don't want to save anything to iCloud, I'd prefer it on my hard drive until iCloud gives me the same level of convenience in managing my files as Dropbox thank you very much.
Back then I had a paid me.com account - just for syncing the OS X keychain and preferences between my Macs.

Ironically with iCloud they removed that one feature that made the whole service worthwhile for me.

In reading this, all I can think of is "buttbuttination" and the broader Scunthorpe problem [1] (to use Wikipedia's term). Strange that Apple is using such a crude filtration technique.

[1]: http://en.wikipedia.org/wiki/Scunthorpe_problem

Scanning and auto-deleting your email, combined with the Gatekeeper technology wich houses the possibility of Apple telling me what Apps I can or can not run makes me seriously start to wonder the direction Apple is headed...

Edit: Gatekeeper is OSX technology. It allows users to only install Apple certified Apps on your mac, not your phone. It's fairly new and possible to turn it off (for now at least).

Apple has always been against Porn on their devices. It's no surprise they're against it on their services as well.

Of course this could be a really poorly working spam filter, but I'm inclined to believe this isn't the case.

Why are you inclined to believe this isn't the case? What possible reason would there be for Apple to care one whit about the email that goes to iCloud accounts? The only thing that makes any sense at all is virus/spam filtering.
> What possible reason would there be for Apple to care one whit about the apps that are installed to your phone?

There, fixed that for you.

Because they feel (rightly or wrongly) that they can practically provide a better, more secure, etc. experience for their customers by controlling/curating what executes on their devices.
Right. So it obviously stands to reason that they might think that's true for the email services too.
It really doesn't.

It is illogical to block just this phrase and not the many others that would be far worse.

What makes you think they're not blocking other phrases?
The security implications of only allowing codesigned code to execute is completely divorced from the decision to control what content is allowed on Apple's storefront. The former limits what's on your phone, but does not make any judgement about the content. The latter makes a judgement about the content, but doesn't limit what you can run on your phone if you can find some other avenue to run stuff (e.g. self-signed with a dev cert, or web apps).
No you didn't. They don't care what's on your phone. They care about two things:

1) What's on their store, and

2) How apps get on your phone, e.g. they must be codesigned by Apple.

The former is where they apply their content standards. The latter is a (very effective) security measure.

But, for example, Apple doesn't care in the slightest if I make a hardcore pornography app, sign it with my own developer cert, and install it on my phone. They only care if I try and submit it to their store. Similarly, they don't care if I open up Safari and visit some pornographic website, even if it uses HTML5 offline mode and gets added as an independent icon to my home screen.

> But, for example, Apple doesn't care in the slightest if I make a hardcore pornography app, sign it with my own developer cert, and install it on my phone.

You don't know that. They don't know you've done this and they can't know you've done it, so how you do you if they care or not?

You're acting like Apple has some vast conspiracy to eradicate objectionable material from the face of the planet. That's ridiculous.

Apple has been pretty open about the fact that they just care about what's on their storefront. The only reason that this effectively means they control what's on your phone is because most people can't install apps on their phone except via Apple's App Store. Although, as usual, everyone in the world is free to view whatever objectionable website they want.

Because of Apples previous stance on porn on 'their' devices. I bet all sorts of spammy messages get marked as spam and filed in SPAM or JUNK, but porn related just disappears.
Apparently they're also against criticism of their products, but not against forging network traffic, which is why you get fake 404's if you try to visit "The Best Page in the Universe" from an Apple Store. Interesting sense of morality they have...
That's probably just done via host file (or otherwise at the DNS level) for filtering undesirable sites. It's rather sensationalist to call that "forging network traffic". I don't even know if you can reasonably call it "censorship". What Apple does with the internet in their own stores is both inconsequential and also totally their own business.

In contrast, deleting email based on content is neither inconsequential nor their own business.

As trivial as it may be, I consider it censorship when they stop being transparent. Displaying "Blocked!" when someone tries to access the site is, as you said, totally their business. Implying a successful HTTP connection but a missing file? Still, as you said, inconsequential. The attitude that leads someone to make it look like a 404 instead of a blocked site? That's the same attitude that makes them block emails on the presence of a text string.
I don't know how they have it set up, but the laziest way to block pages is to add them to /etc/hosts mapping them to 127.0.0.1 . If you do that in OS X and Web Sharing (apache) is enabled (and it might be on their machines, although I hear Mountain Lion got rid of it?), then navigating to http://blocksite.com/whatever.html will give a 404 unless the web sharing directory actually contains the file "whatever.html". So it's very likely a simple matter of a lazy configuration rather than a nefarious attempt to make you think that the blocked site doesn't exist (which, really, what would be the motivation there?).
404 is an accurate statement by the browser when the distinct hosts file maps xmission.com to localhost. A 503 error would be a forged response. 404 is the expected type of response with two separate modularized/encapsulated systems where the browser merely reports that it found nothing from the typed in URL. Saying that the site is "blocked" would involve creating a special facility just for this purpose.

I don't think this is at all like the ISP redirection pages that were more clearly non compliant with IETF internet standards.

Thank you for the clarification - I stand corrected!
404 is an error code sent by a HTTP daemon. Browsers don't reuse them.
mistercow's response explains it better. If it redirected to localhost, and there was a certain filesharing service enabled, then it's possible a browser was listening but obviously didn't have the specific file requested.
I wouldn't call it a "spam filter" since it doesn't get placed into your spam folder.
Apple has always been against Porn on their devices.

Heh. Wonder how much of it is produced with iMovie, or FinalCut.

It's easy to temporarily disable Gatekeeper, install what you want, and then turn it back on. In no way does it prevent you from running what you want on your own computer. The point is to put another wall against unintended installs (aka exploits), and corrupted/infected versions of known-good software.
> The point is to put another wall against unintended installs (aka exploits)

Unintended installs may be a type of exploit, but they're not synonymous with them, as 'aka' indicates. Gatekeeper does nothing to protect against, say, your browser being compromised remotely, as you can run unsigned code in a signed application. Gatekeeper raises the barrier to entry, but only slightly.

iOS devices effectively run Gatekeeper full-time with no way to turn it off (aside from jailbreaking). I don't think it's unreasonable to think that the Mac's current Gatekeeper is just a stop along the way toward that.
Yes, that's exactly what I was thinking. Their choices make me worry you'll need a licence to develop for mac in the near future. After that you can only install via the OSX App store, with Apple taking their cut.
Because the use-cases for phones and macs are exactly the same! Because there is no valid use-case for GateKeeper other than Apple wanting to control every piece of software on your machine. Because Apple totally doesn't care if third-party developers jump ship from their platform because the developer tools are locked down.

Because paranoia is so much more fun than rational thought.

Excuse me. I only meant to point out that Apple already has a platform where they control every piece of software on your machine, and so it's not absurd to think that they might try to do this on their other platform. I don't think my post merits your implication that I'm not thinking rationally.
I don't think jumping to that conclusion is any more rational than worrying about the Mustang getting watered down based on Ford's releasing a new Fiesta. Even if Ford does share Fiesta door handle parts with the new Mustangs.
What conclusion am I jumping to, exactly? I'm not concluding anything, just pointing out a possibility based on trends.
OS X is a certified Unix that ships with a CLI and admin accounts with sudo powers. To lock it down the way you're fearing, they would have to completely rewrite the userland of the OS.

Oh wait, they already did that: it's called iOS.

iOS is the ultimate proof that Apple does not intend to lock users out of their Macs: they already created a different product to enable that hand-held computing experience.

> It's easy to temporarily disable Gatekeeper, install what you want, and then turn it back on.

Please don't. Just right click and choose open. You will be able to open it, and whitelist the app in the process.

Why should I choose that over disabling Gatekeeper? Your way adds more steps but is not any safer for me.
If you forget to re-enable Gatekeeper, you're hosed. That's the big one - security-related process/workflow should be as idiotproof as possible.
> If you forget to re-enable Gatekeeper, you're hosed

Let's not exaggerate. Everyone got by perfectly well for years and years just using common sense about what to install. Gatekeeper is a welcome layer of defense but I doubt many experienced users would be "hosed" without it.

I deliberately never reenabled it. I've yet to be "hosed". What are you so afraid of?
Right, but it does create a barrier to entry if you want laymen to run your software. This is especially annoying if you're a developer who doesn't own an Apple PC.
Apples an oranges.

As others have pointed out in this thread, gmail silently drops emails that contained zipped EXE files. It doesn't tell you it dropped it, it doesn't tell you it didn't send it, it just vanishes.

This is (sadly) not new behavior. Other email providers drop emails (which is sad), and Apple acting puritanical isn't exactly news.

I tested this on my @me.com account, and it's exactly how it works. Email containing the words "barely legal teens" is simply dropped.

I find it obscene to an Orwellian extent that Apple actually seems to think that no valid email would ever contain the words "barely legal teens". I wonder what other things Apple thinks are not worth talking about?

I have no trust in Apple's email services any more.

Microsoft has been doing this for decades. Ever try to collaborate on a web project using MSN Messenger? Every message you sent that contained 'index.php' was mysteriously dropped. It IS Orwellian, but you should not be surprised. The big communication services all seem to have their own little moral or technical hacks they use to keep your discussion limited and away from certain topics / words.
That's so surprising I tried to find evidence of it online, but I couldn't. Partly because "index.php" is such a common thing that Google won't use it for a search term, which is ironic. Can you point to anything corroborating that?
There are a whole bunch of banned words. There used to be a whole slew of sites that indexed all of the things Microsoft wouldn't let you talk about. Here's an article about it in the Inquirer: http://www.theinquirer.net/inquirer/news/1041509/microsofts-...

Edit: that article appears to be mostly user names. Here's a forum thread to get you started: http://www.amsn-project.net/forums/index.php?topic=157.0

Thanks, interesting - all I found in my searches where the user name bans, which are standard.

This is different from what Apple is doing, as it seems to be file-name based, to avoid phishing. I still think it's completely misguided.

> Four letter words of a naughty nature are also banned, as well as contentious areas of the world like Scunthorpe.

That is hilarious.

I think that's supposed to be download.php, not index.php. At least that's what I've experienced. (this was several years ago btw)
Hm, maybe it was download.php. Now I'm not sure.
Both work for me.
Well, yes. I think this particular censorship was in place over a decade ago and I doubt it's still active.
That makes me want to use Skype (owned by Microsoft) even less now.
Nobody seems to say it: There were phishing/malware scams that propagated by sending links to all your friends, and banning common page names was Microsoft's way of combatting that.
It is even worse than that -- it also seems to automatically insert graphical smilies whenever it sees what it thinks is a text smiley. Makes it very hard to cut-n-paste a code fragment. Of course you can turn this off, but only on the receiving side -- if you are sending someone a command or piece of code (that contains parentheses and colons), you have know idea if their end will convert to the graphic smilies, and you end up sounding strange to them.
That is not "even worse", that is relatively insignificant. An IM client converting text to smilies by default is standard and easily disabled, or avoided by a different using client.

On the other hand, the issue above represents a horrible failing on the part of MSN as a network/protocol. Silently dropping messages without giving error to either party is insanely stupid behaviour, and MSN's done it frequently for as long as I can remember.

Actually, any mangling of the text is bad. It is bad to drop text, and it is bad to change a line of code to have cartoon graphic images randomly scattered (which you, the sender, don't see but only the receiver does), which makes you look stupid in the eyes of the person receiving it. At least dropping a message makes it look like a network error, the other can make the message sender look like an ignorant fool. (I'm very sensitive to having what I write get changed by something, which is why I absolutely hate auto-correct in a word processor). Both cases have the effect that our corporate-mandated IM client is utterly useless for IT work where you have to send commands or code snippets to others on the team.
No, MSN Messenger did change it for the sender, too. The receiver of a message's settings determined whether they saw the image. You could turn it off in the Text Formatting options, just a simple checkbox.

So I'd disagree with the 'utterly useless' aspect.

That's exactly what I said, if you, the sender, have smilies turned off, you will see the normal code (...:) for example. But if receiver (the person you are sending the message to) doesn't know to turn smilies off, they will receive a graphical picture where the ":)" is in your message, even if it is part of a code block. And there are so many smilies that I don't recognize (not just the ":)" ones), that I never know what the receiver is going to see. Hence, it is useless for sending code fragments (or anything else other than conversational text), since you never know if what is on your screen matches what the receiver will see.
Proprietary IM networks are just that. Email is based on standards, with RFC's defining behavior. Moreover, proprietary IM is based on a some level of membership in that network. Email is open and often involves individuals outside of Apple's iCloud network, users who haven't agreed with Apple to any terms of service or the like.
Sure email is but spam isn't in the RFC is it? That doesn't get delivered straight to your email inbox, or emails from domains that are on blocklists.
GMail silently drops any emails containing zipped .exe files that I send to my boss. That's despite me being one of his most common correspondents, part of the same GApps domain and whatnot. The problem is the same: spam filtering gone wrong.
wait, you're sending from a google apps domain? From the web interface? It always just refused to send if I've tried to do that in the past, with a message explaining why. If you're sending from a different provider, gmail help claims it will bounce it back, not drop it silently, though I've never actually tried that.

In any case, not allowing specific file types as an attachment feels pretty different here, at the very least because the list of filetypes not allowed are enumerated[1], the refusal is explicit, and it's not due to the subject of the exe you're trying to send.

[1] http://support.google.com/mail/bin/answer.py?hl=en&answe...

I'm sending via a non-Google SMTP server, and there's no bounce message or anything - it's just dropped. I'd argue that silently dropping any message from a known source, regardless of the contents, is wrong. I'd be ok with the -attachment- being removed if a scan shows it's a virus/trojan, but then there should be a notice to both sender and recipient.
Agreed, this is incredibly annoying, achieves little or nothing in the way of improved security, and makes GMail a lot less useful than it could be. They've done it for years.
It's also not very sophisticated last I checked. Just change the extension.
Nothing silent about it, in my experience, at least. I was trying to send a self-extracting encrypted archive (full of documents) to my tax guy. Google wouldn't accept the .exe attachment until I added .remove to the end of the name.

The intent is to require the receiver to take some affirmative action (e.g. deleting the .remove) before blindly running the attachment and getting pwned. Seems perfectly reasonable.

Unlike what Apple just got caught doing. I'm ripe for a new phone. I don't think it's going to be an iPhone ...

I just tested it on my @me.com account. Used the web interface to send an email to my Yahoo account and the email wasn't dropped. Did Apple fix this or is the problem somewhere else?
The number of people aware of this issue is tiny.

At time of writing, neither MacWorld, MacObserver, MacRumors or AppleInsider have covered this story, even though it's been up all day.

You would need Jon Stewart or Saturday Night Live to get on the case before Apple deemed it necessary to respond.

Great, now I'm tempted to spend way too much time experimenting to find other banned phrases. :-P But sure enough, whether it's buried in a bunch of lorem ipsum or standing alone, that phrase will send your mail to the ether. It never showed in Junk, it just never came across the wire at all. Edit: this behavior goes in both directions, BTW; receive or send.

I'd be willing to write it off as a one-time error on the part of some individual contributor, but what else will get your mail deleted? Since there are no checks in place for "rogue" ICs adding phrases on server-side, what will cause stuff to go missing tomorrow?

Why do they mention "child pornography"? Maybe I'm wrong but isn't "barely legal" meant to mean 18 year old adults and not "nearly legal"? Or is it just a common code phrase child pornographers use I wasn't aware of?
It's meant to mean 18 year old adults, or woman around that age (so it could be applied to 17 years old as well). This has nothing to do with child pornograpgy, but it seems to be a trend of our time to use that word when youth pornography is meant (and judge the latter accordingly).
A 17 year old would not be legal, so I don't see how barely legal applies to 17 year olds because that would be illegal in most jurisdictions.

EDIT: Thanks, I misunderstood.

That is correct. It maybe doesn't apply if taken by the formal meaning. Doesn't mean that there isn't a second meaning behind that. It sure is a play of words with the uncertainty of the legalness (else why mention the barely at all? Why barely, which also means "not really"?)

My point was, it has nothing to do with children.

>else why mention the barely at all?

Because they are specifically promoting porn featuring women as young as legally possible. "Legal teens" would include 19 year olds, and they are trying to create the specific expectation of women who very recently turned 18.

>Why barely, which also means "not really"?

That is not what barely means at all. Barely means "only just". Barely legal means legal, but very close to the cut-off.

>That is not what barely means at all. Barely means "only just".

Not at all? Well, it is possible my translator (leo) is wrong. I think i have a fairly good understanding of the english language, but i am not a native speaker, so i tried to check my understanding.

I still think it has in this case at least the connotation.

It doesn't, your translator is wrong.
The connotations is not. The translation may be.

That is the link: http://dict.leo.org/ende/index_en.html#/search=barely&se...

It seems that your English is good enough that you'd benefit from an English/English dictionary instead of relying on a German/English dictionary. That way, you're understanding the meaning in the same context as native speakers and without being tainted by connotations of words used in the German definition. (I have this problem all the time with English/Japanese dictionaries; I look something up and it doesn't make sense. Then I look it up in a Japanese/Japanese dictionary and everything makes perfect sense. Of course, sometimes that requires a few more trips to the dictionary to understand the definition, but...)

Anyway, if I were learning English I'd pay the $300 for an Oxford English Dictionary. You'll learn a lot that way.

Thanks, that is a very constructive hint. I will keep it in mind.
It doesn't have that connotation, "barely legal" implies "fully legal".
I will explain it once again and in full and then let it go.

This is a special case. I know that normally barely meanst "only just" (though i believed leo that it sometimes - in special cases when used in a specific way - can mean "only almost"). But if someone hears a sentence like "that is barely visible", one always implies that it is not visible at all for someone seeing a degree worse. Now, if you vist a pornsite with usergenerated content - take 4chan as example - I'd bet a lot of money that one would find a mod-guideline or at least a discussion about such a guideline to delete any threads with "barely legal teens" as topic because a lot of users would post pictures of underage girls in such a thread. In such a case, barely implies not really. And therefore such a term can have another connotation than its formal meaning.

It is really a stretch to say "it doesn't have that connotation", connotations can vary even in one language for every speaker.

> woman

you mean, "person"?

No
(comment deleted)
The child pornography bit just sounds like the journalist speculation.

It sounds to me more like spam cleanup.

In which case, it's been programmed with remarkable incompetence. There's more to spam filtering than deleting messages that are clearly not spam on the basis that they contain a particular sequence of acceptable words.

I can barely imagine the legal consequences of deleting without notice an important email that a distressed mother might have sent to her teen.

That's a good point. Barely legal is still legal, and why is Apple even blocking emails that contain those words?

It might have to do with spam filtering. Trying sending an email that talks about Cialis.

As a man who has the ability to search Google (whooo!), I can add that "Barely Legal" teen movies are published by Hustler, and there appear to be hundreds of them with related names.

Some are sold on Amazon.

Presumably the people who operate in the legal pornography business -- working for Hustler, their distributors (I'm assuming there are several) and US-based retail outlets -- don't use iCloud or it could have an unpleasant impact on their legitimate businesses.

I thought that too, but the article mentions that the messages couldn't be found in the accounts' Spam folders.
It's also possible that "barely legal teens" tripped a spam filter. I hardly encounter that phrase except in porn site promotion.
Flagging an email as spam isn't the same as deleting it.
I agree that the phrase is unlikely to occur apart from the context of porn sites.

But I'd like to be in control of whether emails are being deleted or not. (Or flagged as spam or not.)

Some people prefer to get everything; others don't care if stuff is silently dropped. But it's important that they get to choose.

Certainly iCloud's is the wrong approach for your purposes (or mine). I'm not denying that; just offering a possible alternative to the explanation that "Apple thought these messages were child porn".
Google "barely legal teen" (NSFW) and you will know what it is.

Distribution of porn requires paperwork, age certificates from models/actors etc. Things get even more dangerous when actors can be reasonably suspected to be underage.

The author speculates that this filter was driven by paranoia and CYA mentality at Apple.

It's a term of the pornographer's art. I had a friend from college who wrote for Larry Flynt's Barely Legal magazine for a while. She went on to bigger but arguably less respectable things (political blogging).
Yes, "Barely legal" is used by many legal pornographers.

The article suggests some connection between the phrase "barely legal" and images of child sexual abuse.

It's clear that "barely legal" has a well-established meaning of "absolutely legal; documented adults; no chance of being under age". The article failed to establish a connection between the term "barely legal" and images of child sexual abuse.

(comment deleted)
This is bad, I actually like iCloud, even the email client, calendar and address book. But I don't want them deleting emails like this... hm.
Clarke has just sold his afterlife iPhone.
Is anyone else being driven crazy by the cursor style on this page? I think it's hitting on a new ocd...
Haha, the Dictator Apple is going to mess with your mails... Awesome, you get what you pay for, i guess :P
Its hard to know what to be more amazed about: the fact that with one boneheaded filter Apple now seems creepier than Google in terms of respecting your privacy (one of the few things they could boast about), or the fact that it still seems to be amateur hour over at iCloud. Think about it for a second: they are literally pushing code into production that amounts to if (contents.indexOf(bad_phrase) != -1) delete_email();. How is the takeaway not anything other than "Of course Siri and Maps are a disaster, they can't even filter email in a more complex fashion than 1993."
I agree that it's boneheaded, but I'm not convinced this is a privacy issue, assuming the email only gets dropped. Shouldn't something need to reach the eyes of a human in order to be a privacy issue?
Try telling that to all the people who claim gmail ads are invading your privacy. Most notably Microsoft.
If the email is deleted, that's an extension of the original issue where your email is scanned in the first place, whether by machine or human.

Then comes deletion, making the issue worse than before. Call it privacy, personal data control issue, doesn't matter.

Apple will likely correct this anyway. Two academics could be chatting over email about the potential social harm of "barely legal teens" categories in mainstream porn. They argue the slogan as a provocative, predatory gesture towards all young women. Often the category strives towards "as young looking as possible while legal" which is poor taste and creepy, yet sits alongside "brunette". They might be emailing about that, in which case Apple is wrong to delete the email.

"creepier than Google"

haha lets not get carried away

A heuristic is a bit more complex than an indexOf. I just tried it myself: An email just containing the phrase "barely legal teens" is attributed by Apples iCloud IMAP servers in the header a "spamscore" of 3 and is delivered, but marked as likely spam:

> X-Proofpoint-Spam-Details: rule=notspam policy=default score=3 spamscore=3 ipscore=0 suspectscore=2 phishscore=0 bulkscore=1 adultscore=73 classifier=spam adjust=0 reason=mlx scancount=1 engine=6.0.2-1212290000 definitions=main-1302280125

I would argue that this kind of filtering is fine. Maybe it was a glitch in the server, maybe other metrics of the mail pushed the spamscore up. If iClouds Mail servers should silently decline mails for delivery is a whole different argument.

Censorship is always stupid. Censorship based on nothing than words or phrases is simply embarrassing.
I know everyone is rushing to decry Apple and their draconian behaviour ("first they took my unsigned apps, now they want in my email? TO THE PITCHFORKS!") but the likelyhood is someone has fiddled with the spam filtering and they've broken something. If the first thing you jump to is some conspiracy you're ignoring the simple rule of technology that behind every good wild goose chase is a member of staff who's quickly hitting 'roll back changes'.
No. Normally I'm inclined to assume it was am accident, but If it was just triggering false positives on the spam filter, the email would be showing up in people's spam folders. Instead it is getting dropped without any trace.
Spam should never be deleted. Plus when e-mail is sent OUT (not coming in) it is blocked.

No way to defend this. No spam filter should ever work like that, even if set up overly broadly.

Spam should never be deleted, it should be triaged and left to the user to deal with but it's definitely possible someone has screwed up. What I'm saying is it's probably a fuck up, what I'm not doing is defending it.
(comment deleted)
Isn't the point of "barely legal teens" that they are indeed legal? On what grounds can they delete discussions of legal content?
On what grounds can they delete discussions of illegal content?
That might even be a better point than I made.
Do you guys really not understand, that this was not censorship, but just an over-aggressive spam filter?
Some of us are old enough to remember the Calvin Klein ads with the girl in the "Catholic schoolgirl" uniform with her white panties showing. I had to admit at first glance I thought CK was using someone underage. It provoked a bit of reaction from the demagogues. Since then, the "barely legal" motif has had a bit of radioactivity hanging on it. The popularity of Manga didn't seem to help.
One more reason why you should run your own mail server. I guess if it would take less time more people were doing it (I'm not either at the moment).
Really, running your own email server is a bad idea for most people.

Even on HN it's only good as a learning exercise or for a small number of people who have the use for it.

The problem isn't with the length of time it takes to set it up. The problem is with making sure you have all the quirks sorted out so your mail can get delivered through other people's set ups.

> After more research, Steven found that under the iCloud terms of service, Apple reserves the right to remove any content at any time that it feels is objectionable, without telling you that they’re going to delete it.

Today it's a bad search filter, but tomorrow... what'll they do tomorrow?

Apple is the epitome of "we'll do what we think is best and you'll like it". For now they usually seem to have admirable (or semi-admirable) goals, even if you don't agree with them on the details. I'm curious how long until they make similar moves that are clearly Evil(TM).

So, does this filter work for "not legal teens" or "totally illegal teens"? Because if not, that would be highly ironic.
They also (used to) block you from receiving e-mail with "fuck" in the subject line. I had an amusing conversation with support about this and they said it's part of their spam filter. I just re-tested this and the e-mail eventually came through to my spam folder.