Apple announced their new iPad Pro and I couldn’t care less. The hardware itself is brilliant, yet Apple insists on artificially limiting what you can do with it for reasons I don’t understand. A “pro” device would let me run Mac-style apps like Nova and a real local terminal. It would let me compile and run the software I write when Shortcuts scripting isn’t good enough. It would be more like a hyper-portable MacBook for doing things that don’t require a heavier and more powerful computer, and less like a giant iPhone that gives me free rein of a walled garden.

I bought a 2018 iPad Pro 13" when they were released and used it constantly. It was overpowered for the software available to run on it, to the point that my kid in college still uses it for classwork today. The hardware was never the limiting factor in what I could do with it. I finally replaced it last summer with a MacBook Air that’s worse for my wants and needs in every way but one: Apple’s OS for Macs lets me do the professional things that the as-powerful iPad can’t do. Apple ran an ad when that iPad Pro came out, asking “what’s a computer?” I wish Apple would ask themselves, “what’s a professional?”

My vision for the iPad doesn’t align with Apple’s. That’s OK. They know their target market. They’ll still sell a gazillion of these.

Just not to me.

I spent 1 hour and 25 minutes on a call with Goldman Sachs about their mistakes on my Apple Card statement. It’s not resolved but I think we’re finally making progress.

I’m a stickler about reconciling my monthly account statements. My dad taught me how to balance a checkbook when I was a kid and I’m diligent about that. This was the first time I’ve ever been unable to make sense of a statement. The process normally looks like this:

1. Start with last month’s balance.
2. Subtract any money you paid toward that balance.
3. Add any new transactions.
4. Add any fees and interest.
5. Compare the result to what the bank says your new closing balance is, and if it’s not an exact match, go back to the beginning until you find the missing piece.

Last month’s Apple Card statement worked like that. So did the month before that. And the month before that, all the way back 5 years. This month they threw a twist:

1. Start with last month’s balance, $1000.00¹.
2. Subtract the $500.00 payment I made.
3. Add $100.00 in new transactions.
4. Add $50 in fees and interest.
5. My arithmetic came out to a new balance of $650. Goldman Sachs computed my new balance as $425.

However I juggled the numbers, I couldn’t reproduce their result. I gave up and contacted the support chat. That was useless. The conversation went like this:

Me: There’s a problem with my statement.
Them: Your balance is $425! Is there anything else I can help you with? disconnect
Me: reconnecting There’s a problem with my statement.
Them: Oh no! It looks like that’s $425. Have a nice day! disconnect

I asked them to escalate, which resulted in someone sending me an email like:

Here’s how we resolved your case: Start with $1000.00. Now, the moon weighs more than a duck, so carry the 5 and you get $893. Add the length of the Titanic and subtract purple. That’s $425. Share and enjoy!

Today I called them and repeated “talk to a human” into the phone tree until it connected me to a person. This time I got to explain my situation to a sentient being, who went off to repeat my calculations before uttering those magic tech support words: “huh, that’s strange.” It sure is! The agent was able to reproduce my math and couldn’t figure out how to compute Goldman Sachs’s balance. I can’t exaggerate the relief I felt. I’m not alone. It’s not my imagination or inability to add a few numbers together.

Although we haven’t fixed the problem, a thinking person wrote up my problem and opened an official inquiry for me. I’m optimistic.

And don’t waste your time on Apple Card’s online chat. Nothing good comes from it.

I’ve seen things that looked like ads for apps in the iOS App Store. Today, I saw an ad for something else altogether. It’s a public service announcement warning viewers about potentially lethal fake prescription pills:

That’s a good thing to warn people about. However, it couldn’t be more out of place between the regular listings for games and useful apps. This is the app store, not a random website. And a PSA is one thing. The first time I see a commercial ad for a non-app thing here, I’ll probably have to buy a new phone to replace the one I’m likely to throw out my window.

Apple release macOS 14 Sonoma today. I always install the major OS beta versions on my work Mac when they’re first released, to see if anything critical breaks before it affects my coworkers. That happens sometimes, like when macOS 11 Big Sur deprecated kernel extensions and affected some software we used. Sonoma and its 1st-party apps were in good shape from the start.

I stumbled across a few glitches with 3rd-party software:

• Little Snitch version 5.7 adds Sonoma support.
• Rogue Amoeba’s apps that use their Audio Capture Engine (ACE) need to be updated.
• SpamSieve version 2 doesn’t work because Mail.app removed support for plugins in favor of a new extensions API. Version 3 (a paid upgrade) works with Sonoma.
• Marked 2 crashes when loading docs with fewer than 999 visible bytes. It’s still broken as of today. Workaround: Add a bunch of lorem ipsum to the bottom of the file.
• Bartender 4 doesn’t work. A paid upgrade to Bartender 5 fixes it.
• Finbar didn’t work until version 1.10.

Summary: Sonoma is a good upgrade and I’ve installed it on my Macs. You may need to upgrade some of your other software at the same time.

Apple’s email apps and services don’t allow users to completely block senders. If someone is sending you messages you don’t want to receive, tough. You’re going to get them.

The iCloud.com website’s Mail app doesn’t have a sender block mechanism. Instead, it offers a way to create rules based on each message’s attributes, such as its sender. Rules support these actions:

• Move to Folder
• Move to Trash
• Forward to
• Mark as Read
• Move to Folder and Mark as Read
• Move to Trash and Mark as Read
• Forward to an Email Address and Mark as Read

None of those actions are the same as bouncing or silently discarding an email. At most, you can have the email sent to your Trash folder.

Mail.app on a Mac allows you to mark senders as “blocked”. You can configure Mail.app’s junk mail filters to either “Mark [their message] as blocked mail, but leave it in my Inbox” or “Move it to the Trash”. Again, you can’t bounce or discard it.

I tried to be clever and write an AppleScript program to delete messages from my Mac’s Trash folder. That was a dead end because AppleScript’s idea of deleting an email is moving it to Trash, even if it’s already in there. Neither does it offer a way to automatically empty the trash.

Apple, this is disappointing. If I’m blocking someone, I don’t want to hear from them at all, ever. It’s not enough to send their messages to the Trash folder. I don’t want them to be in my email account at all.

Apple’s iPadOS 16 features a new multitasking mechanism called Stage Manager, but only on very new iPad models equipped with Apple’s M1 CPU. The ludicrous reason Apple gave for this limitation is that the recent M1 chip is the first iPad CPU capable of using swap space.

If you listen quietly, you can hear millions of computer science graduates rolling their eyes at that ridiculous excuse. Far less capable computers have supported swap space for decades, and I won’t bother going into details of how nervy Apple’s claim is. Admit it, gang: you want to give people a reason to buy new hardware to use the shiny new feature. I could respect an honest explanation that doesn’t insult my intelligence.

But because of this dishonesty, I’m holding onto my still-overpowered 2018 iPad Pro until it dies, or until Apple releases a feature I can’t live without. If there were a legitimate technical reason to hold back new features on older hardware, I might use that as a reason to upgrade. Now, though, I don’t trust Apple not to pull the same trick next year. If I bought a 2022 iPad Pro because of this, and next year they released a feature in iPadOS 17 that would only work on 2023 models for another contrived reason, I’d be livid.

Apple’s trick isn’t going to make me upgrade more often, but less often. I’m not risking my hard-earned money until I have to.

Don’t buy an Apple Watch Series 3. Many recent articles enthuse about its current wonderfully low prices, but it’s a trap. The Series 3 is slow, technologically obsolete, and unsupported by the upcoming watchOS 9. Anyone buying it as their first Apple Watch will be disappointed by the awful performance.

I could only recommend it for someone who broke their newer Apple Watch, wants something to tide them over until the new Series 8 is released, and can recycle it or donate it to someone who’d be OK with a dead-end device.

Apple released their new AirTag product six months ago, and as competent as it is for finding lost gear, Apple’s done everything possible to hamstring the little device to make it frustrating to use.

The product idea is simple: you buy one and attach it to something you don’t want to misplace, like your car keys. Then you can use your iPhone to locate that thing when you inevitably misplace it. For that one specific use case, and if you live alone, AirTag is magical. The “Find My” app tells you how far and in what direction the lost device is so that you can walk right up to it. I’ve owned and used various Tile devices before, and AirTags are easier to use and work better. From a hardware standpoint, I can’t imagine what I’d improve about them. However, Apple’s software decisions are constraining the lovely hardware to the point that I don’t want to use it anymore.

All of AirTag’s problems come down to a single issue: Apple is afraid that someone will use an AirTag to stalk another person, to the point that they’ve deliberately encumbered it to near uselessness:

• If your phone detects that an AirTag is moving around with you, and its owner isn’t nearby, then the phone will warn you about it. That’s great if you’re being stalked, but terrible if it’s notifying a thief that there’s a tag in your backpack that they’ve just stolen.
• Inexplicably, Family Sharing doesn’t work for AirTags. I can’t help my wife find her car keys, even though we’re already using the “Find My” app to share our locations. If someone were coercing me to carry an AirTag around so they could track me, they could also coerce me into sharing my location with them through that same app.
• If I grab my wife’s keys for a quick trip to the grocery store, her AirTag on them will start beeping to alert me to its presence. That’s just silly; see the previous point.
• The latest iOS beta lets you manually scan for hidden AirTags, sure to be a favorite must-have feature among thieves.

Apple claims that AirTags are meant for lost items, not stolen ones, but that’s a smokescreen for the fact that they haven’t figured out how to reconcile privacy with having the things work as expected. Despite their claims, of course they’re for recovering stolen items! If it weren’t for the disastrous software features, they’d be perfect for tracking down a purse thief or the person who stole your kid’s bike. Apple is selling a soup spoon, then acting shocked and dismayed when someone wants to use it to eat stew. If Apple can’t see why someone would naturally want to use an AirTag to get stolen things back, then that’s a telling failure of their imagination.

Anti-tracking features are good. No one wants to enable stalkers and I don’t blame Apple for that. However, they’re so paralyzed by even the possibility that someone might use an AirTag in a bad way that they’ve made it useless for a bunch of good ways. If Apple’s going to lock it down this hard, they shouldn’t have bothered releasing AirTag to the public. It would have been far less frustrating if it had never left the design lab.

I wanted to love AirTags, but I regret my purchases. It could have been a wonderful little gadget had Apple defined it by its possibilities instead of its limitations. I won’t be buying more.

I ordered a couple of Apple AirTags and keychain holders this weekend, and UPS dropped the package off on my doorstep a few minutes ago. The outer box had not been sealed in any way — no glue, tape, or anything:

The packages inside were bent on arrival, likely from the warehouse:

I hope this is an exception. If I were a new Apple customer, I’d be unimpressed with their vaunted first impression.

There are a lot of neat third-party email applications available for Mac and iOS. From an end user perspective, many of them are amazing and useful. From an information security, privacy, or legal perspective, many are horrible.

For example, Readdle makes a popular email client, Spark. Now, to be clear, I think Readdle is a good, competent, well-meaning company and that Spark is a nice app. My problem with their product isn’t because I don’t trust them, but because I have to trust them, and unnecessarily.

Here’s why.

How first-party email apps work

When I refer to a first-party mail client, I mean Apple’s own Mail.app, or the app that an email service company made to support their own system (such as Google’s Gmail app). These are a direct link between your computer and your email service, and are widely regarded as trustworthy and safe to use. That is, if you don’t trust Mail.app with your email, you probably wouldn’t be using a Mac or iPhone in the first place. If you don’t trust the Gmail app, you shouldn’t trust the Gmail service either. A third-party app, then, is one made by someone other than the company who made your computer’s operating system or your email service.

With that out of the way, here’s how the process of receiving an email works on these clients:

• A friend sends you email.
• Mail.app periodically checks your email account to see if you have new mail, then fetches it.
• Mail.app gives you some sort of notification that you have a new message.

Alternatively:

• A friend sends you email.
• The Gmail mail server sends a “push notification” to your phone, waking it up and alerting it that you have new email.
• The Gmail app on your phone fetches it.
• The Gmail app on your phone notifies you that you have a new message.

That’s straightforward.

How some third-party email apps work

Spark could have been written to work like Mail.app, but Readdle chose not to, for a good reason that I understand and appreciate. All that “do I have new email?” checking can eat up a phone’s battery, and if someone sends you an email right this moment, it may take several minutes before you get a notification. However, this is where a giant privacy and security issue pops up. Spark works like this:

• The Spark app on your phone sends your email username and password to Readdle’s server where it’s stored until you ask Readdle to delete it.
• A friend sends you email.
• Readdle’s server continually checks your account for new email, and then fetches it.
• Depending on the contents of the email, Readdle’s server may do some extra processing on your behalf, and may send the Spark app on your phone a push notification to tell it you have new mail.
• The Spark app on your phone fetches your email from your mail server.
• The Spark app on your phone notifies you that you have a new messages.

See the problem? Readdle has your login information and uses it to check email on your behalf. From their privacy policy:

INFORMATION WE COLLECT AND HOW WE USE THIS INFORMATION

OAuth login or mail server credentials: Spark requires your credentials to log into your mail system in order to receive, search, compose and send email messages and other communication. Without such access, our Product won’t be able to provide you with the necessary communication experience. In order for you to take full advantage of additional App and Service features, such as “send later”, “sync between devices” and where allowed by Apple – “push notifications” we use Spark Services. Without using these services, none of the features mentioned above will function.

By its design, you have to trust Readdle to read all your email if you want to use the Spark app, and that’s not OK. Depending on what line of work you’re in, it may not even be legal for you to allow another company to access your email if you don’t have a signed data use agreement (DUA) or HIPAA Business Associate Agreement (BAA) in place with that company. Google will sign a BAA if you ask them. Apple’s Mail.app design doesn’t require that because Apple never has access to your email account (unless you use iCloud email, which you shouldn’t be doing anyway if you’re working with HIPAA data). In fact, Apple can’t access your email usernames and passwords. From their iCloud security overview:

These features and their data are transmitted and stored in iCloud using end-to-end encryption:

• iCloud Keychain (includes all of your saved accounts and passwords)

And all of this to support push notifications, which are nice but that Mail.app never had in the first place. Note: Readdle’s service isn’t “push” behind the curtain, as their server has to regularly poll your email service to see if you have new mail. The difference is that it’s their server doing the polling using their electricity, not your iPhone. That’s a handy feature, but is it worth it? In my opinion, it isn’t. Further, I disagree with Readdle’s statement that the “send later” and “sync between devices” features require this arrangement. They could have been built to use an end-to-end encrypted service like iCloud, but Readdle chose not to. Again, they probably did that for decent reasons because Readdle is a good company, but they didn’t have to.

Conclusion

I’m using Readdle’s Spark as an example, but mail clients are all over the place privacy-wise.

Airmail’s privacy policy says:

If “Real-Time Mailbox Monitoring” is enabled for Gmail or Outlook, Office365, IMAP, and Exchange accounts, we store credentials solely to send push notifications.

Superhuman also stores your login information:

Authentication Tokens. When you sign in to the Service, we collect and store encrypted Gmail authentication tokens.

Postbox doesn’t collect your credentials:

We only communicate with Google’s email servers through IMAP, POP, and SMTP protocols, and never receive or store any messages or data from your Google email accounts on our servers. You can revoke Postbox’s access to Google services at any time.

That’s one of the less creepy terms in their privacy policy, though:

We may use information about your publicly available social media information, or your contacts’ publicly available social media information, in connection with our Services.

MailMate has a clear policy:

Passwords are most often required for MailMate to access the emails in your IMAP accounts and to send emails using SMTP servers. Regular passwords are stored (if you allow it) in the Keychain of macOS. Depending on your settings, this might be an iCloud-based keychain synchronized to your other devices.

Some accounts support OAuth2 authentication. In this case, a browser is used for authenticating your accounts and MailMate only gains access to so-called OAuth2 tokens. The tokens are used to access your accounts and MailMate never sees and never stores your password. The tokens are stored in your Keychain as described above.

If an app doesn’t have a privacy policy, don’t use it. If it does, read the policy. And if you work in a regulated industry like finance or healthcare, get your company’s legal team’s opinion before using a third-party app!