Rendered at 23:33:23 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
marvin-hansen 8 hours ago [-]
I actually had the almost same situation by building an offline voice dictation app for macOS and iOS, and in macOS I was confronted with the exact same situation.
However, I would like to point out that Apple isn't totally wrong here because the accessibility API unfortunately is way too broadly scoped, and because of that you literally get access to everything on the computer like you you can screenshot listen and and move the cursor... This is completely ridiculous and the proper engineering solution would actually be to phase out the accessibility API and replace it with something that is narrowly scoped so you can grant specific permissions individually.
However, Apple, being Apple, is obviously not doing anything, and instead says no accessibility permission for anything that isn't demonstrable accessible. Now, there are obviously some exceptions because Apple is not particularly well known for applying its rule consistently and granting big exceptions for itself. However, they do have a valid point on privacy and data protection. And I say that as somebody who ended up distributing my MacOS app outside the App Store because I only got approval for iOS.
That said, I would definitely appreciate if Apple would gradually improve its developer program experience, because compared to its hardware lineup, the developer program is nothing short of abysmal.
Wowfunhappy 7 hours ago [-]
> However, I would like to point out that Apple isn't totally wrong here because the accessibility API unfortunately is way too broadly scoped, and because of that you literally get access to everything on the computer like you you can screenshot listen and and move the cursor...
I want apps to be able to do that!
Barbing 6 hours ago [-]
Yes but miffing to open Privacy & Security & see dozens of apps pretending to need “accessibility” features. Apple has a dozen+ categories there but many poweruser apps I want specifically need accessibility.
Is there an opinionated reason not to break out capabilities?
int0x29 6 hours ago [-]
> Is there an opinionated reason not to break out capabilities?
If you have a disability and need tools to use your computer the last thing you want to do is have those things not only off by default but complicated and involved to turn on.
skykooler 6 hours ago [-]
Is there a reason a capability has to be covered by only a single permission? Why not have one accessibility permission that covers all that and then a bunch of individual permissions for non-accessibility apps?
Wowfunhappy 6 hours ago [-]
Apple doesn’t provide another API for this, so apps have to use the one that’s available.
vorticalbox 4 hours ago [-]
i think the issue is that you can still have these all under the accessibility api but why not break that down more
accessibility.screenshot
accessibility.paste
and whatever else there is. that completely removes the issues for apps like this.
Wowfunhappy 1 hours ago [-]
As a programming practice in service of the principle of least privilege, that would make complete sense.
The issue is with Apple's UX. Apple insists on asking permission for every little capability an app wants. So I would have to say "yes, allow this app to take screenshots" and "yes, allow this app to read the clipboard".
I wouldn't be surprised if, in the near future, Apple forced people to click "yes, allow this app to read the clipboard from app X" and then separately "yes, allow this app to read the clipboard for app Y" and so on for every single other app on my machine.
Apple does not allow you to say, "yes, I trust this #$@-ing app, please allow it to do whatever it needs."
phainopepla2 7 hours ago [-]
Then they should use an appropriately scoped API, as OP suggested.
int0x29 6 hours ago [-]
Controlling my computer is appropriate scope for an accessibility tool
7 hours ago [-]
8 hours ago [-]
8 hours ago [-]
exitb 7 hours ago [-]
Isn’t that just deliberate on their part? As in, they genuinely don’t want developers to use these APIs and just allow them for accessibility use cases.
thewebguyd 5 hours ago [-]
If that were the case, and Apple suddenly decided that no apps are allowed to use the accessibility APIs, so many utilities would just cease to exist, it'd ruin the OS tbh.
You'd lose all window managers, things like alfred and textexpander, screenshot tools, computer use agents, etc.
Brian_K_White 8 hours ago [-]
Gradually improve? How many more decades is reasonable to wait? They are what they are and hoping for change makes no sense to me.
RZelaya 8 hours ago [-]
Thanks for sharing this. The "phase out the broadly-scoped Accessibility API and replace with narrower permissions" point is exactly the right structural fix. Right now developers have to declare a permission far broader than they actually need, and from the outside the criteria for what counts as legitimate use isn't clearly defined. Interesting that your iOS app got through but macOS didn't. WhisperPad is Mac-only and I haven't gone through the iOS path, so your experience there is useful data. The "demonstrable accessibility" criterion seems to be where everything bottlenecks.
int0x29 6 hours ago [-]
> However, I would like to point out that Apple isn't totally wrong here because the accessibility API unfortunately is way too broadly scoped, and because of that you literally get access to everything on the computer like you you can screenshot listen and and move the cursor... This is completely ridiculous and the proper engineering solution would actually be to phase out the accessibility API and replace it with something that is narrowly scoped so you can grant specific permissions individually
If you don't have use of your hands you want that. The whole point of accessibility APIs is allowing arbitrary control of your computer via novel means. One of the big selling points of Dragon Natually Speaking is the ability to tell your computer to do things based on descriptions without a mouse. "open outlook", "click compose", "select subject", "type foo", etc.
And no the solution here is not computer vision with an LLM. Text and buttons rendered on my computer exist in memory somewhere as text and buttons. We should not need to convert them to pixels and back lossily to recover text and buttons. We should just expose things to the accessibility API and not guess.
patates 6 hours ago [-]
> Chrome and anything electron based don't provide any accessibility information to the OS
Are we sure about this? At least on windows, NVDA works fine with chrome and any electron apps.
int0x29 5 hours ago [-]
Looks like they fixed this one since I last checked in 2016
Wowfunhappy 6 hours ago [-]
> And no the solution here is not computer vision with an LLM.
Also, even if you hypothetically wanted to use computer vision with an LLM… what API is that LLM going to use to take screenshots and click on stuff?
spiral90210 11 hours ago [-]
SpaceGremlin (mac alternative to WinDirStat) has a similar thing, where some features only work in the independent "SpaceGremlinPro" version downloaded from their site. However, they do some cool stuff with licensing - you can point it to the app store paid/installed version, and it detects the license and unlocks.
If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
jchw 10 hours ago [-]
There is something amusing about the fact that WinDirStat, as far as I know, was based on KDirStat (now QDirStat), yet this doesn't even get mentioned on their Wikipedia page, and by and large a lot of people don't even know QDirStat exists. One time someone even asked me if they knew of a good alternative for Linux; good news!
Sophira 6 hours ago [-]
To my knowledge, SequoiaView[0] predates even KDirStat - it just didn't have the tree view paired with it.
No doubt KDirStat was based on SequoiaView, but WinDirStat was based directly on KDirStat, as in it was a port of it to Windows. I don't think it is incorrect to mention SequoiaView as the original, but it nonetheless feels weird to skip a hop too. It got not just the tree view but even the name from KDirStat.
burnte 9 hours ago [-]
SpaceSniffer is an even better version of WinDirStat but I rarely see people talk about it, too.
squigz 10 hours ago [-]
It is actually mentioned on the Wikipedia page [1] - and of course, you could add it yourself if that's not enough.
Okay, I stand corrected, but I also stand by that it is interesting that it is pointed out that "The project was inspired by SequoiaView" in the lead section, but not that it was a direct port of KDirStat. It feels odd but also intentional, so I never bothered to change it. I'll leave it up to if anyone else feels similarly enough to do so, because then at least that means there are two of us.
analog8374 9 hours ago [-]
Everything I ever added to Wikipedia was removed, within the day, by a very diligent and hard-working Wikipedia person.
realitylabs 9 hours ago [-]
Same. My experience with the “concept” of Wikipedia was very high until I had the “direct experience” of Wikipedia, and I realized that the encyclopedia of the commons may not have planned for me to be in the commons.
HoldOnAMinute 9 hours ago [-]
Same. Even a single sentence with an easily verifiable fact. Reverted in seconds.
4 hours ago [-]
LorenPechtel 5 hours ago [-]
I'm sort of in the middle on this.
Some pages have somebody guarding the party line, anything that goes against that gets reverted. (How can putting an accurate link behind a piece of text be wrong??)
Pages without such guardians I've never had an issue.
squigz 9 hours ago [-]
Everything I've ever added was kept.
jchw 9 hours ago [-]
Not absolutely everything I've ever contributed was kept, but definitely a lot of it. I genuinely get the feeling that the modern Wikipedia hatred comes from somewhere other than a few unfortunate edit wars, but I'm not in-tune enough to know.
dd8601fn 4 hours ago [-]
I’ve seen the nit-pick reversions and I’ve seen clear ones.
But when I hear people really complain somewhere I do tend to assume they were trying to smuggle in some specific messaging and got caught.
chris_wot 9 hours ago [-]
Good for you I guess.
Everything I ever added was kept, and I was permanently banned. I created [ciation needed], started the admins noticeboard, reworked the USA Patriot Act article, wrote numerous articles for WiR with extensive referencing, contributed to peer review and good article reviews, and a shitload more, but nope. Not good enough.
Why anyone would contribute to that cesspool is anyone’s guess.
squigz 9 hours ago [-]
This comment is a little light on the reasoning for why you were permabanned.
I commented on BrownHairedGirl’s RFA. The most toxic user ever on Wikipedia.
I can assure you, there are those on Wikipedia who committed far worse offenses and they remain.
Like I say - a cesspool that doesn’t respect article writers.
bragr 8 hours ago [-]
Were you Chris.sherlock/Aussie Article Writer on Wikipedia? Sounds like pot calling the kettle black re: toxic. You had an interaction ban against her FFS.
Ah, I see, you were instigating constantly and people were sick of your shit. Seems like a reasonable ban, especially when you violated an IBAN already.
esperent 10 hours ago [-]
Sounds like something that would instantly get you banned from the app store if it got noticed.
lapcat 9 hours ago [-]
No, it isn't. A number of developers have done this.
ryandrake 9 hours ago [-]
Good thing Apple is well-known for consistently and fairly applying its own App Store rules across multiple, similar apps...
lapcat 9 hours ago [-]
You're missing the point. We know that countless developers, including the author of the blog post, have received App Store rejections of submissions. On the other hand, to my knowledge, exactly zero developers have ever been banned from the App Store for doing what the commenter claimed would instantly get you banned.
BrtByte 9 hours ago [-]
Interesting idea. It would basically turn the App Store version into both a discoverability channel and a license anchor for the direct version
thisislife2 8 hours ago [-]
Offer a "trial" version on App Store, and ask them to download the "pro" version and buy the license directly from you. (Offer a "30%" discount and point out that's the "Apple Tax" savings they get for not paying through the App Store).
saghm 8 hours ago [-]
> If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
In other words, Apple is abusing their position by defining overly broad permissions so that they can deny them and pressure people to fork over more cash to them.
LoganDark 10 hours ago [-]
Space Gremlin isn't even available on the App Store anymore, presumably because it hasn't been updated to newer versions of macOS. Meanwhile, GrandPerspective is free and uses the exact same visualization as WinDirStat (although the UX is a bit weird for me)
SV_BubbleTime 9 hours ago [-]
Isn’t it like 15% up to the first or second million in sales?
11 hours ago [-]
atroon 9 hours ago [-]
I don't mean to offend, but entrusting every input to a company literally called MITM LLC has a level of absurdity that either greatly entertains or else greatly frightens me.
arm32 3 hours ago [-]
I saw and thought the same. MITM. What in the world?
julianlam 7 hours ago [-]
Model-in-the-middle LLC
Checks out, what's the problem? /s
robgough 11 hours ago [-]
I recently built a similar app, and so hit the same limitations – I wasn't too upset on Mac, happy to distribute without the App Store (though it's a shame).
Where I was more frustrated was how much this limited the potential usability of the iPhone app. Because of app store restrictions it is a far worse app ... though like in your example, still useful to a degree.
I can only hope they use the new CEO as an opportunity to seriously re-evaluate their entire approach to how they work with developers, though I'm not actually expecting them to. If anything, with the increase in apps being created via AI tools I worry they will go the other way.
cmsj 9 hours ago [-]
I really do understand the desires people have for iOS to be a more open platform, but I'm just gonna say very clearly: I do not want third party apps being able to do what OP's app does. My iPhone is the one computing platform I have where I get the assurance that no third party app can be spying on anything else I do on the device.
ryandrake 9 hours ago [-]
Yea, Accessibility features are kind of OS super-powers and you really, REALLY need to thoroughly vet apps that you grant those powers to. These apps need to be actually using Accessibility to provide assistive technology for users with disabilities. I'm usually uneasy about Apple anointing itself the gatekeeper for this, but someone has to do it.
Lots of shady and well-known developers (like Dropbox) are notorious for trying to weasel their way into getting Accessibility permissions, so they can do god knows what with them to your system.
__float 9 hours ago [-]
iOS generally lets you reject any permission an app asks for. This would certainly be "risky" enough that iOS would require explicit user permission, and you would be able to say no.
On top of that, the app is completely optional: if you aren't comfortable giving it those permissions, don't install it?
gumby271 7 hours ago [-]
Two things can be true, you can choose to install software from a curated store, policed by an entity you trust to do that. I can install whatever trash I want from the internet and risk my own security doing so. These two things aren't in conflict and could be enabled with a change in policy from Apple.
Worried about grandma installing shady apps? Enable parental controls on her phone.
makeitdouble 7 hours ago [-]
Locking down your phone to block anything you don't want is doable at your own level. Opening up the ecosystem for those who care about better third party apps can only done by Apple.
Those two desires should both be fulfilled.
lapcat 9 hours ago [-]
The Accessibility permission is not granted automatically to apps on the Mac. You have to specifically allow it for an app. So you retain control and assurance even without Apple lockdown.
jiehong 9 hours ago [-]
Exactly. On iOS, it completely limits the market for a good dictation app with your keyboard, because iOS just doesn't allow you to.
vrganj 10 hours ago [-]
If you're in the EU, consider publishing on an alternative App Store and pointing users that way.
If you're not, ask your representatives why you don't get the same rights.
BrtByte 9 hours ago [-]
[dead]
RZelaya 11 hours ago [-]
[dead]
orliesaurus 10 hours ago [-]
As someone who also experience pains in their hands after a couple of hours of typing... I started to use the great open source app called ghost-pepper [1] that i found on github and has been my daily driver (its like superwhisrp but oss/free and local)
the maintainer is really nice and replies to DMs really quickly too.
I am big fan of VoiceInk which is also local and open-source. I also maintain this list of all the best open-source ones in this awesome-style GitHub repo. People looking for open-source dictation tools, hope you find something that works for you here: https://github.com/primaprashant/awesome-voice-typing
emrehan 9 hours ago [-]
As someone that have tried a few of these apps, I really like this one. I dictated this one just now with ghost pepper. Thanks Matt and thanks orliesaurus for sharing it here!
Muhammad523 11 hours ago [-]
This is what happens when you run an OS controlled by some random big corporation. I dont mean that it's the person's fault, but just that you should not rely on Apple. they allow you to use your computer, but on their terms.
Install some GNU/Linux distro and you can do whatever you want.
functionmouse 11 hours ago [-]
for most people this is like saying "If you don't like being oppressed, just move to Antarctica!"
callc 11 hours ago [-]
Maybe more like “Learn how to replace an AC filter by yourself instead of calling an AC repair company”
I just installed PopOS on a laptop recently, and… it just worked. There’s an app store for noobs that I think installs flatpaks. GPU drivers just work. Whole disk encryption. Everything just works.
I don’t see what else my grandma that just uses Facebook would need. Maybe automatic updates?
functionmouse 11 hours ago [-]
No. Changing one's primary operating system takes time, dedication, and is a lifestyle change, similar to moving somewhere remote. Changing ones AC filter is none of those things.
If you and your grandma only rely on the computer for its web browser, then good for you. You have flexibility that is not afforded to most people. But that's not how a person's phone works; phones dig a lot deeper into one's lifestyle, intentionally so. The walled garden was constructed to keep outsiders out, but now it seems the primary purpose is keeping those inside hostage.
analog8374 9 hours ago [-]
My mother-in-law recently became fed up with Windows and asked me to install Linux for her. I gave her Debian with a Mate desktop.
She loves it. Zero problems. It's been a week and she's using it just fine. No lifestyle upheaval.
onemoresoop 9 hours ago [-]
Your mother in law asked specifically for Linux?
analog8374 1 hours ago [-]
yes
stonogo 10 hours ago [-]
Nobody in my life even notices when they change their 'primary operating system.' They buy a phone based on what looks cool at the time, sometimes it's android, sometimes it's iphone. They move freely between chromebooks, windows, and mac os, because everything is online anyway. It's only 'experts' who have trouble with this.
Hugsbox 9 hours ago [-]
I'm the IT guy to most of the elderly people in my life, and steadily switching them over to Linux Mint over the years. Fact of the matter is, most of them use their OS as a gateway to their web browser, and don't care to do anything else with it. For many non-technical users, switching OSes is literally a non-thing. The only difference vs Windows is that they call me for assistance way less frequently.
functionmouse 5 hours ago [-]
Are you upgrading their release for them every year or so once it becomes unsupported?
thisislife2 8 hours ago [-]
Partly agree. I once installed Firefox with uBlock Origin for someone who was Chrome user on an old PC and complained it was slow when browsing, and they told me that they didn't even know that there were different browsers available.
john_strinlai 9 hours ago [-]
you are telling me that everyone in your life freely swaps between windows and mac without even noticing a difference? no problems?
i call bullshit. i have worked in very big orgs. changing a single icon can cause a deluge of support tickets.
alnwlsn 6 hours ago [-]
I have family that would gladly use FacebookOS if such a thing existed and automatically loaded that and only that website as soon as you turn on the computer or phone.
stonogo 8 hours ago [-]
Congrats on your enormous org. The conversation was about families, indicating a non-enterprise environment. Try to keep up.
8 hours ago [-]
MichaelZuo 11 hours ago [-]
You make people sound like they are semi-automatons?
Muhammad523 11 hours ago [-]
If a 15 years old can do so (me) then other people can do so as well. I did not feel uncomfortable at all when i first installed ElementaryOS and then moved to Fedora. everything just works, i never ever had to worry about drivers or stuff like that
wink 10 hours ago [-]
I've been using Linux for about 27 years now and yet there are still some things I begrudgingly use Windows for (can also rephrase: one machine that does certain things).
I own more (and have them running right now) machines with linux than anything else and yet I'm not saying people can just switch. The problem is usually not "can do at all costs" but "can do with a reasonable addition of extra steps/relearning/tool does not exist/etc". There's some nuance and when I have some spare time I will (again) try to switch that one machine, but "it just works" maybe can also mean you're not using it for a diverse enough set of things.
In my case the reasons are actually quite boring: some hardware I couldn't get running and some (maybe minor) things that drive me nuts. The hardware is kind of a deal breaker atm. And yes, some people do a lot more weird things at home, my work machines were running Linux for 90% of the time since 2010ish.
justaman123 10 hours ago [-]
As a 15 year old your mind is flexible in ways that most people's are not. As you get older you will realize the cost of changing the way you are used to doing things. Take advantage of your young brain and try all the things
misnome 10 hours ago [-]
Also, infinite free time to learn, and no real cost to ongoing work by fucking things up
bluGill 9 hours ago [-]
Sure. Can you go down my well to replace the pump? Can you figure out what shots my cat needs? Can verify my companies books balances via GAAP? Can you tell me what the correct slump we need to make sure this bridge stands? The list of things I can ask goes on much much longer. In all cases you can learn to do that, but you cannot live long enough to learn to do all of the above.
norren8 10 hours ago [-]
Personal ability cannot be the universal baseline, sadly
F7F7F7 10 hours ago [-]
I run Linux across a dozen thin clients and a server class desktop in my home lab. It's rock solid for home assistant, proxmox, routing, etc etc. Set it (hours and hours of work) and forget it exists.
I couldln't imagine having the time to set it up as a daily driver that handles my daily workflows, hardware needs, etc. Terminal in OS X is a close enough approximation out of the box and goes beyond it in DX (IMO) with very little additional setup.
I know this will be an unpopular opinion.
cguess 8 hours ago [-]
I'mm exactly the same. Fluent in Linux, but you'll pry my MacBook out of my cold dead hands.
breakingcups 11 hours ago [-]
PopOS completely shit the bed for me on a major version upgrade, left the system is a completely inconsistent state. Luckily I was only trying it out on one (multi-boot) laptop and could easily switch, but it's put me off Pop OS.
shevy-java 10 hours ago [-]
> If you don't like being oppressed, just move to Antarctica
No - moving to far away areas is not the right analogy. After
all you need to have use cases where those huge companies
do not control your business. So the alternative is to avoid
becoming dependent on them; or cut off the dependency when
possible.
amelius 11 hours ago [-]
[dead]
RZelaya 11 hours ago [-]
Fair. I run Nobara on my gaming computer and built a similar dictation tool there with no API restrictions, so the trade-off is real. For this project I chose both: App Store reach for the compliant version, direct distribution for the full one. But I know other people wouldnt be comfortable with running something like that so I built this somewhere my mom could use it
vanyle 8 hours ago [-]
Centralized package repositories like the one provided by canonical have similar limitations to the Mac App Store, you need to get your app reviewed, you need to push updates to each platform where you distribute your app and in exchange you get visibility.
I'd argue that installing and updating apps on MacOS is simpler than on Linux distros because most apps have built-in auto-updates (or you can just drag the app to the applications folder) instead of having to rely on snap / apt / insert your package manager which may a lot of outdated and unmaintained packages and apps.
mft_ 9 hours ago [-]
Unless... you have a personal or professional need to use apps that don't work on Linux.
I tried very hard to switch to Linux full time some months ago, but I couldn't find a way of getting Microsoft Office to work satisfactorily. There are clever packaged versions of Outlook and Teams, but I need full native installed versions of Word/Excel/Powerpoint, and there just wasn't a good solution. That was a deal breaker, sadly, so I'm back on Mac for the time being.
Other examples would be some of the popular games with anti-cheat that requires Windows.
11 hours ago [-]
lapcat 9 hours ago [-]
You're missing the point: it isn't about the OS. The direct distribution version of the app has full functionality. The problem is with the Mac App Store.
coldtea 11 hours ago [-]
>This is what happens when you run an OS controlled by some random big corporation
You get a channel for installing apps, where someone vetoes random apps that want to have access to control your whole computer and potentially steal sensitive data?
>Install some GNU/Linux distro and you can do whatever you want.
And any random app can get total control and steal your data, unless you know how to enable restrictions. I'd rather have restrictions as the default, and for the most naive users who'd follow every app prompt, and then cry about their lost work/private documents/money, no way to bypass them.
Muhammad523 11 hours ago [-]
It's not true that any app can get total control of your system. If you install them via flatpak, the apps are sandboxed. Also, unless you log in as root, the apps can't do much. Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
I dont wanna start a war over this btw, even though it may not seem :)
coldtea 6 hours ago [-]
>Also, unless you log in as root, the apps can't do much.
On a personal computer, they "can't do much" to the things you can trivially re-create by reinstalling anyway. Apps, system files, etc.
They can however do everything to your own files, steal your documents, bank account data, and more.
That a progran run as you without root "can't do much" made sense for multi-user Unix services, not for a personal computer and your own files.
>Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
Yes, and it's not because "unless you log in as root, the apps can't do much" on your personal laptop.
SSLy 9 hours ago [-]
> unless you log in as root, the apps can't do much.
Then don't install apps and use the web, mobile sandboxing is much weaker compared to any modern browser.
Danox 8 hours ago [-]
Wrong answer...
realusername 8 hours ago [-]
How so? The accessibility API which is causing data exfiltration here doesn't even exist on the web.
detourdog 11 hours ago [-]
Apple is hardly a random big company. Apple's customers specifically chose to purchase the product. Most of their customers don't realize the significance of the exposure to copy and paste between Apps. Apple has taken the position that monitoring this exposure is part of their duty to the customer. Anyone that is aware of this shortcoming in Apple's product is free to purchase a different device.
dmcgill50 11 hours ago [-]
In Apple’s defense, your company name is MITM. Man In The Middle certainly falls on one side of the perception line, don’t you think?
Gormo 8 hours ago [-]
Of course, one might construe Apple as an MITM in the relationship between the user an and the software vendor.
gumby271 7 hours ago [-]
In fact, Apple would construe themselves as a MITM, pretty explicitly.
raverbashing 11 hours ago [-]
Right?!
I get that some people are unfairly targeted but some other times it's people being (extremely) naive or just playing dumb
"Hey you know what would be cool? If we named our bluetooth speaker company bee oh emm bee!!11"
RZelaya 11 hours ago [-]
The acronym is unfortunate, you're not wrong. MITM here is "Moogle In The Machine" (the Final Fantasy moogle + machine learning), but the security-context joke is fair and I hear it constantly.
butlike 9 hours ago [-]
Moogle itself might be copyrighted, too
claviska 6 hours ago [-]
They rejected mine too for the exact same reason, despite press-to-talk being a legitimate accessibility issue.
I wrote about this here [1], and even called out some of the most common disabilities that clearly benefit from it.
They also don’t allow microphone access from keyboard extensions in iOS, which prevented me from shipping an iPhone target (that I really wanted for myself tbh).
It’s a shame and I can only assume they’re trying to protect their built-in dictation, which historically has been laughably bad.
There's a reason I don't write mobile apps, and it's all the flaming hoops you have to jump through: both in the build system and from the random whims of reviewers.
allthetime 8 hours ago [-]
I’ve been doing it for a decade now. I have a list of everything I’ve been rejected for. New apps must satisfy the list before I put them up for first review. New apps pass first try now.
Build system woes are almost always solved by deleting build cache & artifacts and trying again. Often necessary after messing around with deeper dependencies.
PaulHoule 6 hours ago [-]
Is it really true you get more distribution from the MacOS App Store? I would never use that App Store to install something unless I had absolutely no other choice —- and that would mean I would take somebody else’s app which was a little less polished or functional. We’ve had an App Store in Windows since Windows 8 and it has been a big joke, like maybe you use it to download some crapplet to use the scanner attached to your printer or something.
RZelaya 2 hours ago [-]
[flagged]
BrtByte 9 hours ago [-]
The frustrating part is less that Apple has a boundary here, and more that the boundary seems opaque and inconsistently enforced
hirako2000 10 hours ago [-]
Some non apple apps get access to accessibility APIs. What gives?
This API is sensitive. I imagine Apple is particularly stringent as to how the access is justified. Not how it uses it but how the reason for using it is explained.
It's not like someone tests the app and all api calls to deem them reasonable or not.
taormina 10 hours ago [-]
They do literally pay people to do that. Then one of those people chose to reject this anyway.
hombre_fatal 10 hours ago [-]
What API are you using? I have a sandboxed app on the Mac Store that synthesizes CGEvents to simulate arbitrary keyboard actions on behalf of the user. It needs accessibility permission, of course.
RZelaya 10 hours ago [-]
Same approach: CGEventPost with Accessibility permission. The wrinkle was that my App Store reviewer wasn't comfortable with how I was using AX permission for auto-paste, even though the mechanism is the same as other apps already in the store. The clipboard-only version of WhisperPad needs no AX permission and that's what got through. Interesting that your sandboxed app with similar mechanics is approved.
jchigg2000 10 hours ago [-]
Wondering the same, there is some weirdness around the clipboard and CGEvents though. Are you avoiding the clipboard entirely in your implementation?
throwaway-blaze 3 hours ago [-]
"The choice is rarely "comply or quit." It is often "comply here, and do the fuller thing somewhere else."
Unless the platform is iOS, in which case it's "comply here or gtfo".
RZelaya 2 hours ago [-]
[flagged]
11 hours ago [-]
RZelaya 11 hours ago [-]
The paste-phase failures are exactly where most of my hard problems have been. App switching mid-paste, focus changes, slow-loading fields. It's an ongoing battle. Transcription history and custom prompts (especially for code or technical contexts) are good ideas I should think more about. The privacy trade-off on persistent transcripts is the part I've been chewing on.
jchigg2000 10 hours ago [-]
Quick question, I assume you're getting caught by the CGEvent(PostEvent)...but I want to be sure. AX API has been gimped for over a decade so you'd have never made it into the app store that way. Just making certain, in case you have another path. It doesn't appear CGEvent is a universal approval anymore either though.
Have fought similar demons lately, feel your pain.
RZelaya 10 hours ago [-]
The direct version uses CGEventPost to synthesize the paste, which requires Accessibility permission. The App Store version writes to the clipboard only, so no AX permission needed and the user presses Cmd+V manually. The 2.4.5 rejection was specifically about the Accessibility permission use case. Your read sounds right that this path has been gimped for a long time.
kobalsky 8 hours ago [-]
After decades of heavily using the computer keyboard (every day, all day) I started getting pain in my wrists.
I got an ortholinear keyboard that looks like a rectangular grid, just 12 by 4 keys around 10-15 years ago.
I don't recall the last time I felt pain in my hands, completely gone.
DelightOne 11 hours ago [-]
I don't want random apps to paste potentially dangerous things into other apps. Its understandable.
Imagine a banking app, and for example an IBAN field.
kuboble 11 hours ago [-]
Them you are free to not install them? Why ban them outright?
I'm using https://github.com/cjpais/Handy whichseems to be doing exactly what this app does, and has a very similar background story (author couldn't type die to injury).
SyneRyder 11 hours ago [-]
Handy is excellent and cross platform, and really elegant. They've got a direct website here which might be easier to navigate than the Github repo:
Handy looks great. More tools in this space is a good thing for people who need them.
mrweasel 11 hours ago [-]
In this case it feels like it's a feature that the operating system should be providing or something that could be marked as an accessibility tool, which would allow it to use that API.
The problem from Apples perspective could be that there is a ton of tools that require access to the accessibility API because they want to do stuff that Apple have deemed a security risk and the only way to do it is by abusing the API. Some of these are also because macOS simply lacks certain APIs.
I think Apple overreacting due to previous API misuse by other apps.
RZelaya 11 hours ago [-]
[dead]
amazingamazing 11 hours ago [-]
To their defense you cannot rollback apps, so if you did install and only an update had this function, you are out of luck
applfanboysbgon 11 hours ago [-]
"In their defense, the OS is even more insane with mandatory forced application updates that you have no control of". I hope I won't ever happen to have you representing me as a defense attourney!
RZelaya 11 hours ago [-]
I see, that's a really fair point. And I can understand that banking field example. So I can see why they're guarding against it. My disagreement was less with the rule itself and whether Whisperpad's specific use case for users with mobility needs falls on the right side of it.
notlive 11 hours ago [-]
I would like the option to allow the behaviour selectively
DelightOne 11 hours ago [-]
That's what install outside of the App Store is for. On your own risk-
11 hours ago [-]
boxed 11 hours ago [-]
Pasting doesn't seem very unsafe. Especially not when the app can't know what it's pasting into.
nullbio 9 hours ago [-]
Doesn't Wispr Flow do this though? How did they get past these limitations?
RZelaya 9 hours ago [-]
From what I understand Wispr Flow distributes directly from their website and doesn't ship through the Mac App Store, so they don't go through Apple's App Store review at all. They use the Accessibility API the same way the direct version of WhisperPad does. The 2.4.5 limitation really only kicks in if you want App Store presence.
sangeeth96 9 hours ago [-]
not in the app store?
kevsim 5 hours ago [-]
Yeah and Soniox is another similar as well, but I checked and neither is available in the AppStore
luca-ctx 8 hours ago [-]
I’ve had lots of inconsistent app reviews from Apple. Just appeal and/or re-word your language and you’ll be ok. Plan on it taking a few weeks to fully sort out.
stokedbits 8 hours ago [-]
This is well documented by them which is why a majority of the apps doing this are released outside of the App Store. I built something similar, and I just publish it separately https://github.com/moxiebytescode/speakeasy.
longnguyen 7 hours ago [-]
If you emulate command+V, make sure to check the keyboard layout. You may need to translate the keycode V for the current keyboard layout like DVORAK etc
RZelaya 7 hours ago [-]
Good catch. Easy edge case to miss if you only test on QWERTY. I'll double-check the implementation, thanks for the heads up.
update: You're right, this is a real bug. The Direct version's auto-paste hardcodes the QWERTY keycode for V instead of translating for the active layout, so Dvorak / Colemak / AZERTY users would all hit it. The MAS version is unaffected (clipboard-only; the user presses their own Cmd+V, which is layout-correct). Fix is going into the next release. Thanks for the careful read.
longnguyen 7 hours ago [-]
Good luck. I’ve been building a native AI client[0] for the past 3 years and I didn’t catch this edge case until some of my users asked for it.
I understand their point of view. I will launch an app on app mac too. I hope it do goes smoothly.
-mlv 11 hours ago [-]
No surprises here, Google has also been restricting access to its accessibility API.
RZelaya 11 hours ago [-]
Useful context, thanks. I hadn't realized Google was tightening similarly. Would be interesting to see how the rationales compare.
MoonWalk 6 hours ago [-]
Can't view the site. Rejected with
net::ERR_CERT_AUTHORITY_INVALID
RZelaya 2 hours ago [-]
[dead]
artenesdev 10 hours ago [-]
Oof, thats rough. I'll still start facing those issues, just got accepted into the apple's dev program. I predict a ton of rejections coming my way.
RZelaya 6 hours ago [-]
[dead]
mvdtnz 5 hours ago [-]
I do not respect software developers that build for platforms which require them to beg and plead to have their programs accepted by a mega corp. Develop for open platforms or stop complaining.
m-s-y 10 hours ago [-]
macOS already has a dictation feature that does this exact thing, albeit in real time. I use it extensively.
OP’s description in the linked article doesn’t say much more than this, so what am I missing with this particular app?
RZelaya 9 hours ago [-]
Apple's built-in dictation works for casual use, but in my own daily use the typo rate was high enough that I was constantly going back to fix things, which defeated the point (with a hand injury, those corrections cost me). WhisperPad uses Whisper models instead, doesn't cut off after 30-60 seconds like Apple's does, supports 99 languages offline, and pastes into any active field via hotkey. There's a 120-minute monthly free tier so you can see if it fits your use case. If Apple's built-in dictation handles what you need, that's a fair answer.
jiehong 9 hours ago [-]
Apple's own dictation is quite limited, doesn't handle multiple languages very well, and many open source dictation models simply do better.
taormina 10 hours ago [-]
[flagged]
geor9e 9 hours ago [-]
Is this just an stealthy ad for another paid dictation app…
burnt-resistor 10 hours ago [-]
Accessibility things should be more useful than to just narrow accessibility uses only. Wheelchair ramps help move heavy objects. The accessibility API makes it possible to introspect all of the keyboard shortcuts an app provides for another app to list them.
Screw Apple and their persnickety, controlling myopia.
Fokamul 10 hours ago [-]
Easy, don't make apps for devices which are only leased to people.
Make apps for device, which are 100% owned by people.
BoggleOhYeah 11 hours ago [-]
Eh. I think it’s fair if Apple doesn’t want to publish something on their app store.
I just wish they weren’t so obstinate about people installing from other sources without signing/notarization. I understand it from a security standpoint but it’s also nakedly self-serving.
I’m glad that they’re fine with signing in this case.
RZelaya 11 hours ago [-]
Fair points. The notarization-but-not-App-Store path was actually a workable middle ground in my case. Apple still gates security via notarization, but doesn't gatekeep the use case. The warnings users see when installing non-App-Store apps could be lighter without compromising security.
shevy-java 10 hours ago [-]
This is another reason why one shouldn't become dependent on those giant companies. Just as Microsoft recently stated, you'll have to pay for GitHub CoPilot soon on a token basis. Apple controls access to its software ecosystem too.
MagicMoonlight 10 hours ago [-]
A company called “MITM LLC” which hijacks pastes in other apps.
I have no idea what they’re thinking. Insanity.
2OEH8eoCRo0 10 hours ago [-]
Add it to the antitrust pile.
Microsoft was almost broken up over not allowing third party programs to use certain APIs. Apple abuses their dominant position to suppress competition.
lofaszvanitt 10 hours ago [-]
Time to turn Linux into a platform where you can upload into a store whatever the fuck you want. And see these behemots burn.
oblio 11 hours ago [-]
I guess this app can still be installed locally? It's just that it can't be distributed to others due to signing requirements?
Edit: Ah, it's in the article, this is about AppStore distribution. Walled gardens are going to walled garden.
RZelaya 11 hours ago [-]
The direct version is fully signed and notarized by Apple, just not distributed through the App Store. Anyone can install it from mitmllc.com/whisperpad without workarounds. The 2.4.5 rejection was an App Store rule, not a general restriction on the app.
BoxFour 11 hours ago [-]
[dead]
RZelaya 11 hours ago [-]
I am still not certain I understand exactly what Apple's reviewer meant by 2.4.5 in my case. My working assumption is that the concern is about an app reaching into every other app on the system to inject text, but I never got a perfectly clear explanation. (Or maybe I'm too dense to understand it.)
If anyone here has more direct experience with this guideline, especially from the App Store review side, I would like to hear it. I would rather understand the policy than just guess at it.
However, I would like to point out that Apple isn't totally wrong here because the accessibility API unfortunately is way too broadly scoped, and because of that you literally get access to everything on the computer like you you can screenshot listen and and move the cursor... This is completely ridiculous and the proper engineering solution would actually be to phase out the accessibility API and replace it with something that is narrowly scoped so you can grant specific permissions individually.
However, Apple, being Apple, is obviously not doing anything, and instead says no accessibility permission for anything that isn't demonstrable accessible. Now, there are obviously some exceptions because Apple is not particularly well known for applying its rule consistently and granting big exceptions for itself. However, they do have a valid point on privacy and data protection. And I say that as somebody who ended up distributing my MacOS app outside the App Store because I only got approval for iOS.
That said, I would definitely appreciate if Apple would gradually improve its developer program experience, because compared to its hardware lineup, the developer program is nothing short of abysmal.
I want apps to be able to do that!
Is there an opinionated reason not to break out capabilities?
If you have a disability and need tools to use your computer the last thing you want to do is have those things not only off by default but complicated and involved to turn on.
accessibility.screenshot accessibility.paste
and whatever else there is. that completely removes the issues for apps like this.
The issue is with Apple's UX. Apple insists on asking permission for every little capability an app wants. So I would have to say "yes, allow this app to take screenshots" and "yes, allow this app to read the clipboard".
I wouldn't be surprised if, in the near future, Apple forced people to click "yes, allow this app to read the clipboard from app X" and then separately "yes, allow this app to read the clipboard for app Y" and so on for every single other app on my machine.
Apple does not allow you to say, "yes, I trust this #$@-ing app, please allow it to do whatever it needs."
You'd lose all window managers, things like alfred and textexpander, screenshot tools, computer use agents, etc.
If you don't have use of your hands you want that. The whole point of accessibility APIs is allowing arbitrary control of your computer via novel means. One of the big selling points of Dragon Natually Speaking is the ability to tell your computer to do things based on descriptions without a mouse. "open outlook", "click compose", "select subject", "type foo", etc.
And no the solution here is not computer vision with an LLM. Text and buttons rendered on my computer exist in memory somewhere as text and buttons. We should not need to convert them to pixels and back lossily to recover text and buttons. We should just expose things to the accessibility API and not guess.
Are we sure about this? At least on windows, NVDA works fine with chrome and any electron apps.
Also, even if you hypothetically wanted to use computer vision with an LLM… what API is that LLM going to use to take screenshots and click on stuff?
If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
[0] https://sequoiaview.win.tue.nl/
https://en.wikipedia.org/wiki/WinDirStat#Version_history[10]
Some pages have somebody guarding the party line, anything that goes against that gets reverted. (How can putting an accurate link behind a piece of text be wrong??)
Pages without such guardians I've never had an issue.
But when I hear people really complain somewhere I do tend to assume they were trying to smuggle in some specific messaging and got caught.
Everything I ever added was kept, and I was permanently banned. I created [ciation needed], started the admins noticeboard, reworked the USA Patriot Act article, wrote numerous articles for WiR with extensive referencing, contributed to peer review and good article reviews, and a shitload more, but nope. Not good enough.
Why anyone would contribute to that cesspool is anyone’s guess.
I can assure you, there are those on Wikipedia who committed far worse offenses and they remain.
Like I say - a cesspool that doesn’t respect article writers.
https://en.wikipedia.org/wiki/Wikipedia:Administrators%27_no...
In other words, Apple is abusing their position by defining overly broad permissions so that they can deny them and pressure people to fork over more cash to them.
Checks out, what's the problem? /s
Where I was more frustrated was how much this limited the potential usability of the iPhone app. Because of app store restrictions it is a far worse app ... though like in your example, still useful to a degree.
I can only hope they use the new CEO as an opportunity to seriously re-evaluate their entire approach to how they work with developers, though I'm not actually expecting them to. If anything, with the increase in apps being created via AI tools I worry they will go the other way.
Lots of shady and well-known developers (like Dropbox) are notorious for trying to weasel their way into getting Accessibility permissions, so they can do god knows what with them to your system.
On top of that, the app is completely optional: if you aren't comfortable giving it those permissions, don't install it?
Worried about grandma installing shady apps? Enable parental controls on her phone.
Those two desires should both be fulfilled.
If you're not, ask your representatives why you don't get the same rights.
[1] https://github.com/matthartman/ghost-pepper
Install some GNU/Linux distro and you can do whatever you want.
I just installed PopOS on a laptop recently, and… it just worked. There’s an app store for noobs that I think installs flatpaks. GPU drivers just work. Whole disk encryption. Everything just works.
I don’t see what else my grandma that just uses Facebook would need. Maybe automatic updates?
If you and your grandma only rely on the computer for its web browser, then good for you. You have flexibility that is not afforded to most people. But that's not how a person's phone works; phones dig a lot deeper into one's lifestyle, intentionally so. The walled garden was constructed to keep outsiders out, but now it seems the primary purpose is keeping those inside hostage.
She loves it. Zero problems. It's been a week and she's using it just fine. No lifestyle upheaval.
i call bullshit. i have worked in very big orgs. changing a single icon can cause a deluge of support tickets.
I own more (and have them running right now) machines with linux than anything else and yet I'm not saying people can just switch. The problem is usually not "can do at all costs" but "can do with a reasonable addition of extra steps/relearning/tool does not exist/etc". There's some nuance and when I have some spare time I will (again) try to switch that one machine, but "it just works" maybe can also mean you're not using it for a diverse enough set of things.
In my case the reasons are actually quite boring: some hardware I couldn't get running and some (maybe minor) things that drive me nuts. The hardware is kind of a deal breaker atm. And yes, some people do a lot more weird things at home, my work machines were running Linux for 90% of the time since 2010ish.
I couldln't imagine having the time to set it up as a daily driver that handles my daily workflows, hardware needs, etc. Terminal in OS X is a close enough approximation out of the box and goes beyond it in DX (IMO) with very little additional setup.
I know this will be an unpopular opinion.
No - moving to far away areas is not the right analogy. After all you need to have use cases where those huge companies do not control your business. So the alternative is to avoid becoming dependent on them; or cut off the dependency when possible.
I'd argue that installing and updating apps on MacOS is simpler than on Linux distros because most apps have built-in auto-updates (or you can just drag the app to the applications folder) instead of having to rely on snap / apt / insert your package manager which may a lot of outdated and unmaintained packages and apps.
I tried very hard to switch to Linux full time some months ago, but I couldn't find a way of getting Microsoft Office to work satisfactorily. There are clever packaged versions of Outlook and Teams, but I need full native installed versions of Word/Excel/Powerpoint, and there just wasn't a good solution. That was a deal breaker, sadly, so I'm back on Mac for the time being.
Other examples would be some of the popular games with anti-cheat that requires Windows.
You get a channel for installing apps, where someone vetoes random apps that want to have access to control your whole computer and potentially steal sensitive data?
>Install some GNU/Linux distro and you can do whatever you want.
And any random app can get total control and steal your data, unless you know how to enable restrictions. I'd rather have restrictions as the default, and for the most naive users who'd follow every app prompt, and then cry about their lost work/private documents/money, no way to bypass them.
I dont wanna start a war over this btw, even though it may not seem :)
On a personal computer, they "can't do much" to the things you can trivially re-create by reinstalling anyway. Apps, system files, etc.
They can however do everything to your own files, steal your documents, bank account data, and more.
That a progran run as you without root "can't do much" made sense for multi-user Unix services, not for a personal computer and your own files.
>Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
Yes, and it's not because "unless you log in as root, the apps can't do much" on your personal laptop.
https://xkcd.com/1200/
Then don't install apps and use the web, mobile sandboxing is much weaker compared to any modern browser.
I get that some people are unfairly targeted but some other times it's people being (extremely) naive or just playing dumb
"Hey you know what would be cool? If we named our bluetooth speaker company bee oh emm bee!!11"
I wrote about this here [1], and even called out some of the most common disabilities that clearly benefit from it.
They also don’t allow microphone access from keyboard extensions in iOS, which prevented me from shipping an iPhone target (that I really wanted for myself tbh).
It’s a shame and I can only assume they’re trying to protect their built-in dictation, which historically has been laughably bad.
[1] https://tonguetype.app/accessibility
Build system woes are almost always solved by deleting build cache & artifacts and trying again. Often necessary after messing around with deeper dependencies.
This API is sensitive. I imagine Apple is particularly stringent as to how the access is justified. Not how it uses it but how the reason for using it is explained.
It's not like someone tests the app and all api calls to deem them reasonable or not.
Unless the platform is iOS, in which case it's "comply here or gtfo".
Have fought similar demons lately, feel your pain.
I got an ortholinear keyboard that looks like a rectangular grid, just 12 by 4 keys around 10-15 years ago.
I don't recall the last time I felt pain in my hands, completely gone.
Imagine a banking app, and for example an IBAN field.
I'm using https://github.com/cjpais/Handy whichseems to be doing exactly what this app does, and has a very similar background story (author couldn't type die to injury).
https://handy.computer/
The problem from Apples perspective could be that there is a ton of tools that require access to the accessibility API because they want to do stuff that Apple have deemed a security risk and the only way to do it is by abusing the API. Some of these are also because macOS simply lacks certain APIs.
I think Apple overreacting due to previous API misuse by other apps.
update: You're right, this is a real bug. The Direct version's auto-paste hardcodes the QWERTY keycode for V instead of translating for the active layout, so Dvorak / Colemak / AZERTY users would all hit it. The MAS version is unaffected (clipboard-only; the user presses their own Cmd+V, which is layout-correct). Fix is going into the next release. Thanks for the careful read.
[0]: https://boltai.com
net::ERR_CERT_AUTHORITY_INVALID
OP’s description in the linked article doesn’t say much more than this, so what am I missing with this particular app?
Screw Apple and their persnickety, controlling myopia.
Make apps for device, which are 100% owned by people.
I just wish they weren’t so obstinate about people installing from other sources without signing/notarization. I understand it from a security standpoint but it’s also nakedly self-serving.
I’m glad that they’re fine with signing in this case.
I have no idea what they’re thinking. Insanity.
Microsoft was almost broken up over not allowing third party programs to use certain APIs. Apple abuses their dominant position to suppress competition.
Edit: Ah, it's in the article, this is about AppStore distribution. Walled gardens are going to walled garden.
If anyone here has more direct experience with this guideline, especially from the App Store review side, I would like to hear it. I would rather understand the policy than just guess at it.