Avenir

/

A nice little gem in OS X Mountain Lion is its inclusion of a new font called Avenir. According to Wikipedia, Avenir is French for “future”.

I found out about it when I started using Day One (my review), since it uses Avenir by default if installed on Mountain Lion. To get a better taste for Avenir I have had Byword for Mac set to use Avenir for the past couple weeks, and I have found it to be a really enjoyable font.

Turns out Avenir will also be included within iOS 6, and will be front and center in the new Maps app. Day One for iOS will also use it by default on iOS 6, and I suggested to my friends at Byword to include it as an option for their iOS app.

In the past, I have always sought the timeless classic Helvetica Neue as my font of choice for writing. I think Avenir may actually be my new default. If you have OS X Mountain Lion, give it a whirl.

Sent From My iPad

/

MG Siegler:

For most tasks on the iPad, I’m fully touch-ready. In fact, I’m now so used to my iPhone and iPad that I reach up to touch the screen of my MacBook more than I’d care to admit. It’s simply a much more natural interface than using a mouse. You see an area you want to take action on? Touch it.

That’s one reason why the iPad is such a powerful tool with children. It just makes sense. There is basically no learning curve.

This thought leads some skeptics to suggest that maybe the iPad is just that: a children’s toy. It’s not a real computer. But that’s crap. Again, I’m a heavy computer user. And I’m getting comfortable enough with the iPad now that I much prefer to use it in the vast majority of computing situations.

I have found that, especially in the past year, I am doing much more of my computing on the iPad. In fact, it is rare that I take my MacBook Pro along on meetings anymore. The iPad is just that much more portable, and, honestly, it is more than capable for many of my daily tasks.

¶ Day One

/

On and off over the years I have tried my hand at journaling. It has never stuck. I have several reasons behind why it I have never done well with it.

  1. I’ve never really set a clear purpose for journaling, hence motivation to do so wanes quickly.
  2. I hate writing by hand, partly because my penmanship is terrible.
  3. I never felt motivated to really try journaling via a text file or an app, directly related to reason 1.

Then I read Shawn Blanc’s review of Day One. I had seen Day One in the App Store before, but hadn’t given it much thought, because I never had a clear reason to journal.

Then Shawn wrote this:

As a writer, I believe journaling on a regular basis is critical. It’s writing that will never be judged. It’s writing that doesn’t require an editor. It’s the only place where I am completely free to write for my truly ideal reader: a future me. I have my own inside jokes, my own running story arc, my own shorthand. I love the freedom to write whatever I want, however I want, with no need to make it tidy or clear or concise. And I have no doubt that it makes me a better professional writer.

I realized I had always attempted journaling with the thought that my audience would be someone who would eventually read it. It had never crossed my mind that I could just write for myself and not worry about that writing being judged or analyzed. I could have fun with it.

So I’m giving Day One a shot. I bought the Mac & iOS apps, and after a couple weeks I’m happy to say I have stuck with it.

Being able to attach photos is a nice touch to tie words more vibrantly with memories. I love the automatic tagging of location and weather. Most of all, though, I like brig able to journal from anywhere. I can be at my Mac, or use my iPhone or iPad. iCloud keeps it all in sync.

Most of all, I think I am learning how to approach writing more casually and have more fun with it. Journaling is a new avenue for me, one I like taking a daily stroll down.

You can get Day One for Mac for $5 on the Mac App Store and Day One for iOS for $5 on iTunes.

Pixelmator 2.1 Cherry

/

I don’t do a great deal of work with images, but when I need something a little more beyond what iPhoto or Aperture can offer, or if I need to make something from scratch, I turn to Pixelmator.

I’ve been using Pixelmator for a few years, and it has always been a better experience than that other pixel-pushing tool from Adobe.

Today, Pixelmator 2.1 Cherry was released, making an already easy to use image editor even easier. It’s ready for both Mountain Lion and the Retina display, includes iCloud document storage support, and features a new effects browser and alignment guides.

Effects always intimidated me because they resided by name only in a menu. I didn’t know what each one did. With the new effects browser I can see what an effect will do before I apply it.

As for alignment guides, this is something I have wanted for a while. Now it is super easy to center or align objects in an image amongst each other. This makes Pixelmator a precision tool.

The Pixelmator team has some great walkthroughs of the new features on their site.

The best part of Pixelmator is the price. It’s just $29.99 $14.99 on the Mac App Store.

¶ A Terrifying, Nightmarish Lesson on Security

/

Over the past three decades, more and more of our lives have transitioned from analog to digital. First, paper and typewriters yielded to word processors. Next, music went from albums, to cassettes, to CDs, to files on an iPod. Then our photos went from film to JPGs.

It used to be, in the analog, the only ways you’d really lose something is if your home were hit by a natural disaster, or you were burgled.

Not anymore. Mat Honan found this out the hard way. He was hacked. Hard.

At 4:50 PM, someone got into my iCloud account, reset the password and sent the confirmation message about the reset to the trash. My password was a 7 digit alphanumeric that I didn’t use elsewhere. When I set it up, years and years ago, that seemed pretty secure at the time. But it’s not. Especially given that I’ve been using it for, well, years and years. My guess is they used brute force to get the password (see update) and then reset it to do the damage to my devices.

The backup email address on my Gmail account is that same .mac email address. At 4:52 PM, they sent a Gmail password recovery email to the .mac account. Two minutes later, an email arrived notifying me that my Google Account password had changed.

At 5:00 PM, they remote wiped my iPhone

At 5:01 PM, they remote wiped my iPad

At 5:05, they remote wiped my MacBook Air.

[…]

I still can’t get into Gmail. My phone and iPads are down (but are restoring). Apple tells me that the remote wipe is likely irrecoverable without serious forensics. Because I’m a jerk who doesn’t back up data, I’ve lost at more than a year’s worth of photos, emails, documents, and more. And, really, who knows what else.

This is horrifying. A nightmare. As I read Mat’s post this weekend, I could feel a sense of dread creeping on me. I knew I had vulnerabilities to some of my accounts, where I had traded some security for convenience. It’s no excuse. I’m a faithful user of 1Password on all my devices. I have no excuse for not having great passwords.

Except, in this case, not even the strongest password would have helped. The hacker didn’t even try to figure out the password. They had a back door.

From Mat’s follow-up piece on Wired (emphasis mine):

But what happened to me exposes vital security flaws in several customer service systems, most notably Apple’s and Amazon’s. Apple tech support gave the hackers access to my iCloud account. Amazon tech support gave them the ability to see a piece of information — a partial credit card number — that Apple used to release information. In short, the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

[…]

On Monday, Wired tried to verify the hackers’ access technique by performing it on a different account. We were successful. This means, ultimately, all you need in addition to someone’s e-mail address are those two easily acquired pieces of information: a billing address and the last four digits of a credit card on file.

If you lost your wallet, let’s say it contained your driver’s license, your credit card, and a business card with your iCloud email address. That is all someone would need to destroy your digital life.

Thankfully, Apple and Amazon have, for now, closed the loophole while they tighten security.

Here’s the thing: what happened to Mat has been going on for a while. These loopholes have existed for quite a while. Mat was just the first person to get hit that had a significant audience.

Unfortunately, that’s usually how these things are discovered.

I’d love to see Apple take Marco Arment’s advice on how to make password resets a better:

And ideally, before resetting a password by phone, they’d send a forced “Find My”-style push alert to all registered devices on the account saying something like, “Apple Customer Service has received a request to reset your iCloud password. Please call 1-800-WHATEVER within 24 hours if this is unauthorized.”

Then make the person call back the next day. If you forget your password and the answers to your security questions, it’s not unreasonable to expect a bit of inconvenience.

Marco is right. If you forget how to access your account, a little inconvenience of waiting a day to get back in is okay.

I am largely sympathetic to Mat. What he went through sucks. But I can’t get past his one blunder. He didn’t have a backup of his Mac.

How does a technology writer not keep backups? Heck, he uses a Mac. OS X has had backup built-in for 5 years. Here’s a free tip, folks: go learn about Time Machine and then use it.

For even better backup practices, go read Shawn Blanc’s backup tips.

Macworld’s Dan Moren & Lex Friedman have some security tips, as well.

As for me, I’ve disabled Find My Mac on iCloud. The Find service is more practical for devices like the iPhone and iPad, but the idea of someone being able to remote wipe my Mac gives me the willies. I keep backups, but the whole idea just doesn’t sit right with me right now. Anything on my iPhone or iPad already exists on my Mac, so I’m not worried about those devices ever being wiped.

I’ve lost some trust in Apple and Amazon. It was ridiculous how easy Amazon let someone into the account.

And Apple? Well, they deservedly bear the brunt of mistrust. Why? Because they have been asking us to trust them more and more over the years.

I created an Apple ID for the iTunes Store in 2003. Back then, it was only for music. But over the years, it has grown to house music, movies, apps, and now my email, contacts, calendars, notes, reminders, my location, and the keys to wipe my devices.

I’ve realized many of us have a lot of our eggs in one basket. A basket we trust not to tip over.

My advice? Use the basket, but don’t trust it entirely. Keep backups. Use really good passwords (and go buy 1Password for all your devices). And, since 1Password can help you fill in credit card info on a site in a couple clicks, consider not storing credit card info on the web.

Starbucks Signs Up with Square

/

I am a huge fan of Square. I use it to accept payments. My wife uses it to accept payments. I use their amazing Pay with Square app to buy coffee at my favroite coffee shop.

Even though I have become a bit snobbish about my coffee in the past year, Starbucks helped me to have an interest in the caffeinated beverage. And I still like Starbucks every now and then, because they were integral into kicking off this little area of my life that I take a little pride in. I still like to go and sit at a Starbucks every now and then, and when I am on the road, I know I can get a fairly decent brew there.

Today, Square and Starbucks have teamed up. Jack Dorsey, CEO of Square:

It’s amazing to think that Starbucks began as a single coffee shop in Seattle. The concept of taking a good idea and helping it grow is not foreign to them, and Starbucks doesn’t just view Square as the simplest way to accept payments. They see an opportunity to extend and accelerate a model they grew up with: the idea that business is local and that community plays a vital role in job creation and economic vitality. When Starbucks builds the Square Directory into their apps and in-store Digital Network, it gives Square new visibility, driving more customers to opt-in to Square. And with nearly 7,000 Starbucks stores soon accepting Square, these new payers will be able to find your business (including coffeehouses) and pay with their name, building community and creating value.

This is huge and exciting. I think this is going to be a fantastic partnership for both companies, and I hope more people and businesses sign up for Square.

Onward.

Apple’s motivation for suing Samsung

/

The Loop’s Jim Dalrymple:

Reading the press from the Apple vs Samsung trial lead me to believe that most people don’t understand Apple’s motives for suing Samsung. This lawsuit isn’t about getting compensation for products that were released in 2007 or even 2011, it’s about protecting the products that will be released in 2013 and 2015 and beyond.

iOS 6 Beta 4 Shows Built-In YouTube App the Door

/

Back in June, I listed a few things I’d like to see Apple remove from iOS. One of those was:

The YouTube app seems slightly irrelevant these days, given that is somewhat out of date with YouTube’s current feature set, and YouTube’s mobile site is more than functional. Heck, let Google roll their own YouTube app onto the App Store.

I just don’t see much advantage to having a built-in YouTube app anymore. And let’s face it, the icon is hideous.

Apple released beta 4 of iOS 6 to developers today, and the built-in YouTube app is gone. The Verge has a statement from Apple:

Our license to include the YouTube app in iOS has ended, customers can use YouTube in the Safari browser and Google is working on a new YouTube app to be on the App Store.

I’m sure there are folks who will be upset. I just see this as a reclaimed spot on the Home Screen.

CandyBar's Fate

/

Panic gives an update on CandyBar, their OS X app that helps you easily customize icons for the system, apps, and folders. It’s now free, yet unsupported. It’s also finding a new home over at The Iconfactory.

I remember customizing everything I could to follow a theme. I started trailing off on doing that a little over a year ago and keeping things pretty close to default (not sure why). Maybe that’s a good thing, since customizing is getting harder to do.