SpaceGremlin (mac alternative to WinDirStat) has a similar thing, where some features only work in the independent "SpaceGremlinPro" version downloaded from their site. However, they do some cool stuff with licensing - you can point it to the app store paid/installed version, and it detects the license and unlocks.
If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
Space Gremlin isn't even available on the App Store anymore, presumably because it hasn't been updated to newer versions of macOS. Meanwhile, GrandPerspective is free and uses the exact same visualization as WinDirStat (although the UX is a bit weird for me)
There is something amusing about the fact that WinDirStat, as far as I know, was based on KDirStat (now QDirStat), yet this doesn't even get mentioned on their Wikipedia page, and by and large a lot of people don't even know QDirStat exists. One time someone even asked me if they knew of a good alternative for Linux; good news!
I recently built a similar app, and so hit the same limitations – I wasn't too upset on Mac, happy to distribute without the App Store (though it's a shame).
Where I was more frustrated was how much this limited the potential usability of the iPhone app. Because of app store restrictions it is a far worse app ... though like in your example, still useful to a degree.
I can only hope they use the new CEO as an opportunity to seriously re-evaluate their entire approach to how they work with developers, though I'm not actually expecting them to. If anything, with the increase in apps being created via AI tools I worry they will go the other way.
This is what happens when you run an OS controlled by some random big corporation. I dont mean that it's the person's fault, but just that you should not rely on Apple. they allow you to use your computer, but on their terms.
Install some GNU/Linux distro and you can do whatever you want.
Maybe more like “Learn how to replace an AC filter by yourself instead of calling an AC repair company”
I just installed PopOS on a laptop recently, and… it just worked. There’s an app store for noobs that I think installs flatpaks. GPU drivers just work. Whole disk encryption. Everything just works.
I don’t see what else my grandma that just uses Facebook would need. Maybe automatic updates?
No. Changing one's primary operating system takes time, dedication, and is a lifestyle change, similar to moving somewhere remote. Changing ones AC filter is none of those things.
If you and your grandma only rely on the computer for its web browser, then good for you. You have flexibility that is not afforded to most people. But that's not how a person's phone works; phones dig a lot deeper into one's lifestyle, intentionally so. The walled garden was constructed to keep outsiders out, but now it seems the primary purpose is keeping those inside hostage.
If a 15 years old can do so (me) then other people can do so as well. I did not feel uncomfortable at all when i first installed ElementaryOS and then moved to Fedora. everything just works, i never ever had to worry about drivers or stuff like that
As a 15 year old your mind is flexible in ways that most people's are not. As you get older you will realize the cost of changing the way you are used to doing things. Take advantage of your young brain and try all the things
I've been using Linux for about 27 years now and yet there are still some things I begrudgingly use Windows for (can also rephrase: one machine that does certain things).
I own more (and have them running right now) machines with linux than anything else and yet I'm not saying people can just switch. The problem is usually not "can do at all costs" but "can do with a reasonable addition of extra steps/relearning/tool does not exist/etc". There's some nuance and when I have some spare time I will (again) try to switch that one machine, but "it just works" maybe can also mean you're not using it for a diverse enough set of things.
In my case the reasons are actually quite boring: some hardware I couldn't get running and some (maybe minor) things that drive me nuts. The hardware is kind of a deal breaker atm. And yes, some people do a lot more weird things at home, my work machines were running Linux for 90% of the time since 2010ish.
Nobody in my life even notices when they change their 'primary operating system.' They buy a phone based on what looks cool at the time, sometimes it's android, sometimes it's iphone. They move freely between chromebooks, windows, and mac os, because everything is online anyway. It's only 'experts' who have trouble with this.
PopOS completely shit the bed for me on a major version upgrade, left the system is a completely inconsistent state. Luckily I was only trying it out on one (multi-boot) laptop and could easily switch, but it's put me off Pop OS.
I run Linux across a dozen thin clients and a server class desktop in my home lab. It's rock solid for home assistant, proxmox, routing, etc etc. Set it (hours and hours of work) and forget it exists.
I couldln't imagine having the time to set it up as a daily driver that handles my daily workflows, hardware needs, etc. Terminal in OS X is a close enough approximation out of the box and goes beyond it in DX (IMO) with very little additional setup.
> If you don't like being oppressed, just move to Antarctica
No - moving to far away areas is not the right analogy. After
all you need to have use cases where those huge companies
do not control your business. So the alternative is to avoid
becoming dependent on them; or cut off the dependency when
possible.
Fair. I run Nobara on my gaming computer and built a similar dictation tool there with no API restrictions, so the trade-off is real. For this project I chose both: App Store reach for the compliant version, direct distribution for the full one. But I know other people wouldnt be comfortable with running something like that so I built this somewhere my mom could use it
Apple is hardly a random big company. Apple's customers specifically chose to purchase the product. Most of their customers don't realize the significance of the exposure to copy and paste between Apps. Apple has taken the position that monitoring this exposure is part of their duty to the customer. Anyone that is aware of this shortcoming in Apple's product is free to purchase a different device.
>This is what happens when you run an OS controlled by some random big corporation
You get a channel for installing apps, where someone vetoes random apps that want to have access to control your whole computer and potentially steal sensitive data?
>Install some GNU/Linux distro and you can do whatever you want.
And any random app can get total control and steal your data, unless you know how to enable restrictions. I'd rather have restrictions as the default, and for the most naive users who'd follow every app prompt, and then cry about their lost work/private documents/money, no way to bypass them.
It's not true that any app can get total control of your system. If you install them via flatpak, the apps are sandboxed. Also, unless you log in as root, the apps can't do much. Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
I dont wanna start a war over this btw, even though it may not seem :)
As someone who also experience pains in their hands after a couple of hours of typing... I started to use the great open source app called ghost-pepper [1] that i found on github and has been my daily driver (its like superwhisrp but oss/free and local)
the maintainer is really nice and replies to DMs really quickly too.
Some non apple apps get access to accessibility APIs. What gives?
This API is sensitive. I imagine Apple is particularly stringent as to how the access is justified. Not how it uses it but how the reason for using it is explained.
It's not like someone tests the app and all api calls to deem them reasonable or not.
The acronym is unfortunate, you're not wrong. MITM here is "Moogle In The Machine" (the Final Fantasy moogle + machine learning), but the security-context joke is fair and I hear it constantly.
Them you are free to not install them? Why ban them outright?
I'm using https://github.com/cjpais/Handy whichseems to be doing exactly what this app does, and has a very similar background story (author couldn't type die to injury).
"In their defense, the OS is even more insane with mandatory forced application updates that you have no control of". I hope I won't ever happen to have you representing me as a defense attourney!
In this case it feels like it's a feature that the operating system should be providing or something that could be marked as an accessibility tool, which would allow it to use that API.
The problem from Apples perspective could be that there is a ton of tools that require access to the accessibility API because they want to do stuff that Apple have deemed a security risk and the only way to do it is by abusing the API. Some of these are also because macOS simply lacks certain APIs.
I think Apple overreacting due to previous API misuse by other apps.
I see, that's a really fair point. And I can understand that banking field example. So I can see why they're guarding against it. My disagreement was less with the rule itself and whether Whisperpad's specific use case for users with mobility needs falls on the right side of it.
What API are you using? I have a sandboxed app on the Mac Store that synthesizes CGEvents to simulate arbitrary keyboard actions on behalf of the user. It needs accessibility permission, of course.
Same approach: CGEventPost with Accessibility permission. The wrinkle was that my App Store reviewer wasn't comfortable with how I was using AX permission for auto-paste, even though the mechanism is the same as other apps already in the store. The clipboard-only version of WhisperPad needs no AX permission and that's what got through. Interesting that your sandboxed app with similar mechanics is approved.
Quick question, I assume you're getting caught by the CGEvent(PostEvent)...but I want to be sure. AX API has been gimped for over a decade so you'd have never made it into the app store that way. Just making certain, in case you have another path. It doesn't appear CGEvent is a universal approval anymore either though.
Have fought similar demons lately, feel your pain.
The direct version uses CGEventPost to synthesize the paste, which requires Accessibility permission. The App Store version writes to the clipboard only, so no AX permission needed and the user presses Cmd+V manually. The 2.4.5 rejection was specifically about the Accessibility permission use case. Your read sounds right that this path has been gimped for a long time.
Eh. I think it’s fair if Apple doesn’t want to publish something on their app store.
I just wish they weren’t so obstinate about people installing from other sources without signing/notarization. I understand it from a security standpoint but it’s also nakedly self-serving.
I’m glad that they’re fine with signing in this case.
Fair points. The notarization-but-not-App-Store path was actually a workable middle ground in my case. Apple still gates security via notarization, but doesn't gatekeep the use case. The warnings users see when installing non-App-Store apps could be lighter without compromising security.
Accessibility things should be more useful than to just narrow accessibility uses only. Wheelchair ramps help move heavy objects. The accessibility API makes it possible to introspect all of the keyboard shortcuts an app provides for another app to list them.
Screw Apple and their persnickety, controlling myopia.
This is another reason why one shouldn't become dependent on those giant companies. Just as Microsoft recently stated, you'll have to pay for GitHub CoPilot soon on a token basis. Apple controls access to its software ecosystem too.
The direct version is fully signed and notarized by Apple, just not distributed through the App Store. Anyone can install it from mitmllc.com/whisperpad without workarounds. The 2.4.5 rejection was an App Store rule, not a general restriction on the app.
I am still not certain I understand exactly what Apple's reviewer meant by 2.4.5 in my case. My working assumption is that the concern is about an app reaching into every other app on the system to inject text, but I never got a perfectly clear explanation. (Or maybe I'm too dense to understand it.)
If anyone here has more direct experience with this guideline, especially from the App Store review side, I would like to hear it. I would rather understand the policy than just guess at it.
SpaceGremlin (mac alternative to WinDirStat) has a similar thing, where some features only work in the independent "SpaceGremlinPro" version downloaded from their site. However, they do some cool stuff with licensing - you can point it to the app store paid/installed version, and it detects the license and unlocks.
If you're worried about people not trusting payment to you, might be worth seeing if you could implement this, so anyone who bought on the app store can still access the full feature set. Cuts you out 30% like, but better than nothing maybe.
Sounds like something that would instantly get you banned from the app store if it got noticed.
Space Gremlin isn't even available on the App Store anymore, presumably because it hasn't been updated to newer versions of macOS. Meanwhile, GrandPerspective is free and uses the exact same visualization as WinDirStat (although the UX is a bit weird for me)
There is something amusing about the fact that WinDirStat, as far as I know, was based on KDirStat (now QDirStat), yet this doesn't even get mentioned on their Wikipedia page, and by and large a lot of people don't even know QDirStat exists. One time someone even asked me if they knew of a good alternative for Linux; good news!
It is actually mentioned on the Wikipedia page [1] - and of course, you could add it yourself if that's not enough.
https://en.wikipedia.org/wiki/WinDirStat#Version_history[10]
I recently built a similar app, and so hit the same limitations – I wasn't too upset on Mac, happy to distribute without the App Store (though it's a shame).
Where I was more frustrated was how much this limited the potential usability of the iPhone app. Because of app store restrictions it is a far worse app ... though like in your example, still useful to a degree.
I can only hope they use the new CEO as an opportunity to seriously re-evaluate their entire approach to how they work with developers, though I'm not actually expecting them to. If anything, with the increase in apps being created via AI tools I worry they will go the other way.
If you're in the EU, consider publishing on an alternative App Store and pointing users that way.
If you're not, ask your representatives why you don't get the same rights.
This is what happens when you run an OS controlled by some random big corporation. I dont mean that it's the person's fault, but just that you should not rely on Apple. they allow you to use your computer, but on their terms.
Install some GNU/Linux distro and you can do whatever you want.
for most people this is like saying "If you don't like being oppressed, just move to Antarctica!"
Maybe more like “Learn how to replace an AC filter by yourself instead of calling an AC repair company”
I just installed PopOS on a laptop recently, and… it just worked. There’s an app store for noobs that I think installs flatpaks. GPU drivers just work. Whole disk encryption. Everything just works.
I don’t see what else my grandma that just uses Facebook would need. Maybe automatic updates?
No. Changing one's primary operating system takes time, dedication, and is a lifestyle change, similar to moving somewhere remote. Changing ones AC filter is none of those things.
If you and your grandma only rely on the computer for its web browser, then good for you. You have flexibility that is not afforded to most people. But that's not how a person's phone works; phones dig a lot deeper into one's lifestyle, intentionally so. The walled garden was constructed to keep outsiders out, but now it seems the primary purpose is keeping those inside hostage.
You make people sound like they are semi-automatons?
If a 15 years old can do so (me) then other people can do so as well. I did not feel uncomfortable at all when i first installed ElementaryOS and then moved to Fedora. everything just works, i never ever had to worry about drivers or stuff like that
Personal ability cannot be the universal baseline, sadly
As a 15 year old your mind is flexible in ways that most people's are not. As you get older you will realize the cost of changing the way you are used to doing things. Take advantage of your young brain and try all the things
Also, infinite free time to learn, and no real cost to ongoing work by fucking things up
I've been using Linux for about 27 years now and yet there are still some things I begrudgingly use Windows for (can also rephrase: one machine that does certain things).
I own more (and have them running right now) machines with linux than anything else and yet I'm not saying people can just switch. The problem is usually not "can do at all costs" but "can do with a reasonable addition of extra steps/relearning/tool does not exist/etc". There's some nuance and when I have some spare time I will (again) try to switch that one machine, but "it just works" maybe can also mean you're not using it for a diverse enough set of things.
In my case the reasons are actually quite boring: some hardware I couldn't get running and some (maybe minor) things that drive me nuts. The hardware is kind of a deal breaker atm. And yes, some people do a lot more weird things at home, my work machines were running Linux for 90% of the time since 2010ish.
Nobody in my life even notices when they change their 'primary operating system.' They buy a phone based on what looks cool at the time, sometimes it's android, sometimes it's iphone. They move freely between chromebooks, windows, and mac os, because everything is online anyway. It's only 'experts' who have trouble with this.
PopOS completely shit the bed for me on a major version upgrade, left the system is a completely inconsistent state. Luckily I was only trying it out on one (multi-boot) laptop and could easily switch, but it's put me off Pop OS.
I run Linux across a dozen thin clients and a server class desktop in my home lab. It's rock solid for home assistant, proxmox, routing, etc etc. Set it (hours and hours of work) and forget it exists.
I couldln't imagine having the time to set it up as a daily driver that handles my daily workflows, hardware needs, etc. Terminal in OS X is a close enough approximation out of the box and goes beyond it in DX (IMO) with very little additional setup.
I know this will be an unpopular opinion.
> If you don't like being oppressed, just move to Antarctica
No - moving to far away areas is not the right analogy. After all you need to have use cases where those huge companies do not control your business. So the alternative is to avoid becoming dependent on them; or cut off the dependency when possible.
Fair. I run Nobara on my gaming computer and built a similar dictation tool there with no API restrictions, so the trade-off is real. For this project I chose both: App Store reach for the compliant version, direct distribution for the full one. But I know other people wouldnt be comfortable with running something like that so I built this somewhere my mom could use it
Apple is hardly a random big company. Apple's customers specifically chose to purchase the product. Most of their customers don't realize the significance of the exposure to copy and paste between Apps. Apple has taken the position that monitoring this exposure is part of their duty to the customer. Anyone that is aware of this shortcoming in Apple's product is free to purchase a different device.
>This is what happens when you run an OS controlled by some random big corporation
You get a channel for installing apps, where someone vetoes random apps that want to have access to control your whole computer and potentially steal sensitive data?
>Install some GNU/Linux distro and you can do whatever you want.
And any random app can get total control and steal your data, unless you know how to enable restrictions. I'd rather have restrictions as the default, and for the most naive users who'd follow every app prompt, and then cry about their lost work/private documents/money, no way to bypass them.
It's not true that any app can get total control of your system. If you install them via flatpak, the apps are sandboxed. Also, unless you log in as root, the apps can't do much. Wonder why the most important systems in the world and big tech's servers run GNU/Linux? There's a reason
I dont wanna start a war over this btw, even though it may not seem :)
> I'd rather have restrictions as the default
Then don't install apps and use the web, mobile sandboxing is much weaker compared to any modern browser.
As someone who also experience pains in their hands after a couple of hours of typing... I started to use the great open source app called ghost-pepper [1] that i found on github and has been my daily driver (its like superwhisrp but oss/free and local) the maintainer is really nice and replies to DMs really quickly too.
[1] https://github.com/matthartman/ghost-pepper
Some non apple apps get access to accessibility APIs. What gives?
This API is sensitive. I imagine Apple is particularly stringent as to how the access is justified. Not how it uses it but how the reason for using it is explained.
It's not like someone tests the app and all api calls to deem them reasonable or not.
They do literally pay people to do that. Then one of those people chose to reject this anyway.
In Apple’s defense, your company name is MITM. Man In The Middle certainly falls on one side of the perception line, don’t you think?
Right?!
I get that some people are unfairly targeted but some other times it's people being (extremely) naive or just playing dumb
"Hey you know what would be cool? If we named our bluetooth speaker company bee oh emm bee!!11"
The acronym is unfortunate, you're not wrong. MITM here is "Moogle In The Machine" (the Final Fantasy moogle + machine learning), but the security-context joke is fair and I hear it constantly.
I don't want random apps to paste potentially dangerous things into other apps. Its understandable.
Imagine a banking app, and for example an IBAN field.
I would like the option to allow the behaviour selectively
That's what install outside of the App Store is for. On your own risk-
Them you are free to not install them? Why ban them outright?
I'm using https://github.com/cjpais/Handy whichseems to be doing exactly what this app does, and has a very similar background story (author couldn't type die to injury).
To their defense you cannot rollback apps, so if you did install and only an update had this function, you are out of luck
"In their defense, the OS is even more insane with mandatory forced application updates that you have no control of". I hope I won't ever happen to have you representing me as a defense attourney!
In this case it feels like it's a feature that the operating system should be providing or something that could be marked as an accessibility tool, which would allow it to use that API.
The problem from Apples perspective could be that there is a ton of tools that require access to the accessibility API because they want to do stuff that Apple have deemed a security risk and the only way to do it is by abusing the API. Some of these are also because macOS simply lacks certain APIs.
I think Apple overreacting due to previous API misuse by other apps.
Handy is excellent and cross platform, and really elegant. They've got a direct website here which might be easier to navigate than the Github repo:
https://handy.computer/
Handy looks great. More tools in this space is a good thing for people who need them.
I see, that's a really fair point. And I can understand that banking field example. So I can see why they're guarding against it. My disagreement was less with the rule itself and whether Whisperpad's specific use case for users with mobility needs falls on the right side of it.
Pasting doesn't seem very unsafe. Especially not when the app can't know what it's pasting into.
What API are you using? I have a sandboxed app on the Mac Store that synthesizes CGEvents to simulate arbitrary keyboard actions on behalf of the user. It needs accessibility permission, of course.
Wondering the same, there is some weirdness around the clipboard and CGEvents though. Are you avoiding the clipboard entirely in your implementation?
Same approach: CGEventPost with Accessibility permission. The wrinkle was that my App Store reviewer wasn't comfortable with how I was using AX permission for auto-paste, even though the mechanism is the same as other apps already in the store. The clipboard-only version of WhisperPad needs no AX permission and that's what got through. Interesting that your sandboxed app with similar mechanics is approved.
macOS already has a dictation feature that does this exact thing, albeit in real time. I use it extensively.
OP’s description in the linked article doesn’t say much more than this, so what am I missing with this particular app?
Quick question, I assume you're getting caught by the CGEvent(PostEvent)...but I want to be sure. AX API has been gimped for over a decade so you'd have never made it into the app store that way. Just making certain, in case you have another path. It doesn't appear CGEvent is a universal approval anymore either though.
Have fought similar demons lately, feel your pain.
The direct version uses CGEventPost to synthesize the paste, which requires Accessibility permission. The App Store version writes to the clipboard only, so no AX permission needed and the user presses Cmd+V manually. The 2.4.5 rejection was specifically about the Accessibility permission use case. Your read sounds right that this path has been gimped for a long time.
No surprises here, Google has also been restricting access to its accessibility API.
Useful context, thanks. I hadn't realized Google was tightening similarly. Would be interesting to see how the rationales compare.
A company called “MITM LLC” which hijacks pastes in other apps.
I have no idea what they’re thinking. Insanity.
Oof, thats rough. I'll still start facing those issues, just got accepted into the apple's dev program. I predict a ton of rejections coming my way.
Add it to the antitrust pile.
Eh. I think it’s fair if Apple doesn’t want to publish something on their app store.
I just wish they weren’t so obstinate about people installing from other sources without signing/notarization. I understand it from a security standpoint but it’s also nakedly self-serving.
I’m glad that they’re fine with signing in this case.
Fair points. The notarization-but-not-App-Store path was actually a workable middle ground in my case. Apple still gates security via notarization, but doesn't gatekeep the use case. The warnings users see when installing non-App-Store apps could be lighter without compromising security.
Accessibility things should be more useful than to just narrow accessibility uses only. Wheelchair ramps help move heavy objects. The accessibility API makes it possible to introspect all of the keyboard shortcuts an app provides for another app to list them.
Screw Apple and their persnickety, controlling myopia.
Easy, don't make apps for devices which are only leased to people.
Make apps for device, which are 100% owned by people.
Time to turn Linux into a platform where you can upload into a store whatever the fuck you want. And see these behemots burn.
This is another reason why one shouldn't become dependent on those giant companies. Just as Microsoft recently stated, you'll have to pay for GitHub CoPilot soon on a token basis. Apple controls access to its software ecosystem too.
I guess this app can still be installed locally? It's just that it can't be distributed to others due to signing requirements?
Edit: Ah, it's in the article, this is about AppStore distribution. Walled gardens are going to walled garden.
The direct version is fully signed and notarized by Apple, just not distributed through the App Store. Anyone can install it from mitmllc.com/whisperpad without workarounds. The 2.4.5 rejection was an App Store rule, not a general restriction on the app.
I am still not certain I understand exactly what Apple's reviewer meant by 2.4.5 in my case. My working assumption is that the concern is about an app reaching into every other app on the system to inject text, but I never got a perfectly clear explanation. (Or maybe I'm too dense to understand it.)
If anyone here has more direct experience with this guideline, especially from the App Store review side, I would like to hear it. I would rather understand the policy than just guess at it.