The Sky Is Falling!

steve martin venereal disease
Steve Martin's "venereal disease" balloon animal

Yesterday, Gruber posted an article on daringfireball entitled “Wolf!”. (Oddly, I cannot find the link on the main page now.) He quoted a number of tech bloggers and the like who, over the years, have claimed that Mac OS X’s rising prominence is going to lead to a flood of malware for which stupid Mac users are hopelessly ill-prepared.

The title seemed clever but as another blogger (Guy English) points out, the story of The Boy Who Cried Wolf is not just an object lesson for the blogger boy (who was eaten by the wolf after too many false alarms) but the Mac OS X user villagers (who stopped paying attention to warnings because of too many false positives). English is not claiming that the bloggers are right, but simply that it’s stupid to be complacent.

Gruber should probably have titled his post “The Sky Is Falling” since Henny Penny’s warnings turned out to be Just Plain Wrong.

I’ve gone over the “Apple is complacent about malware” crap before (note the emphasis on security in Lion), but let’s reiterate:

  1. Mac OS had plenty of malware in the late 80s and early 90s.
  2. Apple responded by building malware detection into the OS and Claris apps, and subsidizing John Norstad’s excellent Disinfectant anti-virus software which was distributed for free and constantly updated to handle any new malware as it appeared.
  3. For years, Apple gave away antivirus software to account holders, so they could find out about all the Windows malware they were receiving as email attachments.
  4. Apple has signaled its intentions w.r.t. Mac OS X malware by building detection of all known in-the-wild malware into Mac OS X 10.6. The fact that this comprises a total of two viruses doesn’t mean that if it suddenly became 10 or 100 or 1000 Apple would give up.
  5. Apple has been, continues to be, and will remain better at pushing out software updates and patches to its user base than competitors.

Social Engineering

Most of the malware around these days is in the form of Trojans. Trojans are basically a social engineering exercise that involves:

  1. Convincing someone to come to your site and download something (or grab an email attachment and download that)
  2. Install or unzip the file and run it. (Ignoring warnings from your OS in some cases.)

Every OS is vulnerable to this kind of attack unless you tie down user accounts to the point where they can’t download and run anything. (And even XP lets you tie down accounts like this if you know how.)

Arguments about user accounts and so forth are moot. If a program can stomp around in user space then 99% of us are screwed. Knowing that your computer will still be able to boot afterwards is of no value whatsoever. (In fact, it may be of negative value since you will be less likely to realize what happened.)

So, the real question is: what makes a user more likely to download and run a Trojan?

My suggestions:

  1. Being terrified of malware and yet too cheap to buy antivirus software and too stupid to Google for good free software. A major source of trojans is sites advertising free malware protection.
  2. Wanting to get free warez.
  3. Being a moron who downloads and installs random shit.
  4. Running an OS that bogs you down in stupid warnings all the time (i.e. early versions of Vista).

Note that being an overconfident Mac Fanboy makes you immune to the first item in two different ways, and makes you less vulnerable to the second in one way. Clearly, there are morons using every platform, but given that overconfident Mac Fanboys tend to be wealthier, better educated, and have a demonstrated tendency to spend more for quality stuff, I suggest that they’re less vulnerable to item 3.

Acorn 3: Perfect Timing

Acorn 3Acorn 3 has just been released with an introductory price of $29.99 (via the App Store or not, as you prefer). To say that it changes the “balance of power” in the Photoshop-alternative stakes is a huge understatement. With Adobe playing a new round of let’s gouge our most loyal customers, I have to say Flying Meat’s timing is immaculate. It’s been a while since I last posted an update on the state of the Photoshop alternative market, so here we are.

Layer Styles

Acorn 3 does layer styles right. To begin with, its layer styles cover pretty much all the obvious suspects (e.g. gaussian blur and motion blur) and there’s no weird distinction between adjustment layers and styles — they’re all the same thing. Want to bevel a layer? It’s a layer style. Want to blur it? Layer style. Want to give it a drop shadow? Layer style. All in one place with one good UI. Photoshop, in contrast, offers three different ways of applying non-destructive changes to a layer and they all work differently (and none of them as nicely as Acorn’s).

It’s worth noting that Adjustment Layers do serve a purpose that Layer Styles do not (i.e. performing the same operation on everything “below” them) and Photoshop has a  convenient interface for copying and pasting layer styles which Acorn conspicuously lacks, but I expect this latter will be addressed shortly. (In other words, I made a feature request and since it’s very easy to do, I expect it will happen quickly based on past experience.) The obvious way to fix this would be for layer styles to work as expected on groups, but right now this is very much not the case (I’m not sure whether the way layer styles work on groups is a non-feature or a bug).

Correction: it turns out that, in general, layer styles work correctly on layer groups (making them generally more useful than Photoshop’s adjustment layers and layer styles) but that some of the styles behave strangely and it just so happens I used those styles and jumped to the wrong conclusion.

All-in-all, layer styles represent a huge leap in functionality for Acorn and help make it a serious tool.


Acorn 3 boasts significant new vector functionality, notably the ability to convert text to bezier curves (which is extremely useful for graphic designers). Unfortunately, a lot of the ancillary functionality is not there yet (e.g. I can’t figure out how to resize a shape, which is pretty hopeless). I assume this will be quickly fixed, but it’s a huge issue right now.

Assuming the obvious things get fixed/added to Acorn 3’s vector support (transformations and booleans), Acorn will be very credible here and could easily manage to become better than Photoshop or Photoline in this respect (since both have pretty crummy vector UIs). The good news is that Acorn 3 has all the core functionality for great vector support and has implemented most of the UI well; the bad news is that its actual feature set is missing key functionality.


The gradient tool now live-updates (which is nice) but isn’t editable in place (the way Photoline’s is) making it more of a gimmick than a useful feature. It’s a little odd to me that gradients aren’t available as a layer style (they’re very useful and Photoshop certainly offers this).

Where it leads the pack

With some minor omissions (e.g. gradients) Acorn’s layer styles are better than Photoline’s and for most purposes Photoshop’s. Pixelmator doesn’t have layer styles yet, but I think we can confidently expect them in Pixelmator 2, so while this is a huge advantage for Acorn right now, Pixelmator may catch up soon.

Acorn 3 also has a very low barrier to entry for writing plugins. You can write first-class plugins for Acorn using Python or JavaScript. Acorn also features solid Automator and AppleScript support. On the other hand it has no support for slicing (see below).

The Not-So-Good

Online Help. Acorn’s help is only available via the web. I’m not a big fan of Apple’s help system (with its mysteriously terrible performance) but it’s nice to be able to look stuff up when you don’t have an internet connection. Worse, it’s pretty incomplete. E.g. there’s nothing at all on masks. (Of course I only offer online help for RiddleMeThis so I’m not one to talk.)

Gradients. Gradients should be applicable non-destructively (as layer styles) and — ideally — editable in-place (as in Photoline).

Half-assed Vector Support. It really bugs me that Acorn now implements a lot of the hard stuff but doesn’t do the easy stuff. Right now you can’t seem to change control points from smooth to corner (and when you create a custom bezier you get n-1 smooth points and a corner, which won’t make anyone happy ever), nor can you select multiple bezier points or perform transforms on vectors. This makes what could be compelling or even class-leading vector support almost useless. Add booleans and SVG import and export and we’re talking.

Layer Masks. I’m not sure how this feature is supposed to work, but right now it doesn’t. What I’d like to see is the ability to turn a selection or its inverse into a mask, the ability to mask “into” layers (the way Photoshop does it), the ability to drag a layer into a layer mask so that its alpha channel becomes the mask, and a nice UI for editing a mask manually. What we have right now is (as far as I can tell) none of the above. (The documentation for Acorn’s mask feature is here, but it doesn’t currently appear in searches.)


Slicing and dicing. A lot of web developers use Fireworks or Pixelmator to chop up a design into lots of pieces automagically. Fireworks even supports button states and animation. Acorn has no functionality of this kind whatsoever.

If you want to edit HDR images (16-bits per channel or more) or work in different color spaces (e.g. CMYK or Lab) then Acorn is useless to you. Doesn’t bother me too much but it may be a deal-breaker. Similarly, look elsewhere for a non-destructive RAW workflow (Aperture and Lightroom are probably what you’re looking for).

If you need comprehensive typographic support or the ability to import vector art from a program which does have comprehensive typographic support then you’re using Photoshop and you don’t need Acorn. But Acorn does have nicer typographic functionality than anything else in this space (Photoline has more features but produces inferior output).

Right now, if you need comprehensive vector graphic support then Acorn isn’t there yet, but watch this space — I suspect it will be there soon.

If you need Photoshop plugins then Acorn does not support them.

If you work at very high resolution (e.g. for print) then Acorn doesn’t scale well. In fact, it even trails Pixelmator in its over-reliance on Core Image. If you are working on a 16MP image from your DSLR it’s going to be pretty unresponsive.


Acorn 3 is an impressive upgrade as much for what it delivers (class-leading layer styles) as for what it promises (if the new functionality is fleshed out with a few user interface tweaks, it may well be better than Photoshop for many purposes). I should add that Acorn is currently my go-to tool for quick image edits, ahead of both Photoshop CS5 Extended and Photoline 16.5. (I don’t have a Pixelmator license because I still consider it a half-assed product.)

Anyway, here’s my big comparison table revised and updated — new stuff since last time is in bold. Where a product clearly leads its peers, I’ve marked it in green. Where it clearly trails the others I’ve marked it in red. In a nutshell, if you can’t afford Photoshop, get Photoline. If you have Photoshop but want a “lightweight” alternative, get Acorn. If you want a pretty toy, get Pixelmator. But, I’m really looking forward to Pixelmator 2.

Category Pixelmator 1.65 Acorn 3.0 Photoline 16.5
Simple Painting Tools Basic but servicable Strong support for brushes, cloning tools, dodge and burn. You name it, it’s there
Text Cocoa text with nice drop shadows Decent typographic controls, elegant minimal interface, cocoa text, and full reusable layer styles. Fully styled and formatted text with both character and paragraph stylesheets and layer effects like emboss and drop shadow
Layer Support Blend Mode and Opacity, Text Layers, Layer Groups Strong vector layers (with some obvious missing stuff that should get fixed quickly), comprehensive non-destructive layer style support, Layers can be grouped hierarchically Blend Mode, Opacity, Layer Effects, Filter Layers, Vector Layers, Text Layers, Layers can be different modes (e.g. you can have 16-bit color, 8-bit color, Layer Masks, and monochome layers in a single document), Layer Styles, Layers can be grouped hierarchically (these are not new but deserves mention)
Filters Excellent Core Image support (including custom Quartz Composer filters)
Excellent Core Image support (including custom Quartz Composer filters) and some additional useful filters, such as Clouds. Many useful filters are available as non-destructive layer styles. Comprehensive set of filters (including some marked improvements over Photoshop) but no Core Image support. Stuff that Core Image doesn’t give you like comprehensive noise reduction tools, and fractal clouds. Oh and you can create and reuse named presets for almost everything.
Vector Layers None Solid vector support, but some missing features (e.g. transforms). Nice UI. Non-destructive layer styles. Full vector support with strong bezier tools and SVG import/export
Non-destructive editing Not supported Layer styles allow the most common filters to be applied and composited non-destructively. Non-destructive effects layers for most image adjustments (e.g. curves, levels, hue/saturation)
Image Format Support 8-bits per channel RGBA 8-bits per channel RGBA 16-bits per channel support, Greyscale, Monochrome, Lab color, CMYK
Digital Photography Support Direct RAW import Direct RAW import Direct RAW import to 24-bit or 48-bit (16 bits per channel)
Architecture Some clever optimizations (e.g. filter previews appear to be at screen resolution) but chokes on large files. Chokes on large images and slower filters. Clever and flexible preview system allows you to keep the program responsive when working with huge files, heterogeneous layer support
Workflow and Automation Some Automator actions (but no AppleScript dictionary) Python, AppleScript, and JavaScript scripting and plugin support Recordable macros and batch conversion, Save named presets for almost anything, enter expressions for numerical inputs
Web Export Support Slicing support. Direct export to Flickr, Picasa, and Facebook. Photoshop-style (but far simpler) web export dialog with file-size preview etc. Some random subset of Fireworks is implemented (slicing, button states, etc.). Not really sure how good or extensive it is (much more extensive than Pixelmator or Acorn) since I have no use for such stuff.
Plugin Support You can probably build your own using the Quartz Compositor tools from Apple. You can build your own using the Quartz Compositor tools from Apple, and there’s extensive support for creating extensions using Python, Objective-C, AppleScript, and JavaScript Supports Photoshop plugins.
File Format Support Pixelmator, Photoshop, PNG, GIF, JPEG, JPEG2000, TIFF, BMP, SGI, TGA, PICT, PDF, and a dizzying number of export options Acorn, PNG, GIF, JPEG, JPEG2000, TIFF, BMP, RAW import Pixelmator, Photoshop, PNG, TIFF, JPEG, JPEG2000, BMP, PCX, TGA, Mac Icon, Windows Icon, Windows Cursor, and a bunch more, and can import and export to an even larger number of options, notably including export to SWF and import RAW
Cute Stuff Live gradients, the “dangling rope” that joins position widgets to filter control floaters Gorgeous Icon, Filter Compositor, Elegant Minimalist UI, Elegant and powerful non-destructive layer styles Amazing gradient tool, full-featured yet it still launches amazingly fast, 64-bit support
Ugly Stuff Poor performance when previewing filters or working with high resolution images. Vector layers are still half-assed. Poor performance when previewing filters or working with high resolution images. OMG the icon … it burns! (Sadly, Pixelmator 15 introduced a new icon that’s just as ugly as the old one), half-assed web export and page layout features clutter UI without being useful
If I could add one thing from Photoshop Vector support, Layer Styles Just add the obvious vector functionality and we’re in great shape. Groups should work in the obvious way (they don’t right now). Being able to use one layer as a mask for layers adjacent to it.
Online Community Active Forum, Excellent Video Tutorials None Active Forum, Some (Lame) Tutorials
System Requirements 10.5 10.6 10.4
Price $59.00 $29.95 (introductory price) €59.00

Apple’s Controlled Experiment

Stuffit Expander (and some parasites) in the App Store
Stuffit Expander (and some parasites) in the App Store

It occurs to me that Apple has created, perhaps by accident, something of a controlled experiment in terms of determining the pros and cons of different approaches to managing the user experience on a platform.

On the one side we have the Mac App Store, where users can choose to get their apps through Apple’s channel or any other way they please, and developers can choose to distribute their wares through the Mac App Store or any other way they please.

On the other side we have the iOS App Store, where users can (modulo “jail-breaking”) only get their apps through Apple’s channel, and developers can only distribute their wares through Apple’s channel.

Obviously this isn’t a perfect experiment — it’s the real world after all. iOS and Mac OS X are different platforms with different users, different use-cases, and very different use-histories. But I suspect it’s a good enough experiment that the outcomes are guaranteed to impact both platforms.

I think it’s safe to say that if the iOS ecosystem worked the way the Mac ecosystem did, then pretty much all the complaints about the App Store would disappear. (This doesn’t mean a whole bunch of new complaints wouldn’t appear, of course.) Right now, the Mac ecosystem seems like an ideal world. You can opt in to the “walled garden” or go hog wild with warez downloaded by bittorrent. As a parent, I’d love to have OS-level support for keeping your computers in the walled garden. And, as someone working in a library, I’d love public access computers to allow users to download and use their apps legally, and then remove them when the user logged out.

So, let’s suppose that the Mac App Store turns out to “vacuum up” more-or-less all of indy development community. If we see a huge proportion of developers voluntarily opting in to the App Store because the revenues are so much better there (which in turn would mean that users are flocking to it), Apple might be encouraged to either (a) make the walled garden mandatory on Mac OS X, or (b) relax the walled garden for iOS. Or some combination of the two — e.g. AppleCare might require you to stay inside the walled garden.

Apple doesn’t need to “vacuum up” the big guys because it’s fairly easy to deal with a few large vendors (e.g. create specific technical or legal exceptions for them). It’s the long tail of software developers that are difficult to deal with. Apple isn’t worried, for example, that Adobe might produce a version of Photoshop that is actually a trojan. (OK, maybe it’s a little worried.) But there’s no way to keep track of hundreds of thousands of tiny developers who might, at any time, either create a trojan or have a trojan made to look like one of their programs, e.g. a long, long time ago — when indy software was largely distributed on floppy disks by user groups — there was a trojan purporting to be Stuffit 2.0. The developer — a high school student at the time — hadn’t released an update for a long time because he was studying for exams, and ended up having to make announcements that there would never be a legitimate Stuffit 2.0.

So: watch this space. OS X and iOS are destined to merge or just look a lot more similar as time goes on. The question is whether (and in what respects) iOS becomes more like OS X and vice versa.

Wild Guess: Mac OS X Lion will “run on” iPads with iOS5

So, 10.7 turns out to have true multiuser support — as in it turns your Mac into a time-shared system. And it has Mac OS X Server’s functionality built-in. And it has a bunch of convenient file-sharing functionality tailored to iOS users (iPad users in particular).

Hmm. What’s something that Apple does that none of the Android crowd (HTC, Samsung, LG, etc.) do that would provide huge synergy with iOS products? Apple makes Macs. (Note that while Google certainly knows a lot about servers, Google’s one major foray into the consumer OS market is the “browser as OS” — not something that will naturally extend to a time-shared home-server.)

Right now, the best remote-controlled media device in our house is a Mac Pro (with Netflix and Hulu). Why? Because we can use any iOS or Mac OS X device in the house to screen share it (VNC for non-Apple folks) and we never lose them (as of this moment, one of our two TiVo remotes is missing and we just found our Roku remote after losing track of it for nearly a year — and TiVo support among third-party remotes sucks, while Roku support is non-existent). There are many really nice screen-sharing clients for iOS, some special purpose (such as TouchPad) and others general-purpose (such as my current favorite, Remoter, currently on sale for $0.99 — and no I am not getting paid anything to link to either product).

Just yesterday I was trying to set a new profile picture in Facebook using my iPad in the living room and I realized that Facebook’s cropping UI isn’t usable on a touch-screen. So I logged onto the Mac upstairs and made the change from my iPad in a couple of minutes. It was a little clumsy — the Mac is running at 1920×1080 so there’s a fair bit of pinching involved, and I had to figure out how “click and drag” works on my screen sharing app (since it was the first time I’d needed it). But screen sharing onto a machine with a much larger display is always fiddly.

So, suppose this kind of thing gets built into iOS5 at a deeper level. Now, your iPad is, among its many virtues, a Mac OS X tablet running at native resolution. (But but but… scream the Linux/Android fans, we can VNC onto Ubuntu… yeah.)

Oh, out of curiosity, I wonder how well the new OSX gestures and UI elements work when used entirely by screen sharing from a touch-based device?

This also dovetails nicely with rumored improvements to MobileMe and making the “back to my mac” feature from MobileMe free. (Oh yeah, and I guess you can use Flash conveniently on your iPad if you really want to.)

But wait, there’s more!

What might a future device that supports iOS and Mac OS X device look like (or to put it another way, what does OS X look like when it becomes “legacy”)? Two different login shells on the same OS core. Now you can boot up your Macbook Touch (MacPad? TouchBook?) and launch into iOS by default. Or you can log into OSX by default. Either way, you can get to “the other side” either by “fast switching” or by “screen sharing”.

So in summary, perhaps what 10.7 is really about, from a UI perspective, isn’t copying iOS UI elements back to Mac OS X for its own sake so much as making 10.7 offer deep usability from touch-based devices so that you can enjoy OS X while logged into your Mac from your iPad 2.

Lion’s Killer Features

Kimba the white lion is the one!

Maybe Mac OS X 10.8 will be White Lion.

I don’t think I’m not breaking any NDAs by saying this (since it’s all over the web and a lot of it is on Apple’s own Lion Page, although the more interesting stuff is on the Developer version) but 10.7 looks like a huge upgrade over Snow Leopard — a bigger upgrade than Leopard was over Tiger. What are the killer features? Well, not the UI frippery. The interesting thing is not just how deep and powerful all this new stuff is, but how interdependent it is.

Versions. Lion’s file system is version-controlled. Every time you open a document, every hour, and every time you save, a new version is recorded. This goes beyond Time Machine because (a) it doesn’t require a Time Machine volume to be around, and (b) Time Machine saves versions of files at intervals, so multiple saves within an interval (which can be quite long for a MacBook, say) are going to be overwritten. What isn’t clear from just reading the summary (I’ve not yet downloaded and installed the preview) is how much of this comes “for free”. (If it does require apps to use the new API, the API is very simple, you override a method to return true.) It could be pretty nasty to automatically version control giant video files, but it would also kind of suck if it only works for new versions of apps. I suspect it works for everything by default; apps can definitely fine-tune their behavior (much as with Time Machine). Either way, it’s a huge feature.

(Versions apparently depends on another new feature called File Coordination which is designed to help prevent multiple processes from corrupting files by serializing file access among processes. Aside from anything else, this deals with the obvious use-case where you have the same file open in two different apps. I haven’t highlighted this as a major feature in itself since I don’t really understand it.)

Autosave. Because saving is non-destructive, saving automatically is a no-brainer. Lion saves all your work automagically. The idea that this has been brought back to the Mac from iOS might be good marketing but it’s disingenuous. Most iOS Apps have destructive save behavior — in fact it’s quite infuriating with some. iOS doesn’t do anything to help — the only thing that might help is that Apple will probably reject submitted apps whose behavior is too pathological (but this is not dependable based on my experience).

Resume. Lion remembers an application’s state between launches. And because everything is saved automagically and the OS remembers App state, it can quit apps to free up resources whenever it wants to. OooooOOOOooooh.

Overlay Scrollbars: forget everything else that’s been added to the UI, scrollbars are no longer ugly or a waste of space.

AV Foundation. Just as Core Image allowed any talented programmer to whip up a reasonably decent Photoshop-wannabe and Core Animation allowed every indy developer to turn prosaic source control front ends into UX masterpieces, AV Foundation will allow anyone with the inclination to whip up a non-linear video editor. Expect at least two or three Pixelmator-quality video compositors to appear within the next six months.

Security. Apple is providing developers with tools to intentionally sandbox their applications (“Sandboxing and Privilege Separation”). If your app doesn’t need to do file i/o you can let the OS know and even if it gets infected by malware it will still be sandboxed. This is probably not a huge deal for third-party developers, but chances are Apple will use this functionality extensively in its own apps (e.g. Safari) and strongly encourage certain other software vendors (Adobe, Oracle, Microsoft) to do likewise. Given that the common “surface vulnerabilities” of OSes tend to be applications written by a few very large development teams this gives them tools to make their software much less vulnerable.

Other sites have noted that Filevault has been improved to support full-disk encyption, which should be more useful and less buggy than FileVault is right now. Mac.blorge points out that 10.7 includes full malware protection, Google Safe Browsing in Safari, and improvements to ASLR.

Mac OS X Server merged into Client. This may be huge — I don’t know. But the basic premise seems to be that you can have as many of Mac OS X Server’s features running on your Mac as you want or not. Whether this will prove as convenient as, say, running MAMP remains to be seen. It sounds nice though.

Full Multi-User Support. You can remotely log in as a different user while your Mac is being used. Effectively, a Mac is now a time-shared system. (Should make for some really interesting Hackintoshes.)

Air Drop. Convenient system for sharing files locally with zero setup.

As for other stuff. Well, the new UI widgets will probably get used like crazy for a while and then fade into the background. (Maybe folks will finally ditch drawers and use popovers instead.) Springboard looks nice, but then it’s replacing Application Folder Chaos. The full screen app stuff, Mission Control, new gestures — the devil is still in the details. Spaces seemed huge but ended up being a dud. Expose I use occasionally. OTOH I frequently accidentally zoom things with the unintentional pinch gesture which overlaps too much with the right-click gesture. A lot of the gesture stuff is already in Snow Leopard anyway and I don’t see many people using it.

Oh yeah, 10.7 adds TRIM support for SSDs. (TRIM support can improve SSD performance and longevity. Don’t worry though — with normal use SSDs will be just fine without it.)

Finally, 10.7 drops Rosetta support. (Rosetta is the PowerPC emulator that allows pre-Intel apps to run on Intel Macs.) I don’t know about you, but I haven’t run anything under Rosetta for ages. Dropping Classic support was a much bigger deal since there are still useful apps that never made the OSX transition. Recompiling an OSX app for a new CPU architecture is a much easier exercise than porting from Classic to OSX (and then there’s apps that had been orphaned long before OSX came out, like Studio/32).

So, Lion looks like a must-have upgrade, but I doubt it will be $29.