tinyapps.org / blog

Colossal Wreck #

OZYMANDIAS.
I MET a Traveller from an antique land, Who said, “Two vast and trunkless legs of stone Stand in the desart.  Near them, on the sand, Half sunk, a shattered visage lies, whose frown, And wrinkled lip, and sneer of cold command, Tell that its sculptor well those passions read, Which yet survive, stamped on these lifeless things, The hand that mocked them, and the heart that fed: And on the pedestal these words appear: “My name is OZYMANDIAS, King of Kings.” Look on my works ye Mighty, and despair! No thing beside remains.  Round the decay Of that Colossal Wreck, boundless and bare, The lone and level sands stretch far away.
GLIRASTES

Percy Bysshe Shelley in the January 11, 1818 edition of The Exmainer, under the penname of Glirastes (a "portmanteau of Shelley's own design, combining the Greek suffix erastes, meaning 'lover of,' and the Latin Gliridae, the scientific term for the family of the dormouse. Signing 'Ozymandias' with the name Glirastes, lover of dormice, was an inside joke and a show of Shelley's affection for Mary.").

Audio version as read by Richard Attenborough in Trespasser.

/misc | Jan 09, 2021

An indiction or so late in posting this addition to the graphics page... #

🌱 Picture Resizer 6.0.1.1 [395k] + Drag and drop to batch resize images. Rename executable to change parameters like size, sharpness, and recursion, or run via command line for more options. (Variously referenced as "PhotoResize", "PhotoResizer", and "Photo Resizer" in the documentation and version info.) 📺

/windows | Dec 17, 2020

Force MacBook to mirror displays #

When connecting an external monitor to a MacBook, the screen is extended rather than mirrored by default, making it difficult to work around broken internal monitors. One of these keyboard shortcuts should switch your Mac to mirrored mode:

• Command+F1
• Command+Option+F1
• Command+Fn+F1
• Command+dim display brightness icon in the Control Strip (for models suffering from the dreaded Touch Bar):
  

Pressing the shortcut again will toggle back to extended mode.

H/T: OSXDaily and Miko.

/mac | Dec 17, 2020

Blocking Apple from bypassing application firewalls in Big Sur #

UPDATE: According to Patrick Wardle, "As of macOS 11.2 beta 2, the (in)famous ContentFilterExclusionList is gone!"

In addition to the hacky workaround previously outlined in these pages and Objective Development's steps for enabling Little Snitch 4.6 under Big Sur, there is now a third option for preventing Apple from bypassing application firewalls, courtesy of Hany (author of Murus and Vallum): Exclusions Blaster. Simply copy to /Applications, run, and approve the system extension when prompted - that's it!

Successfully tested under both Intel and M1 Macs, though the README warns that it is "experimental".

/mac | Dec 16, 2020

Chuang Tzu's Great Man #

from Chapter 17, Autumn Floods:

^* Grammatical and spelling errors have been left intact.

Victor Mair has excluded this passage from his Wandering on the Way: Early Taoist Tales and Parables of Chuang Tzu (see ellipsis on page 155 of the April 2000 University of Hawaii Press edition). A possible explanation from Paul Rouzer's A New Practical Primer of Literary Chinese:

"This passage to the end of the chapter may seem a non sequitur. What does a discussion of the behavior of the 'Great Man' have to do with metaphysical categories of size analyzed earlier? Consequently, some have assumed that the rest of this lesson's text has been interpolated and have removed it. However, if the author is attempting to show how our mental categories are conventional and arbitrary, then he can also claim that our behavior in the world should not be based on absolute and unchanging standards as well."

/misc | Oct 27, 2020

Whose computer is it? #

Patrick Wardle highlighted a tweet by Maxwell ("Some Apple apps bypass some network extensions and VPN Apps. Maps for example can directly access the internet bypassing any NEFilterDataProvider or NEAppProxyProviders you have running"), sparking an extensive HN discussion on Apple's ham-fisted tactics (not unlike Google's recent behavior).

A search for "NEFilterDataProvider" turned up David Dudok de Wit's post fingering the ContentFilterExclusionList key in /System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist as the culprit. The default list includes 56 Apple apps and daemons like App Store, MusicLibrary, softwareupdated, etc.:

Deleting those entries under Big Sur turned out to be rather involved; in fact, one could be forgiven for coming away with the vague suspicion that Apple would prefer them not to be disturbed:

0. Disable FileVault

1. Boot into macOS Recovery, disable SIP (csrutil disable) and SSV (csrutil authenticated-root disable), and reboot

2. Find the root mount device, e.g.,
   % mount
   /dev/disk1s5s1 on / (apfs, local, read-only, journaled)
   ...

3. % mkdir mnt

4. % sudo mount -o nobrowse -t apfs /dev/disk1s5 mnt/

5. Edit Info.plist as desired, e.g., % sudo vi mnt/System/Library/Frameworks/NetworkExtension.framework/Versions/A/Resources/Info.plist

6. % sudo bless --folder mnt/System/Library/CoreServices --bootefi --create-snapshot && sudo reboot

Little Snitch 5 and TripMode 3 had no problem blocking the previously-cloaked processes afterwards:

though one may well be left with a niggling doubt: should all this really be necessary to monitor your own computer's network traffic?

UPDATE 1: Hany, author of Murus and Vallum, was kind enough to reply with some testing of his own:

I did some tests and I’ve found at least one major issue on Catalina.
Removing all entries from the dictionary key seems to work for most listed processes: connections are seen by the network filter and flows are passed/blocked according to matched rules. But it does not work for at least one of the listed processes: IMTransferAgent. If you use macOS Messages.app then you may be aware that this process is used to send messages attachments.
If removed from the list, the process is always blocked. The filter provider does not see any flow for that process, and any attempt to send attachments with Messages.app will fail until you disable the filter.

UPDATE 2: The traffic of some Apple processes isn’t shown in Little Snitch 5.

UPDATE 3: Enabling Little Snitch 4.6 kext under Big Sur

UPDATE 4: Tweet by Apple developer Russ Bishop: "Some system processes bypassing NetworkExtensions in macOS is a bug, in case you were wondering." and some replies:

• Matt Greenfield: "Public bug tracker would make it easier to believe too. Lack of transparency breeds lack of trust."
• David Dudok de Wit: "Glad to see it's being reconsidered as a bug, because Apple told us it 'behaves as designed' (FB7740671 + FB7665551). And why is there an exclusion list in the first place? I'd love to know more and see this documented."
• Sérgio Silva: "Yes. A bug with its own configuration file /System/Library/Frameworks/NetworkExtension.framework/Resources/Info.plist ContentFilterExclusionList"

UPDATE 5: Exclusions Blaster

UPDATE 6: Hooray, no more ContentFilterExclusionList

/mac | Oct 21, 2020

Batch convert Safari webarchive files to PDF #

via Terminal & textutil/cupsfilter

• Pro: built-ins
• Con: output does not include images; formatting can be lost (dependent on HTML source)

textutil -convert html *.webarchive && for i in *.html ; do cupsfilter "$i" > "$i".pdf ; done

via Automator & Download URLs as PDFs action

• Pro: source code available
• Con: PDF output no wider than 2.59" (even in landscape mode) in testing under Mojave
• Note: pair with "Ask for Finder Items" action

via AppleScript & Safari

• Pro: exports Reader view to PDF
• Con: need to open files in Safari (though multiple tabs are OK); may need to tweak delays for larger files
• Note: script by Nigel Garvey

-- Keep code for Safari separate from the code for System Events.
tell application "Safari"
   activate
   -- Tell Safari, as the known frontmost application, to display the 'choose folder' dialog.
   set SaveFolderPath to POSIX path of (choose folder with prompt "Select Folder to Save PDF Files")
   tell window 1
       set current tab to tab 1
       set ctabs to (count tabs)
   end tell
end tell

repeat with i from 1 to ctabs
   tell application "System Events"
       tell process "Safari"
           click menu item "Show Reader" of menu "View" of menu bar 1
           click menu item "Export as PDF…" of menu "File" of menu bar 1
           repeat until exists sheet 1 of window 1
               delay 1
           end repeat
           -- The sheet opens alread primed with a file name based on the tab name.
           if (i is 1) then
               -- Make sure the file gets saved to the folder chosen above.
               -- This is only necessary first time round the repeat, as the folder becomes the default next time.
               keystroke "g" using {command down, shift down}
               repeat until exists sheet 1 of sheet 1 of window 1
                   delay 1
               end repeat
               log "passed delay"
               tell sheet 1 of sheet 1 of window 1
                   set value of combo box 1 to SaveFolderPath -- NB. the folder path here, not the file name.
                   click button "Go"
                   
               end tell
           end if
           click button "Save" of sheet 1 of window 1
           click menu item "Close tab" of menu "File" of menu bar 1
       end tell
       
       tell application "Safari" to display dialog "Close after 1 second..." giving up after 1
   end tell
end repeat

via Paparazzi!

• Pro: faithful rendering
• Con: webarchive handling is broken as of current version (1.0b11) and Safari 14: "Frame load interrupted"
• Note: set Preferences... → Batch → Save images as: PDF, then Window → Batch Capture → drag & drop webarchive files

via EagleFiler & Web archive to PDF script

• Pro: "The PDFs will have the same metadata as the original Web archives."
• Con: ≈40MB app

See also

• OS X: Batch convert and concatenate HTML files to a single PDF file
• Scripting Safari's Export to PDF function on a Mac

/mac | Oct 11, 2020

Back up iOS apps to a PC or Mac #

A little history

Before iOS 9, iOS apps could be backed up to Macs and PCs via iTunes¹:

• Why did Apple kill App extraction in iOS 9?:

  "If you try to transfer purchases from an iOS 9 device in iTunes, you may notice that apps won’t transfer to your hard drive. Similarly, when backing up an iOS 9 device in iTunes, the 'Backup Apps' dialog will simply not appear. App data will be backed up, of course, just not the application themselves."

Adding insult to injury, iTunes 12.7 removed the App Store, closing the door on downloading/backing up iOS apps from there:

• Apple's iTunes removes iOS App Store from desktop version

  "If you own a Mac or even a Windows PC, you will no longer be able to download iOS apps to your desktop to sync to an iPhone, iPad, or iPod Touch."

Why bother?

You may want to back up an app before it disappears from the App Store or preserve an older, better version, e.g.,

• Fantastical 3 fiasco

• MiniKeePass - final version only added an EOL nag on every launch

• Insight Timer - mutated from a simple meditation timer to a social media saturnalia

• Milebug - perennial mileage-tracking favorite pulled by developer, despite it continuing to work as originally designed (i.e., completely offline) even in later iOS versions (tested in iOS 13 & 14)

Download iOS apps from Apple to a PC or Mac

iOS apps can still be downloaded via iTunes 12.6.3 (does not run on Mojave or higher), Apple Configurator 2 (with some caveats), or iMazing:

• Get iTunes 12.6.3 with App Store for Mac and Windows

• Downloading IPA file from App Store onto a Mac

• Manage and Download Apps (.ipa) without iTunes

Copy apps from an iOS device to a PC or Mac

To back up all apps on your iOS device to apps/ in the current directory of your Mac, jailbreak your device, install usbmuxd, start iproxy, then:

$ scp -P 4444 -r root@localhost:/var/containers/Bundle/Application apps/

Convert iOS .app to .ipa

$ mkdir Payload
$ cp -R appname.app Payload/
$ zip -r appname.ipa Payload/

Install .ipa from a PC or Mac to an iOS device

• iTunes 12: click iOS device icon → drag appname.ipa under "On My Device" section

• Apple Configurator 2: double click iOS device icon → drag appname.ipa onto "Apps"²

• Xcode 11: Windows → "Devices & Simulators" → click iOS device icon → drag appname.ipa into box under "INSTALLED APPS"

• iMazing 2: click iOS device icon → Apps → Copy to Device → browse to recovered appname.ipa → "Select"

Footnotes

1. The backups were located in:

   • 10.6: ~/Music/iTunes/Mobile Applications/
   • 10.7: ~/Music/iTunes/iTunes Media/Mobile Applications/
   • Windows: %USERPROFILE%\Music\iTunes\iTunes Media\Mobile Applications\

2. Apple Configurator 2 also allows installing an iOS .app via Actions → Add → Apps... → Choose from my Mac...

See also

• Apple now blocks iOS app backups, but you can do something about it

• How to prevent an individual iOS app from updating, forever

/mac | Sep 28, 2020

iOS Safari has a weight problem #

• Safari "Documents & Data" storage stuck with 36GB

• iPad Safari (documents & data) taking up 21.4gbs of space!?

• 18.67GBs of Documents & Data in Safari. Any idea how I can delete them from my phone?

The auspiciously-titled Safari hogging up storage on your iPhone? Here's the fix! exhorts users to tap Settings → Safari → Advanced → Website Data → Remove All Website Data (mgmiller68 wonders in the comments how this differs from Settings → Safari → Clear History and Website Data); alas, neither method proved efficacious.

Others advise waiting days for the issue to clear; sadly, not even weeks availed.

Still others recommend a draconian backup, wipe, and restore approach.

Macworld's Documents & Data: A mysterious black hole of data storage in iOS concludes unpropitiously:

"At a minimum, I’d like to know what’s taking up all that space. Those 7GB of Documents & Data probably include something that’s gotten stuck, that can’t be deleted, such as an old iOS update perhaps. But it would be helpful if every app had to offer a feature to delete its caches, or if there were a global Clear Caches feature in iOS."

Found the offending files by jailbreaking and SSHing into the device then:

# cd /var/mobile/Containers/Data/Application/

# find . -name Safari
./{GUID}/Library/Safari

# cd {GUID}

# du -h
...
4.0G    ./tmp/Download-tCA2Caas
...
3.7G    ./tmp/Download-UT0Nlzkj
...
7.8G    ./tmp
8.0G    .

Emptying the tmp directory did the trick:

Before	After

H/T jareehD for the filepath hint.

/misc | Sep 26, 2020

Deleting a subdirectory in the path of a URL via sed or perl #

Delete the divers subdirs which appear between "/blog/" and the filenames in this example:

$ cat index.rss
...
    <link>https://tinyapps.org/blog</link>
...
      <link>https://tinyapps.org/blog/misc/202009080700_usbimager.html</link>
...
      <link>https://tinyapps.org/blog/mac/202009070700_2011_mac_mini_snow_leopard.html</link>
...
      <link>https://tinyapps.org/blog/windows/202008200700_vostro_2420_lines.html</link>
...

with GNU sed:

$ sed -i -E 's (tinyapps.org/blog)/[a-z]+ \1 ' index.rss

• -i = edit file in place
• -E = use Extended regular expressions in the script
• s = substitute the replacement string for the first instance of the regular expression in the pattern space. (Where are the forward slashes ("/") you ask? Replaced with whitespace! since sed accepts any single-byte character as a delimiter.)
• (tinyapps.org/blog) = capture group (or, as the GNU sed documentation has it, subexpression)
• /[a-z]+ = a forward slash followed by one or more lower case letters
• \1 = back-reference referring to the subexpression above

or Perl:

$ perl -pi -e 's|(tinyapps.org/blog)/[a-z]+|\1|' index.rss

• -p = print lines (more precise explanation)
• -i = edit in-place
• -e = enter one line of program
• Unlike sed, perl does not allow whitespace as a delimiter ("you can use any pair of non-whitespace (ASCII) characters as delimiters"), so vertical bars were substituted.

/nix | Sep 13, 2020

Subscribe or visit the archives.