Fun With Apple-ID Renaming Continues

I had a curious iOS support incident I want to share. Two weeks ago, a friend asked me for help with her iPhone.

The device was given to her by a relative who had apparently reset it by restoring a backup he made almost three years ago.

The backup contained a log-in to the relative’s iCloud account with Find my iPhone turned on. To put things in perspective: Find my iPhone was first launched in June 2010 and integrated into iCloud on its launch in October 2011.

Nevertheless, Activation Lock, the feature that prevents re-activation of an iPhone as long as it is marked locked by its owner, was not a thing until iOS 7. But – purposedly in the endeavor to make the transition seamless – Apple kept the label Find my iPhone for the switch in Settings.app which now enables / disables Find my iPhone and Activation Lock simulatenously.

And this lead to the following problem: My friend’s device could not be restored (neither by iTunes nor from the iPhone itself) because it assumed Activation Lock was still enabled.

In case you did not know: Apple offers a web-form where you can check the Activation Lock status of your device. This page reported Activation Lock to be disabled.

Looking at iCloud settings on the device, the switch was enabled. Attempts to toggle it off failed with a try again error after the relative entered his password. It was not the kind of the occassional 503 HTTP status codes you get when Apple activation servers are down.

Also, on iCloud.com none of the relative’s devices were listed in the Find my iPhone webinterface.

I started to go through my catalog of questions I use to identify possible user errors. And indeed, after fifteen minutes of interrogation, there was the answer:

Oh, yeah, one more thing: I renamed my Apple-ID since I did that backup I restored on the phone.

To be clear: He had not just changed his primary e-mail address but indeed altered the username of the Apple-ID.

Please don’t do this. Just don’t. Absolutely. Never. I speak from experience.

So apparently, activation lock is out of sync with the server-side.

Luckily, putting the device into DFU mode and connecting it to iTunes solved the issue for this particular case.

However, it is simply embarrassing that Apple still has not figured out their user account system. Come on guys, this is known territory.

Radars:

Comment: The Functional High Ground

In case you did not notice: in the last months, torches and pitchforks have been held steady in the Apple developer community. People have been furious about the inexplicable and arbitrary rejections of high-profile and / or innovative apps, e.g. Transmit, PCalc and Nintype.

While this particular turmoil seemed to cool down in the last week(s), another topic that has been on the radar for quite some time has been in discussion: The recent decline in Apple’s software quality. Marco Arment hit the nail on the head for a lot of people, myself included, although Daniel Jalkut puts some statements in a more rational perspective.
Additional link: Craig Hockenberry has written another great piece.

Since the launch of iOS 7, the number of people asking me for help or complaining about their Apple-devices has increased significantly.
People are pissed.

This post is written on OS X Mavericks, because I still hear about problems with WiFi on Yosemite. And because the new features just are not worth the risk of the slightest instability to me.

The #1 reason I am not using FreeBSD or PCBSD on my laptop is OS X’s reliability I learned to love since I switched to the Mac around five years ago. And the software I use on a daily basis, which is in my opinion far superior to everything I have seen on other platforms. In short, OS X still is my favorite UNIX desktop.

I would not consider myself an iOS power user. Sure, I use the device quite a lot but it’s nothing all-too fancy: podcasts, OmniFocus, Twitter, navigation and occassionally messaging although I hate typing on the phone. And some annoying bugs along with the restrictions you still have on iOS make me feel tired of the platform.

I tend to agree that Apple’s hardware is amazing – my laptop delights me every day and so does my phone and my tablet.

But it is not hardware quality that convinced me to buy Apple products in the first place. And it is definitely not the attempt to build a platform with inferior Maps, windy Clouds, locked-down devices and rushed-through software releases.

I do not care about Apple doing well economically. As a company, profit will always be the highest priority for them. No matter what. However, it is important to have a long-term strategy for your products.

I want need that strategy to be: making the most reliable operating system there is with the most advanced technologies available that are suitable for the job.

Everything else, I’m out. Sooner or later.

Comment: The CIA Torture Report

The Committee Study of the Central Intelligence Agency’s Detention and Interrogation Program just got published in a redacted version.

It can be downloaded here.

I read the introductory words by the Committee’s chairman Dianne Feinstein and the twenty findings and conclusions.

The study documents the ugly, ineffective, unprofessional, undemocratic, violent, inhumane and simply disgusting practises of the CIA’s detention program from September 2001 until 2009.

I am hardly surprised. Things that have been rumored for years more than a decade have been confirmed to be true. (Oh wait … not the first time in recent history.)

In the introduction, you can find the following quote:

This and future Administrations should use this Study to guide future programs, correct past mistakes, increase oversight of CIA representations to policymakers, and ensure coercive interrogation practices are not used by our government again.

I cannot help but being cynical about this. I guess nothing will change. If necessary, the layers of outsourcing, indirection and blurring of the things the inhumanes in the intelligence community want to do will increase. But they will not be stopped by governmental or parlamentary oversight.

The intelligence agencies of the (western) world have demonstrated clearly that they are not going to give up their power. I accuse every director of an intelligence agency to have been lying to the public at least once.

The problem is: lying is essentially part of their job. Intelligence agencies are inherently intransparent and are always at least at the edge of legality. They are meant to do the dirty work. They are the institutionalized shady guys of the government.

I believe that most humans are bad at giving power away once they hold it. And compiling the list of crimes documented in the report makes the people in the agencies adhere to their positions of power even stronger.

The result is an organization whose job it is to keep its mouth shut, that does not want the public to know about its work, whose employees are a homogenous group that carries on unreflectedly – day after day.

Leakers like Manning and Snowden are a rare exception.

Returning to the quote: of course, you won’t start a revolution in a congressional report. But better oversight, or using the study as a purpose to review the CIA detention policy just does not go far enough.

It comes down to the question of wheter a democratic society wants to accept a blackbox that is by definition and legislation beyond the control of the public. This is the discussion I hope to see. And I fear I will be disappointed.

Not Getting an iPhone 6

I made a decision: I won’t buy an iPhone 6.

The fact of this being a first world problem aside, I have several reasons: my iPhone 5 looks a little worn down due to scratches in the anodized black aluminum. But hey, at least it is real black and not some space-grey-wannabe-black successor.

The battery was making some problems. I replaced it today using an iFixit part. According to Apple, the old battery was damaged but not eligible for the most recent replacement program. Let’s hope this works out.

iOS 8.1 fixed most hickups of 8.0 – in particular, the bug when App Switcher would take several seconds to appear occurs once a day at most. I can live with that. [In fact I can’t, but I guess it’s not just an issue on the iPhone 5.]

I guess the most significant improvement with the iPhone 6 would have been the larger display, the nice camera and LTE which I can’t use on the iPhone 5 because the standard 800Mhz frequency in the EU is not supported.

Since my first iPhone, I always went with the 16GB model and it worked well for me because I am not an all day mobile photographer and don’t keep music on the device. However, I expect apps to grow a little bigger because of 3x assets being included in every app. And to be honest: there were a few times when I had to juggle around with disk space on iOS, which is by no means a pleasant experience.

I would have gone with 32 GB, but it turns out Apple does not offer this version: 16, 64, 128 – I can’t help but call it a dickmove. A clever dickmove that might raise the average selling price for $100. Or cost Apple in Tim’s beloved customer sat because no UNIX system out there likes running iOS is not running smoothly without free disk space, not even mentioning the impossibility of OTA upgrades.

Talking about memory, I am disappointed, too: 1 GB, seriously? That’s no improvement compared to my iPhone 5. And already today, memory is the bottleneck #1.

There has been a lot of talk about technical debt. I hope Apple is going to have to pay for what they messed up with the 6’s internals. And I hope they will learn for the future. It is just shortsighted to save relatively little money on things like (flash) memory that make all the difference in daily use.

Don’t get me wrong, I think the iPhone 6 is a great product today, although it probably won’t be in the long run. Whatever this means in the phone business.

Was der Bauer nicht kennt

Die Diskussion über die Sinnhaftigkeit von Waffen in Zivlihänden mal beiseite gestellt: Was man hier liest ist auf einem ganz besonderen Niveau peinlich:

In Paragraf 2 der Satzung heiße es, dass die Bruderschaft “eine Vereinigung von christlichen Menschen” sei.

[Spiegel Online, 3.8.2014 23:52]

Stimmt:

Die Schützenbruderschaft St. Georg Sönnern-Pröbsting ist eine Vereinigung von christlichen Menschen, die sich zu den Grundsätzen und Zielen des Bundes der Historischen Deutschen Schützenbruderschaften in Köln e.V. bekennen.

[Satzung, 4.8.2014 07:21

Um erhlich zu sein: Ich erwarte von einem Schützenverein mit dem Motto Für Glaube, Sitte und Heimat (http://www.bund-bruderschaften.de, 4.8.2014 00:03) auch nichts anderes. Gleiches hätte auch das durch diese Klausel betroffene Mitglied erahnen können.

Allerdings beschäftige ich mich derzeit auch oberflächlich mit dem Vereinsrecht.
Schauen wir doch mal, wie es mit der Gemeinnützigkeit aussieht. In einer Broschüre des rheinland-pfälzischen Finanzministeriums findet sich hierzu unter anderem Folgendes:

Förderung der Allgemeinheit

Sie ist anzunehmen, wenn der Kreis der zu Fördernden weder fest abgeschlossen ist noch sich auf Grund besonderer Merkmale (z.B. bestimmte Berufsgruppe) auf nur wenige Personen beschränkt.

[Broschüre, 4.8.2014 00:13]

Ich bin kein Jurist, will auch keiner sein und weiß nicht, was man unter besonderen Merkmalen zu verstehen hat.

Trotzem ist es widerlich, was dieser Verein dort treibt.

Interessant: Laut diesem Artikel hat der Bund der Historischen Deutschen Schützenbruderschaften, in den der im Artikel erwähnte Verein eingegliedert ist, bereits einen gewissen Track-Record.

TinyTinyRSS: Migration hickup

I use TinyTiny RSS for keeping up-to-date with my ~200 RSS feeds. Together with the Fever API comptability plugin, this has been a sweet solution for me since Google Reader closed its doors.

However, yesterday, I was migrating the MySQL server that is accessed by TTRSS to a separate jail. At first look, everything seemed to work after changing config.php:

define('DB_HOST', 'localhost');
define('DB_HOST', '<The MySQL-Server>');

However, this morning I noticed that the feeds had not been updated. update.php is usually run by a cronjob, but when executing it manually, you saw error messages in certain feeds. In my case, it’s the famous iOS Dev Weekly feed.

 Fatal error: Query INSERT INTO ttrss_error_log
(errno, errstr, filename, lineno, context, owner_uid, created_at) VALUES
(256, 'Query INSERT INTO ttrss_entries\n (title,\n guid,\n
link,\n updated,\n content,\n content
_hash,\n no_orig_date,\n date_updated,\n date_entered,\n
comments,\n num_comments,\n plugin_data,\n lang,\n
author)\n VALUES\n (\'Issue 153 - 4th July 2014\',\n \'SHA1:c4acc
25a37b992b33491f0d8c5b49e2008e470a3\',\n \'http://iosdevweekly.com/issues/153\',
[Post content]
in /path/to/ttrss/classes/db/mysqli.php line 33

Quite cryptic. Looking at the database, I learned that TTRSS is storing the error logs themselves in the database. Does not make any sense for storing databse-related errors, but ok, it worked so far…. As the errors stored there were fairly up-to-date, I decided it was not an issue with access permissions.

Fiddling around a little more, I noticed the following configuration option for config.php:

define('MYSQL_CHARSET', 'utf8');
// Connection charset for MySQL. If you have a legacy database and/or experience
// garbage unicode characters with this option, try setting it to a blank string.

I fixed my issue by setting MYSQL_CHARSET  to a blank string first and afterwards to utf8 again. If you don’t reenable it, the web interface does not render certain feeds.


I suppose this was an encoding issue although I cannot explain why: the database is setup to use UTF-8 and the feeds contain only standard characters (would fit into ASCII).

To the poor guy who is searching the web for a solution to this apparently rather exotic problem for two hours: you’re welcome.


UPDATE:

After all, I think I have figured out the encoding issue: The fix above stopped working after a few hours – I guess because some new item in a feed caused an encoding error. My current solution is to force utf8mb4 for communication betweeen mysql client and server.

#server's my.cnf
[mysqld]
character-set-server=utf8mb4
collation-server=utf8mb4_general_ci
#ttrss config.php
define('MYSQL_CHARSET', 'utf8');

Apple-ID Traumabericht

Apple bietet unter appleid.apple.com die Option an, seine Apple-ID umzubenennen.Apple ID Rename

Obwohl sich das schon nach Schmerzen anhört, habe ich es gestern Abend in geistiger Umnachtung dennoch versucht – was alles schief gehen kann, könnt ihr nun hier lesen…

Apple-ID umbenennen

Man kann es sich vielleicht schon denken: Benennt man einfach mal frech die Apple-ID (Username, der identisch mit der primären Mailadresse ist) um, rennen sowohl OS X als auch iOS gegen die Wand.

“Natürlich” rechnen alle systemintegrierten Apple-Dienste nicht damit, dass sich die Apple-ID ändern könnte und prompten den User dementsprechend nur nach dem Passwort, nicht nach dem Username.

Während man unter OS X zumindest den alten iCloud-Account entfernen und sich neu anmelden kann, findet das finale Fuck-Up unter iOS 7 statt: Bei eingeschaltetem “Find My iPhone” ist auch Activation Lock aktiv, das an die Apple-ID gebunden ist.
Versucht man also, den iCloud-Account lokal zu entfernen, wird erst einmal gepromptet – natürlich ohne Möglichkeit, den Username zu ändern.

Sollte der User also seine Apple-ID geändert haben und auf die alte Mail-Adresse aus Gründen keinen Zugriff mehr haben, besteht für ihn meiner Ansicht nach keine Möglichkeit mehr, sein Telefon zu restoren / aktivieren / benutzen.

Passwörter besser nicht zu lang

Bei der Apple-ID endet die Katastrophe noch nicht: Ändert man das Passwort, kann man auf appleid.apple.com – solange die aufgelisteten Kriterien inkl. Mindestlänge für das Passwort erfüllt sind – ein beliebig langes Passwort eingeben, was bei mir durch 1Password 40 Stellen lang war.

Was passiert beim Anmelden in iTunes / auf iOS / OS X? Richtig, login failed. Durch Ausprobieren bin ich letztlich auf 32 Stellen Maximallänge gekommen.

Fazit: It will break.

Apple hält es anscheinend nicht für nötig, dem Device etwas wie ein Access-Token oder zumindest eine User-ID anstelle der vom Benutzer veränderbaren Apple-ID mitzugeben, wenn es sich bei Apple-Diensten anmeldet. Schwache Leistung. Dass nicht mal die Form-Validation ordentlich funktioniert, setzt dem Ganzen die Krone auf, ganz abzusehen davon, dass die Passwortlänge frei wählbar sein sollte.

Für beide Bugs habe ich ein Radar gefiled: Das erste wurde als Duplicate und kann aus Gründen nicht veröffentlicht werden, das Zweite findet sich hier.